How to scan your computer with TDSSKiller -- October 16, 2015
Use TDSSKiller to remove rootkits that block other malware scanners (i.e. Malwarebytes Anti-Malware) from running.
TDSSKiller is a tool to remove specific types of malware/rootkits that block the use of other malware removal tools and/or Windows processes.
What is a Rootkit?
A rootkit is a type of malware that embeds itself into the operating system's files and processes making it harder to detect and remove.
Once a rootkit has infected a system it can disable anti-virus scanners, prevent malware scanners from running, and can change Windows account permissions, which can make it difficult to regain control of Windows.
A rootkits primary mode of transmissions is through unpatched security holes in Windows. For this reason, it is important to regularly install Windows updates.
To download and install TDSSKiller, do the following:
1. Download TDSSKiller from here: http://media.kaspersky.com/utilities/VirusUtilities/EN/td... Save the file to your desktop.
2. Double-click the TDSSKiller.exe to start the installer.
To scan your computer with TDSSKiller, do the following:
1. Double-click the TDSSKiller icon to run TDSSKiller.
2. TDSSKiller will open to a Ready to scan window.
3. Click Start scan.
4. When the scan is finished, it will display the results with options next to each item found. These options include Skip, Copy to quarantine, and Delete/Cure.
5. Click Delete/Cure for each item found.
6. TDSSKiller might require a reboot of the computer to complete the cleaning. If you are prompted to restart your computer, do so.
Getting Rid of Spyware -- October 16, 2015
This tutorial will demonstrate how to find and remove spyware on your system.
What is spyware? As the name suggests, spyware is something that spies on you. It is actually a generic term used to describe various types of potentially “malicious” software. Spyware usually collects information about your web browsing habits, which is then used to target advertisements at you. For example, if you love looking at car web sites, you would suddenly find that advertisements would also be car related. While this may seem useful, there are bad points. First of all, the spyware is using bandwidth, which you paid for, to transmit this information to the advertising companies. Secondly, it uses up system resources, which you could be using for other programs and last, you have no real control over what information they are collecting. They may, for example, log all keystrokes, so when you type a web site address into the address bar, they will know what web sites you went to. It may also log any user names/ passwords, chats, and emails that you type. This is a huge privacy risk. There is no easy way to determine what a particular piece of spyware is transmitting, so the best way to protect yourself is to make sure there is no spyware on your system.
The most common way to get spyware is by downloading shareware or ad supported software from the internet. One example of a useful program, which installs spyware, is Gator, available from http://www.gator.com/home2.html.
Gator is pretty upfront in telling you outright that it monitors what you do. Here is a direct quote from their website:
“This software also occasionally displays pop up ads on your computer screen based on your online behavior.”
Gator basically fills out online forms and remembers passwords, which is very useful. However there are many alternatives which contain no spyware, such as Roboform, available from http://www.roboform.com/.
If you know that a piece of software that you installed is spyware, simply uninstall it, and find a spyware free alternative. Note that even after uninstalling it, you should still scan your system for spyware, as the spyware is not always removed. This will be demonstrated later in this tutorial.
Before installing any program, go to http://www.spychecker.com/ and type the name of the program into the search box. It will tell you if the program contains spyware or not.
How to remove spyware:
1. Uninstall the program in question, if you know what it is.
2. Scan your computer using 'Spybot Search and Destroy' and AdAware.
Installing and Using 'Spybot Search and Destroy'
Spybot is free and can be obtained from http://www.safer-networking.org/ Once you install it, double click on Spybot (Easy Mode). The first thing to do is to check for updates, as new spyware is being found daily. So click on “Search for Updates”. Spybot will then check to see if there are any updates. When Spybot is updated, the red question mark will change to a green tick.
Now that the program is updated, we need to scan for spyware on our system. So click on the “Search & Destroy” icon on the top of the menu on the left hand side. Then click on “Check for Problems” in the main screen. Spybot will then search your hard drive for known spyware.
Here are the results of one of my searches:
Perhaps Spybot is reporting that the file 'H@tKeysH@@k.DLL', is actually a key logger. A key logger is a program that records what keys I press on the keyboard, so it is capable of capturing passwords and whatever else I type, making it a potential hazard. Its best to double check what Spybot finds, so go to http://www.google.com and do a search for that file name. The second search result (http://www.cimweb.co.uk/H@tKeysH@@k.htm) gives me an explanation as to what that file is. It turns out that it is actually a trainer, so that I can use cheats in certain games. Why does Spybot call it a key logger? Well, to enable cheats in the game, I need to press a certain key combination. The trainer monitors all key strokes until I press the ones that enables that cheats. When it detects the correct key strokes, it enables the cheats. So in this case, I won't let Spybot delete this file. If however I had come across some real spyware, I would simply click on “Fix Selected Problems” and let Spybot delete it.
If you delete something, and suddenly find that a program doesn't work, you may need to restore the files. To do this, click on the “Recovery” icon, select the files you need to recover, and click on “Recover Selected Products”.
Unfortunately, Spybot fails to detect every piece of spyware on a computer, so in addition to Spybot, it is necessary to run a program called AdAware which is available for free from
Just like Spybot, it is necessary to ensure it is up to date, by clicking on “Check for updates now”. In the window that pops up, click on the “Connect” button. If there is an update, it will ask you to download and install it, so just click OK.
On the main screen again, click on the “Scan Now” button.
Make sure that “Perform smart system-scan” is checked, and that “Activate in-depth scan” is enabled. When you click on Next, AdAware will scan your computer. Below is a screen shot, showing the results of a scan:
All of the items found were actually put there by the popular file sharing program, Kazaa. If I remove them, Kazaa will stop working so the best thing to do is to uninstall Kazaa, find a spyware free alternative and scan my computer again to make sure all of the above are gone.
When spyware is found, you can either quarantine it, or delete it. To quarantine it, simply select the item, and click on Quarantine. Type in a descriptive file name for the quarantined file(s) so you will recognize it again. If you ever need to restore these files, run AdAware again, and on the main screen you will find an option that will allow you to “Open quarantine list”. This allows you to restore any deleted files.
If you just want to delete the files without quarantining them, then click on the Next button, and click OK.
Note that performing the above will clean your system of the majority of spyware that exists; however it won't clean everything. If you still are experiencing problems, e.g., you can't change home page, unusual internet activity, etc., consult your protonic.com tech, who will give you more advanced instructions.
How can I tell if my computer has a virus? -- October 16, 2015
Windows 7 and other versions
If you can answer "yes" to any of the following questions, your computer might have a virus.
Is your computer running very slowly? A common symptom of a virus is much slower than normal computer performance. However, there can be other reasons for slow performance, including a hard disk that needs defragmenting, a computer that needs more memory (RAM), or the existence of spyware or adware. For more information about spyware, see How to tell if your computer is infected with spyware.
Are you getting unexpected messages, or are programs starting automatically? Some viruses can cause damage to Windows or some of your programs. The results of this damage might include messages appearing unexpectedly, programs starting or closing automatically, or Windows shutting down suddenly.
Is your modem or hard disk working overtime? An e‑mail virus works by sending many copies of itself by e‑mail. One indicator of this is that the activity light on your broadband or external modem is constantly lit; another is the sound of your computer's hard disk continually working. These are not always symptoms of a computer virus, but when combined with other problems, can indicate a virus infection.
To check for viruses, scan your computer with an antivirus program. New viruses appear every day, so keeping your antivirus program updated is important. For more information about computer security, go to the Security at Home page on the Microsoft website. To learn how to remove malicious software (malware) from your computer, go to the Microsoft Safety Scanner webpage.