Thursday, March 11, 2010

Most Dangerous Computer pc viruses and worms

Viruses and worms are a cause for thousands of losses all over the world. There are number of viruses and worms created. Below i have listed 6 most dangerous and havoc creating viruses that affected millions of computer users over the world. The order of viruses is not important.
Most dangerous computer viruses :

1. ILOVEYOU :

This ILOVEYOU worm is considered to be most dangerous worm ever created. It was written in VBScript. It was first noticed in Philippines on May 4 2000 and then spread all over world in just one day, affecting 10% internet users and causing loss of about $5.5 billion. The worm arrived in email inbox with subject “ILOVEYOU”. Hence, called ILOVEYOU worm. It had an attachment “LOVE-LETTER-FOR-YOU.TXT.vbs” . The worm overwrote many important files, with music, multimedia files with a copy of itself attached to each file. Also, it sent the worm to everyone on victim contact list. Thus, worm spread very fast. Only windows users were affected.

2. Mydoom :

Mydoom , a computer virus affected Microsoft Windows. After it was first noticed on January 26, 2004, it became fastest spreading computer virus ever, breaking record of Sobig worm. Mydoom was designed to send junk emails from infected computers. The actual worm programmer is still unknown.

3. Virut virus :

This Virut virus infects executable portable files such as .exe and .scr andeach time it propagates it uses Polymorphism - to evade detection. On infected machine, virus opens a backdoor connecting with an IRC server which is prespecified by virus programmer. This backdoor allow attacker to download additional malware to victim computer. This virus affected and shut down court system computers of Texas this February.

4. Blaster worm :

This Blaster worm - a computer worm that affected computers running Microsoft operating systems. But, the spread of this worm was limited by filtering of ISP and its publicity. The worm was designed to start a SYN Flood on Aug 15, 2003 against port 80 of windowsupdate.com, intended to create a distributed DDoS attack against this site.

If the worm detects an internet connection, the system would become unstable and after displaying a message for 60 seconds, the system used to restart. The message displayed looked like:

“I just want to say LOVE YOU SAN!!”
“billy gates why do you make this possible? Stop making money
and fix your software!!”

5. Sobig worm :

This worm ws detected in Aug 2003 which affected millions of internet connected windows operating systems. The worm was written using Microsoft Visual C++ compiler and compressed using tElock. The most destructive version was Sobig.F .

This worm was worm as it replicated itself and also a Trojan Horse as it appeared other than malware. The programmer of this worm is still not known.

6. Conficker virus :

This virus came into role in November 2008 and affected millions of computer. Basically, its a worm capable of replicating itself and thus can spread fast. The worm spreads itself primarily through a buffer overflow vulnerability in the Server Service on Windows based computers.

When this worm is executed on a computer, it is capable of disabling Windows services such as Windows Update, Windows Defender, Windows Security Center and even Windows Error reporting.

But, the threat due to this worm is reduced as most anti viruses are now detecting this worm and its further spread is thus prevented. This worm is mainly spreading in China, followed by Argentina, Brazil, Russia, and India - where software update is done to less extent.

So friends, this is all about viruses. These are most dangerous viruses or worms that affected millions of worldwide computers. I just wanted to say that keep your anti viruses updated to prevent yourself from being affected by such viruses and worms. If you think any other virus or worm needs mention over here, please mention it in comments section. I will update the article.

Source:
http://computer-bloggingtricks.today.com/2009/03/12/6-ever-most-dangerous-computer-pc-viruses-and-worms/

Trojan Horse virus

A Trojan Horse Virus is a common yet difficult to remove computer threat. This is a type of virus that attempts to make the user think that it is a beneficial application.

A Trojan Horse virus works by hiding within a set of seemingly useful software programs. Once executed or installed in the system, this type of virus will start infecting other files in the computer.

A Trojan Horse Virus is also usually capable of stealing important information from the user's computer. It will then send this information to Internet servers designated by the developer of the virus. The developer will then be able to gain a level of control over the computer through this Trojan virus. While these things take place, the user will notice that the infected computer has become very slow or unexpected windows pop up without any activity from the user. Later on, this will result to a computer crash.

A Trojan Horse virus can spread in a number of ways. The most common means of infection is through email attachments. The developer of the virus usually uses various spamming techniques in order to distribute the virus to unsuspecting users.

These emails contain attachments. Once the user opens the attachment, the Trojan Horse Virus immediately infects the system and performs the tasks mentioned above.

Another method used by malware developers to spread their Trojan Horse viruses is via chat software such as Yahoo Messenger and Skype. Another method used by this virus in order to infect other machines is through sending copies of itself to the people in the address book of a user whose computer has already been infected by the virus.

The best way to prevent a Trojan Horse Virus from entering and infecting your computer is to never open email attachments or files that have been sent by unknown senders. However, not all files we can receive are guaranteed to be virus-free. With this, a good way of protecting your PC against malicious programs such as this harmful application is to install and update an antivirus program.

Monday, March 8, 2010

Antivirus 2010

Antivirus 2010 is a very insistent that you want to download yourself and protect your computer.

Do not fall for it. Antivirus 2010 will not protect you against malware. In fact, it is malware. It is a rogue program pretending to protect against infection, while infecting your computer.

If you receive a pop-up warning of danger and it is suggested to install this wonderful program, click Yes and no, click No, no. Close the window.

And if you think you became infected, download, install and run the free version of SuperAntiSpyware any Malabytes and Anti-Malware.

