Greets to all digitians,
THIS is a simple tutorial to remove viruses in Windows using freeware tools.Just follow these steps to remove maximum viruses out of ur System at times of attacks.This is tut is not totally my own ideas but a combination of methods i generally know n some collected from different sites n forums.Hope this helps u to recover from viruses in WINDOWS
Step I: Disable System Restore
---------------------------------
Windows XP:
Steps to turn off System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
4. Click OK.
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:
You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer.
Steps to turn on System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to clear the Turn off System Restore check box. Or, click the Turn off System Restore on all drives check box.
4. Click OK.
Windows Vista:
1) Type system into the start menu search box, and pick the 4th item down, just labeled "System". (You could also right-click the computer icon and choose properties)
2)Now click the System protection link
3)Once you uncheck the drive, click the "Turn System Restore Off" button
4)To enable repeat the steps and then check the drive box that you had unchecked before
Step2:Backup Your Stuffs using Safe Mode/Live CD
--------------------------------------------------------
After getting into Safe-Mode or Linux just backup ur data to Pendrive or burn the data to DVDs using linux.
Here's a link that shows how to get into safe Mode
Code:
http://www.pchell.com/support/safemode.shtml
Backup using live CD
Code:
http://www.howtogeek.com/howto/windows-vista/use-ubuntu-live-cd-to-backup-files-from-your-dead-windows-computer/
Just use google to know more about live CD and safe mode.
Step3:Remove the Spyware/Virus:
----------------------------------
If you can start Windows and can get to desktop install and run this FREEWARE:
Hijackthis,
SuperAntiSpyware,
Spybot Search and Destroy,
Ad Aware 2008,
McAfee Stinger,
Spyware Terminator,
and Malwarebytes Antispyware.
Also some good other freeware programs you should get; CCleaner, Glary Utilities and Advance WindowsCare Personal. Run one program at a time, or if your computer is fast run two at same time.
Some freeware kits are also available try getting them using google search
Code:
http://www.freebyte.com/anti-spyware/
Try reading these articles:
Code:
http://www.codinghorror.com/blog/archives/000888.html
http://forums.majorgeeks.com/showthread.php?t=35
Step4:Research on the spyware/virus -{search n Destroy}
---------------------------------------------------------------
After u run Hijackthis ...open the log file
Boot to safe mode(with networking) or boot to a linux os if u have n connect to internet (or if u can't goto some other pc with internet with ur log file in pendrive)
Goto
Code:
http://hijackthis.de/
That site will tell you what to delete using Hijackthis. When you’re going to delete something that gets picked up as nasty or virus. Make sure you go into google and look up that .exe files, it could be graphics driver or printer driver. Hijackthis picks up my Lexmark driver as a possible bad file but its not. So be sure you know what your deleting cuz Hijackthis deletes them and it wont bring them back if you make errors. If you’re unsure about your log save it and go to Helpdesk section and post it.
Manual Method:
Try even googling about the processes running in background(usually shown in taskmanager)in normal windows mode.Search for these files in safemode and delete them.Or using a live cd-mount ur drive-delete the suspicious files.But be careful using manual methods.Don't delete any system files.Try googling first abt the files u doubt-then get ot know abt it-then proceed.This method is not recommende for newbies of windows.
Step5:Try Some Online Scanner
---------------------------------
Once you think you have cleaned your PC, restart normally if things seem fine then go to this links they are free online virus scanners!! Run one by one till you know you’re clean for sure. If one of them comes with virus result, write down its directory and name of it.Then try googlingabt the virus n procedure to remove it.
For FULL computer scan:
Code:
Trend Micro Online Scanner
http://housecall.trendmicro.com/
Panda Security Online Scanner
http://www.pandasecurity.com/homeusers/solutions/activescan/
Kaspersky Online Scanner
http://www.kaspersky.com/virusscanner
McAFee Online Scanner
http://us.mcafee.com/root/mfs/default.asp
BitDefender Online Scanner
http://www.bitdefender.com/scan8/ie.html
Windows Live OneCare Scanner and Spyware remover
http://onecare.live.com/site/en-us/default.htm
F-Secure Scanner and Spyware remover
http://support.f-secure.com/enu/home/ols.shtml
ESET Online Scanner
http://www.eset.com/onlinescan/
EWIDO Online Scanner
http://www.ewido.net/en/onlinescan/
For SINGLE file scan:
Code:
www.virustotal.com
http://virusscan.jotti.org/
http://www.viruschief.com/
Step6:Try finding any residues
----------------------------------
Install CCleaner if you haven’t already and use it to delete temporary files. It can also scan and delete obsolete registry keys. After you have done install Glary Utilities and run it. That program is pretty good and will even scan for spyware too. It will get rid of your junk and speed up your computer. You can also run Advanced WindowsCare Personal which is similar to Glary Utilities in case some junk is left behind.
They are useful programs like CCleaner I use it to remove 1 or 2GB's weekly. Imagine if you never run it? You probably can gain more space!!! Using the other two programs that delete registry keys that are obsoletes can be risky sometimes so before you decide to just go along with what the program says is junk make a back up of your Registry!!
To make back up of registry go to RUN, type REGEDIT and then click File and then Export. Make sure you save it someplace where you can recover it. Then go ahead and scan with those utility programs they really do make a difference and will help you gain performance back.
Step7:Have a Proper Defense
----------------------------------
As you know there are lots of free AntiVirus,AntiSpyware and Firewalls available.
If Your are frequent Internet user-I recommend a combination of
Firewall+Antivirus+Antispyware/Malware.
Eg:Comodo Firewall+AVG8 FREE,etc
whatever matches ur performace and likings.
Code:
http://www.pcmag.com/article2/0,1895,2090808,00.asp
I also recommend Sysinternal suite-To monitor system activity
Code:
http://technet.microsoft.com/en-us/sysinternals/
Remove Viruses in Windows using Freewares
Linear Mode
