Trojan horses are the huge security threat. A Trojan is a program that enters your computer undetected, giving the attacker who planted the Trojan unrestricted access to the data stored on your computer. Trojans can transmit credit card information and other confidential data in the background. Trojans are often not caught by virus scanning engines, because these are focused on viruses, not Trojans. Catching such threats would require the use of a Trojan scanner (a.k.a Trojan cleaner, Trojan remover, anti-Trojan).
How to check/set your IE settings
To download and run the EventLogScan ActiveX control, your Internet security settings must allow you to download and run signed ActiveX controls, or at least prompt you to do this. WindowSecurity.com has gone to great lengths to ensure that this software is safe.
By default, the Internet security settings in Internet Explorer are set to Medium which allow downloading and running of signed ActiveX controls. However, if you have changed your Internet Explorer settings to high, or disabled prompting of ActiveX downloads, then you have to either set your security back to Medium by clicking on "Default level" or change the custom level to "Download and run signed ActiveX controls". 
Check if your security settings are set to Medium
Resetting the Internet Security settings to default level
* Go to the Security page of the Internet options dialog (as shown in the screen shot above).
* Click on the "Default Level" button. You will be able to see that the slider has re-appeared. Ensure that the slider is set on the Medium secure levels or lower.
* Click on OK to confirm the new security settings for that zone.
Manually set your Internet Explorer security settings to allow signed ActiveX controls
To manually configure your Internet Explorer security settings to allow you to download and run signed ActiveX controls follow this procedure:
* Open the Internet options of your internet explorer browser (Start > Settings > Control Panel > Internet Options)
* Click on the Security tab
* Click on "Custom level..."
* Set the settings as indicated in the screenshot below
* Click on OK to temporarily set your custom Internet Explorer security settings.
* Click on OK to confirm the new security settings for that zone
WARNING: If you have changed any of your security settings in order to run this test, we recommend that, after running the test, you set them back to the way they were before.
Wednesday, June 10, 2009
Hot News about Trojan Virus
Tuesday, June 9, 2009
How to a Remove Trojan Horse in my PC
Are you looking for, how to remove Trojan virus, the best place to start, of course, is with the company that made your anti-virus software. Most of the anti virus software companies are quickly respond to threats, and they often will have a virus removal tool posted at their web site within hours of an infection.
There are many anti virus software companies out there, and computer owners certainly have no shortage of choices when it comes time to protect their valuable equipment from harm. It has never been more important to protect our computers and the valuable data they contain. Computer owners know how important it is to run strong anti virus protection on their PC, and to keep that anti virus software up to date. Sometimes despite all our best intentions, however, we find ourselves asking how to get rid of a Trojan virus. No anti virus protection software is perfect, and it is always possible for a malicious program to slip through the radar. Dealing with a Trojan horse program is not always easy, and the cleanup methods will vary from case to case.
If no such trojan horse virus removal tool or instructions are available at your anti virus company, it is always a good idea to look at the web sites of other companies. Often one company will have a solution or information on how to get rid of a Trojan virus before the others have picked up on it. Visiting the web sites of the leading anti virus software manufacturers, including Symantec, McAfee, Computer Associates and Norton, is a good idea. Chances are one of these companies will have posted information about the infection.
After you have found out how to get rid of a Trojan horse virus, it is a good idea to review the steps carefully and to verify that each step has completed properly. In the case of a special virus removal program, the program will likely go through each step automatically. If instead you are working from a set of written instructions it is a good idea to verify each step as you go to make sure you do not miss an important step along the way.
After you have reviewed how to get rid of a Trojan virus and taken the steps to do it, be sure to scan the computer again using your anti virus software program. If the anti virus software finds no infection, the next step should be to reboot the PC and run the scan a second time. Some viruses, especially Trojan horse programs, hide out in the registry and activate each time the computer is restarted. It is important to make sure that the infection is truly gone, and the best way to do that is to restart the computer and run a thorough virus scan.
Monday, June 8, 2009
Easy Way to Remove Virus from my USB Drive
Virus may affect your PC by Flash or USB or Pen drives. This viruses are the Common Virus you can find in your affect flash drive ’Ravmon’ , ‘New Folder.exe’, ‘Orkut is banned’ etc are spreading through USB drives. Most of the anti virus programs are unable to detect it and even if they do, in most cases they are not able to delete those file, they can do only quarantine. From These tips you can avoid such virus from your Flash Drive.
