Signs Your PC May Be Infected
Before diving into removal steps, it helps to recognize the warning signs of a malware infection:
- Significantly slower performance for no clear reason
- Unexpected pop-up ads, even when not browsing
- Browser homepage or search engine changed without your input
- Programs opening, closing, or crashing on their own
- Antivirus software disabled or unable to update
- Unknown programs appearing in your installed applications list
- High CPU or network activity when the computer should be idle
If you notice several of these symptoms, follow the steps below — in order.
Step 1: Disconnect from the Internet
As soon as you suspect an infection, disconnect from Wi-Fi or unplug your ethernet cable. Many malware types communicate with command-and-control servers to receive instructions, exfiltrate data, or download additional payloads. Cutting internet access limits the damage while you work on removal.
Step 2: Boot into Safe Mode
Safe Mode loads Windows with a minimal set of drivers and processes, which often prevents malware from loading at startup. To enter Safe Mode on Windows 10/11:
- Hold Shift and click Restart from the Start menu.
- Select Troubleshoot > Advanced Options > Startup Settings > Restart.
- When prompted, press F4 for Safe Mode or F5 for Safe Mode with Networking (needed to download tools).
Step 3: Delete Temporary Files
Before scanning, clear your temporary files. This reduces scan time and removes some malware that hides in temp folders:
- Press Windows + R, type
%temp%, and press Enter. - Select all files (Ctrl + A) and delete them. Skip any files that can't be deleted.
- Also run the built-in Disk Cleanup tool for a more thorough cleanup.
Step 4: Run a Dedicated Malware Scanner
Do not rely solely on your existing antivirus for this step — if malware is present, it may have already compromised it. Use a second-opinion scanner:
- Malwarebytes Free — widely recommended for on-demand malware removal; excellent at catching threats that traditional antivirus misses.
- Microsoft Safety Scanner — a free, official Microsoft tool that scans and removes malware. It expires 10 days after download, so always grab a fresh copy.
- ESET Online Scanner — a powerful browser-based scanner that doesn't require full installation.
Download your chosen tool (reconnect briefly if needed, from a different device if possible), transfer via USB, install, update its definitions, and run a full scan.
Step 5: Check Your Browser
Many infections target your web browser specifically. After cleaning your system:
- Remove any extensions you don't recognize
- Reset your homepage and default search engine
- Clear your browser cache, cookies, and saved passwords (then change passwords from a clean device)
- Check for unauthorized DNS changes in your network adapter settings
Step 6: Update Everything
Once your system is clean, close the door on re-infection:
- Install all pending Windows Updates
- Update your browser and all installed applications
- Update your antivirus and run a final full scan
Step 7: Change Your Passwords
If your device was compromised, assume that any passwords typed or stored on it may have been captured. Change passwords for your email, banking, and any other important accounts — ideally from a different, clean device. Enable two-factor authentication (2FA) wherever possible.
When to Seek Professional Help
If scans continue to detect threats you cannot remove, if your system is severely unstable, or if you suspect a rootkit infection, it may be time to consider a fresh Windows installation. Back up your important files to an external drive first, then perform a clean OS install. This is the nuclear option, but it guarantees a clean slate.
Prevention Going Forward
The best malware removal is the kind you never need. Keep your OS and software updated, use a reputable real-time antivirus, back up your data regularly, and think carefully before clicking links or opening attachments. Good habits eliminate the vast majority of infection risks.