AntiSMS - fast and effective treatment for blockers

Greetings, friends!

All of us have heard about Trojans-blockers, which stop the operation of a computer before receiving a money transfer to its creators, usually via SMS or payment through the terminal. More experienced users never catch them, but their relatives, acquaintances and customers often and regularly.

I want to introduce you to a small program that is designed to solve the problem of blockers, and moreover - it does this in fully automatic mode. In my opinion, every person should have a disk or a bootable USB flash drive with such a program, because Internet residents always have the chance to pick up a banner blocker, and experienced users will be able to help their neighbors cure their computer in just five minutes.
')
Especially the utility will help sysadmins and engineers involved in setting up client computers. When locked computers bring packs, a quick cure will save you a lot of time and effort. By following the easy instructions, you can effectively remove any blocker, while at the same time correcting a lot of faults in the operating system.

About the program

The program is called AntiSMS and this topic was created in honor of the release of version 2.1 . At the moment, it implemented all the basic ideas, so feel free to recommend it for use in battle.

Basic principles of creating a utility

• Works only from WinPE. In this mode, the Trojans can not interfere with the treatment system.
• Completely free for any purpose. There are no restrictions on use.
• Automatic work. The person who saw the computer for the first time will be able to use it.
• Security. Many checks ensure that the utility does not harm the iron friend.
• Speed ​​and size. She is really very small and fast!

Download the program

Program main page - antisms.simplix.info


Separate program for use in your WinPE
(recommended for advanced users)
Download: AntiSMS 2.1 (130 KB)
Mirrors: rghost , mediafire


Ready boot disk with the program
(recommended to inexperienced users)
Download: Boot disk 2.1 (30 MB)
Mirrors: rghost , mediafire


Utility to write a boot disk to a USB flash drive
Download: AntiSMS USB Installer 1.2 (338 KB)
Mirrors: rghost , mediafire

Note

If you will use the program in your WinPE, copy useful add-ons to restore system files and exclude some scanned files.

Instructions for use

If you are an experienced user:

1. After starting AntiSMS and rebooting into the working system, perform a quick antivirus check.
2. Run msconfig and visually check the startup items and services, if necessary, turn on those that are safe but have been disabled due to the lack of a digital signature.

If you are an inexperienced user:

1. Download a boot disk image and burn it to a disk or USB flash drive.
2. Boot from this disk and run the AntiSMS icon on the desktop.
3. Reboot to a working system and perform a quick antivirus check.
4. Click Start -> Run -> msconfig -> Normal Start -> OK. This will turn the entire autoload back, but without the Trojans. If there are problems again after rebooting, then the antivirus does not detect this trojan yet; in this case, start AntiSMS again and do not execute this item.
5. If the Internet does not work after the virus, run AntiSMS on the production system and reset the network.

Program features

• The program works with any number of hard drives, systems and users, x86 and x64 from WinXP and higher.
• The autorun.inf files in the root of each logical drive are deleted, if they exist.
• In user profiles, executable files are deleted from those folders where they should not be.
• System and user temporary folders are completely cleared.
• All non-standard entries in the hosts file will be commented out.
• Autorun on all devices except the drive will be disabled.
• Critical registry locations (like Shell and Userinit) will be restored.
• All temporary startup keys (like RunOnce and RunOnceEx) will be cleared.
• All system process debuggers in Image File Execution Options will be removed.
• All restrictions (Policies) of users and systems will be removed.
• In the policy of limited use of programs will be set to an unlimited level.
• All unsigned services will be disabled, you can restore via msconfig after the system boots.
• All unsigned files from registry startup will be disabled, you can recover via msconfig.
• Unsigned files in startup folders are disabled, it can be restored via msconfig.
• Unsigned scheduled tasks are renamed to * .bak so that you can recover.
• It is possible to restore network parameters from a working system after they are violated by Trojans.
• The startup parameters of executable files are restored.
• Scripts are removed from autorun of the registry and autorun folders, it can be restored via msconfig.
• In Windows 7, msconfig also adds the time it takes to disable startup items and services.
• For Windows XP x86, boot settings are restored in safe mode.
• For WinXP x86, Vista x86-x64 and Win7 x86-x64, the main system files are restored if they are not signed.
• All known MBR blockers are cured, the backup copy of the infected sector is saved in the Backup folder.
• Implemented the preservation of non-standard MBR, it will allow faster treatment of unknown trojans.
• Implemented a deeper cleaning of the system from malicious actions of Trojans.
• The autorun folders also handle shortcuts, unsigned ones can be restored via msconfig.
• All partitions are recognized correctly, regardless of how their letters are mixed in WinPE.
• The boot disk supports exFAT and contains the latest controller drivers.
• AppInit_DLLs parameter is correctly processed, only unsigned libraries are removed from it.
• Backup copies of files and logs of the program are saved in the% Temp% \ AntiSMS folder.
• Supported database of scanned files of the program Universal Virus Sniffer.

Conclusion

The program has been actively used by many users for three months, but there is no limit to perfection and constructive criticism is only welcome. Not all wishes can be taken into account, since I have my own vision of the development of the utility, and much depends on my free time. And yet, the program has grown to a level at which many innovative ideas have been implemented, and has become a combine for the destruction of blockers. Of course, trojans are better not to be missed, but once caught, let his treatment be quick and pleasant. Good luck to all!

---

The text was prepared by the author of the program simplix , but it was not missed in the sandbox without giving reasons. I like the program, so I publish it at will and take all the responsibility upon myself.
UPD: Good SLY_G shared the invite and now the author of AntiSMS is with us.