CrazyEngineers
Howdy guest!
Dear guest, you must be logged-in to participate on CrazyEngineers. We would love to have you as a member of our community. Consider creating an account or login.
Replies
  • Kaustubh Katdare

    AdministratorMar 29, 2010

    In most of the cases, one can detect a virus only when there's a suspicious/unwanted/unexpected activity on the system. In order to detect the infected files; one needs to have a thorough knowledge of the virus/malware behavior and how it corrupts the system.
    Are you sure? This action cannot be undone.
    Cancel
  • Gurjeet Singh

    MemberMar 29, 2010

    In order to detect virus manually ,we get to know ,if system performance is down ,drives are opening in new window or many similar type of unwanted process .there may be some backend process is running .so we can detect it and also from the command prompt we use attrib command to show hidden files and check whether they are other dfrom system files.
    Are you sure? This action cannot be undone.
    Cancel
  • ankesh.cs2007

    MemberMar 29, 2010

    virus generally start when your window starts.
    in windows xp/vista/7 there is a trick.
    go to run type regedit.
    goto key current_user/software/Microsoft/windows/current version/run.
    now delete the unwanted programs in the right side of panel.
    Are you sure? This action cannot be undone.
    Cancel
  • ankesh.cs2007

    MemberMar 29, 2010

    or you can type in run....
    msconfig
    goto startup tab and anti-check the unwanted programs
    this will certainly remove your virus up to certain limit..........................................
    Are you sure? This action cannot be undone.
    Cancel
  • optimystix

    MemberMar 29, 2010

    the msconfig is a better option ankesh but the regedit should be avoided unless the person has made backup of the registry or knows how to play with it
    Are you sure? This action cannot be undone.
    Cancel
  • Kaustubh Katdare

    AdministratorMar 29, 2010

    @Ankesh: Could you explain a bit in more detail about how to identify the keys for deletion?
    Are you sure? This action cannot be undone.
    Cancel
  • Manish Goyal

    MemberMar 30, 2010

    I know one tip:-How can we detect presence of trozan in computer?

    Got to MY Computer->tools ->If there is no option of folder option it means your computer is under trozan attack
    Are you sure? This action cannot be undone.
    Cancel
  • ramana_slv

    MemberMar 30, 2010

    using winrar software we can findout the any type of virus easily and also remove through winrar.
    Are you sure? This action cannot be undone.
    Cancel
  • Sahithi Pallavi

    MemberMar 30, 2010

    ramana_slv
    using winrar software we can findout the any type of virus easily and also remove through winrar.
    How is this possible Ramana. Can you tell us. 😀
    Are you sure? This action cannot be undone.
    Cancel
  • Manish Goyal

    MemberMar 30, 2010

    yes ramana can you please explain it ?
    Are you sure? This action cannot be undone.
    Cancel
  • nik.2190

    MemberMar 30, 2010

    shud we disable all programs tht's wht is anti checking?????
    Are you sure? This action cannot be undone.
    Cancel
  • optimystix

    MemberMar 30, 2010

    running anything from explorer(ie normal windows operation) is risky as it tends to activate files such as bat , ini, inf etc.

    thus using Winrar(or any other 3rd party appln that has feature to browse over files- will get it through open option) . Just click on ADD, then a small window will open. Browse over to that file which you think is malicious and then delete it by right clicking on it. Sometimes this thing can be done using notepad too(using file-open-browse and delete). if you are unable to delete it then open task manager, kill the process explorer and now perform the same operation.


    this prevents the malicious ware from getting activated.

    but this technique is for small, useless malwares. tougher malwares get attached to registry hives and system processes and handles that are not visible even in task manager. Another technique is to be used there while dealing with such tougher malwares.
    Are you sure? This action cannot be undone.
    Cancel
  • ankesh.cs2007

    MemberMar 30, 2010

    @@the_big_k you can simply delete keys by the by pop up menu appears after right clicking on the key.
    Are you sure? This action cannot be undone.
    Cancel
  • Kaustubh Katdare

