Before even carrying out concrete operations on the computer, smartphone or tablet at your disposal, let me give you some more information on what the manual virus deletion operation entails in terms of actions and risks.
The so-called antivirus / antimalware programs, in fact, have precise information regarding the definitions of known viruses, it is difficult to delete from the system files and folders that should not be touched e, equally difficult, they leave "aftermath" of the elimination inside the device on which they act: within the aforementioned programs, hundreds of algorithms and modes of action, which vary according to the type of threat detected and the type of operating system in use, which are put into practice in total safety if necessary.
This security, of course, is lacking in the case of manual deletion: delete viruses manually, in fact, it means identifying the infected file by deduction, deleting it in a "brutal" way (or uninstalling the program / app that brings it with it) and hoping that this does not affect the operating system, as every single virus it has its own mechanism and can involve other files (sometimes even system files).
So, before proceeding, keep in mind that the operation you are about to carry out can give you the desired reont, but it is potentially capable of compromising other parts of the operating system or the entire functioning of the device, forcing you, in the worst case , to proceed with a full format. I warned you!
How to delete viruses manually from PC
Despite my warnings, have you decided to go down the road of manual virus deletion anyway? Then all you have to do is continue reading this guide: in the sections to come, in fact, I will show you some procedures to delete viruses manually both from Windows that MacOS. Always keep in mind, even before intervening, that this could further compromise the stability of the operating system.
The first thing you need to do, if you are using the operating system Windows, is to create a restore point to use in case something goes wrong: I taught you how to do it in my themed guide.
Once this is done, you can proceed to the recognition and localization of the fire containing the active virus: first of all, therefore, start Activity management pressing the key combination Ctrl + Shift + Esc; alternatively, you can use the key combination Ctrl+Alt+Canc I will select the voice Task management / Start task management from the proposed screen.
At this point, if necessary, click on the item More details placed on the lower edge of the window that appears on the screen and presses on the card Processes: read carefully the name of each running process e, if there is something that does not convince you, write down its name and do a quick search on Google (With art. what is [ProcessName]) to underste if it is a virus or not.
If there is a positive response, do it click destroy on the name of the process in question within Activity management e select the item Open file path from the proposed context menu, to open a File Explorer window in the folder where the alleged virus resides. Once this is done, connect to the VirusTotal website and drag with the mouse the suspicious file from the File Explorer folder to the appropriate box located on the website (denoted by a sheet icon with a fingerprint).
After a few seconds, VirusTotal should show you the complete scan analysis: if the file is actually infected, you must delete it as soon as possible, following the steps that I indicate below.
- To “deactivate” the threat immediately, go to the tab Processes of the window Activity management, do click destroy on the suspicious file name, choose the entry End Process Tree / End Activity Tree from the contextual menu proposed and confirms the will to proceed by clicking on the button Yes.
- If the belongs to a well-known program, go to Start> Impostazioni> App i know your Windows 10, or in Start> Control Panel> Programs and Features> Uninstall a program if you use a previous version of the Microsoft operating system, identify the suspicious program in the list, select it with a click and press the button Uninstall. Then follow the procedure proposed on the screen to remove the program.
- If this solution is not suitable for you, you must delete "raw" the infected file: keep in mind that this operation could affect the operating system and / or leave "aftermath" of viruses that are not visible. If you intend to proceed anyway, do it click destroy on the file and holding down the key Shift, click on the item Delete placed in the context menu. Then press the button Yes e performs the same operation on any files or folders connected to the virus. Once again: act with extreme caution, as this could irreparably compromise the stability of the operating system.
If you have done "brutal" deletion of the file, you need to check the programs that start at startup of Windows, so as to possibly delete it from the list (thus avoiding errors at startup or automatic reproductions of the virus): if you are on Windows 10, recalls Activity management as I showed you earlier, click on the tab Start e, once you have identified the name of the file you are interested in, do click destroy his di esso and seleciona la voce Disable from its context menu.
Su Windows 7 or earlier, however, the procedure to follow is slightly different: press the key combination on the keyboard Win + R. type the comme msconfig in the panel that appears on the screen, press the button Submit e click on the tab Start placed in the new window that opens. Once the suspicious program has been identified, remove the corresponding check mark of its name, press the button OK and then on the button Restart to perform an immediate restart of the computer.
As a last resort, I recommend that you check the extensions of the browsers installed on the computer and possibly delete those suspicious or directly related to the malware just deleted, by accessing the appropriate section of the settings of the navigation program you have chosen.
- Chrome - click on your button (⋮) located at the top right, go to the menu Other tools> Extensions.
- Firefox - press the ☰ button located at the top right, then the icon Additional components present in the box that opens and choose the item Extensions from the left sidebar.
- Microsoft Edge - presses the button (...) present in the corner is at the top right and click on the item Extensions give the menu check if you press.
Note: if you find it difficult to disable the virus or delete its file, with error messages such as Access denied o Unable to finish execution, you can try to put into practice the procedure described by entering the Safe mode with networking Windows. I told you how to access it in my guide on how to start Windows in safe mode.
