Remove RavMon.exe virus without any anti-virus

Removing ravmon virus without anti-virus is easy, btw i havent met any antivirus which can remove this virus they can stop your pc from being infected but once you are infected they wont be able to remov it.
I don't know the actual name of this virus nor its effects
Anyways its very easy to remove it
you will have to follow just few simple steps.
  • check if ur infected
  • stop currently running virus
  • delete virus files
  • remove virus to run from startup
so here are the following steps explained
remember until you delete the virus files please open drives using address bar by typing C:\ D:\ X:\ as the virus is activated if you double click the drive
1. Right click any drive on your computer and see if right click menu shows some invalild characters
like this

 If yes then you are infected.
2. Press Alt+Ctrl+Del to bring up the task manager (or right click taskbar to run it)

there will be a program in processes named “
 SVCHOST.EXE” there will be few svchost in small case but check one in capital letters, if you see more than one “SVCHOST.EXE” (all caps one) end the one with your username infront of it instead of LOCAL SERVICE, NETWORK SERVICE or SYSTEM.
by pressing end process
3. to delete the virus files you need to show system protected files.
for this goto
My Computer->(Menu) Tools-> Folder Options -> (Tab) View -> uncheck “Hide System protected files” -> press OK
If you are unable to unhide the system files you can use 3rd party softwares to browse drive and delete files, try ACDsee or WinRAR
Now open drive (by typing drive letter in address bar)
delete these 2 files
  • Autorun.inf
  • Ravmon.exe
also delete those in all drives (not CD(WR) or DVD(WR) drives) (and remember don’t double click else you will have to start over from top) Open Windows folder and delete SVCHOST.EXE, SVCHOST.dll and MDM.EXE
Now restart the 
explorer.exe process by killing it in taskmanager and runing it again [(winkey + R), type “explorer” and hit enter]
now right click the drive letter and ull see a clean menu congrats virus is removed 4. Now remove it from startup (Optional as files are deleted)
Winkey + R type “
msconfig” hit enter

goto startup tab-> (uncheck) 
MDM -> OK -> Exit without Restart
How to prevent from this virus in feature
just right click any USB drive (that includes iPod) you have plugged into your PC
if they have currpoted menu the drive is infected
Access drive by typing drive letter and delete files from that drive
Remember you double click the curropted drive you get infected else ur safe
The End
Share on Google Plus

About Unknown

    Blogger Comment
    Facebook Comment


Post a Comment