Archive for the ‘Spyware tools’ Category

Free Protection From Crytolocker Ransomware

November 20, 2013

This tool will not prevent Cryptolocker from infecting your system, but it will prevent the malware from encrypting your files.  It is from the makers of Hitman Pro, it is available here:

http://www.surfright.nl/en/alert/cryptoguard

Is Your PC Infected with DNS Changing Malware?

May 3, 2012

Use this web site to find out.  http://www.dcwg.org/

If your PC is infected with this malware you will most likely lose Internet access after July 9th.

Emsisoft Emergency Kit

January 2, 2012

http://www.emsisoft.com/en/software/eek/

Novirusthanks.org freeware

December 19, 2011

http://www.novirusthanks.org/download/

Dealing with Malware that Hides Programs the Start Menu and in Windows Explorer

October 24, 2011

I recently had a client’s PC get infected by some malware that removed all of their programs from the start menu as well as making all files invisible in Windows Explorer.

I ran almost every antimalware program I could think of trying to remove this infection.  I even went all the way back to Spybot Search and Destroy,  Surprisingly, Spybot did find things that the other scanners did not.  I will not be so quick to discount it as too old in the future.

Malwarebytes would not install on this system, I thought the ma;ware was preventing installation.  As it turns out, I needed to install with the “Run as administrator” option.  This option did not exist on the XP system I was working on.  Further research indicated that the option had to be enabled.  I found a Microsoft FixIt tool here, http://support.microsoft.com/kb/294676, that will do the job.

Also, I found another useful tool called Unhide.exe that will reverse the changes made by the malware that cause the start menu and Windows Explorer items to disappear.  Unhide can be downloaded from here, http://download.bleepingcomputer.com/grinler/unhide.exe

The original links can be found here:

http://forums.malwarebytes.org/index.php?showtopic=85715&st=0&p=434006&#entry434006

Bit Defender Top 100 Malware Removal Tool

August 6, 2011

http://www.bitdefender.com/news/new-bitdefender-removal-tools-for-top-100-malware-threats-2153.html

Manually downloading Malwarebytes’ Anti-Malware definitions to Update Malwarebytes Offline

June 22, 2011

http://techdows.com/2010/09/manually-downloading-malwarebytes-anti-malware-definitions-to-update-malwarebytes-offline.html

Just in case the page is no longer available.

You can know the latest database version of MBAM definitions from here .

I.Recommended method to download Malwarebytes definitions

1.First you need to update definitions for MBAM Online on another computer by hitting Update tab and click Check for Updates in MBAM.

2.You can find the updated definitions /rules installed here then

  • For  Windows XP and 2000
    “C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\rules.ref”
  • For  Windows Vista and Windows 7:
    “C:\ProgramData\Malwarebytes\Malwarebytes’ Anti-Malware\rules.ref”

3.Copy the rules file in Flash Drive or to CD /DVD and copy it to in infected Computer at above mentioned path in Windows considering Malwarebytes already installed.

Now Malwarebytes’ anti-malware definitions are updated, you can check by opening and confirming the database version shown under Update in MBAM.

II.Second method to download definition updates for MBAM manually

You can download MBAM signature updates and install in your Computer.

But it always falls behind the definitions update (rules file) we grabbed from updating the program.

How To Remove Malware and Thwart Its Dirtiest Tricks

June 22, 2011

http://www.tested.com/news/how-to-remove-malware-and-thwart-its-dirtiest-tricks/2451/

Just in case the original page is no longer online.

It’s every Windows user’s worst nightmare. You boot up your machine to play some games do some work, but instead of seeing your usual desktop, you get a hideous pop-up claiming that viruses and hardware errors are destroying your computer. The warning is completely bogus, of course, generated by malware that’s trying to scare a credit card number out of you. But the phony program is right about one thing: your system has been infected, and now you have to deal with it. There are lots of genuine malware removers available for free that can help, but even with such noble code on your side it can be tricky to completely undo the damage—modern malware digs into a system like a tick, employing devious tactics to prevent its own removal.

Here’s how to deal with some of the most common infections.

First, a few caveats. Many malware infections can be cleaned out with legit scanning software (Malwarebytes is our current favorite), but unless you format your hard drive and install a fresh copy of Windows, there are no guarantees that the system is completely clean. If you’re comfortable using a computer that’s only been disinfected, check it again a few days later, making sure to update your malware scanner first.

Stop the Spread

It’s a good idea to disconnect your machine’s network connection as soon as you recognize an infection—this ensures that the bad stuff doesn’t spread across your home network, and that it’s not downloading anything worse while you’re trying to remove it. Download your malware scanner and its manual updates onto another computer, then use a USB key to transfer them to the infected machine. (Make sure to format that key before you reuse it afterward, too.)

Get Around a Complete Takeover

Malware often locks you out of your own system, not wanting you to do anything put put in a credit card number. So how do you even install the scanning software, much less run it? In some cases malware only does its dirty work on the account that gets infected, so simply logging out and logging in under a different user name will often get you back to the desktop.

If that doesn’t work, restart the machine into Safe Mode by hitting F8 while it’s booting. From Safe Mode, you should be able to install a malware scanner, run it, and remove enough of the infection to break the lock-out. Once you can get back into your account with a normal boot, repeat the scan and clean process. When that’s coming up clean, reconnect to the Internet and scan once again (some baddies like to hide when the connection is off).

Restore .EXE Associations

That malware doesn’t want you installing anything that could disable it, so it might go so far as to corrupt your .EXE file association—making your system act like it’s never seen an executable before. And often this trick is no simple settings change, either; it’s the result of an altered registry key. Fortunately, you can restore file associations with a little help from some handy .reg files, whether you’re using Windows XP or Windows 7. Grab the ones for .EXE and keep them on hand.

Bring Back the Web

Even once you’ve banished malicious software from your machine, you may find that your web browser seems to think you have no connection. If the malware took the amateur route, it may have simply switched on your browser’s proxy server setting, but left the address blank—you can fix that easily enough by unchecking the option (Every browser organizes its settings a little differently, you may have to hunt around a bit). Be wary if the proxy server address is set to an external IP you don’t recognize, however, since that could indicate that the malware was trying to capture your passwords.

If the browser proxy settings are right and you still can’t load web pages, the malware has likely done some deeper connection corruption. There are a couple of commands that can help you though, both of which are run from a command window.

netsh int ip reset resetlog.txt

This command will reset the Windows TCP/IP settings that the malware messed with. You’ll need to restart after using it. Note that this is a complete reset to the default settings, so any special changes you made could get wiped out as well. If your browser still isn’t working, you can also try:

netsh winsock reset

Another system reset will be in order afterwards, and when the system is back up make sure to restore the connection with:

ipconfig /release

and

ipconfig /renew

Final Thoughts

Malware is constantly evolving new ways to be incredibly annoying, but now you’ve got some basic tools to deal with some common issues. Have any other tips for dealing with malware? Let us know in the comments below!

Microsoft Standalone System Sweeper

June 1, 2011

http://connect.microsoft.com/systemsweeper

Microsoft Safety Scanner

April 17, 2011

http://www.microsoft.com/security/scanner/en-us/default.aspx