How to remove viruses, THE GUIDE

[yoomanipop]

Hi

 

My First topic here

 

Many of you may encounter viruses on your PC in which your Antivirus may not found. Sometimes having an ANTIMALWARE and Antivirus is not enough. Sometimes we have to get our hands dirty. Here the most common infections consumers face and how to troubleshoot

 

Adware:

 

Ads that popup all of a sudden even though you are on google and display ads. These are the most common infection known as adwares. A usual scan of SuperAntispyware does the trick but if you want to get them out of there. You may want to use ADWCleaner by Xplode. This tool will remove all known ads out of your PC.Just make sure to restart afterwards

 

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Some ads even though you uninstalled them but they still keep poping out , especially the one called ads by la superba. This new type of ads somehow install them with additional change on your Computer. If that is the case you may check your:

 

     DNS: This adware hijacks your DNS settings on ncpa.cpl. Make sure the settings is "obtain DNS automatically" or use Google DNS

 

     Certificates: This is a new thing that adwares creators did, They inject Certificates on your certificate manager (certmgr.msc on run box) Make sure to      look for these on your "Trusted Root Certification Authorities"

 

cloudguard.me (There are other more but you can use google to check if those certificates are supposed to be there. WIll update this)

 

Ransomware:

 

This is gonna be a tough one, especially the one that is call Cryptowall. What it does it encrypts your file with a private and public key and you have to pay in order for your files to be unlocked. If you are a Vista OS and above. There might be a chance to retrieve those using Shadow Explorer or Restore to previous version. This the first type of ransomeware that uses encryption to lock files, Back then there was the FBI virus where it locks only the PC but only a reboot to safemode and you can remove it. This is more a prevention tool but it will keep your files safe, you can use CryptoPrevent or CryptoLocker tripwire.

 

Redirections:

 

Remember when you are doing a  google search about The Avengers Comics and all of a sudden when you click the link you are redirected to a sweepstakes websites where you can win a Iphone. These are somehow still related to adware but this time it is not the adware that is causing but a Rootkit on the HDD. A Rootkit virus attaches itself to the volume boot sector. WARNING, IF your antivirus or antimalware scan detects a volume boot record, there is a chance that your computer won't boot to desktop anymore if you continue the scan. For this we use one tool alone. TDSSKiller by Kaspersky. When the alureon.e virus came out, Kaspersky was the first one to release a tool that safely remove the rootkit out of the system without harming the boot record. So if you encounter a rootkit, use TDSSKiller First.

 

Powliks:

 

You notice that your PC is slow but you remember you have a 6thgen i7 with a gtx980 with 32gb of ram then you notice your CPU usage in Task Manager is High. You may want to run ESET Powliks Remover first before doing any tuneups on your PC. The high CPU is an indication that it is doing something big on the background, usually if you let this untouched, you may get the Cryptowall ransomeware in the end in which it will cause more headache.

 

 

That's all I can think about right now but if you have Virus concerns, and I saw it here. Expect me to respond

 

 

Thanks

[thatguyyouknow75]

no guides for rats or keyloggers?

[JerkyMcDilerino]

Hi

 

My First topic here

 

Many of you may encounter viruses on your PC in which your Antivirus may not found. Sometimes having an ANTIMALWARE and Antivirus is not enough. Sometimes we have to get our hands dirty. Here the most common infections consumers face and how to troubleshoot

 

Adware:

 

Ads that popup all of a sudden even though you are on google and display ads. These are the most common infection known as adwares. A usual scan of SuperAntispyware does the trick but if you want to get them out of there. You may want to use ADWCleaner by Xplode. This tool will remove all known ads out of your PC.Just make sure to restart afterwards

 

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Some ads even though you uninstalled them but they still keep poping out , especially the one called ads by la superba. This new type of ads somehow install them with additional change on your Computer. If that is the case you may check your:

 

     DNS: This adware hijacks your DNS settings on ncpa.cpl. Make sure the settings is "obtain DNS automatically" or use Google DNS

 

     Certificates: This is a new thing that adwares creators did, They inject Certificates on your certificate manager (certmgr.msc on run box) Make sure to      look for these on your "Trusted Root Certification Authorities"

 

cloudguard.me (There are other more but you can use google to check if those certificates are supposed to be there. WIll update this)

 

Ransomware:

 

This is gonna be a tough one, especially the one that is call Cryptowall. What it does it encrypts your file with a private and public key and you have to pay in order for your files to be unlocked. If you are a Vista OS and above. There might be a chance to retrieve those using Shadow Explorer or Restore to previous version. This the first type of ransomeware that uses encryption to lock files, Back then there was the FBI virus where it locks only the PC but only a reboot to safemode and you can remove it. This is more a prevention tool but it will keep your files safe, you can use CryptoPrevent or CryptoLocker tripwire.

 

Redirections:

 

Remember when you are doing a  google search about The Avengers Comics and all of a sudden when you click the link you are redirected to a sweepstakes websites where you can win a Iphone. These are somehow still related to adware but this time it is not the adware that is causing but a Rootkit on the HDD. A Rootkit virus attaches itself to the volume boot sector. WARNING, IF your antivirus or antimalware scan detects a volume boot record, there is a chance that your computer won't boot to desktop anymore if you continue the scan. For this we use one tool alone. TDSSKiller by Kaspersky. When the alureon.e virus came out, Kaspersky was the first one to release a tool that safely remove the rootkit out of the system without harming the boot record. So if you encounter a rootkit, use TDSSKiller First.

 

Powliks:

 

You notice that your PC is slow but you remember you have a 6thgen i7 with a gtx980 with 32gb of ram then you notice your CPU usage in Task Manager is High. You may want to run ESET Powliks Remover first before doing any tuneups on your PC. The high CPU is an indication that it is doing something big on the background, usually if you let this untouched, you may get the Cryptowall ransomeware in the end in which it will cause more headache.

 

 

That's all I can think about right now but if you have Virus concerns, and I saw it here. Expect me to respond

 

 

Thanks

That is not a complete guide how to remove viruses. If your PC are infected feels free to runs these tools to remove it. Remember these tools will detect all sort of threats not just keylogger along.

 

1) AdwCleaner - Remove adware,PUPs,malware,and browser hijacker.

 

2) Malwarebytes Anti Malware - Remove all sort of threats. 

 

3) Norton Power Eraser - Remove all sort of threats.

 

4) ComboFix - Remove all sort of threats.

 

5) Kaspersky TDSSKiller - Remove rootkits.

 

6) Emsisoft Emergency Kit - Remove all sort of threats.

 

7) ESET Online Scanner - Remove all sort of threats.

 

8) Panda Cloud Cleaner - Remove all sort of threats.

 

9) McAfee Stinger - Remove all sort of threats.

 

10) Comodo Cleaning Essential - Remove all sort of threats.

 

11) Dr.Web CureIt! - Remove all sort of threats.

 

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

If your computer is heavily infected, then your last chance is use antivirus rescue disk to get rid of them so you can runs other tools to wrap things up.

 

Kaspersky Rescue Disk 

 

Bitdefender Rescue Disk

 

Dr.Web LiveDisk

 

ESET Rescue Disk

 

Avast Rescue Disk

[yoomanipop]

Hi

 

Thanks for adding those links, but running them without knowing how to diagnose certain threats will somehow cause more issues rather than getting the threat removed. For example, Powliks virus uses a high CPU usage. Running ESET Online scanner will do no good since it the scanner will not be able to utilized itself since it also requires processing power from the CPU. Also,  I liked it when you added the Rescue disk. Really helpful for other major threats. For Keyloggers, usually an mbam scan can detect it. I am focused more on the threats to consumer PC. 

 

Like I said, if anyone needs help regarding Malware or virus, I will be here

 

 

Thanks