Skip to content

Is Energy.exe a virus? How to remove it?

  • by
  • 5 min read

Windows as we know it works on top of hundreds of small processes that handle everything from visuals to networks in the background. Usually, these processes don’t really require a lot of system resources to run, but sometimes they can max out your CPU, RAM or other resources, causing system slowdowns.

This is usually a sign that something fishy is going on with your computer. In this article, we’re talking about energy.exe, a subprocess that has been causing problems left and right on Windows machines. 

What is Energy.exe?

Energy.exe is a legitimate executable file made by Microsoft that manages energy settings for laptops and sometimes for PCs. The process is also known as the Windows Logon UI and handles logging in as well. 

That said, it’s common practice for threat actors to name their malware or malicious software after legitimate Windows processes to avoid detection. So if you see energy.exe consuming far too many system resources, there’s a good chance that you have some sort of malware on your PC.

This is an image of what is malware 9 types explained 115

Usually, this is either a crypto miner that hogs all your PC’s resources by using your CPU and GPU to mine cryptocurrency or some sort of adware. The crypto miner version of energy.exe is more popular and can find its way on your PC from shady websites offering free or pirated software downloads. 

Also read: Data Science vs Machine Learning: 7 Differentiating points

How to remove it from your PC?

If you’re facing problems with energy.exe using too many system resources and making your computer unresponsive, you can use the following solutions to remove it from your PC.

Run an antivirus scan

Usually, running an antivirus scan will remove most if not all malware on your PC. Here’s how you can run a full scan on your PC using Windows Security.

Step 1: Press the Windows key and search for Windows Security. Click the corresponding search result. 

What is gstatic? A quick guide

Step 2: Click Virus & threat protection. 

What is gstatic? A quick guide

Step 3: Click Scan options. 

What is gstatic? A quick guide

Step 4: Select Full scan and click Scan now to start scanning your PC for malware. 

What is gstatic? A quick guide

Alternatively, you can also use a third-party antivirus or antimalware like Malwarebytes to scan your PC and remove any suspicious software. 

Also read: What is the difference between load balancer and rate limiting?

Use Safe Mode to remove files

Another solution would be to boot your PC into safe mode with networking and then manually find and delete any energy.exe-related files you can find. 

Step 1: Hold down the power button for about ten seconds to power off your PC.

Step 2: Press the power button again to boot your PC.

Step 3: As soon as you see the PC manufacturer’s logo, press and hold the power button for ten seconds. 

Step 4: When your PC reboots, click on Troubleshoot.

How to fix 'can’t delete folder in windows 10' issue?

Step 5: Head over to Advanced Options.

How to fix 'can’t delete folder in windows 10' issue?

Step 5: Select Startup Settings.

How to fix 'can’t delete folder in windows 10' issue?

After this, select Safe Mode with Networking and wait for your computer to finish booting. Once in the safe mode, open the task manager, right-click energy.exe and select the Show file location option. This will take you to the folder where the malware’s files are stored. You can delete them from here and get rid of the malware for good. 

Clean the registry

If the energy.exe process still shows up in your Task Manager’s startup tab despite all related files being removed from your system, you’re probably going to need to clear your registry and remove any keys that the malware might have added.

The simplest way to do this is to open the Registry Editor by pressing Windows Key + R to open the Run prompt and typing regedit before hitting enter. Once in the registry editor, you can either run a search for energy.exe or check if you have the following path in your registry. 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

The aforementioned path is where the malware usually saves its changes. Removing this key will also remove any corresponding references to energy.exe on your PC. 

Repair your system

If nothing else works, the best way to get rid of the virus is by simply reinstalling or repairing your OS. 

The Windows Media Creation tool is a great way to install Windows and repair the OS. Using this, you can perform a clean installation or repair your OS without affecting your data.

You can download the Media Creation Tool here

Also read: What does HTP-998 mean on Netflix? 6 Fixes

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

This is an image of spyware malware cybersecurity privacy featured 31

Threat actors deploy FrigidStealer on Macs via web inject attacks

This is an image of crypto farm

XMRig cryptominer distributed via trojanised game torrents

Photo: sundry photography / shutterstock. Com

Over 100 AWS keys found on public GitHub repositories

This is an image of scam call featured 1

Noida-based call center operation dupes victims of $1.4 million

Close up of a windows laptop keyboard, featuring the fn, windows, alt and z keys.

How to revert Windows 11 24H2 to 23H2?

Illustration: cinemato

Two Estonians found guilty of $577 million crypto ponzi scheme

>