# Remove Viruses in Windows using Freewares



## gopi_vbboy (Nov 5, 2008)

Greets to all digitians,

THIS is a simple tutorial to remove viruses in Windows using freeware tools.Just follow these steps to remove maximum viruses out of ur System at times of attacks.This is tut is not totally my own ideas but a combination of methods i generally know n some collected from different sites n forums.Hope this helps u to recover from viruses in WINDOWS


Step I: Disable System Restore
---------------------------------

*Windows XP: * 

Steps to turn off System Restore  
1. Click Start, right-click My Computer, and then click Properties.  
2. In the System Properties dialog box, click the System Restore tab.  
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box. 
4. Click OK.  
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:  
You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer. 

Steps to turn on System Restore  
1. Click Start, right-click My Computer, and then click Properties.  
2. In the System Properties dialog box, click the System Restore tab.  
3. Click to clear the Turn off System Restore check box. Or, click the Turn off System Restore on all drives check box.  
4. Click OK.  

*Windows Vista: * 
1) Type system into the start menu search box, and pick the 4th item down, just labeled "System". (You could also right-click the computer icon and choose properties) 
2)Now click the System protection link  
3)Once you uncheck the drive, click the "Turn System Restore Off" button  
4)To enable repeat the steps and then check the drive box that you had unchecked before

Step2:Backup Your Stuffs using Safe Mode/Live CD
--------------------------------------------------------
After getting into Safe-Mode or Linux just backup ur data to Pendrive or burn the data to DVDs using linux.

 Here's a link that shows how to get into safe Mode

```
*www.pchell.com/support/safemode.shtml
```
Backup using live CD

```
*www.howtogeek.com/howto/windows-vista/use-ubuntu-live-cd-to-backup-files-from-your-dead-windows-computer/
```
Just use google to know more about live CD and safe mode.



Step3:Remove the Spyware/Virus:
----------------------------------
 
*If you can start Windows and can get to desktop install and run this FREEWARE: 

Hijackthis, 
SuperAntiSpyware,
 Spybot Search and Destroy, 
Ad Aware 2008, 
McAfee Stinger, 
Spyware Terminator, 
and Malwarebytes Antispyware. 

Also some good other freeware programs you should get; CCleaner, Glary Utilities and Advance WindowsCare Personal. Run one program at a time, or if your computer is fast run two at same time. *

Some freeware kits are also available try getting them using google search


```
*www.freebyte.com/anti-spyware/
```
Try reading these articles:

```
*www.codinghorror.com/blog/archives/000888.html
*forums.majorgeeks.com/showthread.php?t=35
```


Step4:Research on the spyware/virus -{search n Destroy}
---------------------------------------------------------------
After u run Hijackthis ...open the log file

Boot to safe mode(with networking) or boot to a linux os if u have n connect to internet (or if u can't goto some other pc with internet with ur log file in pendrive)

Goto


```
*hijackthis.de/
```
That site will tell you what to delete using Hijackthis. When you’re going to delete something that gets picked up as nasty or virus. Make sure you go into google and look up that .exe files, it could be graphics driver or printer driver. Hijackthis picks up my Lexmark driver as a possible bad file but its not. So be sure you know what your deleting cuz Hijackthis deletes them and it wont bring them back if you make errors. If you’re unsure about your log save it and go to Helpdesk section and post it.        


Manual Method:
Try even googling about the processes running in background(usually shown in taskmanager)in normal windows mode.Search for these files in safemode and delete them.Or using a live cd-mount ur drive-delete the suspicious files.But be careful using manual methods.Don't delete any system files.Try googling first abt the files u doubt-then get ot know abt it-then proceed.This method is not recommende for newbies of windows.



```
[URL="*www.thinkdigit.com/forum/member.php?u=57307"]toofan.is.back[/URL] tip:

Otherway:[url]*www.bleepingcomputer.com/combofix/how-to-use-combofix[/url]
```


Step5:Try Some Online Scanner
---------------------------------
*Once you think you have cleaned your PC, restart normally if things seem fine then go to this links they are free online virus scanners!! Run one by one till you know you’re clean for sure. If one of them comes with virus result, write down its directory and name of it.Then try googlingabt the virus n procedure to remove it.


