Computer Virus Help

Monday, March 12, 2012

You probably got here searching for a solution to some problem you are having.
Am I right? Please, feel free to call (704) 882-7551 for help.

Viruses are not as common a problem as they used to be. Most of the nasties out there now are Trojans and they require a different type of both detection and prevention.

Trojan Removal in Vista and Windows 7

Both Vista and 7 do a much better job of creating System Restore points which have an excellent chance of evicting the malicious software; but, you want to do it from the boot menu.

Shut the computer down. Turn it back on and, while the manufacturers logo (Dell, HP, Compaq, Gateway, etc.) is still on the screen, hit the F8 key several times. A menu should appear and you should choose Repair My Computer.

On the first screen, choose your language then, on the next, your login name and enter your password (if you don't have a password, simply choose next).. On the next screen which appears, choose Restore My Computer to an Earlier Point in Time, then be patient as it usually takes the System Restore wizard close to a minute to appear.

Once it does, do what the wizard wants; but, if you don't see a restore point labeled as Windows Update, click the button to display more restore points. It is vital that the chosen restore point be one labeled as Windows Update and that it be from before the problem first arose.

Once you choose a restore point, say yes to the other things the wizard asks you and tell it to proceed. With any luck at all, after the reboot, you'll be rid of the bad guy.

If system restore completes successfuly, I still suggest you run TDSSKiller; a free removal tool from Kaspersky Labs. Instructions and the utility can be found here.

Trojan Removal in Windows XP

Trojan removal in XP can be much more problematical and difficult; but, is still doable if you are careful.

The best approach is to get a copy of both TDSSKiller and Autoruns

If you are already infected, a bunch of folks at BleepingComputer have a great tool that rips out about 1,800 nasties by the short hairs. Here is a their guide on how to use Combofix or, if you would rather just download the program, here it is. Save it on your desktop and run it. You will get several warnings about the Recovery Console and your antivirus software; I just tell it to go ahead, anyway.

Fake antivirus has become a very profitable business and is one of the most common infestations I encounter. Here, for once, Vista and Windows 7 do a very nice job of evicting it if you do a system restore to a point before you were infected. You will probably need to reinstall your antivirus software afterwards; but, doing a restore to get rid of this bad guy sure is nice.

If you are using XP, use Combofix from above.

For students, teachers, and other non-commercial, home users, there is a great package named AVG Antivirus which is free. Instructions on how to install it can be found here.

Windows Defender is free for all users. It is built into Vista; but, has to be downloaded and installed on XP. After you have it running, it will proactively monitor your computer, warn you if it detects something, and run a scan every night.

RemoveIt Pro does a very good job of detecting over 1,000 types of Malware. It is fast (about 5 minutes) and I have found it extremely useful; but, I'll add a few tips. After you have run it and before you tell it to fix what it has found, go to Add or Remove Programs in the Control Panel to see if any are listed. If they are, uninstalling is always preferable to having any other software cripple the bad guy.

I will add more to this as time allows; but, would encourage you to E-Mail me. The more details you can provide, the easier it will be for me to find the right answer for you. I do answer them and am collecting those answers for the future.

Viruses, Trojans, and Worms are scary words that alarm us all; but, what do they mean and what can we do about them?

The Department of Homeland Security ranks cyberterrorism as one of the top threats to America and, last year alone there were over 70,000 virus attacks, compared to fewer than 200 a decade ago. Some analysts placed the cost to America at $55 Billion; while others claim it may excede ten times that amount. The true number is probably somewhere in the middle; but, bear in mind that for 2003 alone, that translates to a cost of over $150 for each and every man, woman, and child in America.

The problem is not trivial and it isn't going to get better unless we all do something about it.

Even if you do not use your computer for anything that matters; unless it is protected, you are probably an unwilling accomplice to cyberterrorism. Any attack's success depends upon thousands of infected computers, spreading the virus to others and then acting together to carry out the assigned task.

Last summer's blackout in the Northeast, for example, was made far worse because the Blaster worm had sent millions of Email messages, delaying the vital messages needed to properly shut down the power grid for over 45 minutes. If the computers used by the Blaster worm had simply had current antivirus software running on their systems, what became the worst blackout in Ameican history might not have happened.

So, what is a computer virus?

A computer virus is any program that performs malicious acts upon your computer or uses it to attack another. Most are sent via Email; but, they can also be embedded in WebPages, documents, music files, or pictures and you can easily become infected without opening any attachments.

They are written by well funded terrorist groups, disgruntled ex-anything's, and malcontents, expressly to disrupt or hurt us. Some just pop up a window with an anoying message; but others may render your computer dysfunctional . Some collect everything you do and send it off to the authors, others destroy your data, such as your Email, Quicken, Family Tree Maker, Resume, Documents, or Pictures.

Amost all of the recent viruses build a list containing any Email addresses they can find on your computer and then use an internal mail sender to send themselves to all of them. Generally, this happens before you notice anything except that the system may seem slower than ususal.

Defending yourself and preventing the spread of viruses

To defend against viruses and prevent yourself from aiding there success, you need to have antiviral software which is running and which is being updated. Just having Norton or McAfee running is not enough unless the updates are being installed regularly.

Whenever a new virus is discovered, the companies that write antiviral software analyze it, find ways to identify it, and then add it to the "dat" or "signature" file which is then downloaded to your computer for use by their software. Without the updates, your computer may recognize thousands of older threats; but, won't know about any of the newer ones, effectively becoming a false sense of security.

If you already have antiviral software running on your computer, there should be an icon for it in the system tray, down by the clock. All provide some method for checking their status. For McAfee, right-click on the icon and left-click on about; for Norton, double-click the icon and choose System Status. Both will display the dates of their last update and it needs to be less than a week ago or they are not current. If you are using other software, such as Innoculate-It or PC-Cillen, they will also have a method to show the date of their last update and you need to know how to check it.

If you discover there is no antiviral software running or that it is not being updated, you have several options.

Free software for personal use

For students, teachers, and other non-commercial, home users, there is a great package named AVG Antivirus which is free. Instructions on how to install it can be found here

AVG is also an excellent choice for businesses, costing less than half what McAfee or Norton charge and, if you are interested, please send me an Email. But, if you would prefer to stick with the big guys, you can either renew your subscription from within the software or purchase a new copy at any local office supply or electronics store. Often, the purchase price is less than the renewal fee.

If you think you may be infected already or would like a second opinion, I have written another page with instructions on how to check for viruses using a free, online scanner.

Regardless, nothing you can do on your computer is more important than having antiviral software running and being updated.

Computer viruses cost you at least $150 last year (times however many there are in your familly). They affect what you pay for insurance, your taxes, and everything else that you buy, because the companies have to include it's cost in their products.

Consider, too, what you might lose if a virus destroys your computer or worse, how you might feel if you become the infected computer, sending the virus to your friends and familly, which then destroys theirs.

If all of us were protected, more than 90% of the computer viruses would be stopped dead in their tracks. It would save Billions of dollars each year that we could use for education or other, better, things.

If we do nothing, the cost is expected to double each year; meaning $300 per person this year, $600 in 2005, and ....

I don't know why this problem has not been prominent on CNN, published regularly in newspapers, or isn't included in our children's education. I do know that it needs to be addressed, and now.

I hope I have convinced you to do something about your own computer and would ask that you spread the word about

As always, should you have any questions or problems, please feel free to contact me by Email or by phone.


Davis M McCarn
184 Eaglecrest Drive
Matthews, NC 28104Mouse Copyright 2004 Davis M McCarn
(704) 882-7551 or

Davis M McCarn 2004 All Rights Reserved, free web site submission and promotion to the search engines