How to remove malware from a Windows PC

There are several ways through which you can
remove malware from your infected computer.

• First you can use anti-virus program to remove malware and related virus.
• If your computer is infected with malware then you can see unwanted software has been installed on your computer. Just uninstall them.
• You can use free but yet powerful anti-malware tool that will detect the undetected malware and removes them from root out of your computer.

Hope this will help you.

Pure guts I use no antivirus

Hi,
Thanks for sharing such a valuable information.
Keep sharing

I read a few articles that Davey Winder talked about in the PC & Tech Authority about Security

mostly easy for us remove virus or client infected with tools. unfortunely some nasty virus can't be removed. for first step
Disable autorun some unknown application, it can be done from msconfig or by registry are wish

I've been studying cyber security for about a year now, and I'm really just shaking my head at this article!

A serious malware or rootkit will successfully hide itself from your OS and your AV, so long as you're booting from the infected system.

If your security was so bad that you have a less sophisticated issue (adware, etc.), then you may well have serious malware also, but just not yet be aware of it.

The only secure remedy is to boot from a non-infected thumb drive or disc; scan and clean your critical data, then copy it to other media. Now you have two choices for your remaining drives - especially your OS drive:

1. Destroy it and replace with a new drive. (Safest option)
2. Re-partition & format the drive (Fairly safe if done properly).
3. Before reinstalling your OS and software, rethink your choices so that you don't go down that same bumpy road again!

Really consider Linux Ubuntu. It's free; it's as easy to use as Windows; all the software you're likely to ever need is free;

No matter which OS you use, you'll need a hardware firewall (router in most cases) and a software firewall (both properly configured); good anti-malware program and a regular backup system to offline media or cloud.

Setting your DNS to OpenDNS will help keep you from bad websites.

Once each week, check that your OS and browsers are up-to-date and properly patched.

• Hank

I would also have to agree with Bill13's point above. Many forms of malware can hide from AVs, which is why it is always advisable to pair it with a anti-malware tool of some sort.

Other extra scans for besides HitmanPro and TDSSKiller mentioned in point #4 are RogueKiller and AdwCleaner. The more, the merrier.

I would also suggest having third party instant restore software like deep freeze or drive vaccine.

Hank, some good points but for the record I've been working in and writing about 'cyber security' for more than 20 years now. Much of what you take issue with is covered in step 4 of that article - and it's this advice that you are essentially repeating when you state "The only secure remedy is to boot from a non-infected thumb drive or disc; scan and clean your critical data." However, just to clarify:

Some, not all, malware is of the rootkit variety and some, not all, is sophisticated enough to hide away totally. Much, not all, of the stuff that does can be dealt with as I said by "booting into a Linux environment via CD/USB and manually identifying and deleting rogue files." Much, not all, can also be dealt with using something like HitManPro Kickstart.

Davey,

Thanks for taking the time to respond. I should have done a little research on you before replying. However -

Your “Step 4” comes over 600 words into the article. The part about booting from a disc comes in its 2nd paragraph, now over 800 words deep! My eyes had glazed over before that point, as perhaps had those of many others.

Your “Step 1” states, “Removal is usually very straightforward..”, and has the user operating from the infected system.

Your response post states, “Some, not all, malware is of the rootkit variety and some, not all, is sophisticated enough to hide away totally.”

Since your article is meant for people who are not particularly experienced in dealing with malware – especially the newest generation of malware, I feel strongly that you should not be giving these particular points of advice here.

First, let me make the distinction between sophisticated hackers and sophisticated malware. The former are (hopefully) few. But the latter, can be readily downloaded by any script-kiddie or wanna-be stalker, etc., and used with less than fifteen minutes of “learning”.

To expect the average user to be able to discern between regular “crapware” and “something more sinister”, well that had me scratching my head. Especially since if you have the one, you might very well have the other as well, yet the article doesn't seem to give advice on how to determine which it is, or whether it's both.