    AdministratorMar 30, 2010

    ankesh.cs2007
    @@the_big_k you can simply delete keys by the by pop up menu appears after right clicking on the key.
    Right. My question is how can one identify the keys that can be safely deleted without affecting the system?
    Are you sure? This action cannot be undone.
    Cancel
  • ankesh.cs2007

    MemberMar 30, 2010

    if your regedit has been disabled by any virus, so in that case write in run gpedit.msc.
    go to key user configuration/system (simply click on system don't open).
    on the right side you will find "prevent access to registry editing tool"
    double click on that and make it disabled.
    NOW YOUR REGEDIT WILL WORK.
    0_0
    @
    Are you sure? This action cannot be undone.
    Cancel
  • ankesh.cs2007

    MemberMar 30, 2010

    in run you will only find keys of program not system keys.
    if by chance all keys are deleted it will not affect functioning of your system nor program.....................
    Are you sure? This action cannot be undone.
    Cancel
  • optimystix

    MemberMar 31, 2010

    yes ankesh but that does not mean we can simply keep deleting any registry keys without knowing what they are.

    and more over just deleting the run entries doesnt mean the malware is gone! most of them will re associate the keys as soon as as the computer is restarted or even if explorer is refreshed. the malware itself needs to be removed and your method of removing the run entries doesn't do that.

    it will only do what unchecking in msconfig>startup does. deleting the main malware file is important.



    and talking about how to know which keys are the ones that need to be removed, follow the names of keys entered. If they look suspicious(standard names will have standard key entries) , one may google these out and verify before deleting.
    A little experience dealing with these and a person can tell just by looking..

    instead of going for all this headache its better to simply do it from msconfig. this method is ok if msconfig itself has been disabled by the malware. in that case, one can edit start up entries using using Ccleaner before deleting the malware file itself.
    Are you sure? This action cannot be undone.
    Cancel
  • Ashraf HZ

    MemberMar 31, 2010

    optimystix
    and more over just deleting the run entries doesnt mean the malware is gone! most of them will re associate the keys as soon as as the computer is restarted or even if explorer is refreshed. the malware itself needs to be removed and your method of removing the run entries doesn't do that.
    Has anyone tried using BartPE to edit the registry offline (aka during booting)?
    Are you sure? This action cannot be undone.
    Cancel
  • ankesh.cs2007

    MemberApr 5, 2010

    yes deleting the malware is too important. follow the address specified in msconfig or regedit and delete the specified file.
    Are you sure? This action cannot be undone.
    Cancel
  • ramana_slv

    MemberApr 6, 2010

    sahithi pallavi
    How is this possible Ramana. Can you tell us. 😀
    using winrar we can remove the virus manually .

    open any folder files or any drive files using winrar then we can observe invisible files also in these file whic file are your files are we know remaing files delete thisis the way to find the to remove virus manually.


    example: take pendrive and it is placed in virus existed system then now that pendrive placed in anthoher anti virus existed system then the anti virus can remove some viruses only at that time we are open that pendrive through winrar we can viruses also then remove easily.
    Are you sure? This action cannot be undone.
    Cancel
  • sbscetferozpur

    MemberApr 8, 2010

    we can delete it manully by registry editing...
    normally viruses are attached to start up files.
    find the stat up files and navigate to those files folder in hkey current user/ software / microsoft
    and delete the unwanted files in that.....
    Are you sure? This action cannot be undone.
    Cancel
  • sbscetferozpur

    MemberApr 8, 2010

    normally winrar files are not affect by most of the viruses
    Are you sure? This action cannot be undone.
    Cancel
  • optimystix

    MemberApr 8, 2010

    sbscetferozpur
    we can delete it manully by registry editing...
    normally viruses are attached to start up files.
    find the stat up files and navigate to those files folder in hkey current user/ software / microsoft
    and delete the unwanted files in that.....
    i dont understand what with u guys!

