DIY Remove a File Restore Virus

What is File Restore?

File Restore virus masquerades as anti-virus software. It is able to get past your legitimate anti-virus programs and create problems for your hard drive. If you don’t remove this virus, it can block your programs and applications from opening or functioning properly and also corrupt your computer files. File restore virus appears in the form of pop-up ads that appear randomly, often when you are first trying to open an application, and try to convince you that it can help you repair a corrupted file or malware.

How to I remove File Restore virus?

File restore virus embeds itself deep into your computer. It order to fully rid your machine of the virus, you need to get rid of the registry files that it hides on your machine. File restore virus often hides these files, so they are more difficult to locate and delete. That doesn’t make removal impossible, but you will need to view all hidden files and folders to successfully delete the virus. Here are two options for ridding your computer of the file restore virus.

 

Option 1: Delete Registry Files in Safe Mode

 

 

    1. To enter safe mode, restart your computer and hit the F8 key until you see the Windows advanced options menu. Use the arrows on your keyboard to navigate to the “Safe Mode With Networking” option and hit the “Enter” key.

picture1

    1. Wait for your desktop to load. While in safe mode, your desktop icons will appear larger than normal, but they are still functional.
    2. Click on the Windows logo in the left corner of your desktop to open the start menu. Choose “Control Panel” from the menu.

picture2

    1. Once in the Control Panel menu, click on the “Appearance and Personalization” link.

picture3

    1. Click on the “Show hidden files and folders” link in the Folder Options group. This should open the Folder Options window in the View tab. If it doesn’t, manually click on the View tab to open it.

picture4

    1. Click the circle next to “Show hidden files, folders, and drives” and then uncheck the box next to “Hide protected operating system files (Recommended).” If prompted, confirm in the pop up box that you do want to make these changes. Click “OK” to exit the window.

picture5

    1. Open the Windows start menu and search “regedit” in the search field at the bottom of the menu. Click on the “regedit” entry under Programs and click “Yes” when prompted.

picture6

  1. Search for and delete the following files from your registry. You can access the specific files using the file map on the left side of the registry window. For instance, for the first file you need to expand the “HKEY_CURRENT_USER” folder and next expand the “Software” folder, and so on. Delete a file by clicking on it once to highlight it and hitting the “Delete” key on your keyboard.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\[RANDOM CHARACTERS].exe
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ‘Inspector’
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protector.exe
    HKEY_CURRENT_USER\Software\Win 7 Antispyware 2013
    HKEY_CURRENT_USER \Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableTaskMgr’ = 0
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall \File Restore
  2. Reboot your computer in normal mode and then reopen the Control Panel. Navigate back to Folder Options and reverse your previous changes (Select “Don’t show hidden files, folder, and drives” and check “Hide protected operating system files).”

Option 2: Run Anti-Virus Software

If you don’t feel confident about manually removing your virus, or the problem persists after you attempt the process, you can also utilize an anti-virus scanner to search for and eliminate the virus.

    1. Restart your computer and go into safe mode by hitting the F8 key before your computer desktop shows up.
    2. Open your web browser and point it to the URL of an anti-virus tool, or insert the web address of an anti-virus tool in the search box of the Windows start menu. One program that can scan for and destroy the file restore virus is AVG free. Go to AVG website to get the tool.
    3. Click on “Get free protection now” on the AVG free homepage, and scroll to the bottom of the screen. Click on the “Download” button and then “Download Now” to start the anti-virus software download.

picture4picture8

    1. Open AVG free once the program download is complete. Click on the “Scan options” link on the left side of the screen and choose “Whole computer scan.” Wait for the program to completely scan your computer. This can take from a few minutes to around one hour, depending on the amount of data you have on your machine.

picture9

  1. When prompted, instruct AVG to heal all threats discovered, which will isolate and remove the file restore virus.
  2. Restart your computer in normal mode.

only at http://HacksRepair.com

DIY Remove a Freecause Virus

What is Freecause Virus?

The Freecause virus is a program that attaches itself to your web browser. It usually includes a toolbar at the top of the browser that can look very legitimate. You might have gotten the virus by clicking on an unreliable link in an email, or by downloading a file or program from a malicious source. This virus changes your browser home page to a site run by the virus, such as toolbarservice.freecause.com or search.freecause.com. The virus can also interfere with your default search engine and make it impossible for you to open valid online programs or pages.

How to I remove Freecause Virus?

Freecause virus may be found and removed by most anti-virus software programs. You can also manually eliminate the files that the program inserts on your machine one-by-one. Be forewarned – trying to manually remove viruses can be a tricky business. If you accidentally remove the wrong registry file, for instance, you might do serious damage to your computer. Proceed with caution if you try to manually remove Freecause virus files.

 

Option 1: Run an Anti-Virus Program

This is the best option for average computer users. If you’re not that familiar with your computer’s registry, try this first and only move on to manual removal if the Freecause virus still persists after you run the program.

