Discus and support VIRUS REMOVAL in AntiVirus, Firewalls and System Security to solve the problem; Okay so i installed something called hampster zip archiver a while back. recently i notice tons of thinsg wrong with my pc, ie cannot download anything... Discussion in 'AntiVirus, Firewalls and System Security' started by m7f, Jun 12, 2021.

  1. M7F
    m7f Win User


    Okay so i installed something called hampster zip archiver a while back. recently i notice tons of thinsg wrong with my pc, ie cannot download anything always corrupted. among plenty of other things. i have norton 360 and it never detected a thing! but when i got malwarebytes it found tons of malware and trojans.i got messages like-Log Details-Protection Event Date: 6/12/21Protection Event Time: 8:20 PMLog File: 9beb0160-cbe5-11eb-8c27-309c23a095d2.json-Software Information-Version: Version: 1.0.1318Update Package Version: 1.0.41655License: Trial-System Information-OS: Wind

  2. Jsssssssss, Jun 12, 2021
  3. Solaris17 Win User
    Guide: Virus Removal 101

    Software and Background
    In this section we will briefly go over the software being used and why we chose this software as opposed to other options. This is more of an academic type of post that will clarify the more important "WHY" when it comes to removal. It is important to understand that in order to effectively remove or have the best chance too remove a virus you must have the proper tools. The software listed below is based on several key points. Those mostly being.
    • Free
    • Easy to use
    • Minimal user interaction
    • Update friendly
    At no point should you think that the software chosen was chosen because it is better than xyz or the "Best". That doesn't mean the software is "not the best" just that I am trying to break the mindset of "Best" it is important to shake the idea that a one off solution is always going to be the better one.

    A Porsche is fast and will get you to work sooner than an 18 wheeler but if your hauling tractors to work the 18 wheeler is better suited. This is no different in the security world applications are built for a specific purpose for the most part and because of the nature of heuristic code engines some software will do better than others even if it is the same area of interest.

    Software List
    - Threat Restraint
    • Rkill
    -Rootkit Removers
    • TDSS
    • bootkitremover
    • MBAR
    -Broad Spectrum Scanners
    • Roguekiller
    • EEK
    • MBAM
    • Sophos VRT
    • HitmanPro
    - Malware/Junkware Removers
    • ADWCleaner
    • JRT
    -Targeted Repairs
    • Powerliks
    • Combofix
    -Wrap-up and Repair
    • TWEAK
    • REVOuninstaller
    • Ccleaner

    Above is the list of software this guide will cover and what you will be using to disinfect the machine in question. Now; we will go more into why we separate them into groups in the next section. Here I will explain weakness and strength between software types and programs so you can understand why there are so many.

    A common question is why don't we have a 1 all solution paid or otherwise that can handle all of well...all of this. The answer is simple.

    You can't.

    Every virus removal tool is different in some way. Some are able to detect things others can not. Above are the groups of different software. For example EEK is a broad spectrum scanner. However EEK cannot detect rootkits as well as programs specifically designed to remove rootkits like TDSS. Likewise Programs like TDSS are completely incapable of detecting malware, it simply isn't programmed for it.

    Software in the same category also behaves differently. Hitman is very good at detecting browser issues and cookies. However Sophos isn't so great at browser infections but is better at scanning core system folders.

    The AV world is full of these kinds of checks and balances which makes proper removal more of a skill than a click of a few buttons. Nothing is 100% and you must rely on the differences the tools have to increase your chances of success.

    - Running scans in order

    Running scans in the correct order might be something you are unfamiliar with. I will try to break down the basic concept as to why this is important to you. For the most part it boils down to permissions. Be it actual NTFS permissions or actual Privilege. Digging deeper you should ALWAYS attack an infection in this order.
    • Threat restraint
    Threat restraint is an important step because it will allow you the user to more easily work with your machine which is probably super slow because of infection. Using programs like killemall or Rkill stop known malware processes which free up memory and CPU making it a little easier and faster to deal with your machine.
    • Root/Boot Kits
    As previously covered Root and Bootkits are low level infections that grant admin (root) access to the machine. This software also for the most part changes permissions of core system files in order to more easily control your machine. It is very important to target and remove these infections first because the modifications they make can stop other higher level removal tools from working correctly.
    • Virus Scans
    Actual Virus removal comes next. Trojans, worms, spyware all virus class infections cause some kind of issues with system services, built in security protection and have the ability to prevent removal tools from opening. These kinds of infections need to be delt with second so that we can ease the restraints on the system so that our tools have the proper permissions and resources to run.
    • Mal/Junkware scans
    These are the last class of tools to run. These infections usually adhere to the user level of least privilege. They are really annoying and bothersome but are usually the most simple to remove. Unfortunately the tools that remove them require the use of system resources most of the time and assume they have everything they need to proceed. For this reason malware and junkware removal scans are done last because they totally rely on the previous steps being done and corrected to run correctly.
    • Repair
    Repair tools like tweak are used last. These programs reset windows to a default usable state. From folder options and icon size to default services and program startup. Most of the virus removal tools correct security related issues that the virus they are removing affected.

