How to Remove Malware From Your Windows Machine
The Complete Guide
If your computer is running the Windows operating system, chances are that you’re familiar with the term “malware.”
It’s in the news more than ever before, especially since there has been a steady increase of online threats and attacks.
Due to the fact that Windows has the highest number of users around the world, Windows devices are a popular target for malware hackers.
Often, you hear stories of Windows being an insecure operating system, but it’s absolutely not. Hackers simply target Windows devices far more often than any other operating system.
Very simply, malware could be any kind of software that does something without your permission or without telling you it was going to execute a specific action or task.
In this guide, I want to provide you with a better understanding of the term “malware” and what kind of malicious software categories are out there. In addition, I will provide you with an extensive overview of how to remove malware from your Windows device.
What is Malware?
The term “malware” is an abbreviation of the two words “malicious” and “software” combined.
When people are talking about trojans, viruses or ransomware (such as WannaCry, which I’ll talk about later), they’re basically talking about different types of malware. Backdoors, keyloggers and spyware are all examples of what’s considered malware, all of which will be discussed in detail later in this article.
Hacker’s Intent to Use Malware
Generally, the hackers’ intent is to gather private or sensitive information, such as credit card details or personal information. Hackers could also target a computer and set up a backdoor in order to gain access or full control of someone’s computer.
There are two types of hackers: “white hat” hackers and “black hat” hackers, and there is a major difference between them.
Put simply, white hat hackers try to expose breaches in software and security systems in order to report their findings to another party.
While black hat hackers may use the same hacking techniques, they usually aim to sell their skills or stolen data to the highest bidder or use the stolen data for personal gain.
Signs That Tell You Your Windows PC Could Be Compromised
Is your PC running a lot slower than normal?
That’s one of the most obvious signs of a possibly compromised Windows computer. Also, never-before-seen pop-ups, odd pop-ups or other weird messages are signs that a PC might be infected.
Do you have an antivirus scanner, yet you still experience these issues? Unfortunately, antivirus software is not always able to identify malicious software. Therefore, even a protected computer could be victim to an attack.
Antivirus software relies on a system that “recognizes” a malicious file, but only if that file is in the database of the antivirus company. Hence, a new virus won’t be recognized, and that’s why companies like Bitdefender and Kaspersky constantly run tests and update their databases immediately once they run into a new version of malware.
So, it’s very important to always update your antivirus software! (Preferably, turn on auto-updates.)
Apart from a slow PC or pop-ups, there are various other signs that should ring the alarm bells.
Does your Windows PC show any of the signs listed below?
Examples of Malware
There are many different types of malware which you could potentially be dealing with. In order to get a better understanding of what kind of malware you’re dealing with, I have created a list of the most common types and a short description:
You could compare a computer virus to a human virus because, in both cases, a virus infects a clean computer file or cell (respectively) and from there spreads to other clean files or cells.
A virus on a Windows PC spreads and nestles itself in a device in order to disrupt and damage the functionality. This could also lead to the deletion or corruption of files. In many cases, viruses are being activated through executing a “.exe” file.
This particular type of malware is generally designed to come across as a valid software program or is hidden in real software.
A Trojan Horse on a PC has a similar objective to the Trojan Horse in the ancient tale from the Trojan War in Greece: to create “backdoors” to attack a target, and, in this case, to let other types of malware flood in and damage the system.
Adware (advertisement software) is software used to show ads to the end-user. The ads are not always harmful, but there are aggressive ads out there which might weaken your security and open the door to other types of malware.
Typically, worms infect a significantly large online network or a network of devices. It’s designed to replicate itself and use an infected system to infect another system. Unlike a PC virus, a worm can spread to other devices without any human action.
A worm can execute harmful tasks, send emails, infect a system with other types of malware and delete or overwrite files.
One of the most famous worms of all time is the “ILOVEYOU” worm. It spread through other systems by sending emails to all contacts stored on a PC containing malicious files. According to Wikipedia, ILOVEYOU was estimated to have caused between $5.5 and $8.7 billion in damages and infected an estimated 10% of all internet-connected computers worldwide.
The famous ransomware attack “WannaCry” is a good example of what ransomware does.
