Featured Post

Our Mission Statement

To provide every client with cost-effective, innovative solutions, and excellent service.  

Thursday, February 11, 2016

Understanding The Virus/Malware Removal Process

We thought some people may be interested in what's involved in removing Malware (from a technicians perspective). If so, read on...
Processes
Each program is a collection of files. To start the program you launch an executable file that runs the entire program or some of its components.
When you launch an executable, part of its code is being loaded into computer’s memory. This code is the process. It allows the system to run the corresponding program. In simple phrase, every running program is represented by its main process (or task). If such process doesn’t exist, the application doesn’t run at the moment.
Parasites are programs and also have processes. However, unlike regular software, their processes run without user knowledge. You cannot terminate a parasite like a common application by simply closing its window. That’s why you have to learn how to kill malicious processes.
Files
Each program consists of files. Even spy ware, a virus or a different parasite - all have their own files. Removing a parasite often means deleting all its files. However, some files cannot be easily erased. You cannot delete the file while it’s used by an active application. Furthermore, some files are "invisible".
Imagine the situation: your anti-spy ware program keeps detecting a parasite, and you know where its files reside. You open the corresponding folder, but see nothing in there! The parasite continues performing malicious actions and its files remain in that "empty" directory. You wonder how this happens.
Files can really be "invisible". However, it’s not their exceptional feature - the operating system simply hides them from you. Such OS behavior can be a result of recent malware activity. Fortunately, there are several ways to make your system display such files, and thus allow you to delete them.
Sometimes malicious files cannot be deleted normally or even after entering into Safe Mode. Sophisticated parasites use integrated root kits and special techniques in order to lock their files and prevent them from being deleted. Usually, such files run processes that cannot be terminated by the Task Manager. In such cases specially designed third-party tools are used.

 Call us with any additional questions you may have. There is no charge for the information.

 Ric Carter - Owner
Computer Authorities Plus
207-689-1292
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)