JDSDCS Logo

Spyware and Virus Removal

1. If spyware and/or virus infection is very bad, you may want to consider using Window's System Restore to restore the PC to a point before you detected spyware or virus activity. This will not completely remove the malware, but will be a great head start in removing the viruses and spyware. If this is not an option, you may want to remove the hard drive and scan it in another PC.

2. Boot PC in "Safe Mode with Networking Support" as Administrator. Run Add/Remove Programs and remove any suspect software. Smitfraud is a Trojan that displays false alerts or error messages that attempt to trick the user in purchasing bogus antispyware programs. If this is occurring, you will want to run Combofix.

3. Run Disk Cleanup.

4. Install "Spybot Search and Destroy" and "Malwarebytes". Update definitions and run scans.

5. Update antivirus definitions for your antivirus program and run a scan.

6. Install Hijack This and configure. I have never posted a Hijack this log. I use Google and Websites like www.bleepingcomputer.com to determine what files are spyware or viruses.

7. If there are multiple profiles( more than one user logs onto the PC), log off as Administrator and log on as one of the other users. Run antivirus scans again. Do this for all profiles.

8. Disconnect PC from Internet. Reboot PC in Normal mode. Install Hijack This and configure. I

9. Reboot PC and run a test scan. If you still have viruses or spyware, you may need to research these on the Internet and either find a tool to remove the malware or get directions to remove it manually. You may need to boot in Safe Mode to delete the files. Look in "Program Files" and "System32" folder for any signs of malware.

10. Reboot PC and run a test scan, this could be an online scanner.

11. Repeat steps 9 and 10 until scans do not detect any malware.

12. You should have at most one antivirus program that has an active shield. Remove any extra programs that were loaded to remove the virus. Malwarebytes and "Spybot Search & Destroy" are passive, you can leave these on your system.

13. Delete quarantine files in antivirus and antispyware programs.

14. Reboot PC. If PC boots without any errors, turn off/on "System Restore". Create a new "System Restore" point.

15. Modify Internet Explorer Security settings. Increase security settings. Many viruses lower the settings to download more viruses and spyware.

16. Run Microsoft Updates.

If the system is still infected, one should remove the hard drive and attach it to an other computer and scan it for viruses. If you do not feel comfortable doing this, you may need a service call. If this does not work, you may be forced to back up your data and wipe the system out and re-install.