Expert Virus Removal Services and Technical advice.

We are Providing Computer users with Expert Virus Removal Services and Technical Advice.

Threats and their Removal.

Do you need a quick solution to a technical problem? With our live remote-assistance tool, a member of our support team can view your desktop and share control of your mouse and keyboard to get you on your way to a solution.

Spywares and their Removal.

Are you worried that your computer might be nfected with Spywares? Then this is were you can find Support.

Advices for Protecting the Computer.

Expert Advices for Protecting your computer from attacks from all threats

Different Anti Virus Software and Tools.

Familiarizing different Anti Virus Software and removal Tools.

Showing posts with label manual removal of virus. Show all posts
Showing posts with label manual removal of virus. Show all posts

January 5, 2011

How to Remove TSPY_ZBOT.XMAS Malware Manually

7:30 AM  Microsoft Office Expert  No comments

For removing these type of malware we need to follow certain procedure which will be common for this family of infections. First and foremost thing is to disable system restore and do a full system scan.Then we need to remove the files dropped by the virus HTML_IFRAME.SMAX. It will be in Application Data folder. When we scan using any anti-virus program it will download


Identify and delete files detected as TSPY_ZBOT.XMAS using either the Recovery Console which needs to have a startup disc. Press R when it shows at the boot time. Go to the directory by using the command Cd "C:" (taken as an example. Go to the folder that has the infected files by using the same command. Delete the files using the command Del "filename ".

Restore the modified registry value:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

  • From: Userinit = %System%\userinit.exe,%System%\sdra64.exe, To: Userinit = %System%\userinit.exe, 
Delete  the following registry values:
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
  • EnableFirewall = 0
  • In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network
  • UID = {computer name}_{23645898} 
 In HKEY_USERS\.DEFAULT\Software\Microsoft
    • Protected Storage System Provider
  • In HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer
    • {43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}
  • In HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer
    • {19127AD2-394B-70F5-C650-B97867BAA1F7}
Next step is to delete the files from the system files in system folder by typing %System%\lowsec in search box.After this we need to delete the host files that are below the local host file. After all these steps do a full system scan using good Anti-Viruses like Trend Micro, Norton etc. This will completely remove the virus.

Read More

December 15, 2010

Removing Fake Spywares Manually

10:43 PM  V R Expert  3 comments

Fake anti-viruses are the most important and dangerous infections from which we need to be cautious about. They keep pestering us with pop-ups showing many risks and show us to purchase a full version of it when we click on clean infections. This includes spy wares that take access of most of the system processes and disable most of the trouble shooting tool in windows. Since they take spy on computers after getting installed they are called Spy wares. These fake anti-viruses are created by hackers trying to steal your money using the tactics: fake alerts, wrong scan results and Interfaces that look similar to popular anti-virus software. They will make PC run slow. This can infect operating systems XP, Vista and win-7 

 

Read More
Read more »
Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More