TechSpot

UPDATED 4-Step Viruses/Spyware/Malware Removal Preliminary Instructions

By Julio Franco
Dec 1, 2007
  1. Very Important: Malware infections can possibly lead to identity theft, stolen bank funds, misuse of credit card information etc. Therefore we strongly encourage you to read this thread before deciding what course of action to take regarding your infection.

    If after reading the above you wish to clean your system, please follow the steps below and create new topic HERE

    NOTE: This thread is a work in progress. As malware evolves, so must the programs that find the bad entries and remove them. Thanks to all the members who have kept this progress going.
    • These steps are NOT meant to be a ONE-STOP-FIX-ALL.
    • If your computer cannot stay running, as in it either cannot boot, or, it is automatically restarting after a certain amount of time, then just start a new thread and ask for help.
    • They only serve to help you produce some logs, so we can see if your system needs further attention and cleaning.
    • Please make sure to complete ALL the steps in this thread, in the order that they are listed BEFORE you post the requested log files.
    • Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it into a couple of replies.
    • Please run all scans in Normal Mode unless instructed otherwise. If you are not able to access Normal mode, please let us know.
    • Do NOT perform a System Restore while we are cleaning, as this can reinfect the system.
    • Please stay with your thread. We usually mark your thread inactive after five days, to help maintain the list of active topics.
    • If you have any problems following any of the instructions, please ask for assistance in the thread you start.
    • Do NOT PM malware helpers asking for help.
    • We don't provide 911 services. We're just volunteers providing free help in our free time so be patient.
    -
    Step 1: Antivirus scanning

    If you have a functioning, updated antivirus program, please leave it enabled pm the system for now. Do NOT add any of the free AV programs below.

    If you're NOT running any antivirus, you should install one now. If you install a new antivirus, be sure to update it. - Neither a scan nor log are requested at this time.

    Recommended Free Antivirus for temporary means:
    -
    Step 2: Farbar Recovery Scan Tool (FRST)
    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system. That will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt).
    STEP 3: Log Handling Instructions
    Start new topic in our Malware Removal forum and provide following logs:
    • FRST.txt
    • Addition.txt
    Make sure all logs are pasted not attached. Attached logs won't be reviewed.
    Please do not put logs in a quote box or code box.

    If any further steps are recommended, it will be done so in your thread.
    DO NOT make any other changes to your computer (like installing programs,using other cleaning tools, etc.), until it's officially declared clean!!!
     
    Last edited by a moderator: Apr 2, 2015 at 5:47 AM
    Bijutoha and Kaal202 like this.
  2. momok

    momok TS Rookie Posts: 2,272

    Instructions have been shortened and updated for future convenience towards users as well as helpers.
    Credits to originator, Blind Dragon, and a few others, namely - kimsland, xxdanielxx, CCT, and Bobbye for their input.
     
  3. Julio Franco

    Julio Franco TechSpot Editor Topic Starter Posts: 6,693   +395

    Changelog:

    July 2010
    * New changes, mostly on the order and clearness of the guide's wording.

    April 2010
    * New rules/steps - brought completely up to date.
    * Special thanks to Bobbye and Broni for the continued support on the forums and for the instructions.

    * Many, many changes before writing this.
    * Step 6, contributed by Blind Dragon. Updated AVG AS for SuperAntiSpyware OR Malwarebytes' Anti-Malware.
    * Most installers available straight from TechSpot Downloads section.
    * Added disclaimer/special rules for the malware board.

    October 2010
    * Step 4, deleted statement that GMER does not run on W7, 64 bit.

    November 2010
    * Step 4. Completely revised Step 4 (per Broni) but added "Show all" warning (per Bobbye).
    * Step 1. Added line ref running scans in normal mode before Step 1 (per Bobbye).

    March 2011
    * Replaced Extended Guidelines section with edited material from Broni's post. (per Bobbye's request)

    May 2011
    * Deleted Step 2. (per Broni's request) Renumbered steps and changed thread title from 8-Step to 7-Step to reflect changes.

    June 2011
    *Revised Step 1. (per Bobbye's request)
    *Added an instruction near top. (per Broni's request)

    July 2011
    *Added an instruction in Step 5, "Do not put logs in a quote box or code box." (per Bobbye's request)

    August 2011
    *Deleted last section about updating. (per Broni's request) Changed thread title from 7-Step to 6-Step.

    September 2011
    Replaced certain text with: "Neither a scan nor log are requested at this time." Revised some related wording. (per Bobbye's request)

    October 2011
    Changed Step 6 to "Note." (per Broni's request)

    November 2011
    Updated links in Step 3. (per Broni's request)
    Revised Gmer instructions. (issue raised by Bobbye and per Broni's request)

    January 2012
    Revised recommended free anti-virus programs in step 1. (per Broni's request)
    Added note to end of Step 3. (per Broni's request)
    Changed url in Malwarebytes link. (per Bobbye's request)

    August 2012
    Overall clean-up, no changes to the content, only cosmetic.

    November 2012
    GMER step removed.
    Redundancy cleaned up, as well as grammar and spelling.
    Post style clean up.

    April 2014
    MBAM new instructions updated.

    March 8th 2015
    DDS and MBAM replaced with FRST

    April 2015
    Spelling correction. Compatible.
    Minor punctuation corrections.
     
    Last edited by a moderator: Apr 2, 2015 at 5:47 AM
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.