 

 

    1. Put your computer into safe mode. A program like Freecause virus makes it difficult if not impossible to open an anti-virus program that already exists, and won’t let you download a new one. Enter safe mode by restarting your computer and then hitting the F8 key before you see anything on the screen. The F8 key is usually at the top of your keyboard. This will bring up the advanced options menu.

picture1

    1. Choose “Safe Mode with Networking” from the list of options and wait for your desktop information to load. Your icons will appear larger than normal, but you can still use them.
    2.  Download here [wpdm_file id=4]      OR        Open your web browser and go to free.avg.com. Follow the onscreen prompts to initiate a download of the AVG Free anti-virus software. After choosing “Get free protection now” choose the “Download” button and then “Download now” on the CNET webpage.
    3. Double click on the installer tool to open it and then click “Yes” or “Run.”

picture2

    1. Open AVG Free and click on “Scan options.” Always choose “Whole computer scan.” Since the Freecause virus can be hiding in more than one place on your computer, a whole computer scan ensures that the anti-virus software can find all instances of the software on your machine.

picture3

  1. Wait for AVG Free to finish its scan, and approve the healing of all found threats. Reboot your computer in normal mode.

Option 2: Manual Virus Removal

    1. Restart your computer in safe mode by hitting F8 and choosing “Safe mode with networking” from the advanced options menu.
    2. Hit “Control,” “Alt,” and “Delete” at the same time to call up the Task Manager. Go to the “Processes” tab.

picture4

    1. Stop the following process by clicking on it once and then choosing the “End Process” button:random.exe/.dll.
    2. Close the Task Manager and click on the Windows start menu. Search for the following files in the search field at the bottom of the menu, one at a time.%AppData%\[random].exe
      %ProgramFiles%\LP\[random].tmp
      %ProgramFiles%\LP\[random].exeAs you find each file, right-click on it in your search results and choose “Delete” from the drop down menu.
    3. Type “regedit” into the search bar in the Windows start menu and then hit the “Enter” key. When prompted by a pop-up window, click the “Yes” button. This will open your computer’s registry editor program.

picture5

picture6

    1. Navigate to and delete the following files from your computer registry. They are associated with the Freecause virus and must be deleted in order for the virus to be completely deleted from your machine.HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} “[trojan name] Toolbar”
      HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID “[trojan name]IEHelper.UrlHelper”
      HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID “[trojan name]IEHelper.UrlHelper.1″
      HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} “UrlHelper ClClose the registry editor when the files are all deleted.
    2. Open the Internet browser that the virus toolbar was attached to, such as Internet Explorer. Go to the Tools menu and choose “Internet Options.” Go to “Advanced” and “Reset.” If prompted, click “Reset” again to confirm the action and then click “OK” to close the Internet Options window. Resetting your Internet browser will disable any toolbars and add-ons; while this action will disable any remnants of the Freecause toolbar, be advised that it will also get rid of other toolbars and add-ons you have. You will need to manually enable them again.

picture7

  1. Go back to the Tools menu on your browser and choose “Manage Add-Ons.” Go to the Extensions tab and delete “Toolbarservice.freecause.com” if you see it.
  2. Reboot your machine in normal mode.

only at http://HacksRepair.com

DIY Remove PC Defender Plus / Rogue Antivirus

What is PC Defender Plus?

PC Defender Plus is one of the more deceptive malware programs floating around; it looks like a legitimate program at first glance and can easily be mistaken for a non-threatening download. PC Defender Plus delivers pop-up message incessantly when a user attempts to access the Internet. If you get a pop up message from PC Defender Plus alerting you to supposed threats currently attacking your machine – don’t click anything. While this malware presents itself as a virus removal program, it is in fact a virus itself. If you have already clicked on a PC Defender Plus window and supplied payment information, you should dispute the charges to get a refund.

How to I remove PC Defender Plus

This particular virus may block you from opening Internet programs, which makes it difficult to remove. It can also impede a legitimate virus scan program from successfully opening and running a scan on your computer. As a result, PC Defender Plus should be removed while your computer is in safe mode. When in this mode, the virus is disabled enough that you can gain access to the Internet or your virus scanner and begin the removal process. Follow the tips below to get rid of PC Defender Plus on your computer.

 

Option 1: Run a Virus Scan from Safe Mode

 

 

    1. Save any work you currently have in progress on your computer. Remove any discs you currently have inserted into your computer then initiate a restart.

picture1

    1. When your computer begins to reboot, hit the F8 button on your computer. This button is typically along the top of your keyboard. An advanced boot menu will appear on your screen.
    2. Choose “Safe Mode with Networking” from the menu. You can navigate to this option using the arrow keys on your keyboard, and then press “Enter” to select it.

picture1

Download AVG here [wpdm_file id=4]

OR

    1. Once your Windows desktop has opened up, go to the Windows start menu and type the word Run into the search box and hit “Enter.” The run dialogue box will open as a small pop up box.
    2. Enter http://free.avg.com/ in the Run box and hit the “Enter” key to get to the AVG Free download. AVG Free is a legitimate antivirus program that can locate and remove the PC Defender Plus virus.

picture6

    1. Click the “Download” button and follow the prompts to download AVG Free.

picture4

    1. Click “Scan options” and then “Whole computer scan” to run a complete computer scan. This lets the program check your entire computer for viruses, not just one isolated drive. When prompted, request that AVG Free quarantine and remove PC Defender Plus and any other threats that are found.

picture5

  1. Reboot your computer and attempt to use the Internet. This will prompt another PC Defender Plus alert within a few minutes if the virus has not been successfully removed. If you still see the virus on your computer, proceed to manually removing the virus without the aid of a virus scanner.

