This message looks harmless when it first pops up on your computer screen. But seeing a pop-up that reads The Requested Resource is in Use constantly appearing on your PC screen every time you try to open a program should worry you. The error message is usually a warning for something quite serious – a Trojan horse malware that is called SmartService.
The Trojan horse’s name is, sadly, well earned. The malware behaves in a very smart way, from the multiple ways it can worm itself onto your PC and expose it to threats. Like other destructive malware, such as Win32 Gamarue, this malware strain can leave a trail of damage that includes:
- Installing programs that steal your personal information,
- Spying on your online activity and relaying the data to hackers,
- Installing destructive files and apps and making unauthorized Registry changes that can seriously harm your computer.
This all sounds scary. But the Trojan’s reign of terror does not end there. Without a doubt, its most destructive effect is the ability to block the antivirus software installed on your computer. By doing this, the malware opens the door for other viruses and malware to infect your computer.
The compound effect is your computer becomes an inlet through which cybercriminals can have free pass over your banking and other personal information. Because of this ability to infiltrate computers and, at the same time, disabling their malware defenses, SmartService is often the weapon of choice for ransomware attackers.
This Trojan horse is designed to be as destructive as possible. Beyond stealing your information, corrupting your files, and compromising your security, it also messes with your browser. Your browsing experience will be characterized by constant popups, annoying redirects, and dubious browser extensions.
The frightening thing about the Requested resource is in use malware-triggered error is that there is almost no way of telling if your computer has been infected or not. It hides so well. From the point your PC gets infected, the virus can sit there for a long time before you even notice anything unusual. During that whole time, the Trojan will be busy at work, stealing your personal information, spying on you, and installing vicious software on your computer.
It is thus horrifying to imagine the malware may already be done with whatever malicious act it was charged with by the time you detect it. In this article, we’ll discuss ways of removing the Trojan if you have unfortunately been hit already. First, let’s look at the ways the malware can infect your computer, so you can hopefully prevent future malware attacks.
How the SmartService malware infects your computer
Seeing how difficult it usually is to detect this Trojan infection and how destructive it is, prevention is indeed better than cure, in many ways than one. Unless you have a quality antivirus program installed on your computer, you cannot solely rely on antivirus software to detect this malware before it sets off on its destructive path.
The most effective way to avoid infection is to be vigilant in the way you use your own and interact with other computers. The SmartService Trojan horse can infiltrate your PC in any one of the following ways, as well as many others;
- Malicious attachments to emails delivered to your inbox,
- Ads you click on the websites you visit,
- Infected files you install as part of the software you download from the internet,
- The content you download, like, and share on social media, and
- Cookies on torrents’ platforms and other freeware sites.
How to remove The Requested Resource Is In Use error
Let’s hope you have detected the malware before it could do significant damage to your computer. Now that you know your PC is no longer safe, you should want to remove the malware without delay. The challenge is removing the malware is easier said than done.
Because it will block some antivirus software from even installing, cleaning your computer becomes difficult. But there are ways. And we will look at those now. But make sure you have time as some of the fixes we will recommend below will take time. Not doing them correctly may even harm your computer.
1. Restart your computer in Safe Mode
It is important to note that you need to periodically scan your computer for malware and virus infection. If, as in the case with the SmartService malware infection, you get the ‘The Requested Resource Is In Use‘ error, the easiest workaround is to simply reboot and try again in Safe Mode.
In the case of SmartService, the error message itself is evidence of system contamination. Rebooting in Safe Mode is also a good way of running your virus removal software processes without the trojan horse blocking the antivirus. Starting your PC in Safe Mode prevents the malware running as Safe Mode only runs the PC’s basic services.
If you are running Windows 7, you can reboot in safe mode by simply restarting your computer and watching out for the option to switch to Safe Mode. Or, you can keep hitting the F8 key as soon as the computer starts to reboot. Choose the Safe Mode With Networking option when the options’ screen finally shows.
For Windows 8 and 8.1 users, navigate to the System Configuration folder by clicking the Windows start icon and following the sequence below:
- Control Panel -> Administrative Tools -> System Configuration.
- Once the System Configuration window comes up, click on the Boot folder. You should see the Boot options listed at the bottom.
- Choose the Safe Boot option. It should have the Minimal sub-option already checked. After clicking OK, a popup screen will appear. Just choose Restart and your computer should safely reboot in Safe Mode.
Restarting your computer in Safe Mode allows you to investigate ways of removing the malware without it continuing to corrupt your system and compromising your security. You can then proceed to try this second solution.
2. Use third-party malware removal software
We have mentioned already how the SmartService trojan can bypass some antivirus software as if they are not even there. This means you can’t just use any antivirus software to scan or remove this rather sophisticated malware. It will simply respond with it is annoying ‘The Requested Resource Is In Use’ error message.
However, there are other quality malware removal software tools you can use. Examples include Malwarebytes, Reimage, and Spyhunter. Bear in mind, in order to unlock the malware removal features with some of these tools, you will have to buy the license. Otherwise, you can use some of them for free if all you want to do is to scan your PC for malware.
Just as well, you may want to be sure that the antivirus will itself not be blocked by the trojan before you spend money buying the license. Still, you can prevent this from happening by first rebooting the PC in Safe Mode. Most malware removal tools come with instructions to guide you through installation to actual malware removal.
For some people, malware removal software may not be an option because of budget issues. You can still manually remove the malware and all the malicious apps and software it may have installed. Which should fully resolve the Requested resource is in use malware-triggered issue.
