How to Recover from Multiple Virus Infestations

Have a desktop collecting dust, because it seems like it has enough viruses to contaminate the entire internet? Think the PC won't turn on anymore?

We're going to go through a few steps to get that once reliable desktop or laptop back on its feet again.

Turn on the computer; continuously press F8 during boot-up.

You will recieve a "Safe Mode" selection screen.

Choose just the "Safe Mode" option and press enter.

Once windows boots up, sign in as Administrator or your own account (administrator is preferred)

Go to start > run.. (search bar if in Vista)

Type "MSCONFIG" and press enter.

This will bring up the Microsoft Configuration Utility.


Go to the Services tab.

Check the box that says "Hide All Microsoft Services"

Click Disable All.

Go to the Startup tab and disable everything (uncheck all items).

Click Apply, Ok, and Restart.

Your computer will now boot straight into a clean run of Windows.

Once booted up, log in and open Internet explorer (or Mozilla Firefox if you have it)

Go to http:\\Malwarebytes.org and download MalwareBytes Free.

Install it, let it update, and run a scan. Remove anything that is found.

Close MalwareBytes.


Download Spybot: Search and Destroy from http://spybot.com

Install it, run a scan, remove all items found.

Click Mode > advanced from the top toolbar.

Click on tools in bottom left, then in the right-pane check ActiveX and BHO's

On the left, under tools, Click ActiveX

Delete all of the items listed to the right.

On the left, under tools, Click BHO's

Delete all of the items listed to the right.

Click Spybot S&D from top left, and click immunize.

Then click Immunize all in the mid-top.

To increase effectiveness follow the tips below and check the linked anti virus supprot expert for how to make your PC like-new.

How to Delete the NLSDL.EXE Virus

The NLSDL.exe virus, alternatively knows as the worm.Win32.VB.ck virus, pretends to be a critical Microsoft Windows file. The fake NLSDL.exe will open when your computer boots up. The file then will connect to a remote server and attempt to download malicious files. To remove virus from your system, you will need to delete several files it copies to your computer's

Navigate to the AVG website if you don't already have an antivirus utility installed on your computer. Download and run the installation file for the antivirus utility.

Restart your computer and wait for the logo of your computer's manufacturer to appear on the monitor. Press the F8 key to bring up a new menu.

Scroll down to the "Safe Mode" option and press Enter. Bring up the Start menu once the operating system finishes loading. Click on the "Search" option.

Type the phrase "6d4e036f-cb53-4ebb-9c47-fdc78b67be70.exe" into the Windows Vista search box. Right-click on the file and choose the "Delete" option. Search for and delete the "worm2007.exe" file.

Search for "NLSDL.exe." Look through the files that appear and find the version that is not in the Windows folder. The fake version will be installed into a random folder other than Windows. Right-click on the file and delete it.

Search for "regedit" and double-click the registry editor's icon when it appears in the search results. Click on the folder HKEY_CURRENT_USER.

Navigate through the subfolders Software, Yahoo and Pager to get to View. Right-click and delete the folders YMSGR_Launchcast and YMSGR_buzz.

Close the registry editor's window. Make sure your antivirus definitions are up to date and run a full system scan.

After the virus scan is completed, restart your computer.

How to Scan More Than Just Your C: Drive for Spyware

This post provide virus protection tips to protect your computer. Have Spy Sweeper scan other hard drives or removable devices for spyware and adware

If you have several hard drive or hard drive partitions on your system, you may want Spy Sweeper to scan these drives, and not just your C: drive, for spyware and questionable content. To make this change:

1. Double-click the Spy Sweeper icon in your Windows taskbar. If it is not present, you can click "Spy Sweeper" in your "Programs" or "All Programs" menu.

2. Click the "Options" button on the left.

3. Click the "Sweep Options" button on top.

4. Underneath "Select Drives to Sweep", click the "pull-down".

5. Checkboxes will appear representing your available drives. Check the boxes next to the drives that you want scanned (swept) for spyware.

6. Click the "Apply" button.

Now, when you do a "Sweep Now", these other drives will be checked for spyware.

Report New Spyware Threats to Trend Micro

Alert Trend Micro of suspicious spyware activity to help improve the quality of the Anti-Spyware product. this is useful to remove spyware and protect your computer from spyware

You can help ensure Trend Micro Anti-Spyware is up-to-date with the latest threats to your computing and privacy. If you notice a privacy threat not currently detected by the software, click the "Report" button. Internet Explorer will then open up to a spyware reporting webpage where you can provide information such as:

  • Spyware threat name
  • Name of product installed
  • Name of service installed
  • URL where you think the spyware was originally found
  • Problems occurred due to the spyware

Does free antivirus offer a false feeling of security?

Antivirus software is not the solution, antivirus software is part of the solution.

Consider the results from the latest Anti-Virus comparative review for May 2009 against new malware, indicating that Microsoft’s OneCare achieved an Advanced+ rating (60% detection), putting it on the second position, with Symantec achieving a mere 35% detection rate — ironically a huge percentage of AV-Comparative’s visitors are running free antivirus software according to their voting poll.

Moreover, similar results can be seen in Virus Bulletin’s comparative review for April, 2009 (subscribers only), where OneCare once again outperforms Symantec.

Does this mean that free antivirus is in fact outperforming commercial applications? Given the dynamic nature of today’s threats, what’s true for a particular moment in time can become totally irrelevant at a future date. For instance, some real-time time statistics on antivirus rankings have the potential to offer an entirely different comparative view — free antivirus scanners again rank pretty well — which shouldn’t be considered as the primary benchmark when attempting to answer whether or not free antivirus offers a false feeling of security.

Both, commercial and free stand-alone antivirus scanners suffer from a similar weakness - they’re over-positioned in the mind of the average Internet user. This over-positioning results in higher expectations which on the other hand results in lack of security awareness on what an antivirus scanner can, and cannot protect against.

Cybercriminals have been tricking signature based scanning engines for years, and their quality assurance practices are becoming even more professional and automated through the user of underground versions of popular community services such as VirusTotal, or by using multiple offline virus scanning engines before a campaign is launched. Similar services attempting to verify whether or not their malware sample will bypass popular personal firewalls are also known to be available on demand.

For more visit here: http://blogs.zdnet.com/security/?p=3733

 
©2009 Antivirus Support | by TNB