How to get rid of viruses and malware on your computer

Step 1 - Disconnect from the internet and backup all your data

This step is critical for preventing further infection or data loss, especially if you suspect malware.

• Disconnect from the Internet:

  • How:
    • For Wi-Fi: Click on the network/Wi-Fi icon in your system tray (Windows) or menu bar (macOS) and disconnect from your current network. If you have a physical Wi-Fi switch on your laptop, turn it off.
    • For Wired (Ethernet): Physically unplug the Ethernet cable from your computer's network port.
    • For Laptops/Tablets with Cellular Data: Turn off cellular data in your device settings.

• Backup All Your Data:

  • What to Backup:
    • User Folders: Documents, Pictures, Videos, Music, Downloads, Desktop. These contain the vast majority of your personal files.
    • Specific Application Data: If you use specialized software, check its documentation for where it stores project files, databases, or important settings.
    • Browser Bookmarks/Favorites: Many browsers allow you to export these.
    • Email Files: If you use a desktop email client (like Outlook, Thunderbird), locate its data
  • How to Backup (Safely):
    • External Hard Drive/USB Drive: This is generally the safest method if you suspect an active infection. Connect an empty or newly formatted external drive. Manually copy and paste your critical files and folders onto it. Do not run any executable files from your infected system onto this drive. Once the backup is complete, immediately disconnect the external drive from the computer.
    • Cloud Storage (Use with caution if actively infected): If you must use cloud storage and are worried about active infection, be extremely cautious. Ensure your cloud provider has versioning (so you can revert to earlier, uninfected versions of files if necessary). Scan files with a robust antivirus before uploading if possible, or immediately after. However, for an active infection, a disconnected external drive is usually preferable.

Step 2 - Enter Safe Mode

• How to Enter Safe Mode (General Steps, varies slightly by OS version):
  • Windows 10/11:
    1. Press Windows Key + I to open Settings.
    2. Go to System > Recovery.
    3. Under "Recovery options," find "Advanced startup" and click Restart now.
    4. After your PC restarts to the "Choose an option" screen, select Troubleshoot > Advanced options > Startup Settings > Restart.
    5. After the PC restarts again, you'll see a list of options. Select 4 or F4 to start in Safe Mode, or 5 or F5 for Safe Mode with Networking (though for cleanup, Safe Mode without networking is generally preferred to maintain isolation).
  • Windows 7/8/XP:
    1. Restart your computer.
    2. As soon as the computer starts booting (before the Windows logo appears), repeatedly tap the F8 key.
    3. You should see the Advanced Boot Options menu. Select "Safe Mode" or "Safe Mode with Networking."
  • macOS:
    1. Shut down your Mac.
    2. Turn on your Mac and immediately press and hold the Shift key.
    3. Release the Shift key when you see the login window. You should see "Safe Boot" in the menu bar.

Step 3 - Delete Temporary Files

• How to Delete Temporary Files (in Safe Mode):
  • Windows Disk Cleanup:
    1. Press Windows Key + R to open the Run dialog.
    2. Type cleanmgr and press Enter.
    3. Select the drive you want to clean (usually C:).
    4. In the Disk Cleanup window, check the boxes next to categories like "Temporary files," "Temporary Internet Files," "Recycle Bin," "Downloaded Program Files," and "Temporary Windows installation files" (if applicable).
    5. Click "OK" and then "Delete Files" to confirm.
    6. For more thorough cleaning, click "Clean up system files" and repeat the process.
  • Manually (for advanced users, or if Disk Cleanup fails):
    1. Press Windows Key + R.
    2. Type %temp% and press Enter. This will open your user's temporary folder. Select all files and folders (Ctrl+A) and delete them. Skip any files that cannot be deleted (they might be in use).
    3. Repeat the process by typing temp in the Run dialog (this often points to a system-wide temporary folder, requiring administrator permissions).
    4. Empty your Recycle Bin.
  • macOS:
    • Temporary files are generally managed well by macOS. You can empty the Trash. For more in-depth cleaning, third-party tools like CleanMyMac X or similar can help identify and remove caches and temporary files, though often not necessary in a recovery scenario as macOS handles it better.

Step 4 - Uninstall Suspicious Programs

• How to Uninstall (in Safe Mode):
  • Windows:
    1. Press Windows Key + R and type appwiz.cpl and press Enter. This opens "Programs and Features" (or "Apps & features" in Windows 10/11 Settings).
    2. Carefully review the list of installed programs. Look for:
       • Programs with unfamiliar names.
       • Programs installed around the time you noticed issues.
       • Programs with generic or suspicious icons.
       • Programs published by unknown or untrusted developers.
       • Multiple entries for the same program.
    3. Select any suspicious program and click "Uninstall." Follow the on-screen prompts.
    4. Important: If a program doesn't uninstall or gives an error, make a note of its name. You might need specialized removal tools or manual registry cleaning later.
  • macOS:
    1. Open the Applications folder in Finder.
    2. Look for any suspicious applications. Often, malware on macOS will be in Applications or Utilities.
    3. Drag the suspicious application icon to the Trash.
    4. Empty the Trash.
    5. Note: Some macOS malware might hide files in other locations. This step removes the main application.

Step 5 - Reset Your Web Browsers

• How to Reset (do this for all browsers installed on your system: Chrome, Firefox, Edge, Safari, etc.):
  • Google Chrome:
    1. Open Chrome.
    2. Click the three-dot menu in the top right.
    3. Go to Settings > Reset settings.
    4. Click Restore settings to their original defaults and confirm.
    5. Also, go to Extensions (chrome://extensions) and remove any suspicious or unknown extensions.
  • Mozilla Firefox:
    1. Open Firefox.
    2. Click the three-line menu in the top right.
    3. Go to Help > More troubleshooting information.
    4. Click Refresh Firefox (or Reset Firefox on older versions) and confirm.
    5. Also, go to Add-ons and themes (about:addons) and remove any suspicious or unknown extensions.
  • Microsoft Edge:
    1. Open Edge.
    2. Click the three-dot menu in the top right.
    3. Go to Settings > Reset settings.
    4. Click Restore settings to their default values and confirm.
    5. Also, go to Extensions (edge://extensions) and remove any suspicious or unknown extensions.
  • Safari (macOS):
    1. Safari generally doesn't have a direct "reset" button. Instead:
    2. Go to Safari > Clear History... and select "all history."
    3. Go to Safari > Settings (or Preferences on older macOS).
    4. Go to the Extensions tab and uninstall any unfamiliar or suspicious extensions.
    5. Go to the Privacy tab and click "Manage Website Data..." to remove all website data.
  • After Resetting: Manually check your homepage and search engine settings to ensure they are set to your preferred defaults.