Repairing Virus Infected Computer

How to Handle Virus Safely?


When your computer infected by virus, there are some tips to find source virus location attacking the computer and stop ctivities of viruses:

1. Tools/program we need is autorun as a part of SysinternalsSuit tools. You could check at (http://www.microsoft.com/technet/sysinternals/default.mspx).
2. For investigation and first step of recovery, open autorun, then log it on. The list showed are files running at the same time with active filies of windows. You should stop access of strange programs or unimportant programs by throw away check mark (√). Be careful to do it, your miss action can stop windows activity. I show you the list of important programs have to be keept in active:
3. rdpclip, is a program to handle file copying. It provides menu ”copy and paste”.
4. Userinit, is the key of windows process. It mange start menu of windows.
5. explorer, is the mechanic of windows explorer. It manage file manager, desktop and others. . if you stop this program, windows will not be visible.
6. ctfmon, is application of MS Office and language bar.
7. Rdpclip, userinit, and explorer is the applications always exist in Windows operating system except Windows 9x/ME (just userinit and explorer). It should be keep in active.
8. rdpclip and userint source program is in column Image Path in C:\Windows\System32, explorer application is in folder C:\Windows, and ctfmon in folder C:\Windows\System32, with assumption that we setup Windows system in Drive C:
9. We should look at column Image Path. When founding strange files in: \Windows\System32, and we believe that is not system files, we have to trough them.

There are some things have to be attended at the list inside Autoruns. Viruses are often in form and use the name similar to explorer and spooler. We have to be careful. Virus often use those name but its location is not in C:\Windows. Otherwise, when we lose the check mark of some programs, that mark would always restore automatically, indicating reactive programs. That is a virus. I recommend you to learn virus progress in http://www.processlibrary.com.

Tag: handling virus, how to handle virus, recovering computer from virus, computer recovery, step of computer recovery from virus, how to stop virus.

Indicator of computer infected by virus

Indicator of computer attacked by virus

Virus always disseminates in computer fast. We rarely know its hidden movement. Virus could infect computer through flash disk, floppy disk, e-mail, internet downloads, and link area network (LAN) which connects a computer to others. We often find imitation email (mime). That is often as counterfeit of virus. Even, we usually downloads some files which containing some viruses.

Commonly, there are some indicators of computer attacked by virus:

1. Computer access speed gets decreased than before. Even, it runs very slowly because of the hidden virus activity inside computer.
2. Computer often restarts out of control. In this case, we’re always confuse and depressed, especially when we try to access task manager, antivirus, and other programs.
3. Appearance some strange codes inside computer “property”
4. Sometimes, some option is lost or cannot be accessed by operator, especially at folder option or others menu. We could not access registry editor, menu Run, command prompt, and others.
5. Antivirus is not able to be accessed.
6. Appearing the strange message, even that message tell us that “I’m not virus or Trojan”.