Manually removing any kind of viruses

Read this tutorial if u want to remove a virus not detected by antivirus software or if u want to be an amateur malware researcher. The tutorial may not be that good, i hadn’t much time to go in more details.


Start->Run->type cmd

In each drive type attrib /s /d it will display the list of all files in that drive along with folders. concentrate on files having SHR attribute. Normally virus files have two characteristics 1.SHR attribute 2.Queer name like amvo.exe,r6r.exe,autorun.inf etc. Note: Some system files also have this attribute like MSDOS.SYS, IO.SYS etc. So before you delete googling about that file will help. To delete these files type c:\>del /f /s /a >> + To view the content of files with .inf, .vbs, .c etc. i.e files which are not batch files or executables. go to explorer and then go to the required drive or folder and type the filename with extension. It will open up in notepad. + There is another method. Go to the required location and type attrib -s -h -r filename then use gui to see that hidden file. if it is not an exe or .bat then just open it with notepad. Here you will get some information like a file name or a registry key which the virus affects or a startup item or process. Change this or uncheck the startup.

+ If the file is not deleted like it says “access denied” it means it already used by some process. open task manager and find a process of the same name or some process which is not a valid windows process(better google) and end that process.

+ If it’s not found then open msconfig go to startup tab and look at it. If a startup items seems queer (u wil have this feeling if you’re not experienced windows user otherwise all data startup items may seem queer.) uncheck that. You may also learn about the startup item by googling. after unchecking restart the computer.

This method is effective in removing some spywares or some small but annoying very like maskrider etc. which are sometimes not detected by antivirus softwares.

You can leave a response, or trackback from your own site.

Leave a Reply