Learn more
PC maintenance, hobbies, pens and pets
Most Recent Posts
0 comments

Remove Trojan Zlob with Free Tools

Posted Sep-22-08 12:03:45 PDT
In brief, Zlob has been circualting around the web since 2005. But it hasn't lost its strength; on the contrary, it seems to be getting more aggressive in exploiting Windows and software vulnerabilties to attack computers.
What's interesting though, is that Zlob trojan quite successfully creeps into allegedly protected computers. Sadly, but an up-to-date Internet Security Suite from McAfee or Symantec (most commonly found on OEM computers and laptops) is not enough to stay protected against zlob infection.

That's why owners of infected PC's and laptops keep looking for zlob free virus removal tools. Often they're directed from Google or other search engine to websites promising "free scan" which is of no help to malware-filled PC's. Moreover, those free scanners not always are as innocent as they look; some are bundled with adware and would scare the user with dangerous Zlob infection in scan results. It's not that such software detects Zlob, but it certainly does a lot to make the unlucky user PAY for zlob removal. Who cares if zlob remover is useless because it never detects the malware trojan?

I did my best to create a list of free zlob removal tools that are really free and - what's more important - do not require installation. They do not contain embedded ads and are very simple to use.

So, VundoFix is one fo the first tools to be used if there's a need to remove Zlob. It covers a wide variety of zlob mutations.

F-secure, a security vendor from Finland, provides a free zlob remover that targets certain types of this trojan virus.

G-Data security, a little known in the West countries but very powerful antivirus suite from Poland, offers a remover to tackle hundreds of most annoying parasites including trojans and spyware.

Learn how to remove Zlob and what free tools are available to erase the trojan.
Comment|Report this post
0 comments

How to Remove Virtumonde Trojan

Posted Sep-12-08 00:26:00 PDT

It's been long since Virtumonde attempted to hit #1 spot in the competition of Web's most disastrous trojan viruses. Virtumonde creators went to extreme lengths to make this trojan hell of mallware. They programmed virtumondo with the ability to resist to removal attempts taken by most popular antivirus software programs. McAfee, Norton, Doctor Spyware, Lavasoft Ad-Aware - all faced the new trojan challenge with weak removal algorithms.

This has become a reason why new virtumonde removers had to be developed and supported, both by software companies and volunteer coders. If a desktop antivirus was able to detect the trojan, it couldn't remove it. Self-resistance mechanism built in this malware made the process of virtumonde removal a non-trivial task. Virtumonde goes far further from just setting it to auto-start in the Registry Run key. It creates a tight integration with critical system processes - Explorer and Winlogon, thus becoming bullet-proof to attempts to impede its functioning. Even if a security program (e.g. antivirus) is able to remove some of virtumonde virus files, the trojan recreates itself after next reboot.

Trojan Virtumonde monitors the Windows memory where it keeps a special watching module. It serves as a sentinel guarding the malware memory space; once antivirus program unloads virtumonde from the memory, the sentinel puts the trojan back into memory.

Overall, any virtumonde removal tool pretending to be effective in fighting this trojan should allow to complete the removal in three steps without intermediate restarts.

  1. Unload virtumonde trojan from the memory, while simultaneously blocking malware attempts to load itself back;
  2. Remove the linking with Explorer and Winlogon;
  3. Delete registry keys setting virtumonde to autostart with Windows booting.

Virtumonde Fix (also known as VundoFix) is a popular free virtumonde remover. It needs no installation, works even in Normal Mode. The creator of this removal tool claims it to b able to remove virtumonde of many variations. Virtumonde fix is supported and updated in case new variants of the trojan appear.

Symantec developed another free fix tool to remove virtumonde, but it covers a narrower bunch of supported variants.

Ad-aware claims to have included its Virtumonde Remover 1.0 into the software itself.

It's worth noting that it's way more difficult to remove virtumonde trojan than to protect PC's against infection. Malwarebyte's anti-malware, a-squared by EMSISOFT, SUPERAntiSpyware and other programs have background guards to prevent installation of virtumonde.

Therefore it's advised to set adequate protection before there rises the need to remove virtumonde trojan.

And there are sound resons behind that logic. Virtumonde can:

  • disable Task Manager
  • disable Desktop Properties
  • change Wallpaper (desktop background) and screensaver
  • disable Registry Editor
  • hide taskbar and desktop icons
  • cause endless loop of pop-ups with ads
  • redirect browser searches to malicious websites

Unfortunately, common antivirus protection found on OEM computers (with pre-installed Norton, McAfee, etc) often is not capable of detecting the infection, allowing virtumonde trojan to creep into the system.

