Antivirus Software Tips

In this guide I’ll try to explain why you need a good antivirus software package. I’ll also talk about which brands are good and which brands to stay away from. The best antivirus software package is no good if it is not properly maintained and updated. I’ll also give you some guidelines on keeping your antivirus software running smooth.

When reading this guide please keep in mind that these are my opinions that were made from my experience with computers. Other people might have different opinions than I do.

If you’re going to connect your computer to the internet you need antivirus software. It would also be a very good idea to have antivirus software if you won’t be on the internet much too. Most people don’t realize that there are brilliant people out there writing viruses that will steal your identity, crash your computer, spy on you, steal financial information, and much more. You might ask “Why would they do this?” Money. They somehow get paid big bucks to do such a thing. Many of them also do it simply for bragging rights.

These viruses can be very dangerous. Let me give you a few examples of what I’ve seen with my experience with viruses. When I was new with computers I had a virus on my computer that would dial 800 numbers at crazy hours of the night to run up my phone bill. I’ve seen viruses where people actually could see what you see on your computer on their screen. They could move your mouse and type on your computer just like they were sitting in your chair. I’ve seen where they use file swapping software to get financial data from your computer. I’ve had to fix computers where a virus deleted every picture on the computer and set it to not save files any more. The worse was when I caught a virus myself that erased my entire hard drive!

Now that you get a little bit of an idea of what these viruses are capable of doing, lets get you some good protection.

What makes a great antivirus software package? First of all it has to be able to quickly and accurately catch most viruses that find their way on your computer and get rid of them. Some antivirus software packages are better at doing this than others. Fighting viruses is a very complicated task. A great antivirus software package also has to be easy to use and understand and handles the complicated things on its own. A great antivirus software package will not bother you all the time with useless alerts and messages. Antivirus software is what I call “heavy” software. It takes a lot of memory and computing power to run. There is no way around this at this time. I’ve noticed some antivirus software will use more computing power than others with no gain in performance. Great antivirus software will go easy on your computer’s processing power and memory and still protect it from viruses.

I try hard not to point out name brands on this site. But I have to on this topic. There is no way around it. I’ve worked with a few antivirus software packages. Some of them were OK, some were great, and others were a virus in themselves. Below are a few that I recommend.

powerpoint.exe

What are the symptoms that shows your computer have been affected by powerpoint.exe ::.

1) You will see message ” ORKUT IS BANNED,Orkut is banned you fool`,The administrators didnt write this program guess who did?? ”
2) It will not let you open Orkut using Internet Explorer. It will not let you access even YouTube too.

What you should do? ::.

1) First you have to boot your computer in to safe mode by pressing F8 while booting.
2) Then go to search, select in advance option for search in hidden file & folders and system files & folders.
3) In search give keyword"heap41a"
4) You can see a folder name "heap41a" in C:\
5) Shift+ Delete that folder
6) If you can see the message system cam not delete the file, then click ctrl+ alt+delete
7) Try to end task a file svshost.exe
8) Then again try to delete that folder "heap41a".
9) Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
10) In the left panel, double-click the following:HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft> Windows>CurrentVersion>Policies>Explorer>Run
11) In the right panel, locate and delete the entry:winlogon = "%System Root%\heap41a\svchost.exe %System Root%\heap41a\std.txt"
12) Still in the Registry Editor, in the left panel, double-click the following:HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft> Windows>CurrentVersion>Policies>Explorer>Run
13) In the right panel, locate and delete the entry:status = "present"
14) In the left panel, double-click the following: HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft> Windows>CurrentVersion>Explorer> Advanced\Folder>Hidden>SHOWALL
15) In the right panel, locate the entry: checkedvalue = "0"
16) Right-click on the value name and choose Modify. Change the value data of this entry to: 1
17) Close Registry Editor.

next delete the virus folder
You need to delete files named "Autorun.inf" file in every drive and removable drive that have been connected with your PC before
1. Right-click Start then click Search... or Find..., depending on the version of Windows you are running.
2. In the Named input box, type:MICROSOFTPOWERPOINT
3. In the Look In drop-down list, select My Computer, then press Enter.
4. Once located, check if the location of the file is the following:%User Temp% (Note: %User Temp% is the current user's Temp folder, which is usually C:\Windows\Profiles\{user name}\Temp on Windows 98 and ME, C:\WINNT\Profiles\{user name}\Temp on Windows NT, and C:\Documents and Settings\{user name}\Local Settings\Temp on Windows 2000, XP, and Server 2003.)
5. If yes, select the file then press SHIFT+DELETE.
6. Again in the Named input box, type:heap41a
7. In the Look In drop-down list, select My Computer, then press Enter.
8. Once located, check if the location of the file is the following:%System Root% (Note: %System Root% is the root folder, which is usually C:\. It is also where the operating system is located.)
9. If yes, select the file then press SHIFT+DELETE.

