How to detect and remove Trojans

To remove a Trojan, a malware infection needs to first be detected. The best way to do this is by regularly scanning your system with an antivirus program. With ‘Windows Security’, Windows 11 offers a reliable tool to detect and delete Trojans. If this doesn’t work, there are other options to try.

How do you spot a Trojan?

In most cases, it’s not immediately obvious whether a Trojan has infected your system — especially if it’s well disguised. Possible signs include decreased system performance, high internet traffic, or other unusual activity on your computer. It could be that windows and applications unexpectedly open, or that your mouse pointer is moving by itself. If you’ve noticed a typical Trojan symptom, it’s a good idea to check all running processes on your computer. Windows Task Manager is only partially suitable for this, because not everything is displayed.

The safest way to scan your computer is with an antivirus program. Using this kind of program also boosts your system’s cyber security, as it’s constantly running in the background and protects you from malware.

Tip

Try IONOS’ MyDefender before it’s too late. It scans your computer for viruses, backs up your data, and keeps threats at bay.

Scanning Windows 11 for Trojans

Windows 11 has its own antivirus tool called ‘Windows Security’, which also scans your system for malware. Follow these steps and try it out:

  1. Go to Windows Security from the Windows Start menu.
  2. After launching the tool, select ‘Full Scan’ under ‘Virus & Threat Protection’ for a complete security scan.
  3. Click on ‘Scan now’ to start.

To make sure that you detect all possible Trojan infections, in addition to at least two virus scanners on a Windows computer, it’s also recommended to run a full scan with Windows Defender Offline. This can help to detect and remove particularly stubborn Trojans using the latest threat definitions. To do this, you need to enable Windows Defender if you’re not already using it. Then, you can start scanning:

  1. In the Windows settings, go to ‘Privacy and Security’.
  2. Go to ‘Windows Security’ and click on ‘Open Windows Security’.
  3. Select ‘Virus & Threat Protection’.
  4. In the next window, click on ‘Scan Options’.
  5. Select ‘Microsoft Defender Antivirus’ followed by ‘Scan Now’.

Your computer will now automatically restart and begin scanning. This will take about 15 minutes. If the offline scan detects a Trojan, you’ll be informed about it. If, on the other hand, no malware is found, your system will boot as normal. The fact that the scan takes place during the restart process means that it can also detect and remove Trojans and other threats that you no longer have access to after a system restart.

How do you remove Trojans?

If your antivirus program or Windows Defender gets a hit, you should remove the Trojan immediately. Follow these steps:

Step 1: Disconnect internet

Before you start removing the Trojan, make sure that you disconnect from the internet. This will ensure that the Trojan cannot steal and transmit private data or perform other malicious actions.

Step 2: Launch antivirus program

Once you’ve disconnected from the internet, you can remove the Trojan via your malware tool or antivirus program. This usually happens automatically, after which you’ll be informed if it was a success.

Step 3: Remove Trojan in Safe Mode

If the Trojan can’t be removed, you should restart your system in Safe Mode. This is a reduced version of your operating system, where only the most necessary drivers, services, and functions are loaded and everything else, including a Trojan, is disabled. Now restart your anti-malware program. This will usually remove malicious programs. In Safe Mode, you can also detect previously undetected Trojans.

Safe Mode in Windows
Safe Mode can be used to remove the most stubborn Trojans.

Step 4: Perform system recovery

If Safe Mode doesn’t work, you can try restoring your system. Pick a recovery point from which you are sure that the Trojan wasn’t on your device. Follow these steps:

  1. Open the ‘Run’ window with the key combination [Windows] + [R].
  2. Type ‘SystemPropertiesProtection’ and confirm with [Enter].
  3. In the ‘System Protection’ tab, click on ‘System Restore’.
System Restore in Windows 11
System Restore can be found in the System Protection tab.
  1. A window will open listing various recovery points. Select one.
  2. Click on ‘Next’ and then ‘Finish’. Confirm the next pop-up with ‘Yes’.
Selection of recovery points
To remove a Trojan with System Restore, you need to choose the correct restore point.

Windows will now automatically restart with system files restored to the state of the selected restore point.

Final option: Reinstall Windows 11

If even System Restore couldn’t remove the Trojan, then a complete reinstallation of your operating system will do the trick. This will delete all data on your computer, including malware.

Before you get started, it’s a good idea to back up Windows 11 and save everything to an external hard drive. For safety, don’t connect the device to other computers. First, wait to see if the Trojan is still on your computer after reinstalling and copying the backed-up data.

To be prepared for a Trojan infection, you should regularly back up your data. Depending on the amount of data, you can try different back up strategies.

Was this article helpful?
We use cookies on our website to provide you with the best possible user experience. By continuing to use our website or services, you agree to their use. More Information.
Page top