How can we detect a virus manually?
Guys Is there any way to detect a virus and remove it manually instead of using antivirus and format the system ?๐
Replies
-
Kaustubh KatdareIn most of the cases, one can detect a virus only when there's a suspicious/unwanted/unexpected activity on the system. In order to detect the infected files; one needs to have a thorough knowledge of the virus/malware behavior and how it corrupts the system.
-
Gurjeet SinghIn order to detect virus manually ,we get to know ,if system performance is down ,drives are opening in new window or many similar type of unwanted process .there may be some backend process is running .so we can detect it and also from the command prompt we use attrib command to show hidden files and check whether they are other dfrom system files.
-
ankesh.cs2007virus generally start when your window starts.
in windows xp/vista/7 there is a trick.
go to run type regedit.
goto key current_user/software/Microsoft/windows/current version/run.
now delete the unwanted programs in the right side of panel. -
ankesh.cs2007or you can type in run....
msconfig
goto startup tab and anti-check the unwanted programs
this will certainly remove your virus up to certain limit.......................................... -
optimystixthe msconfig is a better option ankesh but the regedit should be avoided unless the person has made backup of the registry or knows how to play with it
-
Kaustubh Katdare@Ankesh: Could you explain a bit in more detail about how to identify the keys for deletion?
-
Manish GoyalI know one tip:-How can we detect presence of trozan in computer?
Got to MY Computer->tools ->If there is no option of folder option it means your computer is under trozan attack -
ramana_slvusing winrar software we can findout the any type of virus easily and also remove through winrar.
-
Sahithi Pallavi
How is this possible Ramana. Can you tell us. ๐ramana_slvusing winrar software we can findout the any type of virus easily and also remove through winrar. -
Manish Goyalyes ramana can you please explain it ?
-
nik.2190shud we disable all programs tht's wht is anti checking?????
-
optimystixrunning anything from explorer(ie normal windows operation) is risky as it tends to activate files such as bat , ini, inf etc.
thus using Winrar(or any other 3rd party appln that has feature to browse over files- will get it through open option) . Just click on ADD, then a small window will open. Browse over to that file which you think is malicious and then delete it by right clicking on it. Sometimes this thing can be done using notepad too(using file-open-browse and delete). if you are unable to delete it then open task manager, kill the process explorer and now perform the same operation.
this prevents the malicious ware from getting activated.
but this technique is for small, useless malwares. tougher malwares get attached to registry hives and system processes and handles that are not visible even in task manager. Another technique is to be used there while dealing with such tougher malwares. -
ankesh.cs2007@@the_big_k you can simply delete keys by the by pop up menu appears after right clicking on the key.
-
Kaustubh Katdare
Right. My question is how can one identify the keys that can be safely deleted without affecting the system?ankesh.cs2007@@the_big_k you can simply delete keys by the by pop up menu appears after right clicking on the key. -
ankesh.cs2007if your regedit has been disabled by any virus, so in that case write in run gpedit.msc.
go to key user configuration/system (simply click on system don't open).
on the right side you will find "prevent access to registry editing tool"
double click on that and make it disabled.
NOW YOUR REGEDIT WILL WORK.
0_0
@ -
ankesh.cs2007in run you will only find keys of program not system keys.
if by chance all keys are deleted it will not affect functioning of your system nor program..................... -
optimystixyes ankesh but that does not mean we can simply keep deleting any registry keys without knowing what they are.
and more over just deleting the run entries doesnt mean the malware is gone! most of them will re associate the keys as soon as as the computer is restarted or even if explorer is refreshed. the malware itself needs to be removed and your method of removing the run entries doesn't do that.
it will only do what unchecking in msconfig>startup does. deleting the main malware file is important.
and talking about how to know which keys are the ones that need to be removed, follow the names of keys entered. If they look suspicious(standard names will have standard key entries) , one may google these out and verify before deleting.
A little experience dealing with these and a person can tell just by looking..
instead of going for all this headache its better to simply do it from msconfig. this method is ok if msconfig itself has been disabled by the malware. in that case, one can edit start up entries using using Ccleaner before deleting the malware file itself. -
Ashraf HZ
Has anyone tried using BartPE to edit the registry offline (aka during booting)?optimystixand more over just deleting the run entries doesnt mean the malware is gone! most of them will re associate the keys as soon as as the computer is restarted or even if explorer is refreshed. the malware itself needs to be removed and your method of removing the run entries doesn't do that. -
ankesh.cs2007yes deleting the malware is too important. follow the address specified in msconfig or regedit and delete the specified file.
-
ramana_slv
using winrar we can remove the virus manually .sahithi pallaviHow is this possible Ramana. Can you tell us. ๐
open any folder files or any drive files using winrar then we can observe invisible files also in these file whic file are your files are we know remaing files delete thisis the way to find the to remove virus manually.
example: take pendrive and it is placed in virus existed system then now that pendrive placed in anthoher anti virus existed system then the anti virus can remove some viruses only at that time we are open that pendrive through winrar we can viruses also then remove easily. -
sbscetferozpurwe can delete it manully by registry editing...
normally viruses are attached to start up files.
find the stat up files and navigate to those files folder in hkey current user/ software / microsoft
and delete the unwanted files in that..... -
sbscetferozpurnormally winrar files are not affect by most of the viruses
-
optimystix
i dont understand what with u guys!sbscetferozpurwe can delete it manully by registry editing...
normally viruses are attached to start up files.
find the stat up files and navigate to those files folder in hkey current user/ software / microsoft
and delete the unwanted files in that.....
why dont u understand that deleting the registry keys DO NOT remove the virus itself. most viruses can reassign new keys upon restart. these malwares need to be deleted totally from the system to stop their malicious activity. -
optimystix
sality, brontok, parite among others can easily infect winrar.exe.sbscetferozpurnormally winrar files are not affect by most of the viruses -
ashish goyalhow can we findout viruse using winrar. plz explain it
-
Manish Goyal@ ashish :-If you read previous posts then it clearly shows that you can remove a virus safely using win-rar but i don't think so that we can also detect virus .
-
ramana_slvOpen any folder or any drive in winrar. Then we can observe which files are your files and which files are not yours files. Which files are not your files that files may be virus. It is possible only some case.
requset:I don't no english very well please understand my words please....... -
AlonealizHey is it possible?If so plz send me the process.
I will be greatful to u. -
Manish Goyal
hey what process?Go through all the posts.i hope you will get whatever your want ๐AlonealizHey is it possible?If so plz send me the process.
I will be greatful to u. -
Sahithi Pallavi
Does it works? Can we remove any kind of virus by using this method? Any updates are required for winrar? If not then how can the new viruses will remove?ramana_slvOpen any folder or any drive in winrar. Then we can observe which files are your files and which files are not yours files. Which files are not your files that files may be virus. It is possible only some case.
requset:I don't no english very well please understand my words please....... -
ramana_slvno updates required to winrar to delete new virus.
-
paritoshvnHallo every body, virus can be detected manually by linux OS.
-
husi8400first and foremost thing to do, even before u think abt removing a virus manually is tht
1.)u need disable autorun of all drives by going to group policy editor (start-run-gpedit.msc)....P.S. group policy editor is not available in vista.
2.) always keep all hidden n protected system files visible
3.) never double click and open any removable media directly since most of the viruses travel through removable media nw a days...always rght click n explore...
4.)and please use a registered version of antivirus and dont go for useless free versions... -
husi8400and one more thing always open the hidden autorun file n see which file.exe it points towards and then delete tht file
do this only if u r familiar with hoe virus work else it might prove to be harmful to u in one way or another... -
optimystix
u mean to say, Norton is better than Avast/Avg/Avira ?? or is your McAfee better ??husi84004.)and please use a registered version of antivirus and dont go for useless free versions...
Avira has been getting the highest detection rate since past 2-3 years. Avast had the fastest scan engine.
Even the good Kaspersky has been getting low rating for past few quarters.
No AV is good or bad. No one can stay on top all the time. Like they say, 'every dog has its day'. It is always good to look at the latest ratings before deciding on which one to use. Also, not all people can afford these costly software. It is better to use authorized free versions than use pirated software. Do not use impudent remarks so carelessly. being a engineer, it is wise to research a little and then make assumptions.
You are reading an archived discussion.
Related Posts
This may helpful to every one........ ๐
https://www.easy-share.com/o/4625086
It was the end of the school year, and a kindergarten teacher was receiving gifts from her pupils.
The florist's son handed her a gift. She shook it, held it...
This workshop is for entrepreneurs and startups to learn the fundamentals of marketing required to make a business plan and gives orientation on the various aspects related to entrepreneurship. Session...
we are doing the project on online business card, we have a query regarding the project.
we have displayed the samples of the business card on the page after clicking...
CEans,
We've recently upgraded CE to sport new design and few new cool updates. I wish to know how many of you have gotten used to the new design? How...