How to Remove Malware From Your Windows Machine

The Complete Guide

Malware Detected

If your computer is running the Windows operating system, chances are that you’re familiar with the term “malware.”

It’s in the news more than ever before, especially since there has been a steady increase of online threats and attacks.

Due to the fact that Windows has the highest number of users around the world, Windows devices are a popular target for malware hackers.

Often, you hear stories of Windows being an insecure operating system, but it’s absolutely not. Hackers simply target Windows devices far more often than any other operating system.

Very simply, malware could be any kind of software that does something without your permission or without telling you it was going to execute a specific action or task.

Privacy concept: Malware on digital background

In this guide, I want to provide you with a better understanding of the term “malware” and what kind of malicious software categories are out there. In addition, I will provide you with an extensive overview of how to remove malware from your Windows device.

​What is Malware?

The term “malware” is an abbreviation of the two words “malicious” and “software” combined.

When people are talking about trojans, viruses or ransomware (such as WannaCry, which I’ll talk about later), they’re basically talking about different types of malware. Backdoors, keyloggers and spyware are all examples of what’s considered malware, all of which will be discussed in detail later in this article.

Hacker’s Intent to Use Malware

Generally, the hackers’ intent is to gather private or sensitive information, such as credit card details or personal information. Hackers could also target a computer and set up a backdoor in order to gain access or full control of someone’s computer.

There are two types of hackers: “white hat” hackers and “black hat” hackers, and there is a major difference between them.

Put simply, white hat hackers try to expose breaches in software and security systems in order to report their findings to another party.

While black hat hackers may use the same hacking techniques, they usually aim to sell their skills or stolen data to the highest bidder or use the stolen data for personal gain.

Signs That Tell You Your Windows PC Could Be Compromised

Is your PC running a lot slower than normal?

That’s one of the most obvious signs of a possibly compromised Windows computer. Also, never-before-seen pop-ups, odd pop-ups or other weird messages are signs that a PC might be infected.

Do you have an antivirus scanner, yet you still experience these issues? Unfortunately, antivirus software is not always able to identify malicious software. Therefore, even a protected computer could be victim to an attack.

Antivirus software relies on a system that “recognizes” a malicious file, but only if that file is in the database of the antivirus company. Hence, a new virus won’t be recognized, and that’s why companies like Bitdefender and Kaspersky constantly run tests and update their databases immediately once they run into a new version of malware.

So, it’s very important to always update your antivirus software! (Preferably, turn on auto-updates.)

Apart from a slow PC or pop-ups, there are various other signs that should ring the alarm bells.

Does your Windows PC show any of the signs listed below?

  • Slow computer, and applications take a long time to load
  • Your Windows PC is restarting randomly or automatically
  • Unable to load certain pages that were accessible before
  • hashtag
    Browser constantly freezing, hanging or not responding
  • hashtag
    Random ads showing messages or opening tabs in your browser
  • hashtag
    Your standard homepage is changed
  • hashtag
    Weird tools showing in the toolbar of your browser
  • hashtag
    Unexpected “Low Disk Space” message
  • hashtag
    Programs opening and closing automatically
  • hashtag
    “Blue Screen of Death” - this could also be due to hardware-related issues or outdated drivers.
  • hashtag
    Sudden pop-ups that your antivirus is disabled
  • hashtag
    Spam or random messages sent out from your Skype or Facebook account, which you didn’t send
  • hashtag
    Software icons you don’t recognize and never installed
  • hashtag
    An error message about missing or corrupt files appears
  • hashtag
    Unable to access Administrator areas such as Control Panel, Driver Updates, Task Manager or Registry Editor

​Examples of Malware

There are many different types of malware which you could potentially be dealing with. In order to get a better understanding of what kind of malware you’re dealing with, I have created a list of the most common types and a short description:

1

Viruses

You could compare a computer virus to a human virus because, in both cases, a virus infects a clean computer file or cell (respectively) and from there spreads to other clean files or cells.

A virus on a Windows PC spreads and nestles itself in a device in order to disrupt and damage the functionality. This could also lead to the deletion or corruption of files. In many cases, viruses are being activated through executing a “.exe” file.

2

Trojans

This particular type of malware is generally designed to come across as a valid software program or is hidden in real software.

A Trojan Horse on a PC has a similar objective to the Trojan Horse in the ancient tale from the Trojan War in Greece: to create “backdoors” to attack a target, and, in this case, to let other types of malware flood in and damage the system.

3

Adware

Adware (advertisement software) is software used to show ads to the end-user. The ads are not always harmful, but there are aggressive ads out there which might weaken your security and open the door to other types of malware.

4

Worms

Typically, worms infect a significantly large online network or a network of devices. It’s designed to replicate itself and use an infected system to infect another system. Unlike a PC virus, a worm can spread to other devices without any human action.

A worm can execute harmful tasks, send emails, infect a system with other types of malware and delete or overwrite files.