Remove Autorun.inf virus

If your computer is infected with autorun virus, you will not be able to view the drives. Instead it will ask for open with option when you double click on a drive. It applies for all the drives. You can view the files only through windows explorer. Autorun virus enters a pc when we use cd rom which is autorun cd. Most of the antivirus software removes this virus as soon as a threat is detected. If not scan the entire sytem for viruses. Few antivirus software that i have used are 1. AVG 2. Avira 3. Panda 4. Symantec. you can protect your computer to install antivirus on computer.

Follow the steps:
1. Scan your sytem for viruses. Scan for each drive.
2. This is will fix the problem. The antivirus your using will remove this virus.
3. Otherwise continue your task. There are several manual removal tools like autorun eater 2.4. It worked for me.
4. Even this does not work. Try it manually.
goto command prompt type c: atrrib-h-s-r autorun.inf
del c:\autorun.inf
del c:\ntdelect.com

Sunday, March 7, 2010

How to Scan More Than Just C: Drive for Spyware

This post provide virus protection tips to protect your computer. Have Spy Sweeper scan other hard drives or removable devices for spyware and adware

If you have several hard drive or hard drive partitions on your system, you may want Spy Sweeper to scan these drives, and not just your C: drive, for spyware and questionable content. To make this change:

1. Double-click the Spy Sweeper icon in your Windows taskbar. If it is not present, you can click "Spy Sweeper" in your "Programs" or "All Programs" menu.

2. Click the "Options" button on the left.

3. Click the "Sweep Options" button on top.

4. Underneath "Select Drives to Sweep", click the "pull-down".

5. Checkboxes will appear representing your available drives. Check the boxes next to the drives that you want scanned (swept) for spyware.

6. Click the "Apply" button.

Now, when you do a "Sweep Now", these other drives will be checked for spyware.

How to Delete NLSDL.EXE Virus

The NLSDL.exe virus, alternatively knows as the worm.Win32.VB.ck virus, pretends to be a critical Microsoft Windows file. The fake NLSDL.exe will open when your computer boots up. The file then will connect to a remote server and attempt to download malicious files. To remove virus from your system, you will need to delete several files it copies to your computer's

Navigate to the AVG website if you don't already have an antivirus utility installed on your computer. Download and run the installation file for the antivirus utility.

Restart your computer and wait for the logo of your computer's manufacturer to appear on the monitor. Press the F8 key to bring up a new menu.

Scroll down to the "Safe Mode" option and press Enter. Bring up the Start menu once the operating system finishes loading. Click on the "Search" option.

Type the phrase "6d4e036f-cb53-4ebb-9c47-fdc78b67be70.exe" into the Windows Vista search box. Right-click on the file and choose the "Delete" option. Search for and delete the "worm2007.exe" file.

Search for "NLSDL.exe." Look through the files that appear and find the version that is not in the Windows folder. The fake version will be installed into a random folder other than Windows. Right-click on the file and delete it.

Search for "regedit" and double-click the registry editor's icon when it appears in the search results. Click on the folder HKEY_CURRENT_USER.

Navigate through the subfolders Software, Yahoo and Pager to get to View. Right-click and delete the folders YMSGR_Launchcast and YMSGR_buzz.

Close the registry editor's window. Make sure your antivirus definitions are up to date and run a full system scan.

After the virus scan is completed, restart your computer.

Microsoft offers free Anti-virus

A trial version of Microsoft's liberated anti-virus code has been launched in the US, China, Brazil, and Israel.

Microsoft Security Essentials (MSE) promises to provide grouping with base protection against viruses, trojans, rootkits and spyware.

The code giant has been criticised in the time for imperfectness to include liberated section code with Windows.

Its first section package, Windows Live OneCare, failed to attract some customers and will be discontinued.

Microsoft is hoping that MSE, available as a liberated download from its site, will prove more popular. It has said it will automatically update it for users.

However, rival section vendors have questioned whether Microsoft can compete with more established anti-virus players.

Family doctor

\"Early reviews of the beta are display that it under-performs when compared to existing freeware products, and substantially below paid solutions,\" said section firm Symantec in a statement.

\"Referring to Microsoft's base anti-virus and anti-spyware creation as an essential section resolution is misleading. Consumers requirement firewall protection, web protection, anti-spam and identity safeguards,\" it said.

J.R Smith, chief executive of section firm AVG, said Microsoft's entry into the section market could \"further confuse consumers most the inexplicit section of their computer\".

\"It's important to discern that Microsoft's persona in the internet section demesne is much like your relationship with your trusty kinsfolk doctor. They can support diagnose the problems. In addition, they treat some general ailments. In the end, though, they are not a replacement for a specialist when you requirement one,\" he said.

Initially 75,000 trial versions of MSE, codenamed Morro, will be available in the US, Brazil, China and Israel.

Spyware Doctor With AntiVirus

Follow the tips

Open Spyware Doctor with AntiVirus and perform a Smart Update to ensure you have all the latest updates. Ensure IntelliGuard / IntelliGuard Protection has been activated.
From the System Status screen, ensure that Computer Immunization is ON. If it is set to OFF, simply click on the button to turn it ON.
Click on the Start Scan button on the left to display the System Scan screen.
Select the Full Scan radio button under the Select Scan Type section, and then click on the Scan Now button beneath this to conduct a full scan.
During scanning process, you can always Pause Scan or Stop Scan anytime.
If any infections are found, click the Fix Checked button to remove all detected infections. If the legal notice disclaimer displays, read it, and if you wish to proceed, click the Continue Removal button.

