root@fandigunawan

March 14, 2009

Fandi’s Virus Removal Guide

Filed under: Security, Virus — Tags: , , — fandigunawan @ 12:25 pm

I have faced many people asking me how to tackle the virus and kill them. I just offered them by several tips and now as the way which usually I do getting structured I need to write the procedures here:

The condition which is assumed here is a computer with

  • no antivirus
  • outdated antivirus
  • antivirus which could not recognize the virus
  • infected computer

The one which I always told to people that they need to know their computer especially by watching normal processes loaded in their computer (use task manager or Process Explorer), if you have a clean computer do it right now and you are required to be

Guide 1 : if you dont know the virus or where the virus is

Rule 1 : Don’t ever scan your computer from infected system

Please remember that computer virus behaves as much as human’s virus it will not react on clean system except you trigger it. I usually suggest people to scan it using

  1. (recommended) using Windows PE and put you antivirus on flashdisk
  2. other clean computer or borrowing others PC with installed antivirus

Rule 2 : use portable or forced to be portable antivirus in case you use Windows PE with flashdisk

The following link contains a great information about portable antivirus, usually I use Avira that I have used since five years ago (I never install it though, I just made it portable in case someone need my help).

Rule 3 : make sure if you have precious infected documents don’t let antivirus delete the document or quarantine it (this is one of the reason I choose Avira). List all infected documents and move it to a specific folder for restoration (if possible). If you already know the virus name (once you scan the infected file you will be prompted by the name of virus) go to Google and seek the cure (do not let antivirus delete you files !) if there is no cure than you may make an password protected archive in case in the future the cure is invented.

Guide 2 : if you know the virus

Rule 1 : You may use online virus scanning such as :

Rule 2 : using the information above, get the antivirus which can detect the virus or specific cure for the virus. I recommend you to use specific cure for the virus because you will need no hassle by installing antivirus etc. If you have infected files or documents try to scan and to list all of those and move it to a specific folder.  Try googling by using keyword repair tool virus name.

Procedural ways which usually I used.

1. If you don’t know the virus name (since I don’t use antivirus on my PC), copy one sample, zip it and send the sample to online antivirus scanner (see Guide 2, Rule 1)
2. Get the virus name and find for cure
3. If cure is not exist then download antivirus which can be made portable e.g. Clam Win, Avira. Cure is tool used to repair infected files (not to delete them)
4. Put all of your weapons on Flash disk
5. Boot your PC using other clean OS (other PC’s or in my case I used my windows live CD/ Windows PE)
6. Plug your flashdisk (cantaining cure/antivirus) and run the weapon
7. Clean the virus/repair infected files
8. Reboot and you get your PC clean
9. In case your windows critical files infected -> reinstall your PC

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: