So is there any straight answer to the question? Surely answer is yes, nothing is impossible in this holy world. But the thing is, professional help will charge u money worth a new hard disk.
So how to cure it in an easy way? As you know Internet is ultimate source of knowledge.
The answer to cure lies in its disease [in this case its internet].
Coming to the point, I will suggest to wait before formatting.
Firstly, you should be able to find out atleast the name of the virus or its some characteristic like
does it remove the shut down button, run command, task manager.
Are you able to open task manager?
If the answer is yes. Your work has become much easier.
How ? [Ans: you will find out later]
Though there are different methods for removing different viruses, we will follow general trend.
Lets discuss manual method first. Although this is sure shot method for most viruses, but this is not the easiest one.
1st method:
If your task manager is opening without any problem, see the processes running in the processes tab, you may be able to find a doubt-full process/es which may resemble the name of the virus.
Terminate the process and you will find most of the features blocked by the virus, working as normal.
But many viruses are'nt so easy to trace and the process/es of virus [ program of virus or u can say virus itself] take the name of a window process or camouflage in the window process.
But many times terminating a window process is more dangerous than the virus, so you must be completely sure of the process you are terminating.
Go on net and find the information about the doubt-full process.
As you may know the virus processes, you can leave the virus remain in the computer and work normally for the time being. You should now prevent the virus from running again at startup. For that you should remove the registry key through which its able to run each time you start your PC. For this, you must have some basic knowledge of system registries.
Anyways, you should use the task manager ’s Run command to fire up regedit[type "regedit" in run]. Then navigate to HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run (as usual, take a backup of your registry before touching it!)
If you find any unknown entry which is not related to any other software etc and seems to have some similarity with virus name or its process , delete that entry.
This entry stores the keys by which programs and processes run at start up.
Another way of removing virus key is going to msconfig [type msconfig at run] and under start up tab uncheck the undesired [virus] process.This way your done.
To remove the virus completely you would have to terminate the process forever or you would now have to delete each virus file and virus infected files till every file gets cleaned [but mostly its not required ].
You would have to remove every trace of virus manually by removing each file associated with the virus. Remove cache, browser history etc if the virus is came through the internet.
If your task manager is also disabled by the virus, you should download third party process manager like sysintenals processes manager.
So lets discuss about another way through which I have been able to remove most viruses and is easier.
2nd method:
This method is easier but success depends on wether virus allows us to do delete itself. You may be confused but its true to some extent.
Tools we require for this method are : kaspersky [the best antivirus available], spyware and malware removal tool like spyware doctor or take any good spyware removal software available on internet for free.
Many of you would be amazed why am i calling kaspersky, the best. Its because its the best.
You would be one of the NORTON kinds, who has been made to realize that NORTON is the only best anti virus software. But unfortunately its not.
I will consider the NORTONs greatness in next post.
Now, firstly we have to download latest trial version of kaspersky from its website.
Although its valid for 30 days only, it will serve your purpose to remove the virus.
Why it took only kaspersky only ? because it has a unique self defense mechanism which prevents its alteration by the virus while being installed. So virus would'nt be able to prevent the installation of the definition of itself in the kaspersky which is actually the tool for its removal.
Also install spyware/malware removal tool.
Now in simple steps:
1) we have to run kaspersky and malware/spyware removal tool in normal mode [normal mode is the mode you actually use normally, or default mode which turns on automatically when you turn on the computer].
Most of the times this step does'nt yield out the virus but still we have to try our luck.
Just to increase the chances, you can terminate the process you think is associated with the virus.
2) after performing scan in the normal mode[default mode] , now you should perform scan in the safe mode.
With this kaspersky must be able to detect the virus and clean it on its own.
3) similarly run spyware/malware removal tool first on normal mode and the safe mode.
HOW TO GET INTO SAFE MODE?
- Click Start, click Shut Down, and then, in the drop-down list, click Shut down.
- In the Shut Down Windows dialog box, click Restart, and then click OK.
- When you see the message Please select the operating system to start, press F8.
- Use the arrow keys to highlight the appropriate safe mode option, and then press ENTER.
TO TURN OFF SYSTEM RESTORE:
- Open system properties
- Ensure that the Turn off system restore check box is selected.
To open System Properties, click Start, click Control Panel, click Performance and Maintenance, and then click System. In the System Properties dialog box, click the System restore tab.
So the virus would'nt be able to bounce back by using the restore resources.
3rd method:
IF ALL THESE METHODS GO IN VAIN. DONT GET UPSET, THERE ARE OTHER WAYS TOO.
One very useful tool, I found out about which many don't know.
Its UNHACKME.
This has also helped me to get rid of some of the viruses.
Google it. Its free for trial. If you cannt find it, ask me to find it for you in a comment.
What it does is it overtakes your system and scans everything on startup and show all the doubtfull programs or processes. It also shows how much a program is useful/harmful to you in %age. So you can guess what you shoud block and what you should allow.
When you get a feel that virus no longer bothers you, you should uninstall it.
For advanced users it even show every process, running on startup or at background and also the address of the process in the file explorer. So you can get which process is of which software.
4rth method:
If all above fail too, what you can do is download hijackthis. Run it and post the "log" to the forums available on many sites where professionals will now help you to proceed forward.
Though I have never got any reply of my hijackthis "log". But who knows you find yourself luckier than me.
No comments:
Post a Comment