AntiSMS antivirus utility now removes Adware
Description
Utility AntiSMS from simplix created to fight against Trojans, adware, winlock (banners extortionists), worms, spyware and other malware.
The utility checks Windows startup and disables recordings to files that are not digitally signed and are not contained in the clean database (this database is inside the utility and is updated from time to time with the release of new versions of AntiSMS). If the utility disables something necessary (for the user) in the autorun, then it is easy to fix it with msconfig.
But, now there are quite a few malicious programs that have a valid digital signature. In fact, these are “legal trojans” that, through deception and cunning, force the user to install themselves on the computer.
For example, now the Baidu craft has become very popular, there are a lot of topics on the virusinfo.info site forum asking for help to remove this program. The new version of the AntiSMS utility contains a blacklist of certificates by which malicious files are signed. The utility disables them from startup.
The above describes the functions of the utility that are associated with disabling malware in autorun, but AntiSMS contains many more useful functions aimed at removing traces of malware that can be read on the developer's website .
Using the utility
There are two ways to treat a computer using AntiSMS:
Using the utility is very simple, so you can install friends on your computers who sometimes call for help to defeat another computer attack. Yes, telephone treatment will be shorter and more effective.
For example, we infect the system with several Adware, including Baida.
Using the autoruns utility, we analyze autorun.
In the drivers tab, it is easier to select harmless entries: The
entry in the AppInit tab also appeared:
Selective verification of new files from autorun:
OptProLauncher.exe
3284634e-191a-4c1c-b36d-3f1889bcb9b7-5.exe
webinstrNewH.sys
I cure the system using AntiSMS.
The treatment took me about 5 minutes, even less.
Result:
Analysis of files remaining at startup, which did not exist before the system was infected:
ProtectService.exe is clean.
drvagent32.sys is clean.
After viewing the AntiSMS log, I found that the utility also restored the shortcuts. Malware often modifies browser shortcuts to open left links. This is another plus of AntiSMS.
After treatment, it is advisable to see the extensions in browsers, the malware could register their own - you need to disable suspicious ones. In my case, such an extension was blocked by the browser.
Tip: it is good to combine the treatment with AntiSMS with a computer scan using some well-known anti-virus scanner, for example, “Dr.Web CureIt!”. Let him check the system for threats he knows. Just in case.
If the AntiSMS utility turned out to be useful, then you can support the developer of this free program. On the website www.AntiSMS.com there is the necessary data.
Utility AntiSMS from simplix created to fight against Trojans, adware, winlock (banners extortionists), worms, spyware and other malware.
The utility checks Windows startup and disables recordings to files that are not digitally signed and are not contained in the clean database (this database is inside the utility and is updated from time to time with the release of new versions of AntiSMS). If the utility disables something necessary (for the user) in the autorun, then it is easy to fix it with msconfig.
But, now there are quite a few malicious programs that have a valid digital signature. In fact, these are “legal trojans” that, through deception and cunning, force the user to install themselves on the computer.
For example, now the Baidu craft has become very popular, there are a lot of topics on the virusinfo.info site forum asking for help to remove this program. The new version of the AntiSMS utility contains a blacklist of certificates by which malicious files are signed. The utility disables them from startup.
If you come across a malware with a signature that the AntiSMS utility does not know, then send the malicious body to the developer of the AntiSMS utility.
The above describes the functions of the utility that are associated with disabling malware in autorun, but AntiSMS contains many more useful functions aimed at removing traces of malware that can be read on the developer's website .
Using the utility
There are two ways to treat a computer using AntiSMS:
Using the utility is very simple, so you can install friends on your computers who sometimes call for help to defeat another computer attack. Yes, telephone treatment will be shorter and more effective.
For example, we infect the system with several Adware, including Baida.
Using the autoruns utility, we analyze autorun.
In the drivers tab, it is easier to select harmless entries: The
entry in the AppInit tab also appeared:
Selective verification of new files from autorun:
OptProLauncher.exe
3284634e-191a-4c1c-b36d-3f1889bcb9b7-5.exe
webinstrNewH.sys
I cure the system using AntiSMS.
The treatment took me about 5 minutes, even less.
Result:
Analysis of files remaining at startup, which did not exist before the system was infected:
ProtectService.exe is clean.
drvagent32.sys is clean.
After viewing the AntiSMS log, I found that the utility also restored the shortcuts. Malware often modifies browser shortcuts to open left links. This is another plus of AntiSMS.
Fixed shortcut C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Internet Explorer.lnk
Fixed shortcut C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Accessories \ System Tools \ Internet Explorer (No Add-ons) .lnk
Shortcut C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Internet Explorer \ Quick Launch \ Launch Internet Explorer Browser.lnk
Fixed Shortcut C: \ Users \ user \ AppData \ Roaming \ Microsoft \ Internet Explorer \ Quick Launch \ User Pinned \ TaskBar \ Internet Explorer.lnk
After treatment, it is advisable to see the extensions in browsers, the malware could register their own - you need to disable suspicious ones. In my case, such an extension was blocked by the browser.
Tip: it is good to combine the treatment with AntiSMS with a computer scan using some well-known anti-virus scanner, for example, “Dr.Web CureIt!”. Let him check the system for threats he knows. Just in case.
If the AntiSMS utility turned out to be useful, then you can support the developer of this free program. On the website www.AntiSMS.com there is the necessary data.