WannaCry locked infected systems and demanded a payment of 300 Bitcoin for a key to unlock the system. Victims only had a couple of days to make the payment, or their files would be deleted and they’d never gain access again.
Malwarebytes released a report, “State of Malware,” in 2017. The report shows which countries were hit most by ransomware.
The top 10 countries for ransomware detections:
- United States
- United Kingdom
The term “botnet” is a combination of the words “robot” and “network.”
Botnets are a type of trojan that hackers use to gain remote access to infected systems and use the infected systems to work together as one force.
Software Tools to Remove the Malware
In order to remove a trojan, virus, worm or any other of the malicious software types mentioned above from your Windows machine, there are various software tools to help you with that.
It’s recommended to perform a full system scan by a real-time antivirus scanner. If you don’t have a paid version already, you can get a free trial for 30 days for most software tools.
Top-notch software tools that you can use against malware include the following:
In the next section, I will provide the necessary steps to take whenever your Windows PC is infected with malware.
How to Remove Malware From Your Windows Machine
In this section, I’ll talk about three anti-malware tools: SUPERAntiSpyWare, HitmanPro and Malwarebytes, as well as one additional tool for the extremely aggressive malware, RKill.
You can select any one of the three software tools as your weapon of choice to scan your PC.
Important note: RKill can only be used successfully in combination with one of the other anti-malware tools listed below, but not on its own.
Let’s get to it!
Step 1: Download and Use Cyber Security and
SUPERAntiSpyware is a program that will scan your system for spyware and adware and remove malware, trojans, worms, keyloggers and other types of dangerous threats.
1. Download SUPERAntiSpyware
SUPERAntiSpyware can be downloaded here.
You have an option to download the free version, but you can also choose the more advanced and paid version called “Professional” at $29.95 per year.
2. After downloading the software, shut down all programs on your PC.
3. Hover over the designated download folder or desktop and double-click the file “SUPERAntiSpyware.exe” to start the installation process.
4. Do not change any default settings and let the installation finish.
5. After successfully installing SUPERAntiSpyware, you can choose the preferred language settings. After clicking “Finish,” you will see the dashboard.
6. Now it’s time to click “Scan your Computer.”
“Preferences” will allow you to select what folders you want to scan. However, I recommend a full system scan.
7. The next step will allow you to choose what type of scan you would like to perform.
It’s best to select a “Complete Scan” and select all “Scan Locations” in order to avoid missing out on any area.
8. Then, click “Next” and the software tool will start running a complete system scan.
9. After a scan summary notification, you’ll be redirected to an overview of all the malware that has been found. The “Threat Description” area will contain a list of detected malware on your device.
10. Click “Next” to let SUPERAntiSpyware delete all the malware.
Every threat will be moved to the SUPERAntiSpyware’s quarantine environment. The malware won’t be able to affect your system after being placed in quarantine.
11. Reboot your PC.
Malwarebytes is a high-end and on-demand cyber security and anti-malware software tool. You can use this program to delete trojans, worms and other variants of malware.
Malwarebytes provides both free and paid options.
You can download the free version by visiting their website and clicking on “Download.”
When the download is complete, head over to the download destination and double-click the file “mb3-setup-consumer-188.8.131.523-1.0.262-1.0.4202.exe” to install Malwarebytes on your PC.
Read the instructions to complete installation.
4. Once you have completed the installation, you will end up in Malwarebytes’ dashboard. Click on “Start Now” to activate a full system scan.
5. Malwarebytes will start scanning your Windows PC for malware. This process can take a couple of minutes.
Note: if your PC is clean you will get the following message:
6. After Malwarebytes finishes scanning your PC, you will see an overview of the scan results and the potential threats and malware it has detected.
7. Then, simply click on the upper-left box to select all files and go over to the lower-right corner to click “Quarantine Selected.”
Then you will see the next window:
8. After all the malware is moved to the quarantine area, the final thing you need to do is restart your PC.
HitmanPro is a powerful malware detection and removal software tool. It doesn’t only remove viruses, trojans, worms or bots, HitmanPro also wipes out every trace and piece of found malware.
