Written by Pavan Kumar on February 16, 2008
Virus! the most popular application, can affect your system in any way. Thieves always try to hide proofs which can reveal their identity. Likewise a virus.
Recently, I visited a friend with viral attacked PC. He told me that task manager has been disabled. I thought of editing registry and re-enable the task manager as I did on different systems.
I clicked on start, but could not find a "Run" command. Thought of fixing it later, I concentrated on task manager so that I could identify any virus running on the system.
I browsed for regedit on windows folder and tried to open, a dialog bounced "Registry editing has been disabled by your administrator".
I knew only this method to enable task manager, so started googling.
Solution is here.
I got this new software tool to fix all such restrictions imposed by the viruses. The tool is from Sergiwa. The tool is called Remove Restrictions tool. It removes all restrictions imposed on your windows by the viruses in order to make them safe to hide. The viral programmers are very intelligent to write such a program which during its very first install, adds itself into startup, restricts access to registry, task manger, system configuration utility… An intermediate or an expert user may fix these problems, but a beginner even cannot know that he has lost his access to registry, msconfig, or task manager. Task manager may be a common tool but others are hardly used by beginners.
This tool fixes the restrictions for registry, run, task manager, folder options, hidden files, shut down, firewall, control panel… All these are done under one mouse click. More details can be found on the webpage of rrt.
All the above forms first part of the movie – "Combat virus".
The most important thing is told now!
RRT only removes restrictions, but not remove viruses. For that, you need a very good anti virus. Anti virus softwares cannot kill all kinds of viruses. They even cannot detect viruses called rootkits, which I had told you in one of my posts.
Here I recommend you another software Unhackme. It is a rootkit killer.
First use this software to kill the rootkits, just checkout if it is any application which you needed, if it is anyone familiar to you, then dont delete, else kick the process off, remove it from startup. In options, activate windows boot scan for rootkits.
This software also gives suggestions about the process if it is safe or not. You may sometimes need to reboot your system some 2 or more times. If you are not solved of the problem after several restarts, leave that process and go to next step.
Now you are going to check the startup for unwanted programs. If you know the application is safe, then only keep it, otherwise remove it from startup. Here you may also refer to What is this file to know if the file is right to be kept at startup.
After fixing the rootkits, you need to fixes the viruses using anti virus software. A must do process is to update your antivirus software and scan you system completely with only most important applications running.
Open task manager, on the processes tab, end all the processes running under your name (or "administrator") just except the most needed antivirus process and explorer – you may also close explorer if you are capable of handling (recommended). Now, scan your system completely in depth and delete suspicious files.
Now, use an updated antispyware to scan for spywares and here too deleted the suspected ones.
Your system must be running fine now! If not, be sure that there is no virus or malware, but the effect has not yet been recovered. Options available at this time are restoring the system to a previous time where there was no virus.
In any disastrous case, it is most recommended by me to use Norton Ghost for easy and quick recovery of your infected partition.
People who liked this also read: