Guide: Detection & Removal Of Malware 2

Guide: Detection & Removal Of Malware 2

Dan Sippy, May 27, 2007 1130 hrs IST

Since our last guide, you now know how to battle Adware and Spyware. Your PC is probably still sick because of other malware. Check!

E-Mail Print

EXPERT REVIEW

Next Page



Different types of Computer Worms:

Email Worms
Spreading goes via infected email messages. Any form of attachment or link in an email may contain a link to an infected website. In the first case, activation starts when the user clicks on the attachment while in the second case, the activation starts when one clicks the link in the email.

Known methods for its spread are:
- MS Outlook services
- Direct connection to SMTP servers using their own SMTP API
- Windows MAPI functions

These type of worms are known to harvest an infected computer for email addresses from different sources.
- Windows Address Book database [WAB]
- MS Outlook address book
- Files with appropriate extensions will be scanned for email like strings

Be aware that during spreading themselves, some worms construct new sender addresses based on possible names combined with common domain names. Therefore, the sender address in the email doesn't need to be the originator of the email.

Instant Messaging Worms
They spread via instant messaging applications by sending links to infected websites, to everyone on the local contact list. The only difference between these and email worms is the way chosen to send the links.

Internet Worms
These worms will scan all available network resources using local operating system services and/or scan the Internet for vulnerable machines. Attempt will be made to connect to these machines and gain full access to them.

Another way is that the worms scan the internet for machines still open for exploitation i.e., not patched. Data packets or requests will be sent which install the worm or a worm downloader. If succeeded, the worm will execute and there it goes again!

IRC Worms
Chat channels are the main target and the same infection/spreading method is used as above - sending infected files or links to infected websites. Infected file sending is less effective as the recipient needs to confirm receipt, save the file and open it before infection will take place.

File-sharing Networks Worms
Copies itself into a shared folder, most likely located on the local machine. The worm will place a copy of itself in a shared folder under a harmless name. Now the worm is ready for download via the P2P network and spreading of the infected file will continue.

Anti-virus and anti-spyware software do help curb the activities of these threats, but they must be kept up-to-date with new pattern files at least every few days.

Precautionary Steps:

Like I said in the previous article, you must already have some Security Software installed on your PC making you think that there's nothing wrong. But trust me, your system is always under threat. I shall now explain what they can be used for to remove viruses, Trojans and worms.

As before, the first thing that you need to do is check if any unwanted software is installed on your system. This can be done at the Add/Remove Programs option in the Control Panel.


Once you have checked all of the entries there and find nothing out of the ordinary, go to the Run option in the Start Menu and type in "msconfig" and click on Ok. Once that is done, the System Configuration Utility Window will open up. There are several tabs in this window; the two that we re looking for are Services and Startup. First click on the Startup tab. Here you can either disable all (none of them are required for your system to boot), but that will cause nothing to load when your system boots up; or you can go through each one of them and disable the ones that are either blank or are not related to any of the programs you have requested to be at startup.

Now we come to the crux of this guide: which anti-virus software to use? Now, normally Spy Sweeper takes care of most threats, however it doesn't always have the ability to detect and remove high security threats such as Trojans, viruses and worms.

These threats can be identified by their behavior; usually they co-operate with each other and attack the system in different areas. You know the infection has become serious when you start losing access to certain system tools. Some threats remove the folder options tab from the menus of all Windows Explorers. Some threats deny you access to the registry editor. Although many are loyal to Norton and Mcafee, I feel that these security systems are past their prime and are too bulky on the system nowadays (For those having problems in removing Norton, try this link for symNRT, the Norton Removal Tool or this link for instructions). The anti-virus software which I would recommend to use is Bit Defender or NOD32.


BitDefender is an outstanding product with a user-friendly interface that will scan all existing files on your computer; incoming and outgoing emails, IM transfers and all other network traffic while NOD32 provides balanced state-of-the-art protection against threats endangering your PC. Advanced detection methods implemented in the software provide protection against a great proportion of worms and viruses that are still awaiting creation.


If either of the two is installed on your system, consider yourself to have one of the best security systems on the planet (well, atleast the best you can get if you do not want to spend big bucks on PC security). However, even with these installed, there is a chance that your system might still get infected. This is not very common, but it does happen. These threats which are not that easily defeated are the most annoying things to ever infect your system. It takes so long to remove them and the procedures are so complex its better to call a specialist for it. However, if you think you can handle it with a little help, I'm happy to inform you that I have the solution for one such threat.

Next Page



Write a comment

       (All fields are mandatory.)

Text Limit = 255 Characters

Type the characters you see in the picture below.

#

Characters are not case sensitive.

USER COMMENTS

i want to hacking ANY SITE PLZ. HELP ME

by raja11111, NOIDA, on Sep 09, 2007 11:25 PM, Report abuse   Reply

better to know

by chakri, guntu, on Aug 03, 2007 02:02 PM, Report abuse   Reply

i have got trojan virus in my pc and it is taking so much time in booting and my desktop background has been al;so affected . some windows programmes are not running properly

by manish, patna, on Jul 24, 2007 02:32 PM, Report abuse   Reply

i have no idea who is this article targeted at. what i mean is Mr Sippy starts off with explaining me what a virus is. Mr Sippy guys reading this page r supposed 2 be geeks and have basic idea of what virus are. Than he jumps 2 highly pro stuff removing a particular virus manually. is that the only virus i need 2 worry abt and having just learned what a virus is am i suppose 2 be able 2 remove 1 all by myself. and damn rite i am not satisfied by the antivirus choices. only 2 are mentioned. i am not told weather thay paid or free and what abt the darling of all times AVG. y their ant a justification given are the antivirus mentioned stand in comparison with that. over all i believe this article was not useful at all, WASt of my 10 min, poor piece of a copy past job (From Wikipedia.com) add 4 those 2 antivirus. at the ens of it i dont know y i am reviewing this piece of $h!t

by tech_4_u, $%^%, on May 28, 2007 12:59 AM, Report abuse   Reply

dude this is a good article to learn some thing why don't you try to gain the knowledge he has given instead of criticizing it after all what you are saying no one is learning any thing out of it here in this article I got some thing and I am sure there would be many others like me who would love to read even the single piece of good informations like this I am having a problem these days in my system and AVG etc many other antiviruses were not able to detect it I did not want to format the system this article gave me some insight to problem and I am still working on solution this is a good article on techtree specially if some one has got serious problems on serious data that you can not format you need such informations luckily I was just browsing it and got it

by et1e, cdvd, on Jul 24, 2007 05:38 AM, Report abuse

I am using Spy Sweeper as per your advise but while this programme is running it does not allow me to launch any other thing. i.e i cannot launch any program/MSN/ iExplorer etc. As soon as i close Spy Sweeper all programmes run fine.

by Hyp3rion, Delhi, on Jun 05, 2007 05:44 AM, Report abuse   Reply

Great Job, Techtree!!!. One of the most interesting articles of late.

by Shashank Raj, Pune, on Jun 03, 2007 01:35 AM, Report abuse   Reply

i have no idea who is this article targeted at. what i mean is Mr Sippy starts off with explaining me what a virus is. Mr Sippy guys reading this page r supposed 2 be geeks and have basic idea of what virus are. Than he jumps 2 highly pro stuff removing a particular virus manually. is that the only virus i need 2 worry abt and having just learned what a virus is am i suppose 2 be able 2 remove 1 all by myself. and damn rite i am not satisfied by the antivirus choices. only 2 are mentioned. i am not told weather thay paid or free and what abt the darling of all times AVG. y their ant a justification given are the antivirus mentioned stand in comparison with that. over all i believe this article was not useful at all, WASt of my 10 min, poor piece of a copy past job (From Wikipedia.com) add 4 those 2 antivirus. at the ens of it i don't know y i am reviewing this piece of $h!t

