Virus&antivirus | Art | Idea

May 10 2010

Tools and Techniques For Trojan Virus Removal

Hie mates. i found an article on the net about trojan and thought that the info maybe useful to some of user so you can read about trojan below… :p …

Before we read about Trojan virus removal, let us read about Trojan to develop a clear, complete understanding.

What is a Trojan Horse?
A Trojan Horse or Trojan is a non self-replicating malware that initially appears to be capable of performing a specific function but instead gains unauthorized access to information in a computer.

What can a Trojan do?
A Trojan virus can steal critical information such as credit card info and passwords and send the same to virus creators who may use this information for malicious gains and purposes. This virus can also considerably reduce the performance and speed of your computer and you may even start experiencing unexpected pop-ups related to adult content and casino. A computer system infected with the Trojan may even involve itself into sharing of unsolicited emails and attachments and may spread from one to many PCs at a single time. It can even corrupt data on a computer hard disk; It can even lead to system crashes and facilitating changes or deletions to computer files.
Now that we have read about the Trojans, let us now move our focus on how to go ahead with the task of Worm Trojan removal.

Trojan Win32 Removal
One of the most dangerous of all Trojans is the Trojan.Win32, which is also known as Win32 Trojan or Win32% Trojan. This seriously dangerous malware threat masquerades on your computer as a legal program and hides from you as the user to allow remote third parties to take partial or full control of your computer besides recording the keystrokes. The worst part is that it can alter security settings of your computer for facilitating more of malware to get delivered and installed on the computer.

This Trojan can attack your computer if you have downloaded a freeware application or program from an untrusted source or do not regularly update operating system, anti-virus, or FireWall, or if your computer settings are too lenient.

Removal of Trojan Win32: Before you launch a drive against Trojan Win32 removal, it is important for you to have a good anti-virus, which is updated with the latest security definitions. You can choose from anti-virus programs or Trojan Spyware removal systems such as AVG, AntiVir, Microsoft Security Essentials, Kaspersky, and ESET Nod 32. You can even opt for online Trojan removal software, which is available on the web but do make sure that you get it from a trusted source. It is very important to note here that you should not gain unauthorized access on the web, open emails from unknown sources, and not visit untrusted sites even if they are offering free software. In addition to that, you must update your anti-virus and Internet security systems and scan your computer at least every week to ensure that it is free from any possible Trojan attacks.

We hope that this piece of information on tools and techniques for Trojan virus removal was useful in developing a clear understanding.

( source: askpcexperts )

no comments | tags: Tools and Techniques For Trojan Virus Removal, trojan, trojan info, trojan removal, trojan remover, trojan tools, virus, what is trojan? | posted in Tools & application, Virus&antivirus

May 6 2010

Remove Yahoo Messenger virus

hello… sorry for the long vacation actually i been busy with my work and some other part time job, thats why i haven’t got time to add new post. ok now back to our topic on how to remove YM virus. if any of you been receiving link from your friend but when you ask him/her they say that they did’t send it thats mean your friend pc/notebook been infected with ym trojan or maybe alot of friend in your list complain that you been sending them link or spaming link to them then its mean your pc/laptop been infected with this virus.. i maybe have the solution to remove it..but it is not as simple as you thought it is..

What are those links ?:
www.myspacee-img.com/image.php or other (Do not open this url in your browser).

the virus symptom

1. It sets your default IE page to nsl-school.org, you can’t even change it back to other page. If you open IE from your comp some malicious code will automatically executed into your computer.

2. It will disables the Task manager / reg edit. So you can’t kill the Trojan process anymore.

3. Files that are gonaa installed by this virus are svhost.exe , svhost32.exe , internat.exe.
You can find these files in windows/ & temp/ directories.

4. It will sends the secured & protected information to attacker

Remove It Manually (Just follow the step below and you’ll be back to your normal activity and save from virus)

1. Close the IE browser. Log out messenger / Remove Internet Cable.

2. To enable Regedit

Click Start, Run and type this command exactly as given below: (better – Copy and paste)

Code: REG add HKCUSoftwareMic*ftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /t REG_DWORD /d 0 /f

3. To enable task manager : (To kill the process we need to enable task manager)

Click Start, Run and type this command exactly as given below: (better – Copy and paste)

Code: REG add HKCUSoftwareMic*ftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_DWORD /d 0 /f

4. Now we need to change the default page of IE though regedit.

Start>Run>Regedit

From the below locations in Regedit chage your default home page to hackgyan.com or other

Code: HKEY_CURRENT_USERSOFTWAREMic*ftInternet ExplorerMain
HKEY_ LOCAL_MACHINESOFTWAREMic*ftInternet ExplorerMain
HKEY_USERSDefaultSoftwareMic*ftInternet ExplorerMain

Just replace the attacker site with hackgyan.com or set it to blank page.

5. Now we need to kill the process from back end. For this, Press “Ctrl + Alt + Del”
Kill the process svhost32.exe . ( may be more than one process is running.. check properly)

6. Delete svhost32.exe , svhost.exe files from Windows/ & temp/ directories. Or just search for svhost in your comp.. delete those files.

