- Check some setting just like what I have written in How do you know your computer is infected by virus?
- I will restart windows in safe mode. (How? Click here.)
- After getting into safe mode, I will run a-squared HiJackFree to check which virus is running in the background of windows in safe mode. (How can I know which process is come from virus? Click here.)
- Then, I will kill the process, delete the file (Of course, I will backup it before deleting the file).
- I will check the autoruns setting and restore it into the original state.
- I will run RestoreAll (What is it? Click here).
- Then I will go to command prompt (how? Goto start menu, click run, type cmd and press enter .)
- Type "cd\windows" and press enter
- Type "dir /as" and press enter
- Normally, there will be only 3 files (do not included the folders):
bootstat.dat, winnt.bmp and winnt256.bmp
If there is other files stay there, I will backup them and delete the files. - Then, I will type "cd system32" and press enter.
- Type "dir /as" and press enter
- Normally, there will be only two folders here (dllcache and Microsoft), if there is other files stated here, I will backup them and delete them.
- Then I will type "Exit"
- Restart windows and use SandBoxie to check the the suspicious files that I have backup. If they are virus, I will build a simple virus removal for it.
- Done!
Remove virus effectively
Every year I am asked to help to kill virus. I like to kill all of them. It is really challenging. However, once I have successfully kill the virus, I feel very happy and exciting. I hope you also enjoy my excitement. The following are the procedures I use to kill virus.