Solved Response to "8-step Viruses/Spyware/Malware Preliminary Removal Instructions"

Status
Not open for further replies.
It won't run. You have to disable sleep mode.
The scan may keep computer awake, but I'm not 100% sure.
 
I did some more reading and Kaspersky scan should keep your computer awake since your computer will be active.
 
That's normal.
So far, we eliminated all active infected threats.
Kaspersky will (if) detect any inactive malicious files.
Whatever found, I have to see the report and we'll remove those files in next step.
 
Kayy! We'll move on from there! I also told my friend about this site, she has this really old computer in her basement that's filled with viruses which her brother uses, that'll give you a good challenge.
 
Also does it matter if I'm posting on this thread using Google Chrome while Kaspersky is scanning using Mozilla Firefox? I mainly used Google Chrome for everything but Kaspersky doesn't allow Google Chrome, so I used Mozilla Firefox instead. It was an old browser that my mom still uses.
 
Scan is finish, I'm attaching it now, I got something Backdoor.win.Poisoining!
 

Attachments

  • kaspersky.txt
    947 bytes · Views: 2
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL

:Services

:Reg

:Files
C:\Users\Chris\Documents\P18.exe

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.
 
All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Users\Chris\Documents\P18.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Chris
->Temp folder emptied: 107074571 bytes
->Temporary Internet Files folder emptied: 2752809 bytes
->Java cache emptied: 128094 bytes
->FireFox cache emptied: 36671257 bytes
->Google Chrome cache emptied: 63968295 bytes
->Flash cache emptied: 1015 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Home
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 364334 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 201.00 mb


[EMPTYFLASH]

User: All Users

User: Chris
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Home
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 07272010_230955

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
Cool :)

OTL Clean-Up
Clean up with OTL:

* Double-click OTL.exe to start the program.
* Close all other programs apart from OTL as this step will require a reboot
* On the OTL main screen, press the CLEANUP button
* Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

=====================================================================

Your computer is clean

1. Turn off System Restore:

- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista/7:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK

2. Restart computer.

3. Turn System Restore on.

4. Make sure, Windows Updates are current.

5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run defrag at your convenience.

8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

9. Please, let me know, how is your computer doing.
 
Broni, should I try to see if my MSN doensn't spam people the virus that got in there in the first place? And should I set my system restore as C:?
 
Status
Not open for further replies.

Similar threads

D
Mini PCs sold on Amazon contained factory-installed spyware
Replies
16
Views
403
Fastturtle
F
L
Solved Unknown spyware/ Monitoring/ Hijacking of my devices
Replies
15
Views
3K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni

Latest posts

Back