Whenever you plug-in a USB drive in your system, a pop up window will appear similar to the one shown below,
Don’t click on OK, just choose 'CANCEL'. Open the Command Prompt by typing 'cmd' or 'command' in the run window. In the command prompt type the Flash drive letter:(eg; G:, H:, I:) and press enter . Now type dir /w/a and press enter.
This will display a list of the files in the Flash drive. Check whether the following files are there or not
- Heap41a
- or any other exe file which may be suspicious.
If any of the above files are there, then probably the USB drive is infected. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files.
Now just delete the files using the command del file name. For example del Ravmon.exe. Delete all the files that are suspicious. To be on a safer side, just scan the USB drive with an anti virus program to check whether it is free of virus or not. Now remove the drive and plug it again. In most of the cases, the real culprit turns out to be the 'Autorun.inf' file which mostly gets executed when someone clicks Ok in the dialog window which appears above. Thus the infections can spread Read more!
Sunday, June 7, 2009
Free Virus Removing Tool : All Anti Virus Softwares
Use this Link to Remove Virus from your system for Free.
When a new, dangerous virus appears, timely intervention can prevent damage to your data, and help prevent the spread of the virus.
Kaspersky Lab has developed free virus removal tools. If your computer has been infected by any of the viruses listed below, you can download a free removal utility here.
Kaspersky : http://www.kaspersky.com/removaltools
bitdefender : http://www.bitdefender.com/site/Downloads/browseFreeRemovalTool/
Avast http://www.avast.com/eng/avast-virus-cleaner.html
AntiFun
The AntiFun tool is used to protect a system from Funlove infection coming over a network. The AntiFun tool will prevent the FunLove virus from creating the dropper executable to System directory. It will not prevent any other files on the system from being infected.
Download: ftp://ftp.f-secure.com/anti-virus/tools/antifun.zip
Readme: ftp://ftp.f-secure.com/anti-virus/tools/antifun.txt
AntiSirc
The purpose of the tool is to help the removal of the Sircam worm. The removal process is rather complex and assumes deletion of multiple copies of the worm and modification of several registry keys.
Download: ftp://ftp.f-secure.com/anti-virus/tools/antisirc.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/antisirc.exe
Readme: ftp://ftp.f-secure.com/anti-virus/tools/antisirc.txt
Audit
FSAV Audit is a tool for network administrators, for generating reports of F-Secure Anti-Virus deployment in network. The tool will generate a report file, showing for each computer whether FSAV is installed, and certain properties of installed FSAV, like the product's version, whether Gatekeeper is activated, and virus signature database dates.
Download: ftp://ftp.f-secure.com/anti-virus/tools/audit.zip
Readme: ftp://ftp.f-secure.com/anti-virus/tools/audit.htm
Boo32
Boo32 is a simple boot sector read/write utility. Run it without parameters to get help on command line options.
Download: ftp://ftp.f-secure.com/anti-virus/tools/boo32.zip
BT_B_Dis
The BT_B_Dis tool is used to unlock Badtrans.b worm file, so it could be deleted after system restart.
Download: ftp://ftp.f-secure.com/anti-virus/tools/bt_b_dis.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/bt_b_dis.zip
CoolNote
CoolNote tool fixes the payload of CoolNot worm that disables Windows desktop.
Download: ftp://ftp.f-secure.com/anti-virus/tools/coolnote.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/coolnote.reg
F-Agobot
The F-Agobot utility disinfects computers infected with the certain Agobot backdoor variants. Please see the readme.txt file for more information. Alternatively you can use the F-Bot tool, that is mentioned below.
Download: http://www.f-secure.com/tools/f-agobot.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-agobot.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-agobot.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-agobot.exe
Readme: http://www.f-secure.com/tools/f-agobot.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-agobot.txt
F-Bagle
The F-Bagle utility disinfects computers infected with the certain Bagle worm variants. Please see the readme.txt file for more information.
Download: http://www.f-secure.com/tools/f-bagle.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-bagle.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-bagle.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-bagle.exe
Readme: http://www.f-secure.com/tools/f-bagle.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-bagle.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-bagle.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-bagle.jar
F-Bot
The F-Bot utility disinfects computers infected with certain variants of Agobot, Wootbot, SdBot, RBot, SpyBot, ForBot, IRCBot. Please see the readme.txt file for more information.
