How I remove viruses from Windows computers

Although it's not my biggest hobby sometimes I have to remove viruses from Windows computers.

There are a lot of tools and Forums on the internet to help you out but which of them can you trust? There is a big chance that is you download a executable (.exe) file and run it that you install a virus and/or malware instead of removing one. With other words: There is a big chance that you problem is getting bigger and bigger instead of solving the problem.

Every time I have to remove viruses and malware from windows computers I had to search the internet and read a lot to ensure that I was using the right and reliable tools. Although I try to avoid cleaning up Windows computer I sometimes have to do it. To prevent that search again an again I made this page where I write about my collected tools.

Check msconfig

Take a good look in msconfig.
To launch is go to: Start -> Run and type: msconfig.
Search for strange processes in tab StartUp, especially executables (exe) that are located in:
C:/Documents and Settings/[USER]/Application Data/
or in
C:/Documents and Settings/[USER]/Local Settings/Application Data/

Take a look in the tab Services is you see strange named processes.

Control panel Software

Take a good look to the installed Software on Start -> Configuration -> Control Panel -> software. Search for unfamiliar programs. Aks the owner of the machine if he/she knows all those programs.
Check suspicious software names on the Internet.

Deleting the wrong software can damage your system so bad that it will never startup again

Delete / uninstall suspicious software

Taskmanager

Take a good look to the processes in the Task manager
Launch the task manager by pressing the Ctrl-Alt-Delete key simultaneously .
Go to tab Processes
Look for processes you don't trust.

Deleting the wrong processes can damage your system so bad that it will never startup again

Delete suspicious processes.

HijackThis

One of my favorite programs to start with is still HijackThis. First of all be sure to download it from the right domain in Germany http://www.hijackthis.de . I only trust HijackThis downloads from that domain.

Download the exe to your desktop and run HijackTHis.
Save the log file
Upload the logfile to http://www.hijackthis.de and Read, read, read.

Deleting the register keys can damage your system so bad that it will never startup again

Delete bad keys from the registry.

ComboFix

ComboFix is absolute one of the best programs to remove malware and viruses from your windows system. Download it ONLY from:

Note: Running ComboFix without knowing what your doing can damage your system seriously.
Download or move it to your desktop and run it.

VirusTotal

I also use the online Virusscanner VirusTotal https://www.virustotal.com/ to check files I don't trust. It's almost scary to see how many commercial virus scanners don't recognize a the viruses I had to remove.

GMER

Is the system still not clean than it's time to run some tools to find rootkits.
Download GMER here and read this page and follow instruction.

Good luck.