8-step Viruses/Spyware/Malware Preliminary Removal Instructions

UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions - TechSpot OpenBoards

Step 1

Temporarily Disable Real Time Monitoring Programs

This is because some real time protection programs can interfere with any fixes we are trying to run.

Once your system is clean, you are advised to turn the protection back on.

See these instructions on how to disable some of the more common real time monitoring programs. Thanks to CastleCops for the info.

If you have other protection that may need disabled feel free to ask in your thread in the security section.

=========================================================

Step 2

If you're NOT running any antivirus or firewall software, you should install some ASAP If you already have an Anti-virus program - please be sure to check for updates and run a full scan of your system - Please note anything that it finds in your thread.

Recommended Free Anti Virus:
AVG
Avira Free
Avast Free

Recommended Free Firewall:
Comodo
Zonealarm

=======================================================

Step 3

CCleaner

* Please download from HERE
* Close all browsers.
* Run the programme and make sure all the boxes are ticked under the Windows and Applications tabs, including "Advanced" tabs(except for the Old prefetch Data option, this should be unticked)
* Click the run cleaner button.
* Do this a few times


=======================================================

Step 4

Malwarebytes' Anti-Malware

* Please download Malwarebytes' Anti-Malware from from Here or Here
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to
o Update Malwarebytes' Anti-Malware
o and Launch Malwarebytes' Anti-Malware
* then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. please attach this log with your reply
o If you accidently close it, the log file is saved here and will be named like this:
o C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


======================================================

Step 5

SuperAntiSpyware Home Edition Free Version

* Please download SuperAntiSpyware from HERE
* Launch SuperAntiSpyware and click on 'Check for updates'.
* Wait for the updates to be installed
* On the main screen click on 'Scan your computer'.
* Check: 'Perform Complete Scan then Click 'Next' to start the scan.
* Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
* Make sure everything found has a checkmark next to it,then press 'Next'.
* Click on 'Finish' when you've done.

It's possible that the program will ask you to reboot in order to delete some files.

Obtain the SuperAntiSpyware log as follows:
Click on 'Preferences'.
Click on the 'Statistics/Logs' tab.
Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
It will then open in your default text editor,such as Notepad.
Attach the notepad file here on your reply


=======================================================

Step 6

Update your Java Runtime Environment

Many types of malware like to exploit out of date Java versions!

* First Verify that your version is up to date by clicking HERE

If you need to update your version:
* Click Start -> Control Panel -> Double click Java
* Select the Update Tab at the top of the Java console
* Click the Check for Updates button at the bottom
* When it finds the newer version - Follow the on screen instructions (uncheck the yahoo toolbar option)
* After it installs the newest version Go back to Start -> Control Panel -> Add/remove programs (programs and features in vista)
* Uninstall any older versions of Java except the most current update that you just installed


You can manually install the most recent version of Java through this link -> Java Runtime Environment Make sure to scroll down to Java Runtime Environment

=======================================================

Step 7

Hijackthis Instructions

* Only do this step after completing the previous steps
* Make sure you have the LATEST version of HJT (currently v2.0.2) it can be downloaded from HERE
* Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
* After installing, the program launches automatically, select Scan now and save a log
* After the scan is complete please attach your logs onto the forums


==========================================================

Step 8

Attach the requested logs
1) Malwarebytes Anti Malware log
2) SuperAntiSpyware log
3) Hijackthis log

Attachment Instructions

* ONLY attach .txt or .log files; we will NOT read other files (such as .doc) due to the risk of viruses etc.
* We strongly discourage you from copying and pasting the logs in your posts, unless if you have trouble with attaching them.
* To attach a log click on New Thread (or use Post Reply in an existing thread).
* Scroll down until you see a button Manage Attachments. Click on that and a popup-window opens.
* Click on the Browse button, find the requested log file, and doubleclick on it.
* Now click on the Upload button in the popup. When done, click on the Close this window button.
* Please Note: you can attach more than one file to a post by repeating the above steps.


!!!Also remember to tell us any symptoms that you may be having !!!
__________________
Julio Franco
Executive Editor
Last edited by momok; 09-11-2008 at 02:37 PM. Reason: updated; instructions have been streamlined
TechSpot ONE
CPU: Intel Core 2 Quad Q6600
Mobo: Abit P35-based
Mem: 4GB DDR2
Video: Radeon 4870
HDD: 150GB 10k RPM, 500GB NAS
Sound: Logitech Z10
OS: Windows Vista
Julio
View Public Profile
Visit Julio's homepage!
Find all posts by Julio
See Julio's picture uploads
#2
Old 05-06-2008, 12:51 PM
Julio's Avatar
Julio Julio is offline
TechSpot Elite

Location: Ecuador
Member since: Feb 2002, 4,059 posts
System specs
Changelog:

* Many, many changes before writing this.
* Step 6, contributed by Blind Dragon. Updated AVG AS for SuperAntiSpyware OR Malwarebytes' Anti-Malware.