How can we detect a virus manually?

Guys Is there any way to detect a virus and remove it manually instead of using antivirus and format the system ?๐Ÿ˜‰

Replies

  • Kaustubh Katdare
    Kaustubh Katdare
    In most of the cases, one can detect a virus only when there's a suspicious/unwanted/unexpected activity on the system. In order to detect the infected files; one needs to have a thorough knowledge of the virus/malware behavior and how it corrupts the system.
  • Gurjeet Singh
    Gurjeet Singh
    In order to detect virus manually ,we get to know ,if system performance is down ,drives are opening in new window or many similar type of unwanted process .there may be some backend process is running .so we can detect it and also from the command prompt we use attrib command to show hidden files and check whether they are other dfrom system files.
  • ankesh.cs2007
    ankesh.cs2007
    virus generally start when your window starts.
    in windows xp/vista/7 there is a trick.
    go to run type regedit.
    goto key current_user/software/Microsoft/windows/current version/run.
    now delete the unwanted programs in the right side of panel.
  • ankesh.cs2007
    ankesh.cs2007
    or you can type in run....
    msconfig
    goto startup tab and anti-check the unwanted programs
    this will certainly remove your virus up to certain limit..........................................
  • optimystix
    optimystix
    the msconfig is a better option ankesh but the regedit should be avoided unless the person has made backup of the registry or knows how to play with it
  • Kaustubh Katdare
    Kaustubh Katdare
    @Ankesh: Could you explain a bit in more detail about how to identify the keys for deletion?
  • Manish Goyal
    Manish Goyal
    I know one tip:-How can we detect presence of trozan in computer?

    Got to MY Computer->tools ->If there is no option of folder option it means your computer is under trozan attack
  • ramana_slv
    ramana_slv
    using winrar software we can findout the any type of virus easily and also remove through winrar.
  • Sahithi Pallavi
    Sahithi Pallavi
    ramana_slv
    using winrar software we can findout the any type of virus easily and also remove through winrar.
    How is this possible Ramana. Can you tell us. ๐Ÿ˜€
  • Manish Goyal
    Manish Goyal
    yes ramana can you please explain it ?
  • nik.2190
    nik.2190
    shud we disable all programs tht's wht is anti checking?????
  • optimystix
    optimystix
    running anything from explorer(ie normal windows operation) is risky as it tends to activate files such as bat , ini, inf etc.

    thus using Winrar(or any other 3rd party appln that has feature to browse over files- will get it through open option) . Just click on ADD, then a small window will open. Browse over to that file which you think is malicious and then delete it by right clicking on it. Sometimes this thing can be done using notepad too(using file-open-browse and delete). if you are unable to delete it then open task manager, kill the process explorer and now perform the same operation.


    this prevents the malicious ware from getting activated.

    but this technique is for small, useless malwares. tougher malwares get attached to registry hives and system processes and handles that are not visible even in task manager. Another technique is to be used there while dealing with such tougher malwares.
  • ankesh.cs2007
    ankesh.cs2007
    @@the_big_k you can simply delete keys by the by pop up menu appears after right clicking on the key.
  • Kaustubh Katdare
    Kaustubh Katdare
    ankesh.cs2007
    @@the_big_k you can simply delete keys by the by pop up menu appears after right clicking on the key.
    Right. My question is how can one identify the keys that can be safely deleted without affecting the system?
  • ankesh.cs2007
    ankesh.cs2007
    if your regedit has been disabled by any virus, so in that case write in run gpedit.msc.
    go to key user configuration/system (simply click on system don't open).
    on the right side you will find "prevent access to registry editing tool"
    double click on that and make it disabled.
    NOW YOUR REGEDIT WILL WORK.
    0_0
    @
  • ankesh.cs2007
    ankesh.cs2007
    in run you will only find keys of program not system keys.
    if by chance all keys are deleted it will not affect functioning of your system nor program.....................
  • optimystix
    optimystix
    yes ankesh but that does not mean we can simply keep deleting any registry keys without knowing what they are.

    and more over just deleting the run entries doesnt mean the malware is gone! most of them will re associate the keys as soon as as the computer is restarted or even if explorer is refreshed. the malware itself needs to be removed and your method of removing the run entries doesn't do that.

    it will only do what unchecking in msconfig>startup does. deleting the main malware file is important.



    and talking about how to know which keys are the ones that need to be removed, follow the names of keys entered. If they look suspicious(standard names will have standard key entries) , one may google these out and verify before deleting.
    A little experience dealing with these and a person can tell just by looking..

    instead of going for all this headache its better to simply do it from msconfig. this method is ok if msconfig itself has been disabled by the malware. in that case, one can edit start up entries using using Ccleaner before deleting the malware file itself.
  • Ashraf HZ
    Ashraf HZ
    optimystix
    and more over just deleting the run entries doesnt mean the malware is gone! most of them will re associate the keys as soon as as the computer is restarted or even if explorer is refreshed. the malware itself needs to be removed and your method of removing the run entries doesn't do that.
    Has anyone tried using BartPE to edit the registry offline (aka during booting)?
  • ankesh.cs2007
    ankesh.cs2007
    yes deleting the malware is too important. follow the address specified in msconfig or regedit and delete the specified file.
  • ramana_slv
    ramana_slv
    sahithi pallavi
    How is this possible Ramana. Can you tell us. ๐Ÿ˜€
    using winrar we can remove the virus manually .

