Seeing "Threats found" in Windows Security can feel alarming, but it's often much less serious than it sounds. Windows Security is very good at catching threats before they cause harm — the fact that it found something is actually the system working as intended.
What Do the Threat Labels Mean?
Severe / High
These are serious threats — ransomware, trojans, or programmes designed to steal information or give someone remote access to your machine. Take immediate action: choose Remove and then restart your computer and run another scan to confirm they're gone.
Medium
Usually adware (programmes that show unwanted ads), browser hijackers, or tools that can be misused. Remove these — they may not be immediately dangerous but they slow your computer down and erode your privacy.
Low
Often labelled as PUA (Potentially Unwanted Application). These are programmes that aren't strictly malware but behave in unwanted ways — bundled software, toolbars, or utilities that change settings without clearly asking. Remove them unless you're sure you want them.
What to Do Step by Step
- Open Windows Security > Virus & threat protection.
- Under Current threats, review what was found.
- Click Start actions or click each threat and choose Remove or Quarantine.
- Restart your computer.
- Run a second Full scan to confirm nothing else is present.
Quarantine vs Remove — What's the Difference?
Quarantine isolates the file so it can't do anything, but keeps it in case it turns out to be a false alarm. Remove deletes it permanently. For anything you don't recognise, Remove is the right call. If you later find a legitimate programme has stopped working, you can check the quarantine history and restore the file.
What If the Threat Keeps Coming Back?
If the same threat reappears after removal, it may be hiding in a location that regular scans miss. Try an offline scan: go to Scan options > Microsoft Defender Antivirus (offline scan). This runs before Windows fully loads, catching threats that hide during normal operation.
Still seeing it after an offline scan? Ask us — we can help identify the source.