Malware detection and removal
If you are on a private machine, choose your own scanner. Be careful, have a look at AV Comparatives’ test results for Windows. In an organisation, likely you can leave this to the SOC or IT team.
Disconnect from the internet.
Switch to Safe Mode
Go to Updates & Security -> Recovery
Choose “Restart now” in the Advanced startup section
When your machine restarts, a blue screen with a few options will appear
Troubleshoot -> Advanced options -> Startup settings -> Restart
Another blue window appears, find the “Enable Safe Mode” option. Click number 4 on your keyboard.
Check for and remove unwanted applications
Go to Control Panel -> Uninstall a program
Possibly unwanted apllications (bloatware, and some can even be considered malware)
Check with DuckDuckGo whether unknown applications are legitimate or not (mind the spelling)
If the issues are recent, you can click on “Installed on” to find any newly installed programs that might be suspicious
If they are not legitimate, or if you are suspicious, delete them and empty your Trash.
Note that this does not help much with trojans, evil files made to look like legitimate apps.
Delete temporary files
Open the RUN window
Type “%temp%” and click “OK”
Delete all files and folders that are in this destination
Connect back to the internet.
Note that this does not remove malicious Registry entries which can make the malware persistent.
If all else fails, go to a previous restore point or backup.
If that fails too, the BIOS or restore points or backups may even be infected. It is possible for malware to persist across a re-format and re-install, if it is sufficiently ingenious and sophisticated: if for example, it can persist in the BIOS, in the firmware for peripherals (some hardware devices have firmware that can be updated, and thus could be updated with malicious firmware), or with a virus infecting data files on removable storage or on your backups.