    open any folder files or any drive files using winrar then we can observe invisible files also in these file whic file are your files are we know remaing files delete thisis the way to find the to remove virus manually.


    example: take pendrive and it is placed in virus existed system then now that pendrive placed in anthoher anti virus existed system then the anti virus can remove some viruses only at that time we are open that pendrive through winrar we can viruses also then remove easily.
  • sbscetferozpur
    sbscetferozpur
    we can delete it manully by registry editing...
    normally viruses are attached to start up files.
    find the stat up files and navigate to those files folder in hkey current user/ software / microsoft
    and delete the unwanted files in that.....
  • sbscetferozpur
    sbscetferozpur
    normally winrar files are not affect by most of the viruses
  • optimystix
    optimystix
    sbscetferozpur
    we can delete it manully by registry editing...
    normally viruses are attached to start up files.
    find the stat up files and navigate to those files folder in hkey current user/ software / microsoft
    and delete the unwanted files in that.....
    i dont understand what with u guys!

    why dont u understand that deleting the registry keys DO NOT remove the virus itself. most viruses can reassign new keys upon restart. these malwares need to be deleted totally from the system to stop their malicious activity.
  • optimystix
    optimystix
    sbscetferozpur
    normally winrar files are not affect by most of the viruses
    sality, brontok, parite among others can easily infect winrar.exe.
  • ashish goyal
    ashish goyal
    how can we findout viruse using winrar. plz explain it
  • Manish Goyal
    Manish Goyal
    @ ashish :-If you read previous posts then it clearly shows that you can remove a virus safely using win-rar but i don't think so that we can also detect virus .
  • ramana_slv
    ramana_slv
    Open any folder or any drive in winrar. Then we can observe which files are your files and which files are not yours files. Which files are not your files that files may be virus. It is possible only some case.


    requset:I don't no english very well please understand my words please.......
  • Alonealiz
    Alonealiz
    Hey is it possible?If so plz send me the process.
    I will be greatful to u.
  • Manish Goyal
    Manish Goyal
    Alonealiz
    Hey is it possible?If so plz send me the process.
    I will be greatful to u.
    hey what process?Go through all the posts.i hope you will get whatever your want ๐Ÿ˜€
  • Sahithi Pallavi
    Sahithi Pallavi
    ramana_slv
    Open any folder or any drive in winrar. Then we can observe which files are your files and which files are not yours files. Which files are not your files that files may be virus. It is possible only some case.


    requset:I don't no english very well please understand my words please.......
    Does it works? Can we remove any kind of virus by using this method? Any updates are required for winrar? If not then how can the new viruses will remove?
  • ramana_slv
    ramana_slv
    no updates required to winrar to delete new virus.
  • paritoshvn
    paritoshvn
    Hallo every body, virus can be detected manually by linux OS.
  • husi8400
    husi8400
    first and foremost thing to do, even before u think abt removing a virus manually is tht
    1.)u need disable autorun of all drives by going to group policy editor (start-run-gpedit.msc)....P.S. group policy editor is not available in vista.
    2.) always keep all hidden n protected system files visible
    3.) never double click and open any removable media directly since most of the viruses travel through removable media nw a days...always rght click n explore...
    4.)and please use a registered version of antivirus and dont go for useless free versions...
  • husi8400
    husi8400
    and one more thing always open the hidden autorun file n see which file.exe it points towards and then delete tht file
    do this only if u r familiar with hoe virus work else it might prove to be harmful to u in one way or another...
  • optimystix
    optimystix
    husi8400
    4.)and please use a registered version of antivirus and dont go for useless free versions...
    u mean to say, Norton is better than Avast/Avg/Avira ?? or is your McAfee better ??

    Avira has been getting the highest detection rate since past 2-3 years. Avast had the fastest scan engine.
    Even the good Kaspersky has been getting low rating for past few quarters.

    No AV is good or bad. No one can stay on top all the time. Like they say, 'every dog has its day'. It is always good to look at the latest ratings before deciding on which one to use. Also, not all people can afford these costly software. It is better to use authorized free versions than use pirated software. Do not use impudent remarks so carelessly. being a engineer, it is wise to research a little and then make assumptions.

You are reading an archived discussion.

Related Posts

This may helpful to every one........ ๐Ÿ˜› https://www.easy-share.com/o/4625086
It was the end of the school year, and a kindergarten teacher was receiving gifts from her pupils. The florist's son handed her a gift. She shook it, held it...
This workshop is for entrepreneurs and startups to learn the fundamentals of marketing required to make a business plan and gives orientation on the various aspects related to entrepreneurship. Session...
we are doing the project on online business card, we have a query regarding the project. we have displayed the samples of the business card on the page after clicking...
CEans, We've recently upgraded CE to sport new design and few new cool updates. I wish to know how many of you have gotten used to the new design? How...