Steps to Protect Computer From Conficker Warm

The “Conficker” worm / virus also known as “Downadup” infection, is actually a virus code programmed in such a way that it can infect your computer and spread itself to other computers across a network automatically, without human interaction.

Step1
If you have a Mac or a Linux machine, breath a sigh of relief; you don't have the right code to be infected. If you're running Windows as your platform of choice, listen up, because this is critical; time is of the essence. You may experience any number of symptoms which are common like loss of Internet connection and loss of local network connection and which are less common like Automatic updates and Microsoft services being disabled.

Step2
Update your anti-virus software. Disconnect your computer from the Internet and scan your system, if you believe you are already infected. To stop the spread of the worm, see step 3. If possible, back up your data ASAP.

Step3
Disable Auto-play in Windows. For Vista: Start > Control Panel > click Play CD's or other media automatically > uncheck Use Autoplay for all media and devices. > click OK. For XP: Start > Run Enter GPEDIT.MSC >
The Group Policy dialogue box will appear. On left panel, double-click Computer Configuration > Administrative Templates > System > Double-click the Turn autoplay off option. The reason behind disabling autoplay is that Conficker can be spread through USB flash drives infected with code that starts on auto-play when the infected drive is inserted into the computer. Disabling auto-play is a good way to ensure against any malicious code automatically gaining access to your computer.

Step4
If you have the Conficker worm, DO NOT DO A SYSTEM RESTORE. Like most malware, Conficker hangs in the restore points and reactivates when you do a system restore. Utilize a decent anti-virus solution such as AVG, Avast!, or Malwarebyte's Anti-Malware. Again, disconnecting your computer from the Internet is critical to prevent the spread of the worm or the continued use of your computer by the worm for devious purposes. Windows Malicious Software Removal Tool can be used to detect and remove the Conficker worm as an option as well.

Step5
Regardless if you are on a network or a standalone computer, download the Microsoft update patch KB958644 (MS08-067) This will fix a security vulnerability that is exploited by the Conficker worm. For more information on how to exactly deploy this update across a network as well as additional information on Conficker, please visit the link in the Resources section.

How to download AVG Removal Utility

This post provide further information about AVG antivirus support. AVG Remover utility removes all parts of AVG installation on your computer, including registry items, installation and user files on your disk, etc. AVG Remover is the least option to be used in case the AVG uninstallation / repair installation process has failed repeatedly.

Warning: All AVG user settings will be removed after the uninstallation, as well as the Virus Vault content and other item related to AVG installation and use. During the removal procedure you will be asked to restart your computer. Therefore please make sure to finish your work and to save all important data prior to AVG Remover launch.

AVG Remover(32bit) (avgremover.exe) for 32 Bit System
AVG Remover(64bit) (avgremoverx64.exe) for 64 Bit System

Windows 7 included AutoRun for Worm attack

Microsoft Windows 7 has included autorun function to protect your pc from Worm. You no need to install anti-virus to extra protection.

The continuing circulation of the Conficker worm has prompted Microsoft to make changes to the AutoRun function in the Windows 7 release candidate, due for release tomorrow. As well as exploiting vulnerabilities in Windows and guessing simple passwords, Conficker also penetrates computers by using the Windows AutoRun function, which allows programs to be run automatically when a USB flash drive is connected or CD inserted.

Conficker programmers have also taken into account the behavior of AutoRun under Vista, where the AutoRun function requires confirmation from the user. After connecting an infected USB flash drive, the AutoRun dialogue box shows a fake icon to fool users into thinking that clicking on it will open a folder. Instead, it runs the worm. Suspicions should be raised by the apparent duplication of the menu item for opening the folder, but nevertheless this trick has clearly been, and remains, fairly effective.

To stop users from falling into this trap in future, Microsoft has completely removed the option of running a program from the dialogue box for writable media such as USB sticks, memory cards and external drives. The change does not, however, apply to CDs and DVDs. Testing will be required to determine what this means for U3 USB drives, which emulate a CD-ROM.

Saturday, March 6, 2010

Boot sector virus

Boot-sector viruses infect computer systems by copying code either to the boot sector on a floppy disk or the partition table on a hard disk. During startup, the virus is loaded into memory. Once in memory, the virus will infect any non-infected disks accessed by the system. Examples of boot- sector viruses are Michelangelo and Stoned.

Boot-sector viruses are spread to computer systems by booting, or attempting to boot, from an infected floppy disk. Even if the disk does not contain the MS-DOS system files needed to successfully boot, an attempt to boot from an infected disk will load the virus into memory. The virus hooks itself into memory as if it were a device driver. The virus moves the Interrupt 12 return, allowing itself to remain in memory even after a warm boot. The virus will then infect the first hard disk in the system.

Because the virus moves the Interrupt 12 return, the MS-DOS system memory will be 2K (2048 bytes) smaller than normal. This can be verified by running the MS-DOS CHKDSK command.

For example, if your system has 640K, CHKDSK will report:
655360 Total Bytes Memory

If the system is infected with a boot-sector virus, CHKDSK will report:
653312 Total Bytes Memory

Some systems use 1K (1024 bytes) of memory for the BIOS. Other systems use 2K (2048 bytes) of memory for shadow RAM. You must take this into account before CHKDSK can be used as an accurate measure of whether or not a system is infected with a virus. Please refer to the hardware manufacturer to see if the system uses part of the MS-DOS 640K of memory.

