Optimize Windows 10 & Windows 8 (8.1)

We show you how to Optimize Windows 8 (8.1) & Windows 10 for Best performance on your aging desktop or laptop PC.

How to Fix and Remove Nettraveler Infection

Leave a comment

Nettraveler is a cyber-threat to the computers. It is an infection with high risk and capability to collapse the entire system, within no time. The intruder interferes into the system, steals significant and sensitive information, and reports this information to its users. It usually skins with frequently used applications or Windows processes to hide from security shields. The main area under its attack is Windows Registry database.

Fix Virus Net Traveler and Make PC Smooth

Causes of Intrusion

As stated earlier, Nettraveler has the property to affiliate with authentic elements; that does not mean it is unstoppable. There are certain known ways, through which, Nettraveler finds a way into your PCs. One of the loop holes is the out-dated security solutions that lack the latest and necessary patches. It is always recommended to set a strong PIN for the administrator, as it is authorized to modify major settings of a PC. A weak administrator password may not defend, and give up against a merely stronger threat. Another source of Nettraveler is a very common one, that is, the Removable Drives. Auto-play enabled structure for the removable drives lets a threat to load, as soon as it is connected to the PC.

What does it Do?

First of all, Nettraveler takes over entire system session, through the legitimate processes of Windows. These processes, specifically are, explorer.exe and svhost.exe, which make the dispersion quite easy for it. It then replicates itself within the directories and folders of the partition, where Windows is set up. Being specific, these locations usually are, Internet Explorer, Movie Maker, Application Data, Temp, and System. Nettraveler exists within these named folders with a random unusual name and .dll extension. Afterwards, it disables the services which may intimidate itself. These services are BITS (Background Intelligent Transfer Service), wuauserv (Windows Automatic Update Service), browsing to the sites that may link to a tool that can terminate such kind of infection. Nettraveler is then connected to its developer’s domain to download the latest of its kind.

Note: Nettraveler acquires access to the Windows Registry database, where it locates and deletes the SafeBoot registry key. This makes your system unable to go to the Safe Mode.

Steps to eliminate Nettraveler

  • Go to the Task Manager
  • Access and stay on the Processes tab
  • Locate and End the following items, in the list of running processes

toolbardtx.ini

toolbaruninstall.dat

toolbarversion.xml

  • Open Run box, type ‘regedit’, and hit Enter to open Windows Registry Editor
  • In the left panel of Registry Editor, navigate to and delete the following keys

SOFTWARE Classes [NetTraveler]IEHelper.DNSGuardCurVer

SOFTWARE Classes [NetTraveler]IEHelper.DNSGuardCLSID

SOFTWARE Classes [NetTraveler]IEHelper.DNSGuard

SOFTWARE Classes [NetTraveler]IEHelper.DNSGuard.1

  • Close Registry Editor, and Restart your System

 

Precautions

Once your PC is out of trouble, it is recommended to run a Virus Scan over your directories to identify and terminate any still-existing threats. As a precaution, always keep your security solution applications up-to-date; always use safe free registry cleaner to keep your Windows Registry database free of errors and invalid entries; disable Auto-play feature, if not necessary, in case of constant use of removable devices.

Related Articles:

How to Manually Remove Computer Viruses

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s