Posted by Nikoletta Ventseslavova

Read if: you want to get rid of malicious malware successfully

There are many examples of malware in the wild and probably most of us have become a victim of a phishing attack, because today the probability of catching a cyber virus is much higher than that of  a human virus if someone with influenza sneezes in your face. Malware spies, corrupts data or gives control of your machine to someone who is miles away. It not only brings our life to a halt, but is also expensive and difficult to remove.

The hackers who create spyware make the removal of their nasty programs as difficult as they can. Furthermore, there are types of spyware that download and install additional components by hiding pieces of code from Windows to make deletion almost impossible. As one of malware’s victims I decided to select the methods which wipe out most forms of malicious programs. [note: if these measures don’t recover your system’s health, you will need professional assistance or you will need to reformat your hard drive]

Determine if your system is infected. Look for these symptoms:

–  If the performance is slower than normal and there are no other factors causing it, like running too many applications with little system memory; or running buggy software that does not free up the memory it uses after you close it;

-  If your Web browser suddenly changes its appearance, or automatically goes to a site you don’t recognize;

-  The PC is unstable and crashes often

- When you try to access files but you receive a message saying they are corrupted.

Most people don’t know that a virus, or a piece of spyware is dangerous only when it is running in the system or if it has the capacity to be initialized [this is true. I don't even bother with anti virus software and I never get viruses because I don't open the attachments on emails if they look suspicious ed.]. You will need the latest versions of the following tools, which will help you detect malware processes: Microsoft’s Malicious Software Removal Tool (Microsoft updates it every second Tuesday of each month); Microsoft’s Windows Defender ; An antivirus program (in case you don’t have already installed one, download Avira). Some kinds of malware are designed to ban your access to the websites that host these tools and you will not be able to download them. In this case, download the programs to another PC and copy the installers to a portable USB drive, then plug it into the infected machine.

Run the Malicious Software Removal Tool. Its aim is to find the most severe types of malware and viruses. If it doesn’t catch anything suspicious, run the Windows Defender, and choose the Full Scan option. When it finds an infection, it will give you on-screen instructions to delete the noxious files. Be aware, that some spyware won’t let you uninstall it while Windows is running. In this case, you will need several reboots (reloads). When the Windows Defender has found viruses, but fails to delete them, you will need to resort to Avira or another antivirus program. Before running it, make sure it has all the updates: Status – Start Update. Then, click System Scan and choose which directories you would like to scan. Start with Local Drives, Active processes and then run the Complete system scan  (it takes about 4 hours and the PC should not be shut down). Antivirus programs detect and capture the reprobates in “vaults”, or put them in “quarantine” in order to disable them.

For nasty rotters

In case the interloper is brand new and isn’t included in the anti-spyware databases, you will need to research those files online. Use the official website of the firm that produces your antivirus software, because the different firms sometimes give the same virus different names. Look for a list with all the files, associated with a particular virus. Then, delete all the files associated with it. Make a backup copy of your Registry folder before that, because you can erase a system file and your PC can get inoperable as a result.

Examine the processes running on the PC

The two options to view processes are the Process Explorer and the Security Task Manager . They will help you examine the applications running on your machine and determine which of them are the harmful ones. In Process Explorer, you will see a color-coded list of every running process: those in pink are Windows services, those in grey-blue are applications. If you want to see the full path to each application, choose Select Columns above the list of programs and click OK.

If you choose Security Task Manager, you will see a rating list, which indicates the likelihood of a process being potential spyware or malware. The higher is the utility’s rating, the more suspicious you should be about it. When you click an entry, you will see an explanation for the rating of each application. Use the rating as an indicator of what to look first and then delete the harmful entries. The difficult part here is to understand how do the different programs work and where are they located on your hard drive. Sometimes legitimate processes get high ratings and look like spyware.

When you are in doubt, check out each suspicious entry at Uniblue Process Library. If you kill the wrong program, you can render your system inoperable until a reboot is made. To prevent further hassle, back up all your important files: Start/All programs/ Accessories/System Tools/System Restore and follow the steps that will be displayed.

In case the program you want to remove appears again, or does not have an entry in Windows’s Add/Remove Programs, it is probably because the virus has changed your registry to make itself difficult to eradicate. HijackThis is a free program that removes Registry entries and other settings installed by malware, which prevent you from deleting the software yourself. It is better to consult experts before implementing changes with Hijack This. Run the program, then click Do a system scan and save a logfile. Send/post the text file-report to an expert.WhattheTech offers excellent experts’ help for spyware and malware removal. To erase a program with HijackThis, click Fix Checked in the check box next to it and delete it manually. Then, reboot your machine into Safe Mode (press F8 before the Windows logo appears), find the malicious file on your hard drive and delete it.

Continue reading:

• The best ways to back up your home computer
• Detecting Phishing Web Sites
• How to protect our privacy online?
• Hard disk crashes – prevention and cure