Once a system is infected with a boot-sector virus, any non-write-protected disk accessed by this system will become infected. For example, simply doing a DIR command on a floppy disk will cause the disk to become infected with the virus. Note: MS-DOS version 5.0 disks are shipped without a notch; therefore, they are write-protected. The chances of these disks containing a virus are close to none. The MS-DOS 5.0 disk files are compressed, so the actual file sizes are different. You can determine a compressed file by the underscore character (_) that is the last character of the filename extension. To expand a compressed file, use the EXPAND utility on Disk 5 (5.25-inch disk set) or Disk 3 (3.5-inch disk set).

Beware of viruses and parasites

By now, most computer users know that they have to protect against viruses. You need a good antivirus support program running on your computer in real time, monitoring and checking as files are accessed, as well as running periodic scans of all files. You need to use an up-to-date virus definition file with this AV program (sometimes these are updated almost every day, so automated updating is preferable). The virus protection on your computer should be so solid that there is rarely any doubt that you are virus-free — the only room for doubt being whether a new virus snuck in before your antivirus software’s manufacturer had a definition file that would catch it. If suspicious, run your AV program to check the system as part of zeroing in on a problem that suddenly develops on your computer. You can also try one or more of the free online virus scanners listed on my Parasites & Other Computer Security Issues page.

But there are also non viral invaders that have become as big a problem as viruses. In fact (perhaps because people are less aware of these and less mindful of protecting themselves), these parasites may be an even greater risk to your computer’s proper running. Adware, spyware, browser hijackers, automatic diallers, and other forms of non viral malware — some intentionally if misguidedly installed by the user, some foisted on you without your awareness — are, at least in a few cases, as destructive.

And, since they often are badly written, they commonly announce themselves unintentionally by breaking some functionality on the computer. Therefore, checking for these is an important early step in troubleshooting computer problems, especially if the problems appear suddenly. If there is a serious browser or Windows Explorer/My Computer problem not related to a bad or damaged browser install, failing hardware, or user error, 90% of the time the problem will be the result of one of these parasites. Because Internet Explorer is integrated into the kernel of all Windows versions after Win95, these “browser problems” can manifest as general performance degradation or error conditions in the Windows shell. If you’ve ruled out the obvious in troubleshooting browser failures, the eruption of many error messages, inability to launch programs, or sudden (in contrast to gradual) serious slowing of your computer, checking for parasites should probably be your next diagnostic step.

For an onderly seven-step approach for identifying and removing these parasitic invaders, see Quick Fix Protocol page.

Several of these parasites are intentionally added to the computer by the user because the program looks like a cool toy. For example, Hotbar is a popular browser add-on that causes big problems on most computers. Many people install Gator (now renamed Claria) to manage online passwords. People install the insidious and pernicious IEPlugin to get “faster, smarter web browsing,” and live to regret it. And so forth. Other parasites are snuck onto your computer often without your knowledge. An important early step in all troubleshooting of Windows problems, therefore, is the isolation and removal of such parasites.

Enable logging to view the log file in Windows Vista firewall

In this addition i am going to discuss about windows firewall support for how to enable logging to view log file in windows vista firewall. You can enable the Windows firewall to keep track of all the computers that successfully or unsuccessfully attempt to access your computer. This log file helps detect IP addresses which could belong to potential hackers.

To enable logging to view the log file follow:
1) Click 'Start' and click 'Control Panel'. (The 'Control Panel' window appears.)
'Control Panel' window
2) Click 'Security'. (The 'Security' screen appears.)
'Security' screen
3) Click 'Windows Firewall'. (The 'Windows Firewall' dialog box appears.)
'Windows Firewall' dialog box
NOTE: If you are prompted for an administrator password or confirmation, enter your password or click 'Continue'.
4) Click the 'Advanced' tab. (The 'Advanced' tab appears.)
'Advanced' tab
5) Under 'Security logging', click the 'Settings' button. (The 'Log Settings' dialog box appears.)
'Log Settings' dialog box
6) To enable logging of unsuccessful connection attempts, select the 'Log dropped packets' check box. To enable logging of successful connection attempts, select the 'Log successful connections' check box.
NOTE: To view the log file, make a note of the log file's full path under 'Log file options'. Browse to the log file and double-click the file.
7) Click 'OK'.


Solution: Click 'Start' and click 'Control Panel'. Click 'Security'. Click 'Windows Firewall'. Click the 'Advanced' tab. Under 'Security logging', click the 'Settings' button. Select the 'Log dropped packets' check box. Select the 'Log successful connections' check box. Click 'OK'.

Thursday, March 4, 2010

manually remove Antivirus 360

Antivirus 360 can be removed manually by following the steps below.

Step 1:
Click Start and click Control pannel
Locate the Add/Remove Programs icon and double click it.
Locate and remove Antivirus 360 in the list of programs.
Restart your computer.

Step 2
Important This post contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs

Click Start , Click Run ,type in regedit, and click OK.
Locate the following registry entry and delete them:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “13376694984709702142491016734454
HKEY_CURRENT_USER\Software\13376694984709702142491016734454
Close Registry editor page.

Step 3
Search for the files and delete all of the following files that are associated with Antivirus 360 from your computer.

%UserProfile%\Start Menu\Antivirus 360\Help.lnk
%UserProfile%\Start Menu\Antivirus 360
c:\Program Files\A360
av360.exe
%UserProfile%\Start Menu\Antivirus 360\Registration.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 360.lnk
av_360[1].exe
av_360.exe
%UserProfile%\Start Menu\Antivirus 360\Antivirus 360.lnk
%UserProfile%\Desktop\Antivirus 360.lnk
Antivirus 360.lnk

Step 4:
Remove all directories associated with Antivirus 360 by going to the C:\ProgramFiles\Antivirus 360 folder.
Restart your computer.

Tips to remove Spyware

Spyware is one of the biggest scourges of personal computing today especially as more and more computers are interconnected via the Internet and local area networks. If your computer is connected to a network or the Internet then you are not safe from this problem.

According to studies, there is over 90% chance that your computer is infected with spyware. Further, another study carried out on user computers found out that 88% of consumer machines had one form of unwanted program or another.

The nuisance caused by malware is not limited to the damage to your computer but also to your time and financial loss. 86% of people in the US who answered a survey, affirmed that spyware caused them to suffer monetary loss.

Apart from the material and financial damage caused by spyware, it is very creepy to know that spying software watches you while you work!

You need to take a proactive approach in dealing with spyware, as such your strategies to fight spyware need to be both curative and preventive.

Curative - remove spyware if your computer is already infected.

Preventive - install programs (like firewalls & antispyware) to guard your computer against intrusion and to prevent installation of new malware.

The following tips should go a long way to help in your fight against spyware:

1. Use anti-spyware to scan your computer.

This is still the top tip in 2008. To be sure your computer is not already compromised by spyware, or to find out the threats present on your machine, you need to run anti-spyware and do a deep scan of your computer. There are online-based services that will scan your computer for you, but that is as good as it gets because they will not rid your computer of spyware for free.

2. Completely shut down your computer when it is not in use.

Do not leave your computer on stand by or powered on. If your computer is connected to the internet and left on power it could be targeted by spyware.

3. Use appropriate defensive software.

You should have at least anti-spyware and a firewall installed on your PC or laptop

The Firewall guards your computer against unwanted network traffic coming from a network or the Internet, while the anti-spyware program will eliminate malicious programs like spyware, trojans, adware and worms from your computer.

4. Keep your computer updated.

New threats come out everyday, in order to win the fight against spyware and other malware you need to install updates for you computer's operating system and for the anti-spyware program you are using. Having an outdated version of software is even more dangerous than having non at all, because it gives you a false sense of security, while you are not being protected.

5. Avoid the temptation to use free anti-spyware programs.

Most of these programs are themselves wolves in sheep clothing i.e. spyware that has been repackaged in the form or free anti-spyware.

6. Be wary of email attachments from sources you are not sure of.

When I receive emails from dubious sources with a an attachment no matter how captivating the title might be, I press the delete button almost immediately. You should do the same.

The best way to protect your computer from spyware is to run an application that identifies spyware and completely removes it.

Windows Defender detects & removes spyware

Windows Defender is software that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software by detecting and removing known spyware from your computer. Windows Defender features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected, minimizes interruptions, and helps you stay productive.

The benefits of installing Windows Defender include:

Spyware detection and removal

* Windows Defender quickly and easily finds spyware and other unwanted programs that can slow down your computer, display annoying pop-up ads, change Internet settings, or use your private information without your consent.
* Windows Defender eliminates detected spyware easily at your direction, and if you inadvertently remove programs that you actually want, it's easy to get them back.
* Windows Defender allows you to schedule your scanning and removal times when it's convenient for you, whether it's on-demand or on a schedule that you set.

Improved Internet browsing safety

* Windows Defender helps stop spyware before it infiltrates your computer. Windows Defender also offers a continuous safeguard designed to target all the ways that spyware can infiltrate your computer.
* Windows Defender works without distracting you. It runs in the background and automatically handles spyware based on preferences that you set. You can use your computer with minimal interruption.

Protection against the latest threats

* A dedicated team of Microsoft researchers continuously searches the Internet to discover new spyware and develop methods to counteract it.
* A voluntary, worldwide network of Windows Defender users helps Microsoft determine which suspicious programs to classify as spyware. Participants help discover new threats quickly and notify Microsoft analysts, so that everyone is better protected. Anyone who uses Windows Defender can join this network and help report potential spyware to Microsoft.
* To help protect your computer from the latest threats, you can choose to have updates that counteract new spyware automatically downloaded to your computer.

Windows Defender is included with all versions of Windows Vista and is available to download for genuine copies of Windows XP Service Pack 2 or later, or Windows Server 2003 Service Pack 1 or later.

Wednesday, March 3, 2010

Manually remove XP Antivirus 2010

Antivirus 2010 not only it uses misleading advertisements to gain a purchase, but also it crashes a system and loads fake Blue Screen of Death

Step 1: Stop unwanted process running in background.
Click Start then Run and type taskmgr.exe
Click on Process tab in Task Manager and locate the following Image name(s).
AV2010.exe
svchost.exe
wingamma.exe
Highlight the Image name and click End Process to Stop.
Close Task Manager.

Step 2:- Delete the suspicious file(s) or folder(s) from the computer

Click on Start and Run, type
C:\Program Files\AV2010 c:\Program Files\AV2010\AV2010.exe c:\Program Files\AV2010\svchost.exe
C:\WINDOWS\system32\IEDefender.dll
c:\WINDOWS\system32\wingamma.exe c:\Documents and Settings\All Users\Desktop\AV2010.lnk c:\Documents and Settings\All Users\Start Menu\Programs\AV2010
c:\Documents and Settings\All Users\Start Menu\Programs\AV2010\AV2010.lnk c:\Documents and Settings\All Users\Start Menu\Programs\AV2010\Uninstall.lnk
Locate the following folder and Delete

c:\Program Files\AV2010
c:\Documents and Settings\All Users\Start Menu\Programs\AV2010
close the Window.

Step 3:- Uninstall the Suspicious program from the computer.

Click on Start and Run, type appwiz.cpl, press Enter.
Locate Antivirus 2010 in Add and Remove Program.
Click on Remove (Uninstall) button.
Close Add or Remove program.
Restart the computer.

Step 4:- Manual Removal of suspicious entries from Registry.

CAUTION: Changing the Registry incorrectly could cause your comuter to stop working. Please make sure to create backup of registry or create system point before proceeding.

Click Start, Click run and type regedit.

Create a registry backup.
Note: Some of these Registry keys and values may be random.
Locate the following registry keys, right click and Delete
HKEY_CURRENT_USER\Software\AV2010
HKEY_CLASSES_ROOT\AppID\{3C40236D-990B-443C-90E8-B1C07BCD4A68}
HKEY_CLASSES_ROOT\AppID\IEDefender.DLL
HKEY_CLASSES_ROOT\CLSID\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO
HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO.1
HKEY_CLASSES_ROOT\Interface\{7BC7565C-5062-43CE-8797-DC2C271140A9}
HKEY_CLASSES_ROOT\TypeLib\{705FD64B-2B7B-4856-9337-44CA1DA86849}
HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0012
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0013
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0014
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 'Windows Gamma Display'
Restart the computer.

Virus Protection in best Way

What is the best antivirus protection program to have? That is the question that everyone asks when they buy a new computer or upgrade their internet connection. With broadband becoming more and more popular in recent years, a good antivirus protection program is a must. Threats to your computer are everywhere on the net and without good antivirus protection your privacy may be at risk.

When looking for the best antivirus protection there are a few things you should keep in mind.
1. Does the software offer good customer support?

2. Do they keep the software up to date and upgrade it regularly?

3. Do they block spy ware and Trojans?

4. So they have a firewall feature?

5. Is there a money back guarantee if you’re not satisfied?

Remember to keep all this in mind when searching for the best antivirus protection. In my opinion free antivirus programs aren’t really worth bothering with, as there not kept up to date as frequently as paid services. But at the same time don’t pay a fortune for your service. Sometimes the smaller lesser known companies are a lot cheaper than the bigger antivirus companies and have just as good protection.

Finally, you should definitely never be without virus protection especially if your broadband is always connected. With broadband becoming more popular, there are lot more hackers and viruses out there. Always keep your antivirus protection software up to date and scan your computer for viruses regularly and you shouldn’t have any problems.

IE Antivirus

IE Antivirus can wreak havoc on your computer. Detecting IE Antivirus symptoms on time can help reduce the damage done to your computer. There are many signs that your computer has been infected with IE Antivirus. Here are some possible IE Antivirus symptoms that your computer may have.

Signs That Your Computer Has Been Infected

* Excessive pop-up advertisements. Your computer is bombarded with pop-up ads while you're on the Web and even when you're not on the Web. If you see pop-up ads that are coming from questionable websites, you may have IE Antivirus or other types of spyware on your computer.
* Your Web browser has additional components that you do not recall downloading. Spyware may install Search toolbars or Internet browser toolbars that appear floating on your screen or within your Web browser without your knowledge. If you notice certain icons or tools that you don't remember adding yourself, you may have been infected with IE Antivirus or other types of Spyware.
* Your computer is slower than usual. IE Antivirus may use your computer's system resources to execute its malicious tasks. IE Antivirus may use your memory, internet connection and your bandwidth to run itself. A sudden change on the speed of your computer can be a sign of being infected with IE Antivirus or spyware.

If you are unfamiliar with finding and deleting sensitive files on your computer, you should avoid the risk of damaging your computer by letting software do the hard work for you.

Steps To Take To Remove IE Antivirus
Step 1: Download and install a good spyware remover on your computer
Step 2: Run a virus scan to detect IE Antivirus and other types of spyware
Step 3: Make sure your spyware remover is configured to automatically update anytime you are connected to the Internet

Over 75% of all computers are infected by viruses. Your computer may be infected also. If you suspect your computer has already been infected by the IEAntivirus, use this FREE IE Antivirus Detection Scan to remove IEAntivirus and other known computer viruses and spyware infections.

Anti Virus Spyware Utility

Anti-Virus Spyware has become very important for Computers. There are some personal computers which contain adware and shareware piece of program even before you buy them. Due to this fighting spyware and adware and removing spyware from computers is becoming even harder today. The only way to fight back is to have a Anti Virus Spyware Utility.
And what exactly does Anti Virus Spyware Utility do to protect our privacy?

Spyware programs?

When a Computer is infected by a Spyware it may be harmless or it may be dangerous. Spyware programs is any piece of program that collects information about computer usage and/or the computer user.So is there any protection whatsoever against Spyware programs? How do we fight back against Spyware programs? The only way to protect our online privacy is to use Anti Virus Spyware Utility.

You need to get some form of protection against Spyware programs.

Spyware programs: What Does Spyware programs Do to Your Computer?

Frequent popups are common features and ways to tell that you have been taken over by some sort of spyware and that you should rid your system of it immediately by getting a Anti Virus Spyware Utility. A search toolbar or other browser toolbar appears even though you didn't request it or install it. The smart thing to do is to get yourself a Anti Virus Spyware Utility. Anti Virus Spyware Utility are not hard to find, all you need is a Anti Virus Spyware Utility with a reputable reputation.

source:ezinearticles.com

Protection with Antivirus Software

With the advent of computer viruses of all kinds, antivirus software installation in PCs has become a necessity. The antivirus software comprise of computer programs which strive to identify viruses and 'malware' (other malicious software), thwart their endeavors and eliminate them altogether.

