Solved Keyboard virus?

Status
Not open for further replies.
By the way, my keyboard is working properly again, and my laptop does not open random programs anymore. And when I tried to open Internet Explorer, it does not have those tool bars anymore.

Better, isn't it? We're almost there!

Please sign on to the Administrator account: Open Firefox> Click on Tools> Manage Addons> Find the following 3 entries> Delete each:

DVDVideoSoftTB Toolbar : this is a Conduit "Community Toolbar" - modifies the default IE URL search hook. Conduit toolbars are reputed to have a certain trackware functionality.

uTorrentBar Community Toolbar: this is a Conduit "Community Toolbar" - modifies the default IE URL search hook. Conduit toolbars are reputed to have a certain trackware functionality.

Conduit Engine: this is the engine that runs the toolbars above.

Close Firefox when don, the ewopen. they should be gone.
====================================================
Have you updated and repeated the Eset scan? If yes, was there a log? If no, please do so.
=================================================
Please update the following:
Note: Check each download screen for any pre-checked Toolbars or BHOs. Uncheck them before the download.

Adobe Reader > Current is vX(10.xx)> Adobe Reader Update
Java(TM) > Current is v7u4> Java Updates .
Uninstall any earlier versions in of both as they are vulnerabilities for the system.
 
I have already updated and repeated the EST scan and here's the log:

C:\_OTM\MovedFiles\05282012_201620\C_Documents and Settings\tops\AppData\Roaming\Uniblue\SpeedUpMyPC\_temp\sump.exeWin32/SpeedUpMyPC application
C:\_OTM\MovedFiles\05282012_201620\C_Documents and Settings\tops\Downloads\Programs\registrybooster.exeWin32/RegistryBooster application

----------------------------------------------

I have already updated Java and Adobe Reader. :) and I already uninstalled the said toolbars from firefox.
 
Okay then- the system is now clean. Keeps in mind the things I told you along the way so you can keep it clean. Mbam found Autorun worms which spread from USB/thumb drives as well as fixed and mapped drives. Autorun worms typically drop or download additional malware, usually backdoors and password stealers. For the safety of your system, please review and consider the following: (link is embedded)
Disable Autoplay of Audio CDs and USB Drives

If you have not already disinfected the USB/flash drive, please do so:
  • Please download Panda USB Vaccine(you must provide valid e-mail and they will send you download link to this e-mail address) to your desktop.
  • Install and run it.
  • Plug in USB drive and click on Vaccinate USB and Vaccinate computer.
===================================================
Remove all of the tools we used and the files and folders they created
  • Uninstall ComboFix and all Backups of the files it deleted
    [o] Click START> then RUN
    [o] Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  • Download OTCleanIt by OldTimer and save it to your Desktop.
    [o] Double click OTCleanIt.exe.
    [o] Click the CleanUp! button.
    [o] If you are prompted to Reboot during the cleanup, select Yes.
    [o]The tool will delete itself once it finishes.
    Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
  • Set a new, clean Restore Point
    [o] Click on Start> right click on Computer> Properties
    [o] Select System Protection
    [o] Click on the Create button (near bottom)
    [o] Type a name for the Restore Point
    [o] Click on Create again to save the restore point.
  • Deleting all but the most recent System Protection point in Windows 7
    [o] Click Start> Computer> right click the C Drive and choose Properties> enter.
    [o] Click Disk Cleanup from there.
    image2.png

    [o] Click Clean up system files
    This restarts Disk Cleanup to run in elevated mode.
    [o] Click the More Options tab
    w7-srp2.png

    [o] Click the Clean up under System Restore and Shadow Copies.
    [o] Click OK.
    [o] You will get a confirmation screen> Just click Delete.
    [o] Click OK on the Disk Cleanup Screen.
    [o] Click Delete Files on the Confirmation screen.
image6.png

This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
Images courtesy lytebyte.

Empty the Recycle Bin
==================================================
P2P/ 'file sharing'/Piracy Warning:
Note: Even if you are using a "safe" P2P program, it is only the program that is safe.
  • As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
  • Malware writers use these program to include malicious content.
  • File sharing is usually unmonitored and there is a danger that your private files might be accessed.
  • The 'sharing' also includes malware that the shared system has on it.
  • Files that are illegal can be spread through file sharing.
Please read the information on P2P Warning to help you better understand these dangers.

Let me know if you have any questions.
 
Already done with the instructions given. Question, can I automatically vaccinate USB's?

---------------------------------------

There are 6 quarantined files in MBAM. Should I delete all of these?
 
Question, can I automatically vaccinate USB's?

What do you mean by automatically?

Regarding files remaining from scanning tools: Instructions say>
[Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.[/QUOTE]
 
When I installed Panda USB Vaccine, there is a check box saying "Automatically vaccinate flash drives" something like that, but I didn't checked it, Anyway. Sorry for the late reply, I'll delete the files remaining from scanning tools when I get home. I'm away from my laptop since Monday because of some matters. Is there anything that I should do?
 
Anything you wanted to disinfect of the movable drives would have to be connected when you ran the program. I would think there is a chance the USB drive might not have been cleaned of you did not instruct the program to do so. Perhaps you should run it again to be sure.

I hope you accepted my warnings about piracy and file sharing. You will not keep the system clean if you did not!

Stay safe! If would be advisable for you to change all of your passwords and monitor any online financial transactions.
 
Status
Not open for further replies.
Back