5 Tips for Preventing Virus Attacks on Your Computer

1. Keep your signature files up to date: On most virus removal programs, there is a component that will check for virus signature updates at regular intervals when your computer is connected to the internet. You may either get a prompt to update your signature files, or a status indicator will say that the current signature file is not up to date. You can check for signature updates manually by right clicking on most antivirus icons in the lower right corner of your desktop.

2. Your toolbars on your browser need to be kept at a minimum. Toolbars generally are not a good thing to install. Some toolbars, when installed, are hard to get rid of. One example is Babylon, which is a toolbar that lingers on your computer when you thought you got rid of it. Toolbars can be installed in Internet Explorer, Firefox, Google Chrome and more. Toolbars sometimes come bundled with other software that you install on your computer. Toolbars are stealthy. They get installed in your browser, then suddenly, your whole browsing experience has been hijacked. The next time your computer is infected with spyware or viruses and you’ve got 4 or more toolbars, Eliminate the toolbars, and run a virus scan to see if that eliminated the problem.

3. Do research on new programs before downloading them. Some viruses come in the form of a program that you are downloading from a seemingly friendly internet web site; some programs that say they can magically fix your computer can also cause your system to crash. By researching the name of the web site that provides a download and by researching the name of the exe, zip, tar or whatever file extension it has in Google before you actually use it, you may find that the program has been mentioned as a possible virus, worm, or malware. Some driver downloads, pornographic web sites, and legitimate looking adware removal programs have been known to be viruses in disguise. A Trojan horse is a legitimate looking program that does your computer harm. The AVG antivirus logo has been copied onto Trojan horse programs and users have had a serious virus attack. Virus removal programs such as AntiVirus Live, Advanced Virus Remover are also programs that disguise themselves as legitimate programs. These programs will hold your computer hostage until you pay ransom money. Don’t pay, because the problem will only get worse, and not better.

4. Do virus scans on your computer on a regular basis. A virus scan is very important to do on your computer on a regular basis, but more often than a periodic PC Tune up. It is recommended to do a virus scan at least once a week, if not every day, according to your internet use and the number of critical files on your pc. Kaspersky, Mcafee, Trendmicro all are some of the companies that have a free web scanner that will run on your computer to detect viruses. When you perform a virus scan, your antivirus program searches your system for virus signatures that are attached to executable programs and applications, such as email clients. A virus scanner can search all executables when a system is booted or scan a file only when a change is made to the file because some viruses will change your computer files.

5. Avoid downloading content from P2P file sharing sites. Peer-to-Peer networking, known as P2P, is similar in concept to a browser. It is an application that runs on your PC and allows sharing of files. Napster and Lime wire used to be two of the most popular peer-to-peer application programs, sharing MP3 music files, until they were shut down by the U.S. Justice Department. Today, favorites like Emule, Gnutella, Morpheus, Bearshare, and Kazaa share center stage. There are many virus programs that spread through various P2P networks, so by avoiding downloading P2P software, you will have less problems with malware and viruses. With the massive popularity of P2P file sharing also comes the risks of embedded adware / spyw3are in client distributions. A recent scan by the Center for information security found spyware and pests in Kazaa, Edonkey, Morpheous, and Bearshare. The vulnerabilities included active content and embedded url’s, and vulnerabilities in the media reader. It is suggested that you read the EULA’s or End user license agreements.

How To Remove Total Virus Scanner

Total Virus Scanner is a newly released virus infection that’s been created by hackers to try and get you to buy the fake upgrade to the program. Although this tool may look legitimate (and it’s design is surprisingly good actually) – it’s a scam. This tool will do nothing to help your system, and is continually going to be causing a huge number of problems for your system. In order to get rid of the program, you really need to be able to get rid of all the parts of the infection that you’ll have installed onto your PC, allowing Windows to run without the constant threat of the infection looming over it.

If you have the Total Virus Scanner virus on your computer, it’s vital that you’re able to remove all the parts of the program in the most effective way. We’ve found this can be slightly more trickier than what it may seem. This is because the main aspect of this infection is the way in which it will continually block the likes of Windows Task Manager, your programs and the Internet of Windows. If you’re experiencing problems with the infection, it’s important that you’re able to first stop the virus from loading, and then delete any of the files that it may have inside, which will boost your PC’s reliability and effectiveness.

