Apache |
Date: Thursday, 2012-03-01, 6:45 AM | Message # 1 |
Lieutenant
Group: Clan friends
Xfire username: apachekitten
Messages: 57
Status: Offline |
WARNING: WALL OF TEXT, not strictly relevant but interesting, recommended but not required to use guide.
Greetings, how many of you have been infected over the course of your gaming history? Once? twice? 10 times? more?
After being infected for the umpteenth time, i eventually decided it was worth learning exactly HOW to fight viruses as oppose to simply reformatting. Having a decent knowledge of coding helped immensely as it turns out most viruses are distributed as source code (fun times) to be modified and compiled by an individual to hinder anti-virus programs.
Of course this suffers from one main flaw, the method of attack is often the same, along came heuristics the idea of using a detective like AI for antiviruses. This heuristics AI would seek viruses looking for common attack methods and then follow the clues to the culprit. Neat huh?
Virus 101:
A virus is often NOT malicious, 99% of the time it's spam or spyware, those popups you've been seeing? Not malicious but damn annoying.
The obvious thing to do is to uninstall the program that caused it, with no avail.
This is due to the average virus being packed with other programs. E.g. an install for say xfire could be botched with a virus, when ran it will run xfire, but a virus will also be installed on every run. This is called packing or binding. These viruses are why you see $150 super expensive anti viruses that claim to be amazing, yet frankly do bugger all. Binding is near undetectable if the attacker isn't a moron. This is NOT where you will fight viruses, however common sense is an effective method of preventing this type of infection.
There are other ways for you to be infected, but it's unlikely as frankly packing is the most common. As such this is what we will attempt to be defeating.
Up next: tools
TLDR START HERE
Tool 1: TDSS Killer
When a virus installs itself, if it wants to remain 100% unbeatable, it will install itself as a root kit. Root kits are invulnerable to the attacks of anti-viruses, anti-malware, hell anything. Why? Because a root kit installed itself on ring0, this is effectively making it more powerful than windows, thus windows can't stop it and by extension neither can your anti-virus.
TDSS Killer is made by Kaspersky labs (a VERY good company.) and was originally made to destroy the root kit TDSS, however presently it has become more of a generic up yours to the root kits.
ALWAYS RUN THIS FIRST. IF YOU DO NOT A VIRUS MAY PERSIST DESPITE ANYTHING ELSE YOU USE.
http://support.kaspersky.com/faq/?qid=208283363
Download, run delete. That's all there is to it. If your using emulation software you may see a false positive on it as emulation software works on the same principle as root kits.
Tool 2: Malware bytes anti-malware - the big gun.
99% of your advertising crap and general crap is killed off with this. Now it doesn't have a root kit to hide behind all viruses are vulnerable, now we begin the offensive.
http://download.cnet.com/Malware....=button
Download, scan kill.
There goes 99% of your virus worries.
Nothing else really to say, it's effective and it's got a free version.
Alternative is SuperAntiSpyware, but MBAM is preferred.
Tool 3+: The bigger guns
Still having problems? Hmm, time for the bigger guns then.
If your still having problems here, a generic signature anti-virus (MBAM) will not suffice. Now you need heuristics as you've been hit by an unknown virus. (Aka, we're not sure what it is.)
You have two choices. Neither are free but these really are the big screw you weapons.
NOD32 Kaspersky
NOD32 - Eset security http://www.eset.co.uk/
NOD32 is my personal favorite. It's virus definition database is pathetic, but it's heuristics are insane. This WILL kill your problem.
Kaspersky - Kaspersky labs http://www.kaspersky.co.uk/
Same guys who made TDSSKiller also made a sweet anti-virus, much stronger virus definitions, not as good heuristics, but still a very valid choice.
Tool 4: MOAG - Mother of all guns
If it's still not dead, roll out the biggest gun you've got.
Combofix.
I'm not linking this one as it's highly dangerous. DO NOT ATTEMPT THIS WITHOUT A SKILLED TECH GUY NEARBY. YOU CAN BRICK YOUR COMPUTER OR CAUSE PERMANENT DAMAGE. YOU HAVE BEEN WARNED.
This is the ultimate gun. There's nothing bigger, if this fails you need to reformat.
That's all folks. If your still struggling PM me.
Message edited by Apache - Thursday, 2012-03-01, 6:51 AM |
|
| |
Sokol |
Date: Thursday, 2012-03-01, 3:07 PM | Message # 2 |
General
Group: Clan Manager
Xfire username: dariocod2
Messages: 996
Status: Offline |
This is definetly something worth reading.Altough I have solid knowledge about protection against PC malware it won't hurt reading this
You can't climb the ladder of success with your hands in your pockets. |
|
| |
Shadowhunt |
Date: Thursday, 2012-03-01, 8:06 PM | Message # 3 |
Major
Group: Clan Member
Xfire username:
Messages: 88
Status: Offline |
Awesome Apache, thanks for giving us a heads up about viruses. I have quite a lot of knowledge about viruses, but I didn't know about this. Thanks to you we've increased the security of my company's computers even more :P So thanks Apache |
|
| |