Remember, when you get rid of the unwelcome guest, to follow some small precautions necessary to prevent such situations from happening again: below you will list the most important ones.
- Do not start programs downloaded from sites with unverified reliability, pirated programs or attachments received from emails, social networks or other dubious communication channels, especially if unexpected.
- Always keep your operating system up to date.
- Install a good antivirus solution (here I have pointed out the best) and always update its database.
- Never disable operating system or antivirus protections unless you need them and are fully aware of what you are doing.
You have followed the procedures I explained to you in detail, but the computer still behaves strangely? Is the virus still there? Then manual removal could be much more complicated than expected and require intervention on the Registry or on other extremely delicate parts of Windows.
I strongly advise you not to proceed in this sense, as you could seriously make your PC unusable: what I would invite you to do, at this point, is to opt for an antivirus that can do this job for you and do it in complete safety. If you intend to follow this advice, you can adopt one of the solutions that I pointed out to you in my guide on how to clean your computer from viruses.
For MacOS, the virus scenario is a bit simpler than the one just seen for Windows: in fact, if you have not disabled the security protections included in the operating system, you have hardly created a fertile field for infection by some malware.
However, if you still encounter abnormal behavior of your Mac (slow navigation, strange warnings or other suspicious factors), or you have happened to bypass these protections (for example, by installing a program downloaded from a dubious website or program pirate), the first thing you need to do is check all the software currently running using the utility Activity monitoring on the Mac.
How? Very simple: once you are in the operating system, click on the menu Or> Utility Finder and launch the tool Activity monitoring. If you want, you can use tabs CPU, Memory, Network e disc to check, in real time, which programs use the most resources. At this point, carefully observe the list of running processes and possibly identify a suspicious name: to make sure that it is a threat and not a "harmless" file, search on Google information about the same.
In case of a match positive, return to the window of Activity monitoring e, to immediately stop the harmful activity of the virus, click on the name of his process, then on the little button (I) placed at the top e, finally, twice on the button Logout.
At this point, go to the folder Applications Mac, identify the "offending" program, do click destroy on the relevant file and select the item Move to the trash from the proposed context menu. Once this operation is completed, empty the trash Mac using the "usual" procedure (click destroy the trash can icon attached to the bar Dock > Empty the trash> Yes).
The last precaution to take at this point is to eliminate suspicious extensions from Safari, if present: start the browser, go to the menu Safari> Preferences ..., access the tab Extensions from the window that opens, select the "offending" extension with a click of the mouse and press the button Uninstall to get rid of it.
Note: if it is not possible to delete the program and / or browser extensions using the instructions above, you can try to repeat the operation using the Safe mode on your Mac. To access it, start or restart your computer, press and hold the key Shift until the Apple logo appears e, when you see the login window, release the Shift key and log in as usual. When you're done, restart your Mac normally to exit Safe Mode.
Now that you have finally managed to get rid of the virus, I suggest you check that the macOS protections are active, in order to avoid running into similar and unwelcome surprises again: first, therefore, open the System preference on the Mac by clicking on the icon gear attached to the bar Dock, select the voice Security and privacy and click on the tab General from the window that opens.
Once this is done, check that Gatekeeper (i.e. the tool that prevents the installation of programs from non-certified developers) is active, checking that next to the entry App Store and identified developers there is a check mark. If not, click on padlock located at the bottom, type the Password of your account and put the check mark in the appropriate box.
As a last step, I also recommend that you activate the database updates of Xprotect,antimalware built into macOS that automatically blocks malicious software from running: to do so, once again access System preference, they said App Store and make sure there is a check mark next to the item Install system data files and security updates. If not, you can set it yourself (you must, however, unlock the changes by clicking on padlock and inserting, when requested, the Password of your Mac).
How do you say? Have you meticulously followed the instructions I've given you so far, but your Mac continues to behave strangely and unpredictably? I can only advise you to clean up your Mac with the help of a specific antimalware program, as I explained to you in my guide dedicated to the topic.
How to delete viruses manually from smartphones and tablets
If used with the appropriate security measures active, usually smartphones and tablets are not affected by the action of viruses and malware of different types. This, however, loses its veracity - especially on Android - if operating system "unlocking" procedures are performed (such as root or jailbreak), apps are installed from third-party sites or stores or, worse still, files and attachments of dubious origin are executed. Either way, if you feel your device is behaving strangely and you want to figure out how delete viruses manually from the same, you can follow the instructions that I am going to give you below.
If you suspect that your Android device has been infected with a virus, the first thing you need to do is check the list of installed apps and check if, among them, there are any that you don't remember installing, perhaps associated with a sufficient name. suspected.
The first move, therefore, is to start Android in Safe mode: in this way, only the apps strictly necessary for the functioning of the operating system are loaded, so you can act calmly and without Android making you any "surprises" during construction.
