Being attacked by many viruses in the recent times, I thought why not make people learn from my experience. Having faced about a dozen of different viruses in past 2 weeks, I have experience enough to write this guide. I faced trojans, trojan downloaders, rootkits and what not. So here’s my little guide which will help you get rid of your virus.

We’ve got a huge amount of viruses floating over the internet. New viruses are being made by evil programmers daily. Due to this innocent computer users are being infected and suffering from infected system which results in compromising of private data, destruction of data, unusability of computer etc. For non techy people virus removal is a tough task. Fortunately, for tech-savvy people its not so difficult.

I am writing this guide so as to help people from removal of viruses from their computer.

A brief introduction about viruses. A virus is generally a malicious software which tries to steal personal information from your computer or uses your computer for other malicious activities like spamming, used as proxy from illegal activities, spreading malware etc.

Computer can be infected from virus through many means. You can get infected from a mail you opened from unknown person, some software installation, a friends pen-drive which you just inserted in your computer etc.

Until now, only Microsoft Windows have been known to be infected by viruses. Linux and Mac OS remains unaffected. There are only few known viruses for them. Windows on other hand has thousands of viruses with new viruses being produced everyday.

To protect yourself from viruses you will need to have good combination of security tools.
Tools required:

1. Sysinternals Process Explorer.
2. Good anti-virus software (preferably Kaspersky, NOD32, or Norton).
3. Malwarebytes Anti-Malware
4. Registry Fix.
5. Task Manager Fix.
6. UnHackMe.
7. Lavasoft Ad-Aware latest 2009 version. (Older version has many drawbacks)
8. HijackThis
9. Spybot S&D. (Optional)

Most of the viruses won’t let you know when they install themselves on your computer. You won’t even notice them unless they do something noticable like use internet extensively which draws your attention etc.

When you get infected by a virus and you are sure about it:
You know that you have been infected by a virus and you don’t know what to do. Just bear with me and you will find quick solutions to your answers.

To check if virus is using the internet:

1. First of all check if it is using internet. Go to Start Menu-> Run -> Type “cmd” without quotes and enter.
2. Then type “netstat -b” without quotes in the console and press enter.
3. On the left hand side, you will see a list of executables and right to that, you will see the sites it is connecting to. If you see any unknown executable connecting to any unknown site. It means that it is using your internet. In this case, I recommend disconnecting from internet to protect yourself.

Read the rest of this entry »

EFS or NTFS encryption can turn out to be your life’s worst nightmare in case you don’t fully read about it. I advice everyone not to use it unless you really know what you are doing and backup your certificates.

I had many folders of mine encrypted and I forgot about them completely as encryption is transparent to user who encrypted the file. It was a usual day. I was working on my computer when I wanted to access some files from ‘My Documents’ (yes, I encrypted whole My Documents folder, idiot me.) and was denied access. I thought it might be with just that file. I tried accessing other files, other folders but it gave same error. It dawned upon me. In an instant, I knew what was going on. I was shocked and confused at the same time. I didn’t know what was happening.
Read the rest of this entry »

Yesterday, I was infected with probably the ugliest breed of virus in computer history (atleast, for me). What it did was nothing serious. I downloaded something off the internet and ran it. Spybot gave me a warning about a registry entry and I knew it was virus. I simple denied it. It again popped up after few minutes. It confirmed that it was a virus because no other software would prompt again for the registry entry. I denied again and no matter how many times I denied, it came back again after a few minutes. So, I knew it was a time for scanning. I scanned and deleted atleast 12 virus executables created in various system folders. I deleted them all. I think the virus injected itself into some system executables too. And I deleted those files too. Everything was going fine. The virus was listed as Win32/Kryptic.AA trojan and WIN32/Rootkit.Agent by my NOD32 AV.
Read the rest of this entry »