PCSafety.us

Whenever a virus attack takes place in our computer system different types of abnormalities can be seen. The popup will give messages regarding detection of infections. Clicking these popup leads us straight to the sites of Antivirus 2009. These are totally fake and only marketing schemes to prompt people to download the software. It is nothing but a rogue antivirus; it does nothing but to make the system full of threats and dangers.
Spywares are very powerful programs that have the ability to lock out your password and expose all your private data. There have been criminal cases where people use this program to achieve credit card number, bank documents and use it for unfair means.

Antivirus 2009 removal mainly can be done by utilizing two ways:
1.    In the manual procedure all the components are forcefully removed so that it does not get the chance to regenerate itself. It has to be performed very carefully; a single mistake can hamper the whole process. Small mistakes lead to removal of system files which hamper the performance of the windows. Reinstallation can be time-consuming. Another disadvantage of manual removal process is the problem of duplicate programs as the spyware duplicates itself often even if you remove it forcefully.
2.    The other effective method can be by using antispyware programs. Software’s like Malwarebytes AntiMalware and SuperAntispyware PRO plays an important role in eliminating these threats effectively.

If the antispyware used by you is not that effective then it would be better to go for a manual option. It can be changed by following certain broad steps:
1.    To find the exact Antivirus 2009 path, you can make use of the Windows File Search tool.
2.    To remove Antivirus 2009 Processes it would be better to use the Windows Task Manager.
3.    Registry editor is very important for removing the registry values if the corrupted software.
4.    To unregister the DLL files, Windows Command Prompt option has to be put to use.
5.    This has to be followed by detecting and deleting the other Antivirus files present.
6.     View the components of the Antivirus 2009 and remove them by searching their names and deleting them one by one.

Back door Virus is yet another type of software infection that breaches your computer security system. The Backdoor Trojan Horse is a slight variation of Backdoor.Sdbot. This virus prolifically spread itself over the internet and let others access yours information by using Internet Relay Chat otherwise called as IRC.

If you detect a file like %System%\15E evplore.exe or any filename related to it then it is a signal that your PC is facing Backdoor virus security breach.

Also trojan horse backdoor virus attaches information like Config Loadatiorin = l5E explore.exe or lines similar to it to your Windows registry.

To effectively remove Back door Virus first click on the start button and then follow the given instruction.

1. Depending on the windows version click on Find or Search

2. Next click either Files or Folders or All Files or Folders

3. Search for all files like 15E explore in the hard drive by typing the name in the search bar.

4. Delete those files

5. Next click Start, Run one after another and then type REGEDIT and open the Registry Editor

6. Here is the list of entries that you should delete from the Registry. However, be careful not to delete the wrong keys as that will hinder the correct operation of the computer and you have to install it again.

If you see any value that refers to the line “Config Loadation”=”l5Eaxplore.exe>”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunService

Next exit the Registry Editor, restart the computer and check again the Registry for any related Backdoor Virus.

Microsoft Security Essentials and Malwarebytes Anti-Malware are the best and reliable backdoor virus removal tool to combat these types of viruses.

Sasser is a worm that infects your machine via a vulnerable internet connection. It attacked a single computer and also the entire networks of computers connected through LAN. Sasser virus intrudes into a known windows vulnerability that was easily patched by Microsoft. It has attacked Windows 2000, Windows XP, Windows Server 2003 and Windows NT.

Microsoft Security Team fixed the following vulnerabilities using patches/updates:

• LSASS Vulnerability
• PCT Vulnerability
• LDAP Vulnerability
• Metafile Vulnerability
• Winlogon Vulnerability
• Utility Manager Vulnerability
• Help and Support Center Vulnerability
• Windows Management Vulnerability
• H.323 Vulnerability
• Local Descriptor Table Vulnerability
• Negotiate SSP Vulnerability
• Virtual DOS Machine Vulnerability
• ASN.1 “Double-Free” Vulnerability
• SSL Vulnerability

A Microsoft Security Bulletin version MS04-011 explains about the operating systems which were affected due to Sasser Worm.

Before Microsoft created sasser worm removal tool to fix this issue security experts followed the below process in removing w32 sasser b:

1. First, disconnect the computer from any internet or LAN connection

2. Terminate all the program that are running. For this open Windows Task Manager either by pressing CTRL+ALT+DEL or select Task Manager and process Tab on WinNT/2000/XP machine. Locate any one of the following files

avserve.exe, avserve2.exe, skynetave.exe or any process running with “_up.exe” and click End Task. Close Task Manager.

3. Next, activate Windows XP Firewall Version for Windows XP and another firewall for other versions to disable the worm from shutting down when the downloading the patches is still in process.

4. Download and install the patches for the respective Operating Systems

5. Remove the Registry entries

6. Delete all the infected files. In case you are using Windows ME and XP first turn off System Restore

7. In the end reboot the computer, update your windows and antivirus software and do a thorough scan.

In 2004 Microsoft “Fast Publish” a tool called Microsoft Sasser Worm Removal Tool which removes w32.sasser.worm effectively from the PC but later it has been added to the Microsoft malicious software removal tool.

If your computer is running slower than usual or experiencing unexpected pop-ups just give a call to the free security support for Microsoft PC Safety.