Sometimes an inexperienced will not relies their computers are infected with virus. This is because all of the virus can hide among regular file usually in c/windows/system32 (directory of windows systems). Sometimes, the virus can disguise themselves as a standard file and they can create a file that name autorun in your system windows and also other storages. So? How to discover the virus file and how to clean this virus easily from your computers, make sure your pc is safe from virus infection.
There are some situations of effect which indicated that your computer has been infected by virus. Remember that and take care of them, these situation are:
1. Unexpected images or messages are suddenly displayed
2. Unusual sounds or music are played at random
3. Your cd-rom drive are mysteriously open and close
4. Receive a notification from your computer firewall
5. Computers freeze frequently or encounters error
6. Computer slowdown when you start windows or start run new program
7. File or folder have been automatically delete or their contents are change
8. Your hidden file or folder cannot appear
9. Folder option, task manager, registry editor, cmd, run, control panel and other windows components can’t be run perfectly ( appear message ‘task manager has been disable by administrator)
10. Microsoft internet explorer freeze or functionally erratically e.g you can’t close windows or appear nonsense text or name like ‘Virus mawar mengganas!!!’
Sometimes these situations effect because of hardware or software problems and only 20% effect by virus infection. But if you sure your computer are safe from hardware and software problem and I really sure your computer are infected virus.
Below this is a few step can help you to clean the virus easy. If your computers are infected virus you have to try this…..
Delete Virus Files
1. Start menu>click ‘run’> and type ‘CMD’
2. Type these codes below one by one and press Enter
del %windir%\sscviihost.exe /a /f /q
del %windir%\system32\sscviihost.exe /a /f /q
del c:\sscviihost.exe
3. Also delete the files, just replace code “sscviihost.exe” with others code below:
• SCVHSOT.exe
• hinhem.scr
• blastclnnn.exe
• autorun.ini
4. Also find these files and delete it if they are still exist
• C:\WINDOWS\SCVHSOT.exe
• C:\WINDOWS\hinhem.scr
• C:\WINDOWS\system32\SCVHSOT.exe
• C:\WINDOWS\system32\blastclnnn.exe
• C:\WINDOWS\system32\autorun.ini
• C:\Documents and Settings\All Users\Documents\SCVHSOT.exe
Caution!!!!“Do not double click these files, otherwise you have to start from the beginning”
Delete Startup Launch of Virus
Removing autostart entries from the registry prevents the malware from executing at startup.
If the registry entry below are not found, the malware may not have executed as of detection. If so, proceed to the succeeding solution set.
1. Open Registry Editor. Click Startmenu> click ‘Run’, type ‘REGEDIT’, then press Enter.
2. In the left panel, double-click the following:
HKEY_CURRENT_USER>SOFTWARE>Microsoft>Windows>CurrentVersion>Run
3. In the right panel, locate and delete the entry:
Yahoo Messenger = “%Windows%\SSCVIIHOST.exe”
(Note: %Windows% is the Windows folder, which is usually C:\Windows or C:\WINNT.)
Restoring Registry Entries
1. Still in the Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
2. In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows NT>CurrentVersion>Winlogon
3. In the right panel, locate the entry:
Shell = “Explorer.exe SSCVIIHOST.exe”
4.Right-click on the value name and choose Modify. Change the value data of this entry to:
Explorer.exe
Removing Added Registry Entries
1. Still in the Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
2. In the left panel, double-click the following:
HKEY_CURRENT_USER>SOFTWARE>Microsoft>Windows>CurrentVersion>Explorer>WorkgroupCrawler>Shares
3. In the right panel, locate and delete the entry:
shared = “\New Folder.exe”
Deleting the Malware File(s)
1. Click Startmenu then click Find.
2. In the Named input box, type:
*.exe (and delete all files with 245kb size and below)
Hope this will helps you.. have yet to see if the virus attacks again… be careful with registry editor (regedit) because modified or delete the entry that are not suitable can damage your windows operation.
Thank to God…..
3 comments:
okay... i will try it ;)
Help Desk Services – IPNS is providing IT infrastructure - IT infrastructure management, infrastructure management services, Infrastructure management solutions.
For more info :Help Desk Services
If your computer has recently suddenly become sluggish or unstable you may have fallen victim to some form of computer virus. Products from established anti-virus brands such as Symantec and McAfee typically do this. There are products from these companies that can also actively monitor your system to help protect you from viruses that infect computer.
________________________
mikemathew
pay per post
Post a Comment