Complete Quick Malware Removal Guide for Windows

Purpose of the Guide

The Malware Removal Guide for Windows is designed for those who have a system infected by malware that are successfully able to boot into their operating system. If you are unable to boot into your operating system, then this guide is not for you.

The tools chosen in this guide were chosen after much testing due to their effectiveness and chance of success. All of the tools, when used together, were able to fix every strain of malware that we threw at them. We achieved the best success with a mix of free and paid tools.

‘Malware’ is an umbrella term used to refer to a plethora of hostile or intrusive software such as viruses, worms, trojan horses, ransomware etc. which can take many forms and do a multitude of nasty things to your computer.

How did I get infected?

Rogue security programs are one of the most common ways of getting infected by malware. They are programs that infect your computer through social engineering, using fake messages and alerts indicating you have ‘critical’ errors or are infected with a virus and the only way to fix it is by downloading their program. By downloading the ‘solution’ you are really downloading a virus and infecting your own computer yourself.

Malware writers and attackers can exploit security holes and vulnerabilities in older versions of popular programs such as Adobe, Java, etc. These people rely on users not updating their software which leaves them susceptible to exploits.

Viruses can be easily spread through downloading pirated software, movies or tv shows where the file is hidden amongst other files. The downloaded pirated software or movie might even have a different file extension which executes the virus.

Two other common methods of infection are emails containing links to websites that exploit security holes in your web browser as well as getting malware from a flash/USB drive. In fact one in every eight malware attacks occurs via a USB device.

This usually involves a virus that modifies autorun.inf causing the USB to run a program each time it’s loaded. As a USB is often used in multiple computers the virus spreads by each user.

Disclaimer:

The following instructions are recommendations based upon tests conducted by us. You take full responsibility for any steps you choose to perform on your own computer. During testing, the following programs were used without any issues multiple times, however, it is your responsibility to save your work and back up necessary files before proceeding.

Malware Removal Guide Pre-Checklist

  • Ensure you open your browsers and remove any suspicious extensions and remove any default search providers and unusual homepages.
  • Ensure you have an administrator account that is able to download and install the required programs.
  • Ensure you have the ~20 minutes of free time required to download, install and run all the necessary programs.
  • 1. Use RKill to Terminate Malware Processes

    RKill is a free program developed to locate and terminate known malware viruses so that we are able to execute our software in the next steps. Often malware will secretly change file extensions and policies that deny you from running programs that are used to fix the root cause of the malware.

    As the primary intent of RKill is to terminate malware programs from running, you should take extra care to ensure you don’t reboot your computer after running the program, as any malware programs configured to start on boot will start up again.

    Once RKill finishes running you will be presented with a log that outlines which programs were deemed to be malware and terminated by RKill.

    Please note that if no results come up it doesn’t mean you are malware-free and you should continue on with the guide to ensure your computer kills the malware program.

    RKill Malware Terminator Application Screenshot

    2. Nuke the Malware with Malwarebytes Anti-Malware Software

    Malwarebytes Anti-Malware is the single most effective Anti-Malware software I’ve ever used. It actually encompasses malware, spyware, rootkits as well to be sure you entirely flush your system. Independent group AV-TEST did a test of 10 malware removal apps and found that Malwarebytes Anti-Malware was the best of the lot, scoring an impressive 100% in total system repair.

    2.1 Premium v Free Version

    It is my firm opinion that the Premium version is well worth the money spent. At just (at the time of writing) $24.95 per year, or $20 per year if you sign up for 2 years, you can keep your computer safe from malware all year round without worrying about googling malware removal guides! How much are your files and data worth?

    The premium version has four main benefits over it’s free counterpart;

    Prevents Future Infections

    Malwarebytes Anti-Malware Premium uses three proprietary technologies – signature, heuristic, and behavior that automatically guard you online from malware that antivirus programs can’t or don’t find.

    Real-time protection means the Premium version is constantly looking for threats without interrupting you, meaning your computer and data is safe.

