00000

oooo
 
HomeRegisterLog in
Welcome to ICT Department forum! New members should read RULES AND GUIDELINES before posting.
PARA SA MGA MEMBERS NA ONLINE NGAYON . . . . MAGSIPAG LOG-IN KAYO SA CHATBOX!!!!! hahahaha
Who is online?
In total there is 1 user online :: 0 Registered, 0 Hidden and 1 Guest

None

Most users ever online was 29 on Fri 12 Feb 2010 - 20:24
WELCOME PO SA INYO
Latest topics
» HHEELPPP
Tue 9 Jul 2013 - 22:17 by khing

» take home exam
Tue 9 Jul 2013 - 22:12 by khing

» new
Sun 30 Jun 2013 - 11:02 by vhoon

» VISUAL BASIC 6.0 Portable Download
Thu 2 May 2013 - 12:04 by snapshaq1823

» cnu meron na project sa discrete?
Wed 22 Feb 2012 - 16:03 by iunacoh

» love kowtz
Fri 14 Oct 2011 - 4:04 by MalinawnaUsapan

» ^_^kowtx
Thu 13 Oct 2011 - 11:47 by ♥ baboilett :)

» trivia of the day
Wed 22 Jun 2011 - 17:28 by Guest

» ANG TNGA KO SAYO ...
Wed 25 May 2011 - 18:26 by MalinawnaUsapan

Top posters
-_-___ExODuZ--13`
 
christianne
 
MalinawnaUsapan
 
aldrinx
 
Admin
 
khrizel
 
JR
 
BiglaangLakad
 
kamoteh13
 
beelzebub666
 
December 2016
MonTueWedThuFriSatSun
   1234
567891011
12131415161718
19202122232425
262728293031 
CalendarCalendar
Birthday booth
pls PM any of the administrators if you know someone who is celebrating their birthday ^_^


Search
 
 

Display results as :
 
Rechercher Advanced Search
Social bookmarking
Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Furl  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Bookmark and share the address of ICT Dept. of CDSGA on your social bookmarking website

Bookmark and share the address of 00000 on your social bookmarking website

Share | 
 

 SIMPLE PROCEDURE HOW TO PROTECT AND REMOVE VIRUS

View previous topic View next topic Go down 
AuthorMessage
eyescream
forum supporters
forum supporters


Posts : 17
Join date : 12/02/2010
Age : 24
Location : Brgy. Muzon San Jose del Monte Bulacan

PostSubject: SIMPLE PROCEDURE HOW TO PROTECT AND REMOVE VIRUS   Thu 25 Feb 2010 - 13:36

Dialers, Trojans, Viruses, and Worms Oh My!

If you use a computer, read the newspaper, or watch the news, you will know about computer viruses or other malware. These are those malicious programs that once they infect your machine will start causing havoc on your computer. What many people do not know is that there are many different types of infections that are categorized in the general category of Malware.

Malware Malware is programming or files that are developed for the purpose of doing harm. Thus, malware includes computer viruses, worms, Trojan horses, spyware, hijackers, and certain type of adware.

This article will focus on those malware that are considered viruses, trojans, worms, and viruses, though this information can be used to remove the other types of malware as well. We will not go into specific details about any one particular infection, but rather provide a broad overview of how these infections can be removed. For the most part these instructions should allow you to remove a good deal of infections, but there are some that need special steps to be removed and these won't be covered under this tutorial.

Before we continue it is important to understand the generic malware terms that you will be reading about.

Adware A program that generates popups on your computer or displays advertisements. It is important to note that not all adware programs are necessarily considered malware. There are many legitimate programs that are given for free that display ads in their programs in order to generate revenue. As long as this information is provided up front then they are generally not considered malware.

Backdoor A program that allows a remote user to execute commands and tasks on your computer without your permission. These types of programs are typically used to launch attacks on other computers, distribute copyrighted software or media, or hack other computers.

Dialler A program that typically dials a premium rate number that has per minute charges over and above the typical call charge. These calls are with the intent of gaining access to pornographic material.

Hijackers A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own start page, redirecting search queries to a undesired search engine, or replace search results from popular search engines with their own information.

Spyware A program that monitors your activity or information on your computer and sends that information to a remote computer without your knowledge.

Trojan A program that has been designed to appear innocent but has been intentionally designed to cause some malicious activity or to provide a backdoor to your system.

