Removing Spyware and Malware

Follow the instructions below to clean up your computer.

 

Safe Mode

The best way to scan a computer for viruses is to boot the computer in safe mode. Safe mode only loads the drivers needed to operate windows, so any potential viruses will not load in this mode.

To boot in Safe Mode: 

  • When you first start your computer, click repeatedly the F8 key
  • A screen will appear with multiple options, use the arrow keys to navigate to the option “Safe Mode with Networking” 
    • It may ask to select the operating system. Use the Arrow keys and enter to select it.
    • It may also ask for the partition, it is the largest partition. Select it.

Disable System Restore

Windows XP uses a restore utility that automatically backs up selected system files. This means an infected file could be stored there as a backup file, and removal programs will not be able to delete it. Disabling the System Restore Utility will allow you to remove the infected files from the restore location.

  1. Right-click My Computer.
  2. Click Properties.
  3. Click on the System Restore tab.
  4. Check Turn off System Restore on All Drives.
  5. Click OK.
  6. Click Yes at the confirmation window.
  7. You will be prompted to restart the computer. Click Yes.
    NOTE: You should re-enable the Restore Utility after cleaning up your computer. Follow the steps above and remove the check mark next to Turn off System Restore on All Drives.

Scan with CCleaner

CCleaner is an application that is helpful in freeing up space on your hard drive by finding and removing the large amount of temporary files that accumulate through normal use of Windows. The amount of space taken up by these files can be significant, from several hundred MB to several GB depending on the size of your hard drive. While this can be done manually, CCleaner is a much faster and easier solution for most people.

Download CCleaner at http://www.ccleaner.com. It doesn’t contain any spyware or malware, but it does come bundled with “Yahoo! Toolbar” by default. You can disable the toolbar from installing during the installation. Follow the installation instructions below:

  • Download the CCleaner installer to your My Documents folder, then double click on the saved file.
  • English is set as the default language. Click OK.
  • Click Next when the Setup Wizard screen comes up to begin the installation.
  • Then select the I Agree button to accept the license agreement.
  • Retain the default directory for the installation and click Next.
  • Uncheck the box that offers to install Add CCleaner Yahoo! Toolbar and use CCleaner from your browser and then click Install.  After it completes, click Finish. You can then run the program from either Start > Programs or from a shortcut placed on the Desktop.
  1. Once the program opens, click Options.
  2. Then select the Advanced button. Uncheck the box that says to Only delete files in Windows Temp folders older than 48 hours. Click on the Cleaner graphic to the left to return to the main menu.
  3. Click Run Cleaner to start the cleaning process. A notice will appear to alert that This process will permanently delete files from your system. Check the box that says Do not show this message again and then click OK.
  4. Once you do, it will start scanning the system and automatically remove the temporary files. The more space you have, the longer it tends to run.
  5. Once it finishes, it will display how much space was cleaned from the computer.

NOTE: CCleaner also contains a registry cleaner and several other utilities. While better than many other registry cleaners that are offered on the Internet as paid software or shareware, these programs tend to create more problems than they solve. Making changes to the registry of a working operating system can change user settings as well as cause various functions to stop working properly. When problems occur that involve the registry, often it makes more sense to back up your data and then perform a clean install of the operating system. Information Technology Services recommends avoiding registry cleaners in general, particularly any that are advertised through pop-ups, ads or warnings.

 

Scan with Security Essentials

If you don't have virus scanning software (or a product you purchased is now out of date), you can download Security Essentials from Microsoft for free (be sure to remove any installed virus scanning software first): http://www.microsoft.com/security_essentials/
Follow the instructions on Microsoft’s website to download and scan your computer.

Scan with Malwarebytes: Anti-Malware (MWB)

Download malwarebytes at http://www.malwarebytes.org/. Follow the instructions on Malwarebytes website to install the software.

Run Malwarebytes

  1. Click on the “Update” tab at the top, then “Check for Updates”.
  2. Run the Scans. On the “Scanner” tab, select the “Perform Full Scan” option then click “Scan".
  3.  At the end, a list of infected files will appear in the window (if any). Make sure all are “Checked” and then click the “Remove Selected” button.
  4. A message may indicate you need to restart. Restart the computer in Safe Mode.
  5. If there were no infected files detected on the initial scan, then you are done.
  6. If you removed files, then go to the “Scanner” tab and check “Perform full Scan”, scan again to make sure they are all gone.

**It is advisable to run the “Perform Quick Scan” feature weekly to help keep viruses from infecting your computer. MWB does not have a scheduling feature so this would have to be done manually. The quick scan takes about half the time of the Full Scan (or less). **

Scan with Spybot

Download Spybot  at http://www.safer-networking.org/en/download/index.html.
At the download screen, choose to save the tool to the desktop.

Install Spybot

  1. Locate the file you just downloaded and double-click on it to install the program.
  2. During installation check the box to Download updates immediately.
  3. Accept the rest of the default settings and click Finish when installation completes.

Run Update Wizard

Follow the instructions to complete the Wizard window that pops up after installation.

Run a full scan

  1. Click on Search & Destroy.
  2. Then Check for problems.

Remember

Now that you've cleaned up your computer, don't forget to re-enable the Restore Utility.