About Antivirus Software

The antivirus software program may come installed on your computer or may be purchased and installed by you. There are quite a few 'invaders' against which the computer needs to be protected against. There are the viruses, worms, Trojan horses and so on. The best antivirus software available is geared to offer protection against the whole range of such known viruses and malware. The potential damage that viruses can inflict such as deletion of files, unauthorized access to personal data, and usage of the computer as a platform to carry out attack on other computers, can all be thwarted by installing at least one of the top ten antivirus software products.

Techniques Used By Antivirus Software

The antivirus software usually uses two alternative techniques. It scans files for viruses that match the definitions given in virus dictionaries, or it identifies infection indicated by suspicious behavior from some computer program.

Some of the best antivirus software come for free. Usually the best free antivirus software adopts both the techniques. However, the best antivirus software packages put special emphasis on the virus dictionary matching approach.

Features To Look For In The Best Antivirus Software Packages

Look for the following features when purchasing an antivirus software product of choice:
Simplicity and ease of use of the software so that even a person with little knowledge of computers or viruses can use and install it.

Effectiveness in identifying viruses, worms and the like is a desirable feature of the best antivirus software products.

Efficacy in cleaning out or isolating of files already infected so as to prevent further infection is another important feature that should be included in any good antivirus software.

source:ezinearticles.com

Online antivirus Program


Viruses have been a great danger if you're online, because it easily reproduce and can destroy your computer. You can in your computer system by e-mail, instant messaging and Web sites to obtain without any difficulty.

Another way is when they realize that your system is open so that a connection peer to peer. If your computer is vulnerable, it is very susceptible to viruses.

Viruses can do things harmful to your computer. Depending on how a virus is programmed, its effects: harmful files clog your system, interfere with the processing computer or recur. Your first line of defense is always the knowledge of the virus, how they work, what are the latest viruses and how they enter your system. Then you follow the tips on how not to avoid downloading attachments from unknown senders, or delete spam email, virus.

Another defense against these malicious files will always be an online anti-virus. Downloading or purchasing online anti-virus software is recommended that the best software available on the Internet.

Here are some reasons why it is advisable to choose an anti-virus will be posted:

• Wide range of selection. An online anti-virus software can be downloaded or purchased. You can adjust the anti-virus wares online free, if you need all the basic functions is to protect your computer against viruses.

However, if you are not confident enough to use the Internet and we believe your computer is still in danger, you buy an online anti-virus that can better protect your system against virus attacks.

• Consideration of prior use of anti-virus. Information on virus detection are available online. You can offer the services and functions they.

Then try them for a few weeks if they work as expected. Make sure anti-virus choose to use and update frequently. Virus Scan updates are critical, because there are new viruses every day.

• Make a comparison. If you can not decide to take advantage of the fight against this virus, you can find a comparison. List what are their functions, services and costs. We must also consider whether they also support lines (guides, chat, e-mail).

If you have any problems with the software or removing a virus from your computer, they can guide you through the solution of the problem.

Another useful information you get on the Internet, Reviews. Virus Scan Online reviews can help you determine if the anti-virus software is the best among Internet users. Read positive and negative evaluations of anti-virus software so you can choose wisely.

First anti-virus online is very convenient, but you must be careful in choosing one. It is possible that these anti-virus is a virus itself. How do your homework in enough information on any line anti-virus, so you can decide which is best for you and your computer work.

Difference among Viruses, Worms, Trojans, and Bots

Viruses, worms, Trojans, and bots are all part of a class of software called malware. Malware or malicious code (malcode) is short for malicious software. It is code or software that is specifically designed to damage, disrupt, steal, or in general inflict some other “bad” or illegitimate action on data, hosts, or networks.

There are many different classes of malware that have varying ways of infecting systems and propagating themselves. Malware can infect systems by being bundled with other programs or attached as macros to files. Others are installed by exploiting a known vulnerability in an operating system (OS), network device, or other software, such as a hole in a browser that only requires users to visit a website to infect their computers. The vast majority, however, are installed by some action from a user, such as clicking an e-mail attachment or downloading a file from the Internet.

Some of the more commonly known types of malware are viruses, worms, Trojans, bots, back doors, spyware, and adware. Damage from malware varies from causing minor irritation (such as browser popup ads), to stealing confidential information or money, destroying data, and compromising and/or entirely disabling systems and networks.

Malware cannot damage the physical hardware of systems and network equipment, but it can damage the data and software residing on the equipment. Malware should also not be confused with defective software, which is intended for legitimate purposes but has errors or bugs.

Classes of Malicious Software

Two of the most common types of malware are viruses and worms. These types of programs are able to self-replicate and can spread copies of themselves, which might even be modified copies. To be classified as a virus or worm, malware must have the ability to propagate. The difference is that a worm operates more or less independently of other files, whereas a virus depends on a host program to spread itself. These and other classes of malicious software are described below.

Viruses
A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels. Viruses can range in severity from causing mildly annoying effects to damaging data or software and causing denial-of-service (DoS) conditions. Almost all viruses are attached to an executable file, which means the virus may exist on a system but will not be active or able to spread until a user runs or opens the malicious host file or program. When the host code is executed, the viral code is executed as well. Normally, the host program keeps functioning after it is infected by the virus. However, some viruses overwrite other programs with copies of themselves, which destroys the host program altogether. Viruses spread when the software or document they are attached to is transferred from one computer to another using the network, a disk, file sharing, or infected e-mail attachments.

