Disinfecting a spyware-riddled PC

Handy steps on how to disinfect your computer.

What do I do if I suspect someone is controlling my PC? When my IP address has been changed without my knowledge? My boot-up process is getting harder unless I unplug the Ethernet cable and the CPU is at 100 per cent every time I open any program. There is also a new connection to the Internet that is between my connection and the net I know was not there a month ago. When I try to register my e-mail address the programs say it's invalid and does not match whatever it has to compare it to. -- Teresa Hurst.

It sounds like some spyware or other unwelcome software has gotten installed on your computer. You need to do some process of elimination to see where the problem is. I would recommend that you start the computer without the Ethernet cable being connected and to start up the operating system on your computer in "safe" mode to minimize what is getting automatically started.

If you are comfortable with using a network sniffer such as Wireshark or one of the commercially available packages, try putting a hub (not switch) between the infected computer and your internet connection and let Wireshark tell you what it is finding. This could help in identifying the exact cause of the problem and serve as a good learning experience in terms of doing some detective work on finding the cause of a problem.

On a different computer, download several different anti-spyware utilities such as Spybot and Ad-Aware. There are several very good packages out there to choose from. The main thing is to run at least two different packages, preferably three, because no single app will remove all the spyware in the wild these days.

Burn these apps onto a CD and then install them onto the computer you have booted into safe mode. Since you are running without a network connection for the time being, you will also way to download any signature or other updates and install those before running the software for the first time. After you have run each of the spyware detection programs each once, run them at least one more time apiece until you have a clean report from each. This may sound like extra work, but I have seen where one spyware removal program will remove a particular package allowing the same or different spyware removal package to see another piece of spyware/adware that went previously undetected.

Once you have done this, do the same thing with anti-virus software. McAfee offers a basic detection/removal package that will go after the nastier viruses out there that is free for downloading. ClamAv, an open source virus detection/prevention package, is another one that I would suggest trying as well. Once you have received a clean report from the different packages you have tried, you should be able to connect the ethernet cable back to the computer, reboot it and be back to fairly normal operation.

Once you are back to normal, I would suggest periodically running the spyware/adware detection programs. Make sure you have the latest signature/program updates installed so that you have the best chance of catching/preventing problems. You should also run a software firewall, but not the Windows Firewall that comes with XP/Vista - It can still let some bad things happen. I would suggest using either ZoneAlarm or Comodo Firewall Pro as these can alert you to outbound access that doesn't appear to be normal and they go one step further and that is to learn what is "normal" for your computer.

While you are trying to identify the cause of the problem, I would also suggest looking at www.spywarewarrior.com. I have used this Web site in the past for good information. Depending on what you find, you may be referred to additional utilities as Hijack This, which I have used in the past to find/eliminate additional problems not found by some of the other tools that I have mentioned here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ron Nutter

Network World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?