Suspecting your PC has a virus can be alarming — pop-ups appearing randomly, programs crashing, fans running at full speed, and files disappearing. The good news is that most malware infections can be removed safely without losing data. This guide walks you through the entire removal process, from recognizing symptoms to cleaning your PC and preventing future infections.
Step 1: Recognize the Signs of Infection
Before removing malware, confirm your PC is actually infected. Common symptoms include:
- Slow performance — PC takes much longer to boot, open programs, or respond to clicks
- Pop-ups and ads — Unexpected advertisements even when no browser is open
- Browser redirects — Your homepage changed or searches go to unfamiliar sites
- Unknown programs — New toolbars, apps, or icons you didn't install
- High resource usage — Task Manager shows high CPU or disk usage from unknown processes
- Fake security warnings — Pop-ups claiming your PC is infected and urging you to call a number
- Disabled antivirus — Your security software has been turned off without your knowledge
Step 2: Disconnect From the Internet
Before doing anything else, disconnect from Wi-Fi or unplug the Ethernet cable. This prevents the malware from communicating with its command server, spreading to other devices on your network, downloading additional payloads, or encrypting more files (in case of ransomware).
Step 3: Boot Into Safe Mode
Safe Mode starts Windows with only essential drivers and services, preventing most malware from loading:
# Open Safe Mode on Windows 10/11
1. Press Win + I → System → Recovery
2. Under "Advanced startup", click Restart now
3. Choose Troubleshoot → Advanced options → Startup Settings → Restart
4. Press 5 for "Safe Mode with Networking"
Alternative: Hold Shift while clicking Restart from the Start menu to access the same recovery options.
Step 4: Run Windows Defender Full Scan
Windows Defender (Microsoft Defender Antivirus) is built into Windows 10 and 11 and is highly capable:
- Open Windows Security (search for it in the Start menu)
- Click Virus & threat protection
- Click Scan options
- Select "Full scan" and click Scan now
- Wait for the scan to complete (may take 1-2 hours)
- If threats are found, click "Remove" or "Quarantine"
Step 5: Run Malwarebytes (Second Opinion Scan)
No single antivirus catches everything. Download Malwarebytes Free from malwarebytes.com for a second-opinion scan:
- Install Malwarebytes (the free version works fine for scanning)
- Update the threat database when prompted
- Run a Threat Scan
- Review detected items and click "Quarantine"
- Restart your PC when prompted
Step 6: Remove Browser Hijackers
If your browser's homepage, search engine, or new tab page was changed, you need to clean it manually:
Chrome
- Go to Settings → Extensions and remove any unfamiliar extensions
- Go to Settings → Search engine and set it back to Google
- Go to Settings → On startup and set your preferred homepage
- Optionally: Settings → Reset settings → Restore settings to their original defaults
Edge
- Go to Settings → Extensions and remove suspicious ones
- Go to Settings → Start, home, and new tabs to reset pages
- Go to Settings → Reset settings if problems persist
Step 7: Check for Suspicious Startup Programs
Malware often adds itself to startup so it runs every time you boot:
- Press Ctrl + Shift + Esc to open Task Manager
- Click the Startup tab (or "Startup apps" on Windows 11)
- Disable anything you don't recognize — right-click > Disable
- Google unfamiliar program names to determine if they're legitimate
Step 8: Uninstall Unknown Programs
Go to Settings → Apps → Installed appsand look for programs you didn't install. Sort by install date to find recently added suspicious software. Right-click and uninstall anything unfamiliar. Common malware disguises:
- Toolbars (Ask Toolbar, Babylon, Conduit)
- Fake system optimizers ("PC Cleaner Pro," "Driver Updater")
- "Free" media players or converters with bundled adware
Step 9: Prevention — Keep Your PC Clean
After cleaning your PC, follow these tips to stay virus-free:
- Keep Windows updated — Security patches fix vulnerabilities malware exploits
- Keep real-time protection ON — Never disable Windows Defender
- Be cautious with email attachments — Don't open .exe, .zip, or .docm files from unknown senders
- Download from official sources only — Use App Store, Microsoft Store, or official websites
- Use an ad blocker — uBlock Origin blocks malicious ads that deliver malware
- Create regular backups — Use Windows Backup or an external drive so you can recover if infected
- Use strong, unique passwords — A password manager like Bitwarden or 1Password helps
When to Seek Professional Help
Some infections — like rootkits, ransomware with encrypted files, or persistent malware that returns after removal — require professional tools and expertise. If your PC is still behaving strangely after following all the steps above, our technicians can perform a deep-level scan, recover encrypted files where possible, and fully secure your system.
Frequently Asked Questions
How do I know if my PC has a virus?
Common signs include: significantly slower performance, frequent pop-ups or redirects in your browser, unknown programs or toolbars installed, high CPU/disk usage when idle, fake antivirus warnings, files being encrypted with ransom demands, and your PC sending emails or messages you didn't write.
Is Windows Defender enough to remove viruses?
Windows Defender (Microsoft Defender) has improved significantly and catches most common threats. However, for thorough cleaning of an already-infected PC, we recommend running a secondary scanner like Malwarebytes alongside Defender for best results.
Can a virus survive a factory reset?
Most viruses are removed by a factory reset since it wipes all data and programs. However, some advanced rootkits and BIOS-level malware can survive a reset. If you suspect a rootkit, you may need to reflash the BIOS or boot from a rescue USB.
Should I pay a ransomware demand?
No. Paying does not guarantee your files will be decrypted, and it funds criminal operations. Instead, disconnect from the internet immediately, run antivirus scans in Safe Mode, check nomoreransom.org for free decryption tools, and restore files from a backup.
How can I prevent viruses in the future?
Keep Windows and all software updated, use strong unique passwords, enable two-factor authentication, don't open suspicious email attachments, download software only from official sources, use an ad blocker in your browser, and keep Windows Defender real-time protection enabled.
Need Virus Removal Help?
Our technicians can remove stubborn malware and secure your PC remotely.