How-To Geek

How to Remove Viruses and Malware on Your Windows PC

Whether you saw a message saying a virus was detected, or your computer just seems slow and unreliable, you’ll want to scan for malware on your PC and remove any you find.

While many viruses and other types of malware are designed simply to cause chaos, more and more malware is created by organized crime to steal credit card numbers, online banking credentials, and other sensitive data.

Did Your Antivirus Say a Virus Was Detected?

If you saw a message pop up that says a virus was detected, that’s a good thing. Your antivirus noticed a virus and likely removed it without prompting you.

This sort of message doesn’t mean that you ever had a virus running on your computer. You could have downloaded a file that contained a virus and your antivirus removed the file before it could ever cause a problem. Or, a malicious file on an infected web page could have been noticed and dealt with before it caused any problems.

In other words, a “virus detected” message that occurs during normal use of your computer doesn’t mean the virus actually did anything. If you see a message like this, you’re likely visiting an infected web page or downloading a harmful file. Try to avoid doing that in the future, but don’t worry too much.

You can also open your antivirus program and check its quarantine or its virus detection logs. This will show you more information about what virus was detected and what the antivirus did with it. Of course, if you aren’t sure, go ahead and run a scan–it couldn’t hurt.

How to Scan for Malware (and Remove It)

To check your computer for malware and remove any malware you find, you’ll need an antivirus program. Windows 10 and 8 include Windows Defender, Microsoft’s own antivirus. Windows 7 doesn’t include any build-in antivirus.

Windows Defender is non-intrusive and fine overall, but it’s not the only option. Our favorite antivirus programs are the free Avira antivirus and the paid Kaspersky antivirus, depending on whether you want a free antivirus or you’re willing to pay for one. Windows Defender works as a great secondary scanner (which we’ll talk about later in this piece).

Run a system scan using the antivirus program–it should automatically do this right after you install it– and it will inspect your hard drive for malware. It’ll automatically remove–or offer to remove–any malware it finds. Your antivirus program of choice will also run in the background, checking files before you open them to ensure they’re safe and monitoring your system to ensure no malware is running. Make sure it’s always turned on and running, because if it isn’t, it can’t protect you.

If your antivirus scanner is bloated and slowing down your computer, we highly recommend one of the above–they’re all fairly lightweight and easy to use.

If a Simple Scan Wasn’t Able to Get Rid of the Malware

If you have a very stubborn malware infection, you may need to scan for malware from outside your normal Windows system. To do that, you’ll need to Boot Windows into Safe Mode, which will keep it from loading normal startup applications–including, hopefully, that nasty malware. Run the antivirus from within Safe Mode and it may have more luck removing malware it normally can’t.

To boot into Safe Mode on Windows 8 or 10, press and hold the Shift key while clicking the “Restart” option and then navigate to Troubleshoot > Advanced Options > Windows Startup Settings > Restart > Safe Mode. On Windows 7, press the F8 key while your computer is starting and you’ll see a boot options menu that allows you to select “Safe Mode”.

If that doesn’t work, you may need to step completely outside of Windows and use a bootable antivirus tool. This type of antivirus tool boots into a clean environment–entirely outside Windows–to find and remove stubborn malware you may not be able to see or remove from within Windows itself.

Windows Defender itself can do this with the “Windows Defender Offline” feature if you’re using Windows 10. You can check out our guide to using Windows Defender Offline here. Other antivirus software can do this too–look for antivirus “boot discs” like the Avira Rescue System and Kaspersky Rescue Disk. You can check out our guide to using Avira’s Rescue System here.

How to Get a Second Opinion From Windows Defender

If you already have an antivirus program installed, but you think you may have viruses it isn’t detecting, you can get a second opinion from another antivirus product. Usually, it’s a bad idea to run two antivirus programs in tandem, since their real-time scanning can conflict with one another. But if you have one running real-time scanning all the time, you can use a second one you for occasional manual scans.

On Windows 10, Windows Defender is perfect for this. Even if you have another antivirus program installed that’s monitoring your system, Windows Defender can occasionally scan on a schedule–or manually scan when you choose–to see if it can find anything your current antivirus is missing. Here’s a guide to enabling and using that option.

A variety of other antivirus providers make one-time scanning tools available–for example, the ESET Online Scanner. These programs will download to your computer and do a quick scan without a long installation process.

If the scanner alerts you to a problem, you’ll want to remove the malware. If you had a virus, your current antivirus may not be up to the job. You may want to uninstall it and install another antivirus product after the process is complete.

You Should Also Install Malwarebytes to Deal With Adware and Other Junk

As we mentioned in our guide to the best antivirus programs, antivirus isn’t enough–you should also have a more inclusive anti-malware program. Not all nasty software is covered by normal antivirus scanners, which mainly search for harmful infections. You may have “junkware” on your system like browser toolbars, search engine changers, Bitcoin miners, and other types of obnoxious programs that just exist to make their creator money. Watch out when downloading programs from the web, so your PC isn’t filled with obnoxious toolbars and other junkware.

But if you have junkware on your system already, you’ll want to remove them.

Most antivirus programs won’t bother touching junkware. To deal with junkware, we recommend getting MalwareBytes Anti-Malware. The free version, even though it’s called a “trial”, is fine, and will last forever–you just won’t get real-time protection. As long as you occasionally use it it to scan your system, you’ll be able to keep yourself free of obnoxious software that isn’t detected or removed by your average antivirus program. We also recommend installing MalwareBytes Anti-Exploit to keep you save when browsing the web.

With a good antivirus program and both MalwareBytes programs, you’ll have a fantastic trio of protection.

How to Wipe Your Computer (and Verify Your Backups)

If nothing can remove the viruses properly–or if the malware so damaged your system that Windows still isn’t working properly after removing the viruses–you can go for the “nuclear option”: reverting your computer to its factory state. You’ll keep any personal files, but your any installed programs will be removed and your computer’s system settings will be reset to their default state.

On Windows 8 and 10, this is much easier–you can just use the “Reset This PC” feature to reset Windows to its factory default settings. You can find instructions for doing that here. If you’re using a Windows 7 PC, your manufacturer probably provides a restore partition you can access by pressing a certain key during the boot process. Consult your computer’s manual for the exact key you need to press for this.

You can also reinstall Windows on your computer by downloading Windows installation media for your computer from Microsoft.

Warning: Just be sure you have a backup of any important files before wiping your hard drive and reinstalling Windows!

If you’ve had to battle with malware once, try to do everything you can do make this the last time. Install a good antivirus program, keep your computer updated, and avoid running potentially dangerous software. Follow our tips to stay safe online to keep your computer–and personal information–secure.

Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.

  • Published 11/2/16
  • Ray Lowe

    Ironically, Avira browser safety extension in Chrome shows this site to have unsafe content.

  • Bruce Benson

    I finally dropped Defender and am using Avira. I don't trust Defender. For example, Defender quietly removed a program, epg123, calling it a trojan. Neither superantispyware nor malwarebytes, for example, considered it a trojan. Epg123 updates the Windows Media Center TV schedule to a more complete and reliable schedule than Microsoft supplies. Also, I once resorted to a "hack" (kms program) to work around a Microsoft licensing issue (we had valid purchased license and I was annoyed at having to keep contacting MS) and Defender declared it malware. So Microsoft appears willing to use Defender to try and discourage practices it doesn't like rather than be about protecting the PC from real viruses and malware.

  • Jouni Järvinen

    Rule #1: -never- trust M$ for/with security.

  • JohnD Lord

    Avira is falling down, I rid a virus from a clients computer which has the current 'free' Avira installed on said computer by using the Emsisoft Emergency Kit,I uninstalled Avira and the client was happy to purchase the highly respected Emsisoft, 3 for the price of one from Cloudeight.Malwarebytes, and others, Defender, AVG, Kaspersky etc; are not required when Emsisoft is one total package to catch and remove all the nasties, including harmless non-useful rubbish, then add Randomware to the package.I am amazed that this site, a 'techie' site for good advice doesn't give readers a chance to try Emsisoft Anti-Multiple Nasties Protection.