Download: http://www.f-secure.com/tools/f-bot.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-bot.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-bot.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-bot.exe
Readme: http://www.f-secure.com/tools/f-bot.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-bot.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-bot.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-bot.jar
F-Bugbr
The F-Bugbr utility disinfects computers infected with W32/Bugbear.A and 32/Bugbear.B (also known as Tanat or Tanatos) worms.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-bugbr.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-bugbr.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-bugbr.txt
F-Cabir
The F-Cabir utility disinfects Series 60 devices infected with Cabir worm variants SymbOS/Cabir.A to SymbOS/Cabir.Z and SymbOS/Mabir.A
Download: http://www.europe.f-secure.com/tools/f-cabir.sis
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-cabir.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-cabir.sis
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-cabir.txt
F-CIH
The F-CIH tool is used to check if a computer is infected with CIH virus. The tool terminates CIH virus process. Then a system should be cleaned with F-Secure Anti-Virus.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-cih.exe
F-Codered
F-CodeRed is a special tool to detect and remove CodeRed.C and CodeRed.F worms from the infected computer's memory.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-codered.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-codered.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-codered.txt
F-Commwarrior
The F-Commwarrior utility deactivates following SymbOS/Commwarrior worm variants:
SymbOS/Commwarrior.A, SymbOS/Commwarrior.B, SymbOS/Commwarrior.C
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-commwarrior.zip
Download: http://www.f-secure.com/tools/f-commwarrior.sis
Download: ftp://ftp.f-secure.com/pub/anti-virus/tools/f-commwarrior.sis
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-commwarrior.txt
F-Deborm
The F-Deborm utility disinfects computers infected with Deborm.R worm (also known as Worm.Win32.Deborm.R and W32/Deborm.R) and the malware that it drops to an infected system: Trojan.Win32.Killav.q, Backdoor.SDbot.gen (also known as W32/SDBot.J), Backdoor.Litmus.203 (also known as W32/Litmus.C).
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-deborm.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-deborm.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-deborm.txt
F-Fizzer
The F-Fizzer utility disinfects computers infected with Fizzer worm.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-fizzer.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-fizzer.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-fizzer.txt
F-Force
The F-Force utility disinfects computers infected with known variants of the following malware families: Agobot, Aimbot, Bagle, Bozori, Codbot, Dumaru, Fanbot, Forbot, IRCBot, Mitglieder, Mydoom, Mytob, Netsky, Padobot, Poebot, Rbot, SDBot, Spybot, Wootbot, Zafi. The tool requires the latest anti-virus updates (latest.zip file) to be downloaded from F-Secure's web or ftp sites. Please see the ReadMe.txt file in the download zip for more information.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-force.zip
Download: http://www.f-secure.com/tools/f-force.zip
F-Hare
F-HARE will detect and disinfect the three known variants of the Hare virus (also known as HDEuthanasia and Krsna).
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-hare15.zip
F-IntCe
F-IntCe tool detects and disinfects the tricky INT_CE boot virus.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-intce.zip
F-Korgo
The F-Korgo utility disinfects computers infected with the certain Korgo worm variants. Please see the readme.txt file for more information.
Download: http://www.f-secure.com/tools/f-korgo.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-korgo.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-korgo.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-korgo.exe
Readme: http://www.f-secure.com/tools/f-korgo.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-korgo.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-korgo.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-korgo.jar
F-Lgate or F-Lovgate
The F-Lgate utility disinfects computers infected with Lovgate.A, .B, .C, .D, .F, .G, .H, .I, .J, .K, and .L worm variants.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-lgate.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-lgate.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-lgate.txt
F-Locknut
The F-Locknut utility disinfects Series 60 devices infected with the Locknut.A trojan.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-locknut.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-locknut.sis
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-locknut.txt
F-Look2Me
The F-Look2Me tool detects and deactivates Look2Me from Windows 2000/XP/2003 systems. Look2Me is adware that serves pop-up advertisements. It has a guardian implementation to prevent detection and removal. The tool also restores Debug Privileges to the Administrators group.
Download: http://www.f-secure.com/tools/f-look2me.zip
Download: http://www.f-secure.com/tools/f-look2me.exe
Readme: http://www.f-secure.com/tools/f-look2me.txt
F-Lovsan
The F-Lovsan utility disinfects computers infected with W32/Lovsan.A, W32/Lovsan.B, W32/Lovsan.C worms and W32/Lovsan.E worms.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-lovsan.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-lovsan.exe
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-lovsan.jar
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-lovsan.txt
F-Mem
F-MEM tool will detect the Memorial virus (also known as Clint).