7. Go to regedit search for svhost and delete all the results you get
Code: Start>Run>Regedit

8. Restart the computer. Done… hehe

Good luck ..

be save and dont make the infection spread.. :p

( Source : Comptalks )

23 comments | tags: Add new tag, clean yahoo messenger trojan, clean yahoo messenger virus, clean ym trojan, clean ym virus, remove yahoo messenger trojan, remove yahoo messenger virus, remove ym trojan, remove ym virus, spyware, yahoo messenger, yahoo messenger spyware, yahoo messenger trojan, yahoo messenger virus, ym, ym spyware, ym trojan, YM virus | posted in Computer Maintainance, Virus&antivirus

Feb 2 2010

Malicious Software Removal Tool (such as conflicker)

last week my friend call me asking my help to remove a virus infecting his external hard disk and maybe his notebook, so i went to see him to help him with his problem. After finish diagnosis i found that his external hard disk is infected by conflicker.aa virus i guess i cant remember but it is a conflicker virus.. so i search the net for conflicker virus/remover and i found this simple remover tool from microsoft website and the remover software are call malicious software remover tool. i haven’t test it yet with other virus or malware but i do try scan my friend external hard disk it found the virus but then it was late so i ask my friend to scan again in safe mode the next day he inform me that the virus is already removed by this this tool. he was happy with the result because the external hard disk no longer infected so am i cause i manage to help him solve his problem.

Later if i encounter other problem that involve malware i will try to use this tool because i think this tool can do more and will be usefull the nex time i encounter with any computer problem like last time when i found combo fix tool and for 2 1/2 years still using it because it can repair a lot of thing.

you guys can download this tool here,

p/s : remember if scanning in normal mode still wont solve your problem do go to save mode and try to scan again.

another thing to go to save mode -> restart pc/notebook -> press f8 when the bios load -> you will see some option to enter windows so you can choose any save mode option.

gud luck guys..

16 comments | tags: conflicker, conflicker remover, conflicker.aa remover, confliker.aa, malicious software, malicious software remover tool, malware | posted in Computer Maintainance, Technical, Tools & application, Virus&antivirus

Jan 14 2010

Flash Disinfector

Hello …. first of all i want to ask you if you ever have a problem with opening your drive expecially pen drive?? flash disinfector maybe the cure to your problem. when ever you want to open your pen drive, drive c, or drive d and it will pop up a dialog box saying that you cannot open folder, what you have to do is download the flash disinfector then click flash disinfector icon > click ok and done. this process will only take around 1 or 2 min to execute, scan and clean.

this application also can help you with flash malware problem. flash malware can make your pc be as slow as hell, but with a simple step you can repair it..

below are the list of malware that this application repair or removed.

W32/Perlovga (copy.exe | host.exe)
VBS_RESULOWS.A (Hacked by Godzilla, Hacked by Moozilla)
Bha.dll.vbs
w32automa worm (Autorun.vbs)
Trojan.Win32.VB.atg | Win32/Dzan | Worm_vb.bnr (tel.xls.exe | mmc.exe)
W32/RJump.worm (RavMonE)
Worm.Win32.Delf.bf | W32.Fujacks (spoclsv.exe)
W32.Fujacks.BH (Fucker.vbs)
WORM_AGENT.PGV (soundmix.exe)
W32/Hakaglan.worm (RVHost.exe)
Trojan.Win32.VB.ayo [AVP] (Macromedia_Setup.exe)
Trojan.VBS.DeltreeY.b#1 (Destrukto!!! | destrukto.vbs)

download software here

You hereby agree to the terms and conditions when you read this article and use Flash Disinfector where “This software is provided ‘As Is’ without warranty of any kind” and whatever changes will be made to your system.

56 comments | tags: Bha.dll.vbs, computer slow, flash, flash disinfector, flash malware, flash virus, godzilla, hacked, hacked by godzilla, malware, RavMonE, Trojan.VBS.DeltreeY.b#1, Trojan.Win32.VB.atg | Win32/Dzan | Worm_vb.bnr, Trojan.Win32.VB.ayo, VBS_RESULOWS.A, W32.Fujacks.BH, W32/Hakaglan.worm, W32/Perlovga, W32/RJump.worm, w32automa worm, worm, Worm.Win32.Delf.bf | W32.Fujacks, WORM_AGENT.PGV | posted in Computer Maintainance, Technical, Tools & application, Virus&antivirus

Jun 26 2009

Jambanmu,windows option disable

there actually a virus call jambanmu.. it is like malware..where it will disable some of the option in your windows. the orgin are maybe from indonesia or malaysia… because the name of the virus came from either of that coutry..

this virus spread usually by pendrive or from other computer in your network.

the symptoms of the virus are…

-command prompt been disable

-regedit been disable

-folder option button are missing

-search at start menu are missing.

and to remove this virus you can use an application call combofix &sdfix

after download both combo fix and sd fix

then save the file in c: drive then restart your computer when the computer restart press f8 repeatedly so that then the screen will ask to choose which mode to log in so just choose save mode with networking (because combo fix need internet to update) after log in to windows with save mode then you can run the combo fix just click follow the instruction and wait until the scan finish same goes with sd fix extract the file then run the runthis.bat ,Press Y and hit ENTER. It will start scanning and wait for it to finish.

Download

Combofix

SDfix

PM me if you have problem with it… i already use this application for sometime now and it works

no comments | tags: alman, almanahe, cmd been disable, command been disable, command promt, command promt been disable, disable regedit, folder option, infected malware, jambanmu, malware, missing folder option, permission block, regedit, regedit been disable, search button missing | posted in Computer Maintainance, Technical, Virus&antivirus