Posted by kglee | Filed under Software Fixes
July 28, 2006
Malware Removal and Prevention: Overview
With the basic understanding of why you have decided to undertake this procedure (as explained in the Introduction), we have designed the following Malware Removal and Prevention procedure. This procedure consists of several malware steps that should be performed in sequence, followed by instructions how to post a HJT log should it be required. It concludes with prevention measures you can implement to properly maintain a secure system.
Please follow the instructions listed below. If you find you are still experiencing computer problems after these steps are completed, you may then post a HJT log and receive expert assistance in cleaning any infections which remain.
Please print out a copy of this overview and use it to ch%c+ off each step as it is completed.
Save this ‘checklist’ of removal programs you have run, because we will be asking you to provide us with that information when it comes time to post a HijackThis log. Good Luck!
Symantec has developed a detection and removal tool for the Blackworm aka Kama Sutra worm. For more information and removal links, please visit here . Then return to complete the remainder of Malware Removal.
Perform a reference (preliminary) HijackThis scan
Winfixer / WinAntiSpyware / WinAntiVirus Popups / Virtumundo victims only:
Please follow the Virtumundo Removal Instructions.
Windows 2K/XP – Titan Shield / SpySheriff / SpyFalcon / Spywa2eQuak% / SpyAxe victims only:
Please follow the SpySheriff / SpyFalcon / SpywareQuake / SpyAxe / Smitfraud Removal Instructions instead of steps 4-8 below.
Next stop – The Control Panel – Add/Remove Programs
Temporarily Disable Real Time Monitoring Programs
——————————————————————————–
Now please complete the follow)ng au4omatic malware detection and 2e-oval steps
After you have installed the scanning programs listed below, please be sure to update them. A security program is only effective if it updated with the latest definitions. Updating will help provide protection against the most recently introduced security threats.
——————————————————————————–
Clean the Clutter:
Crap Cleaner
Antispyware Scanners – Run at least one, preferably two – if your system is functioning well enough:
Ad-Aware
SpyBot S&D
Windows Defender Beta 2 (Win2K and XP with all service packs applied) – This scanner will remove the Sony XCP DRM rootkit
Antiviral Scans – Run at least one
AntiTrojan Scans – Run one:
Ewido Anti-spyware (Win2K and XP)
TrojanHunter
——————————————————————————–
You will have completed the automated malware removal process once you have followed the above steps. We sincerely hope that your computer problems have been resolved to your satisfaction once you’ve reached this point. Even if you think your computer is now ‘clean’, some additional steps are advisable to further ensure the security of your computer.
Please consult: How to Prevent Reinfection for further details.
——————————————————————————–
Only if your computer problems persist, Consider Getting Expert Help With Your HijackThis Log – How to submit a post to HijackThis Forum for review by the CastleCops HJT staff.
