What To Do If Got Infected

#1
We'll this is a comprehensive guide on saving your precious data in case you get infected by some deadly virus or trojan or spyware someday.
Although I've created it keeping in mind specifically Win XP users others might follow if they can.
I've tried to make this as simple as possible but only those people should follow that are comfortable with at least basic terminologies .
Also I've tried to complete is as much as I can in details but incase there is any mistake then please feel free to mention that

STEP 1 - Let's Begin
If you don't know something than you should probably call an Engineer cause its better to pay rather than losing something important. Remember pay only if the person can save your precious data cause else even you can do the rest.

STEP 2 – Identifying Common Symptoms
We'll you may find that you're infected in these common ways:

1)Taskmanager got disabled recently.

2)Right Clicking on System Drives shows autorun option

3)Double clicking on system drives momentarily shows dos window
4)You get advertisements messages too often whiles surfing
5)RegistryEditor got disabled recently (for advanced users only )

STEP 3 -Few Prerequisites & Just making Sure
a)We'll just make sure that your System Restore is currently disabled
To do so right click on My Computer>Properties>System Restore
Just click “Turn Off System Restore”

b)This prevents certain viruses from regenerating using System Restore
We'll just to make sure that you are correct create a log file using HijackThis.
Here are the steps :
Download HijackThis
Double Click To Install
Then Run The HijackThis.exe Tool (Just Accept The Warning)
Then Click on “Do a System Scan & save a logfile”
Now here's the problem , you may not comfortable with what is written in the logfile
So here's a simple way
Either upload the file to Hijack Support
Or You may post it here for me to analyze (this may take time :p )
REMEMBER : If in any case you're unable to perform some action like installation just create a NEW USER from Control Panel(Start>Settings Control Panel>User Accounts)


STEP 4 -Analyze Yourself
So those who gave up already in the previous step may leave this one cause this one is only for those who can do a little bit of an effort
You don't know what's the process is or what's the specific registry about then just
Refer These For Processes
http://www.neuber.com/taskmanager/process/
http://www.liutilities.com/products/wintaskspro/processlibrary/

Info button will show you how the Log File being generated is divided

STEP 5 -Prepare For DisInfecting (Step 7 May be done before this Step)
You may selectively remove the files that are infected
If you are unable to delete the files than try utility called Unlocker
Now here is something I do everytime
Download latest version of Avast from here
Disconnect from internet
Uninstall Avast previous version
Reinstall Avast (giving everything in answer as Yes or Next in order to do a BootTime scan)

STEP 6 -Disinfecting
Following the above procedure specifically will lead you to a message of restarting the PC
On next restart you'll see a boot time scan (scan before starting of windows)
Just Press Numeric Key 2 from your keyboard for anything asked
Remember : It is almost impossible to repair the infected file

STEP 7 -Removing Infections From Registry
This is a bit of complicated step as this involves removing the registry infections. You may use common antispywares like Ad-Aware,Spybot S&D,Spyware Terminator,Spyware Blaster,AVG Antispyware etc etc etc.
Just Install any of these & do a comprehensive scan of your registry & fix the problems you get.Also you may require to install more than 1 incase infection still persists
REMEMBER : Following this step before STEP 5 may or mayn't give you advantage depending on type of virus you're infected with. For Ex : A virus that infects just registry will be removed in this step only,also a virus which exclusively depends on staring of windows may be removed using this step only whereas in cases where virus prevents registry changes you might face difficulty.

Attached Are Registry Files For Re-enabling TaskManager & Registry Editor
Just Double Click tskmgr.reg & then Yes To reenable task Manager
Just Right Click & Install UnHookExec to reenable Registry Editor
STEP 8 – Securing The PC Again
Install a good Firewall & Antivirus (Refer this Thread)


Will update this post Soon With Illustrative Pics

.::Ecko::..::Ecko::..::Ecko::..::Ecko::..::Ecko::..::Ecko::..::Ecko::..::Ecko::..::Ecko::..::Ecko::.
 
Last edited:

Similar threads