Remove Virus Without Any Antivirus
Hello friends,
Well i am in a mood to wirte somthing about detecting a virus and to delete it without antivirus.
I am gonna tell you about basic virus come through external drive or some virus already executed in your system.
Sometimes its really annoying when you want to scan your pen drive and your antivirus tell you 3 hours left or one day left. so you can apply some basic tricks first then scan with your antivirus.
First of all always disable autorun, you can do it from group policy option or from registry or some hady registry files are there to do it with ease ( "Kulverstukas" have posted it before.)
or if you don't want to do so then you can hold shift on your keybord while you are connecting your external drive to your system. By holding shift your external drive will not be automatically executed.
Now second most important thing to remeber is to remove tick from
"hide extension of file" in folder option" means you should always know that what is the extension of file that you are accessing.
then select check box "show hidden files" and remove tick mark from "hide system files". now a days most of the virus have attribute of hidden and system, so you better check that option
in XP (tools-->folder option-->view)
in newer (organize-->folder option-->view)
thus you will be able to see hidden files.
and if system files are getting annoying for you then just do it when you connect your drive, otherwise undo it.
This will help you if virus is not executed in your system. if your system is already affected then may be that option won't work, i mean it will be reset everytime automatically. (we will talk about it later)
First we will see when your system is still safe.
Now what you can do if your system is Alreay Effected.
Well there is many thing you can do to make it good from worst.
So there are many kind of effection, like
So here are some steps that you can try
1) start system in safe mode. (work in most cases)
2) if safe mode isn't working then try to use safe mode with cmd prompt.
3) create a new user and check in that new user account if cmd can be open or not.
4) always keep some software (like tune up) from which you can check date of any
service created
use one of them and start cmd any how, if its not working then tell me situation ill help you.
now, after you are able to start them.
Lets talk about diffrent problem
some times a problem arise, that you can't open anything. everything get opened in media player or notpad or office, or something else.
even in safe mode you can't open any exe file.
what will you do then?
don't worry, mostly this type of virus only attack specific user. you can repair this by creating a new user. control panel and user account won't work in this case.
Well i am in a mood to wirte somthing about detecting a virus and to delete it without antivirus.
I am gonna tell you about basic virus come through external drive or some virus already executed in your system.
Sometimes its really annoying when you want to scan your pen drive and your antivirus tell you 3 hours left or one day left. so you can apply some basic tricks first then scan with your antivirus.
First of all always disable autorun, you can do it from group policy option or from registry or some hady registry files are there to do it with ease ( "Kulverstukas" have posted it before.)
or if you don't want to do so then you can hold shift on your keybord while you are connecting your external drive to your system. By holding shift your external drive will not be automatically executed.
Now second most important thing to remeber is to remove tick from
"hide extension of file" in folder option" means you should always know that what is the extension of file that you are accessing.
then select check box "show hidden files" and remove tick mark from "hide system files". now a days most of the virus have attribute of hidden and system, so you better check that option
in XP (tools-->folder option-->view)
in newer (organize-->folder option-->view)
thus you will be able to see hidden files.
and if system files are getting annoying for you then just do it when you connect your drive, otherwise undo it.
This will help you if virus is not executed in your system. if your system is already affected then may be that option won't work, i mean it will be reset everytime automatically. (we will talk about it later)
First we will see when your system is still safe.
- so if your pen drive is affected then probably there is a autorun.inf file with hidden and system attribute. try to delete it normaly if its get deleted then it will be easy, and if not then go to its properties and uncheck hidden and read only,
- then open it in notpad and remove everything and save it, or just delete file. if still not working or error occured that access denied or read only file.
- then close file and start CMD
- now go to your drive (suppose its m then)
- c:\user\xxx> m:
- m:\>
- m:\>attrib -h -s -r "autorun.inf" (h for hidden, s for system and, r for read only)
- m:\>del "autorun.inf"
- now delete all the suspicious file in drive like folder with .exe extention or any suspicious file like 67kb or 128kb or 2kb... any file which you found suspicious can be deleted after you delete autorun.inf file.
Now what you can do if your system is Alreay Effected.
Well there is many thing you can do to make it good from worst.
So there are many kind of effection, like
- cmd (not able to start)
- task manager (not able to start
- folder option (get reset everytime)
- registry (not able to start)
- msconfig (not able to start)
- antivirus (not detecting virus--> probably out of date or installed after virus system affected, or virus is not in antivirus database entry or virus activity is diffrent then antivirus activity rule)
So here are some steps that you can try
1) start system in safe mode. (work in most cases)
2) if safe mode isn't working then try to use safe mode with cmd prompt.
3) create a new user and check in that new user account if cmd can be open or not.
4) always keep some software (like tune up) from which you can check date of any
service created
use one of them and start cmd any how, if its not working then tell me situation ill help you.
now, after you are able to start them.
- first start task manager and end all suspicious services.
- then end explorer.exe also
- now from new task start msconfig.
- now in msconfig go to service tab and uncheck any suspicious or unwanted service.you can guess by manufacture or by thinking that did you have installed something releted to that service or not.
- now go to startup tab.check for service which look unknown or cross check with tune up ( on which date service is created) or any service that you can say its virus.
- now check location of that service from where it is started, you can find location within startup tab under COMMAND.. it will show you the path of the file
- now again open cmd..
- go to that location..
- change attribute of the file..( as i shown above)
- then DELETE it
Lets talk about diffrent problem
some times a problem arise, that you can't open anything. everything get opened in media player or notpad or office, or something else.
even in safe mode you can't open any exe file.
what will you do then?
don't worry, mostly this type of virus only attack specific user. you can repair this by creating a new user. control panel and user account won't work in this case.
- just go to manage (my computer--> right click--> manage)
- now local use and group--> user--> right click in blanck space and select create user
- put user in administrator group.
- now logoff and login to new user.
- WOW its repaired