Lastly restart your computer and remember to restore back your Folder Option to previous setting.

RavMon or RavMon.exe

What are the symptoms that shows your computer have been affected by RavMon or RavMon.exe ::.

1) You will see some invalid character like some Chinese scripts when you right click on your drive.
2) Your show hidden files and folders not working
3) Your command prompt been disabled
4) Registry Editor been disabled
5) Task manager been disabled

What you should do to remove this virus ::.
It exactly the same way with the solution to remove VirusMawar and the only different is the file name ::.

1) Go to Run then type cmd
2) Paste this line in command window
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
3) Again, go to Run type regedit
4) In Registry editor find keyword "disabletaskmgr" then modify it to 0
5) Open your Task Manager and stop all process with name "RavMon.exe"
6) Search for keyword "nofolderoption" then modify it to 0
7) You also may found keyword "NoFind" there, do same thing as before, modify it to 0
8) Open your Folder Option and in View tab, check for show hidden files and uncheck hide operating system files
9) Now you can delete the virus with name "RavMon.exe" which located in location such as "C:\WINDOWS\system32" , and all drive in your computer.
10) You also need to delete files named "Autorun.inf" in every drive and removable drive that have been connected with your PC before.
11) Lastly restart your computer and remember to restore back your Folder Option to previous setting.

UDM_StrikesBack or ViRusMaWar

What are the symptoms that shows your computer have been affected by UDM_StrikesBack or ViRusMaWar ::.

1) Task Manager have been disabled
2) Folder Option have been disabled
3) Regedit have been disabled
4) Search have been disabled
5) You can find UDM_StrikesBack.html in your drive
6) Your Internet Explorer browser shows title "VirusMawar menguCapKan SelAmaT TaHun BaRu Cina, Terutama kpd WarGa UDM+++"

What you should do to remove this virus ::.

1) Go to Run then type cmd
2) Paste this line in command window
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
3) Again, go to Run type regedit
4) In Registry editor find keyword "disabletaskmgr" then modify it to 0
5) Open your Task Manager and stop all process with name "wscript.exe"
6) Search for keyword "nofolderoption" then modify it to 0
7) You also may found keyword "NoFind" there, do same thing as before, modify it to 0
8) Open your Folder Option and in View tab, check for show hidden files and uncheck hide operating system files
9) Now you can delete the virus with name "ViRusMaWar3.js" which located in location such as "C:\WINDOWS\system32" , and all drive in your computer.
10) You also need to delete files named "Autorun.inf" and UDM_StrikesBack.html file in every drive and removable drive that have been connected with your PC before.
11) Lastly restart your computer and remember to restore back your Folder Option to previous setting.

Type of Virus

Malware - Malware is programming or files that are developed for the purpose of doing harm. Thus, malware includes computer viruses, worms, Trojan horses, spyware, hijackers, and certain type of adware.

Adware - A program that generates popups on your computer or displays advertisements. It is important to note that not all adware programs are necessarily considered malware. There are many legitimate programs that are given for free that display ads in their programs in order to generate revenue. As long as this information is provided up front then they are generally not considered malware.

Backdoor - A program that allows a remote user to execute commands and tasks on your computer without your permission. These types of programs are typically used to launch attacks on other computers, distribute copyrighted software or media, or hack other computers.

Dialler - A program that typically dials a premium rate number that has per minute charges over and above the typical call charge. These calls are with the intent of gaining access to pornographic material.

Hijackers - A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own start page, redirecting search queries to a undesired search engine, or replace search results from popular search engines with their own information.

Spyware - A program that monitors your activity or information on your computer and sends that information to a remote computer without your knowledge.

Trojan - A program that has been designed to appear innocent but has been intentionally designed to cause some malicious activity or to provide a backdoor to your system.

Virus - A program that when run, has the ability to self-replicate by infecting other programs and files on your computer. These programs can have many effects ranging from wiping your hard drive, displaying a joke in a small box, or doing nothing at all except to replicate itself. These types of infections tend to be localized to your computer and not have the ability to spread to another computer on their own. The word virus has incorrectly become a general term that encompasses trojans, worms, and viruses.

Worm - A program that when run, has the ability to spread to other computers on its own using either mass-mailing techniques to email addresses found on your computer or by using the Internet to infect a remote computer using known security holes.