Darksma spyware removal

By dlee337
Jul 25, 2008
Topic Status:
Not open for further replies.
  1. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Clear system restore points

    • Clear your existing system restore points and establish a new clean restore point:
      • Go to Start > All Programs > Accessories > System Tools > System Restore
      • Select Create a restore point, and Ok it.
      • Next, go to Start > Run and type in cleanmgr
      • Select the More options tab
      • Choose the option to clean up system restore and OK it.
      This will remove all restore points except the new one you just created.
  2. xxdanielxx

    xxdanielxx Newcomer, in training Posts: 1,214

    Update your java then try to tun the scan again

    Update your Java Runtime Environment

    First try going to Start -> Control Panel -> double click Java
    Select the Update Tab at the top of the Java console
    Click the Check for Updates button at the bottom
    If it finds the newer version (Java 6 Update 7) Follow the on screen instructions (uncheck the yahoo toolbar option)
    After it installs the newest version Go back to Control Panel -> Add/remove programs (programs and features in vista)
    Uninstall any older versions of Java

    If for some reason you couldn't update through the above instructions.
    Update your Java Runtime Environment
    Click the following link
    Java Runtime Environment 6 Update 7
    The 5th option down is the one you want (click Download)
    Check the box to agree to terms of service
    Check the box for your operating system and click 'Download selected'at the bottom
    After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
    Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_07 folder
  3. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    What link?
  4. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    I have updated my java and set my security stting to medium. I also disabled my firewall. figured that was stopping it but it wasn't. the Trend Micro still wan't load for some reason.
  5. xxdanielxx

    xxdanielxx Newcomer, in training Posts: 1,214

    ok then try this one

    Please go HERE to run Panda's TotalScan
    • Select the bubble for Full scan
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • Then the scan will begin
    • When the scan completes, click the Save button on the right of Scan details
    • Save it to a convenient location. Post the contents of the TotalScan report
  6. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    The link for panda totalscan you posted says
    An error occurred while processing your request.
    Reference #97.a6fc8d5.1217780545.349a935
  7. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Panda Online Scan
    • Please visit Panda Online Scanner
    • Click on "Scan your PC".
    • A new browser window will open with Panda ActiveScan.
    • Click the big "Check Now" button
    • Enter your Country, State/Province, e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    • If it wants to install an ActiveX component allow it
    Note: If this is the first time you scanned your PC, you´ll have to download the ActiveX controls (8 MB). The time it takes to download these can vary depending on your connection
    • Click on "Local Disks" to start the scan
    • Save the log file to your desktop
  8. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    here is the log for panda
  9. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    I would run this - then daniel can help you remove any leftovers that it misses

    [​IMG]SuperAntiSpyware Home Edition Free Version

    • Please download SuperAntiSpyware from HERE
    • Launch SuperAntiSpyware and click on 'Check for updates'.
    • Wait for the updates to be installed
    • On the main screen click on 'Scan your computer'.
    • Check: 'Perform Complete Scan then Click 'Next' to start the scan.
    • Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
    • Make sure everything found has a checkmark next to it,then press 'Next'.
    • Click on 'Finish' when you've done.

      It's possible that the program will ask you to reboot in order to delete some files.

      Obtain the SuperAntiSpyware log as follows:
      Click on 'Preferences'.
      Click on the 'Statistics/Logs' tab.
      Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
      It will then open in your default text editor,such as Notepad.
      Attach the notepad file here on your reply
  10. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    here is the SuperAntiSpyware log.
  11. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    On IE the windows are freezing and takes along time for them to close out.
     
  12. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    This will not hurt the support being offered

    How to use Reset Internet Explorer Settings (RIES)

    To use RIES in Internet Explorer 7, follow these steps:

    1. Click the Tools menu, and then click Internet Options.
    2. On the Advanced tab, click Reset.
    3. In the Reset Internet Explorer Settings dialog box, click Reset.
    4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
    5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.

    Note for users who cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.

    Please let me know if it helped.
  13. xxdanielxx

    xxdanielxx Newcomer, in training Posts: 1,214

    Please download ATF Cleaner by Atribune.
    This program is for XP and Windows 2000 only

    • Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.
    If you use Firefox browser
    • Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browser
    • Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.
    For Technical Support, double-click the e-mail address located at the bottom of each menu.

    Then post a fresh hijackthis log
  14. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    Ok ran the ATF Cleaner. Here is the HJ Log. Thanks

    Attached Files:

  15. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    I'd remove zeropop program
    Also RIES not run
    But xxdanielxx is more knowledgable on this, I just like IE all clean
  16. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    also the last couple of days when My Ca Spyware runs it picks up
    Client Man and Banbot. It says Banbot is a trojan. I delete them but they come back.
  17. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

  18. xxdanielxx

    xxdanielxx Newcomer, in training Posts: 1,214

    Hey sorry I have been very busy

    • Please go to VirSCAN.org FREE on-line scan service
    • Copy and paste the following file path into the "Suspicious files to scan"box on the top of the page:
      • C:\Program Files\zeropop.exe
    • Click on the Upload button
    • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
    • Paste the contents of the Clipboard in your next reply.
  19. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    Virusscan.org will not get past step 2. It just sits there.says analyzing file.
    I did the RIES. when I did that I downloaded the add on zero pop. do I need to delete it? My PC seems to be working good. The last couple days the trojan spyware has not showed up in my spyware scanner. I do appreciate all the help.
    Thanks
  20. xxdanielxx

    xxdanielxx Newcomer, in training Posts: 1,214

  21. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    IE 7 has Popup Blocker anyway
    I say remove it
  22. xxdanielxx

    xxdanielxx Newcomer, in training Posts: 1,214

  23. dlee337

    dlee337 Newcomer, in training Topic Starter Posts: 28

    Here is my HJ log
  24. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Found all this, that can be ticked and removed:
    I thought you were removing zeropop ?

    Also that Main Start page (RR) was How to use Reset Internet Explorer Settings (RIES) run fully?

    There may be other issues too!

    You have fully run MalwareBytes, and then selecting remove all found issues, once completed?
  25. xxdanielxx

    xxdanielxx Newcomer, in training Posts: 1,214

    there is nothing wrong anymore the log looks clean why are you removing items like

    BitDefender
    roadrunner homepage

    and others that are not infected all we have to do is a clean up which I will post as soon as I can
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.