If you have an active Malware infection and you do not have any anti-malware software (or it’s not effective) follow the steps outlined below to recover your Surface Pro tablet, so that it is once again safe to use.
Signs you have an active malware infection
The following symptoms are indicative of an active malware on your Surface tablet (or other Windows machine).
- Your Surface is running significantly slower than it should, especially at login
- You notice your anti-virus and/or firewall is disabled
- You see random popups appearing on your screen or in the system tray telling you something needs to be fixed
- Your web browsers go to pages you don’t want to browse, even if you specifically type in the correct URL
- You discover suspicious software you know you didn’t install
If you have any of these symptoms, you should take action to remove the malware by following the procedure described in the next section…
Remove Malware From Surface Pro Tablets with MalwareBytes Chameleon
Removing malware from a computer can be tricky as a lot of Malware is “smart” enough to turn off your anti-virus, open up your firewalls, and stop you from running most removal tools.
Fortunately, there are tools designed to get around this. My favorite is one called Chameleon from MalwareBytes.
MalwareBytes has been around for a long time and is a highly reputable company. Their anti-malware product is very good and will very likely take care of your malware issue.
Get and Use MalwareBytes Chameleon:
- Get a USB thumb drive (with at least 10MB of free space) that does not have any data you care about.
- Get on a friend’s computer, or work computer, or any other computer that is not infected.
- Go to https://www.malwarebytes.org/chameleon/ and download the Chameleon zip file to the thumb drive.
- Take the drive back to your Surface and mount it
- Once it’s plugged in, open the Chameleon zip file, then the Chameleon folder and finally the Windows folder
- Sort the files into alphabetical order (if they’re not already)
- Start the 2nd file (Firefox – MSDOS Application)
- At the “Compressed (Zipped) Folders” popup, choose Run
- If you get a User Access Control popup, choose Yes
You should get a window that looks like the one below on a dark blue background, if you don’t, go to the next file and run it. Keep going down the list until one of the files runs and you see the screen below.
NOTE: If you happen to make it all the way down to the one called mbam-killer, skip it and go on to the next. It’s extremely unlikely you’ll have to try them all and none of them work. However, if that happens, turn off your machine and consult a local virus removal company for assistance.
- After the program is successfully running, go ahead and press any key to start the removal process.
- When the actual MalwareBytes program starts, a window will appear like the one below and the original command prompt window will start typing out some text as it performs necessary operations. Wait until Scanning Memory……. appears in the command prompt window
- Tap or click the Scan Now button in the MalwareBytes window, the scan will start, and you’ll see the MalwareBytes window change to look like the screenshot below:
Now, sit back and wait. It may take hours for the process to complete. While the scan is going on, you’ll occasionally see activity in the command prompt window.
- After the process MalwareBytes scanner completes, you’ll get the following screen:
- Tap on Finish then make the command prompt window active and hit any key to exit the tool and complete the process
- Unmount and remove the USB key from your Surface. Do not use the USB key for anything else until it has been formatted (preferably using a Mac or Linux computer)
- Restart your Surface and check for signs of remaining infestation
At this point, your Surface should be malware-free.
However, if possible, you should consider refreshing or resetting your Surface to ensure it is clean. In addition, you should also consider installing an anti-malware program like MalwareBytes Premium to help prevent future infections.
If you want more information about malware and the difference between anti-malware and anti-virus applications, please see THIS POST.