Virus Removal For Windows post helps you to troubleshoot and remove potential viruses, Trojans, malware, adware and more from your computer.
Last Updated: April 30, 2019
Latest News: I have updated the information.
I had an issue with a clients laptop running Windows XP Pro. The biggest problem was that he did not have any anti virus running and he had Spybot Search and Destroy out of date. I knew it was a virus was because of the behavior from operating system.
I rebooted into safe mode and did some more testing with portable hijackthis and found some anomalies and also found 2 viruses 80hh.exe and userini.exe. I did some investigation on the internet and found out they were very nasty viruses which corrupted the operating system in many ways.
These are the tools I used and the steps I carried out to remove these nasty viruses and or any other virus you might find. These steps also apply to Windows XP, Vista, 7, 8.1 and Windows 10.
How To Remove Viruses In Windows
Step 1 ) Use a system recover CD if you have one. If not, maybe use a restore point recovery method depending on the operating system running.
Step 2 ) Ccleaner: You need to run this tool to delete all temp files and other garbage found that might be a good hiding area for this nasty trojan/ viruses.
Step 3 ) Hijacktis: This is an awesome tool to check and see what runs at startup. You will know what looks suspicious and will give you an option to clean and remove the registry entry.
Step 4 ) Malwarebytes Anti-Malware: Malwarebytes Anti-Malware Free utilizes Malwarebytes powerful technology to detect and remove all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more.
Step 5 ) Comodo Internet Security: Is an antivirus software which also has a firewall, you can activate if you want to use it. Comodo is a very powerful antivirus software or you can install AVG antivirus. Either one will help you and I recommend both although in this situation I installed Comodo.
Note: If you are running Windows 10, then simply using Windows Defender Security Center will do the trick. Microsoft also has a tool you can use to scan your computer/ laptop. Click on the following URL safety-scanner-download.
The First Step is to boot your computer/ laptop with the Rescue CD, if you have one. This step is very important because it will help you remove and clean any infected files without login into the operating system. Some viruses are executed when you log into your operating system. Second Step is to install and run ccleaner in SAFE MODE to delete all garbage left behind from the internet and other files in the temp directories. I found the 80hh.exe virus in the user temp directory. Third Step is to install or run hijackthis portable in SAFE MODE to check and see what is running at startup and delete any entries in your registry that look suspicious. Fourth Step install Malwarebytes, update the software and do a full test run for a final check. Fifth Step is to have a good security software running in your system. I recommended a few but there are many out there that will do a great job securing your system.
Run hijackthis and do another check to see if the same anomalies are still running in the registry. Then run regedit and check under the following entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
and search for the following entry and delete it.
“userini.exe “=”%WINDIR%explorer.exe:userini.exe”
If you see anything else that looks suspicious delete it as well.
Warning: Always do a registry backup just in case
Also check the following entries:
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
If everything is okay after checking the above entries then run Fifth Step and install comodo internet security, update the software and do a full scan. By this time your system should be running smoothly without any problems.
If you experience any problems while running windows, do the following. Log into safe mode create a new user account with full privileges i.e. administration copy any personal files from the existing account making sure they are clean into a directory you have access to i.e. C:\ or a partition if you have one created. Log into the new account while in safe mode and delete the account that had the virus. This is sometimes needed because some virus corrupts the user profile.
Windows Operating System CD
The following steps require an original Windows CD or have access to the I386 folder if you created a copy in C:\
You might have to expand some files and copy them to c:\windows\system32 because they might be missing after one of the tools above put them in quarantine or deleted them because it could not clean them.
The following steps can be executed from CMD mode
CD C:\I386 [ENTER]
EXPAND what ever file is missing into C:\WINDOWS\SYSTEM32 [ENTER]
or
- Insert the original Windows XP CD and reboot the computer. You may need to configure your computer to boot from the CD-ROM drive.
- When the Windows XP Setup has started, press “R” to “repair the Windows XP installation using Recovery Console”.
- Select the Windows installation to repair (generally this is C:\Windows) by typing its number and then pressing ENTER.
- Type the Administrator password and press ENTER.
- Type the following commands:
D: [ENTER] assuming D: is your cd rom drive
CD I386 [ENTER]
EXPAND what ever file is missing into C:\WINDOWS\SYSTEM32 [ENTER]
By now you should be running a system without any viruses. If you have any questions or suggestions please leave a comment here and I will be glad to help you.
Click on the following URL Internet Safe Surfing to learn more about different tools, browser addons and more to improve your Internet surfing security.
Good luck.
Return Back To:
“Hello Manuel,
Don’t worry for knowing your know coz I have read your reply to some comments here in your site.
I have a few problem with my browser that sometime when I start my computer and browse the web and go to google or gmail I get a blank page. I tried to use different browser also but the problem is still the same.
What do you think can be the problem for this? I tried cleaning up the cache and also used ccleaner but still getting a blank browser.
Hope for your great assistant and solutions.
Thanks,
Lorna”
Hello Lorna thank you for your question. I have checked your link and apparently you are a computer service provider. Regardless of that I will try to assist you in the best way possible.
First what operating system are you using?
What browser version and browsers have you used for testing?
Do you have the latest flash plugin?
Does your browser have incompatible plugins?
Have you checked to see whether you might have a virus?
Have you got a corrupted browser profile?
Have you got a corrupted account”profile” depending on your operating system?
Have you tried to reinstall your browser?
I look forward to your reply.
Kind regards
good guiding post thanks
Thank you for your input. It did the trick for me and I am sure that it will help others.
Kind regards
Thank you for your comment.