MUST READ BEFORE POSTING!

[MoNsTeReNeRgY22]

Hello and welcome to Byte Forums!

Below are instructions that will clear malware from most systems. If you are still having problems feel free to post a HJT log HERE


The Prep:
These steps will insure that your computer is ready to be cleaned.


Please make sure that you have all the latest Windows updates from http://windowsupdate.microsoft.com/. Follow the on screen instructions, and you may have to repear the process more than once.

Windows XP Users ONLY
Please also make sure that you at least have Service Pack 1a on your computer. If not please download it from http://www.microsoft.com/windowsxp/downloa...p1/default.mspx
Without this update, you're wide open to re-infection, and we're both just wasting our time.

Also DO NOT install Service Pack 2 until your system has been deemed clean. If you think you have any infection at all, do not install Service Pack 2.


Next lets run ATF Cleaner to clean out your temporary folders where malware and other issues like to hide.


Download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.


Now lets backup your registry for an extra safety precaution and so the registry can be restored to this point if we need it.


Go to Start > Run
Type:

regedit

Click OK.

• On the leftside, click to highlight My Computer at the top.
• Go up to "File > Export" [list]Make sure in that window there is a tick next to "All" under Export Branch.
  Leave the "Save As Type" as "Registration Files".
  Under "Filename" put backup
• Choose to save it to C:\ or somewhere else safe so that you will remember where you put it (don't put it on the desktop!)
• Click save and then go to File > Exit.

Last, lets create a System Restore Point in case we need to restore you PC to an earlier state.


Go to Start Menu then to Help and Support Click Undo changes to your computer with System Restore

When System Restore opens click Create A Restore Point then Next , Name it and press Create

--------------------------------------------------------------------------------------------------------------------------------------------------------

The Cleaning:
Now we begin the cleaning process to cure your system of most malware currently on it.


Lets first scan with a free top-notch Anti-Spyware program.


Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.


Now lets run an excellent online scanner.


Please do the following to run an F-Secure online scan for Viruses, Spyware and RootKits

• Go to http://support.f-secure.com/enu/home/ols.shtml
• Scroll to the bottom of the page and click the Start scanning button. A window will pop up.
• Allow the Active X control to be installed on your computer, then click the Accept button
• Click Full System Scan and allow the components to download and the scan to complete.
• If malware is found, check Submit samples to F-Secure then select Automatic cleaning
• When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
• Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) it in a notepad where you can save it to post later on if you create a malware topic

If Automatic cleaning with Submit samples hangs, click Cancel, then New Scan

• When the cleaning option is presented, Uncheck Submit samples to F-Secure
• Click Automatic cleaning

Notes:

• This scan will only work with Internet Explorer
• You must have administrator rights to run this scan
• This scan can take several hours, so please be patient

--------------------------------------------------------------------------------------------------------------------------------------------------------

The Final Steps:
With these final few steps, you will be ready to post your log for review by one of our highly trained malware removal specialist's.


Please make sure not to have any P2P programs, Cracks, Keygens, or Warez installed on your PC.

Downloading cracks and keygens from P2P programs (ex: Limewire, eMule, uTorrent, Kazaa ) is one of the most common ways to get infected. This is strictly forbidden providing that they are seen as illegal under British and American law. We highly recommend that ALL P2P programs, Cracks, Keygens, and/or Warez be removed before posting.


General Warnings and Cautions:

• DO NOT follow advice from a topic other than your own. Other topics may have similar problems but please do NOT follow the advice given. Doing so can cause your PC some unforseen damage. ALL computer's have different situations.
• DO NOT run any tools used on the forum here unless instructed to by a trusted staff member, otherwise you may cause unforseen damage to your PC.
• Please make sure you abide by all the forum rules which can be found HERE.

Finally, lets run the diagnostic tool which will give you a log that one of our staff members will be able to read and assist you with.


Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
• Double click on the HJTInstall.exe icon on your desktop.
• A window will pop up, and simply click Install.
• By default it will install to C:\Program Files\Trend Micro\HijackThis.
• When it is completed installing HijackThis, it will automatically launch and you will be presented with the License Agreement. Click on the I Accept button.
• Once the license agreement is gone, click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Then create a new topic in the Malware Removal forum and paste your log there.
• DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
  

The Byte Forums Malware Removal Staff