One of the most famous worms of all time is the “ILOVEYOU” worm. It spread through other systems by sending emails to all contacts stored on a PC containing malicious files. According to Wikipedia, ILOVEYOU was estimated to have caused between $5.5 and $8.7 billion in damages and infected an estimated 10% of all internet-connected computers worldwide.

5

Ransomware

The famous ransomware attack “WannaCry” is a good example of what ransomware does.

WannaCry locked infected systems and demanded a payment of 300 Bitcoin for a key to unlock the system. Victims only had a couple of days to make the payment, or their files would be deleted and they’d never gain access again.

Malwarebytes released a report, “State of Malware,” in 2017. The report shows which countries were hit most by ransomware.

The top 10 countries for ransomware detections:

  1. United States
  2. Germany
  3. Italy
  4. United Kingdom
  5. France
  6. Australia
  7. Canada
  8. Spain
  9. India
  10. Austria

6

Botnets

The term “botnet” is a combination of the words “robot” and “network.”

Botnets are a type of trojan that hackers use to gain remote access to infected systems and use the infected systems to work together as one force.

​Software Tools to Remove the Malware

In order to remove a trojan, virus, worm or any other of the malicious software types mentioned above from your Windows machine, there are various software tools to help you with that.

It’s recommended to perform a full system scan by a real-time antivirus scanner. If you don’t have a paid version already, you can get a free trial for 30 days for most software tools.

Top-notch software tools that you can use against malware include the following:

  • SUPERAntiSpyware
  • Malwarebytes
  • HitManPro
  • hashtag
    RKill
  • hashtag
    Kaspersky
  • hashtag
    Bitdefender

In the next section, I will provide the necessary steps to take whenever your Windows PC is infected with malware.

How to Remove Malware From Your Windows Machine

In this section, I’ll talk about three anti-malware tools: SUPERAntiSpyWare, HitmanPro and Malwarebytes, as well as one additional tool for the extremely aggressive malware, RKill.

You can select any one of the three software tools as your weapon of choice to scan your PC.

Important note: RKill can only be used successfully in combination with one of the other anti-malware tools listed below, but not on its own.

Let’s get to it!

Step 1: Download and Use Cyber Security and
Anti-Malware Tools

SUPERAntiSpyware

SUPERAntiSpyware is a program that will scan your system for spyware and adware and remove malware, trojans, worms, keyloggers and other types of dangerous threats.

1. Download SUPERAntiSpyware 

SUPERAntiSpyware can be downloaded here.

You have an option to download the free version, but you can also choose the more advanced and paid version called “Professional” at $29.95 per year.

SUPERAntiSpyware Software Download

2. After downloading the software, shut down all programs on your PC.

3. Hover over the designated download folder or desktop and double-click the file “SUPERAntiSpyware.exe” to start the installation process.

4. Do not change any default settings and let the installation finish.

5. After successfully installing SUPERAntiSpyware, you can choose the preferred language settings. After clicking “Finish,” you will see the dashboard.

6. Now it’s time to click “Scan your Computer.”

“Preferences” will allow you to select what folders you want to scan. However, I recommend a full system scan.

SUPERAntiSpyware Scan for Harmful Software

7. The next step will allow you to choose what type of scan you would like to perform.

SUPERAntiSpyware Complete Scan

It’s best to select a “Complete Scan” and select all “Scan Locations” in order to avoid missing out on any area.

8. Then, click “Next” and the software tool will start running a complete system scan.

SUPERAntiSpyware Scanning Progress

9. After a scan summary notification, you’ll be redirected to an overview of all the malware that has been found. The “Threat Description” area will contain a list of detected malware on your device.

SUPERAntiSpyware Detected Malware Items

10. Click “Next” to let SUPERAntiSpyware delete all the malware.

Every threat will be moved to the SUPERAntiSpyware’s quarantine environment. The malware won’t be able to affect your system after being placed in quarantine.

11. Reboot your PC.

Malwarebytes

Malwarebytes is a high-end and on-demand cyber security and anti-malware software tool. You can use this program to delete trojans, worms and other variants of malware.

Malwarebytes provides both free and paid options.

Malwarebytes Tool
  1. You can download the free version by visiting their website and clicking on “Download.”

  1. When the download is complete, head over to the download destination and double-click the file “mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.4202.exe” to install Malwarebytes on your PC.

  1. Read the instructions to complete installation.

Malwarebytes Successful Installation Message

4. Once you have completed the installation, you will end up in Malwarebytes’ dashboard. Click on “Start Now” to activate a full system scan.

Malwarebytes Scanning Process

5. Malwarebytes will start scanning your Windows PC for malware. This process can take a couple of minutes.  

Malwarebytes Scanning

Note: if your PC is clean you will get the following message:

Malwarebytes Scanning Result

6. After Malwarebytes finishes scanning your PC, you will see an overview of the scan results and the potential threats and malware it has detected.

Malwarebytes Threat Scan Results

​7. Then, simply click on the upper-left box to select all files and go over to the lower-right corner to click “Quarantine Selected.”

