Malware Removal Blog

*******************************************************************************************************************************************************************

*******************************************************************************************************************************************************************

Statement From the Editor

These removal tools and removal guides are posted as Self-Help Guides. This blog and Editor receives NO monetary gain from this blog and desires none, now or ever.  Times are hard for everyone, and this is my way of giving something back. May not be much, but at least I tried. 

******************************************************************************************************************************************************************

Malwarebytes Anti-Malware is not meant to be a replacement for antivirus software. Malwarebytes Anti-Malware is a complementary but essential program which detects and removes zero-day malware and “Malware in the Wild“. This includes malicious programs and files, such as viruses, worms, trojans, rootkits, dialers, spyware, and rogue applications that many antivirus programs do not detect or cannot fully remove. It is important to note that Malwarebytes Anti-Malware works well and should run alongside antivirus software without conflicts. In some rare instances, exclusions may need to be set for your specific antivirus product to achieve the best possible system performance.

*******************************************************************************************************************

Home Page

Forum

Facebook

Twitter

Blog

Malwarebytes Free Malwarebytes Pro

Android

Anti-Rootkit

Anti-Exploit

Chameleon

StartUpLite

FileASSASSIN

RegASSASSIN

Secure Backup

Youtube

FAQ 1

FAQ 2

KnowledgeBase

Tutorial

Sign up for News Consumer Support
*******************************************************************************************************************
Malwarebytes’ Wallpaper
  • Software Requirements:
    • All editions of Windows XP, Vista, 7 & 8 (both 32 bit and 64 bit)
    • Windows XP Service Pack 2 or Later
    • Internet Explorer 6 or newer
  • Hardware Requirements:
    • 256MB of RAM (512MB or more recommended)
    • 800MHz CPU or faster
    • 20MB of free hard disk space
    • 800×600 or greater screen resolution
    • Active internet connection for database and product updates

Destroying Malware “One  at a Time 

Meet Malwarebytes Anti-Rootkit

Malwarebytes Antimalware for Android

********************************************************************************************************************************

Detects and Removes Spyware, Adware and Removes Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits, Rogue Security Products and many other types of threats.SUPERAntiSpyware is light on System Resources and won’t slow down your computer like many other anti-spyware products. Won’t conflict with your existing anti-spyware or anti-virus solution!  SUPERAntiSpyware is also very compatable with Malwarebytes’ which makes them the perfect team.

SUPERAntiSpyware Online Safe Scan is free for personal use.The scanner does NOT install anything on your   Start Menu or Program Files and does Not  need to be uninstalled.  This can be used just to check to make sure your computer is not infected or if you do not have a very big hard drive. You could use this at least once a week just to make sure.

SUPERAntiSpyware Portable Scan is free for personal use. The scanner does NOT install anything on your Start Menu or Program Files and does NOT need to be uninstalled.  Simply download to a clean computer and then Copy the Scanner to a USB/CD or other media to use on the infected system.

SUPERAntiSpyware Tutorial         Customer Service and Product Support          SUPERAntiSpyware Forum

*******************************************************************************************************************************************************************

Ccleaner is a freeware system optimization, privacy and cleaning tool.  It removes unused files from your system – allowing Windows to run faster and freeing up valuable hard disk space.

CCleaner - Freeware Windows Optimization

Take the Tour<<<>>>Screenshots

Ccleaner Documentation

*******************************************************************************************************************************************************************

Editors Choice!

Avast Online Scanner          Avast Tutorial          Avast Support          avast!Webforum          Avast Blog

Avast for Android

Avast for Mac’s

*******************************************************************************************************************************************************************

Sandboxie 

Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

Benefits of the Isolated Sandbox

  • Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.  Runs all browsers inside the Sandbox(Whichever is set to default)
  • Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows.
  • Secure E-mail: Viruses and other malicious software that might be hiding in your email can’t break out of the sandbox and can’t infect your real system.
  • Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

Download Sandboxie now and give it a try!

NOTE:Download from Sandboxie.com

Video Reviews

*******************************************************************************************************************************************************************


Return to Top

Posted January 16, 2010 by Wide Glide in Home

Known PUP ( Potentially Unwanted Program) List

BrowserDefender

BrowserProtect

Ask Toolbar

Bablyon

BrowserManager

Claro

Isearch

Conduit

Coupon Printer for Win.

