I will copy and paste somthing for you try it out it will get rid of 70% of
you malware so here it is,,,,,,,,,,,,,,,, If it's your first time here,
welcome to Geeks to Go! You must register (free) and be logged in to access
the download links provided below.
Malware (Spyware, Adware, Trojans, Viruses) are every increasing in their
frequency, and ability to disguise themselves. This forum is a resource for
removal of these unwanted pests. Following is a guide that will help you to
remove many of the most common problems, and allow us to help you most
efficiently. It may look daunting, but shouldn't take long to complete.
Please remember, people are helping you for FREE. Be patient, somebody will
help you as soon as they become available. We all have REAL jobs, families,
have other interests, and may live half way around the world. Plus, there may
be people in front of you waiting for help. Following these steps will
lighten our work load, and allow us to help more members.
The reality is that Hijack This logs are getting more complicated, require
more time to analyze, and the infections are more difficult to remove --
often requiring a multi-step process. Anything that you can do to help us
before posting a log is greatly appreciated. Please acknowledge that you've
followed these required steps (or our first reply will likely direct you
here).
Self-help removal guides for common infections:
How to Remove SpywareQuake
How-to Remove SpyFalcon
How-to remove Winfixer, Virtumonde, Msevents, Trojan.vundo (ATLDistrib object)
How-to remove SpyAxe, SpywareStrike, SpySheriff, Winhound, Smitfraud
Preparation
If your having trouble connecting to the Internet try running the
WinSockFix utility to repair your connection:
WinsockXPFix for Windows XP/2000/NT
Winsock2Fix for Windows 98/98SE/ME
CleanUp! - Download - Home Page
NOTE: Do NOT run this program if you have XP Professional 64 bit edition. If
you're unsure please do not run it!
Open CleanUp! by double-clicking the icon on your desktop (or from the Start
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):
Empty Recycle Bins
Delete Cookies
Delete Prefetch files (if present)
Cleanup! All Users
Click OK
Press the CleanUp! button to start the program.
Let it do it's thing. At the end, it may ask you to reboot/log-off, click Yes.
Close CleanUp.
If you have anything disabled by MSConfig or any other startup manager,
please re-enable them before running any scans, or posting a Hijack This log.
Step One: Scan for Spyware/Adware
Ad-aware SE - Download - Home Page
1) Download and install.
2) Run the Webupdate feature. (Click on the Globe icon, Click connect, Click
OK, Click Finish.)
3) Set up the Configurations (Gear wheel at the top) as follows:
General Button > Safety & Settings: Check (Green) all three.
Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules
before deletion".
4) To start the scan, Click > "Scan Now"
Deselect "Search for negligible risk entries" as negligible risk entries
(MRU's) are not considered to be a threat.
Select "Search for low-risk threats"
Select "Perform full system scan"
Click Next
5) When the scan has completed, select Next.
In the Scanning Results window, select the "Scan Summary" tab.
Check all objects found in the Critical Objects tab that you wish to remove
Click Next, Click OK.
CWShredder - Download - Homepage
Downlad CWShredder to your desktop. To run:
Reboot into Safe mode
Double click on CWShredder.exe to open it.
Click "I agree" then click "Fix" then click "Next"
when it is finished, close the program and reboot the computer normally
Spybot S&D - Download - Homepage
Install Spybot and the DSO Exploit Fix. Start Spybot and select Update,
Search For Updates, check the box next to each update and then select
Download Updates. Next, select Search and Destroy, Check for problems and
after scanning is complete, Fix selected problems. Finally, select Immunize
and then the Immunize button to block common Spyware programs from installing.
No single program removes every threat. A multi-prong approach is best.
Rogue/Suspect Anti-Spyware Products & Web Sites. Unfortunately, many
companies have chosen to exploit the spyware problem by releasing
questionable software. These programs may be ripoffs of existing free
programs, produce false positives to entice you to buy the full version,
leave actual Spyware installed, or at the very worst even install Spyware.
Use the link above to see if you have installed any of these programs on your
system. Uninstall any found.
Step Two: Viruses/Trojans
Even the best antispyware programs are only able to remove about 70% of
infections. Also, the line between spyware and trojans is getting blurred.
You can never be too careful with these, we recommend at least one online
scan.
Ewido Anti Malware for Windows 2000 and XP only - Download Free Version (14
day trial) - Homepage
Ewido has been very effective at helping remove some of the more difficult
infections. After installed, there should be a icon for ewido on your
desktop. Double-click to run it.
Update ewido: From the main Ewido screen, click on update in the left menu,
then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update
successful"), please reboot to Safe Mode. With no programs open, double click
on Ewido to open it, and then click on the Scanner button in the left menu,
then click on the Start button. This scan can take quite a while to run, but
if Ewido finds anything it will pop up a notification, so it needs to be
monitored. If notified, select clean and check the boxes "Perform action with
all infections" and "Create encrypted backup" before clicking on OK.
When the scan finishes, click on Save Report. This will create a text file.
Please then paste the contents of the text file, and post it with your
HijackThis log.
Trend Housecall - Homepage
Even if you do have antivirus software it can be compromised and corrupted
by many forms of malware, so an online scan is a good idea.
Run the free online virus scan (tick the "Auto Clean" checkbox).