by tech_4_u, kolkata, on May 28, 2007 08:13 PM, Report abuse   Reply

this article aint comparing anti-virus software dipshit.....to be honest there is NO ANTI-VIRUS on this planet that can keep your PC 100% Safe.......thats why this guy is trying to help us....he gave us the best options....and its our decision to buy the original or download the trial version.....so why should he tell u?? he has recommended 2.....why more....u want to create confusion.....let see, mr reviewer has mentioned 6 (as u have put it) anti-virus softwares, now wat to do? aint the person reading that gonna be confused?? dipshit

by no_tech_4_u, khatakhola, on Jun 01, 2007 12:51 PM, Report abuse

Keep it up. One of the best on techtree.

by Ashok, Mumbai, on May 31, 2007 10:09 AM, Report abuse   Reply

Really a good article

by Vinit Bhatt, Surat, on May 28, 2007 11:09 PM, Report abuse   Reply

Very nice guide for virus removal, but too late. I have already been affected with this RONTOKBRO.A and since dont know wat to do, formatted the c: drive, and reinstalled XP. Anyway thanks. Now its working fine.

by Bharath, Chennai, on May 28, 2007 08:01 PM, Report abuse   Reply

i have no idea who is this article targeted at. what i mean is Mr Sippy starts off with explaining me what a virus is. Mr Sippy guys reading this page r supposed 2 be geeks and have basic idea of what virus are. Than he jumps 2 highly pro stuff removing a particular virus manually. is that the only virus i need 2 worry abt and having just learned what a virus is am i suppose 2 be able 2 remove 1 all by myself. and damn rite i am not satisfied by the antivirus choices. only 2 are mentioned. i am not told weather thay paid or free and what abt the darling of all times AVG. y their ant a justification given are the antivirus mentioned stand in comparison with that. over all i believe this article was not useful at all, WASt of my 10 min, poor piece of a copy past job (From Wikipedia.com) add 4 those 2 antivirus. at the ens of it i dont know y i am reviewing this piece of $h!t

by tech_4_u, kolkata, on May 28, 2007 11:23 AM, Report abuse   Reply

VIEW ALL LATEST

 

RBI Delibrates On E-Wallets And Cash Card Norms

News > Internet , November 22, 2008 0830 hrs IST

Approach paper readied ...

LiveJournal Gets India Focused Communities

News > Internet , November 22, 2008 0938 hrs IST

For all you movie and sports buff ...

Indians Big in Online Spending

News > Internet , November 21, 2008 1857 hrs IST

Surprisingly 76% spend on digital downloads ...

Flash Drives Surpasses Blu-ray Capacity

News > Gadgets , November 21, 2008 1831 hrs IST

Kingston new offing the -- DT150 USB drives ...

Search Gets Personal With Google SearchWiki

News > Internet , November 21, 2008 1748 hrs IST

A service giving search power to the user ...

 

USER REVIEWS

MOST POPULAR NEWS

Hide
News

Could A DVR Save Your Marriage?

News | Consumer Electronics | 04 Sep 2008

...Or should you stick to your shrink?
News

Firefox Counters Chrome's Speed Test

News | Internet | 04 Sep 2008

According to Mozilla's SunSpider test, Firefox 3.1 is 28% faster than Chrome on ...
News

Nokia N96 for Rs. 40,000?

News | Telecom | 04 Sep 2008

False alarm everyone... We have learnt from Nokia that the N96 will be priced be...

MOST POPULAR REVIEWS

Hide

MOST POPULAR GAMES

Hide

MOST POPULAR DOWNLOADS

Hide
Downloads

Forbidden.exe

Downloads | Games | 02 Sep 2008

Downloads

md5deep

Downloads | System Tools | 04 Sep 2008

Downloads

RivaTuner

Downloads | System Tools | 03 Sep 2008

Close