A point of caution though, manually removing malware may take you hours and involve undoing some malicious malware actions right from with Windows Registry. This isn’t a good option for you if you are unsure about your computer skills. Removing or making changes to the wrong Registry files can seriously harm your computer. Proceed with caution.
For best results, use all of the solutions we will discuss below, making sure to follow the same order we have listed them in.
3. Use the Windows app wizard to uninstall maliciously installed programs
- Open the Run dialog box by pressing the Windows and the R key simultaneously.
- Type in appwiz.cpl and hit enter. This will open the Programs and Features folder, from which you can identify and uninstall all programs maliciously installed by the trojan horse.
You should be able to tell which programs you have installed yourself from the ones maliciously installed by the malware. Here you will find programs such as your installed browsers, antivirus programs, different applications, as well as some Microsoft files.
Uninstall all suspicious-looking programs whose purpose you can’t verify. One of them might be the cause of the Requested resource is in use malware. Afterward, proceed to the next step below.
4. Scan the System Configuration folder for malicious software programmed to run on startup
Most malicious malware strains are so hard to detect, and such a pain to remove because they attach themselves to your PC’s startup folder. As soon as you start your machine, these apps are up and running. This ‘The Requested Resource Is In Use’ trojan horse behaves in the same way.
You thus must make sure to scan the Startup folder and remove all suspicious-looking programs from there. This is an important step, as even the really good antiviruses may still get blocked.
Restarting your computer and working in Safe Mode allows you to execute this important step in the malware removal process and possibly remove the programs blocking the malware removal software from running.
- To open the System Configuration folder, click the Windows startup icon and type msconfig in the search bar and press Enter.
- Click the Startup option and a list of all programs that start running as soon as you start your PC will appear. Look out for those whose manufacturer is marked as Unknown. There is a good chance all these are malware. If they were indeed important, their publisher would be happy to be identified with them. On some PCs, you may be directed to the startup section of the Task Manager. Click the link. It will open this Task Manager window:
You will still see all the programs set to run automatically, on startup. Again browse the list to pick those whose publisher is marked as unknown. Disable all those. You will be able to permanently delete them using the regedit solution we will discuss later.
4. Delete all malicious IP addresses hackers may be used to snoop on you
The smart service malware compromises your PC’s security so much you literally have threats coming in all directions. Once you are hit, you have no idea what the cybercriminals could do.
In such cases, the malware plants a snooping apparatus within your PC. And that apparatus needs a link that is usually provided by an IP address that’s clandestinely planted onto your system files. You need to identify the IP addresses and remove them. And this is how:
- Press both the Windows and R keys simultaneously to open the Run dialog box. Once it pops up, paste the command thread below and click OK.
- Open the Hosts file in the Notepad.
- You should get this:
The two IP addresses you see at the bottom are for the PC’s, or localhost, and should be kept there. If you have been hacked, there will be other IPs listed below those. Normally that’s evidence that you have been hacked. Those IPs should be removed. It is also advisable to seek the help of a cybersecurity professional at this stage. You are still not done.
5. Remove malicious Windows Registry entries
Again, be careful when making changes to the Registry. Deleting the wrong Registry files can lead to serious PC malfunction. Seek professional help if you are unsure about what to do. Now, in cases of serious malware infections like this trojan horse, there is usually some malicious changes and entries made to the Windows Registry. Your PC won’t be clean until you remove these.
- To do that, press the Windows and R keys together and type regedit into the search box that opens. This will bring up the Registry Editor.
- The quickest way to find the malware once in the registry is to use the Ctrl+F keys shortcut. It will bring up this popup:
- Remember, to use this shortcut, you need to know the name of the trojan you are dealing with. In this case, start with SmartService. But it may be better to have a list of trojans that behave in the same way and search for all of them.
- If the Find prompt does locate the trojan, you want to delete and remove it from there. Repeat the process until the search prompt brings up this popup:
But sometimes you don’t know what the trojan’s name is. You will thus need to manually search for all suspicious-looking programs in all folders with Run in their title. These are programs that run automatically, from the moment you start your PC. There is likely to be malicious entries in those folders. You will have to navigate to the CurrentVersion folder to find these auto-run programs. Use this sequence to get there:
Computer\HKEY LOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Once you are in the CurrentVersion folder, look for all folders with Run in the title. It can be Run, RunOnce, or others. Click once on each to reveal all the programs in the folders:
Scan the listed files and look for suspicious names, which you feel could be malware. If you are unsure about any, look them up before deleting them.
How to prevent malware infection
Trojans like this The Requested Resource Is In Use are difficult to detect, and a pain to remove. By disabling antiviruses, they make your task more difficult. Because of this, it would seem best to be vigilant about the way you use your PC.
You will want to desist from connecting external devices to your PC without first making sure they are clean. This includes portable USB drives and external hard drives. There are many USB flash drive antivirus solutions that you can use. Also, avoid visiting torrents and other freeware sites with questionable security credentials.
Be careful when installing the software you downloaded from the Internet. Many people unknowingly grant malware programs permission to install in this way. Malware infection is almost always a result of some carelessness on the part of the PC user.
RELATED ARTICLES YOU NEED TO CHECK OUT:
- “Your Windows Has Been Banned” malware is back, here’s what you need to know
- 3 best antivirus software for preventing Petya/GoldenEye ransomware
- How to stay safe online after the WannaCrypt attacks
Editor’s Note: This post was originally published in September 2017 and has been since completely revamped and updated for freshness, accuracy, and comprehensiveness.