Comment|Report this post
0 comments

How to Remove Vundo Virus

Posted Jul-25-08 07:47:24 PDT Updated Jul-25-08 07:47:53 PDT
Vundo has turned to be a real disaster for millions of PC users worldwide. Its ability to exploit numerous way to penetrate into a target Windows system makes it very dangerous by itself. But the impact it can have on infected computer is beyond all expectations!
Trojan vundo can have the following major symptoms on infected Windows boxes:

    * Severely corrupted registry;
    * Overuse of virtual memory;
    * lots of non-legit running processes;
    * persistent adware pop-ups;
    * browser hijacks;
    * infected System Volume Information folder;
    * all kinds of errors, including RUNDLL, etc.;

All this can lead to Windows unable to boot. In fact, these cases are pretty common after a Vundo virus infection occurs.
So how to remove Vundo?
Despite my inclination to use manual removal steps for all kinds of infections, in case with Vundo trojan its pretty useless. Vundo exists in various mutations (like Vundo gen d), the number of which increases literally daily. That's why antivirus software manufacturers may have cure for certain types of Vundo, but miss definitions to fight the rest of Vundo variations.
There's been developed a free vundo removal tool called Vundo Fix. It's been constantly updated to keep up with the new mutations of the malware, and normally it is the first vundo remover you should try.
However, there are cases when running Vundo Fix is not enough to get rid of the trojan and its entries.
Free versions of SUPERAntiSpyware and Malwarebyte's anti-malware are helpful to accomplish the vundo removal.
Also, German antivirus maker, vendor of Avira AntiVir, provides a free version of its software (called Avira

Personal Classic) which is proven to be effective in detecting and removing the vundo virus. Besides, it features daily updates.
Visit Trojan Vundo Virus Removal hubpage for more information on combatting the nastiest rogue software ever.
Comment|Report this post
0 comments

XOFTspy Portable Anti-spyware

Posted Jul-19-08 03:29:11 PDT
This is strange but the market of PC security software for U3 fkash drives is somewhat scarce. Apart from several stand-alone antivirus applications (like McAfee's Stinger and Scanner) that don't have a feature of updating, there are less than half a dozen truly U3 compatible programs. One of them is XoftSpy antispyware for U3 drives, currently released in version 1.1.
XoftSpy portable anti-spyware seems to be the only of its kind. With weekly updates of spyware signatures, this tiny aplications (takes about 10 megs of space on a U3 drive) it is very helpful in cleaning out computers.
Nobody gets surprised when malware corrupts the installed desktop antivirus and antispyware. Because not many PC owners have bootable CD's with updated malware removers, a U3 drive often is the easiest option to remove tons of spyware and other types of malware.
XoftSpy's anti-spyware is effective independently of Internet connection, which sometimes is dropped off by nasty malware. XoftSpy works in normal Windows mode - it is not a command-line scanner. The database of spyware definitions is simply huge.
For PC users who enjoy helping out friends in need, XoftSpy portable anti-spyware can mean a drastic step ahead of traditional bootable rescue media.
Comment|Report this post
0 comments

Free Malware Removal with Command Line Scanners

Posted Jul-18-08 10:05:30 PDT
There's no surprise that according to different researches spyware is reported to be lingering in 9 out of 10 PC's. What's more, I'm confident that over a half of all infected computers have some kind of anti-spyware software installed, or at least a working antivirus.
One of the reasons for the uviquitous nature os spyware is that it us able to penetrate into a target computer using many ways. Most of them include the use of Windows vulnerabilities, often found in Internet Explorer (that's why the easiest way to considerable tighten the PC security is to switch from Internet Explorer to either Opera or Mozilla Firefox browser). It is always recommended to have all Windows components updated, but there are too many critical security breeches to close them all. Spyware is created to take over the target system bypassing even fully working antivirus software.
Therefore the task of removing spyware infections is not an easy one. Running installed PC security software is not enough. Often your desktop antivirus will cease functioning because of the spyware impact.
An easy, but time consuming way is to use online virus scanners. All big PC antivirus software vendors offer free services to let their customers clean out the computers. The choice of web virus scanners is impressive. Most of them support the detection and removal of the following types of malware: spyware, adware, trojans, dialers, rootkits, and more - not speaking about conventional viruses. TrendMicro Housecall runs both on Internet Explorer and Firefox platforms (with Java support). Recently Kaspersky online scanner updated its interface and now supports Java as well. Other virus scanners traditionally require IE+ActiveX.
Another way (my favorite) requires some thinking because it's about command-line malware scanners. I was happy to discover that a-squared anti-malware offers a fully functional command-line version of its premium software... for free! The latest build with newest anti-malware definitions is always available at a-squared website. But because many PC users find it difficult to work in command-line environment, I've made a short tutorial to show how to use a-squared anti-malware command-line scanner for removing different types of malware. It takes less than a minute to type in the parameters and start the scanner. For those who do not want to install (or cannot because of spyware impact) yet another security software, this is an ideal way to try a powerful free malware removal tool without installing anything. A-squared's anti-malware command line tool unpacks into a single directory and does not need to be installed.
Here's my guide to using a-squared command-line scanner to remove many types of malware
with this really free malware remover.
Comment|Report this post

About eBay | Announcements | Security Center | eBay Toolbar | Policies | Government Relations | Site Map | Help
Copyright © 1995-2008 eBay Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy.
eBay official time