To proceed, press and hold the power button of your Android device, until the button appears on the screen Switch off: make a long tap on it and confirm that you want to restart in safe mode by tapping the button OK. If the above method does not work, access to safe mode may be activated during reboot: therefore, restarts the device as usual e, as soon as the manufacturer logo (or the Android logo) appears, press and hold the key Volume Down until you get to the main screen of the device, marked with the words Safe mode. On some devices, you may need to press the button instead Home.
In any case, once you enter safe mode, access the list of apps installed on the device by pressing the button Settings (Quello forma di gear) and going to the section App> Download. After carefully analyzing the list and identifying the app that you believe to be harmful, tap on it and press the button Uninstall.
It was used Android 8.0, the procedure may change slightly: you need to access the menu Settings> Apps and notifications, tap on the item Show all apps located at the bottom, to access the App information, touch the wording All apps and finally access the section App Installed. Once you have identified the suspicious app, tap on its name and then on the button Uninstall.
Note: some apps or services that you do not know the nature of, could be essential for the operation of the device. I recommend, as an additional measure, to type on Google the name of the app you have identified and check if it is attributable to malware or if it is an integral part of the operating system (e.g. a system app).
If you are unable to remove the offending app in this way, it most likely has the permissions to administer the device, a very common practice with regard to some types of malware: to remedy this problem, go to Settings> Security> Device administrators or Settings> Security & Location> Device Administration App if you are using Android 8 or higher: once you have identified the malicious app in the list, remove the check mark from the corresponding box and try to uninstall it again.
To exit Safe Mode, all you have to do is restart your device as usual, without pressing any key combination or selecting any special functions.
Once the virus is eradicated from your device, I recommend that you put in place a series of security measures to make sure you don't fall back into the same error.
- If you had previously carried out the root procedure on the device, I suggest you cancel it and remove the elevated administration permissions, so as to keep the most delicate parts of the operating system safe. To do this, it is usually sufficient to open the app SuperSU / SuperUser and use the appropriate uninstall features. If you are not sure of the procedure to follow, I suggest you open Google and look for information about it (eg. how to remove root [device model]).
- Check that Google Play Protect, the security system built into Android (which regularly scans the apps installed on the device to check their reliability), is active on your device. To do this, open the Google Play Store, press the pulsating ☰ to access the menu, tap on the item Play Protect e, if not, put the check mark next to the item Look for security threats.
- Disable the installation of unknown apps, from sources other than the Google Play Store. Go, therefore, to Settings> Security e check that in correspondence with the item Unknown origin there is no check mark, otherwise remove it yourself. If you are using Android 8 or higher, you must go to Settings> Apps and notifications> Advanced> Special app access> Install unknown apps and check that under the proposed apps there is the wording Not allowed. If, on the other he, the wording Allowed, tap on the app in question and move to OFF the levetta Allow from this source.
- Always keep the operating system updated with the patches that are released periodically, accepting the installation of the updates proposed by the operating system, when they are agolable. To manually check for updates, you can still go to Settings> About (o About phone) > System update, or in Settings> System> System Update agolable for Android 8.0 or superior.
How do you say? In spite of everything, you have not been able to restore the functioning of your Android device to normal? Then I advise you to use a dedicated antimalware, since the problem could be much more complex than it seems: I have explained everything to you in my guide on how to eliminate viruses from Android.
For iOS, Apple's operating system dedicated to iPhone and iPad, the speech is profoundly different from Android: by nature, unless you use procedures that do not comply with Apple's terms of service (such as jailbreaking and / or installing apps from unsafe sources), the risk of running into viruses is really very low. If you remember well, I have already mentioned the thing in my guide on how to remove viruses from mobile phones.
So, if you have bypassed the security measures imposed by Apple, you notice strange or unexpected behavior from your terminal and you suspect that the fault is a bad app, the first thing to do is to delete the jailbreak to immediately secure the iPhone and the iPad: if you do not know how to do it, you can turn to this guide, written specifically to address the topic.
You should also know that some malicious apps can take advantage of VPN configuration profiles (the same ones used by perfectly secure apps, such as Tunnelbear) to spy on data and activities: therefore, as an additional measure, I recommend that you check these profiles by going to in Settings> General> VPN e eliminating those you did not create yourself.
If, for some reason, you fail to do this, I recommend that you Reset the network settings by going to Settings> General> Reset and selecting the appropriate item. Keep in mind that this will bring back the network settings in the factory state, deleting all the VPN profiles installed on the device and the passwords of the Wi-Fi networks.
Finally, remember to always keep your iOS software up to date (Settings> General> Software Update) e, above all, of do not install antivirus for iPhone: as I explained to you at the beginning, Apple's operating system does not need such software and all the apps that promise to perform cleaning operations on iPhone and iPad are absolutely bogus. The only “authentic” apps, bearing the name of famous security signatures (for example Avira or Avast, just to name a couple), do not perform anti-virus functions but are apps with anti-theft or data security functions.
If you need a he on the procedures that I have reported to you in this section, I suggest you refer to my guide on how to eliminate iPhone viruses, in which I have explained everything to you in detail.