Going online exposes you to a lot of threats. If you are infected with malware, this could have very serious ramifications for your devices and your personal safety.
Unless you have up-to-date antivirus installed, stubborn malware may go unnoticed on your computer. This could allow hackers to steal your data, gain access to your accounts, steal your financial information, or steal your identity. With so much at stake, it is essential that you properly protect all of your devices from malware.
Preventing malware from entering your device – known as preventive security – is by far the best way to protect yourself. However, not everything is lost if you are infected, because a good antivirus can detect malware and successfully remove it.
In this guide, we will help you remove a virus or malware from your device if you have ever had the misfortune of being infected.
Does your computer have a virus?
Sometimes it is difficult to know if you have been infected with a virus because not all exploits give telltale signs. However, there are a few things to watch out for:
- Power-hungry exploits cause performance levels to drop, so if your computer slows down or your mobile device doesn't stay charged for as long as it used to, it could be a sign that you're infected.
- Unusual activity or increased prevalence of advertisements on the websites you visit.
- Annoying popups that don't usually appear on the websites you visit.
- The device heats up or wakes up at unusual times without the user doing anything.
- Unusual use of the account or levels of data usage on the device that make no sense.
- Unusual running application you have never heard of.
These are just some circumstantial evidence that can provide clues that your machine is infected. For this reason, it is always a good idea to carefully monitor the applications running on your device and your online experience, noting changes and clues that may serve as a warning.
If your device behaves strangely or if you notice unusual programs running, check online to see if the app or service is legitimate. Checking activity logs can also be a good way to monitor if your device is being influenced by an outside party.
For this reason, we recommend that you check your bill for any unusual activity, and if you think your data is being used faster, check the amount of data used compared to previous months.
Nothing beats an antivirus
It is important to carry out the checks mentioned above. However, keep in mind that skilled hackers can hide in your machine for long periods of time without you noticing anything.
For this reason, it is essential to use a reputable antivirus program. An antivirus will actively scan for viruses, malware, worms, spyware, adware, botnets, ransomware, rootkits and Trojans.
This type of in-depth analysis is much more reliable than circumstantial evidence alone. This is why it is important not to assume that everything is fine and rather to use a reliable security application which:
- Actively monitor threats in files you download
- Scan the apps you install
- Check emails you open for questionable links and attachments
- Warn you if you visit malicious website domains
- Analyze the devices you plug into your device, such as USB sticks.
How to remove a virus from your Windows computer
If you have reason to believe that you have been infected with a virus, you will need to use a reliable antivirus to remove the exploit from your computer. Depending on the severity of the infection, you may need a deep removal tool called a bootable recovery tool. These are available online for free from various sources.
Whether you need this tool really depends on the severity of the infection and we generally recommend a graduated response:
- Download an antivirus and try to remove it from your operating system.
- Start in safe mode and try to remove it using your antivirus.
- Use a boot disk recovery method to run a diagnostic and remove the exploit while ensuring that no malicious process is still running in the background to maintain a presence on your machine – or for somehow hide the exploit of the removal tool.
Download and use antivirus
In most cases, it should be possible to repair your machine from your main operating system. To do this, download and run an antivirus in your main operating system. Many antivirus providers allow you to test their software for free for a limited time. This means you can delete a feat from your Windows PC (and Mac or Android as well) – even if you're short on money.
- Choose a reliable antivirus.
- Download and install the software on your machine.
- Run the antivirus and make sure it scans your machine for all known exploits
- Remove all exploits found using antivirus
Enter Safe Mode
If your antivirus finds a feat difficult to remove, the software may ask you to start your machine in safe mode. Even if it is not, try to remove the infection in safe mode as it might be more effective.
Safe mode is specially designed to limit the number of applications and services that run on your machine. By limiting the number of processes that are executed and disconnecting your PC from the Internet by default, you ensure that malware does not run in the background and cannot communicate with the command and control server ( CnC). This ensures that malware cannot further compromise your machine or data by sending it to cyber criminals over the Internet.
You should be able to run your antivirus from safe mode to remove any stubborn malware. Safe mode prevents malware from executing code that is designed to hide or replicate so that the antivirus cannot remove it. To enter Safe Mode in Windows 10:
- Click the Start button.
- Click the power button but don't make a selection.
- With the power button menu open, hold down the Shift key and click Restart.
- Click on Troubleshoot > Advanced options > Startup settings > To restart.
- Choose Safe Mode from the boot options by pressing F4, F5 or F6 depending on whether you will need a network or a command prompt. We recommend that you make sure to download the tools you need to your PC before entering Safe Mode, but if this is not an option, you may need to boot into Safe Mode with the network.
Delete your temporary files
Once in safe mode, most security experts recommend deleting your temporary files. To do this, enter Disc cleaning in the start bar to run the disk cleaning tool included with Windows 10. Disk cleaning will delete temporary files and other potentially unwanted files that could slow down your system or allow malware to damage your computer. system.
Run your antivirus in safe mode
Once your temporary files are deleted, you are now ready to run your antivirus in safe mode. Remember that not all antivirus applications are designed to work in safe mode. So, you may need to get an appropriate tool.
Malwarebytes is an antivirus that can be downloaded and used in safe mode (as long as you enter safe mode with network). Other options include: BitDefender Free Edition, Kaspersky Virus Removal Tool, Microsoft's Malicious Software Removal Tool and Avast.