Option 2: Manually Delete the Virus

Before you attempt to manually remove the PC Defender Plus program and its associated files from your computer, be advised that this process can cause permanent damage to your hard drive if you don’t know what you’re doing. This process should only be undertaken if you are familiar with your computer registry and can avoid the pitfalls of removing essential files or registry entries by mistake. Also create a backup of your registry.

    1. Restart your computer and hit “F8” to bring up the advanced boot menu. Choose “Safe Mode with Networking” from the menu and hit “Enter” to complete the boot.
    2. Hit “Control,” “Alt” and “Delete” at the same time to bring up the Task Manager. If you have a newer version of Windows, you will be prompted to select the Task Manager from a menu. Go to the Processes tab on the Task Manager.

picture6

    1. Uncheck the box next to “Use a proxy server for your LAN” and click OK twice to get out of the Internet Options window. You should now be able to use your online connection to run a virus scan on your device and locate the virus for removal.
    2. End the following processes if they are currently running on your computer:%AppData%\NPSWF32.dll
      %AppData%\Protector
      %AppData%\result.dbAlso stop anything that is labeled as PC Defender Plus.
    3. Go to the Windows start menu and type Run into the search box. Type regedit into the Run box and hit “Enter” to bring up the Registry Editor.
    4. Click on the “File” tab in the toolbar and choose “Export” from the menu. This will create a backup of your registry in its current state, just in case you need it later because you accidentally remove something that you shouldn’t. Choose a location to save the registry backup, create a name for it, and click “Save.”

picture7

 

picture8

  1. Go back to the Registry Editor and remove registry entries that reference PC Defender Plus. The virus may also have registry entries that are not explicitly labeled as belonging to PC Defender Plus, including the following:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Win 8 2013 Antivirus” HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Windows PC Defender” HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF} HKEY_CLASSES_ROOT\WP345d.DocHostUIHandler HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” => http://search-gala.com/?&uid=201&q={searchTerms} HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PRS” = http://127.0.0.1:27777/?inj=%ORIGINAL%
  2. Exit the Registry Editor and reboot your computer in regular mode.

only at http://HacksRepair.com

DIY Removing Progressive Protection / Rogue Antivirus

System Progressive Protection will find “fake” virus infectons with the sole intent of getting your money. It also disables the Windows Task Manager and Registry Editor which will block you from running programs that could remove System Progressive Protection.

What is System Progressive Protection?

This sneaky virus pops up like a virus protection program, warning you that your computer is infected and that you should immediately purchase the System Progressive Protection. The “software” promises to rid your computer of these threats. In fact, System Progressive Protection is a dangerous virus that will begin to take over your hard drive if you download it. At worst, it can trick you into revealing credit card information, and it may also cause a computer crash.

If you recognise any of the logo’s shown below then you have a Rogue Antivirus program on you computer.

fig_22

How do I remove System Progressive Protection?

If you are somewhat savvy with your computer, it is possible to get rid of System Progressive Protection manually by deleting its various files and processes. However, it is often easiest to use a trusted anti-virus program to rid yourself of this threat. Professional programs know exactly where to search your hard drive for infected files – if an automatic scan fails, move on to removing the virus manually.

 

Option 1: Use a Virus Scanner

    1. Remove any discs or external drives you currently have inserted in or connected to your computer. Open the Windows start menu and initiate a restart of your computer.
    2. When your computer begins to reboot, hit the F8 button on your computer. In some cases, you may be required to hit in multiple times in a row. An advanced boot menu will appear on your screen.
    3. Choose “Safe Mode with Networking” from the advanced boot menu. You can navigate to this option using the arrow keys on your keyboard, and then pressing “Enter.”

picture1

Download AVG here [wpdm_file id=4]

OR

    1. Once your Windows desktop has opened up, go to the Windows start menu and type the word Run into the search box. Hit “Enter” to open the run dialogue box.
    2. Enter http://free.avg.com/us-en/free-antivirus-download in the Run box and hit the “Enter” key to get to the AVG Free download online. AVG Free is a legitimate antivirus program that can locate and remove the PC Defender Plus virus. Note: If you are unable to connect to your web browser, go to the Tools menu and choose Internet Options. Go to the Connections tab and then click LAN Settings. Uncheck the box next to “Use a proxy server for your LAN” and click OK twice.

picture2

Download Avg Antivirus Here [wpdm_file id=4]

    1. Click the “Download” & “Save” then “Run” button and follow the prompts to download AVG Free.

 

    1. Click “Scan options” and then “Whole computer scan” to run a complete computer scan. Wait for the scan to complete, and choose to “Heal” any found viruses if prompted.

picture5

  1. Reboot your computer and attempt to use the Internet. If you still see the virus on your computer when you try to access legitimate programs or the Internet, proceed to manually removing the virus without the aid of a virus scanner.

