Published: July 10, 2007

The aim of the Malware Removal Starter Kit is to provide reactive guidance and prescriptive steps to help you recover a computer that has been exposed to malicious software. It is important to understand that no process can guarantee a full recovery from the damage that malicious software can do. For this reason, there is no substitute for solid defenses and reliable backup and recovery processes. In this way, if the worst does happen and you have to rebuild the computer, the impact will be minimized.

If you do use the recovery steps in this guide, we recommend spending some time after the computer is fixed to investigate how the malicious software was introduced to it. This effort should attempt to learn how the problem was introduced rather than trying to find something or someone to blame. If the weakness was with a technical defense measure, such as a firewall or antivirus program, you can review it and update the measure as required. If the problem was introduced because of the actions of staff, additional training may be required to ensure the problem is not repeated. Remember the golden rule: “Prevention is better than cure.”

Finally, while this guide is specifically written to help IT Generalists repair computers attacked by malware in small- to medium-sized organizations, much of this information is valuable for protecting the home computers that belong to you and your staff. For more information about protecting home computers, visit the Microsoft Security at Home Web site.


Please direct questions and comments about this guidance to Security Solutions Questions & Feedback.


The Solution Accelerators – Security and Compliance group (SA-SC) would like to acknowledge and thank the team that produced the Malware Removal Starter Kit. The following people were either directly responsible or made a substantial contribution to the writing, development, and testing of this solution.

Authors, Contributors, and Writers

John Cobb - Wadeware LLC

Mike Danseglio

Charles Denny

Richard Harrison – Content Master Ltd

Frank Simorjay


Jennifer Kerns - Wadeware LLC

Product Managers

Alain Meeus

Jim Stuart

Program Manager

Bomani Siwatu

Release Manager

Karina Larson


Gaurav Singh Bora

Saurabh Garg - Infosys Technologies Ltd

Sumit Parikh - Infosys Technologies Ltd


Cindy Agnew - Fife School District, Dr. Barbara Endicott-Popovsky, Joseph Kessler, Thom Nesbitt, Sterling Reasor

Reviewers (Microsoft)

Rebecca Black, Anthony Blumfield, Derick Campbell, Chase Carpenter, Shiroy Choksey, Bret Clark, Steve Clark, Greg Cottingham, Jeremy Croy, Fidelis Ekezue, Joe Faulhaber, Karl Grunwald, Kumi Hilwa, Bashar Kachachi, David Kennedy, Jimmy Kuo, Greg Lenti, Nishanth Lingamneni, Mark Miller, Adam Overton, Sanjay Pandit, Bill Stackpole, Max Uritsky, Jeff Williams, Lee Yan

This accelerator is part of a larger series of tools and guidance from Solution Accelerators.


Get the Malware Removal Starter Kit

Update Notifications

Sign up to learn about updates and new releases


Send us your comments or suggestions