« Updating to Windows 8.1 from Windows 8Record your product keys »

Removing viruses and other malware


Removing viruses and other malware

Permalink 05:07:00 pm by Eugene Gardner, Categories: Security, Anti-Virus, Articles

The absolute best way to clean your computer of all sorts of malware is to pay me to do it, but what if you want a quick and dirty DIY approach ?

How do you know you have been infected ?

Any of the following are apparent:

  • Performance is much slower than it was.
  • Popup windows appear without your doing anything.
  • Your browser home and/or search page is changed.
  • You can no longer log in to somewhere despite being certain you are entering the correct credentials.
  • People in your address book get messages from you that you didn't send.

First, disconnect the computer from your network to prevent the infection spreading further. Do not power off as some attacks are triggered at boot time. Now locate another computer and download some tools onto a newly formatted USB pen drive:



Boot your computer into Safe mode (F8 will do this after BIOS display and before Windows starts). Run MSCONFIG to toggle off all non-microsoft services and startup programs then reboot normally. Run each browser and disable add-ons you don't want. From the Control Panel uninstall any programs that are not there by your design. Delete the contents of your %TEMP% folder then run Ccleaner to delete those files you can. Now it's time to run Malwarebytes Anti-Malware *in full mode* - this will take an hour or two depending on the speed of your computer and number of files.

Reboot and now run TDSSkiller - this one's quick. After that run CCleaner again but this time in Registry clean mode. Now back to MSCONFIG to toggle on all those programs you earlier toggled off which do want to continue running. Reboot. Now HiJackThis can be used to point out anything that is left. If you are reading this you are probably not sufficiently experienced to differentiate good from bad, so websites such ashttp://www.hijackthis.de/encan give you a good idea.

And then...

Let's assume you have been successful in the above.

  • Now you can reconnect to your network.
  • You must make sure you have a decent Internet security suite installed, updated and running perfectly.
  • Make sure Windows is updated as well as runtimes such as Java, Flash, Shockwwave etc.
  • Change any passwords that you believe could have been compromised to make them unique, long and complex.
  • Ensure that your day-to-day account does not have full administrator privileges.
  • Record the date as your backups before this date may be infected, you don't want to restore from infected files.

The above is a subset of what I would do having removed your hard disk drive and mounted it on a dedicated recovery rig. I would have taken an image of the disk initially, made multiple passes of the disk with different tools and confirmed that no other damage exists. However, the above is often sufficient to get you out of a hole. However sometimes the damage is so great that only a reinstallation of Windows will suffice.

Trackback address for this post

Trackback URL (right click and copy shortcut/link location)

No feedback yet

Click here to return to the 1ComputerCare home page.

This is designed to supersede the newsletters that I just don't have time to produce to the standard I would want any more. Please register so that you may read and leave comments and subscribe to have posts automatically e-mailed to you.

Comments and suggestions are always welcome.

User tools


December 2023
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31


XML Feeds

Community software