Option 2: Manually Delete the Virus

While you are completing the process of manually deleting the virus, you should always back up your computer registry. Because the final step of the removal process involves getting rid of certain registry files, a backup protects you in case you delete the wrong one.

    1. Restart your computer and hit the “F8” key to bring up the advanced boot menu. Choose “Safe Mode with Networking” from the menu and hit “Enter” to complete the boot.

picture1

    1. Go to your task manager. The quickest way to open the task manager is by hitting the “Control,” “Alt,” and “Delete” keys at the same time. Go to the Processes tab of the manager.

picture7

    1. Find System Progressive Protection in the list of processes and hit the “End Process” button. This will temporarily stop the virus, but it won’t completely delete it from your machine.
    2. Close the Task Manager and open the Control Panel via the Windows start menu. Click on “Uninstall a Program.”

picture1

    1. Look for System Progressive Protection and click on it once to highlight it. Choose the “Uninstall” icon that appears in the window toolbar. Wait for the program to uninstall and then close the Control Panel.
    2. Open the Windows menu and search for “regedit” using the search field at the bottom of the menu. Click on the “regedit” entry under Programs and click “Yes” when prompted to allow the registry window to open.

picture6

    1. Create a back up of your registry before you delete anything from the registry. To create the backup, click on the “File” link in the registry toolbar and then go to the “Export” option. This will create a backup of your registry in its current state. Choose a location to save the registry backup (such as your desktop), create a name for the backup registry, and click “Save.”

picture10

    1. Search for and delete the following files from your registry. You can access the specific files using the file map on the left side of the registry window. For instance, first you need to expand the “HKEY_CURRENT_USER” folder and next expand the “Software” folder, and so on. Delete a file by clicking once to highlight it and hitting the “Delete” key on your keyboard.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies \System “DisableRegedit” = 0
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies \System “DisableRegistryTools” = 0
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies \System “DisableTaskMgr” = 0
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies \system “ConsentPromptBehaviorAdmin” = 0
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies \system “ConsentPromptBehaviorUser” = 0

picture11

  1. Close the registry window and restart your computer in normal mode.

only at http://HacksRepair.com

DIY Remove a Resident Virus

What is a Resident Virus?

Resident viruses are among the most common type of computer virus. They embed themselves in the RAM (random access memory) of your computer, and spread throughout the machine each time a certain function is performed. For instance, a resident virus may be activated each time a particular file is opened or a specific program is run.

This type of virus takes advantage of the fact that many users multi-task, or have many programs running at the same time. For instance, if the virus is waiting to be activated when you open your word processing software, it will then infect the Internet browser and other programs that are currently running when you open the word processor. A resident virus can often be spotted and removed by an anti-virus program, such as AVG free. To avoid future infections, have a reliable anti-virus and firewall running on your computer at all times.

How do I Remove Resident Viruses?

To remove a resident virus from your computer, follow one of the two options below:

 

Option 1: Run an Anti-Virus Software

Because resident viruses are quite common, they are often known by anti-virus programs. Running a free anti-virus software is the easiest way to seek out the problem and have it removed. Because this type of virus is in your memory, and can spread quite quickly, an anti-virus program will be able to find all instances more swiftly than you can.

 

    1. Put your computer into safe mode. This will reduce the likelihood that the resident virus can interfere with the anti-virus software. To enter safe mode, shut down or restart your computer. When your computer begins to start up again, hit the F8 key repeatedly until you see the Advanced Options menu. Note that you need to hit the F8 key before anything appears on your screen for it to work. Choose “Safe mode with networking” from the list and hit “Enter.

picture1

    1. Open AVG Free or another anti-virus program, if you already have it installed on your computer. If you need an anti-virus program, go to free.avg.com and download the software. Open AVG Free once the download is complete.
    2. Click on the “Scan options” tab in the main menu and then choose “Whole computer scan.” AVG Free will begin to search your computer for instances of the resident virus. AVG Free automatically quarantines and treats known threats. If prompted, approve the healing of all found threats. Once the scan is complete, you can restart your computer in regular mode.

picture2

  1. Open Word on your computer. Click on the Windows icon and go to the “Open” link. Choose the file that you think is infected with the Macro virus while holding down the “Shift” key on your computer. This will disable macros on the document.

Option 2: Manually Remove the Virus

If you are able to figure out which resident virus you have, you can access the computer registry and remove it by yourself. Note that deleting the wrong registry file can have very adverse effects to your computer, so you should not attempt this process if you are a computer novice or totally unfamiliar with the registry.

