Check this Post to fasilitate you work:
http://gstek.blogspot.com/2009/08/online-service-for-checking-virus.html
and http://gstek.info/forum/index.php?topic=345.msg3098#msg3098
Begginning of tut:
Start->Run->type cmd
in each drive type attrib /s /d it will display the list of all files in that drive along with folders.concntrate on files having SHR attribute.normally virus files have two characteristics
1.SHR attribute
2.Queer name like amvo.exe,r6r.exe,autorun.inf etc.
Note:some system files also have this attribute like MSDOS.SYS,IO.SYS etc so before deleting googling about that file will help.
to delete these files type c:\>del /f /s /a <filename with extension>
>> to view the content of files with .inf,.vbs,.c etc i.e files which r not batch files or executables.goto explorer n then goto the required drive or folder n type the filename with extension it wil open up in notepad.
>>there is another method also.goto the required location n type attrib -s -h -r filename
then use gui to see that hiiden file.if it is not n exe or .bat or then open it with notepad.Here you will get some information like a file name or a registry key which the virus affects or a startup item or process.Change this or uncheck the startup.
if file is not deleted like it says access denied it means it already used by some process.open task manager n find a process of the same name or some process which is not a valid windows process(better google) n end that process.
if not found open msconfig goto statrup tab n look at if a startup items seems queer(u wil have this feeling if u r n experienced windows user otherwise all da startup items may seem queer.)uncheck that.u may also learn about da startup item by googling.after unchecking restart the computer then restart the computer.
This method is effective in removing some spywares or some small but annoying virii like maskrider etc. which r sometimes not detected by antivirus softwares.
If u want to learn more u want read a more explicit tut then u may read my tut on maskrider removal here in this sextion
http://gstek.blogspot.com/2009/08/online-service-for-checking-virus.html
and http://gstek.info/forum/index.php?topic=345.msg3098#msg3098
Begginning of tut:
Start->Run->type cmd
in each drive type attrib /s /d it will display the list of all files in that drive along with folders.concntrate on files having SHR attribute.normally virus files have two characteristics
1.SHR attribute
2.Queer name like amvo.exe,r6r.exe,autorun.inf etc.
Note:some system files also have this attribute like MSDOS.SYS,IO.SYS etc so before deleting googling about that file will help.
to delete these files type c:\>del /f /s /a <filename with extension>
>> to view the content of files with .inf,.vbs,.c etc i.e files which r not batch files or executables.goto explorer n then goto the required drive or folder n type the filename with extension it wil open up in notepad.
>>there is another method also.goto the required location n type attrib -s -h -r filename
then use gui to see that hiiden file.if it is not n exe or .bat or then open it with notepad.Here you will get some information like a file name or a registry key which the virus affects or a startup item or process.Change this or uncheck the startup.
if file is not deleted like it says access denied it means it already used by some process.open task manager n find a process of the same name or some process which is not a valid windows process(better google) n end that process.
if not found open msconfig goto statrup tab n look at if a startup items seems queer(u wil have this feeling if u r n experienced windows user otherwise all da startup items may seem queer.)uncheck that.u may also learn about da startup item by googling.after unchecking restart the computer then restart the computer.
This method is effective in removing some spywares or some small but annoying virii like maskrider etc. which r sometimes not detected by antivirus softwares.
If u want to learn more u want read a more explicit tut then u may read my tut on maskrider removal here in this sextion
0 comments
Post a Comment