ALL OF THESE PROGRAMS ARE FREE!
IF STARTING A THREAD CONCERNING POSSIBLE MALWARE / INFECTIONS PLEASE READ THE FOLLOWING LINKS FIRST!!!!!!!!
http://forum.worldstart.com/showpost...98&postcount=1 Machine infected, stick with the cleanup!
http://forum.worldstart.com/showthread.php?t=151388 SYSTEM RESTORE INFO
WANT TO KNOW WHAT MALWARE IS
TIPS FOR KEEPING YOUR MACHINE CLEAN OF MALWARE
HOW TO COPY AND PASTE (for logs)
ONLY HAVE ONE OF THESE ANTIVIRUS' INSTALLED AND RUNNING
Manual update link for Avast http://www.avast.com/eng/updates.html
Critical Settings for Avast 8
Manual update link for Avira http://www.avira.com/en/support/vdf_update.html
CRITICAL SETTINGS FOR AVIRA Antivirus
ANTIVIRUS REMOVAL TOOLS (McAfee,Avg.Avira,CA,etc)
NORTON REMOVAL TOOLS
ONLY HAVE ONE OF THESE FIREWALLS INSTALLED AND RUNNING (make sure Windows Firewall is off after installation)
http://www.online-armor.com/downloads.php ONLINE ARMOR
http://www.youtube.com/watch?v=JwiIJwUY7Cc TUTORIAL FOR OA
http://www.filehippo.com/download_outpost_firewall/ OUTPOST FIREWALL
http://www.softpedia.com/get/Securit...firewall.shtml PRIVATE FIREWALL
HD IMAGING PROGRAMS
http://majorgeeks.com/Macrium_Reflec...ion_d6034.html MACRIUM REFLECT
REGISTRY BACKUP TOOL
ANTI MALWARE TOOLKIT
ANTISPYWARE/MALWARE SCANNING APPS
http://majorgeeks.com/downloadget.ph...d909666f809b26 MALWAREBYTES Updates and scans are manual only in the free version.
http://www.superantispyware.com/download.html SUPERANTISPYWARE Updates and scans are manual only in free version.
http://forum.worldstart.com/attachme...6&d=1309224485 Adjust settings so the program does not start with Windows(free version)
http://www.filehippo.com/download_sp...7f3aa08bf53c0/ SPYBOT S&D Do not use Tea Timer function
http://www.freedrweb.com/cureit/ DR WEB CURE IT
ANTISPY/KEYLOGGER/HIPS PROTECTION SPYSHELTER This can be run alongside your antivirus, it does provide realtime protection
(Settings help choose Ask User and do not put a check in Auto Block Suspicious Behavior,program is a bit strong in this area)
WHAT IS HIPS PROTECTION
http://www.majorgeeks.com/downloadge...7615f4682b4cef SPYWAREBLASTER Silently blocks malware,etc. MUST HAVE PROGRAM
http://forum.worldstart.com/attachme...7&d=1237785966 How to enable all protection in Spywareblaster
HIJACK THIS Shows whats running and items can be removed with this
http://free.antivirus.com/hijackthis/ XP ONLY
ONLINE SCANNERS Disable your own Antivirus first to run these
RKILL (Stop running malware processes to allow removal) Same tool,different extensions,1 gets blocked by the malware or doesnt work try one of the others
http://www.bleepingcomputer.com/forums/topic308364.html SMALL DOS WINDOW (black) APPEARS FOR A FEW SECONDS ONLY THAT IS THE TOOL STOPPING MALWARE PROCESSES ALLOWING REMOVAL
TDSS ROOTKIT REMOVAL TOOL
WANT TO GET STARTED CLEANING YOUR MACHINE,FOLLOW THESE DIRECTIONS THEN START A THREAD AND POST ALL LOGS TO INCLUDE DDS LOGS
Note: for some infections, Rkill needs to be run first for Malwarebytes to work.
You need to do the following:
Download AdwCleaner from here:
Follow these instructions which are given on the download page:
Simply download the program and run it. You will then be presented with a screen that contains a Search and Delete button.
First click the Search button.
AdwCleaner will search your computer for unwanted programs and then display a log showing the various files, folders, and registry entries used by these programs.
Then click on the Delete button, which will cause AdwCleaner to reboot your computer and remove the files and registry entries associated with the various adware that you are removing.
On reboot, AdwCleaner will display a log showing the files, folders, and registry entries that were removed.
Post back with that log
Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.
* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version if one is available. There are always new updates to the definitions.
* Once the program has loaded, select Perform full scan, then choose the drive(s) then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected if malware is found.
* When MBA-M finishes, Notepad will open with the log. The log can be retrieved by opening up MBAM and clicking on the Logs Tab at the top of the program .
Reboot the computer
ESET Online Scanner
* You can use Internet Explorer to complete this scan and you will need to allow an Active X to be installed or you may use Firefox
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.
(One note,if the Eset scan finds malware,choose a few of the online scanners to run from above and run them before posting the DDS LOGS but add those logs to your post also)
Reboot the computer.
Download DDS by sUBs and save it to your Desktop.
Be sure follow the instructions below carefully
• If your AV has a script blocker, please disable it
• DoubleClick on dds.scr to run the tool
* A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
* Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).
• Copy&Paste both the DDS.txt and the DDS Attach.txt into your post for assistance.
Notice I say copy/paste BOTH logs. The Attach.txt log says at the top to attach it, please do not attach it but copy/paste it also
Both of these logs are very long and because of that will take multiple replies in order to post them here. Please split the logs carefully as each and every line must be seen.
IS YOUR SYSTEM SECURE? SHIELDS UP
MACHINE BECOME SLUGGISH
TEST YOUR DEFENSES HERE
http://www.misec.net/trojansimulator/ XP ONLY
FASTONE SCREEN CAPTURE
http://majorgeeks.com/downloadget.ph...41ebea520d92f4 UNLOCKER Stubborn file or folder that wont delete,install this, right click on the file/folder and choose UNLOCKER then delete
MCAFEE SITE ADVISOR
WEB OF TRUST (Warns about risky links)
https://addons.mozilla.org/en-US/firefox/addon/3456/ WOT FOR FIREFOX
http://www.mywot.com/ WOT FOR IE
FIREFOX SECURITY AND PRIVACY ADD ON LINKS WOT,ADBLOCK PLUS,NO SCRIPT ETC
BLOCK ADS IN IE
HARDWARE DRIVER BACKUP TOOL
JUNK FILE CLEANER
http://www.techsupportalert.com/vide...e-ccleaner.htm Video tutorial on use of Ccleaner
MVPS HOSTS FILE
STARTUP ITEMS WEBSITES
http://www.bleepingcomputer.com/startups/ Need to know more about a particular startup item
http://www.systemlookup.com/ Need to know more about a particular startup item
START UP CONTROL PROGRAMS
http://www.winpatrol.com/download.html WINPATROL STARTUP CONTROL
Differences between the paid and free version http://www.winpatrol.com/whyplus.html
http://www.snapfiles.com/get/starter.html CODE STUFF STARTER
DO NOT USE MSCONFIG TO DISABLE STARTUPS
Only have 1 Antivirus and 1 Antispyware/malware application that has real time protection running at startup(This would pertain to paid versions of Malwarebytes and Superantispyware from this list)
You can have as many of the Antispyware type programs installed to scan with as long as they dont have real time protection(start with Windows with real time protection enabled) as you like.
Spywareblaster does not run with Windows. Install it, update it regularly, enable all protection, close the program