How To Remove Malware And Virus From Infected Computer

How To Remove Malware And Virus From Infected ComputerHow To Remove Malware And Virus From Infected Computer

Key Points

  • Antimalware software isn’t always successful in removing malware, which is why manual measures are taken.
  • To remove the malware manually: disconnect the internet, boot into safe mode, uninstall malicious software, remove malicious files, delete temp files, and clear browser cache.

Any malicious software, or malware, can infect your computer at any given time, as long as it is connected to the internet. Even if it isn’t, it can still be compromised by other means, such as an infected USB flash drive, a file shared over LAN, or any other method.

The best approach toward protecting your devices from all kinds of malware is to take precautionary and preventive measures from getting your device infected in the first place. Regardless of how careful you are, all devices are still vulnerable to threats, since new kinds of malware are being developed every day.

If your device has been compromised and you are certain that malware has been injected, then a mere antimalware program might not be sufficient to save you or your device. Sometimes, malware can go undetected and keep on functioning on your PC, and even the most sophisticated antimalware cannot detect them, let alone quarantine them.

In such a case, rather than cleaning the entire hard drive, including the OS, you can manually remove the malware while keeping the rest of the data, apps, and the OS intact.

Signs of malware attack

How do you know when your device has been compromised and malware is resting in it? There are a few symptoms that your computer might exhibit if it has been infected with malware.

  • There are random system or app crashes
  • The computer won’t shut down or restart
  • The system resources are heavily used without any heavy loads
  • You see a lot of ads and popups
  • The system hangs or freezes
  • You see toolbars in web browsers that you did not install
  • Applications are installed automatically
  • The network bandwidth is being used an abnormal amount
  • Your files are being corrupted or encrypted and becoming inaccessible
  • System performance drops significantly low

These are the most common symptoms that you may exhibit when malware has been planted and executed on your computer. If you are experiencing similar issues, then you can benefit from the following guide and remove the malware from your computer.

Note: Not all kinds of malware can be removed by applying the following steps. Some malware attacks, such as ransomware, have already inflicted damage, and even removing the malicious file(s) from your computer will not restore your data.

Remove malware with antimalware

Typically, you can remove malware from your computer using antimalware software, like Avast or Bitdefender. On Windows computers, you will find the built-in antimalware service named “Windows Security.” It can also be used to remove malware.

If you are using Windows Security as your primary antimalware, then you can use the following steps to use it to scan your computer and remove the malware:

  1. Press the Windows Key + i shortcut keys to open the Windows settings app.

  2. Then navigate to the following:

    Privacy & security >> Windows Security >> Virus & threat protection
  3. Click “Quick Scan” under Current threats to scan your PC for potential malware.

  4. If any threats are detected, they will automatically be quarantined. Additionally, you can expand the Action drop-down menu in front of the threat and click “Don’t allow.”

Note that a quarantined file is not deleted. However, it is isolated from the rest of your computer. You can later restore quarantined files if needed, but it is not recommended.

Additionally, in Step 3 above, you can also click “Scan options” and then select “Full scan” for a deeper scan of your computer. However, this will take significantly longer.

If you are using third-party antimalware software, then you can also run a system scan through it. If you are unable to install a dedicated antimalware on your PC, since some malware can do that, then you could use online antiviruses.

Online antiviruses download a small file on your computer and scan it without installing the entire software. Here is a list of online antiviruses that you can use:

If these methods do not work for you, then it is time to proceed to a more vicious approach, which is removing the malware manually.

Remove malware manually

To remove malware manually, you must follow the methods and the steps given below in the given chronological order. It will allow you to perform certain tasks that otherwise would not be possible.

Steps to remove malware manually
Steps to remove malware manually

Pre-troubleshooting

If you fear that your device has been compromised and is currently under a live malware attack, then the first response action should be taking your device off the internet. To do this, you can simply unplug the wire, turn off the Wi-Fi network adapter, or simply turn off the router.

Once your device is taken offline, it should no longer be able to communicate with the attacker. This means that the malware will not be able to receive further commands remotely or send your data to the attacker.

While the computer is offline, perform the rest of the mitigation methods below to remove the malware from the computer.

Boot into Safe Mode

Safe Mode is a diagnostic mode in Windows that starts Windows in a basic state, loading a limited set of files and drivers. It is intended for troubleshooting Windows problems. In most cases, Safe Mode is used to reverse Windows misconfigurations, driver installations, and malware removal.

There are multiple ways to boot your Windows PC into Safe Mode . doing so will allow you to perform other troubleshooting methods conveniently. Use the following steps to boot your PC into Safe Mode:

  1. Press the Windows Key + i to open the Windows settings app.

  2. Navigate to the following:

    System >> Recovery
  3. Click “Restart now” in front of “Advanced startup.”

    Restart computer for advanced startup
    Restart computer for advanced startup
  4. On the confirmation popup, click “Restart now” again.

    Confirm restart for advanced startup
    Confirm restart for advanced startup

    The computer will now start and then boot into Windows Recovery Environment (WinRE).

  5. Click Troubleshoot.

    Click Advanced options
    Click Advanced options
  6. Then click “Advanced options.”

    Click Advanced options
    Click Advanced options
  7. Click “Startup Settings.”

    Open Startup Settings
    Open Startup Settings
  8. Now click Restart.

    Restart computer
    Restart computer

    The computer will now reboot again.

