====== updating insecure programs ====== From: http://www.flexerasoftware.com/enterprise/products/software-vulnerability-management/personal-software-inspector/ Personal Software Inspector is a free computer security solution that identifies vulnerabilities in applications on your private PC. Vulnerable programs can leave your PC open to attacks, against which your antivirus solution may not be effective. Simply put, it scans software on your system and identifies programs in need of security updates to safeguard your PC against cybercriminals. It then supplies your computer with the necessary software security updates to keep it safe. ===== steps-to-take-when-you-discover-malware ===== From: http://www.makeuseof.com/tag/10-steps-to-take-when-you-discover-malware-on-your-computer/ From: http://support.mozilla.org/en-US/questions/955005 == Anti Malware Toolkit == From: http://ejaz.me/a.html ===== Removal Programs ===== == Make sure that you update each program to get the latest version of their databases before doing a scan. == **Suggested cleanup procedure for performance help** 2020-12-16 1. You should run Malware Bytes Malware Bytes - https://www.malwarebytes.com/ 2. Scan for Virus / Malware A: Use Defender / ESET Scan a. Open Windows Defender > Virus & threat protection menu > Advanced Scan > Full Scan b. Download ESET / Sysrescue and follow the instructions on the link - https://www.eset.com/us/download/tools-and-util... B. For Slowness of computer You should execute these 2 steps to optimize the system for best experience 1. Run Built-in & Guided Walk through Windows Update troubleshooter Built-in : Windows Key+X > Click Settings > Click Update & security > Click Troubleshoot > Click Windows Update > Click Run the Troubleshooter Guided Walk though - https://support.microsoft.com/en-us/help/10164/... 2. Run through Windows 10 Performance and Install Integrity Checklist by Greg Carmack, MVP to make sure that your Windows installation is rightly set up and optimized. Take all recommended steps outlined there to have best experience - http://answers.microsoft.com/en-us/windows/wiki... From == Malwarebytes' Anti-Malware: == From: http://www.malwarebytes.org/mbam.php STEP 02 from: https://forums.malwarebytes.org/index.php?/topic/150253-keep-getting-malicious-website-blocked-message/ Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below please see the following: MBAM Clean Removal Process 2x When reinstalling the program please try the latest version. Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware. Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply. == RKill link == From: [[http://www.bleepingcomputer.com/download/rkill/]] From: [[http://www.bleepingcomputer.com/forums/topic308364.html]] == AdwCleaner == From: https://www.bleepingcomputer.com/download/adwcleaner/ == You can also do a check for a rootkit infection with TDSSKiller. == From: http://support.kaspersky.com/viruses/disinfection == JunkWare link == From: [[http://www.bleepingcomputer.com/download/junkware-removal-tool/]] == ESET Online Scanner == From: http://www.eset.com/us/online-scanner-popup/ From: "Checklist by Eset" [[http://kb.eset.com/esetkb/index?page=content&id=SOLN2921]] == HouseCall by Trend Micro == From: http://housecall.trendmicro.com/ Custom Scan lets you specify which folders to scan Quick Scan reduces software scan times to a few minutes Stand-alone eliminates compatibility issues associated with browser-activated scanners Smart Scan delivers the latest antivirus protection while reducing download times == Kasperky Free Security Scan: == From: http://www.kaspersky.com/security-scan as I remember this will only identify not clean == Online Scanners == From: "Checklist vy Avast" [[http://forum.avast.com/index.php?topic=53253.0]] From: [[http://www.kaspersky.com/virus-scanner]] From: [[http://www.computerhope.com/issues/chsafe.htm#02|Getting into Computer Safe Mode]] From: [[http://www.virusbtn.com/index|Virus Bulletin's]] == SuperAntispyware: == From: http://www.superantispyware.com/ == Microsoft Safety Scanner: == From: http://www.microsoft.com/security/scanner/en-us/default.aspx == Windows Defender: Home Page: == From: http://www.microsoft.com/windows/products/winfamily/defender/default.mspx == Spybot Search & Destroy: == From: http://www.safer-networking.org/en/index.html == HitManpro == From: http://malwaretips.com/download-hitmanpro == ComboFix == From: [[http://www.bleepingcomputer.com/download/combofix/]] == Trend Micro™ Ransomware Screen Unlocker Tool == From: https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx Ransomware Screen Unlocker Tool is designed to eliminate Lock Screen ransomware from your infected PC in two different scenarios: Scenario 1: Lock Screen ransomware is blocking “normal mode”, but “safe mode” with networking is still accessible. Scenario 2: Lock Screen ransomware is blocking both “normal mode” and “safe mode” with networking. == HouseCall for Home Networks == From: http://housecall.trendmicro.com/us/secure-home-networks/ HouseCall for Home Networks scans all your home network devices to identify potential risks and offer advice on how to eliminate them. == See also: == From: "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked From: "MalwareTips" http://malwaretips.com/blogs/mapsgalaxy-toolbar-removal/ From: "MalwareTips" http://malwaretips.com/blogs/pup-optional-mindspark-removal/#malwarebytes ===== ShouldIRemoveit ===== From: http://www.shouldiremoveit.com/index.aspx Should I Remove It? is a very simple but extremely powerful Windows application that helps users, both technical and non technical, decide what programs they should remove from their PC. This typically includes finding and removing all sorts of crapware and bloatware such as adware, spyware, toolbars, bundled unwanted applications as well as many forms of malware. The program is very lightweight and extremely fast. Should I Remove It? simply scans your computer for all its' installed programs and then ranks what should be removed by leveraging the wisdom of the crowd (and of course our technical experts) to determine what should not be installed. ===== toolbarcleaner not a recommeded piece of software ===== From: http://toolbarcleaner.com/?src=4792&gclid=CJ_pnaiO0rwCFcXm7AodNBMACg Toolbar Cleaner removes more than 1,000,000 unwanted toolbars, apps, add-ons, and plug-ins per month including Ask, Alot, Babylon, Bing and MSN Toolbars. ===== Malware-Removal/Uninstall Malware "Antivirus-2009" ===== [[http://www.malwarebytes.org/|Download First:>Malwarebytes Anti-Malware:]] [[http://www.superantispyware.com/|Then try:>Super Anti-Spyware:]] ===== webpage Screeshot chrome extension ===== From: http://blog.rankun.org/2016/01/15/webpage-screenshot/ Also: http://www.telerik.com/fiddler Fiddler - Debug traffic from PC, Mac or Linux systems and mobile devices ckibcdccnfeookdmbahgiakhnjcddpki C:\Users\bubba\AppData\Local\Google\Chrome\User Data\Default\Extensions ckibcdccnfeookdmbahgiakhnjcddpki C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage chrome-extension_ckibcdccnfeookdmbahgiakhnjcddpki_0.localstorage chrome-extension_ckibcdccnfeookdmbahgiakhnjcddpki_0.localstorage-journal Instead of deleting this time I made read only and mangled the localstorage database ===== List of Browser Extensions that are Spying on you (Chrome and Firefox) - HTG ===== From: https://malwaretips.com/threads/list-of-browser-extensions-that-are-spying-on-you-chrome-and-firefox-htg.22459/ ===== Removal of Search conduit ===== Installed as "Search Protect" From: http://www.bleepingcomputer.com/download/adwcleaner/dl/125/ AdwCleaner cleaned it ===== Removal of zepto ===== zepto virus From: http://www.virusresearch.org/zepto-file-extension-virus-removal/ From: http://malwarefixes.com/remove-zepto-ransomware-zepto-files/ Decrypt (try locky): https://decrypter.emsisoft.com/ From: https://malwaretips.com/blogs/remove-zepto-virus/ 1. Shadow Explorer: http://www.shadowexplorer.com/downloads.html 2. deletes the original: see recovery software in malwaretips or handy recovery ==== Rootkit Scanners ==== [[http://www.bleepingcomputer.com/download/tdsskiller/]] [[http://www.bleepingcomputer.com/download/aswmbr/]] [[http://www.mcafee.com/us/downloads/free-tools/rootkitremover.aspx]] ==== Malwarebytes ==== [[http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe|Download Tool Needed for this: Malwarebytes' Anti-Malware]] ==== Other Info ==== [[http://www.bestdissertation.com/services/thesis.html|thesis papers]] http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009 ===== McAfee Free Tools ===== http://www.mcafee.com/us/downloads/free-tools/ RootKiller: http://www.mcafee.com/us/downloads/free-tools/how-to-use-rootkitremover.aspx ===== Look For ===== From: http://community.spiceworks.com/topic/277234-network-hit-with-sexy-exe-porn-exe-secret-exe-password-exe-etc?page=4 Characteristics: In the local users %Username% root, a file called 'Google.exe' and 'Runme.exe' will be present, along with another EXE file with a random name ===== Remove Mac Shield ===== http://www.bleepingcomputer.com/virus-removal/remove-mac-shield (http://download.bleepingcomputer.com/mac-rogue-remover-tool/mac-rogue-remover.zip) ===== Mac AntiVirus ===== http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx http://www.apple.com/downloads/macosx/networking_security/avastantivirusmacedition.html "Uninstall iAntiVirus.app" in Applications -> iAntiVirus. To remove user specific preferences simply delete "com.pctools.iAntiVirus.plist" from ~/Library/Preferences. ===== myantispyware.com free-programs ===== http://www.myantispyware.com/free-programs/ ===== Microsoft Security Bulletin MS08-067 ===== http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx ===== avg removal ===== http://www.avg.com/us-en/download-tools ===== Administrator and User Passwords in Windows XP ===== http://www.kellys-korner-xp.com/win_xp_passwords.htm net user . ===== Information about vulnerabilities associated with the settings of installed applications and the operating system. ====== "Task Manager substitution" "Autorun from hard drives is allowed" "Autorun from network drives is enabled" "CD/DVD autorun is enabled" "Removable media autorun is enabled" "Microsoft Internet Explorer - disable caching data received via protected channel" "Microsoft Internet Explorer: disable sending error reports" "Microsoft Internet Explorer: clear the list of trusted domains" "Microsoft Internet Explorer: clear list of pop-up blocker exceptions" "Microsoft Internet Explorer: enable cache autocleanup on browser closing" "Microsoft Internet Explorer: start page reset"