Disinfecting a spyware-riddled PC

Handy steps on how to disinfect your computer.

What do I do if I suspect someone is controlling my PC? When my IP address has been changed without my knowledge? My boot-up process is getting harder unless I unplug the Ethernet cable and the CPU is at 100 per cent every time I open any program. There is also a new connection to the Internet that is between my connection and the net I know was not there a month ago. When I try to register my e-mail address the programs say it's invalid and does not match whatever it has to compare it to. -- Teresa Hurst.

It sounds like some spyware or other unwelcome software has gotten installed on your computer. You need to do some process of elimination to see where the problem is. I would recommend that you start the computer without the Ethernet cable being connected and to start up the operating system on your computer in "safe" mode to minimize what is getting automatically started.

If you are comfortable with using a network sniffer such as Wireshark or one of the commercially available packages, try putting a hub (not switch) between the infected computer and your internet connection and let Wireshark tell you what it is finding. This could help in identifying the exact cause of the problem and serve as a good learning experience in terms of doing some detective work on finding the cause of a problem.

On a different computer, download several different anti-spyware utilities such as Spybot and Ad-Aware. There are several very good packages out there to choose from. The main thing is to run at least two different packages, preferably three, because no single app will remove all the spyware in the wild these days.

Burn these apps onto a CD and then install them onto the computer you have booted into safe mode. Since you are running without a network connection for the time being, you will also way to download any signature or other updates and install those before running the software for the first time. After you have run each of the spyware detection programs each once, run them at least one more time apiece until you have a clean report from each. This may sound like extra work, but I have seen where one spyware removal program will remove a particular package allowing the same or different spyware removal package to see another piece of spyware/adware that went previously undetected.

Once you have done this, do the same thing with anti-virus software. McAfee offers a basic detection/removal package that will go after the nastier viruses out there that is free for downloading. ClamAv, an open source virus detection/prevention package, is another one that I would suggest trying as well. Once you have received a clean report from the different packages you have tried, you should be able to connect the ethernet cable back to the computer, reboot it and be back to fairly normal operation.

Once you are back to normal, I would suggest periodically running the spyware/adware detection programs. Make sure you have the latest signature/program updates installed so that you have the best chance of catching/preventing problems. You should also run a software firewall, but not the Windows Firewall that comes with XP/Vista - It can still let some bad things happen. I would suggest using either ZoneAlarm or Comodo Firewall Pro as these can alert you to outbound access that doesn't appear to be normal and they go one step further and that is to learn what is "normal" for your computer.

While you are trying to identify the cause of the problem, I would also suggest looking at www.spywarewarrior.com. I have used this Web site in the past for good information. Depending on what you find, you may be referred to additional utilities as Hijack This, which I have used in the past to find/eliminate additional problems not found by some of the other tools that I have mentioned here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ron Nutter

Network World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Jack Jeffries


As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr


The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?