How do I remove spyware and malware from my infected Windows computer?

---

If Malwarebytes Anti-Malware is already installed on your computer, and you know or suspect that your computer is infected, the safest way to remove the infections is as follows:

1. Reboot your Windows computer in Safe Mode with Networking as follows:
   
   
   1. If the computer is on, from the Start menu (in the lower-left corner of the screen), shut down your computer.
   2. Turn the computer on. The computer will begin processing a set of instructions known as the "Basic Input/Output System (BIOS)." What you see on the monitor depends on the BIOS manufacturer. Some computers display a progress bar that refers to the word BIOS, while others may not display any indication that this process is happening.
   3. As soon as the BIOS has finished processing, begin tapping the F8 key on your keyboard. Continue to do so until the Windows Advanced Options menu appears.
      
      NOTE
      If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this problem, restart the computer and try again.
      
      
   4. Use the arrow keys on the keyboard to scroll through the menu options, and then select the Safe Mode with Networking menu option.
   5. Press ENTER.
      
      
2. Update the application's definition files. Your computer must be connected to the Internet to update definition files. To check for updates, click the Update tab at the top of the Malwarebytes window as shown in the following graphic:

3. Click Check for Updates. If new definition files are available, they will be automatically downloaded and installed.
4. If a new program version is available, it will also be downloaded. You will see the following window appear:
   
   
   
   

5. Click OK.
6. When the updates are complete, you will see a prompt that looks similar to the following:
   
   
   
   
7. Click OK.
8. Reboot your computer in Safe Mode as follows:
   


1. Turn the computer off.
2. Turn the computer on. The computer will begin processing a set of instructions known as the "Basic Input/Output System (BIOS)." What you see on the monitor depends on the BIOS manufacturer. Some computers display a progress bar that refers to the word BIOS, while others may not display any indication that this process is happening.
3. As soon as the BIOS has finished processing, begin tapping the F8 key on your keyboard. Continue to do so until the Windows Advanced Options menu appears.
   
   NOTE
   If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this problem, restart the computer and try again.
   
   
4. Use the arrow keys on the keyboard to scroll through the menu options, and then select the Safe Mode menu option.
5. Press ENTER.
   
   
9. Disconnect your computer from its direct Ethernet connection (wall plug) or disable your wireless adapter.
10. Scan your computer.
11. Click the Scanner tab at the top of the Malwarebytes' window as shown in the following graphic. You should see a window that looks similar to the following:

12. Click the radio button in front of Perform full scan.
13. Click the Scan button to begin the scan.
14. Select the drive(s) to scan.
15. Depending on the computer you have, and the number of applications and data files it contains, the scan may take an hour or more to finish. You should see a window that indicates the application's progress, which should look similar to the following:

16. When the scan is complete, you should see the Scan Results window, which, if nothing suspicious was found, should look similar to the following:

17. If suspicious items were found you would instead see a window such as the following:

       

18. Click the Show Results button to see the list of items that have been detected.
    
    
    
    
19. Click the Remove Selected button. You should see a scan summary window, which should look similar to the following:
    
    
    
    
20. If you are prompted to reboot your computer, click Yes to complete removal of the malware.
21. When you are done, close the application.

NOTE
If you are having problems connecting your computer to the Internet after removing malware or spyware, try this Winsock fix.

---

UD Code of the Web Resources Page
UD Computer Security Home Page
Spyware and Malware Home Page

Last updated March 10, 2010

• Information Technologies / Help Center  •   Newark, DE 19716  •   USA
  Phone: 302-831-6000  •   www.udel.edu/help  •   ©  2008
• Comments
• Contact Us
• Legal Notices