To figure out which resident virus you have, pay attention to the error messages you receive on your computer as a result of the virus. Conduct an Internet search of the error code to get the name of the virus; you should also look for any specific files that are associated with that virus, so you know what to look for on your registry.

    1. Press the “Control,””Alt,” and “Delete” keys on your keyboard and then choose “Start Task Manager” from the menu. Go to the “Processes” and look for any suspicious viruses. Specifically, you should look for anything that includes the name of the virus, or unfamiliar .exe files. When you locate a process that is associated with the resident virus, click on it once and choose the “End Process” button at the bottom of the Task Manager window.

picture3

    1. Open the Windows start menu by clicking on the Windows icon in the bottom left corner of your desktop. Type “Run” (no quotations) in the search field and hit the “Enter” key. Type “regedit” in to the Run search field and press “Enter.” If prompted, click “Yes” to allow your computer to open the Registry Editor.

picture4

    1. Click the arrow next to “HKEY_LOCAL_MACHINE” in the left panel to expand it. Then, click on the “Edit” menu tab on the top toolbar and select “Find” from the drop-down menu.

picture5

  1. Enter the name of the resident virus you want to remove and check the boxes next to “Keys,” “Values” and “Data.” Press the “Enter” key and wait for the Windows registry editor to look for the virus files.
  2. Right-click on files you suspect are infected and choose “Preferences.” Look at the date the file was installed on your computer; if the installation date listed is around the time the resident virus attack began, delete the file. Repeat this step for all the virus related files in the registry.

only at http://HacksRepair.com

DIY Remove a Polymorphic Virus

What is a Polymorphic Virus?

A Polymorphic virus is among the most difficult to eviscerate, because it is designed to constantly change itself and its encryption to evade security programs. As its name suggests, this type of virus morphs – in fact, it alters itself each time it replicates itself on the same machine. For this reason, finding all instances of a polymorphic virus for removal is tedious. Many standard anti-virus programs can catch some but not all of a polymorphic virus, so if you choose to use an anti-virus software it’s advised to use one that has complex algorithms able to detect complicated viruses. As an alternative, you can also attempt to get rid of the virus using do-it-yourself methods such as an operating system restore.

If you are unable to successfully run programs, or programs run too slowly, enter safe mode before trying to get rid of the virus. Reboot your computer and then hit the F8 key before you see anything on the computer screen. Choose “Safe mode with networking” from the list of options and wait for your desktop to load. All icons will be enlarged, but should still work as normal.

How do I Remove Polymorphic Viruses?

To remove a Polymorphic virus from your computer, follow one of the two options below:

 

Option 1: Download and Run Microsoft Security Essentials

Microsoft Security Essentials, sometimes called MSE, is a free security program. It uses heuristics among its detection methods, making it possible to catch polymorphic viruses on your computer.

 

    1. Visit windows.microsoft.com/mse on your Internet browser. Click on the “Download” button and choose the desired version of the software. When prompted, allow Microsoft to being the installation process by clicking “Yes.” Follow the on screen prompts to approve the download, including accepting the license terms.

picture1

    1. Turn on the Windows Firewall by checking the box next to “If no firewall is turned on, turn on Windows Firewall.” This can thwart future infections and malware from accessing your hard drive. Click “Next.”

picture2

    1. Check the box next to “Scan my computer for potential threats after getting the latest updates.” This will prompt MSE to look for and eliminate the polymorphic virus once you installed it on your machine. Click “Finish” to start the software download, which takes a few minutes.

picture3

    1. When the top of the MSE window says “PC Status: Protected” with a green banner, the program is installed and running on your computer. You will now be protected from future threats, but to deal with the virus that currently exists you need to run a scan. Click on the “Full” bubble on the right side of the screen and choose “Scan now.”

picture4

  1. Wait for the program to do a complete scan of your machine. If prompted, allow MSE to quarantine and delete the virus. Keep the program running at all times in the future to block other viruses.

Option 2: Conduct a System Restore

If your virus scanner can’t locate all instances of a polymorphic virus, you may need to reset your hard drive to a previous date. This process is known as a system restore. In most cases you can run a system restore from the Control Panel. If you are unable to boot your computer, you can also use an installation disc. You don’t have to use the same disc that came with your computer, as long as it is for the same operating system version that you have running currently.

A system restore reverses your operating system to a point in time before the virus attacked. You will lose any recently added data, program, and files, but the virus should be removed as well.

    1. Go the Start menu and choose “All Programs” and then “Accessories.” In the System Tools folder, click on “System Restore.”

picture5

    1. If you can’t boot your machine, insert the Windows installation disc into your computer and wait for it to load. Instead of choosing the installation link, choose the “Repair” link instead to pull up a menu or recovery options When prompted, choose “Next” from the System Restore window. Click on the “System Restore” link in the system recover options screen.

picture6

    1. Choose the point to which you want the hard drive to be restored. Windows will provide a list of possible restoration dates. If you have an idea of when the virus first attacked your computer, choose a restore point before that date. If you are unsure about when you became infected, choose the earliest date in the list.

picture7

  1. Choose “Next” and then “Finish” to start the system restore. During the process, you will be unable to use any programs on your computer.
  2. Wait for your computer to automatically reboot when the restore is complete. Your hard drive will be restored to the previous date when the virus did not exist.

only at http://HacksRepair.com

DIY Remove a Zeus Trojan Virus

What Is Zeus Trojan Virus?