  9. Now click either of the following buttons for the corresponding options:

    • F4: Safe mode (minimal)
    • F5: Safe mode with Networking
    • F6: Safe Mode with Command Prompt
    Boot into either of the Safe Mode options
    Boot into either of the Safe Mode options

    We recommend that you press F5 to boot into Safe Mode with Network.

The computer will now boot into Safe Mode. You can also use other methods to boot into Safe Mode.

Once in Safe Mode, continue to perform the remaining solutions below.

Uninstall malicious software

This step applies to those who suspect that the malware has been planted alongside an app that they installed. It may be possible that the app acted as a trojan in delivering malicious software that automatically executed in the background without you knowing about it.

If you suspect that a program is responsible for the malware, then you ought to immediately uninstall it. Here is how:

  1. Press the Windows Key + R to open the Run Command box.

  2. Type in “appwiz.cpl” to open the Programs and Features applet.

    Open the Programs and Features applet
    Open the Programs and Features applet
  3. Right-click on the app that seems malicious and click Uninstall.

    Uninstall malicious app
    Uninstall malicious app

Once the suspected apps and programs have been uninstalled, you should also remove all files associated with them.

Delete malicious files

If you had previously downloaded or executed any files that may have caused the malware to become active, then you should permanently delete them from your PC. This could be a DLL file or an executable setup file.

Note that we do not suggest that you temporarily delete the file, since recovering it later from the Recycle Bin will only cause more harm.

Therefore, to delete the file(s) permanently, use the File Explorer, press and hold the Shift key, and simultaneously press the Delete button. This will remove the file from your computer.

Alternatively, you can also add the “Permanently delete” option to the context menu.

Delete temporary files

Temporary files are created when the system, app, or malware performs a task. Malware often runs temporary files on your computer and causes malicious actions. Therefore, it is in your best interest that you remove them.

Temporary files can be safely removed, without having any negative effects on the operating system. Note that these also include temporary Windows update files that are no longer needed and temporary internet files.

Different temporary files have different methods to be removed. Here are the steps to remove these temporary files:

  1. Press the Windows Key + i to open the Settings app.

  2. Navigate to the following:

    System >> Storage >> Temporary files
  3. Select the data you want to delete and click “Remove files.”

    Remove/Delete temporary files
    Remove/Delete temporary files

    On this Settings page, you will likely see the following options to select and remove:

  4. When asked for confirmation, click Continue.

    Confirm removal of temporary files
    Confirm removal of temporary files
  5. Now, use File Explorer to navigate to the following path:

    C:\Windows\temp
  6. Press CTRL + A to select everything.

  7. Press Shift + Delete to delete everything permanently.

  8. Repeat Steps 6 and 7 for the following path:

    Note: Replace [Username] with the actual name of your user account.

    C:\Users\[Username]\AppData\Local\Temp

Clear browser cache

Malware can also be stuck planted in the browser cache, and never installed on your computer itself. Just to be sure, we recommend that you also clean out all browser cache. Using the steps below, all your browsers will never store cache again.

  1. Press the Windows Key + R to open the Run Command box.

  2. Type in “inetcpl.cpl” to open the Internet Properties applet.

    Open Internet Properties applet
    Open Internet Properties applet
  3. In the General tab, check the “Delete browsing history on exit,” click Delete, and then click Ok.

    Delete browser cache
    Delete browser cache

Delete restore points

This step only applies if you have created restore points.

The purpose of the system restore point is to revert all your settings and preferences to an earlier time. This is used in case you encounter an issue with your computer. However, certain malware may infect these restore points as well, and therefore, they will have no purpose. Thus, removing them is the wiser choice.

Use these steps to delete existing restore points:

  1. Press the Windows Key + R to open the Run Command box.

  2. Type in “sysdm.cpl” and press Enter to open the System Properties applet.

    Open the System Properties applet
    Open the System Properties applet
  3. Shift to the “System Protection” tab.

  4. Select the drive that has restore points enabled, and then click “Configure.”

    Configure system restore settings 1
    Configure system restore settings
  5. Select “Disable system protection” and then click Delete.

    Delete all system restore points
    Delete all system restore points
  6. Click Continue to confirm.

  7. Click Apply and Ok.

Reset browser settings

Web browsers are the gateway for all sorts of malware. It is possible that their settings have been changed or deliberately altered for the malware to infiltrate your PC. Therefore, as a best practice, it is advised to reset all browser settings to their defaults.

After returning them to the default settings, you can take steps to further enhance your online security.

Click on the link below to learn how to reset browser settings to their defaults :

Use rescue disk

This solution is for those who cannot boot into their systems because of malware.

Rescue disks are third-party bootable drives provided by antimalware manufacturers that allow you to access the system files while booting into temporary software and removing the malware. Many manufacturers provide these rescue disks that you can download and use.

Here are 22 bootable antivirus rescue disks (ISOs).

Conclusion

While sophisticated antimalware is recommended and everyone should have them installed before an attack, it is not necessary that they always work. Therefore, it is better to be trained with skills that can protect your devices and your data at the end of the day.

This detailed guide shows you how to remove malware from your computer manually if the antimalware fails to do so, or does not do a good job of removing every trace of the malware.

If you liked this post, Share it on:

Get Updates in Your Inbox

Sign up for the regular updates and be the first to know about the latest tech information

Subhan Zafar is an established IT professional with interests in Windows and Server infrastructure testing and research, and is currently working with Itechtics as a research consultant. He has studied Electrical Engineering and is also certified by Huawei (HCNA & HCNP Routing and Switching).

Leave the first comment