  • François

    I don't understand why Avast rarely if ever gets a mention in your virus/malware articles. It's one of the most popular free products on the planet both with end users and with tech support guys. Is it really so rubbish that it doesn't merit even a mention?

    And you forgot ADWCleaner and JRT (both from Malwarebytes) which are fantastic tools to get rid of nastyware. And what about Autoruns, and then there's Zoek, and so many other tools for specific removal tasks.

    And you forgot to mention doing a boot-time scan of your PC if you think you have a virus. In fact I consider this a very lightweight article that doesn't go nearly deep enough into a subject that requires depth to fully examine the process of checking and removing a virus.

    And then you have Locky... have fun with that one (I did, Locky .THOR, and I beat it, but it was a lot of work and I got lucky)

  • I'm using the free version of Avast Antivirus and the first thing I do when I think there's a malware infection is to update Avast and do a full system scan.

    I'm also using Windows Defender Periodic Scanning (Windows 10 only), so I update Windows Defender and do a full system scan.

    Then a scan with Malwarebytes Anti-Malware, ESET Online Scanner, Emsisoft Emergency Kit, Kaspersky TDSSKiller and Bitdefender rescue disc.

    When malware is found I restore my CLEAN system image backup.

    Just as HowToGeek says: > If malicious software makes it through this protection, it has free rein over your system until it’s discovered and removed.

    This is a problem for many different reasons. The malware can take this chance to burrow deeper into your system, hiding itself from being discovered by installing a rootkit that starts up during the boot process. It can infect various system files. It can use its access to transmit your personal data, credit card numbers, and passwords over the Internet.

    Worse yet, malware can function as a Trojan horse, opening the floodgates to additional malware that it will download and install from the Internet. If you find your computer is actually infected by a piece of malware, you don’t know if that’s the only piece of malware that’s infected your computer. Source:

    There's a complete guide about removing malware at EasyTechGuides

    But if you want to be 100% sure your system wil be clean, then reinstall Windows or at least restore a clean system image backup (not 100% certainty).

  • François

    I assume you mean a boot-time scan, any other scan could be a complete waste of time if the beast is already in memory.

    I find Avast FREE is great for virus detection and quarantine. I find it far less effective against malware. For that I use other tools. But used in combination with other software it's an essential part of my toolkit.

  • I find Avast FREE is great for virus detection and quarantine. I find it far less effective against malware.

    A computer virus is malware.

    And like I said before, I use Avast and other tools for protection and scanning, and if one of these tools finds malware, then I restore my 100% clean system image backup or reinstall Windows.

    What other tools do you use?

  • David Wendorf

    As a system builder/repairer for almost 20 years, I've developed some opinions based upon facts and preferences.

    Preferences: I can't stand online/cloud systems. I need to be able to quickly disable and enable AV at times. Avira, Bitdefender, and others aren't valid considerations for me for that reason alone.

    Anything that relies upon an internet connection (other than for definition updates) is less dependable than offline systems, often depends upon the speed of your internet, and I'd rather not have any data sitting on a system in the cloud that crackers will eventually target for financial gain.

    My personal weapons of choice are Avast (Free), Malwarebytes Pro (I was fortunate to buy several life time licenses before they switched to annual licenses - which they still honor), and PeerBlock (free) with iBlock lists ($5 per year). I don't use a firewall - in my opinion, they're often more trouble than they're worth.

    But no AV is perfect; Avast crashed my Mother's computer so now we use Bitdefender (Free) on it. All 4 of these options are fairly low on resources, if you can stand the occasional popups from Avast about their paid products (I've never seen one from Bitdefender).

    Lastly, I'd never pay or advise others to pay for services that can be matched for free.

