You are here: Home > How To’s > How to Remove Malware for Free.

How to Remove Malware for Free.

This guide has been updated for 2013 here

You may also watch the video version here

Please follow the steps below to become malware free.

1. Backup your critical documents and system files
a. Create a Restore Point by clicking start – run – and typing rstrui.exe and click choose the option that allows you to create a restore point. The exact text\options will vary according the version of Windows you are using.
b. Backup personal files such as documents and pictures to external media (like a usb hard drive, cd/dvd or flash drive)
2. Uninstall your current antivirus via add/remove programs in the control panel. I know this may seem a little weird since we are trying to remove malware, but it’s obvious that your current antivirus is not working otherwise you wouldn’t be reading this. If you don’t have antivirus, then you can skip this step.
3. Visit the following link to download AntiVir Free Edition to your download folder (like you’re my documents or desktop for example) The download is about 17 mb and takes about 1-2 min on cable or dsl.
4. Double Click antivir_workstation_win7u_en_h (looks like a little umbrella) and follow the default install options.
5. AntiVir will want to download an update. Please let the update download and install.
6. Once AntiVir has been completely updated you may start encountering some virus detections. If you do please quarantine infections first (and only delete as a second option).
7. Now, we are going to reboot your PC in Safe Mode. Safe Mode loads a “bare bones” version of windows and disables 90% of viruses and their protection mechanisms.
8. Reboot your pc.
9. As the PC is starting please type the F8 key on your keyboard until you receive a text based list of about 6-10 options.
10. Please use your up/down arrows on your keyboard and select safe mode. You will see about 30 lines of quickly scrolling text. This is normal.
11. After 30 seconds – 5 minutes you will be loaded into windows safe mode (it says safe mode on all four corners of your screen). Windows may ask if you if you would like to enter safe mode. Choose Yes.
12. Now it’s time to load AntiVir. You may have a shortcut on your desktop or you can load AntiVir by clicking Start – Programs – AntiVir PersonalClassic Edition — Start AntiVir PersonalEdition Classic
13. Click the “Scanner Tab”.
14. Right Click “Local Drives” and click scan.
15. Your entire computer will be scanned now. This entire process can take 1-4 hours (typically). During this process will most likely encounter malware ( such as viruses, spyware, adware or Trojans ). You should always try to remove malware in this order:
a. Repair
b. Quarantine
c. Rename
d. Delete
16. After the scan has completed and the malware has been neutralized you should do a reboot.

The following steps below are removing additional malware left behind. We will be using MalwareBytes’ AntiMalware which can be downloaded from (malwarebytes.org). MalwareBytes Antimalware comes in 2 flavors: Free and Paid. The paid version offers always on protection and the free version requires you to initialize the scan.

1. So, download MalwareBytes (from malwarebytes.org) and install it.
2. Update MalwareBytes by launching it and clicking the update tab and then clicking check for updates.
3. Once MalwareBytes has been completely updated please reboot into safe mode. If you don’t remember how to boot into safe mode please read steps 9,10 and 11 from above.
4. In safe mode launch MalwareBytes.
5. Select “Perform a Full Scan” and click Scan.
6. Select the Drives that you want to scan and click Scan.
7. At the end of the malwarebytes scan quarantine anything that it finds.
8. Reboot.

Optional Programs to run if your still experiencing malware issue are

ComboFix (Windows XP ONLY)
SmitFraudFix
VundoFix

About the Author:
Matthew Rizos is the blog author at http://www.remove-malware.com

  • Rajoo Ramanchandram

    Will try to fix the problem using your method. Thanks for the info. For your information I am trying to remove the csrcs.exe file which is malware but somehow escapes detection.

  • David

    Thanks for the info. I was wondering if you could expand on the Restore option. I was curious to know what restore does, why and how do I know what restore options are best for getting rid of malware.

    I think I downloaded malware disguised as a Flash update. I get update pop-ups from what appears to be legitimate sources when first starting my computer and connecting online. I can’t tell what is legitimate from what isn’t anymore.

    If I restore to a point before the update will it remove the malware? If I restore after the update how will that affect the malware or anything affected by the malware?

  • D L

    This is not free you have to buy the product

  • MB

    I was wondering what is your reasoning for running avira before mbam?

  • YOYO

    I think it use to be free but I dont think it is anymore

  • Keisha Picou

    anytime I try to log onto malware.org, I get a message that the internet explorer cannot g to that page or I get redirected to PCtools, which I know is malware.

  • http://www.mentorlog.com Mentor

    Good article, But we shouldn’t try any troubleshooting untill we un-install the existing antivirus. It creates conflict.

  • kartos

    This is only for windows XP. And what should I do for windows 7 ?

  • Thomas Nguyen

    What sort of PC Tools?

  • Heather Ross

    trojan on vista home premium laptop could not use my antimalwarebutes. so read a lot of info on this site, decided to use my other computer to download copy of malwarebytes’ and it worked beautifully. Who ever invented this program, I will luv him forever, I will share his picture w/my friends, walk his dog, sing a song, etc. or just say thank you very much. hee hee hee hee