It becomes very annoying when viruses like ravmon, kinza, isetup, virusremoval.vbs, etc. hits the computer. You cannot open the task manager, neither can you do regedit. Additionally, hidden files and folders are blocked to view. Even command prompt doesn't work. Often, you feel that if only could you list the processes......
The purpose of this article is to let you handle the above case with ease and remove virus affects manually by inspection.
First of all, get the following little but killer tools. They are very useful in many scenarios, not just this one.
Open command prompt portable, since original command prompt is disabled by virus. Now you can type pslist to view all the current processes running.
You can then identify new names in the list or you can search the internet for suspicious processes. Pslist also lists the processes that are normally hidden in windows task manager.
When you have identified the virus, just kill all the associated processes with pskill. Now you can restore your windows settings. Now you can use folder options to view hidden folders and use local policies to enable registry editing.
The next step is to remove the startup methods for the virus.
Thus, by keeping just three little tools, lesser than 1 MB in your portable drive, you can save your computer pretty comfortably in difficult situation.
