Wednesday 22 June 2011

Some Important Steps To Remove Virus Manually From Your Computer

Some Important Steps To Remove Virus Manually From Your Computer


Here I am going to discuss how to remove virus manually from your computer . Some time your computer behave just like old two wheeler which has a defected engine, takes more time to start, can’t take loads. The same symptoms are seen in your computer. For your computer, the possible reason to slow down it is Virus like trojan, newfolder.exe, ravmon.exe, smss.exe etc (read also re-enable windows taskmgr disabled by administrator). Some time the Antivirus Live viruses also infect your computer.

Then what you will do if You have no Internet connection available in your PC then you can’t update regularly your anti virus?You can still throw out your headache and remove the virus manually.

How will you determine if your computer is virus infected or not?

The general symptom of virus infections are


Your Task Manager is disabled.When you want to open it then the message “Task Manager has been disabled by your administrator” appears.

Disabled Registry Editor:If you are trying to run “regedit” command the message “Registry editing has been disabled by your administrator” appears.

Disabled Command Prompt:“The command prompt has been disabled by your administrator. Press any key to continue”.

Some time the CPU usage jumps to 50% even though you have no application open.
The drives in my computer does not open by double click.

Automatic Shut down.

Computer becomes slower.

The hidden files can not be showing .as the Folder Option will be disappear.

Solution to remove the viruses manually

To remove the viruses manually, you have to recognize them first.

You can view the suspicious processes active and their CPU usage in Task manager and can identify the virus for which it is occurring. But your Task manager is disabled. So you can use Process Explorer as a task manager alternative. It is portable and free version,You can store it in you USB Flash Drive. Download Process Explorer.

It is not possible to make changes at all without registry editing. But it is disabled for you.You can use lternative Registry Editor “Regalyzer” Developed by the famous author of SpyBot. Download RegAlyzer

To enable the Run command you can use Run dialog replacement v1.0. It is useful for run important command. If you have Process Explorer the it will be needed. Download Run dialog replacement v1.0.

If my computer is virus infected then I will first go to check MSCONFIG.In MSCONFIG you can view all the program that start at the boot up of your system.The virus developer are much aware of it and so they delete the MSCONFIG.exe files from your system or change the reference of it.If you type MSCONFIG in ‘”Run” you should get the message “Windows cannot find ‘msconfig’.Autoruns is a suitable alternative of MSCONFIG. Download Autoruns.

5.Most virus are .exe hidden files and you can not see them because the folder option where you may change the file view option,is disabled.The best free file manager in vision is FreeCommander.It is a powerful tool which shows all the hidden files. Download FreeCommander

Process Terminating

Install Process explorer.Run it from Start Menu.

Now follow the instruction.


After collapsing:


procexp.exe is a Explorer’s own process.

if you view a process like winlogon.exe in explorer tree then it is surely a virus.

If any suspicious process are seen then Right click on it and then properties.From the field “Path “ copy the path and open Run Dialogue box and paste there.Now terminate the suspicious process from Process Explorer.

How to delete the suspicious files

To delete the suspicious files go to Start Menu->7-ZIP->7-ZIP FILE MANAGER .

It will show all the hidden files and go to the root path of every drive.

File Deletion

The second step is deleting files. If you have installed powerexe, Start Menu–> 7-ZIP–> 7-ZIP File Manager which will show you all hidden files and go through the root path of every drive.


Delete the .exe files and autorun.inf like ravmon.exe,smss.exe,newfloder.exe

But don’t delete the following files:

autoexec.bat, boot.ini, bootmgr,config.sys, io.sys, msdos.sys, ntdetect.com, pagefile.sys,ntldr, hiberfil.sys

Remove the start up entries

Open Autoruns by typing autoruns in the Run Dialogue. Wait while refreshing completes.

In the Options –> Hide Microsoft Entries.Click Refresh button on the interface OR Close the program and start again


After scanning completes select Logon tab and uncheck all the entries be sure do not un select any Microsoft Entry.Restart system for the changes to take effect.

That is how to remove a virus manually from your computer.

If any problem arises please contact us.

No comments:

Post a Comment

VMware Cloud Learning Video's

Here is a nice summary list of all VMworld US 2018 Breakout session with the respective video playback & download URLs. Enjoy! Bra...