How to kill malicious processes and delete dangerous files
Processes
Every program running on the PC is represented by its executable process, so when you start it at first you must launch this file which is responsible for running the entire program. After that, its code is usually loaded into computer’s memory and the system runs that corresponding program. If such process does not exist, the application doesn’t run at the moment.
So, just like any other program, parasites also have processes. However, unlike regular ones, their processes run in the background and when noticed, they cannot be terminated like a legitimate application by simply closing the window. Stopping malicious application can be done in a different way.
Files
Each program, even it is a spyware, consists of files. When you try to remove a parasite, it means that you are going to delete all its files. However, some of them cannot be easily found and eliminated easily, because they may be “invisible”.
Files can really be “invisible”. For example, anti-spyware program starts detecting a parasite but when you open its corresponding folder, there is nothing found in there! The parasite continues performing malicious actions and its files stay in that “empty” folder. People start wondering how this happen and the truth is that operating system simply hides them. Such behavior of OS is a result of recent malware activity. Thanks god, there are several ways to make the system show these malicious files and allow to delete them additionally.
Look at this guide where it is shown how to terminate all the malicious processes manually. The following instructions also explain how to find a file, make it visible and completely remove it from the system. These methods can be applied to all Windows operating systems.
INSTRUCTIONS
I. Find the process and try terminating it
1. Start Windows Task Manager. For that, press CTRL+ALT+DEL or CTRL+SHIFT+ESC. This will open the Windows Task Manager. If that didn’t work, try another way. Press the Start button and click on the Run… option. This will start the Run tool. Type in taskmgr and press OK. This should start the Windows Task Manager.
2. Find and terminate the process. When in the Windows Task Manager, click on the Processes tab (red box). This will bring the complete list of all active tasks. Find the process by name. Names are in the first column from the left. Click on the Image Name button (blue box) to sort tasks in alphabetical order. Then scroll the list to find required process of malware. Select it with your mouse or keyboard and click on the End Process button (green box). This will kill the process.
II. Locate the malicious file and try deleting it
Let’s assume you know the file name or at least a part of it. In such case run Windows default search tool: Start > Search > For Files and Folders. Type in the file name or its part to the search field. Specify search location. For better results select “Look in: Local Hard Drives” or “Look in: My Computer“. Now start searching. The file should appear in search results.
If you have no idea how to spell a filename, but you know, where it can possibly be, then you should try finding this file manually. Most parasites attempt to hide their tracks, so you will have to enable the displaying of hidden and system protected files. Open Windows Explorer. Click on the Tools menu and select Folder Options.
Choose the View tab. In the Advanced Settings list find the option Show hidden files and folders (on Image 8 it is designated by the red box) and select it. Then remove a checkmark next to the line Hide protected operating system files (Recommended) (in the blue box).
Some files may still be invisible. To see them, launch the Command Prompt. Press the Start button and then select Run. This should open the Run dialog. Type in cmd and press enter or click on the OK button.
Type in dir /A name_of_the_folder to the console. This will list all the files that reside in that folder. Hidden files will also be displayed.
Simply delete the file using the Windows Explorer or any other program that you use to browse the file system. Don’t forget to empty the Recycle Bin. If an error message appears saying that file is in use and cannot be removed, try terminating the associated process and then delete the file. To do this you will have to open the Windows Task Manager (press CTRL+ALT+DEL or CTRL+SHIFT+ESCAPE). Then in the Processes tab select the corresponding process and click on the End Process button.
However, some processes will run immediately after you terminate them. In such case you have to reboot your system into Windows Safe Mode (For that, turn off and turn on your computer. Then, before Windows is launched, tap F8 button for several times. A table will appear where using the arrow keys you will be able to choose “Safe mode with Nteworking” option.) There, in this mode many system services are disabled and programs do not run automatically on startup. Practically any file can be easily removed.
The malicious file can also be deleted from the Command Prompt. Open the Command Prompt and navigate to the folder, where the harmful file is. To do this issue the following command: cd name_of_the_folder. Then invoke this command: del name_of_the_file. To delete the folder use another command: rmdir /S name_of_the_folder.
However, if the process or file is still on your computer or if you are not sure how to follow steps above and do certain tasks, feel free to try automatic spyware removers from this website. You can also ask for help in our free spyware removal forum.
What if it tells me i cant not end a process, which I know is a virus, from my task manger. What do I do?
Reboot into safe mode then. Use other methods. Use process explorer.