Somehow I have some malware that my virus protection will find but will not let me delete.

Spybot says I have global hosts and will find them but will not let me do anything with them. It is redirecting Internet Explorer and is causing the PC to run badly.

How do I get rid of this malware?

I have Windows XP.

5 Answers 5


IMO, these days the only correct response to a confirmed malware infection is to backup your data, format your hard drive, re-install windows, and then restore your apps and data.

  • It's a great fool-proof solution, but it's not the only way.
    – Fosco
    Commented Aug 18, 2010 at 18:32
  • @Fosco But it is often a quicker way. How long should one spend trying to eradicate a problem versus backing up and starting from scratch? From a cost-benefit standpoint if it's going to take you longer to try to remove the virus than to backup and refresh, then don't try removing the virus; it's a waste of time. Commented Aug 20, 2010 at 5:54
  • @Michael, I agree 100%. I'm usually the one telling people to format, and they hate hearing it.
    – Fosco
    Commented Aug 20, 2010 at 12:57

Download a free copy of Microsoft Security Essentials - http://www.microsoft.com/security_essentials/default.aspx and do a full scan. That should delete it. Keep MSE on your computer. I find that it works very well.


I do agree with prev poster about formatting, however sometimes you would like to just get it free from virus to format it at a later time. F-Secure has a live-cd that can identify and rename all viusfiles (hence making them impossible to run at boottime if the virus isnt mutating): http://www.f-secure.com/linux-weblog/2008/06/19/f-secure-rescue-cd-300-released/


You could try booting into Safe Mode and then seeing if your tools will be able to delete the infections. You might also try MalwareBytes just to get another tool involved.

This site has links to quite a few free rescue CD's from many of the major companies:


The rescue CD definitions are often updated daily. You may need to check the help section in your CD burning software to see how to create an ISO CD. Then boot your PC from the rescue CD and follow the on-screen instructions.

Good luck.


Open C:\windows\system32\etc\drivers\hosts in notepad and delete every line that doesn't start with # and is not localhost.

Open Task Manager and locate any suspicious executables, like all garbage names.. find those files on the drive, right click on them and pick properties, find the security tab, and remove ALL permissions from ALL users for those executables. Reboot. Do this again. Reboot again.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .