How to Remove Malware from Windows 11 (Step by Step)

Your computer is acting strange. Maybe it’s slower than usual, or you’re seeing pop-ups you didn’t ask for, or your browser keeps redirecting you somewhere weird. Take a breath. This happens to a lot of people, and in most cases, you can fix it yourself without wiping your entire machine.

This guide will walk you through the process calmly and clearly. No jargon overload. Just practical steps that actually work.

First, How Do You Know It’s Malware?

Not every strange computer behavior means you’ve been infected, but these are the signs worth taking seriously. Your PC is running noticeably slower than it used to. You’re getting pop-up ads even when your browser is closed. Your homepage or default search engine changed without you doing anything. Programs are opening or closing on their own. You’re seeing unfamiliar apps in your taskbar or system tray. Your antivirus has gone quiet — or worse, stopped working entirely.

If two or more of these sound familiar, it’s time to act. The good news is that most malware infections are more annoying than catastrophic, and they respond well to a systematic cleanup.

Step 1: Disconnect From the Internet

Before you do anything else, unplug your ethernet cable or turn off Wi-Fi. Malware often “phones home” to a remote server, and cutting that connection stops it from downloading more bad stuff or sending out your data. This is especially important if you suspect you have spyware or a keylogger.

Don’t panic — you can get back online in a few minutes. But right now, isolating the machine gives you control.

Step 2: Boot Into Safe Mode

Safe Mode is one of your best friends here. It starts Windows with only the essential drivers and services, which means most malware won’t load at all, making it much easier to find and delete.

To get there: click Start, hold Shift, and click Restart. When the blue screen appears, go to Troubleshoot > Advanced Options > Startup Settings, then hit Restart. Press 4 or F4 to boot into Safe Mode. If you need internet access for any of these steps, choose option 5 (Safe Mode with Networking) instead.

Step 3: Run a Dedicated Malware Scanner

Windows Defender is decent for everyday protection, but when you’re already infected, you want a second opinion from something built specifically for cleanup. Malwarebytes is the tool most security professionals reach for first. The free version is fully capable of scanning and removing active threats. Download it (you’ll need to briefly reconnect for this), install it, and run a full scan.

Let it finish completely — don’t interrupt it. The scan might take 20 to 40 minutes depending on how many files you have. When it’s done, it’ll show you exactly what it found. Quarantine everything it flags, then restart.

After Malwarebytes, run a scan with Windows Defender as well. Go to Windows Security > Virus & threat protection > Scan options, then choose Full Scan. Having two tools scan independently increases your chances of catching everything. They won’t conflict if you run them separately.

Step 4: Check Your Startup Programs

A lot of malware installs itself to run automatically when Windows boots. Even after scanning, some remnants can hide here. Press Ctrl + Shift + Esc to open Task Manager, then click the Startup apps tab. Look for anything you don’t recognize. If you see an entry with a strange name, no icon, or a file path pointing somewhere obscure like a temp folder, right-click it and disable it.

You’re not deleting anything at this stage — just stopping it from loading. If disabling something breaks an app you use, you can always turn it back on.

Step 5: Clean Up Your Browser

Browsers are a favorite target. Malicious extensions can hijack your searches, inject ads, or track everything you do. In Chrome, go to Settings > Extensions and remove anything unfamiliar. In Edge, it’s Settings > Extensions as well. While you’re in there, check your homepage and default search engine settings under Settings > On startup — reset them to what they should be.

If your browser feels completely compromised, don’t be afraid to reset it to factory defaults. You’ll lose saved passwords and history, but you’ll also get rid of whatever was riding along with it. Your bookmarks can usually be exported first.

Step 6: Update Windows and All Your Software

Malware often exploits vulnerabilities in outdated software. Once you’ve cleared the infection, don’t leave the front door open. Go to Settings > Windows Update and install everything pending. Then check your browsers, PDF readers, and any other apps you use regularly. Tools like Patch My PC can scan for outdated third-party software and update them in bulk — it’s free and surprisingly useful.

What If the Simple Methods Don’t Work?

Sometimes you scan, restart, and things still feel off. Or the malware is sophisticated enough to disable your security tools entirely. Here’s what to try next.

• Use a bootable rescue disk. Tools like Kaspersky Rescue Disk or Bitdefender Rescue Environment run before Windows loads, which means even deeply embedded rootkits can’t hide. You burn the image to a USB drive and boot from it.
• Run the Windows Malicious Software Removal Tool (MSRT). It’s built into Windows and specifically targets known, widespread threats. Search for it in Start or run mrt from the Run dialog.
• Consider a Windows Reset. If nothing else works, Windows 11 has a reset option under Settings > System > Recovery that reinstalls the OS while keeping your personal files. It’s not ideal, but it’s not a full nuke either.

The nuclear option — a full format and reinstall — is genuinely a last resort. Modern malware is persistent, but truly firmware-level infections that survive a clean install are rare outside of targeted attacks.

Going Forward: Staying Clean

Once your machine is healthy again, a few habits will keep it that way. Keep Windows Defender enabled and updated — it’s actually quite good now. Don’t install software from random websites; stick to the official vendor site or the Microsoft Store. Be skeptical of email attachments, even from people you know. And back up your important files regularly, ideally to an external drive or cloud storage that isn’t constantly connected.

Getting hit with malware is frustrating, but it doesn’t have to mean disaster. Follow these steps, take your time, and you’ll most likely have a clean machine by the end of the day.