The Zeus Trojan virus is one of the most dangerous viruses, because it strives to compromise your banking data and other confidential information. The virus can infect a computer via email attachment or download. Once the user clicks on an infected file link or download, Zeus Trojan virus installs malicious files on the computer. It can track your passwords to banking websites, or intercept legitimate websites and send you to a fake one that looks real, and then save your details on a secure remote server and access your online bank account information.

How Do I Remove Zeus Trojan Virus?

Using an anti-virus program like AVG Free is always a good way for a novice user to eliminate a virus. If you notice that you are redirected to a false bank website, or suspect that you clicked on an infected email attachment, run an anti-virus program as soon as possible. If you want to ensure that the threat has been removed, you can either manually delete the virus files or restore your computer to a previous date.

 

Option 1: Manually Remove the Virus

 

 

    1. Restart your computer in safe mode. This is done by clicking shutting down your computer and then hitting the F8 key several times when it begins to start up again. The Windows advanced options menu will pop up. Choose “Safe Mode with Networking” from the menu.

picture1

    1. Go to My Computer (or, Computer depending on your operating system) via the Windows start menu. Select “Properties” or “System Properties.”

picture2

    1. Go to the “System Restore” or “System Protection” tab, depending on your version of Windows. Click on the “Configure” button and then turn off system restore or system protection. Click “OK” to exit.

picture3

    1. Open your Control Panel from the Windows start menu and click on “Appearances and Personalization.”

picture4

    1. Click on the “Folder Options” link which will bring up a pop-up window. Navigate to the “View” folder and then select “Show hidden files, folder, and drives.” Click “Apply” and then “OK” to finalize your change.

picture5

    1. Click on the Windows icon and enter each of the following file locations one at a time. If you find one, right click on it in the results and choose “Delete.” It should be noted that the Zeus virus has several versions, each of which contains only about three of the following files. Therefore, it’s unlikely that you will find all of the below files on your computer at the same time.WINDOWSsystem32ntos.exe
      WINDOWSsystem32wsnpoemaudio.dll
      WINDOWSsystem32wsnpoemvideo.dll
      WINDOWSsystem32oembios.exe
      WINDOWSsystem32sysproc64sysproc86.sys
      WINDOWSsystem32sysproc64sysproc32.sys
      WINDOWSsystem32twext.exe
      WINDOWSsystem32twain_32local.ds
      WINDOWSsystem32twain_32user.ds
      WINDOWSsystem32sdra64.exe
      WINDOWSsystem32lowseclocal.ds
      WINDOWSsystem32lowsecuser.ds
    2. Open the Windows start menu and type regedit into the search field. Hit “Enter” to open the Windows Registry Editor.

picture6

  1. Use the folders on the left side of the Registry Editor to seek out the following files associated with the Zeus Trojan virus.HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun”userinit” = “%System%ntos.exe”

    HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun”userinit” = “%System%ntos.exe”

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionNetwork”UID” = “[COMPUTERNAME]_[UNIQUE_ID]”

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorer”{6780A29E-6A18-0C70-1DFF-1610DDE00108}” = “[HEXADECIMAL VALUE]”

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorer”{F710FA10-2031-3106-8872-93A2B5C5C620}” = “[HEXADECIMAL VALUE]”

 

  1. Go back to the My Computer program and repeat Step 2 except this time turning on system restore instead of turning it off.

 

Option 2: Do a System Restore

A system restore sets your hard drive back to its state on a previous date – one where the virus had not yet infected your hard drive. This process will also remove benign programs that have been recently added, however, so create a back up of important programs before you do a system restore.

    1. Restart your computer in safe mode as in Step 1 above by hitting F8 after a reboot and choosing “Safe mode with networking” from the advanced options menu screen.
    2. Go to the Windows start menu and click on the “All Programs” link.

picture7

    1. Open the “Accessories” folder and then open the System Tools folder. Click on the “System Restore” icon.

picture8

    1. When prompted by a pop-up window, choose “Next” to confirm that you want to conduct a system restore, paying careful attention to which types of files will be affected.

picture9

    1. Look over the list of restore points provided by Windows. If you have an idea of when the you became infected with the Zeus Trojan, pick a restore point before you got the virus. If you are unsure of exactly when you got the virus, choose the earliest date available. Choose “Next” and then “Finish” to start the system restore.

picture10

  1. Wait for your computer to complete the restore. During this process, you won’t be able to use any computer programs.
  2. Your computer will automatically reboot in normal mode when the system restore is complete.

only at http://HacksRepair.com

DIY Remove a Boot Sector Virus

What is a Boot Sector Virus?

