Editor's note: This article was updated on February 21, 2008. The original was published on February 28, 2007.
Like its mythical namesake (dramatized in Lego), whatever crawls out of a digital Trojan horse will be a nasty surprise. A Trojan horse usually takes the form of an innocuous software program that unleashes a flood of malware or viruses after it's installed and run. Since attacks and ease of removal vary--an ad generator is easier to remove than a stealth rootkit--there's no one-size-fits-all solution. However, there are some common spyware removal techniques that can help you pick your way through the wreckage.
Reboot Windows in Safe Mode
What is Safe Mode? Safe Mode is a diet version of the Standard Mode of Windows that your computer ordinarily runs. Rebooting in Safe Mode loads minimal programs and disables most device drivers that manage hardware like CD drives and printers. The result is a more stable iteration of the Windows operating system that's better suited for disabling malware while you perform a system scan.
How do you use it? If you can, follow the necessary steps for a safe shutdown process and then reboot. When you restart Windows, as the screen begins to load, press F8 repeatedly until the Windows booting options appear. Select "Boot in Safe Mode" from the menu of options. Once in Safe Mode, you should be able to run your installed antispyware software with less interference from the malicious software that the Trojan brought onto your system.
System Restore
What is System Restore? System Restore strings out a safety net if everything goes kaput. Under default Window settings, System Restore saves a snapshot of your computer configuration once a day and on major upgrades that can be used to replace corrupted files. In the event of a Trojan attack, System Restore can revert Windows to a previous, uninfected state. It won't restore everything, like changes to your user profile, but it does reinstate biggies like your Registry and DLL cache.
When do you use it? When purging your computer of spyware, System Restore has an optimal time and place. You wouldn't want your computer including corrupted files as the reference point of the day, so it's important to disable System Restore before you start cleaning. You can reactivate it once your system is spick-and-span.
How do you use it? The paths for accessing System Restore differ by operating system. In Windows XP, disable System Restore by right-clicking My Computer and selecting Properties. Under the Performance tab, select File System, then the Troubleshooting tab, and finally check Disable System Restore. You'll be prompted to reboot. Follow these steps to uncheck the box before restoring your system.
To use System Restore after scrubbing your computer, choose Accessories from the program list in the Start menu. You'll find System Restore under System Tools.
This comprehensive article from TechRepublic demonstrates how to create and use System Restore in Windows Vista.
Scan with antivirus/antispyware apps Downloading diagnostic and removal tools with an infected computer is a huge time sink--spyware can cripple your speed and Internet access. The Trojan's payload could prevent EXE files from downloading or launching. Also, malware can affect the performance of installed security software on your PC. If you store your antivirus/antispyware programs on a CD or flash drive, however, those malware-busting apps can commence their swashbuckling unhindered.… Read more
Manage updates with the Download App