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-mem10.zip
F-Mydoom
The F-Mydoom utility disinfects computers infected with the certain Mydoom worm variants. Please see the readme.txt file for more information.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-mydoom.zip
Download: http://www.f-secure.com/tools/f-mydoom.zip
The unpacked version is available from here:
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-mydoom.exe
Download: http://www.f-secure.com/tools/f-mydoom.exe
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-mydoom.txt
Readme: http://www.f-secure.com/tools/f-mydoom.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-mydoom.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-lovsan.jar
F-MydoomF
The F-MydoomF utility disinfects computers infected with the Mydoom.F worm variant. To disinfect other Mydoom variants please use the F-Mydoom utility mentioned above.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-mydoomf.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-mydoomf.exe
Download: http://www.f-secure.com/tools/f-mydoomf.zip
F-Netsky
The F-Netsky utility disinfects computers infected with the certain Netsky worm variants. Please see the readme.txt file for more information.
Download: http://www.f-secure.com/tools/f-netsky.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-netsky.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-netsky.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-netsky.exe
Readme: http://www.f-secure.com/tools/f-netsky.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-netsky.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-netsky.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-netsky.jar
F-Opasrv
The F-Opasrv utility disinfects computers infected with all known Opaserv (also known as Opasoft or Scrup) worm variants.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-opasrv.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-opasrv.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-opasrv.txt
F-Roron
The F-Roron utility disinfects computers infected with certain Roron (also known as Roro and Oror) worm variants. Please see the readme.txt file for more information.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-roron.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-roron.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-roron.txt
F-Sasser
The F-Sasser utility disinfects computers infected with the certain Sasser worm variants. Please see the readme.txt file for more information.
Download: http://www.f-secure.com/tools/f-sasser.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-sasser.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-sasser.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-sasser.exe
Readme: http://www.f-secure.com/tools/f-sasser.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-sasser.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-sasser.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-sasser.jar
F-SdBot
The F-SdBot utility disinfects computers infected with the certain SdBot backdoor variants. Please see the readme.txt file for more information. Alternatively you can use the F-Bot tool, that is mentioned above.
Download: http://www.f-secure.com/tools/f-sdbot.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-sdbot.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-sdbot.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-sdbot.exe
Readme: http://www.f-secure.com/tools/f-sdbot.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-sdbot.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-sdbot.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-sdbot.jar
F-Shell
F-SHELL tool will detect and disinfect the Shell.10634 Windows virus (also known as Tentacle_II).
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-shell.zip
F-Skulls
The F-Skulls utility disinfects Series 60 devices infected with the following Skulls trojan variants: SymbOS/Skulls.A, SymbOS/Skulls.B, SymbOS/Skulls.C and SymbOS/Skulls.d
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-skulls.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-skulls.sis
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-skulls.txt
F-Slammer
F-Slammer is a special tool for detection of W32/Slammer worm in the computer's memory.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-slammer.zip
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-slammer.txt
F-Sobig
The F-Sobig utility disinfects computers infected with W32/Sobig.B@mm, W32/Sobig.C@mm, W32/Sobig.E@mm and W32/Sobig.F@mm worm variants. These worms are also known as 'Palyh' and 'Mankx'.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-sobig.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-sobig.exe
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-sobig.jar
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-sobig.txt
F-Span
F-SPAN tool will detect and disinfect the Spanska.4250 virus also known as Elvira).
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-span13.zip
F-Spyaxe
F-Spyaxe is a tool to deactivate the SpyAxe/SpywareStrike installer trojan. The trojan shows a security warning message from the system tray and repetitively installs SpyAxe or SpywareStrike.
Download: http://www.f-secure.com/tools/f-spyaxe.zip
Download: http://www.f-secure.com/tools/f-spyaxe.reg
Readme: http://www.f-secure.com/tools/f-spyaxe.txt
F-Tent
F-TENT tool will detect and disinfect the Tentacle.1958 Windows virus.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-tent10.zip
F-Trickl
F-TRICKL tool will detect and disinfect the Tentatrickle virus.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-trickl.zip
F-Vice
F-Vice tool will detect and disinfect the polymorphic Vice virus.