HitmanPro also runs smoothly alongside any real-time antivirus scanner and is perfect for a second layer of protection from threats that your antivirus might not detect.
It’s priced at $24.95 per year for 1 PC.
However, you can also get the free trial for 30 days.
You can download the free-trial version of HitmanPro here.
When the download is complete, head over to the download destination and double-click the file “HitmanPro 3.8.”
You will now be presented with the installation screen.
4. Click “Next” in order to start a full system scan for any potential malware, viruses, Trojans, etc.
HitmanPro will now start running a scan and going through your system for potential malware. The second column will show you what files it has detected that could be a threat.
5. Once HitmanPro is finished scanning your Windows PC, it will show a complete list of all the threats and potential dangers, and quarantine those files.
6. Click on the button “Next.”
You can select all the detected files and either quarantine or delete them. In the example below, you can see that HitmanPro detected “YouTubeAdBlocker” as a potential trace, because it’s a plugin blocking pop-ups and advertisements.
Without diving too deep into the tech jibber jabber, when a software tool (such as YouTubeAdBlocker) is blocking other software, a malware or virus scanner will detect it as a potential threat, because viruses may execute similar actions.
Obviously, you don’t have to delete an ad-blocker tool or other non-malicious software. Use the drop-down menu next to “Delete” to change the action to “Ignore.”
7. When you have completed all the steps, HitmanPro will ask you to reboot your PC to complete the removal of malicious files.
Step 2: Use RKill
RKill is different compared to the other tools listed above. RKill does not remove or quarantine malware.
However, when an anti-malware tool is not able to delete a malicious file, RKill can kill the process. Once you’ve killed the process, you can use one of the anti-malware scanners to delete the malicious file.
1. You can download the free version here. Click on “Download Now.”
2. In order to activate RKill, double-click on the icon “iExplore” on your desktop or download folder.
3. After clicking iExplore, you’ll see the screen shown below. RKill is now scanning your PC for malicious processes and will forcefully end these processes.
This can take a couple of minutes, so please be patient!
4. After RKill completes a system scan, it will create a text-file log containing all the observations and what actions the tool has taken.
Important note: RKill does not delete any malicious files, but merely deactivates their processes. Make sure to run a full system scan with one of the programs mentioned above or a real-time antivirus scanner, such as Bitdefender or Kaspersky.
5. After a full system scan, delete or quarantine any malicious files using an anti-malware tool or a real-time antivirus scanner.
If you don’t do this and you reboot your PC, the malware will be active again.
All the software tools listed in this guide are designed to detect malicious files on your Windows machine, but the functionality of the tools differ from each other.
RKill is the only tool on the list that does not remove malware. For example, if Malwarebytes is unable to quarantine a malware threat, you can use RKill to kill the malware process. Once you’ve killed the process, you can use Malwarebytes to delete or quarantine the malware process.
SUPERAntiSpyware, HitmanPro and Malwarebytes are all designed to detect and delete malicious threats.
That being said, Malwarebytes is unique because it also has a real-time protection feature. Thus, your Windows PC is safe under the live protection of Malwarebytes.
Using any one of the software tools in Step 1 provides sufficient protection against malware. RKill works in combination with any one of the other listed tools, because it’s not capable of permanently deleting malware on its own.
How to Avoid Malware
Prevention measures are also a proper layer of protection for your Windows PC. It’s important to always update your Windows firewall and antivirus scanner.
Furthermore, be smart when it comes to malware. Never open weird emails with attachments or URLs. Always double check the URL’s address and do not open a link from a stranger.
In case you have any doubts, simply contact the company through their official channels to verify.
You can check out my extensive post on phishing emails and how to deal with them for more information.
Recommended Software Tool
I highly recommend Malwarebytes. It’s my weapon of choice for battling against malicious software. Malwarebytes is constantly updating its protection system and therefore offers a very good chance of defeating any malicious threats.
As for the best antivirus software, I have already released an in-depth post in the past about the best antivirus software tools at the moment. I highly recommend Kaspersky as my top choice for the best all-round, real-time and on-demand antivirus.
Once you follow all of the steps in this guide, your computer should be free of malware and running well. Happy computing!