Crossrider

Facemoods

Funmoods

Ilivid

Incredibar

MyWebSearch

Searchqu

Web Assistant

Qvo6

CouponDropDown

22Find

Search.Certified

Vgrabber

Sweetpacks

SweetIM

Secure Trusted

WebCake Deals & Ad’s

Savepath Deals

OtShot

Tuvaro

Safe Search

Ad.yieldmanager

Golsearch

Delta_Homes

Delta Toolbar

Iminent

Whitesmoke

Adlyrics

PCSpeedUp

Boxore

Speedupmypc

Strongvault

Dealcabby

Infoadams

Translategenius

BuenoSearch

MyBrowserbar

Spigot

Dealio

MyPcBackup

Search.ueep

Nattly Search

OpenCandy

Quone8

Defaulttab

JfileManager 7

SeverWeatherAlerts

Softtango

Rocketfuel Installer

Start Page Search

215Apps

Bandoo Media

Bit89

Cartwheel

Genieo

IAC Search & Media

Inbox.com

Mindspark Interactive

Monterra Inc.

Moshe Caspi

Perion Network Ltd.

Resoft Ltd.

Somoto Ltd

Visicom Media Inc.

Zugo Ltd.

FinallyFast

PC Powerspeed

Wajam

1ClickDownload

Superfish

InternetCorkBoard

Yontoo

Aartemis

JollyWallet

Ominent

MySearchDial

Yahoo Toolbar

Google Toolbar

Bing Toolbar

ScorpinSaver

En.V9

NationZoom

BuzzSearch

Outobox

VPlay

SlowPCFighter

InstallBrain

Eazel

Level Quality Watcher

FindWideSearch

Tarma Installer

FreeSoftToday

Search.yac.mx

BubbleDock

Hao123

MyInfotopia

 Outfox TV  InfoSpace  Awesomehp.com

Posted April 14, 2014 by Wide Glide in Uncategorized

Yahoo Mail hacked,attackers gain unauthorized access to its accounts

by paganinip on January 31st, 2014

YahooMailLogo

The company has issued a security advisory to warn users that Yahoo Mail Service was hacked, hackers have stolen credentials of its email customers.

Yahoo Mail! is considered one of the largest email service providers, millions of people use is every day, it’s clear that it represents an attractive target for cyber criminals. The day is come, the company issued an official security update for its email users warning of a data breach avoiding to provide the extension of the incident in terms of number of users’ account compromised:

we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts’, user names and passwords of its email customers have been stolen and are used to access multiple accounts.” reports the update

The hackers have compromised a third-party database without penetrating the servers used for the Yahoo Mail service.

We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.

Yahoo Mail security update

This is the second time that Yahoo is seriously hacked, more HERE

Posted January 31, 2014 by Wide Glide in News & Alerts, Updates & Alerts

2013 in review

The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 8,300 times in 2013. If it were a concert at Sydney Opera House, it would take about 3 sold-out performances for that many people to see it.

Click here to see the complete report.

Posted December 31, 2013 by Wide Glide in Uncategorized

Malwarebytes’ Anti-Rootkit Tutorial

 

Did you know the term ‘malware’ refers to more than just viruses and worms? Did you know that there are types of malware that infect your system at so deep a level that the operating system doesn’t even realize they are there? Did you know that some malware could make the files, services and running processes associated with its operations invisible? This kind of malware is known as a rootkit and it is a serious problem in today’s computer security world.  Many antivirus solutions have a hard time even detecting rootkit activity, let alone removing it.  To answer the call in the fight against rootkits, Malwarebytes has taken up arms and introduced a new soldier in the cyber-war. Meet Malwarebytes Anti-Rootkit.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

QUOTE:

Disclaimer

This is beta software, for consumer and approved partner use only, use at your own risk, and by proceeding you are agreeing
to the terms of our license agreement, enclosed as “License.rtf”.

All Beta versions are non-final products. Malwarebytes does not guarantee the absence of errors which might lead to interruption
in normal computer operations or data loss. Precautions should be taken. The types of infections targeted by Malwarebytes Anti-Rootkit can be very difficult to remove. Please be sure you have any valued data backed up before proceeding, just as a precaution.

While we encourage and invite participation, Malwarebytes Anti-Rootkit BETA users run the tool at their own risk. Malwarebytes bears
no responsibility for issues that may arise during use of this tool, however all reasonable efforts will be made by Malwarebytes to
assist in recovery should the need arise.