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-vice14.zip
F-Vmonde
F-Vmonde tool detects and deactivates Virtumonde from Windows XP/2003 systems. Virtumonde is adware that serves pop-up advertisements. It uses special techniques to avoid removal, which are circumvented with this tool.
Download: http://www.f-secure.com/tools/f-vmonde.zip
Download: http://www.f-secure.com/tools/f-vmonde.exe
Readme: http://www.f-secure.com/tools/f-vmonde.txt
F-Warpigs
The F-Warpigs utility disinfects computers infected with W32/Warpigs.B worm.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-warpigs.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-warpigs.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-warpigs.txt
F-Welchi
The F-Welchi utility disinfects computers infected with the Welchi (also known as Nachi) worm.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-welchi.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-welchi.exe
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/f-welchi.txt
F-Zafi
The F-Zafi utility disinfects computers infected with Zafi (also known as Erkez or Kapes) and Zafi.B worm variants.
Download: http://www.f-secure.com/tools/f-zafi.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-zafi.zip
The unpacked version is available from here:
Download: http://www.f-secure.com/tools/f-zafi.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-zafi.exe
Readme: http://www.f-secure.com/tools/f-zafi.txt
Readme: ftp://ftp.f-secure.com/anti-virus/tools/f-zafi.txt
System administrators can download the JAR version from here:
Download: http://www.f-secure.com/tools/f-zafi.jar
Download: ftp://ftp.f-secure.com/anti-virus/tools/f-zafi.jar
Fix-Aula
Fix-Aula is a tool to repair a system configuration damaged by Aula trojan.
Download: ftp://ftp.f-secure.com/anti-virus/tools/fix_aula.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/fix_aula.zip
FixBoot
FixBoot is a small utility that overwrites a boot sector of a diskette with a standard boot code thus elimitating any diskette boot sector infection.
Download: ftp://ftp.f-secure.com/anti-virus/tools/fixboot.zip
FixPe and FixPe2
FixPe and FixPe2 utilities allow to fix false alarms of F-Prot engine on certain files that have inaccurate section information resulted from virus infection or inaccurate compression.
Download: ftp://ftp.f-secure.com/anti-virus/tools/fixpe.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/fixpe2.zip
FsKlez or F-Klez
F-Klez is a utility that disinfects a computer infected with Klez worm and Elkern virus that the worm drops.To remove Klez.E, Klez.F and Klez.H worms please use the KlezTool utility, listed below.
Download: ftp://ftp.f-secure.com/anti-virus/tools/fsklez.exe
Readme: ftp://ftp.f-secure.com/anti-virus/tools/fsklez.txt
FsNimda or F-Nimda
F-Nimda is a utility that disinfects a computer infected with Nimda virus-worm and eliminates security holes that Nimda creates in a system.
Download: ftp://ftp.f-secure.com/anti-virus/tools/fsnimda3.exe
Download: ftp://ftp.f-secure.com/anti-virus/tools/fsnimda3.jar
Readme: ftp://ftp.f-secure.com/anti-virus/tools/fsnimda3.txt
Note: If you have problems running the above mentioned FsNimda tool, you can download a different version from here:
Download: ftp://ftp.f-secure.com/anti-virus/tools/fsnimda.exe
Readme: ftp://ftp.f-secure.com/anti-virus/tools/fsnimda.txt
GetMac
GetMac tool is used to separately update FSMacro.def definition file. Note that FsMacro.def definition file is now included into all update packages available from F-Secure.
Download: ftp://ftp.f-secure.com/anti-virus/tools/getmac11.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/getmac12.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/getmac13.zip
GetBoot
Getboot is a number of utilities to copy the contents of boot sectors to a file. The getboot.bat is a batch file to save a floppy boot sector to a file, the gethboot.bat is a batch file to save a hard drive boot sector to a file and the getmbr.bat is batch file to save a hard drive MBR to a file.
Download: ftp://ftp.f-secure.com/anti-virus/tools/bat/getboot.bat
Download: ftp://ftp.f-secure.com/anti-virus/tools/bat/gethboot.bat
Download: ftp://ftp.f-secure.com/anti-virus/tools/bat/getmbr.bat
Readme: ftp://ftp.f-secure.com/anti-virus/tools/bat/readme.txt
GetMBR and PutMBR
GetMBR and PutMBR are small utilities to take a sample of an infected machines main boot record. Get_mbr copies the mbr to a file mbr.dat and put_mbr copies the file to the mbr area.