Worms
Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. To spread, worms either exploit a vulnerability on the target system or use some kind of social engineering to trick users into executing them. A worm enters a computer through a vulnerability in the system and takes advantage of file-transport or information-transport features on the system, allowing it to travel unaided.

Trojans
A Trojan is another type of malware named after the wooden horse the Greeks used to infiltrate Troy. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). Trojans are also known to create back doors to give malicious users access to the system.

Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an e-mail attachment or downloading and running a file from the Internet.

Bots

"Bot" is derived from the word "robot" and is an automated process that interacts with other network services. Bots often automate tasks and provide information or services that would otherwise be conducted by a human being. A typical use of bots is to gather information (such as web crawlers), or interact automatically with instant messaging (IM), Internet Relay Chat (IRC), or other web interfaces. They may also be used to interact dynamically with websites.

Bots can be used for either good or malicious intent. A malicious bot is self-propagating malware designed to infect a host and connect back to a central server or servers that act as a command and control (C&C) center for an entire network of compromised devices, or "botnet." With a botnet, attackers can launch broad-based, "remote-control," flood-type attacks against their target(s). In addition to the worm-like ability to self-propagate, bots can include the ability to log keystrokes, gather passwords, capture and analyze packets, gather financial information, launch DoS attacks, relay spam, and open back doors on the infected host. Bots have all the advantages of worms, but are generally much more versatile in their infection vector, and are often modified within hours of publication of a new exploit. They have been known to exploit back doors opened by worms and viruses, which allows them to access networks that have good perimeter control. Bots rarely announce their presence with high scan rates, which damage network infrastructure; instead they infect networks in a way that escapes immediate notice.

Best Practices for Combating Viruses, Worms, Trojans, and Bots


The first steps to protecting your computer are to ensure that your OS is up to date. This means regularly applying the most recent patches and fixes recommended by the OS vendor. Secondly, you should have antivirus software installed on your system and download updates frequently to ensure that your software has the latest fixes for new viruses, worms, Trojans, and bots. Additionally, you want to make sure that your antivirus program can scan e-mail and files as they are downloaded from the Internet. This will help prevent malicious programs from reaching your computer. You may also want to consider installing a firewall.

Additional Definitions and References


Exploit
An exploit is a piece of software, a command, or a methodology that attacks a particular security vulnerability. Exploits are not always malicious in intent—they are sometimes used only as a way of demonstrating that a vulnerability exists. However, they are a common component of malware.

Back Door

A back door is an undocumented way of accessing a system, bypassing the normal authentication mechanisms. Some back doors are placed in the software by the original programmer and others are placed on systems through a system compromise, such as a virus or worm. Usually, attackers use back doors for easier and continued access to a system after it has been compromised.

What is Pc Virus

A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. The term "virus" is also commonly used, albeit erroneously, to refer to many different types of malware and adware programs. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive. Meanwhile viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses are sometimes confused with computer worms and Trojan horses.

A worm can spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a file that appears harmless. Worms and Trojans may cause harm to either a computer system's hosted data, functional performance, or networking throughput, when executed. In general, a worm does not actually harm either the system's hardware or software, while at least in theory, a Trojan's payload may be capable of almost any type of harm if executed. Some can't be seen when the program is not running, but as soon as the infected code is run, the Trojan horse kicks in. That is why it is so hard for people to find viruses and other malware themselves and why they have to use spyware programs and registry processors.

Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging and file sharing systems to spread, blurring the line between viruses and worms. Furthermore, some sources use an alternative terminology in which a virus is any form of self-replicating malware.

Some malware is programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Other malware programs are not designed to do any damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even these less sinister malware programs can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, much malware is bug-ridden, and these bugs may lead to system crashes and data loss. Many CiD programs are programs that have been downloaded by the user and pop up every so often. This results in slowing down of the computer, but it is also very difficult to find and stop the problem.

Tag

Anti Spyware Anti Trojan Elite Antivirus Apps for Android Phones Antivirus Apps for Samsung Antivirus Review Antivirus Support Avast AVG Avira Antivirus BestCrypt BitDefender Boot Sector Virus BullGuard Clamwin Classroom Spy Pro Cleanup inbox and manage emails Cloud Backup Cloud Computing Security Comodo Computer Certification Courses Conficker worm Cyber Bullying cyber security Data Protection DoctoAntivirus Downloads DR Drive Genius3 eScan Antivirus Fake Antivirus Fast PC Fat Data Recovery Firewall protecion Folder Guard Professional GFI Languard Hackers HitmanPro IDS IE antivirus Installerex IT Consultants K-Secure VPN K7 Antivirus Kaspersky Linux antivirus Loaris trojan malware Manually Virus Delete mcafee MCAfee SuperDAT Microsoft Security Essential Most Danger PC Viruses Netgate spy emergency NOD32 Norman Malware Norton Online Antivirus Panda Cloud antivirus PC Care PC Doctor Pc Resources PC Technician PC Tools Antivirus PC Virus PDA Antivirus Pop-Up Removal PrivateFirewall Protector Plus Registry Clean Remove Spyware Rootkit Virus Safe Emailing Security Shardana Antivirus Rescue Disk Smartphone security Social Network Safety spyhunter Spyware SuperantiSpyware Symantec The Cleaner 2011 Top Antivirus Top Destructive Viruses Trojan Horse Trojan Killer trust port Twitter Protection USB Security Vipre Internet Security Virus Definitions Virus Scanners VueScan Pro WEB Antivirus Website Security WinASO Registry optimizer windows 7 Windows 8 Protection Windows Vista Virus Windows.8.1 WinMend System Doctor Wireless Network Protection Zemana AntiLogger