If you continue experiencing problems or MBAR fails to completely detect and remove a rootkit from your system
then please contact us by filling out the form HERE

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAR has the ability to target rootkits that belong to the following families or that use the following rootkit technologies:

  • Kernel mode drivers hiding themselves, like TDL1, TDL2/TDSS, MaxSS, Srizbi, Necurs, Cutwail, etc.
  • Kernel mode driver patchers/infectors, embedding malicious code into core files of an Operating System, such as TDL3, ZeroAccess, Rloader, etc.
  • Master Boot Record infectors such as TDL4, Mebroot/Sinowal, MoastBoot, Yurn, Pihar, etc.
  • Volume Boot Record/OS Bootstrap infectors like Cidox
  • Disk Partition table infectors like SST/Alureon
  • User mode patchers/infectors like ZeroAccess.

 

3 Steps prior to using any Rootkit tool:

No.1 Create a New Restore point(Mbar also create’s a new restore point, but better safe than sorry)
No.2 Back-up your registry with EURNT
No.3 Do a normal back-up of your system

Download Malwarebytes Anti-Rootkit    HERE

No.1 Download the ZIP file containing the MBAR files from the link above.

No.2 Save the ZIP file and double click it to open it.

No.3 Extract/Copy the “mbar” to your hard drive; you could put it on the Desktop or just in your root drive like “C:\” it does not
really matter.

No. 4 I recommend you check out the “ReadMe.rtf” file for information on usage instructions and advanced command line parameters
available for the tool in addition to the End-user License Agreement (EULA). It is a very useful resource for using this tool or
if you want to learn even more about what it is capable of.

No.5 To use Malwarebytes Anti-Rootkit simply click on the “mbar.exe” icon. MBAR does not require installation like
Malwarebytes Anti-Malware does and can be used as soon as the files are extracted. If you are using Windows 7 or above,
make sure to allow mbar.exe to use administrative privileges when prompted.

No. 6 Once executed, MBAR will present you with a graphic interface and an introduction about the product and informs you
about the licensing of the tool. To continue, press “Next”.

Mbar 1

No. 7 Next, you are presented with the “Update” interface, which allows you to download the most current definitions from our
Anti-Malware servers to be used to scan the system for rootkits. Click “Update” to download the newest database then click “Next
once it completes the update.

Mbar 2

No. 8 You should now be at the “Scan System” interface; this is where you will allow MBAR to search your system for rootkit activity.
To perform the most complete scan, make sure that the “Scan Targets” are set to all possible options (Drivers/Sectors/System).
Then click “Scan” when you are ready.

Mbar 3

No. 9 Once the scan is complete, MBAR will inform you if it has detected any malware and will advise to you to clean your system.
It also has a “Create Restore Point” option that we highly recommend you select in case something goes wrong with the removal of
the rootkits.

MBAR 6

No. 10 After the restore point is created and the rootkit cleanup is scheduled, you will receive a prompt asking for a reboot of your
system. Select “yes” to reboot your system and clean the rootkits.

MBAR 7

No. 11 After your reboot, you should run MBAR again to ensure that all infections have been removed from the system.

Mbar 4

No. 12 Once you are rootkit free, in order to ensure that any damage done by removing the rootkit is repaired,
you should run the “fixdamage.exe” application, located in the same MBAR directory as “mbar.exe

No. 13 Clicking on “fixdamage.exe” will open the console application and request confirmation to apply any fixes
to the operating system. Input “Y” to being the fix.

Mbar 5

No. 14  After the fix is complete, it will request you to restart the system again.

No. 15   Run a Quick Scan with Mbam to remove any additional malware

Posted December 17, 2012 by Wide Glide in Malwarebytes' Antimalware

BitDefender 2012

 

BitDefender 2012

Setting Exclusions for Malwarebytes’ Anti-Malware in Bitdefender 2012 Products:

