Solved 8-Steps, logs included

[Broni]

Well, we may run it as well...

1. Click Start, click Run, type chkdsk /f /r, and then click OK.
2. At the command prompt, type Y to let the disk scanner run when you restart the computer.
3. Restart the computer.
4. Chkdsk will run.

Then....last scans...

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

2. Download Temp File Cleaner (TFC)

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

3. Go to Kaspersky website and perform an online antivirus scan.

• Disable your active antivirus program.
• Read through the requirements and privacy statement and click on Accept button.
• It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
• When the downloads have finished, click on Settings.
• Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
  
  • Spyware, Adware, Dialers, and other potentially dangerous programs
  • Archives
  • Mail databases
• Click on My Computer under Scan.
• Once the scan is complete, it will display the results. Click on View Scan Report.
• You will see a list of infected items there. Click on Save Report As....
• Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

 

[fluffykitten]

Checkup log file

 

[Broni]

Looks good

 

[fluffykitten]

Thanks , The system had to do a restart for the above log and is going through chkdsk, which is taking a while, 70% and I will proceed with the rest of the scans.

All these tools, Like the codes you used when I ran the custom scans, was that custom made and changed based off the logs or will that work with other systems as well, for getting rid of malware/spyware removal.

Your methods and tools sounds interesting compared to this article.

http://www.bby.com/2008/11/25/geek-squad-pulls-back-the-curtain-on-software-tools/

I am not saying you are using squads methods, was curious how and what they use... seemed interesting

 

[Broni]

Let's not talk about GeekSquad...comparing me to them is almost like a blasphemy....LOL
It's almost the same, as you said, that I love Norton...hehehe

Regarding tools, all malware people use pretty much same tools, but the choice, which ones, depends on a case.
Some script are general, like OTL initial script, for instance, but it also changes from time to time, depending on what the bad guys are up to.
All fixing scripts are composed by me, strictly for a given computer.

I surely can't provide more details, since bad guys are reading this too

 

[fluffykitten]

Let's not talk about GeekSquad...comparing me to them is almost like a blasphemy....LOL

I was not comparing you to them, lol yeah I was just curious if they did clean installs most of the time or actually remvoing the malware, spyware by routes of using tools to do it. Most of the time I prefered doing clean installs and so I did learn a lot by you and hopefully will try these methods again for removal of virus/spyware.malware.

As for the Kaspersky site, it was running for a long time with the updates and then the scan finally. Showed no signs of infected files but I did not recieve any type of log, so sorry I could not provide it on this post. Seems like the system is clean and I am working on the main profile now that was infected and cleaning it up a bit and removing software that is not used. Before I could even use the Kaspersky website scanner, the system rebooted and did the 5/5 steps with chkdsk and it had taken a lot of time to do it but it seems like it worked out good to and not sure if chkdsk had any logs to view.

The system does not seem to have any AV. Using Avast which was provided on the list, should this be a good scanner to use. It did have Norton which was expired anyways. On my personal computer I use avast! 4.8 AV and my system has been running good for months with this scanner so I was going to use it on this laptop.

Thanks for all the help, you really spent a lot of time with me and I appreciate that. So yeah, I am going to clean up the main profile and will post if it shows any problems or infections but everything seems to be running good and by what you are saying when you viewed all the logs, that the system is now not showing any problems or infections.

 

[Broni]

You're very welcome

Last steps are needed...

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

 

[fluffykitten]

Post resulting log.

 

[fluffykitten]

Using the software Secunia PSI, really cool piece of software.

Security Threats: 1
Secunia System Score: 99%
Secunia PSI WorldMap: Your Secunia System Score of 99% is 5% HIGHER than the average user from California, United States.

Compared to users WITHOUT the Secunia PSI installed, your Secunia System Score is 14% HIGHER (more secure).
Last Full System Scan: 5 hours ago

Anyways I am trying to get rid of the last security threat which is

Microsoft Windows XP Home Edition
1 Security Threat, rated as a: Category 4 Threat

Since it is a Cat 4 threat, I would like to fix this, I ran the solutions many times now, and each time I run express download, it finds some more to download even though it may be a very small update, it updates and then restarts as normal but the threat still remains.

Should I do a custom scan, just not sure which items to check for and if I click the wrong items, will I cause harm to the OS.

When I run windows update under express

High-priority updates
No high-priority updates for your computer are available. To check for optional updates, return to our home page and click Custom.

However under the Windows security center, firewall is turned on, automatic updates is turned on, however I need to install the AV ASAP which I am doing now, which I am going to install advast for the AV, could this be why the threat is still showing, even though it say's "Microsoft Windows XP Home Edition" Cat 4 threat

 

[Broni]

They have a very helpful people at Secunia forum: http://secunia.com/community/forum/
I suggest, you post your question there...