Editor Picks

Welcome to ABHIJEET VISHEN's Blogger Register YourSelf For Ethical Hacking Classes To Be an Expert & Win Prizes"    Register Your Self to Learn Ethical Hacking,Hardware & Networking,HTML,DOT NET,PHP

Sunday, 10 June 2012

Remove Virus Entry’s From Windows Registry



Remove Virus Entry’s From Windows Registry


Virus ~~~ oh how i hate them. Virus harm your PC a lot. Some virus just send sensitive information while others just harm your pc and change the way it functions . In the world there are billions and billions and billions of viruses. there is no end to this list of viruses. These viruses even after removing them leave a scar on your computer~~~ Virus was here. Well not like this but in your registry.The Windows Registry is where nearly all configuration settings are stored in Windows. Now if these settings are changed by the virus files the system will start behaving Abnormally.

To change the registry data needs to run Microsoft Registry Editor - RegEdit.exe. You can click the Start Button, then select Run… item. When the Run Window will appear, then type ‘RegEdit’ into Open: textbox and click OK button.



You might be unable to RegEdit, because the virus blocks the doorway. In this case, you need to bring up your Windows in Safe Mode to run the RegEdit. Sometimes, you need to login the Administrator account. Therefore, make sure you know your Administrator account’s password when you own the new computer.



Microsoft System Configuration Utility MSConfig.exe keeps entries of Start-Up programs. Besides that, System Registry has Run, RunOnce and RunOnceEx entry nodes to manage which program can run while Windows is starting.

First, you should check any starting programs inside the HEKY_LOCAL_MACHINE.



Go down to the node in HEKY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion, then look for program entry inside the Run, RunOnce and RunOnceEX. If you find something you don’t know, then you type the program name .exe name into the following Search box to find out what’s that. If the .exe name is the virus or spyware, then you can delete it.

It’s same that you need to check any starting program inside the HEKY_CURRENT_USER.




Go down to the node in HEKY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion, then look for unwanted .exe programs inside the Run, RunOnce and RunOnceEX. If you find something, then delete them.



Before Doing all this please backup your registry ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Cause if you do it all wrong you can get a system that dosent Boot


Backing up the Registry – Three methods
Method 1: Using System Restore

One way to backup the registry is to create a System Restore snapshot. System Restore returns your computer to a previous snapshot without losing recent personal information, such as documents, history lists, favorites, or e-mail. It monitors the computer and many applications for changes and creates restore points. You restore these snapshots when your configuration isn’t working. This method is unreliable in case you want to rollback the registry changes made a longtime ago, in which case the System Restore might have purged that particular restore point – due to space constraints or due to a recent system restore point or even a Restore point corruption. Please remember, System Restore points get deleted for many reasons, making it unreliable, especially in the long run.



For more help, see Creating a System Restore point and Using System Restore to Undo Changes if Problems Occur for Windows XP PCs. If you’re using Windows Vista or Windows 7, see How to create a System Restore point in Windows Vista and Windows 7.
Method 2: Backing up the selected branch of the registry by exporting

This method is preferred if you’re making changes to a specific branch of the registry. To backup a selected key in the registry, use these steps:
Click Start, and then click Run.
In the Open box, type regedit.exe, and then click OK
Locate and then click the key that contains the value that you want to edit
Right-click on the key and choose Export.
In the Save in box, select a location where you want to save the Registration Entries (.reg)
In the File name box, type a file name, and then click Save.


Backing up a selected branch of the registry…

Now that you’ve created a Registry backup for that particular key. Save the REG file in a safer location in case you want to undo the registry changes made. You can restore the settings by just double-clicking the REG file. It automatically merges the contents to the Registry.
Method 2(a) : Export Registry Keys Using Console Registry Tool

You can use the Console Registry Tool for Windows (Reg.exe) to edit the registry. For help with the Reg.exe tool, type reg /? at the Command Prompt, and then click OK.

For example, to export the key [HKEY_CURRENT_USER\Software\IOLO] and it’s sub-keys, try this from Command Prompt:

REG EXPORT HKCU\Software\IOLO D:\IOLO.REG

To view the REG contents type notepad D:\iolo.reg in Start, Run dialog. Console Registry Tool is extremely handy if you want to automate the backup task using scripts.

0 comments:

Post a Comment