DAConsult Forums
DAConsult Forums
Home | Profile | Register | Active Topics | Members | Search | FAQ
 All Forums
 Windows XP
 AntiMalware Toolkit

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!

Format Mode:
Format: BoldItalicizedUnderlineStrikethrough Align LeftCenteredAlign Right Horizontal Rule Insert HyperlinkInsert Email Insert CodeInsert QuoteInsert List

* Forum Code is ON
Smile [:)] Big Smile [:D] Cool [8D] Blush [:I]
Tongue [:P] Evil [):] Wink [;)] Clown [:o)]
Black Eye [B)] Eight Ball [8] Frown [:(] Shy [8)]
Shocked [:0] Angry [:(!] Dead [xx(] Sleepy [|)]
Kisses [:X] Approve [^] Disapprove [V] Question [?]

Check here to subscribe to this topic.

T O P I C    R E V I E W
1029usr078198 Posted - May 19 2008 : 12:31:22
Some helpful tools to fight the spread of malware. Update: We've added links to a new section of prevention tools offered by Trend Micro as well as a couple of new freebies to detect rootkits and bot-type activity.

Malware Prevention Tools from Trend Micro

Prevention Tools (including iPhone apps, etc.)
Browser Guard - Protects your browser against new Web Threats.
Email ID - Easily identify email messages from legitimate senders.

Spyware Detection/Remediation Tools

Rootkit Buster - This helps you get rid of Rootkit-type viruses. (See the "It's All 'Geek' to Me segment)
RUBotted - This helps detect suspicious bot-like activity on your computer.
Trojan Remover - This is a 30-day trial. I usually install it, run it, then uninstall it. I haven't tried reinstalling this program to see if it would work again after the 30 days passes. I suspect it won't.
Malware Bytes or at Download.com or at Ninite.*
Super AntiSpyware (Get the free one, or use Ninite below)*
HiJackThis! (rename it when downloading - some malware programs look for this program)
TDSS Killer
Silent Runners
Fake Antivirus Remover from TrendMicro
Windows Defender Offline lets you make a bootable Flash Drive, CD, or DVD that can clean up viruses/malware that won't otherwise go away. Be sure and get the version (32 or 64-bit) that's appropriate for the system being cleaned. If you want to make a CD/DVD/ISO on Windows XP, you'll need the IMAP v2.0 download or here.
Junkware Removal Tool is a Command Line utility that removes toolbars and other software that falls into the Potentially Unwanted Programs (PUPs) genre.
ADWCleaner is a Windows utility to remove PUPs. I recommend running both Junkware Removal Tool and ADWCleaner when cleaning a system.

Online Antivirus Scanners

Trend Micro Housecall
Microsoft Safety Scanner
ESET Nod32 Online Scanner

Trend Micro's AntiRansomware

Using Trend Micro AntiRansomware Tool This article has good information about what to do if you get infected with something like the FBI virus, or some other malware that keeps you from using your computer; then demands payment to get your stuff back. Please note that if you have the Crypto Locker virus that encrypts your files, this program may get the virus off your computer, but your files won't be decrypted. Nothing does that. If you have Windows Vista, 7, or 8, you can use the previous versions feature to retrieve your files if you go back far enough.

Downloadable Antivirus Scanners

AVG Antivirus - This link always takes you to the latest version of the Free Edition's download page*
Update: We've had a report that when AVG expires, a link may appear that purports to let you upgrade to the newest, paid version. Be careful. It may take you to Software Pros. There, you'll be charged for "support" for the free versions of various software, including AVG.

Microsoft Security Essentials - I have used this one and found it to be pretty good.*

Uninstaller/Cleanup/Misc Utilities

Ninite - Go here to get a downloader that will install or update many of the programs found here all in one step. Applicable programs are marked with a *
Revo Uninstaller - Helps you uninstall programs that won't otherwise go away.*
Steven Gould's Cleanup
Piriform's CCleaner*
Dial-A-Fix Note: This program doesn't work with Vista as of version It's good for things like making Windows Update work again and for cleaning up settings after a malware removal session. If in doubt, check all the boxes because running these fixes won't break anything.
D7 at MajorGeeks This tool is good for doing a lot of things in an automated fashion.

How to use these (Brief)

1. Go to Ninite and click the check boxes to choose the following items:
  • Everything in the Runtimes category
  • In the Documents category, Reader and/or Foxit Reader
  • In the Security category, Malwarebytes, Super (which is SuperAntispyware, I don't know why they changed the name), and either AVG or Microsoft Security Essentials (but not both)
  • Under Utilities, Auslogics, CCleaner (unless you want to download Cleanup instead)
Scroll all the way to the bottom of the Ninite screen and click Get Installer. On the page that follows, click Download Installer. Save (don't run) that program on your Desktop. You'll need it again to update the programs you've chosen. It's a fast download. When it's done, run it and wait for it to complete.

2. Download Trojan Remover.
3. Download Cleanup if you chose not to get CCleaner.
4. Run whichever cleanup utility you chose and let it at least clean up the temp files and the browser cache. This will make the scans that follow run faster.
5. Run Trojan Remover because some malware won't allow you to install or run MalwareBytes or SuperAntiSpyware. Let it remove anything it wants to remove and if it wants to reboot, let it.
6. Go to ESET Nod32 Online Scanner. Click Download. Check the box next to YES, I accept the terms of use. then click Start. A new window will open and it'll want to install an Active-X control. This control is OK, so allow it to install. The exact process for this depends on your browser, so I can't give details, but when it's done, it'll present a button in the window that'll be labeled Start. Click it to start the scan. Let it remove anything it finds.
7. Run Malwarebytes' Quick Scan and SuperAntispyware's Full Scan and allow them to remove whatever they find.

You may choose to run Malwarebytes' scan, and then SuperAntispyware's scan sequentially. If so, I would run Malwarebytes first because its scan tends to be shorter. If anything is found, each program will probably want to restart your computer after the scan completes.

You may also choose to run the Malwarebytes and SuperAntispyware scans simultaneously; that is how I usually do it. Be aware that this will increase the amount of time it takes for each individual scan to complete, and it will result in double detection of most malicious software. You'll also want to wait until both scans complete before allowing the computer to be restarted.

If anything remains, download and run first Smitfraudfix, then Combofix.

Hope it helps,

DAConsult Forums © 2007-2010 David Anderson Consulting Go To Top Of Page
This page was generated in 0.03 seconds. Powered By: Snitz Forums 2000 Version 3.4.06