User Tools

Site Tools


software:virus

This is an old revision of the document!


<html> <style> h1 { color: #900;

   /* font-size: 114%; */
   font-weight: bold; 
   margin-top: 6px; 
   padding-bottom: 8px; 
   text-transform: 
   uppercase; 
   display: block;
   font-size: 2em;
   margin-top: 0.67em;
   margin-bottom: 0.67em;
   margin-left: 0;
   margin-right: 0;
   font-weight: bold;     
 }

h2 { border-bottom: 1px solid #d7d7d7;

   color: #1b1b1b; 
   color: #900;
   font-weight: bold; 
   margin-bottom: 5px; 
   margin-top: 4px; 
   padding: 3px 0;
   display: block;
   font-size: 1.7em;
   margin-top: 0.79em;
   margin-bottom: 0.79em;
   margin-left: 0;
   margin-right: 0;
   font-weight: bold;     
 }

h3 { font-weight: bold;

   color: #900;
   font-size: 92%; 
   line-height: 1.5em;
   display: block;
   font-size: 1.45em;
   margin-top: 0.92em;
   margin-bottom: 0.92em;
   margin-left: 0;
   margin-right: 0;
   font-weight: bold;     
 }

h4 { color: #38505e;

   /* font-size: 144%;  */
   font-weight: bold; 
   color: #900;
   margin: 8px;
   display: block;
   font-size: 1.25em;
   margin-top: 1.07em;
   margin-bottom: 1.07em;
   margin-left: 0;
   margin-right: 0;
   font-weight: bold;
 }

h5 {

   color: #900;
   display: block;
   font-size: 1.1em;
   margin-top: 1.22em;
   margin-bottom: 1.22em;
   margin-left: 0;
   margin-right: 0;
   font-weight: bold;

}

h6 {

   color: #900;
   display: block;
   font-size: 1.0em;
   margin-top: 1.34em;
   margin-bottom: 1.34em;
   margin-left: 0;
   margin-right: 0;
   font-weight: bold;

}

</style> </html>

updating insecure programs

From: http://www.flexerasoftware.com/enterprise/products/software-vulnerability-management/personal-software-inspector/

Personal Software Inspector is a free computer security solution that identifies 
vulnerabilities in applications on your private PC. Vulnerable programs can leave 
your PC open to attacks, against which your antivirus solution may not be effective. 
Simply put, it scans software on your system and identifies programs in need of security 
updates to safeguard your PC against cybercriminals. It then supplies your computer with 
the necessary software security updates to keep it safe.

steps-to-take-when-you-discover-malware

Anti Malware Toolkit

Removal Programs

Make sure that you update each program to get the latest version of their databases before doing a scan.
Malwarebytes' Anti-Malware:

From: http://www.malwarebytes.org/mbam.php

  STEP 02 from: https://forums.malwarebytes.org/index.php?/topic/150253-keep-getting-malicious-website-blocked-message/
  Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below 
  please see the following:  MBAM Clean Removal Process 2x
  When reinstalling the program please try the latest version.
  Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard 
  please Check for Updates by clicking the Update Now... link
  Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non 
  Malware Protection set both PUP and PUM to Treat detections as malware.
  Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the 
  Scan Now>> button.
  Once completed please click on the History > Application Logs and find your scan log and open it 
  and then click on the "copy to clipboard" button and post back the results on your next reply.
  
AdwCleaner
You can also do a check for a rootkit infection with TDSSKiller.
ESET Online Scanner
HouseCall by Trend Micro

From: http://housecall.trendmicro.com/

Custom Scan lets you specify which folders to scan
Quick Scan reduces software scan times to a few minutes
Stand-alone eliminates compatibility issues associated with browser-activated scanners
Smart Scan delivers the latest antivirus protection while reducing download times
Kasperky Free Security Scan:

From: http://www.kaspersky.com/security-scan

as I remember this will only identify not clean

Online Scanners
SuperAntispyware:
Microsoft Safety Scanner:
Windows Defender: Home Page:
Spybot Search & Destroy:
HitManpro
ComboFix
Trend Micro™ Ransomware Screen Unlocker Tool

From: https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx

Ransomware Screen Unlocker Tool is designed to eliminate Lock Screen ransomware from your 
infected PC in two different scenarios:

