+MBLAQ: Joon  ▬▬▬ HEDGEHOGS

Virus Help and Stuff

I decided to make a virus removal guide because I am always linking people to stuff.... and.... yea. Here is how I deal with malicious software. I recommend downloading all of these programs NOW and saving them on a flash drive, even if you do not need them at the moment. You never know when you will need them, and some malware blocks internet access, rendering you helpless.

Programs to get rid of malware:

Rkill ➤DOWNLOAD
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.


TDSKiller ➤DOWNLOAD
A rootkit is a program or a program kit that hides the presence of malware in the system.

A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install its own drivers and services in the system (they also remain “invisible”).

Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits.


Malwarebytes ➤DOWNLOAD
Malwarebytes Anti-Malware Free utilizes Malwarebytes powerful technology to detect and remove all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more.


Spybot – Search & Destroy ➤DOWNLOAD
Spybot – Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows 95 and later. It scans the computer hard disk and/or RAM for malicious software.


real time virus protection:
(NOTE: ONLY INSTALL ONE. Running two virus programs at once can bring up false negative AND let viruses through.)

Avast! ➤DOWNLOAD
I love Avast! My favorite feature is the boot time scan. Its easy to set up. It also always blocks me from websites that are malicious, but it isn't annoying about it, and lets me view them if I really want to. I haven't gotten a single virus since switching to Avast!


Microsoft Security Essentials ➤DOWNLOAD
I have never used this so I have nothing to say about it.


Kaspersky ➤DOWNLOAD
If you have the money to spare, get this. I have never used it, but their TDSKiller has saved many computers I needed to fix, so I would bet their virus protection is just as good. And seriously, hasn't everyone heard of how this is rumored to be the best anyway?


Others I wont link to:
Norton: I used to use Norton long ago.... and it basically fucked up my computer, and then when I went to uninstall it it destroyed my computer and I was forced to reformat. I have heard many horror stories about Norton. Don't do it. And what do you know, I just fixed a virus on my uncles computer and he was using Norton... and Norton KEPT BLOCKING ME FROM RUNNING THE ABOVE SCAN PROGRAMS.. I wasn't able to remove the virus until I painstakingly cleaned his computer of Norton first.


browsers:
If your browser has been hijacked with toolbars, and your search bars have changed from the default (google) to something else, and won't go back when you tell them to... Well you can take the long way around and fix it in about:config... or just back up everything and reinstall your browsers. If you are using Internet Explorer........ STOP.

Firefox ➤DOWNLOAD

Chrome ➤DOWNLOAD

Opera ➤DOWNLOAD


other useful utilities:

hijackthis ➤DOWNLOAD
HijackThis is for advanced users. If you are not familiar with running processes on your computer as well as anything ever installed that could tie into your web browser, it will not be much help to you.

HijackThis is a free utility that generates an in depth report of registry and file settings from your computer. HijackThis makes no separation between safe and unsafe settings in its scan results giving you the ability to selectively remove items from your machine. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.


CCleaner ➤DOWNLOAD
I would recommend not messing with the registry section of this program, but I find that the startup editor is better than Microsofts built in msconfig.

CCleaner is the number-one tool for cleaning your Windows PC. It protects your privacy online and makes your computer faster and more secure. Easy to use and a small, fast download.


Autoruns ➤DOWNLOAD
Since writing this guide two years ago, I have actually switched to Autoruns for managing my startup among other things. This is for advanced users, and the above is find for beginners still.

Autoruns is a free Sysinternals tool from Microsoft that enumerates all the programs that automatically start on a Windows machine. You can then examine this list of programs to see if they should be running or should be disabled. Disabling unnecessary startups allows your computer to run more efficiently by reducing CPU usage and memory consumption.


what i do:
  • Open Malwarebytes and update it.

  • Open virus scan and update it.

  • Open CCcleaner and [TOOLS > STARTUP > Disable what you don't need.]

  • Restart computer w/ boot time scan.


  • If problem still exists:

  • Disable internet.

  • Run Rkill.

  • Run Malwarebytes.

  • Remove what it finds.

  • Restart computer.


  • If problem still exists:

  • Disable internet.

  • Run Rkill.

  • Run Spybot – Search & Destroy.

  • Remove what it finds.

  • Restart computer.


  • If problem still exists:

  • Disable internet.

  • Run Rkill.

  • Run TDSKiller.

  • Remove what it finds.

  • Restart computer w/ boot time scan.


!!!: If you cant run a program try renaming it!

..... And.......... I mess around a whole lot more. It is never an instant fix. It takes times. Sometimes you need to run Malwarbytes > TDSKiller > Malwarebytes AGAIN before it removes what is wrong. You can also try doing some of these things in safe mode. ANYWAY HOPE THIS IS HELPFUL! (And let me know of any other tools you want me to add to the list!)


Here is a download with a zip of all the programs listed above, and a html file of this entry that you can read offline. I recommend saving it to a folder on a flash drive.

This was originally posted on DreamWidth. Please comment where you feel most comfortable.