How to Remove Registry Malware (4 Steps)

By James Wright

Malware is a type of malicious program that infects your system, causing adverse effects such as slowing or broken programs, or logging your personal information as you type it. One way malware can affect your system is by modifying or creating entries to your system's registry, which is basically the database for all operations on your computer. While most malware can be removed using a free antispyware or virus program, it is also helpful to check the registry itself for false entries.

Step 1

Open your computer's registry by clicking "Start," typing "regedit" (without quotes) in the search box and then pressing "Enter."

Step 2

Open the following directory by double-clicking on each folder in the hierarchy:

"HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion"

For example, double click "HKEY_LOCAL_MACHINE," then double click "SOFTWARE," then double-click each folder until you get to the "CurrentVersion" directory.

Step 3

Scroll down until you see a list of folders beginning with "Run." There are three to six of these folders with names like "Run," "Run-Disabled" and "RunOnce." What you see will depend on your computer; not all computers have the same entries.

Click once on each of these folders to view the registry entries inside, which are a list of programs your computer is set to run automatically as soon as your system starts. Many malware program entries may be misspelled or look unfamiliar to you, so use a search engine to research any names you aren't familiar with. If there are any entries in your registry that are confirmed malware, you can delete them by right-clicking on the entry and clicking "Delete."

×