AntiSMS anti-virus utility now removes Adware
Description
The simplix AntiSMS utility is designed to combat trojans, adware, winlock (extortion banners), worms, spyware and other malware.
The utility checks the Windows autorun and disables recordings on files that are not digitally signed and are not contained in the clean database (this database is inside the utility and is updated from time to time with the release of new versions of AntiSMS). If the utility disables something needed (by the user) in autorun, this can be easily fixed with the help of msconfig.
')
But, now there are quite a lot of malicious programs that have a valid digital signature. In fact, these are “legal Trojans”, which, by means of deceit and cunning, force the user to install themselves on a computer.
For example, now Baidu (Baidu) has been widely used, there are quite a few topics on the virusinfo.info site forum asking for help to remove this program.
The new version of the AntiSMS utility contains a black list of certificates that sign malicious files. The utility disables them from startup.
The above functions of the utility, which are associated with disabling malware in autorun, are described above, but AntiSMS contains many more useful functions aimed at removing traces of malware that can be found on the developer’s website .
Use of the utility
There are two ways to treat a computer with AntiSMS:
It is very easy to use the utility, so you can install it on friends' computers, which sometimes call asking for help to defeat the next computer attack. Yes, treatment by phone will be shorter and more effective.
For example, we infect a system with several Adware, including Canoe.
Using the autoruns utility, we analyze autorun.
In the drivers tab, it is easier to select non-harmful entries:
The same entry appeared in the AppInit tab:
Selective verification of new files from autorun:
OptProLauncher.exe
3284634e-191a-4c1c-b36d-3f1889bcb9b7-5.exe
webinstrNewH.sys
I treat the system using AntiSMS.
The treatment took me 5 minutes, even less.
Result:
Analysis of files remaining in autoloading that were not there before system infection:
ProtectService.exe - clean.
drvagent32.sys is clean.
After viewing the AntiSMS log, I found that the utility also restored the shortcuts. Malicious programs often modify browser shortcuts to open left links. This is another plus AntiSMS.
After treatment, it is advisable to look at the extensions in browsers, malware could register its own - you need to disable suspicious ones In my case, this extension was blocked by the browser.
Advice: it is good to combine AntiSMS treatment with a computer scan with a well-known anti-virus scanner, for example, “Dr.Web CureIt!”. Let him check the system for threats known to him. Just in case.
If the AntiSMS utility was useful, then you can support the developer of this free program. The site www.AntiSMS.com has the necessary data.
The simplix AntiSMS utility is designed to combat trojans, adware, winlock (extortion banners), worms, spyware and other malware.
The utility checks the Windows autorun and disables recordings on files that are not digitally signed and are not contained in the clean database (this database is inside the utility and is updated from time to time with the release of new versions of AntiSMS). If the utility disables something needed (by the user) in autorun, this can be easily fixed with the help of msconfig.
')
But, now there are quite a lot of malicious programs that have a valid digital signature. In fact, these are “legal Trojans”, which, by means of deceit and cunning, force the user to install themselves on a computer.
For example, now Baidu (Baidu) has been widely used, there are quite a few topics on the virusinfo.info site forum asking for help to remove this program.
The new version of the AntiSMS utility contains a black list of certificates that sign malicious files. The utility disables them from startup.
If you get a malware with a signature that the AntiSMS utility does not know, then send the malicious body to the developer of the AntiSMS utility.
The above functions of the utility, which are associated with disabling malware in autorun, are described above, but AntiSMS contains many more useful functions aimed at removing traces of malware that can be found on the developer’s website .
Use of the utility
There are two ways to treat a computer with AntiSMS:
It is very easy to use the utility, so you can install it on friends' computers, which sometimes call asking for help to defeat the next computer attack. Yes, treatment by phone will be shorter and more effective.
For example, we infect a system with several Adware, including Canoe.
Using the autoruns utility, we analyze autorun.
In the drivers tab, it is easier to select non-harmful entries:
The same entry appeared in the AppInit tab:
Selective verification of new files from autorun:
OptProLauncher.exe
3284634e-191a-4c1c-b36d-3f1889bcb9b7-5.exe
webinstrNewH.sys
I treat the system using AntiSMS.
The treatment took me 5 minutes, even less.
Result:
Analysis of files remaining in autoloading that were not there before system infection:
ProtectService.exe - clean.
drvagent32.sys is clean.
After viewing the AntiSMS log, I found that the utility also restored the shortcuts. Malicious programs often modify browser shortcuts to open left links. This is another plus AntiSMS.
Fixed C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Internet Explorer.lnk
Fixed C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Accessories \ System Tools \ Internet Explorer (No Add-ons) .lnk
Fixed C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Internet Explorer \ Quick Launch \ Launch Internet Explorer Browser.lnk
Fixed C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Internet Explorer \ Quick Launch \ User Pinned \ TaskBar \ Internet Explorer.lnk
After treatment, it is advisable to look at the extensions in browsers, malware could register its own - you need to disable suspicious ones In my case, this extension was blocked by the browser.
Advice: it is good to combine AntiSMS treatment with a computer scan with a well-known anti-virus scanner, for example, “Dr.Web CureIt!”. Let him check the system for threats known to him. Just in case.
If the AntiSMS utility was useful, then you can support the developer of this free program. The site www.AntiSMS.com has the necessary data.
Source: https://habr.com/ru/post/245431/
All Articles