How To Remove Spyware, Trojan, Virus, Worm, Or Other Malware


13.10.2009

A few years ago people didn’t have a clear idea what a computer virus is and that there are other malware that can do harm to their computers and their resources (including financial ones). There are still people who don’t know much about computer security, and they only know that computer viruses exist, and include all types of malware into the computer viruses category. Truth is that computer viruses are a part of malware, not vice-versa. Below you can find the types of malware and how you can get rid of them including computer viruses, Trojans, worms, spyware, adware, and more.

Types of Malware programs

Malware represents programming or other files that are designed to harm computer, and it includes viruses, worms, Trojans, backdoor, hijackers, and spyware among others.

Adware represents a program which generates popups and displays advertisements on your computer, however, not all of them are malware. There are many software programs which are distributed for free and they have to display ads on your computer in order to generate revenue so that they can keep offering the software for free. Adware is not considered malware when users are told that they will see advertisements on their computers.

Backdoor represents a program which allows a remote attacker to perform operations and execute tasks on a user’s computer without the user’s permission. A backdoor program is mostly used to attack other computers as well as steal copyrighted media files and software, or just to hack a computer.

Dialler represents a program which dials a premium rate number that features high “per minute charges” and is mostly used to access pornographic content.

Hijackers consist of a program which hijacks functions on your computer meaning that they can redirect your browser’s homepage to another homepage controlled by the hijacker. Hijacker programs can make you contact other malware, redirect your searches to an unwanted search engine, but it can even replace the search results (but only on your computer) for popular search engines like Google or Bing.

Spyware is a program which can monitor your activity on a computer, gather personal or other information, and send it to a remote computer without your awareness.

Trojan is a program which doesn’t look dangerous or harmful, but in fact it causes malicious activity on your computer and it can provide backdoors to your machine.

Virus (computer virus) is a program that can multiply on your computer by infecting other program and software in the system, and it has various malicious effects like deleting files on your hard-drive, corrupt files, steal data, display joke boxes, make it nonfunctional, or just infect your computer “thinking” that you will send corrupted files to another computer so that it can create chaos there too.

Worm is a program which can spread to other computers on its own via mass-mailing to e-mail addresses found on your machine, or using your Internet connection to infect other computers via security holes.

How a malware infection starts

Now that you know all types of malware, you need to understand how the infections start. A program needs to be run to work its magic and this is the case of malware software. Most malware programs are run by creating a config entry into a computer’s Windows Registry so that the virus, worm, trojan, etc. can start when Windows starts.

There are too many security holes and too many ways for a malware to start in Windows OS therefore users cannot look for it manually. Computer users should use Autoruns, a software developed by Sysinternals which is free, detailed, but simple to use, and which shows you a comprehensive list of information about what programs start when Windows starts, why do they start, and what do they do. If you are going to install Autoruns, then please do not delete or uncheck any program from that list until you’ve read all about it.

How to remove a malware infection

Above we told you that you should install Autoruns only if you want, but now we urge to install it if you want to remove a malware infection. If you follow the steps below then you’ll have a malware-free computer once again. It’s easy, free, and quickly.

  1. Download Autoruns software by Sysinternals.

  2. Install Autoruns.

  3. Reboot your computer and enter Safe Mode. Why enter Safe Mode? Because malware programs monitor your computer activity and the keys that start them, and if the keys are removed, then they will automatically multiply and the infection will still be on your computer.

  4. After you enter in Safe Mode, go to the Autoruns install destination folder and start Autoruns.exe.

  5. When the program starts, click Options and check (enable) these options: Include empty locations, Verify Code Signatures, Hide Signed Microsoft Entries. Save the options and move on to the next step.

  6. Press the “F5″ key on your computer keyboard in order to refresh the list of startup programs with the new settings.

  7. Autoruns will show your computer’s startup information using eight tabs, and the files that you are looking for can be found in the Logon and Services tabs, however, you must check all tabs to see if the files are not loading in other tabs. Check all eight tabs to see the filename that you want to delete, and the filename will be found in the Image Path column, however, you shouldn’t be too surprised if you spot the same filename in more tabs because, like aforementioned, malware has the ability to replicate itself. Also please be careful because malware can disguise its filename into valid Microsoft files therefore check the exact filename and its exact location (folder).

  8. After the malware filenames are found, you must delete them by right-clicking the entries and select “Delete” therefore the startup entry will be deleted from the Registry.

  9. Now the malware will not run, and you only have to delete the file via My Computer / Windows Explorer. If you cannot find the files or the location of the files, then they might be hidden. Check the Folder Options to enable “Show hidden files and folders” and delete the files.

  10. Now that all the malware entries are deleted from the Registry and the malware files are deleted from your computer, you can boot regularly and you’ll notice that the infection is gone.

How to protect against malware

OK, your computer is safe after you cleaned the infection, but if you had malware on your computer then you can get it once again therefore you must protect yourself from malicious software. First of all you need an antivirus to be turned on all the time. You also need a firewall, and a spyware removal program that should run 24/7. Update your Windows, update the antivirus, update the firewall, and update the spyware removal program regularly. Do not open email attachments from people you don’t know or from people you know, but you don’t trust. Do not allow popups, do not click on unknown links, be careful what shortened URL links you click, and do not allow automatic download. We recommend AdBlock, Google Chrome or Mozilla Firefox, Ad-Aware, and SpywareBlaster, but we’ll leave the antivirus at your call. Read reviews on the Internet on what’s the best antivirus software. Other computer users can tell from their experience which was the best antivirus for them.

P.S. This guide is not 100% efficient. It works in most cases and it works for most users, but malware can learn, it can adapt and you shouldn’t think that you’re safe. You have to protect yourself because it’s better to be safe than sorry, but like said you’re never 100% safe.

Tags: computer, malware, program, files, they, software, start, programs, safe, autoruns, windows, tabs, infection, spyware, viruses, antivirus, delete, filename, users, know, install, check, computers, virus, there, options, what, represents, therefore, people