* 
*For FULL computer scan:* 


```
Trend Micro Online Scanner 
*housecall.trendmicro.com/ 
 
Panda Security Online Scanner 
*www.pandasecurity.com/homeusers/solutions/activescan/ 
 
Kaspersky Online Scanner 
*www.kaspersky.com/virusscanner 
 
McAFee Online Scanner 
*us.mcafee.com/root/mfs/default.asp 
 
BitDefender Online Scanner 
*www.bitdefender.com/scan8/ie.html 
 
Windows Live OneCare Scanner and Spyware remover 
*onecare.live.com/site/en-us/default.htm 
 
F-Secure Scanner and Spyware remover 
*support.f-secure.com/enu/home/ols.shtml 
 
ESET Online Scanner 
*www.eset.com/onlinescan/ 
 
EWIDO Online Scanner 
*www.ewido.net/en/onlinescan/
```
*For SINGLE file scan:* 


```
www.virustotal.com 
 
*virusscan.jotti.org/ 
 
*www.viruschief.com/
```
Step6:Try finding any residues
----------------------------------
*Install CCleaner if you haven’t already and use it to delete temporary files. It can also scan and delete obsolete registry keys. After you have done install Glary Utilities and run it. That program is pretty good and will even scan for spyware too. It will get rid of your junk and speed up your computer. You can also run Advanced WindowsCare Personal which is similar to Glary Utilities in case some junk is left behind.* 

They are useful programs like CCleaner I use it to remove 1 or 2GB's weekly. Imagine if you never run it? You probably can gain more space!!! Using the other two programs that delete registry keys that are obsoletes can be risky sometimes so before you decide to just go along with what the program says is junk make a back up of your Registry!! 

To make back up of registry go to RUN, type REGEDIT and then click File and then Export. Make sure you save it someplace where you can recover it. Then go ahead and scan with those utility programs they really do make a difference and will help you gain performance back.


Step7:Have a Proper Defense
----------------------------------
As you know there are lots of free AntiVirus,AntiSpyware and Firewalls available.
If Your are frequent Internet user-I recommend a combination of

Firewall+Antivirus+Antispyware/Malware.

Eg:Comodo Firewall+AVG8 FREE,etc

whatever matches ur performace and likings.



```
*www.pcmag.com/article2/0,1895,2090808,00.asp
```
 I also recommend Sysinternal suite-To monitor system activity



```
*technet.microsoft.com/en-us/sysinternals/
```


----------



## Edge-of-chaos (Nov 5, 2008)

Does this also detect and remove trojans which are passive, but could be triggered on specific system event ( like a particular program call, or a particular sequence of key logs, or a particular browsing pattern).


----------



## gopi_vbboy (Nov 5, 2008)

Thnkx for reply

@Edge-of-chaos-that depends on scanner.Most of them will be detected for sure.Also the virus database of all scanner aren;t same.So lets hope for best.


----------



## Abhishek Dwivedi (Nov 5, 2008)

very nice...gr8 tutorial buddy...


----------



## gopi_vbboy (Nov 5, 2008)

thankx for rep

pls share any additional method or give some tips other than mentioned one....will be useful to others.....


----------



## toofan (Nov 8, 2008)

why don't you download combofix.exe and then see the magic. In five minutes you pc would be virus,torgen etc etc free. And then use avast to scan all other drives. One more thing before useing combofix close you avast antivirus.
 I have used this on my pc and others one many times with 100% results.

After cleaning pc install spybot search and destroy. its a great tool. use it and feel it.


----------



## Krazzy Warrior (Nov 8, 2008)

gr8...keep them coming...


----------



## gopi_vbboy (Nov 8, 2008)

@toofan.is.back

added ur tip to thread.....thankx guys for reply


----------



## skippednote (Nov 8, 2008)

^
very useful stuff ...! Keep up the good work


----------



## toofan (Nov 8, 2008)




----------