A boot sector virus infects the boot sector on your computer, which is what helps your operating system boot up. When the virus infects your boot sector, or the Master Boot Record (MBR), it adds its own codes and commands to the sector. This type of virus is often contracted via floppy disks or other storage devices that have become infected and are in place when you start up your computer on at least one occasion.

What does a Boot Sector Virus do?

If left untreated, a boot sector virus could make it difficult or impossible to boot your computer in general, or a particular program. Fortunately, this type of virus can be removed swiftly if you deal with it at the first sign of boot up problems, such as error messages.

How do I get rid of a Boot Sector Virus?

 

# Option 1: Run an Anti-Virus Program

 

If you can still boot your computer, you may use an anti-virus program to find and get rid of the boot sector virus. Note that his method will not be useful if the virus has progressed to the point where you can’t boot at all or have very limited capabilities. Always start your computer in safe mode, as this is more likely to thwart the virus during the boot up process. You can enter safe mode by hitting the F8 key before you see the Windows logo on your screen, and then choosing “Safe mode with networking” from the menu that appears.

    1. Download Avg antivirus here [wpdm_file id=4]
    1. Open AVG Free on your computer and click on the “Scan options” link in the main menu. Choose the “Whole computer scan” option. This allows the program to search your entire computer hard drive, rather than one drive, making it more likely to uncover the virus’s location and successfully isolate it. Your scan will automatically begin after you click “Whole computer scan.”

picture2

    1. Wait for AVG to scan your entire computer for threats. Depending on the size of your hard drive and the number of files you have, this may take either several minutes or around one hour. When your scan is complete, AVG will alert you to any detected threats. In some cases, the anti-virus program will automatically quarantine and remove the threat, or it may ask you to confirm which action you want it to take. Click on the “Address issues” button and then highlight the worm on the following screen and choose “Remove selected.”

picture10

  1. Reboot your computer in regular mode to complete the virus removal process.

#Option 2: Conduct a System Restore

When the boot sector virus has affected your hard drive to the point where you can’t boot up your machine, you will need to repair your operating system as a whole. To complete a system restore when you can’t boot your machine, it’s necessary to use a Windows installation disc. You don’t have to use the installation disc that came with your computer – it is possible to use one that is borrowed from a friend or colleague who has the same operating system version as you, such as Windows Vista or Windows 7.
A system restore reverses your operating system to a point in time before the virus attacked. You will lose any recently added data, program, and files, but the virus should be removed as well.

    1. Insert the Windows installation disc into your computer and wait for it to load. Instead of choosing the installation link, choose the “Repair” link instead to pull up a menu or recovery options.

picture4

    1. Click on the “System Restore” link in the system recover options screen.
    2. Choose the point to which you want the hard drive to be restored. Windows will provide a list of possible restoration dates. If you have an idea of when the boot sector virus first attacked your computer, choose a restore point before that date. If you are unsure about when you became infected, choose the earliest date available.

picture5

  1. Choose “Next” and then “Finish” to start the system restore. During the process, you will be unable to use any programs on your computer.
  2. Wait for your computer to automatically reboot when the restore is complete. If you can reboot, the boot sector virus should be gone, but run an anti-virus program just in case.

only at http://HacksRepair.com

DIY Remove Spyware / Adware / Malware

How do I stop Spyware?

Spyware can be avoided in part by carefully reading the end user agreements on all downloaded software. These terms and conditions reveal any spyware software that will be added to your machine, though it may be buried in the fine print. Take special care when downloading optional add-ons for software as well; if you can’t understand the purpose of an add-on or don’t absolutely need it, don’t approve it for download.

How do I remove Spyware? Follows the free tips below.

check-green-16x16 Option 1: Manually Remove Spyware

If you are certain about which program introduced spyware onto your computer, you may be able to rid your machine of the problem by manually removing the program associated with the spyware. Spyware usually won’t thwart users from accessing basic functions on the computer, so you should be able to access and use the remove programs function on your device. If you continue to experience pop-ups that interrupt your attempts to remove the spyware, try disabling your Internet.

 

    1. Open the Windows start menu and choose Control Panel from the menu. Go to the Programs section and click on the “Uninstall a program” link. A list of all programs currently on your computer will open in a new screen.

picture1

    1. Sort the programs by name, publisher, or the date it was installed by clicking on the headers at the top of the program list. If the spyware issue is a recent one, sort by the date installed, viewing the most recently added programs at the top of the list.

picture2

  1. Click once on the program that you believe is spyware. An Uninstall button will appear in the toolbar just above the program list. Click the button once and follow the on screen prompts to uninstall the program from your computer. In most cases, you will need to do a restart of your computer to finalize the removal.

#Option 2: Run Windows Defender

Because spyware is often embedded in a legitimate program or toolbar, an anti-virus program may not identify it as a threat. For this reason, it’s best to run a program that is designed to look specifically for spyware and other unwanted software. Windows Defender is one such program, and it comes standard on the Windows operating system for free.

    1. Click on the Windows start button. Go to the Control Panel, and look for the search field in the top right corner of the menu screen.