    Scenario 1: Lock Screen ransomware is blocking “normal mode”, but “safe mode” with 
    networking is still accessible.
    Scenario 2: Lock Screen ransomware is blocking both “normal mode” and “safe mode” 
    with networking.
HouseCall for Home Networks

From: http://housecall.trendmicro.com/us/secure-home-networks/

HouseCall for Home Networks scans all your home network devices to identify potential risks and offer advice on how to eliminate them.
See also:

ShouldIRemoveit

From: http://www.shouldiremoveit.com/index.aspx

  Should I Remove It? is a very simple but extremely powerful Windows application that helps users, both
  technical and non technical, decide what programs they should remove from their PC. This typically
  includes finding and removing all sorts of crapware and bloatware such as adware, spyware, toolbars,
  bundled unwanted applications as well as many forms of malware. The program is very lightweight and
  extremely fast. Should I Remove It? simply scans your computer for all its' installed programs and then
  ranks what should be removed by leveraging the wisdom of the crowd (and of course our technical experts)
  to determine what should not be installed.

toolbarcleaner not a recommeded piece of software

From: http://toolbarcleaner.com/?src=4792&gclid=CJ_pnaiO0rwCFcXm7AodNBMACg

  Toolbar Cleaner removes more than 1,000,000 unwanted toolbars, apps, add-ons, and 
  plug-ins per month including Ask, Alot, Babylon, Bing and MSN Toolbars.

Malware-Removal/Uninstall Malware "Antivirus-2009"

webpage Screeshot chrome extension

From: http://blog.rankun.org/2016/01/15/webpage-screenshot/

Also: http://www.telerik.com/fiddler

Fiddler - Debug traffic from PC, Mac or Linux systems and mobile devices

ckibcdccnfeookdmbahgiakhnjcddpki

C:\Users\bubba\AppData\Local\Google\Chrome\User Data\Default\Extensions
ckibcdccnfeookdmbahgiakhnjcddpki

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage
  chrome-extension_ckibcdccnfeookdmbahgiakhnjcddpki_0.localstorage
  chrome-extension_ckibcdccnfeookdmbahgiakhnjcddpki_0.localstorage-journal

Instead of deleting this time I made read only and mangled the localstorage database

List of Browser Extensions that are Spying on you (Chrome and Firefox) - HTG

Removal of Search conduit

Installed as “Search Protect”

From: http://www.bleepingcomputer.com/download/adwcleaner/dl/125/

AdwCleaner cleaned it

Removal of zepto

Rootkit Scanners

Malwarebytes

Other Info

McAfee Free Tools

Look For

From: http://community.spiceworks.com/topic/277234-network-hit-with-sexy-exe-porn-exe-secret-exe-password-exe-etc?page=4

Characteristics: In the local users %Username% root, a file called 'Google.exe' and 'Runme.exe' will be present, along with another EXE file with a random name

Remove Mac Shield

Mac AntiVirus

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

http://www.apple.com/downloads/macosx/networking_security/avastantivirusmacedition.html

 "Uninstall iAntiVirus.app" in Applications -> iAntiVirus.
 To remove user specific preferences simply delete "com.pctools.iAntiVirus.plist" from ~/Library/Preferences. 

myantispyware.com free-programs

Microsoft Security Bulletin MS08-067

avg removal

Administrator and User Passwords in Windows XP

http://www.kellys-korner-xp.com/win_xp_passwords.htm

net user <user_name> <new_password>.

Information about vulnerabilities associated with the settings of installed applications and the operating system.

  "Task Manager substitution"
  "Autorun from hard drives is allowed"
  "Autorun from network drives is enabled"
  "CD/DVD autorun is enabled"
  "Removable media autorun is enabled"
  "Microsoft Internet Explorer - disable caching data received via protected channel"
  "Microsoft Internet Explorer: disable sending error reports"
  "Microsoft Internet Explorer: clear the list of trusted domains"
  "Microsoft Internet Explorer: clear list of pop-up blocker exceptions"
  "Microsoft Internet Explorer: enable cache autocleanup on browser closing"
  "Microsoft Internet Explorer: start page reset"
software/virus.1488216147.txt.gz · Last modified: 2017/02/27 17:22 by superwizard