A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly used to refer to many different types of malware and adware programs. The original virus may modify the copies, or the copies may modify themselves.
It can harm in different ways:
It can steal your data or information and send over internet,
Delete your data or system files i.e. corrupt OS,
Change system setting i.e. Hide folder options, Task Manager etc,
Minimize the Performance,
Spread through USB devices etc.
How to detect that your computer is infected?
Look for process which are taking the greater share of memory (a unrecognized process),
Check out the startups regularly,
Use Antivirus Software and update it regularly,
Download Latest Patches from Windows website.
But still there are some viruses which are undetected.
Autorun.inf Virus
Most often we find that USB Sticks or Data Transfer devices such as Pen drives,
ipod, Digital Camera, Mobile etc are infected with a virus. This virus creates a
autorun.inf file, also it creates a EXE (executable) file in every folder in system with
same name as that of folder. So we opens it thinking that it's a folder, After execution it disables Folder Options, Registry Editor, Task Manager etc and copy itself to all hard disk partitions plus
spread through USB drives.
First of all check for virus on the machine. You must have little knowledge about
the Registry Editor and some basic information of Operating System.
Procedure to Remove:
Use "Process Explorer" (Search Process explorer in Google and download from
Microsoft website link) to check for unwanted processes.
End task all the processes with folder icon.
Enable Registry Editor
Start>Run>gpedit.msc>User configuration>Administrative Templates>System>Prevent
access to registry Tools
Right Click Properties set Enabled.
Enable Task manager from Registry
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current
version\Policies\System
In the right pane, delete the value named DisableTaskMgr
Or else use Group Policy Editor
Start>Run>gpedit.msc>User configuration>Administrative
Templates>System>Ctrl+Alt+Delete Options>Remove Task Manager
Set the Policy Not Configured.
Enable Folder Options
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current
version\Policies\Explorer\
NoFolderOptions set 0=Show, 1= Hide
Or you can use registry mechanic to optimize your registry.
Remove all startup items
Start>Run >msconfig
Services tab> Hide all Microsoft services> disable all
Start up tab> disable all Click apply then Ok, Do not restart your computer(It may start with Explorer).
Check if anything is gets Starts with Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Current
version\Winlogon
Set Shell = Explorer.exe (if values looks like "Exlorer.exe avop.exe", then remove
everything other than Explorer.exe)
Search
Now search for "*.exe" file in all hard disk partitions with "Search Hidden files and
Folders" option enabled.
Delete all the executable with icon as folder icon.
Restart your computer and enjoy.
Saturday, August 30, 2008
Subscribe to:
Post Comments (Atom)
5 comments:
thanks for sharing it's very helpful,im on the probs of how to upgrading my anti-virus....ty
here is one thng that every one needs to watch, I became a vitim of a malware attack disguised as a driver update.
Another helpful hint - Stop using Internet Explorer. Use Firefox. Dump Bill Gates and sign up with Steve Jobs - really Apple/MAC over Microsoft - I'm so glad I switched.
my husband's computer is infected with trojan virus right now. he's pissed because he just clicked a travel website this morning then that darn virus came in and had disabled his start menu. can u please help us with this? he can't access with his job files right now. he was searching in the internet using my laptop but the details he is getting are just protection...not the removal.pls!pls! tnx so much!
marly
mgmarly@gmail.com
Sorry, this comment is not really related to this post, but I am hoping that you might be able to offer some help anyway. For my BitDefender Antivirus has detected a Gen:Trojan.Heur.5000FF5000 in [System]=]C:\Windows\System32\mobsync.exe (memory dump), and is unable to remove it. Making things even more interesting is that I cannot find such a file on my computer at all.
So far, I have tried also running AdAware, SUPERAntiSpyware (SAS), and Trojan Remover as recommended by others I found through a Google search of the problem, but according to BitDefender, the virus still remains. So, do you have any suggestions?
Post a Comment