While no one is entirely immune to the threat of malware, you can certainly minimize your risk by following good digital hygiene practices when browsing the internet, downloading apps, and engaging with emails or messages with links or attachments.
That said, if you notice your PC is running slowly, programs or apps are crashing repeatedly or unexpectedly, or you see software or processes you don’t recognize, you may have a malware infection. To identify malware and remove it from your PC, follow these steps.
Disconnect your device from the internet
First things first: cut off any internet connection to your computer. This prevents malware from spreading through your network to other devices or receiving updates from its source that may cause more damage or make it more difficult to contain or delete. If you end up needing to download software—such as a malware removal tool—disconnect as soon as you’re done.
Reboot in Safe Mode
Restarting your PC in Safe Mode minimizes the number of drivers and services running so you can isolate malware and reduce the risk of damage. Safe Mode is the bare minimum, while Safe Mode with Networking will allow you to access the internet if needed (to download and install malware removal software). To restart your machine in Safe Mode (on Windows 10 or 11), follow these steps:
-
Hit Windows + I to open your settings.
-
Click Update & Security > Recovery or System > Recovery.
-
Under Advanced Startup, select Restart Now.
-
On the Choose an Option screen, which appears after restart, select Troubleshoot > Advanced Options > Startup Settings > Restart.
-
After the second restart, select 4/F4 to go into Safe Mode or 5/F5 to enter Safe Mode with Networking.
Once you enter Safe Mode, avoid logging into any apps or services, as some types of malware include key loggers or other ways of stealing your credentials from your screen or clipboard.
Monitor your PC’s activity
There are a few ways to see activity and processes on your PC to identify anything suspicious. First, review the apps and files that have run recently under Settings > Privacy & security > Activity history. Event Viewer shows detailed logs of security and system activity and can be launched by searching Event Viewer in your Windows search bar. Expand Windows Logs on the left sidebar and select the category to view events.
Finally, Task Manager shows you everything that’s currently running and what resources are being used. Open it with the shortcut Ctrl + Shift + Esc or from the Start menu. Look for processes that are resource-heavy or that have suspicious names. You can select and end tasks from the Processes tab.
Remove temporary files
Malware may install temporary files on your PC that allow it to hide or spread—you can find and delete these under Settings > System > Storage > Temporary Files. Click Remove Files to clear out some or all of the files. Windows also has a built-in tool called Storage Sense that will automatically clean up temporary files on a set schedule, which you should enable if you haven’t already, or you can run it on demand. Under Settings > System > Storage, toggle Storage Sense on, and click Clean now to use it immediately.
Reset your browser
You can also reset your web browser to its default settings to address any modifications resulting from a malware infection. On Chrome, tap the three dots in the upper-right corner of your browser window to open Settings. Tap Reset Settings in the left toolbar and select Restore settings to their original default. Confirm with the Reset settings button.
What do you think so far?
On Edge, the process is similar: Settings > Reset settings > Restore settings to their default values > Reset. On Firefox, go to Menu > Help > More Troubleshooting Information and click Refresh Firefox > Refresh Firefox > Finish.
You should also clear your browser’s cache, cookies, and history (and maybe check out our guide to the best internet browsers for privacy).
Run a malware scan
Malware scanners can identify, quarantine, and remove threats from your PC. Windows has built-in antivirus software with Microsoft Defender—via the Windows Security app—but if you suspect an infection, it may be a good idea to run a second-opinion scanner or other third-party program to detect anything that was missed.
Lifehacker sister site PCMag has a list of their favorite malware scanners. Avast was their favorite free option, while Malwarebytes (also free) was their choice for fighting persistent malware. Again, you can download software if you rebooted in Safe Mode with Networking.
Restart (or reset) your PC
Once you feel confident you’ve isolated and removed any threats, you can restart your PC. If the malware removal process is unsuccessful, you may need to start from scratch by reinstalling Windows and all apps (i.e., resetting your PC). If you restore from a backup, make sure it was created before the malware infection.
