|T O P I C R E V I E W
||Posted - May 19 2008 : 12:31:22
Some helpful tools to fight the spread of malware. Update: We've added links to a new section of prevention tools offered by Trend Micro as well as a couple of new freebies to detect rootkits and bot-type activity.
Malware Prevention Tools from Trend Micro
Prevention Tools (including iPhone apps, etc.)
Browser Guard - Protects your browser against new Web Threats.
Email ID - Easily identify email messages from legitimate senders.
Spyware Detection/Remediation Tools
Rootkit Buster - This helps you get rid of Rootkit-type viruses. (See the "It's All 'Geek' to Me segment)
RUBotted - This helps detect suspicious bot-like activity on your computer.
Trojan Remover - This is a 30-day trial. I usually install it, run it, then uninstall it. I haven't tried reinstalling this program to see if it would work again after the 30 days passes. I suspect it won't.
Malware Bytes or at Download.com or at Ninite.*
Super AntiSpyware (Get the free one, or use Ninite below)*
HiJackThis! (rename it when downloading - some malware programs look for this program)
Fake Antivirus Remover from TrendMicro
Windows Defender Offline lets you make a bootable Flash Drive, CD, or DVD that can clean up viruses/malware that won't otherwise go away. Be sure and get the version (32 or 64-bit) that's appropriate for the system being cleaned. If you want to make a CD/DVD/ISO on Windows XP, you'll need the IMAP v2.0 download or here.
Junkware Removal Tool is a Command Line utility that removes toolbars and other software that falls into the Potentially Unwanted Programs (PUPs) genre.
ADWCleaner is a Windows utility to remove PUPs. I recommend running both Junkware Removal Tool and ADWCleaner when cleaning a system.
Online Antivirus Scanners
Trend Micro Housecall
Microsoft Safety Scanner
ESET Nod32 Online Scanner
Trend Micro's AntiRansomware
Using Trend Micro AntiRansomware Tool This article has good information about what to do if you get infected with something like the FBI virus, or some other malware that keeps you from using your computer; then demands payment to get your stuff back. Please note that if you have the Crypto Locker virus that encrypts your files, this program may get the virus off your computer, but your files won't be decrypted. Nothing does that. If you have Windows Vista, 7, or 8, you can use the previous versions feature to retrieve your files if you go back far enough.
Downloadable Antivirus Scanners
AVG Antivirus - This link always takes you to the latest version of the Free Edition's download page*
Update: We've had a report that when AVG expires, a link may appear that purports to let you upgrade to the newest, paid version. Be careful. It may take you to Software Pros. There, you'll be charged for "support" for the free versions of various software, including AVG.
Microsoft Security Essentials - I have used this one and found it to be pretty good.*
Ninite - Go here to get a downloader that will install or update many of the programs found here all in one step. Applicable programs are marked with a *
Revo Uninstaller - Helps you uninstall programs that won't otherwise go away.*
Steven Gould's Cleanup
Dial-A-Fix Note: This program doesn't work with Vista as of version 0.60.0.24. It's good for things like making Windows Update work again and for cleaning up settings after a malware removal session. If in doubt, check all the boxes because running these fixes won't break anything.
D7 at MajorGeeks This tool is good for doing a lot of things in an automated fashion.
How to use these (Brief)
1. Go to Ninite and click the check boxes to choose the following items:
Scroll all the way to the bottom of the Ninite screen and click Get Installer. On the page that follows, click Download Installer. Save (don't run) that program on your Desktop. You'll need it again to update the programs you've chosen. It's a fast download. When it's done, run it and wait for it to complete.
- Everything in the Runtimes category
- In the Documents category, Reader and/or Foxit Reader
- In the Security category, Malwarebytes, Super (which is SuperAntispyware, I don't know why they changed the name), and either AVG or Microsoft Security Essentials (but not both)
- Under Utilities, Auslogics, CCleaner (unless you want to download Cleanup instead)
2. Download Trojan Remover.
3. Download Cleanup if you chose not to get CCleaner.
4. Run whichever cleanup utility you chose and let it at least clean up the temp files and the browser cache. This will make the scans that follow run faster.
5. Run Trojan Remover because some malware won't allow you to install or run MalwareBytes or SuperAntiSpyware. Let it remove anything it wants to remove and if it wants to reboot, let it.
7. Run Malwarebytes' Quick Scan and SuperAntispyware's Full Scan and allow them to remove whatever they find.
You may choose to run Malwarebytes' scan, and then SuperAntispyware's scan sequentially. If so, I would run Malwarebytes first because its scan tends to be shorter. If anything is found, each program will probably want to restart your computer after the scan completes.
You may also choose to run the Malwarebytes and SuperAntispyware scans simultaneously; that is how I usually do it. Be aware that this will increase the amount of time it takes for each individual scan to complete, and it will result in double detection of most malicious software. You'll also want to wait until both scans complete before allowing the computer to be restarted.
If anything remains, download and run first Smitfraudfix, then Combofix.
Hope it helps,