Here's another free online scan: Panda Activescan
AVG - Download - Homepage
If you don't have any antivirus software on your system, or if your
subscription to definition updates has lapsed, install AVG's very good free
version of antivirus. This comprehensive package includes real-time
protection, scheduled scans, automatic definition updates, and email
scanning. More free antivirus tools here.
NOTE: DO NOT install more than one antivirus program. They will conflict,
and provide less protection, not more.
TrojanHunter - Download Free Version (30 day trial) - Homepage
TrojanHunter is the most powerful trojan scanner on the market. Featuring an
intuitive user interface and a scanner capable of thoroughly examining your
files, system registry, open ports and running processes it gives you
all-round protection against trojans.
Step Three: Windows Updates
Windows Update - Homepage - Download SP1a
An unprotected, unpatched Windows XP installation will get infected within
minutes of connecting to the Internet. Because of this, we'll require you to
do install critical updates before providing assistance in our forums. If
not, we're both just wasting our time.
SP2 NOTE: Windows XP Service Pack 2 (SP2) has terrific security features,
and we highly recommend everyone install it, however it should not be
installed until your system is free from malware. Installing SP2 with malware
present can cause many compatibility problems, or even prevent your computer
from restarting. If your system has a malware infection, or if you're unsure,
use the SP1a download link above.
Step Four: Reboot - Test
The tools above will completely clear malware from the majority of systems.
Test your system to see how it's working.
If you're still having problems, continue to the next step. Otherwise, check
out this article on how to prevent future Spyware/Hijack attacks.
Step Five: Posting a Hijack This Log
Hijack This - Download - Homepage
Automated tools are not always successful at removing malware from your
system. Some infections may generate random files names, are too new, or use
other tricks to avoid detection.
HijackThis examines certain key areas of the Registry and Hard Drive and
lists their contents. These are areas which are used by both legitimate
programmers and hijackers. Some items are perfectly fine. You should not
remove them. Never remove everything. Doing that could leave you with missing
items needed to run legitimate programs and add-ins.
This section is designed to help you produce a log, post the log into the
Forum and finally remove the items as directed by the Member helping you.
This involves no analysis of the list contents by you. That will be done by
the Geeks to Go Staff.
If you have run and fixed anything with Spybot Search and Destroy, Ad-Aware,
or any spyware program please reboot before scanning.
Save HijackThis in its own folder (i.e. C:\HJT). DO NOT run it from within a
zip manager (Winzip), as no backups will be saved.
This is how HijackThis looks when it first opened.
You do not have to change any settings at this point.
Notice the empty section in the middle. This is where the scan results will
be listed later.
Note the set of buttons down the middle. To start the scan, Click the Do a
System Scan and Save a Logfile button on the top.
HijackThis after the scan.
After HijackThis finishes scanning, a log will automatically open for you in
Notepad with the results.
Return to the Forum and reply to your original post (or start a new thread
in the Malware Removal Forum). Copy the entire contents of the Notepad file
that opened, and paste it into your post. Then, wait for a Staff member to
reply to your thread with instructions.
Additional Copy and Paste Instructions
Having problems with cut and paste? Open the text file. Go to the Toolbar of
your text editor, Notepad for example and click Edit. Move the mouse down to
Select All and click on Select All to highlight the text. Go back to Edit
again and move the mouse down to Copy. Click Copy. Go to the Forum and reply
to your original post. When the page opens, click on an empty space in the
reply window with your mouse to set focus for the paste operation. Finally,
hold down the Ctrl button and click the letter v on the keyboard to paste the
text into your post.
Mark Items for Removal
Once you have received advice on what should be removed, reopen HijackThis.
This time, click the Do a system scan only button. You have changed nothing
and this scan result will be the same as the first. Place a check-mark in the
box in front of each item you plan to remove. In this example, there are
three items marked for removal.
Click the Fix checked button.
A confirmation box will appear. Click Yes. HijackThis will now remove the
checked items.
Click Here to Download HijackThis
(NOTE: You must register and be logged in to download files.)
Hijack This Forum Rules:
Please do not post your logs in someone else's thread. Start a new thread by
clicking on New Topic. Do not post your problems into other open logs saying
"I have the same issue, here is my log" etc. This gets really confusing for
everyone involved. Also, please stay with your original topic when posting
follow ups.
The "Topic Title" should contain the name of the infection that you are
having a problem with e.g. WinTools,
http://...sp.html etc. Use the "Topic
Description" to include more details. This will help you get faster responses
as some people are more familiar with certain infections.
Tell us if you're having any problems, and please be specific. Let us know
what you've already done to fix it (if anything).
If you do not understand a step, do not panic, simply ask for direction and
information. We will offer any advice necessary to help you.
Please only post your topic once. Duplicate posts will be closed, and just
create additional work for the staff members trying to help you.
Click Here if not yet registered. Click Here to start a new topic and paste
your log.
If you would like to learn more about reading HJT logs and help us by
becoming a member of the staff, please click here. If you're already an
expert, and would like to help, please PM the admin.
Please acknowledge that you've followed these required steps (or our first
reply will likely direct you here). Please be patient, let us know the
results, and remember to thank the helper assisting you.
Printable View
Thanks!
--
Geeks to Go admin team
hope that helps
http://www.geekstogo.com/forum/forums.html go there and go to malware
forums they can help
