Computer Virus Removal - Manual Virus Removal
Why are computer viruses harmful? For the same fundamental reason that biological viruses are: they damage
components that keep systems healthy. Some are comparatively benign and only create annoying, childish messages or
crash the computer system once, then go away. But many are specifically designed to do significant harm by deleting
files needed to run word processing programs or perform vital operating system tasks. Some prime the way for
additional attacks by opening up access to administrative functions.
Combating them is easy - install antivirus software, maintain it up to date and running in the background and
never open email attachments from unfamiliar sources. That being said, the odds are high that one day your computer
system will become infected. vital data will be lost and important program and operating system files will be
destroyed. When or if that day comes, how do you go about computer virus removal.
Diagnosis Before Cure
The first thing is not to panic as the chances are that you may not even be infected. As in the medical world,
diagnosis comes before cure.
If the computer system is still functioning and you have access to the Internet, search for current, known
viruses or even find a website that offers an online virus check. Scan your computer system manually and search the
file system for virus programs or infected files. Check the memory as well because viruses can hide themselves in
there as well.
Try running and testing multiple programs and operating system functions just in case that it is just one
component that has failed or become corrupted.
If the system is not working at all, try booting the computer using the installation diskette or CD that may
have come with your computer system when it was purchased. Alternatively, if you have made bootable backup disks or
CD's yourself, try using that to boot the system.
Scan the system after booting from diskette or CD and look for any virus or infected files.
If it comes down to the fact that your system is infected and you are running Windows select the boot option:
Last Known Good Configuration. It seldom helps, but occasionally you can get lucky. However, that chance will be
lost if you have re-booted more than twice
If you are running Windows, check for the presence and dates of key operating system files. Although that list
is too long to show here, you can search Microsoft's web site for 'Operating System files'. Alternatively, make a
list from the Windows directory and the System or System32 sub-directory, of another computer. Provided that both
computers are running the same service pack level, the majority if not all dates should match other files.
Check specifically kernel32.exe and lsass.exe. as hackers love to go for those two. If you find one with a
different date, treat it as suspect. Replace those files with known good ones, if needed.
Again for Windows users, it may be the Registry that has been corrupted. There are a number of useful tools
available to fix it. Just search for Windows Registry repair utilities and choose one suitable for your
If the problem is only a program such as word processing software, email client or browser then remove the
faulty program and then reinstall it. This is normally a quite straightforward procedure, and most programs will
not delete any user created data files without prompting you first.
In the worst case scenario, lost user data that has not been backed up somewhere, can sometimes be recovered by
commericial Data Recovery services. They tend to be costly, but your data may well be worth that cost. It may sound
like magic, but these type services can often recover at least some data even though you have searched thoroughly
and all appears lost.