Viruses and Malware / Remove from a Windows computer

Objective

  • To provide instruction on running a scan and removing viruses and malware from a Windows 10/11 computer

Environment

  • 10684: DHCP
  • Personally Owned Computer
    • Windows OS

Resolution

  1. From a virus-free Windows computer with the same version of Windows you have installedfollow this link to download the latest version of Microsoft's Malicious Software Removal Tool
  2. Download the Malicious Software Removal Tool to a portable flash drive
    • Note: File name will begin with Windows-KB890830-, with the version noted in the name
  3. Disconnect your infected computer from the network and do not attempt to reconnect until you have finished this process
    • If you are connected to a wired network, unplug the cable from your computer
    • If you are connected to a wireless network, follow these steps:
      1. Press the Windows key and type Wireless
      2. From the search results, select Turn wireless communication on or off
      3. Click the toggle to turn off Wi-Fi
  4. Enter Safe Mode and delete temporary files
    1. Click the Start button and press the Power button
      • Do not click anything
    2. Holding the Shift key, click Reboot
    3. In the full-screen menu, select Troubleshooting, then Advanced Options, and then Startup Settings
    4. In the next window, click the Restart button and wait for the next screen
    5. From the Startup Options menu, select option 4 (Safe Mode)
      • If you want to connect to online scanners, select option 5 (Safe Mode with Networking)
    6. To delete temporary files, type Disk Cleanup in the search bar and follow the prompts
  5. Scan for viruses and malware
    1. Copy the Malicious Software Removal Tool file to your infected computer from your portable flash drive
    2. Double click on the file to run the tool and follow the prompts to install the program
    3. Click Next on the first screen.
    4. Select Full scan on the next screen, then click Next.
    5. Review the results of the scan
    6. Click Remove Selected button in the lower left screen to remove infections
      • Restart your computer, if Malwarebytes prompts you to restart in order to complete the removal process
    7. Run a full-scan of your computer with your current antivirus program
    8. Save the scan logs as proof of removal
      • You must present scan logs as proof of removal so that your access to the network can be restored
  6. Restore your computer connection to the network

 

Notes