long time since my last post.
Today's post is on Virus removal .....
So what is the right approach to get rid of virus from PC..
what i feel or how i deal with this problem is Three step process :
1. Find the infectious process and kill that process
2. Remove the registries.
3. Remove all the clones of that infectious file.
and its done. :)
Now many of you were thinking how easily I wrote those things but i wan to assure you that it is as simple as i wrote.
so how can you do this :
1. Find the infectious process and kill that process
You can use any process viewer tool like Process Explorer (procexp.exe). you can download it from
http://download.sysinternals.com/Files/ProcessExplorer.zip
This tool will allow you to identify the infectious process as it shows suspected file in different colours. now find the real one and delete it some common ways to identify infectious one are they will not be having any publisher name( but don't get confused with system interrupts and some other processes), will be using more than usual memory and CPU.
Let us suppose you found ABC.exe. Now note down the path of exe and kill the process.
2. Remove the registries :
To remove the registries related to ABC.exe,open the registry editor by typing “regedit” in RUN at START in windows.
Now use Find option under Edit tab to search for registries of ABC.exe Delete all the registries containing ABC.exe but don't remove registry if it is having any other entry with that, then open that registry and delete the ABC.exe part carefully.
Note : Never Forget to Backup your registries before any Registry operation.
3. Remove all the clones of that infectious file :
and now Last but not the least part Search your Hard-Disk for ABC.exe and its clones. You can use Windows search option for this. Select My Computer and enable the search Hidden Files and Folder in advanced Search.
Delete All the entries find in search result.
Now its over, you have done it.
You can use above method to remove regsvr.exe virus, newfolder.exe, and many more.