  • Open Bitdefender
  • Click Settings
  • Click on Antivirus on the left, then click on the Exclusions near the top
  • Click on the toggle bar for the optionActivate exclusions for files so that it switches from OFF to ON
  • Click Excluded files and folders below the aforementioned toggle bar to add a new exclusion
  • Click Add then on the new window click Browse
  • Click the + next to My Computer or Computer
  • Click the + next to C:
  • Click the + next to Program Files Note: In 64 bit Windows versions this will be C:\Program Files (x86)
  • Click once on Malwarebytes’ Anti-Malware and click on OK
  • Repeat steps 6-8 and then click the + next to Windows
  • Click the + next to System32
  • Click the + next to drivers
  • Click once on mbam.sys and click on OK
  • Do the same for the following file:
  • Click OK
  • Click Firewall on the left
  • Click Advanced near the top
  • Click Application Rules
  • Click Add Rule
  • At the top, click Browse
  • Using steps 7-9, navigate to the Malwarebytes’ Anti-Malware folder and select the following files and click Open:
    • mbam.exe
  • Put a checkmark next to the following network types:
    • Trusted
    • Home/Office
    • Public
  • Click OK
  • Repeat steps 20-24 for the following files:
    • mbamgui.exe
    • mbamservice.exe
  • Ensure that all three rules are now listed, then click Close
  • To close Bitdefender, click the minus button at the upper right hand corner

Setting Exclusions for Bitdefender 2012 Products in Malwarebytes’ Anti-Malware:

  • Open Malwarebytes’ Anti-Malware and click on the Ignore List tab
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on Bitdefender and click OK
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files\Common Files and click once on Bitdefender and click OK
  • Close Malwarebytes’ Anti-Malware

Posted December 12, 2012 by Wide Glide in Malwarebytes' Antimalware

McAfee Total Protection 2011

McAfee Total Protection 2011

Set Exclusions for Malwarebytes’ Anti-Malware in McAfee Total Protection 2011:

  • Open McAfee and click on Navigation in the upper right hand corner.
  • Click on Firewall located under Features.
  • Click on Program Permissions and wait for the list to populate.
  • Click the Add button and then click browser.
  • Add the following files to the firewall with full access:
  • Note: On 64 bit Windows versions these files will be located in C:\Program Files (x86)\Malwarebytes’ Anti-Malware
    • C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe
    • C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe
  • Click OK
  • Close the McAfee main window and restart your computer.

Set Exclusions for McAfee Total Protection 2011 in Malwarebytes’ Anti-Malware:

  • Open Malwarebytes’ Anti-Malware and click on the Ignore List tab
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on McAfee and click OK.
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on McAfee.com and click OK.
  • Click on the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files\Common Files and click once on McAfee and click OK.
    Note: For 64 bit Windows versions these folders will be in C:\Program Files (x86)
  • Close Malwarebytes’ Anti-Malware

Posted December 12, 2012 by Wide Glide in Malwarebytes' Antimalware

Trend Micro Titanium Max 3.1.1109

 

Trend Micro Titanium Max 3.1.1109

Set Exclusions for Malwarebytes’ Anti-Malware in Trend Micro Titanium Max 3.1.1109:

  • Open Trend Micro and click on the Settings button at the bottom of the main menu (looks like a small cog/wheel).
  • Click on Exception List from the list on the side panel, and then select Programs/Folders.
  • Add the following items.
    • C:\Program Files\Malwarebytes’ Anti-Malware Note: On 64 bit Windows versions this will be C:\Program Files (x86)\Malwarebytes’ Anti-Malware
    • C:\Windows\System 32\Drivers\mbam.sys
  • Once that is complete, click the apply button.
  • Now click on websites and click the add button and then add the Malwarebytes update domain.
    • data-cdn.mbamupdates.org
  • Click the Apply button and then Restart the computer.

Set Exclusions for Trend Micro Titanium Max 3.1.1109 in Malwarebytes’ Anti-Malware:

  • Open Malwarebytes’ Anti-Malware and click on the Ignore List tab
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on Trend Micro and click OK.
    Note: For 64 bit Windows versions this will be C:\Program Files (x86)
  • Close Malwarebytes’ Anti-Malware

Posted December 12, 2012 by Wide Glide in Malwarebytes' Antimalware

All Things Equal

A fine WordPress.com site

Everything Anti-Malware!

Reviews, Step-by-Step Guides,Toolkits and News

Site Home

Malware Removal

Malware Removal

Security Garden

Malware Removal

S!Ri.URZ

Malware Removal

Malware Removal

Malwarebytes Unpacked

The Security Blog From Malwarebytes

Metallica's blog

About malware

Malware Removal

GT500.org Blog

Malware Removal

Follow

Get every new post delivered to your Inbox.