TweakTown
Tech content trusted by users in North America and around the world
6,061 Reviews & Articles | 38,961 News Posts
TRENDING NOW: Strap an iPad to your face with AirVR for mobile VR

PC Security Guide - Protection from Viruses, Attacks and Spyware - Advanced Virus and Spyware Removal (cont.)

Patrick Tilsen better known as "Yawgm0th" from our forums has just completed his first guide, which looks deep into PC security in terms of protection and removal. He covers the basics from preventing viruses, cracker attacks, and spyware from becoming part of your life through to the basic and complex methods of removing the threats. This is a must-read guide for beginner to intermediate users and even beyond.

| Guides | Posted: Sep 15, 2005 4:00 am

Advanced Virus and Spyware Removal (cont.)

 

The first thing you should do is open up Services.msc (Start > Run > Services.msc). Look around in here and I'd suggest you look at http://www.blackviper.com to see if any services aren't part of Windows.

 

 

Now it's up to you to figure out whether it's part of a legitimate program, or if it's a virus embedded as a Windows service. This can be tricky, so how fast it goes also takes experience. I once found one called "Network Security Service." The name was quite the misnomer, as it was a virus add-on preventing me from deleting a startup executable of the virus. Things like that are what you're looking for. If you find one, first right-click on it and click "properties" on the context menu. Then, disable it. Finally, stop it. This should be done regardless of whether or not you find a virus in msconfig and/or Task Manager. If you can't get all of the suspected processes turned off and deleted, it's time for a new option.

 

Use a router for improved security - How much?

 

NetGear DG834G Wireless Router

 

Memorize, write down, or put in a text file the locations of the files needing deletion. Restart the computer and get into Safe Mode by pressing F8 before the machine starts to boot into Windows. Once in Safe Mode, you should be able to delete the offending files. After you're sure you've deleted everything and removed all of the services and msconfig entries, restart again and go back into normal mode. If you still have the symptoms, the process, the service, the startup entry, or any combination of those, then things get more complicated.

 

The next step is to get a Windows XP or 2000 CD. You'll need to restart the computer and boot to the CD. Eventually, you'll get to the screen shown in the picture. Choose the option with the red square around it. The Recovery Console will ask you to log in to an installation. In most cases, the correct choice will be C:\WINNT or C:\Windows and then you will then be asked for the Administrator password and if you are running XP Home edition, it should be blank. If you're running XP Pro, 2000 Pro, 2000 Server, or 2003 Server, you better know what it is.

 

 

After you're in, you should type "listsvc" without quotes and press enter. This will begin to list the services installed, just like services.msc. Unlike services.msc, this won't allow any of them to be hidden, so even the virus' service(s) will be shown. The complicated part is figuring out what is what. The best way to do it is to compare the list to an unaffected computer's services list and figure out what is likely a virus. After you've figured out which one it is, you'll need to type "disable [service name]" to disable the service. If you've followed these steps and haven't screwed up, the machine should be rid of any pesky viruses.

 

Further Reading: Read and find more Guides content at our Guides reviews, guides and articles index page.

Do you get our RSS feed? Get It!

Got an opinion on this content? Post a comment below!

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases