Windows 7 / Security and Privacy

How to Troubleshoot Problems with Unwanted Software

A spyware infection is rarely a single application; most successful malware infections automatically install several, even dozens, of additional applications. Some of those applications might be straightforward to remove. However, if even a single malicious application remains, that remaining malware application might continue to install other malware applications.

If you detect a problem related to spyware and other potentially unwanted software, follow these steps to troubleshoot it:

  1. Perform a quick scan and remove any potentially unwanted applications. Then, immediately perform a full scan and remove any additional potentially malicious software. The full scan can take many hours to run. Windows Defender will probably need to restart Windows.
  2. If the software has made changes to Internet Explorer, such as adding unwanted addons or changing the home page.
  3. Run antivirus scans on your computer, such as that available from Often, spyware might install software that is classified as a virus, or the vulnerability exploited by spyware might also be exploited by a virus. Windows Defender does not detect or remove viruses. Remove any viruses installed on the computer.
  4. If you still see signs of malware, install an additional antispyware and antivirus application from a known and trusted vendor. With complicated infections, a single antimalware tool might not be able to remove the infection completely. Your chances of removing all traces of malware increase by using multiple applications, but you should not configure multiple applications to provide real-time protection.
  5. If problems persist, shut down the computer and use the Startup Repair tool to perform a System Restore. Restore the computer to a date prior to the malware infection. System Restore will typically remove any startup settings that cause malware applications to run, but it will not remove the executable files themselves. Use this only as a last resort: Although System Restore will not remove a user's personal files, it can cause problems with recently installed or configured applications.

These steps will resolve the vast majority of malware problems. However, when malware has run on a computer, you can never be certain that the software is removed completely. In particular, malware known as rootkits can install themselves in such a way that they are difficult to detect on a computer. In these circumstances, if you cannot find a way to confidently remove the rootkit, you might be forced to reformat the hard disk, reinstall Windows, and then restore user files using a backup created prior to the infection.

[Previous] [Contents] [Next]