    why dont u understand that deleting the registry keys DO NOT remove the virus itself. most viruses can reassign new keys upon restart. these malwares need to be deleted totally from the system to stop their malicious activity.
    Are you sure? This action cannot be undone.
    Cancel
  • optimystix

    MemberApr 8, 2010

    sbscetferozpur
    normally winrar files are not affect by most of the viruses
    sality, brontok, parite among others can easily infect winrar.exe.
    Are you sure? This action cannot be undone.
    Cancel
  • ashish goyal

    MemberApr 11, 2010

    how can we findout viruse using winrar. plz explain it
    Are you sure? This action cannot be undone.
    Cancel
  • Manish Goyal

    MemberApr 11, 2010

    @ ashish :-If you read previous posts then it clearly shows that you can remove a virus safely using win-rar but i don't think so that we can also detect virus .
    Are you sure? This action cannot be undone.
    Cancel
  • ramana_slv

    MemberApr 11, 2010

    Open any folder or any drive in winrar. Then we can observe which files are your files and which files are not yours files. Which files are not your files that files may be virus. It is possible only some case.


    requset:I don't no english very well please understand my words please.......
    Are you sure? This action cannot be undone.
    Cancel
  • Alonealiz

    MemberApr 11, 2010

    Hey is it possible?If so plz send me the process.
    I will be greatful to u.
    Are you sure? This action cannot be undone.
    Cancel
  • Manish Goyal

    MemberApr 12, 2010

    Alonealiz
    Hey is it possible?If so plz send me the process.
    I will be greatful to u.
    hey what process?Go through all the posts.i hope you will get whatever your want 😀
    Are you sure? This action cannot be undone.
    Cancel
  • Sahithi Pallavi

    MemberApr 12, 2010

    ramana_slv
    Open any folder or any drive in winrar. Then we can observe which files are your files and which files are not yours files. Which files are not your files that files may be virus. It is possible only some case.


    requset:I don't no english very well please understand my words please.......
    Does it works? Can we remove any kind of virus by using this method? Any updates are required for winrar? If not then how can the new viruses will remove?
    Are you sure? This action cannot be undone.
    Cancel
  • ramana_slv

    MemberApr 15, 2010

    no updates required to winrar to delete new virus.
    Are you sure? This action cannot be undone.
    Cancel
  • paritoshvn

    MemberMay 12, 2010

    Hallo every body, virus can be detected manually by linux OS.
    Are you sure? This action cannot be undone.
    Cancel
  • husi8400

    MemberMay 12, 2010

    first and foremost thing to do, even before u think abt removing a virus manually is tht
    1.)u need disable autorun of all drives by going to group policy editor (start-run-gpedit.msc)....P.S. group policy editor is not available in vista.
    2.) always keep all hidden n protected system files visible
    3.) never double click and open any removable media directly since most of the viruses travel through removable media nw a days...always rght click n explore...
    4.)and please use a registered version of antivirus and dont go for useless free versions...
    Are you sure? This action cannot be undone.
    Cancel
  • husi8400

    MemberMay 12, 2010

    and one more thing always open the hidden autorun file n see which file.exe it points towards and then delete tht file
    do this only if u r familiar with hoe virus work else it might prove to be harmful to u in one way or another...
    Are you sure? This action cannot be undone.
    Cancel
  • optimystix

    MemberMay 12, 2010

    husi8400
    4.)and please use a registered version of antivirus and dont go for useless free versions...
    u mean to say, Norton is better than Avast/Avg/Avira ?? or is your McAfee better ??

    Avira has been getting the highest detection rate since past 2-3 years. Avast had the fastest scan engine.
    Even the good Kaspersky has been getting low rating for past few quarters.

    No AV is good or bad. No one can stay on top all the time. Like they say, 'every dog has its day'. It is always good to look at the latest ratings before deciding on which one to use. Also, not all people can afford these costly software. It is better to use authorized free versions than use pirated software. Do not use impudent remarks so carelessly. being a engineer, it is wise to research a little and then make assumptions.
    Are you sure? This action cannot be undone.
    Cancel
Home Channels Search Login Register