    Fact: While almost all AV programs get their definitions in the same way and from the same source, they're far from all created equal. Popup ads, interfaces, features, and performance impacts that are tolerable for one person, may drive another person completely mad. There's a lot of options for AV, so shop around. You can't have more than 1 AV solution installed at the same time, but nothing is stopping you from trialing free versions 1 by 1, and before you commit your wallet to their paid products. Most anti-malware/spyware programs will work well with others and AV at the same time.

    Fact: Safe mode is defeated by most modern infections - other than those relying upon an internet connection to do their nasty deeds. Safe mode is good for trouble-shooting driver issues, mostly worthless for cleaning malware.

    Fact: Other than a backup image and operating system reset - nothing beats a boot time scan for cleaning an infected system - and Avast's Free version is one of the very few free AVs which has it. But don't think you're going to set it to run overnight and find it completed in the morning. You'll have to choose prompts as it finds possible problems, and the prompts aren't available until it does find something questionable. The best method is to pick and choose each file (but you'll probably need another system connected to the internet to research as you go). Because it can take a very long time to run, most people will choose the option to deal with all instances in the same way (EG: delete all). I've seen as long as 26 hours on 4TB system - but it works.

    Fact: Every anti-virus program is listing more and more false positives every day. Big businesses contribute to AV companies so that they now include cracks and registry entries which bypass paying for their over priced products. So just because it's flagged by your AV, doesn't necessarily mean it was harmful in any way to your system. And even the definitions are becoming more generic all the time. It's easy to label anything a Trojan and state that a remote user "may" be able to connect to your system.

    Fact: Hundreds or thousands of companies, schools, and governments connect to every computer in some way every day without being flagged as malicious. If you think I'm wrong; install Peerblock (free), pay $5 for all iBlock lists, set it to list everything it blocks (allow http if you want internet to work), and watch how many connections it blocks every hour of every day. Personally, I find the companies and countries they're from very interesting. Most people don't have a clue.

    Hope someone finds this info useful. :slight_smile:

  • David Wendorf

    Nice to see someone else who relies heavily upon image backups. Only thing I'd recommend is staying away from incremental backups - doing full every time, and only delete the old ones when you're sure the newer ones are clean. (Remember, lots of malware created in the last few years implements delayed activations - so just because you haven't seen a problem, doesn't mean it's not lurking in the background.)

    I also use and like Avast Free. But I also like the challenge of removing malware at times - knowing I have the backup image available when needed.

    In my opinion, Peerblock (free) and iBlocklist ($5/year) are must haves. Most people would be amazed at how many computers around the world connect to their system in some way, every hour of every day. Peerblock/iBlocklist can't stop them all, but make a serious dent.

    I was fortunate to have purchased Malwarebytes Pro with lifetime licenses. But I'd still pay for the yearly licenses now rather than go without. Malwarebytes free is only as dependable as the person updating and running it - in my experience, that's not typically very dependable at all. :slight_smile:

  • David Wendorf

    Unfortunately, false positives are common today. Almost all AV programs get their definitions at around the same time, in the same way, and from the same source - but I wouldn't suggest that makes them all equal. They all flag registry values, cracks, and key generators to some extent - which may not be harmful to your system in any way, but are arguably harmful to some company's profit margin.

    Bottom line is to get whatever works for you. And never be completely confident in any of them, as they're all fallible.

  • I only create one system image backup and that's right after a fresh Windows install and after a few big Windows updates I first restore that first CLEAN system image backup, then install all new updates and then create another new system image backup, so that I know that I will always have a 100% clean system image backup.

  • François

    Computer malware isn't necessary a virus. That's why you have anti-malware as well as anti-virus products and, yes, there is an overlap but this is best illustrated when we see that ADWCleaner and Malwarebytes detect things that Avast, inter alia, doesn't. And vice versa.

  • A computer virus is Malware! 'Malware' is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs.

  • François

    That's exactly what I said except without the hysterical screaming.

    Move along please, nothing to see here...

  • You're right. I'm sorry. I didn't read your answer right.:+1:

More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!