virus removal

[Frustrated]

Could someone explain to me in steps how the following can be done in steps please.


Note: Many viruses depend on being protected from removal by the Operating System (Windows). Many times a virus or a spyware program can be removed by:
- removing the C: drive from the computer and plugging it into another computer as the D: drive -- where it's no longer protected by the operating system. However, this in turn may infect the C: drive of that other computer; so that other computer's C: drive should really be a CD-Rom drive instead of a writeable normal hard drive. Some Computer Repair Shops do take the time to remove viruses in this manner. A list of good Repair Shops is here.

 

[kranich]

Yeah... I do not like the methods that they recommend. They are saying to add the drive of your infected system as a slave drive on another working system and label it D:\ (or some other letter). If you wanted to try that the steps are not difficult and can be found all over the internet. Just Google “add a slave drive” but instead of a brand new slave you will be adding the infected one. Make sure that you are using instructions for IDE if you have IDE, or for XATA if you have XATA (SCSI IF SCSI). These are the different types of disks. Of course this assumes that you have a working system you can add it to.

I have had good luck by booting to safe mode to remove viruses (F8 during boot). Once you have identified the virus and the path where it resides you may try booting to safe first. Another option is to use a PE disk then use whatever disk utility is on that PE disk to browse to and delete the virus. A third option is to boot to a DOS disk then use the command line interface to browse to and delete the virus. Many utility CDÂ’s such as the ones that come with Dell systems (or the ones that come with Symantec products) allow you to boot to DOS.

 

[Frustrated]

Thank you for that so you are saying that you use an anti virus program to find the path of a virus then go into safe mode to delete it, won't two drives with windows os,s conflict even though one is set as slave and how do do you asign drive letters to xp hardrives i know through 98 u can use fdisk.

 

[Frustrated]

what software do computer repair shops use to remove viruses and spyware

 

[kranich]

The reason you cannot sometimes delete a virus is because it is running as a hidden process when Windows loads up or it is actively running on Windows and cannot be deleted because it is being used. When you boot to safe it does not load up (most of the time) and then you simply unhide your files and find it, then delete it. This is if you just want to try booting to safe.

If you want to add the infected drive to another system to do all this then make it the slave and add it. When you boot up Windows will assign it a drive letter. As long as it is the slave you should be OK. The system will boot to the master (usually C\).

Just to answer your question tough you can assign drove letters through Disk Management. When you RC My Comp and select manage one of the options is Disk Management. You can assign them from there.


Fun stuff Eh?

 

[kranich]

what software do computer repair shops use to remove viruses and spyware

I am not a repair shop but work with this junk for a living. Unless it is a server I never even mess with it but just restore a good image. With servers I do a lot of rooting out use the methods described above. A lot of times you can find some type of removal tool from one of the software vendors.

 

[Frustrated]

hope you don't mind my stupidity but when you unhind how do you know where to find the virus or spyware

 

[Casalen]

I would hope that your antivirus program, which apparently can't delete the file, can at least find it. Or run an antivirus while in safemode, if that's the way you're going. If you do want to install the infected drive on another system, just tell the antivirus on the good system to scan that slave disk.

 

[Frustrated]

Thank you for your help.