If, for some reason, your regular antivirus does not detect any malware in safe mode, we recommend that you double with another standalone tool. Remember, even if you can only install one real-time scanner at a time, you can install as many on-demand malware scanners as you want.
Safe Mode with Networking keeps the Internet accessible, but should only be chosen if necessary
If you have to, start in Safe mode with network to download and run malware removal tools from Safe Mode. This will ensure that you can download the additional tools without allowing any malware that has found its way onto your machine to run in the background. Once installed, be sure to perform the most in-depth analysis available in the malware removal tool.
Perform boot disk recovery
If you have been infected with an exploit that successfully binds to key Windows processes, it can be very difficult to remove. The same goes if you have a deep infection that makes your computer unstable and unusable. In these cases, even trying to remove the virus in Safe Mode can fail.
If you tried to enter safe mode and run an antivirus but it just disappeared and does not allow you to reopen it, it is possible that you have been infected by a rootkit which automatically prevents the antivirus to do its job. In these circumstances, you will need to use a specialized tool such as Norton's bootable recovery tool.
A boot disk recovery tool is designed to allow you to boot from a disk to run a very basic operating system (usually a Linux-based operating system) to perform system recovery and deletion malware. If all else fails, you may need to back up your files and then reinstall Windows.
How to recover damaged files?
In the worst circumstances, Windows may have become so infected that the only thing you can do is reinstall Windows. In these circumstances, you will need to use a Live CD tool such as Hiren’s BootCD (HBCD) to access and back up your files.
Once all of your files have been safely backed up to an external hard drive and all important settings such as email client settings and device drivers have been backed up (you can do this using a tool called Double Driver), you can reinstall Windows to completely refresh your machine.
If this process seems too technical and too complex, you may need to seek the help of a computer specialist to restore your machine. Finally, don't forget to carefully analyze your backed up files before reopening them on your Windows installation to make sure the virus has not attached to any of them.
How to remove a virus from a Mac computer
If you suspect that your Mac has been infected with malware, the best thing to do is to use an antivirus program in macOS. Most antivirus manufacturers provide their antivirus software for free on a trial (or limited) basis. This means that you can run a scan and fix most infections for free on your Mac. To do this, follow these simple steps:
Enter Safe Mode (Secure Boot) on macOS
If you have a persistent infection on your Mac computer, you may need to enter Safe Mode in order for your antivirus to remove it. Some antivirus programs only work in safe mode, and depending on the tool you are using, entering safe mode may be a requirement:
- Hold down the Shift key while your Mac starts up.
- Release the Shift key when you see the login window.
- The words Safe start should appear in the upper right corner of the screen.
Entering Safe Mode on Mac automatically limits the number of processes that run. This will prevent malware from doing anything in the background when you try to remove it. This ensures that it still cannot steal your data or execute processes at the root level that make it difficult to delete.
Entering Safe Boot restricts processes, removes certain caches and performs basic verification automatically
Safe Boot also removes some system caches and the kernel cache, which could help stop certain types of malware. In addition, Safe Boot will force macOS to perform a basic check of your startup disk. All of this helps to ensure that malware cannot continue to run in the background when you try to remove it.
Once in Safe Boot, we recommend that you remove all unwanted applications installed on your computer. To do this, open Searcher > Applications and remove any applications that may be causing a problem. Then update all the apps you have installed. Now remove any unwanted extensions from Safari, Chrome or Firefox that you think may be causing problems.
Finally, delete all the connection elements that you have not specifically chosen. To do this, open System Preferences > Users and groups and click on the Connection items tongue. Here you can prevent the execution of any program at startup by unchecking the box next to the programs that you do not recognize.
If any of the programs configured to launch at startup are suspicious, remove them from your computer. Once these steps are done, launch your antivirus and perform a full scan to remove any malware that might remain. Now restart your Mac.
If the problems persist, you may need to reinstall macOS using macOS Recovery or a boot installation disc. Depending on the severity of the malware infection, you may need to back up all of your important files, folders, drivers, and settings before formatting the drive and reinstalling the operating system.
How to recover damaged files?
If some of your files are damaged due to malware and become inaccessible, it is possible that they have been overwritten or somehow corrupted by the virus. The best option to deal with this type of loss is to recover data from backups. However, if you have not previously backed up your data, you can try the following:
- Duplicate the problematic file, then open the duplicate to see if it works.
- Repair your HD and permissions with Disk Utility to see if that fixes the file.
- Try using Techtool Pro 7 as it can sometimes fix things that Disk Utility could not do.
Protect against future attacks
The best way to protect yourself from future attacks is to engage in preventive security. This guide explains how to deal with malware or viruses once they have already infected your computer, and this is important if you are already infected. However, the best way to protect your data and the integrity of your machine is to make sure it is not infected in the first place. To achieve this, there are several important things you need to do:
- Install a reliable and up-to-date antivirus that can monitor threats in real time.
- Activate a firewall, preferably with active monitoring of outgoing and incoming communications.
- Pay more attention to the websites you visit and use safe browsing applications that monitor questionable URLs.
- Learn about phishing and be extremely careful when opening messages or emails that may contain questionable attachments or links.
- Update your operating system and applications regularly to make sure they are patched against new exploits and vulnerabilities.
- Delete all unnecessary applications that you no longer use.
- A password protects your machine, all of your accounts, and your important files and folders with strong, unique passwords. Preferably use a password manager for added security.
- Back up your data regularly so that it can be recovered. This can be done by hand by backing up to an external hard drive or automatically to a secure cloud-based backup storage solution.