Computer Hope

Software => Computer viruses and spyware => Topic started by: evilfantasy on November 09, 2007, 10:57:13 PM

Title: IMPORTANT: Read this before requesting malware removal help
Post by: evilfantasy on November 09, 2007, 10:57:13 PM
Computer Hope Virus and Spyware section Guidelines

First of all, welcome to Computer Hope.

Unfortunately, you have landed here because of an infection of some sort.  We wish the circumstances would have been better, but it is what it is.

There are some things we require of you first so that the cleanup process is hopefully both fast and efficient:

Title: Malware Removal Guide
Post by: evilfantasy on November 20, 2007, 10:13:00 AM
Updated November 17, 2016, updated all canned speeches and modified overall format.
Malware Removal Steps

Below are steps to begin the malware removal process. The steps will produce three logs which are requested to be added in your post.

* Important: Work the steps in order.
* If you don't understand a step stop and ask!
* Keep all questions/replies in the same thread.
* Continue to respond until given the all clear.
* Be patient: Malware removal can be just as time consuming and stressful for us as it is for you.
* Remember: Just because the symptoms may be gone does not promise that all of the malware is. It is strongly suggested to continue in posting all requested logs until given the all clear. You will then receive final cleanup steps specific to your PC, links to programs and advice to help you prevent infections in the future.

If for some reason you cannot perform one of the steps, move on to the next step and make note of what happened when posting your logs.

Spybot Users

Remove Spybot S&D

It is recommended that you uninstall Spybot S&D, as it is no longer capable of detecting the latest threats. Much better anti-malware solutions exist, and those will be pointed out later.

Step 1: House Cleaning

CCleaner Temporary Files Cleaning

NOTE: If you already have this installed, you don't have to reinstall it.

Please download CCleaner (http://www.piriform.com/ccleaner)

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.


Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.

Step 2: AdwCleaner

Please download Malwarebytes' AdwCleaner (https://www.malwarebytes.com/adwcleaner/) onto your Desktop.

Step 3: Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from here (https://www.malwarebytes.org/mwb-download).

Double Click mbam-setup.exe to install the application.

Step 4: Security Check
Download Security Check from one of the following links and save it to your desktop.

Download SecurityCheck (http://www.bleepingcomputer.com/download/securitycheck/)

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE  (http://www.bleepingcomputer.com/forums/topic114351.html).

Step 5: Posting The Logs

Please give details. Just posting the logs in many instances is not enough information for us.

Post the logs in the Virus and spyware removal (http://www.computerhope.com/forum/index.php/board,53.0.html) forum.

Logs needed:

- AdwCleaner
- Malwarebytes' Anti-Malware
- Security Check


Please copy and paste the logs directly into the reply unless specifically requested by your helper


Illegal software

Computer Hope does not support illegal activity. We do not support the use of any pirated or otherwise illegal software including Windows itself. If you install the cracked software, you are running executable files from unknown sources. You are in effect giving unknown sources access to information on your hard disk and potentially giving complete control over the operation of your computer.

* We will NOT help anyone pirate anything or help to make the system work with pirated software. But if you mess up your computer in the process, we will help you fix it.
* Uninstall any cracked applications before posting for help.
* You may be asked to uninstall any P2P or File Sharing programs during the removal process if they are believed to be the source of the problem.
* We will discontinue help if you refuse to remove any cracked (illegal) program.
Title: How to add attachments to a post
Post by: evilfantasy on January 29, 2008, 07:23:48 PM
How to attach logs in a post

Note: Please copy and paste all logs directly into the reply unless specifically requested by your helper

Save the log to somewhere you can easily find it. (usually the desktop)

To do this, from within the notepad go to the top of the page and select File > Save As... enter the file name and click Save Be sure the desktop is the location selected to save to.
Please save all files as Text Documents (.txt)

Posting the log

1. Below the text box click Additional Options...
1.1  If replying in a thread, before putting text into the reply box select Preview2. Click Browse
3. Locate the file you want to attach and double click it to enter it into the window.
4. If you have more than one log click (more attachments) and a new window will open for adding another log.

If the log is too big to attach.

Upload the file to File Dropper (http://www.filedropper.com/)

Click Upload
Locate the file and double click it.
Copy the link below Link To Share: and post it in your reply.
Title: Re: Read this before requesting malware removal help
Post by: evilfantasy on April 30, 2009, 11:19:49 AM
Self help - Use the Computer Hope HijackThis process tool

The Computer Hope process and log analyzing tool (http://www.computerhope.com/cgi-bin/process.pl) enables any user to quickly and easily search for descriptions and additional information about each of the processes and files running in the background of Microsoft Windows as well as remove some variations of spyware and virus.

All you need to do is install and run HijackThis. How do I use Trend Micro HijackThis? (http://www.computerhope.com/issues/ch001110.htm)

Next visit the Computer Hope process tool (http://www.computerhope.com/cgi-bin/process.pl) and have it analyze your log.

A full guide on how to use the process tool can be found here. How do I use the Computer Hope process tool? (http://www.computerhope.com/issues/ch001109.htm)

For general computer issues or questions that can not be resolved with the above tools please feel free to start a new topic in the appropriate Computer Hope Forum (http://www.computerhope.com/forum/index.php). If it is a spyware or virus issue then please follow the steps in our malware removal guide (http://www.computerhope.com/forum/index.php/topic,46313.0.html) and post the 3 logs in the Virus and spyware removal (http://www.computerhope.com/forum/index.php/board,53.0.html) forum.

If you have any questions please feel free to ask in the Computer Hope Forums (http://www.computerhope.com/forum/index.php).