How to remove Malware – Semi automated
If your first attempt at removing your computer infection did not work properly then one of a few things has happened:
1) Superantispyware and Malwarebytes found infections but after a restart your computer still behaves erratically or you are still getting pop ups etc
2) Nothing was found and your computer is still mis-behaving
So what has gone wrong?
Well, these days Viruses, Malware and Spyware are clever. A lot of the time they have built in self preseveration.
This means that:
1) The virus or malware is so clever that you are prevented from downloading anything to try and get rid of it. OR
2) It has embedded itself deep into your computer and still being triggered by an event. OR
3) It is running on a scheduled task and even though you removed it once, it keeps re-appearing.
How to remove Viruses and Malware using more advanced methods
Ok so now it’s time to get tough!
What we need to do is to prevent the ‘seed’ of the virus from being able to trigger. Now in just a moment in the next part of this tutorial we will look even further advanced methods of malware removal but for now let’s take the next step on from automated virus removal. Let’s now look at how to remove a virus using semi-automated methods.
In order to do this you will need to head on over to our DOWNLOADS SECTION and download the following additional software (all free downloads):
1) Process Explorer
2) D7
STEP 1 TO REMOVING A VIRUS USING SEMI AUTOMATED METHODS
In the first instance we need to reboot the computer into SAFE MODE. Here’s a link on what Safe Mode is in case you have never used it before.
In short Safe Mode will only load up the essential drivers and software that are required for the computer to boot.
To access Safe Mode, restart your computer and before Windows has a chance to load press the F8 key on your keyboard. You will then be presented with this screen:
Choose the top option which is just ‘Safe Mode’ and continue to boot into Windows. This screen short may vary slightly depending on your Operating Syste, whether it is Windows XP, Windows 7 or something else such as Windows Vista the screen will essentially be the same. Notice that this is purely focusing upon Microsoft as an Operating System, this is because this is the most common Operating System that people have on their computer, this is the basis of all of our computer tutorials on TekMoz unless otherwise specified.
Once Windows has loaded and you in Safe Mode open up process explorer.
Here is a image I took from a clients computer recently.
As you can see, this software lists all of the open software and processes that are currently running.
To close any program in Process Explorer you simply right click with your mouse on the file you wish to close and choose KILL PROCESS.
How do I know which programs to close in Process Explorer?
Here at TekMoz we are currently putting together a legitimate list of processes that you would normally expect to see running inside Process Explorer, but the truth is most malware and viruses don’t actually look like normal named files. Instead they take on names like zdczjzldzzzx.exe or alkdjflkafja.exe and these are the files that you should close.
TIP: In truth it really doesn’t matter what you close, any system files will refuse to close anyway and anything else does not really matter as we want our computer to be running the ABSOLUTE MINIMUM AMOUNT OF PROGRAMS AND PROCESSES.
We could run through a whole list of files that you don’t need to close right now but it is more truthful to say close them all if you want to, in fact the more the better.
Ok what’s next for Virus / Malware Removal?
Our next step is to start up both Superantispware and Malwarebytes. Installation instructions can be found in our automated malware removal section and you download these programs for free from our downloads section (click here to open it up in a new tab).
From within each program select the FULL SCAN and run both programs and then…walk away.
Do something else for an hour then come back and check the results. As before, once these programs have found infections you simply choose the option to remove them.
Is that all?
NO, there’s just a couple more steps.
1) Hold down your windows button on your computer keyboard and press the letter R at the same time (Windows + R) and type in the word msconfig
OR
Go to your start button (Windows 7) and type in the word msconfig
Windows XP users Go to your start button and then run and type in msconfig
This will bring up the MICROSOFT CONFIGURATION dialogue box. From here you can see the tabs across (labelled General, Boot, Services, Startup and Tools).
Select Startup.
Click Disable all.
Click OK and restart the computer.
What we have just done is to prevent any program from starting up. The upside of doing this is that we should now prevent any virus from starting up again when the computer restarts. On the flip side we’ve also just prevented all other programs that usually start up such as your anti virus from starting.
So what do we do?
Test the computer to see if the virus is still present after you have rebooted. If everything seems clear then go back to your msconfig again start to reintroduce your previously disabled programs one or a few at a time again.
Which programs do I start?
Start with the ones that you KNOW. Such as your anti-virus program. Anything else, either search for it in Google or Bing or Yahoo or simply leave it out.
ANY VIRUS OR MALWARE WILL LIKELY STAND OUT IN THE LIST AS IT MAY NOT BE A PROGRAM THAT YOU HAVE EVER HEARD OF OR MAY HAVE A DAFT NAME LIKE LKJSD.EXE THESE ARE THE SUSPICIOUS PROGRAMS. THEIR NAMES ARE USUALLY AUTOMATICALLY GENERATED SO APPEAR AS NONSENSE NAMES.
TIP: It’s pretty difficult to say what should and shouldn’t be in the startup list as the exact programs will vary from computer to computer and Operating System to Operating System. Even most technicians will not know every startup program so don’t worry about it too much, the important thing is to follow the advice above. We’ve been doing this for more than 20 years and it always works.
Hey you mentioned something called D7
We certainly did.
Here’s the thing. Generally speaking people reading this will fall into three categories:
1) You are a computer genius
2) You’re not bad around computers, not afraid to have a go but you’re not a technician yet
or
3) A novice who just wants to know how to remove a virus and doesn’t want to know everything.
D7 is an advanced tool. It is a whole load of whoopass in a can in it’s own right. You probably don’t want to mess with this unless you are serious!!
Are you serious? Cool, let’s go.
Rather than do the whole sales thing we’d rather the guys who wrote the software do the talking so here’s a video by FoolishIT.com. Enjoy.
Last but not least…
What to do if the virus or malware is still causing your computer a problem? What if your appetite for malware removal is insatiable and you want more? What if you are getting the hang of this virus removal thing and you are thinking of earning some money by doing it for other people?
Well there’s one way to go, and that’s upward. Ok you brave, brave people let’s look at some in-depth virus and malware removal techniques. Coming soon…