    However sometimes more things have been touched and damaged and for these we use repair software last to correct the remaining issues after a full removal.
    Solaris17, Jun 12, 2021

    remove a virus

    1) Do steps 1, 2 and 5 in this multi-step removal guide:

    2) Do not download anything from the link (pcrisk) which another user previously posted. It's one of those SpyHunter pushing sites. SpyHunter is a commercial program which is absolutely not recommended here in Microsoft Community.

    3) Suggestion to read:

    Jsssssssss, Jun 12, 2021


  1. VIRUS REMOVAL - Similar Threads - VIRUS REMOVAL

  2. cant remove virus Exploit:Perl/Shell.B

    in AntiVirus, Firewalls and System Security
    cant remove virus Exploit:Perl/Shell.B: As iam still use windows defender and also mcafee still i am facing this i am not even scanned suddenly i seen that there is 2 meesage under current threats that is Exploit:Perl/Shell.B and todays date with active same as 2 things after seeing this i tried to remove it but it...
  3. can system restore remove a virus system file

    in Windows 10 Installation and Upgrade
    can system restore remove a virus system file: i installed a app ran it it installed a virus system32 file now im stuck on inf repair does it remove a virus system 32 file
  4. Virus/Malware issue, unable to permanently detect or remove from anti-virus

    in AntiVirus, Firewalls and System Security
    Virus/Malware issue, unable to permanently detect or remove from anti-virus: Hello,I'm dealing with a browser extension name "zHelpBlock" virus or malware. It's folder path is "C:ProgramData:"Tjdu" which is a hidden folder. While it says EMPTY but on opening there is a sub folder who's name changes every time. In "Tjdu" folder there's a sub folder...
  5. Hello! Is there anyway to remove this virus?

    in AntiVirus, Firewalls and System Security
    Hello! Is there anyway to remove this virus?: So i have a virus called Trojan:Win32 and i dont know what to do i dont know but i think that virus is the reason my laptop slows down when using for a short period and yeah i want a method to remove its infection without losing filescuz i have school/study things in my pci...
  6. walliant. a virus ....iS there another wAy to REMOVE virus without DOWNLOADING THE THING...

    in AntiVirus, Firewalls and System Security
    walliant. a virus ....iS there another wAy to REMOVE virus without DOWNLOADING THE THING...: walliant. a virus i found on my LAPTOP. NOW i Cant downLod NYRHING.... NORHUNG, MY C;/ IS inacceSSiblE, iS there another wAy to REMOVE virus without DOWNLOADING THE THING NEEDED TO REMOVE IT?MY C: DRIVEI IS INACCESSIBLETROUBLEHSOOTER IS DISABLED.DIAGNOSIS DOESNT STRARTUNable...
  7. I need help to remove virus Trojan:Script/Phonzy.B!ml

    in AntiVirus, Firewalls and System Security
    I need help to remove virus Trojan:Script/Phonzy.B!ml: Remediation incomplete severe \/Can somebody help me? Because I have a problemSoo I tried to download 1 game and my windows protector detected something I checked it and my windows protector detected this Trojan:Script/Phonzy.B!ml and here what the problem is Detected:...
  8. How to remove the BMR Virus

    in AntiVirus, Firewalls and System Security
    How to remove the BMR Virus: Hi. My system has been infected with MBR:Backboot J[Rtk] virus.Avast was detected it but unable to repair/remove.In my system some files are encrypted.Please help me to remove this virus from my sysytem.Thank you.[Original Title: BMR Virus]...
  9. Microsoft defender cant remove some virus

    in AntiVirus, Firewalls and System Security
    Microsoft defender cant remove some virus: microsoft defender can't remove Trojan:Win32/Vigorf.A , Trojan:Win32/Wacatac.B!ml
  10. how to remove a virus Backdoor:Win32/Bladabindi!ml

    in AntiVirus, Firewalls and System Security
    how to remove a virus Backdoor:Win32/Bladabindi!ml: I have another virus TrojanDropper:AutoIt/Nymeria.AR!MTBI really don't know how to remove them.because many antivirus programs don't work.maybe I'm wrong but please give me some adviceThank you <:...