 

picture3

    1. Type Windows Defender in the search field and hit the “Enter” key. Then, click on the Windows Defender search result that appears.

picture4

    1. If you have never used Windows Defender before, it may be turned off on your computer. When Windows Defender is disabled, you will see a pop-up window alerting you to its status. Click the link that says “Click here to turn it on” to enable the program. Windows Defender will open on your computer screen.

picture5

    1. Click on the small white arrow next to the Scan button in the Windows Defender toolbar. Choose “Full scan” from the drop-down list. This allows the program to look over your entire computer. While this option will take longer, it also increases the chances that Windows Defender will locate the spyware. You can also choose “Quick scan,” which will search only those locations on your hard drive where spyware is most likely to be.

picture6

    1. After you choose a scan type, Windows Defender immediately begins the scan. All you need to do is let the program run – you may minimize it and conduct other tasks on your computer during the scan. Since a full scan can take several hours to complete, you should make sure that your computer is plugged into an outlet or has ample battery power. If your computer dies part way through the scan, you’ll have to start over once power is restored.

picture7

 

only at http://HacksRepair.com

DIY Remove a Computer Worm / Spyware / Malware

What is a Computer Worm?

The goal of a computer worm is to replicate itself in order to spread to more computers, often machines on the same network. Worms can be spread via email, instant messaging, or peer-to-peer networks such as music sharing websites. Once on a computer, a worm doesn’t need to attach itself to a particular program or file, and it can occupy a lot of bandwidth on your computer. Worms usually access your computer thanks to some sort of hole in your security firewall. Computer worms will slow down your system, and can also modify files until they are unusable. A worm can also stop the Internet from working. One of the easiest ways to avoid a computer worm is by having current anti-virus software running on your computer at all times, and an active firewall.

How to I remove a computer worm? Follow the Free tips below.

 

Before you attempt to remove a computer worm from your computer, you should stop system restore from running. This tracking program is meant to help you restore your computer to a previous date when you encounter a problem, but it may also inadvertently help a computer worm regenerate. To disable system restore, click on the Windows start button and go to the Control Panel. Choose “System and Security” and then “System.”
picture1

Choose “System Protection” from the left side toolbar. When the pop-up window opens, click on the “Configure” button and choose “Turn off system protection” and then “OK.”
picture2

# Option 1: Run the Windows Malware Removal Tool.

The Windows malware removal tool is a standard feature on Microsoft Windows. Whcheck-green-16x16ile it doesn’t replace an anti-virus program, this tool can search for and help you remove any malware on your machine. If your computer worm makes it difficult to open new programs, restart your computer manually and then hit the F8 key to bring up the advanced options menu. Go into “Safe mode with networking” before you attempt to run the tool.

 

To get rid of the worm:

    1. Click on the Windows start button and enter the word “Run” (no quotations) in the search field and hit the “Enter” key. When the Run dialogue box opens, type “mrt” into the Open field and click “OK.” If prompted by a pop-up window, click “Yes” to allow the malware removal tool to open on your computer.

picture3

    1. Click “Next” on the Windows malware removal tool screen to proceed.

picture4

    1. Choose “Full Scan” to let the program search your entire computer for any malware. Since this process can take several hours, it’s a good idea to connect laptops to a power source to ensure that the battery won’t die in the middle of the scanning process. Click the “Next” key to start the scan.

picture5

  1. Wait for the scan to complete. If and when the program finds a worm on your computer, it will present you with instructions for how to remove the malware. Follow these instructions exactly, and then reboot your computer.

#Option 2: Use an Anti-Virus Program

Visit the website of a trusted anti-virus program, such as AVG. You don’t have to get the paid version of the program to get a full computer scan. If you are unable to download or operate the program because the worm interferes with it, go back to safe mode.

    1. Go to http://free.avg.com in your browser to download the AVG free scan program. Alternatively, open the Windows menu and search for “Run.” Hit “Enter” to open the Run box and then enter the URL (http://free.avg.com) into the run box and click “OK” to get to the site and download the anti-virus program.

picture6

    1. Once the anti-virus program has downloaded, go to the Windows start menu and click on All Programs. Select AVG free to launch the program.
    2. Click on the “Scan options” link in the left-hand toolbar of the AVG main menu. Choose the “Whole computer scan” option. This allows the program to search your entire computer hard drive, making it more likely to uncover the worm’s location and successfully isolate it. Your scan will automatically begin, and you can watch the scan’s progress and see when a threat is detected.

picture7

    1. Wait for AVG to scan your entire computer for threats. Depending on the size of your hard drive and the number of files you have, this may take either several minutes or around one hour. When your scan is complete, AVG will alert you to any detected threats. In some cases, the anti-virus program will automatically quarantine and remove the threat, or it may ask you to confirm which action you want it to take. Click on the “Address issues” button and then highlight the worm on the following screen and choose “Remove selected.”

picture10

  1. Reboot your computer in regular mode to complete the process. Repeat the process if necessary.

only at http://HacksRepair.com