Have you ever been in the position that you know you have an virus but you don,t have any anti virus?? Its almost impossible to remove it manual without knowing about a few tips & tricks.
After reading this tutorial i am sure you will know how to manual remove most of the virus lurking around. But that dosn't mean you shouldnt have any anti virus on you computer!
Anyway, lets get starting with the tutorial.. I suppose you already know what safe mode is. If you dont try pressing the F8 key some times when you start your computer. You have to do this when your computer is about to start the first windows components. In win2k or xp i think you can press space and then F8 when it ask you if you want to go back to previous working setting.
Enough talk about how to start you computer in safe mode, but if you want to manual remove viruses you almost every time have to do this in safe mode because in safe mode most viruses dosnt start. Only some few windows component is allowed to run in safe mode. So here is what to do.
Step: 1: Start your computer in safe mode.
2: If you know where the virus are hiding delete the executable file.
3: Open the registry and go to the keys below and add an : in front of the value of the string that you think its the virus. Like this, if string is "virus" and its value is "c:\virus.exe" change its value to ":c:\virus.exe". The : is like commenting out the value. But if you are sure its the virus you can just delete the string.
Here are the keys you maybe want to look at:
CODE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
4: The virus can start itself from some other places to. win.ini is the most common files that viruses can use. So you should find the files named win.ini and system.ini and look through them and see if you find anything.
5: Look through the startup folder that is normally located in your profile directory \Start Menu\Programs\Startup.
6: Try searching for the virus executable to see if its hiding some other place.
7: Finally look through the list of services that windows is running. This list is often located under control panel - administrative tools - services. After this 7 steps just reboot your computer in normal mode and try to figure out if the virus is still there.. If not SUCCESS if yes, try to go back to safe mode and hunt some more. Off course this 7 steps will not work on every virus out there, but many of them.
WARNING: Be careful when in the registry because you can cause serious damage to your system in there.
Click here to Subscribe to FREE email updates from "Tricks and Tips", so that you do not miss out anything that can be valuable to you and your blog!!
0 comments:
Post a Comment