Saturday, December 13, 2008

Four Easy Steps to Manually Remove Viruses from Your Computer!

[Note: This solution will work only against those Viruses which does not infect Windows own .exe files (e.g. like Explorer.exe)]

Some of the symptoms of viruses are:

  • Disables Task Manager
  • Disables Registry Editor
  • Disables Command Prompt
  • Sometime you have no application running but CPU usage goes over 50%
  • Computer Drives are not opening by Double Click
  • Automatic Shutdown
  • Computer Slows down
  • Hidden Files will not be showing
  • Folder Options will disappear
Solution:
[Caution: While the manual process is going on do not open any My Computer drive through My Computer]

Step1. Process Termination

Download Process Explorer and Autoruns in order to complete the instructions below.
  1. Close all programs (even from tray) except your Internet Browser.
  2. Run Process Explorer by typing procexp in the Start menu. Run and do as illustrated.
Process ExplorerProcess Explorer
After collapsing:

mspaint.exe Properties[Note: procexp.exe is Process Explorer’s own process]

All the system processes are collapsed in the system tree, so if you see a process like winlogon.exe in explorer tree then it is surely a virus.

If you do see any suspicious process, Processes can be sought for their suspiciousness at Process Library. And follow the following steps:
  1. Right click on it if the process is found and then properties. In the path: field copy the path and Open Run Dialogue and paste the path there.
  2. Now terminate the suspicious task in Process Explorer.
  3. If the same process starts again then suspend the process by right clicking on it and click suspend on the menu. Remove the name of the application from path now listing only folder.
E.g.:- If you have copied C:\WINDOWS\System32\mspaint.exe then remove mspaint.exe and you will see C:\WINDOWS\System32\ this in the Run Dialogue.

7-ZIP File Manager

Step2. File Deletion

The second step is deleting files. If you have installed powerexe, Start Menu–> 7-ZIP–> 7-ZIP File Manager which will show you all hidden files and go through the root path of every drive.

Autoruns
Delete .exe and autorun.inf like ravmon.exe, smss.exe, Funny UST Scandal.exe. But do not delete the following files autoexec.bat, boot.ini, bootmgr, config.sys, io.sys, msdos.sys, ntdetect.com, pagefile.sys, ntldr, hiberfil.sys as these are system files.

Step3. Removal of Startup Entries

Now you have successfully terminated virus process the next thing is to remove those virus files which run upon system start.
  1. Open Autoruns by typing autoruns in the Run Dialogue. Wait while refreshing completes.
  2. In the Options –> Hide Microsoft Entries. And click Refresh button on the interface OR Close the program and start again.
  3. After scanning completes select Logon tab and uncheck all the entries be sure do not unselect any Microsoft Entry. Restart system for the changes to take effect.
Step4. Restoring Windows Default settings

Now scan your system with a fully functional Anti-Virus will be the last suggestion.

Troubleshooting: Incase of any problem means you did a wrong move. Open Autoruns, in the Options –> Unselect Hide Microsoft Entries. And click Refresh button on the interface OR and select all entries. Close the program and start your system again.

TOP

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)