Windows Security Tutorials - Herong's Tutorial Examples - Version 3.00, by Dr. Herong Yang
Delete Malware Program Files Manually
This section provides a general process of terminating malware processes and delete their executable program files on a Windows system.
If you have identified the malware process that is running on your Windows system, the next thing you should do is to terminate it and remove its execution program file from your hard disk. Here is a general process you can follow:
1. Run "Task Manager" to see detailed properties of the malware process and record its execution program file name.
2. Use "Task Manager" to terminate the malware process.
3. If the malware process re-appears again in the running process list, there are other malware processes running on the system. Find other malware processes and record their execution program files. Man malware uses multiple processes to preventing you terminate them.
4. Run "Windows Explorer" to locate those malware program files that are related to those identified malware process.
5. If you can not see those malware files or their folders, you have to change "Windows Explorer" options make system files and hidden files visible.
6. Use "Windows Explorer" to delete those malware files.
7. If you get the file-in-use error, when deleting a malware file, you need restart your Windows system in "Safe" mode and delete the malware file.
8. If there is a system service related to the malware process, disable the system service.
9. If there is a startup program setting related to the malware process, delete the startup program setting.
10. If there is a scheduled task setting related to the malware process, delete the scheduled task setting.
Table of Contents