Vanquishing Trojans for Dummies
my beloved sister brought home the old virus-infected PC and somehow took my shiny new laptop in exchange. that's what eldest sibling are for, putting up with sh*t. anyway, that old PC was especially dear because it kept me company throughout 4 years of university. so i decided to clean-up the viruses, and that decision alone caused me three days of pain. being such a good friend, i'm going to save you guys from plenty of anguish by compiling this guide.
first, a quick scan of my PC shows 3 types of worms/trojans detected. what to do if the virus scan is not able to clean the infected files? go to the location and delete it yourself, of course.
Unable to display hidden files
virus-infected files tend to masquerade as system files, so they are usually hidden. but how am i suppose to set "Show hidden files and folders" when there is no Folder Option? which brings us to our next topic, edit registry to show folder options.
Unable to run REGEDIT
The easiest way to open registry editor, is by clicking Start> Run> REGEDIT. but the Run command also has been disabled by the virus. so i went to C:\Windows\ and tried to open regedit.exe directly but that has also been disabled by the annoying virus. i was practically pulling my hair out at that point. so the only thing one can do is, get a third-party registry editor (it's readily available).
Changing the registry
By using the registry editor, enable registry editing, folder options, run command and command prompt. don't expect to be spoon fed here, just save the original copy and experiment around.
Unable to delete infected files
Before you start deleting, make sure the system restore is turned off. Also, go to Start> Run> SERVICES.MSC and stop any suspicious activities. Press Shift + Del to permanently delete the infected files. but what if your system does not allow it? Open command prompt and go to the directory where that file is located, type:
del /p /f /aH xxx
this ensures that the hidden virus file (xxx) will be forcefully deleted. try the same step in Safe Mode if that still doesn't work.
Eeek..the files are recreated again
After i painstakingly cleaned up all the infected files, it automatically gets recreated each time i access the drives. this is more than enough to get me reaching for the Windows XP CD for reformatting, but...darn it! i would not allow myself to give in so easily! what you can do in this case is, return to registry editor, and delete all suspicious-looking entry. pay attention to the Software> Microsoft> Windows> CurrentVersion area. this is a trial and error thing okay, nobody said its going to be easy.
first, a quick scan of my PC shows 3 types of worms/trojans detected. what to do if the virus scan is not able to clean the infected files? go to the location and delete it yourself, of course.
Unable to display hidden files
virus-infected files tend to masquerade as system files, so they are usually hidden. but how am i suppose to set "Show hidden files and folders" when there is no Folder Option? which brings us to our next topic, edit registry to show folder options.
Unable to run REGEDIT
The easiest way to open registry editor, is by clicking Start> Run> REGEDIT. but the Run command also has been disabled by the virus. so i went to C:\Windows\ and tried to open regedit.exe directly but that has also been disabled by the annoying virus. i was practically pulling my hair out at that point. so the only thing one can do is, get a third-party registry editor (it's readily available).
Changing the registry
By using the registry editor, enable registry editing, folder options, run command and command prompt. don't expect to be spoon fed here, just save the original copy and experiment around.
Unable to delete infected files
Before you start deleting, make sure the system restore is turned off. Also, go to Start> Run> SERVICES.MSC and stop any suspicious activities. Press Shift + Del to permanently delete the infected files. but what if your system does not allow it? Open command prompt and go to the directory where that file is located, type:
del /p /f /aH xxx
this ensures that the hidden virus file (xxx) will be forcefully deleted. try the same step in Safe Mode if that still doesn't work.
Eeek..the files are recreated again
After i painstakingly cleaned up all the infected files, it automatically gets recreated each time i access the drives. this is more than enough to get me reaching for the Windows XP CD for reformatting, but...darn it! i would not allow myself to give in so easily! what you can do in this case is, return to registry editor, and delete all suspicious-looking entry. pay attention to the Software> Microsoft> Windows> CurrentVersion area. this is a trial and error thing okay, nobody said its going to be easy.
Comments