    Blocks Malicious Websites

    The reason you probably got malware in the first place is from a dodgy malware-ridden website. With the Premium version, you are blocked from fake websites or legitimate websites that have been hacked and are attempting to steal your credit card details, steal your identity or infect you with malware.

    Fast Scanning

    Speed is the name of the game when it comes to protecting your computer against malware. The Premium edition has hyper-scan mode which allows you to find active threats, fast.

    Outsmarts Malware

    Malware these days can be incredibly cunning and stealthy. Chameleon technology means the Premium edition isn’t outsmarted by malware and stopped in its tracks. Instead, it hides from the malware and removes it silently.

    2.2 Turn on Scan for Rootkits

    Scan for Rootkits is off by default due to the time it takes to complete. But would you rather a quick solution that does half a job or would you rather completely remove the virus and not have to deal with the issue again?

    Rootkits are programs that secretly give the hacker administrator rights on your system, allowing them free reign over programs and settings, meaning they can execute their malware. With the power of rootkits, there’s little wonder malware-based rootkits fuel a multi-billion dollar industry.

    With this is mind, ensure that the Scan for Rootkits is ticked on in the settings before you proceed to the next step.

    Malwarebytes Anti-Malware - Ensure Scan for Rootkits is Turned on

    2.3 Run a Threat Scan

    Malwarebytes Anti-Malware has three different scan options within the scan menu. They are Threat Scan, Custom Scan, and Hyper Scan.

    For the purpose of completely eradicating the malware on your system, you should choose Threat Scan as it is the most comprehensive and thorough scan of the three. The Threat Scan searches in places malware commonly hide such as Memory, Startup, Registry and Filesystem Objects.

    Malwarebytes Anti-Malware - Threat Scan is the most comprehensive scan

    3. Use ADWCleaner to clean up your System

    ADWCleaner is a fantastic piece of free software that I stumbled across while doing some research on Malware. ADWCleaner targets malware most commonly bundled in free programs downloaded on the internet. Most of these free programs are sneaky and state right in the middle of their terms and conditions that they’re installing browser toolbars and all manner of different programs on your computer.

    The software has three main functions;

  • Removes unwanted adware, toolbars , potentially unwanted programs (PUP) and browser hijackers from your computer.
  • Fixes proxy settings that have been changed by malware.
  • Removes certain non-default browser settings.
  • Run ADWCleaner by pressing the Scan button. Once the scan is finished, press the Cleaning button to get rid of anything that was found. Allow the program to restart your computer.

    ADWCleaner - Press Scan to start

    4. Tying up loose ends with Malwarebytes Junkware Removal Tool

    The Malwarebytes Junkware Removal Tool is a free software that sweeps up and removes any outstanding traces of malware and adware left on your computer.

    It helps to remove adware that spawns popup ads, uninstalls unwanted toolbars and browser helper objects, removes Potentially Unwanted Programs (PUPs) and cleans up any traces left by PUPs.

    The Junkware Removal Tool works across all browsers to ensure that no traces are left behind after the previous steps you just did. It is a portable application, meaning no installation is required and can be used from computer to computer if you put it on a USB stick.

    Malwarebytes Junkware Removal Tool

    At this point, restart your computer and see if you are still experiencing malware issues. If you are then there is one final step for you. The good news? No malware ever made it past step 5 in all of my testing. The bad news? You’re dealing with a particularly nasty strain of malware.

    5. Putting the knife in with Hitman Pro.

    If you still have malware at this point, then you are dealing with an incredibly potent and sophisticated strain of malware and it’s time to call in the artillery.

    Hitman Pro is a formidable piece of free “second-opinion” malware-scanning software. Exactly as the name describes, the second-opinion malware program takes a different approach to malware detection and scanning helping to pick up those particularly stealthy and sneaky strains of malware.

    This software has a few main features that distinguish it from other anti-malware programs;

  • Instead of relying on virus signatures, Hitman Pro gathers actionable intelligence and examines collected information to tell you which files look like malware. The program doesn’t require prior knowledge of a threat to detect it, making it possible to detect new strains of viruses.
  • Hitman Pro looks for unethical behaviors instead of typical static malware attributes. As it’s harder for malware to dynamically change its attributes, more viruses can be picked up.
  • It uses cloud based infrastructure with virus databases from other antivirus labs to help identify malware.
  • Hitman Pro can remove persistent threats from the operating system and replaces infected Windows files with safe original versions. Virus scans also take less than 5 minutes.
  • Whilst Hitman Pro is free to use there is also a paid version called Hitman Pro.Alert which is $24.95 a year or $49.95 for 3 years (at the time of writing). The paid version offers real-time background protection, keylogger protection as well as defending against other viruses such as ransomware. If you’re looking for complete protection all year round then you can’t go wrong with the paid version.

    Hitman Pro Main Screen - Press Next to Start Scan

    Suggested Follow-up Steps for Security

    Change your Passwords

    Using a computer that hasn’t been affected by malware, you should change all password to your online accounts which could be compromised. Some malware may contain keyloggers which record your keystrokes, meaning your passwords could be compromised.

    Enable Two-Factor Authentication

    Setup two-factor authentication on your online accounts so that when you log on you’re first sent a text to verify that it’s actually you logging into your account. Unless the hacker also has your phone, it’s incredibly hard to get into an account with two-factor authentication.

    Install a Premium Antivirus

    Kaspersky was recently rated the #1 Overall Premium Antivirus by Toms Guide with an 8/10 rating and boasts a large list of awards and accolades. Kasperky gets the nod ahead of other antivirus’ due to it’s impressive malware detection rate and it’s low rate of false positives.

    For extra peace of mind and to be sure your computer and files are protected, it’s well worth the cost. You can buy Kapersky antivirus software here.

    Frequently Asked Questions

    Q1) I can’t access the internet and can’t download the files required, what do I do?

    Some forms of malware prohibit you from accessing the internet or downloading files so you can’t remedy the issue. Fortunately there is a tool that exists called NetAdapter Repair Tool which attempts to restore your internet connection and browser to default settings. Ensure all the boxes are ticked and tick Run All Selected.

    NetAdapter Repair Tool Screenshot

    If the tool doesn’t fix the issue then you will need to download the required software on a different computer and use a USB drive to transfer them to the infected machine.

    Q2) I can’t afford paid software, what do I do?

    All of the steps contain applications which have free versions. Whether or not you choose to get the paid version is up to you. In saying that, all testing was done with the recommended versions, and in the case of this guide that’s the Premium version of Malwarebytes Anti-Malware.

    You need to weigh up whether the small cost of $24.95 a year is worth the security and peace of mind that comes with a virus free, secure computer.

    Recommended Helpful Tools

  • Malwarebytes Anti-Exploit (Blocks exploits from delivering their payload)
  • Unchecky (Unchecks options in installers that install PUPs)
  • Ublock Origin Adblocker Browser Extension (Blocks ads which may leave to viruses if clicked)
  • Conclusion

    Getting malware can be a major headache for even the most experienced IT experts. There’s a few preventative measures that can be followed in the first place to avoid that headache later down the track.

    The first is to install antivirus software, if you missed it above, I suggest Kapersky Antivirus. You should also regularly run antivirus scans to ensure that you don’t have any sneaky files hiding around.

    Secondly, you should be securing your network with WPA2 encryption to avoid and deter any hackers from doing any malicious damage to your network. Ideally, you shouldn’t broadcast your SSID network to make it near impossible for hackers to find. Using strong passwords also improves security.

    Thirdly, think before you click on links or download files from the internet. Hover over a link and check where the location is taking you before you click it and if you happen to download a file that should be a .PDF and it’s a .EXE, quarantine and delete it immediately.

    Lastly, keep your personal information safe. Limit the amount of personal information that you put out on the internet, especially social media.

    Did you find the Malware Removal Guide for Windows useful or do you have any improvements? Leave a comment in the comments section below!

    3 Comments

    1. George March 2, 2017
      • George March 2, 2017
      • Marcus March 2, 2017

    Leave a Reply