removing virus from computer(Khatra.exe)
Khatra.exe is a W32 trojan which is the most annoying virus i had ever seen. It
appears as khatra.exe, ghost.exe or Xplorer.exe. This virus disable the Task
manager and Registry Editor permanently. I was struggling with this idiot for a
few days. This virus copies itelf to removable media and spreads to other
computers. I searched Internet a lot for removing this and finally i removed it
completly from my pc. So, here I'm sharing the instructions for removing the
virus below.
Is my PC infected??
This is the first
question you will ask. So, if you want to check whether you are affected by
khatra.exe, ghost.exe or xplorer.exe virus, do as follows
Open task manager (if you have task manager disabled, this may be most probably
because of virus attack. Anyway, to check whether you are affected by khatra
virus or any other virus, just follow the first step in the removal instructions
below to enable task manager first.)
Now go to process tab
and check whether there is khatra.exe, gHost.exe or xplorer.exe (not
explorer.exe)
If you see any of the
process mentioned above, you can make it sure that your pc is affected by
khatra.exe. (khatra in hindi language means danger. Strange virus!). If you
dont see any of the above process, you cannot say that your pc is completely
free from viruses. Sometimes you may be affected by some other viruses. One of
the main symptoms of virus attack are disabling task manager, slowing down of
pc and disabling of antivirus (of course, some viruses will disable your
antivirus too!). This virus had another interesting property that when you
search for "how to remove khatra virus" of similar things from the
affected pc on a browser, your browser will automatically close! (i like it!).
So, if your pc is infected, follow the steps below,
Steps:
1) To Enable Task
manager,
Go To Start> Run
Enter gpedit.msc
in the Open box and click OK
In the Group Policy settings
window,
Select User Configuration > Select
Administrative Templates> Select System > Select Ctrl+Alt+Delete
options> Select Remove Task Manager> Double-click the Remove Task Manager
option. Now your Task manager is Enabled.
2) If Gpedit is disabled
and regedit is enabled, do the following steps to regain task manager
Click Start -> Run.
Type in "regedit" (no quotes) and
hit Enter.
Search for HKEY_CURRENT_USER -> Software \ Microsoft \ Windows \
CurrentVersion \ Policies \ System.
Look for: DisableTaskMgr. Click on REG_DWORD. Change value to 0
3)Click Ctrl+Alt+Del to
launch task manager
Now remove all
processes such as Khatra.exe,
gHost.exe and Xplorer.exe (it is better to select all, right click and click end process
tree). Be careful that dont remove explorer.exe in confuse with xplorer.exe.
explorer.exe is an essential process for windows explorer.
4. Now download and
install Everything search tool or similar tools
This is because you
need to search and remove all copies of khatra.exe ,ghost.exe
and xplorer.exevirus
copies from your hard drive. For that you will need a search tool and your in
built search tool will be disabled by the virus.
5. Remove all the copies
of virus
Launch the app you
downloaded. Search for khatra.exe,
ghost.exe,Xplorer.exe and remove all one by one.
you can also download
any other tools similar to everything search. Usually this will take some time.
Don't forget to search in hidden folders and system folders. There shouldnot be
any copy left in your harddisk.
6.
Disable registry entries
Open registry editor (go to start>run, type regedit and enter)
Search for all keys with values khatra, gHost or xplorer and remove all
entries.
Done! Now restart PC and it is better
No comments:
Post a Comment