There are 2 steps to get rid of Total Virus Scanner, which is to first prevent the program from being able to operate and then delete all the parts of the virus that may be on your PC. The way to get around the first step is to either use a program called rKill, or to restart your computer into “Safe Mode” and then go from there. Safe Mode is basically a mode of Windows which allows your system to run without any viruses / software on there. To do this, you can download a version of rkill from the Internet, install it on your PC and then let it clean out any of the malicious processes that your system may have. If this doesn’t work, you can just restart Windows, press F8 continually before the system loads again, and then select “Safe Mode With Networking” to load up Windows with the Internet enabled.

After loading your PC into safe mode, you have to be able to delete the virus. This can be done manually if you feel confident, which can be done by following these steps:

  • Click onto “Start” > “Computer” > “C:/Windows/Temp”
  • Select the file labelled “TotalVirusScanner.exe”
  • Press SHIFT + DELETE to get rid of the file

Removing Deep Rooted Viruses From Windows Operating Systems

This article takes a generalised approached to removing nuisance Trojan/virus/malware from your computer. The author takes no responsibility for you trashing your computer as a result of the advice on this web page, and assumes you have an intermediate knowledge level of the Windows operating system.

Recently I have had the pleasure of disinfecting many computers with stubborn viruses that refuse to go away with the usual methods (e.g. opening your anti-virus programme and clicking scan). The “deep rooted” ones, as I like to call them, can be more problematic.

There are lots of different symptoms, one problem you may face is fake/scam anti-virus programmes that will pop-up as soon as you open your Internet browser (or sometimes opening any executable (.exe) file) and prevent you from viewing other websites until you have paid. I can’t stress how important it is NOT to pay. No real anti-virus programme would force you to pay so you could “get on the web”.

So, how do we remove these pests?

Here are some steps you could follow to fix the problem.

(These steps presume you can logon and see the Windows desktop, if not please go straight to step 4)

1. Restart your computer and constantly tap the F8 key until you get the boot menu and select: “Safe Mode with Networking”

2. Once the Windows desktop has loaded click Start -> Control Panel -> Internet Options -> Click the “Connections” tab -> Click the “LAN Settings” button. Under the “Proxy Server” heading, if the “Use a proxy server for your LAN” is checked then click the “Advanced” button. Look at the HTTP item, if the address is “localhost” or “127.0.0.1″ then you may be infected. To test this go back and uncheck the “Use a proxy server for your LAN”. Then try and connect to the Internet. If all is OK and you can browse the web then go to the list of anti-virus programmes below.

If opening any programme invokes a fake anti-virus pop-up then your.exe file association needs to be fixed. If your operating system is XP then you can download a.reg file to set it back to default here: http://www.dougknox.com/xp/file_assoc.htm

3. If none of the above works and you still can’t access websites, then you may need to remove the hard drive from the infected computer and “dock” it with another computer for analysis. You can then scan the external drive for viruses (see list of anti-virus programmes below). You can also load registry files from the docked drive. So if your docked drive is F: Try the following:

Click Start -> Run -> type “regedit” and press OK. Then expand “My Computer” (if it isn’t already) and click the HKEY_LOCAL_MACHINE key so it is highlighted. Then you need to load the registry hive from your docked drive. So click File -> Load Hive, then navigate to your registry files, they will be situated F:\WINDOWS\system32\config. If your docked drive is using a different letter then replace F: with your docked drive letter. See the list of possible infected registry keys below.

LIST OF ANTI-VIRUS PROGRAMMES AND ROGUE SOFTWARE REMOVAL TOOLS

I usually install three or four different virus scanners from the list below to ensure that all Viruses/Trojans/Malware are discovered and removed.

Here is my order of priority:

1. Malwarebytes

2. AVG Free

3. Microsoft Security Essentials

4. Trend Housecall – free on-line virus scan

5. Bitdefender – free on-line virus scan

Another tool that can show everything that starts-up on your computer is Hijackthis.

IMPORTANT XP REGISTRY KEYS THAT CAN BECOME INFECTED

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

** Programmes within these keys are loaded at start-up **

HKEY_CLASSES_ROOT\.exe

** This key can be changed to load the virus every time a programme is started **

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

** This key value should be “C:\WINDOWS\system32\userinit.exe,”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ Shell

** This key value should be “Explorer.exe”