Finally, (I've edited out several other points for brevity's sake) – only near the very end of your 1200 word article (can you tell I'm having fun with LibreOffice's word count?), do you make MY POINT about the “nuclear option” - “ in most cases it offers the best chance of a truly clean system”

I do respect your experience and look forward to reading more of your articles in the future. I'll chalk this article up to possible deadline pressures, since your thoughts later in the process come closer to what we probably now agree (I'm guessing) should have been earlier in the article.

These days, malware can hide in the BIOS flash area, or in disc drive flash memory. They are almost impossible to detect, and remove. The NSA uses these techniques, and they are the most sophisticated "hackers" in the world. If you keep getting infected on reboot, first try erasing/resetting your BIOS flash memory (this may require shorting out physical contacts on your motherboard). If that doesn't work, do that again, and replace your disc drive(s). I don't know of a way to remove malware from a disc drive flash cache. If anyone knows how to do that, I would love to hear about it!

rubberman - in the case of sophisticated attacks that seem to be "above and beyond", a good case of forensics should be considered. The victim shouldn't assume that removing the discovered threat is the end of the game. Learning the attacker's identity, motive and avenue of attack is going to be very important in preventing a recurrance.

And we should remember, that physical security (i.e.: bank vaults, armored cars, locked doors, etc.) aren't 100% fool-proof, and we have no reason to expect our cyber security to be any better.

As to your question - A hammer is probably the best recourse. Especially considering the cost of harddrives these days.

Hank, you guessed wrong - I'm afraid I don't agree that the article should have simply stated "destroy your hard drive and install Ubuntu" - sorry. :)

I use antivirus and antimalware software, but eventually something comes along that has to be removed manually, I don't know why that is, but that has always been my experience.

There are also tools that can help you out in the malware removal process like Farbar Recovery Tool, HijackThis, RogueKiller and Junkware Removal tool. What this will do is scour your entire system for any suspicious programs and or related adware.

Re: IntegratedTweak -

It depends on your security needs. Do online banking? Buy stuff online? Then you need to be CERTAIN that all malware has been removed. And the truth is that no program running from your OS can detect today's rootkits, keyloggers, etc. And even running from a disc, can you ever be CERTAIN when they say they found and removed something? Was that the ONLY bad thing on your drive? Even Symantec has admitted that there are things that just aren't detectable any longer. Any thirteen-year-old can download a rootkit, send it as a Word attachment, and have full control over your system from that point on, and it is unlikely to be discovered by any of the programs mentioned in these posts.

Malwarebytes Anti Malware, mentioned in Step 4, is an excellent program - but you failed to mention another important tool from them, Malwarebytes Chameleon. When malware blocks you from installing or running Malwarebytes Anti Malware, this will install it under a random file name so malware can't recognize it.

There is one software on my PC, and I cannot remove it, even through the Control Panel. When I remove it, I will enter in a webpage.

Great post!!
Thanks for sharing such a valuable stuff.
:D :D

I have anti-virus but still malwares attack my computer occassionaly. I just discover that when I run full system scan.

Thank you very much for sharing. I try to be very careful, but I have noticed that my new computer gets overwhelmend much too often with malware (in spite of having protection) and I have to be running scans a whole LOT. (I hate Windows 7 and Windows 8!!!) It is very valuable to know what to do.

already starts with ccleaner

and then you download and you adw cleaner performs cleaning

I use Trend Micro as my first line of defense and have been very happy with it during the last 3 or so years. Once in a while I will scan with Malwarebytes and most of the time there are no issues on my PC. The only questionable activities I take part in are the odd torrent downloads but even that is minimal. I believe the best way to avoid malware is to not get clickety with urls and don't fall for social engineering tricks!

If I don't know the email sender and I get a "Click Here" link in an email body, I delete the whole message. Social engineering is still one of the most effective ways for intruders to gain access to people's computers. I have "cleaned up" friends' PCs because they get tricked into a click, download porn torrents or games, or they visit questionable sites.

This is a great thread!