Jump to content
xisto Community
Sign in to follow this  
seargentpepper7

How To Manually Remove Viruses! a short tutorial

Recommended Posts

seems you all are a big xp freakers around hereany ways i tried it but it went above the dos commands and finally i got in nothing as i think i should try out something other like antivirus or so and not to forget the main and the most used firealarm and also with a regular update it will make my comp semi virus free and also a nice and slow comp as the most of the cpu will be in use with the different processes on there and also it wil make me feel somewhat tired as i am bored of waiting in computer after typing something

Share this post


Link to post
Share on other sites

How to manually remove viruses!
Have you ever been in the possition that you know you have an virus but you dont have any antivirus?? Its almost impossible to remove it manual without knowing about a few tips & tricks.
After reading this turtorial im sure you will know how to manual remove most of the virus lurking around. But that dosnt mean you shouldnt have any anti virus on you computer!
Anyway, lets get starting with the turtorial.. I suppose you already know what safe mode is. If you dont try pressing the F8 key some times when you start your computer. You havto do this when your computer is about to start the first windows components. In win2k or xp i think you can press space and then F8 when it ask you if you want to go back to previous working setting.
Enough talk about how to start you computer in safe mode, but if you want to manual remove viruses you almost everytime haveto do this in safe mode becouse in safemode most viruses dosnt start. Only some few windows component is allowed to run in safemode. So here is what to do.
Step: 1: Start your computer in safemode.
2: If you know where the virus are hiding delete the executable file.
3: Open the registry and go to the keys below and add an : in front of the value of the string that you think its the virus. Like this, if string is "virus" and its value is "c:\virus.exe" change its value to ":c:\virus.exe". The : is like comenting out the value. But if you are sure its the virus you can just delete the string.
Here are the keys you maybe want to look at:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce

4: The virus can start itself from some other places to. win.ini is the most common files that viruses can use. Soo you should find the files named win.ini and system.ini and look through them and see if you find anything.
5: Look through the startup folder that is normaly located in your profile directory \Start Menu\Programs\Startup.
6: Try searching for the virus executable to see if its hiding some other place.
7: Finally look through the list of services that windows is running. This list is often located under control panel - administrative tools - services. After this 7 steps just reboot your computer in normal mode and try to figure out if the virus is still there.. If not SUCCESS if yes, try to go back to safe mode and hunt some more. Off course this 7 steps will not work on every virus out there, but many of them.

WARNING: Be careful when in the registery because you can cause serious damage to your system in there.

better you use a good antivirus and if you delete it manually atfirst you have to stop that process from task manager which the virus is already running or it give give you a delete protection error.
if you stopped a process of virus bu don't know where it is located on the hdd,,simply make a search but do check"serach hidde,system files"option because always viruses set their attribute as a system file or atleast a hidden one.
though you get the location and you are not able to delete ,,try to delete it using dos .go to the path of the file.
suppose file is in f drive type cd f: and press enter.
now normalize the attributes.
type attrib -h -s -r filename.extname and press enter,
now delete the file,it will be easily deleted.
regards

Share this post


Link to post
Share on other sites

I think manual removal according to me might be very difficult concept and not always be successful also. So using a virus removal software is good. I use quick heal and in my office Office scan online virus scanner is installed. And the important part of it is updating it regularly.

Share this post


Link to post
Share on other sites

If you are tired of sitting and waiting for your anti-virus software to remove the new virus infection, the steps below are for you. No programming skills are required! Just a basic knowledge of command prompt syntax will do...for this demo, the virus is on the portable USB drive (e:\virus) named virus.vbsSo here we go, its very simple, if the above things dont work:# Create a back-up. Safety comes above all else. Save your files on removable storage or on another partition aside from the Windows drive.# Run the Windows command prompt. You can run the Windows command prompt by either clicking on the Start Menu\All programs\Accessories\Command Prompt or by pressing Windows + R on the keyboard and typing "CMD."# Look for the directory or folder where the virus resides. Go to the folder where the virus is hiding. Its usually resides on the Windows temporary folder or on the Windows system folder. Check partitions and drives for viruses, e.g. type "cd e:\virus"# Show the hidden virus and remove its attributes. It will be easier if you can see the virus. Remove the virus attributes, which are read only, archive, system file, and hidden file. e.g. type "attrib -r -a -s -h virus.vbs"# Delete the virus. Say goodbye to the virus by deleting it, e.g. type "del virus.vbs"

Share this post


Link to post
Share on other sites
Spell Check and Grammar CheckHow To Manually Remove Viruses!

Please run your responses through a spell check and grammar check. All the great things you say are lost because of your poor English skills; Spell Check and Grammar Check in MS Word can help; then paste it into your message and in the meantime, don't bother applying for any job where you need to write something.

TDM

-reply by TD Man

Share this post


Link to post
Share on other sites
AntivirusHow To Manually Remove Viruses!

IĀ have a network ofĀ more than 100 computers. All of a sudden my network goes down. I found that one of the pc was the culprit, which makes the network down. So I unplugged the network cable of that PC and the network is fine and running. I installed multiple antivirus and scanned , but couldnt find any viruses. So to make sure IĀ once again plugged this computer to the network. Alas, again the network went down. So which virus would this be? Any help or comment on this is appreciated. My operating system is winxp, Antivirus tried - Mcafee Total Protection, Avira, Micorsoft Security Essentials etc.

-reply by Scott

Share this post


Link to post
Share on other sites

Thank you! I found your post and as a result was able to get rid of the virus without spending a couple hundred on a Geek Squad service call. In fact, I had a phone consult with them and they said they couldn't tell me what to do over the phone (they tried a few things but it didn't work) and said they'd have to come in person. I scheduled an appt but kept searching the web (using my daughters uninfected computer) found your post and was able to resolve the issue.THANK YOU Jayme

Share this post


Link to post
Share on other sites

Norton is a powerful antivirus software, however it does have its defects such as the slow-down issue. Eset NOD32 or better is a good software to compete with Norton without all of of its defects. The better thing about an Antivirus Software is that it runs off of a complete database of viruses to search for, as a manually removing a virus is a different because an average computer literate person does not have that knowledge.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.