Wednesday 1 August 2012

Removing virus manually in windows XP


Beginning of that:


Start->Run->type cmd
in each drive type attrib /s /d it will display the list of all files in that drive along with folders.concntrate on files having SHR attribute.normally virus files have two characteristics
1.SHR attribute
2.Queer name like amvo.exe,r6r.exe,autorun.inf etc.


Note:some system files also have this attribute like MSDOS.SYS,IO.SYS etc so before deleting googling about that file will help.


to delete these files type c:\>del /f /s /a <filename with extension>


>> to view the content of files with .inf,.vbs,.c etc i.e files which r not batch files or executables.goto explorer n then goto the required drive or folder n type the filename with extension it wil open up in notepad.


>>there is another method also.goto the required location n type attrib -s -h -r filename
then use gui to see that hiiden file.if it is not n exe or .bat or then open it with notepad.Here you will get some information like a file name or a registry key which the virus affects or a startup item or process.Change this or uncheck the startup.


if file is not deleted like it says access denied it means it already used by some process.open task manager n find a process of the same name or some process which is not a valid windows process(better google) n end that process.


if not found open msconfig goto statrup tab n look at if a startup items seems queer(u wil have this feeling if u r n experienced windows user otherwise all da startup items may seem queer.)uncheck that.u may also learn about da startup item by googling.after unchecking restart the computer then restart the computer.


This method is effective in removing some spywares or some small but annoying virii like maskrider etc. which r sometimes not detected by antivirus softwares.


You pepoles wont blve i nvr formatted and reinstalled my os or hard drive due to Virus. Evn when i was noob :o Appr. 90 % i used to clean it manually and by now i am an expert in it.. yes google helps alot in findings a particulr file..


Best method to delete obstinate viruses is WINRAR 


Just open winrar and goto ur infected drive ane here you can see all hidden and persistent files.. Delete such files from here (Easy and far better than dos prompt)


One more thing if you want to remove the virus or worm of an infected pen drive then dare it to do as i do..
First of all kill your explorer from process tab in Task manager..
Now goto "NEW TASK"
and locate winrar ..
now insert pen drive in usb and come pen drive icon in winrar. And here you will find some Autorun.inf , powerpointresentation.exe , krar.vbs etc. Just enter " Shift + Delete "


Then u r talking about virus which is already entered in pc. Not the pen drive.. Isnt it?
~!~ fist of all check startup from Msconfig..dlte ny suppicious entry.
~!~ Now note downthe name of virus from winrar.
~!~ Goto registry editor and search for it. Del all the entries.
~!~ Also check in sytem32 for suspicous file..
now repeat the winrar procedure on all partitons of Hdd..


Goto Registry editor >>> Current user >> software >>> microsoft >> windows >> Current version >> explorer >> ADVANCE --- Now in Right window >>
Check "Hidden" should have 1 value
"Show super hidden" should be 0 value and "Super hidden should have 1


Now come to HKEY_LOCAL_MACHINE >>
>>SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden


here you will see Two sub menu NOHIDDEN and SHOW ALL
come to No hidden and now in right pane make sure CHECKED and DEFAULT values are 2
come to Show all and make sure Checked value is 1 and Deafult value is 2 .


I am assuming that you have basic knowledge of Xp that's why i explained 
in favour of brevity.... Enjoy and if you are still unable then 500% its your fault
in following my all steps from win rar to Registery coz i have immuned Dozens of
PC manually from the same way...

No comments:

Post a Comment