Download: ftp://ftp.f-secure.com/anti-virus/tools/getmbr.zip
GokarDis
The GokarDis tool disables Gokar worm autostart key. Download and run this REG file, restart your system and delete KAREN.EXE file in your Windows directory either manually or with F-Secure Anti-Virus.
Download: ftp://ftp.f-secure.com/anti-virus/tools/gokardis.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/gokardis.zip
KirayDis
KirayDis is a tool to disinfect Kiray worm and to undo changes it does to system configuration.
Download: ftp://ftp.f-secure.com/anti-virus/tools/kiraydis.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/kiraydis.zip
KlezTool
The Kleztool is the utility to eliminate several variants of Klez virus-worm infection and to disinfect files infected by Klez. The utility should be used together with F-Secure Anti-Virus as this tool doesn't disinfect Elkern.A and Elkern.B virus variants, that Klez.E and Klez.F worms drop. However the utility is able to disinfect files infected with Elkern.C virus that Klez.H worm drops.
Download: ftp://ftp.f-secure.com/anti-virus/tools/kleztool.zip
Download: ftp://ftp.f-secure.com/anti-virus/tools/kleztool.com
Readme: ftp://ftp.f-secure.com/anti-virus/tools/kleztool.txt
LirvTool
The LirvTool is the utility to eliminate Lirva (or also known as Avril or Avron) worm infection and to restore files and System Registry entries modified by the worm.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/lirvtool.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/lirvtool.com
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/lirvtool.txt
Magb_Dis or Disinf
Magb_Dis tool is used to 'help' APV engine in F-Secure Anti-Virus to disinfect large files encrypted by Magistr.b virus-worm. The Disinf.exe utility creates DISINF.INI file that contains computer name and it is used by AVP engine to disinfect files encrypted by Magistr.b.
Download: ftp://ftp.f-secure.com/anti-virus/tools/magb_dis.zip
Readme: ftp://ftp.f-secure.com/anti-virus/tools/magb_dis.txt
MagoldFix
The Magold.e registry fix is used to fix Registry entries modified and created by Magold.E worm. After disinfection of Magold.E worm by FSAV 5.40 or later version (or after manual disinfection) , please download and run the MAGOLD_FIX.REG file.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/magold_fix.reg
Matrix_D
Matrix_D is a tool that fixes a payload of Matrix virus that doesn's allow to restart a system after infection.
Download: ftp://ftp.f-secure.com/anti-virus/tools/matrix_d.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/matrix_d.zip
MTXDisin
MTXDisin tool removes autostarting key of MTX virus-worm dropper and after system restart the worm's dropper file will not be locked and could be deleted.
Download: ftp://ftp.f-secure.com/anti-virus/tools/mtxdisin.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/mtxdisin.zip
MultiCom
MultiComm is a utility for enabling multiple communication directories to be used with F-PROT for Windows (FPW).
Download: ftp://ftp.f-secure.com/anti-virus/tools/multicom.zip
NavidDis
NavidDis is a tool to remove autostarting key of Navidad worm and to fix EXE file startup key in the Registry.
Download: ftp://ftp.f-secure.com/anti-virus/tools/naviddis.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/naviddis.zip
OpasTool
The OpasTool is the utility to eliminate several different variants of Opaserv (or also known as Opasoft) worm infection and to restore files and System Registry entries modified by the worm.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/opastool.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/opastool.com
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/opastool.txt
PPDisinf
PPDisinf is a tool to disinfect PrettyPark worm and to fix EXE file startup key in the Registry.
Download: ftp://ftp.f-secure.com/anti-virus/tools/ppdisinf.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/ppdisinf.zip
QazDisin
QazDisin is a tool to remove QAZ work autostarting key from the Registry. This way the worm will be disinfected.
Download: ftp://ftp.f-secure.com/anti-virus/tools/qazdisin.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/qazdisin.zip
S7Disinf
S7Disinf is a tool to remove Sub7 backdoor's autolauncher from EXE file startup key. The autolauncher is used to run SubSeven backdoor every time an EXE file starts. The backdoor itself is to be removed with F-Secure Anti-Virus.
Download: ftp://ftp.f-secure.com/anti-virus/tools/s7disinf.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/s7disinf.zip
ShellFix
The ShellFix tool is used to fix Explorer startup problems resulted from unconditional termination of F-Nimda tool during its operation. If F-Nimda tool is terminated by a user or operating system while it is scanning a hard disk, there will be no icons and no taskbar on Windows desktop. To fix the problem you will have to run the SHELLFIX.REG file.