Then you will see the next window:

Malwarebytes Scan and Quarantine Complete

8. After all the malware is moved to the quarantine area, the final thing you need to do is restart your PC.

Malwarebytes Scan Summary

HitmanPro

HitmanPro is a powerful malware detection and removal software tool. It doesn’t only remove viruses, trojans, worms or bots, HitmanPro also wipes out every trace and piece of found malware.

HitmanPro also runs smoothly alongside any real-time antivirus scanner and is perfect for a second layer of protection from threats that your antivirus might not detect.

It’s priced at $24.95 per year for 1 PC.

However, you can also get the free trial for 30 days.

HitmanPro Free Trial Option
  1. You can download the free-trial version of HitmanPro here.

  1. When the download is complete, head over to the download destination and double-click the file “HitmanPro 3.8.”

  1. You will now be presented with the installation screen.

HitmanPro Malware Cleaner Download

4. Click “Next” in order to start a full system scan for any potential malware, viruses, Trojans, etc.

HitmanPro will now start running a scan and going through your system for potential malware. The second column will show you what files it has detected that could be a threat.

HitmanPro Scanning Process

5. Once HitmanPro is finished scanning your Windows PC, it will show a complete list of all the threats and potential dangers, and quarantine those files.

6. Click on the button “Next.” 

You can select all the detected files and either quarantine or delete them. In the example below, you can see that HitmanPro detected “YouTubeAdBlocker” as a potential trace, because it’s a plugin blocking pop-ups and advertisements.

Without diving too deep into the tech jibber jabber, when a software tool (such as YouTubeAdBlocker) is blocking other software, a malware or virus scanner will detect it as a potential threat, because viruses may execute similar actions.

Obviously, you don’t have to delete an ad-blocker tool or other non-malicious software. Use the drop-down menu next to “Delete” to change the action to “Ignore.”

HitmanPro Scanning Threats

7. When you have completed all the steps, HitmanPro will ask you to reboot your PC to complete the removal of malicious files.

HitmanPro Scanning Threats Detected

Step 2: Use RKill

RKill is different compared to the other tools listed above. RKill does not remove or quarantine malware.

However, when an anti-malware tool is not able to delete a malicious file, RKill can kill the process. Once you’ve killed the process, you can use one of the anti-malware scanners to delete the malicious file.

1. You can download the free version here. Click on “Download Now.”

RKill Download

2. In order to activate RKill, double-click on the icon “iExplore” on your desktop or download folder.

RKill Icon

3. After clicking iExplore, you’ll see the screen shown below. RKill is now scanning your PC for malicious processes and will forcefully end these processes.

This can take a couple of minutes, so please be patient! 

RKill Scanning Process

4. After RKill completes a system scan, it will create a text-file log containing all the observations and what actions the tool has taken.

RKill Text-File Scan Log

​Important note: RKill does not delete any malicious files, but merely deactivates their processes. Make sure to run a full system scan with one of the programs mentioned above or a real-time antivirus scanner, such as Bitdefender or Kaspersky.

5. After a full system scan, delete or quarantine any malicious files using an anti-malware tool or a real-time antivirus scanner.

​If you don’t do this and you reboot your PC, the malware will be active again.

Summary

All the software tools listed in this guide are designed to detect malicious files on your Windows machine, but the functionality of the tools differ from each other.

RKill is the only tool on the list that does not remove malware. For example, if Malwarebytes is unable to quarantine a malware threat, you can use RKill to kill the malware process. Once you’ve killed the process, you can use Malwarebytes to delete or quarantine the malware process.

SUPERAntiSpyware, HitmanPro and Malwarebytes are all designed to detect and delete malicious threats.

That being said, Malwarebytes is unique because it also has a real-time protection feature. Thus, your Windows PC is safe under the live protection of Malwarebytes.

Using any one of the software tools in Step 1 provides sufficient protection against malware. RKill works in combination with any one of the other listed tools, because it’s not capable of permanently deleting malware on its own.

How to Avoid Malware

Prevention measures are also a proper layer of protection for your Windows PC. It’s important to always update your Windows firewall and antivirus scanner.

Furthermore, be smart when it comes to malware. Never open weird emails with attachments or URLs. Always double check the URL’s address and do not open a link from a stranger.  

In case you have any doubts, simply contact the company through their official channels to verify.

You can check out my extensive post on phishing emails and how to deal with them for more information.  

Recommended Software Tool

I highly recommend Malwarebytes. It’s my weapon of choice for battling against malicious software. Malwarebytes is constantly updating its protection system and therefore offers a very good chance of defeating any malicious threats.

As for the best antivirus software, I have already released an in-depth post in the past about the best antivirus software tools at the moment. I highly recommend Kaspersky as my top choice for the best all-round, real-time and on-demand antivirus.

Once you follow all of the steps in this guide, your computer should be free of malware and running well. Happy computing!