Problem solve Get help with specific problems with your technologies, process and projects.

Remove malware step-by-step

Certain adware, viruses and rootkits can take considerable time to remove, so use the tricks outlined in this tip to respond to an infection on your customer's network.

Certain adware, viruses and rootkits can really take considerable time to remove from a system, so use the tricks...

outlined in this tip (courtesy of to respond to an infection on your customer's network.

It seems that one of the biggest problems plaguing Windows users -- both at work and at home -- is recovering from a malware infection. In fact, it's the most common problem posed to me in my Ask the Expert forum. Whether or not they do any damage, certain adware, viruses, and (heaven-forbid) rootkits can really take considerable time to remove from a system.

I've come across various tricks over the years to remove virtually anything and at the same time keep your cleanup efforts -- and the ensuing stress -- to a minimum. Make sure you consider each of the following steps when the time comes to respond to an infection.

Remove malware step-by-step

  Step 1: Use several tools
  Step 2: Try free tools
  Step 3: Check obvious places
  Step 4: Dig deeper
  Step 5: Unload infected software
  Step 6: Disable system restore, reboot in safe mode
  Step 7: Check for software corruption or hardware problem
  Step 8: Don't rely solely on a search engine
  Step 9: Check for vendor-specific removal tools
  Step 10: Hash suspect files
  Step 11: When in doubt, reload
  Step 12: Create a formal security incident response plan

About the author
Kevin Beaver is an independent information security consultant, author, and speaker with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments. Kevin has written five books including
Hacking For Dummies (Wiley), Hacking Wireless Networks For Dummies, and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at

This was last published in February 2007

Dig Deeper on Best practices for cybersecurity management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.