Download: ftp://ftp.f-secure.com/anti-virus/tools/shellfix.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/shellfix.zip
Readme: ftp://ftp.f-secure.com/anti-virus/tools/shellfix.txt
Sirc_Dis
Sirc_Dis utility is used to remove autostarting key of Sircam worm and to fix EXE file startup key in the Registry.
Download: ftp://ftp.f-secure.com/anti-virus/tools/sirc_dis.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/sirc_dis.zip
StagesW9x
StagesW9x is a tool is used to remove Stages worm autostartup key from the Registry and to undo other Registry changes done by the worm.
Download: ftp://ftp.f-secure.com/anti-virus/tools/stagesw9x.reg
Download: ftp://ftp.f-secure.com/anti-virus/tools/stagesw9x.zip
SwenTool
The SwenTool is the utility to eliminate Swen (or also known as Gibe.E) worm infection and to restore System Registry entries modified by the worm.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/swentool.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/swentool.com
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/swentool.txt
YahaFix
If after disinfection of certain Yaha worm variants by FSAV 5.40 or later version (or after manual disinfection) you can't start any EXE files, please download and run the YAHA_FIX.REG file.
Download: ftp://ftp.f-secure.com/anti-virus/tools/yaha_fix.reg
Readme: ftp://ftp.f-secure.com/anti-virus/tools/yaha_fix.txt
YahaTool
The YahaTool is the utility created by Kaspersky Labs to eliminate Yaha.E (or also known as Lentin.G) worm infection and to restore files and System Registry entries modified by the worm.
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/yahatool.zip
Download: ftp://ftp.europe.f-secure.com/anti-virus/tools/yahatool.com
Readme: ftp://ftp.europe.f-secure.com/anti-virus/tools/yahatool.txt
Saturday, June 6, 2009
Steps to Remove a Virus from the System
Step 1
Install any one Anti-virus Software in your System.
* Symantec Norton anti-virus
* AVG anti-virus
* McAfee
* Microsoft Anti-virus
The anti-virus software should be updated regularly to retain its effectiveness. Then only it will delete new Virus Programs.
Before installing the antivirus, close all open applications and terminate any suspicious processes using Task Manager. Sometimes, you may need to boot into safe mode or safe mode with command prompt to delete suspicious programs and references to them in the Windows Registry (run regedit from the command prompt to open the registry editor).
Removing the virus beforehand might be necessary, as some viruses will not allow an anti-virus to operate. However, if you are not successful, you may still continue with the installation.
Step 2
Scan the System to Identify and Locate the Virus
Usually, the anti-virus will run automatically when the system reboots after the installation.
You may want to run a quick system scan to locate the virus.
Step 3
Troubleshooting the Virus Infected Areas
After the antivirus identifies the infected areas, the next step is to rectify those areas.
Methods of Eliminating Viruses
Generally, the antivirus adopts one of two methods to eliminate the virus:
* Removing the virus – When the virus can be easily identified and can be removed without affecting other files, then the antivirus removes it from the host place.
* Quarantine – This is done when the virus cannot be easily identified removed from the file and the removal of virus means the removal of the complete file. In this method, although the virus is not eliminated, it is rendered inactive by moving the file into "quarantine" and renaming it.
Step 4
Perform a Full System Scan
Even after the virus is removed from the system, the next step is to scan the whole system to ensure that no infected files remain.
What are the sources of Virus Infection
A virus can enter the system and infect it through various sources. Some of the sources are
* E-mail.
* Infected CDs, DVDs, Pen Drives, etc.
* Browsing infected sites.
* Downloading files from the internet.
[Please Update If you know..... :)]
What is a Computer Virus? - Dispatch Virus
What is a Computer Virus?
Computer viruses are software programs that has made to interact with computer operations, records and it will corrupt, or spread or delete data, in the Computer to other computers and throughout all the computers which are connected in the inter networking. Virus will slow down and cause other problems in the computer process.
How to Find our System has affected by Virus ?
These are the symptoms that we can find in our Virus Affected Computers.
- * Some Operating System functions wont work properly or some options will disable.
- * It corrupts files.
- * It slows down the speed of the computer system.
- * Some time System will often restart.
- * It causes the system to hang frequently.
- * It deletes various files.