Virus A program that when run, has the ability to self-replicate by infecting other programs and files on your computer. These programs can have many effects ranging from wiping your hard drive, displaying a joke in a small box, or doing nothing at all except to replicate itself. These types of infections tend to be localized to your computer and not have the ability to spread to another computer on their own. The word virus has incorrectly become a general term that encompasses trojans, worms, and viruses.

Worm A program that when run, has the ability to spread to other computers on its own using either mass-mailing techniques to email addresses found on your computer or by using the Internet to infect a remote computer using known security holes.

How these infections start


Just like any program, in order for the program to work, it must be started. Malware programs are no different in this respect and must be started in some fashion in order to do what they were designed to do. For the most part these infections run by creating a configuration entry in the Windows Registry in order to make these programs start when your computer starts.

Unfortunately, though, in the Windows operating system there are many different ways to make a program start which can make it difficult for the average computer user to find manually. Luckily for us, though, there are programs that allow us to cut through this confusion and see the various programs that are automatically starting when windows boots. The program we recommend for this, because its free and detailed, is Autoruns from Sysinternals.

When you run this program it will list all the various programs that start when your computer is booted into Windows. For the most part, the majority of these programs are safe and should be left alone unless you know what you are doing or know you do not need them to run at startup.

At this point, you should download Autoruns and try it out. Just run the Autoruns.exe and look at all the programs that start automatically. Don't uncheck or delete anything at this point. Just examine the information to see an overview of the amount of programs that are starting automatically. When you feel comfortable with what you are seeing, move on to the next section.

How to remove these infections

We have finally arrived at the section you came here for. You are most likely reading this tutorial because you are infected with some sort of malware and want to remove it. With this knowledge that you are infected, it is also assumed that you examined the programs running on your computer and found one that does not look right. You did further research by knowledge that you are infected, it is also assumed that you examined the programs running on your computer and found one that does not look right. You did further research by checking that program against our Startup Database or by searching in Google and have learned that it is an infection and you now want to remove it.

If you have identified the particular program that is part of the malware, and you want to remove it, please follow these steps.

1. Download and extract the Autoruns program by Sysinternals to C:\Autoruns
heres the link below
http://technet.microsoft.com/sysinternals/Utilities/Autoruns.html

2. Reboot into Safe Mode so that the malware is not started when you are doing these steps. Many malware monitor the keys that allow them to start and if they notice they have been removed, will automatically replace that startup key. For this reason booting into safe mode allows us to get past that defense in most cases.

3. Navigate to the C:\Autoruns folder you created in Step 1 and double-click on autoruns.exe.

4. When the program starts, click on the Options menu and enable the following options by clicking on them. This will place a checkmark next to each of these options.

1. Include empty locations
2. Verify Code Signatures
3. Hide Signed Microsoft Entries

5. Then press the F5 key on your keyboard to refresh the startups list using these new settings.

6. The program shows information about your startup entries in 8 different tabs. For the most part, the filename you are looking for will be found under the Logon or the Services tabs, but you should check all the other tabs to make sure they are not loading elsewhere as well. Click on each tab and look through the list for the filename that you want to remove. The filename will be found under the Image Path column. There may be more than one entry associated with the same file as it is common for malware to create multiple startup entries. It is important to note that many malware programs disguise themselves by using the same filenames as valid Microsoft files. it is therefore important to know exactly which file, and the folder they are in, that you want to remove. You can check our Startup Database for that information or ask for help in our computer help forums.

nsa baba ung link

http://www.bleepingcomputer.com/forums/

7. Once you find the entry that is associated with the malware, you want to delete that entry so it will not start again on the next reboot. To do that right click on the entry and select delete. This startup entry will now be removed from the Registry.

8. Now that we made it so it will not start on boot up, you should delete the file using My Computer or Windows Explorer. If you can not see the file, it may be hidden. To allow you to see hidden files you can follow the steps for your operating system found in this tutorial:

http://www.bleepingcomputer.com/tutorials/tutorial62.html

Please read this tutorial and follow the steps listed in order to be safe on the Internet. Other tutorials that are important to read in order to protect your computer are listed below.

Understanding Spyware, Browser Hijackers, and Dialers

Understanding and Using Firewalls

Safely Connecting a Computer to the Internet

Using Spybot - Search & Destroy to remove Spyware from Your Computer

Using Ad-Aware SE to remove Spyware & Hijackers from Your Computer

Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware
Back to top Go down
 
SIMPLE PROCEDURE HOW TO PROTECT AND REMOVE VIRUS
View previous topic View next topic Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
00000 :: Computer Problems!-
Jump to: