#1  
Old 08-10-2012, 09:36 AM
Crash Override's Avatar
Crash Override Crash Override is offline
Forum Moderator
 
Join Date: Oct 2002
Location: New York's Capital District
Posts: 6,522
Post Preliminary Cleanup Steps

When posting logs, please copy and paste them. Also be sure to include every single line in the log as ALL the lines are important. It may seem like insignificant information to you, but it really does mean something to those of us who know how to read them.

Credit for the information below goes to our own jholland1964 and MikeN. and PhilliePhan from Daniweb

Please Uninstall any P2P (peer-to-peer) programs from the infected computer before posting in this forum.

P2P software circumvents common-sense security measures and opens a user’s computer to a world of hurt.

Our regular volunteers' time is valuable and most are not willing to waste it on a machine that is almost certain to be re-infected in short order.
So, please remove all P2P software before beginning the cleaning process. Failure to do so may result in your thread being ignored.

This also includes the use of cracked software and/or operating systems. The distribution and use of cracked copies is illegal and will not be tolerated here ever. It is also an easy way to get serious infections on the computer and if your computer is found to be infected because of the use of cracked software you will not receive assistance or further assistance.
***********************


1-Please Download CCleaner (works with ALL operating systems)
http://www.piriform.com/ccleaner
• You can put CCleaner on your Desktop for easy access. Leave it for now.

2 – Download DDS by sUBs and save it to your Desktop (Windows 8 users skip this instruction. DDS is NOT compatible with Windows 8)
. http://download.bleepingcomputer.com/sUBs/dds.exe
• Just leave it there for now.

Now, please begin the Initial Cleaning Process:

3 - Close ALL unnecessary programs including all browsers, all email, all music players, video players, chat programs, etc.

Every extra program that is open during this process can slow or corrupt the cleaning.

The less running the better. When told to use a browser use only ONE browser window.


Cleaning all temp files from the computer helps the scanners by eliminating the necessity of scanning temp files. Temp files are just that, temporary files, not needed and should be removed before the cleaning process begins.

4. -If you are able, RUN CCleaner.
Open CCleaner.
On the Windows Tab place check marks next to the following;

Internet Explorer - Temporary Internet Files

System - Temporary Files, Empty Recycle Bin

On the Applications Tab - place check mark next to Internet Cache of all browsers installed.

*NOTE : If you would like to keep your saved passwords in those browsers, be sure to click No at the prompt.
**There are other less used browsers that also are supported by CCleaner including SeaMonkey, Chrome Plus, SRWare Iron, Pale Moon, Phoenix, Netscape Navigator, Avant, Maxthon and others. While these may not be listed by name their temporary files will be cleaned out when Temporary System Files are cleaned with CCleaner.**
Be sure to Close ALL browsers. Cleaning cannot be done with these programs open.
• Click on the Analyze Button to run CCleaner
• It will scan the computer and then give a list of unnecessary found files.
• Click the Run Cleaner button to remove these.
When this is complete then proceed with the next steps.

5 -Please download Malwarebytes-Antimalware to your Desktop.


http://www.malwarebytes.org/mwb-download/

DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
Windows 2000, XP, Vista, 7, 8 (32-bit and 64-bit). Download, Install, Update. ALWAYS updating FIRST. MBA-M has daily updates, sometimes more than once a day so the rule is, UPDATE, UPDATE, UPDATE, BEFORE each and every scan.

Threat scan ==> This is THE recommended scan from MBA-M. It is a very capable, very comprehensive scan and it looks for malware every place that it might be on the system.
By MBA-M Program default, PUP (Potentially Unwanted Programs) are Not marked for removal, users must read through the list of items found and place check marks next to each of those manually for removal.

Even when malware is found and removed using the Threat scan, MBA-M says that the use of the Custom scan is rarely needed.
Generally only in the case of multiple hard drives and USB devices that have all shown infections on the Threat Scan or if a Rootkit is suspected would the Custom Scan be used.

Custom scan ==> partial or Full scan - depending upon what you choose to scan. The Custom scan REQUIRES users to manually configure what will and won't be scanned and it is very complex to use

Custom Scan is not really for the average user because you have to go through the choices and decide what will and won't be scanned. This type of scan takes an extremely long time and is rarely needed or recommended at this time.

There is also a Hyper Scan listed in the program but this is only available on the Pro version of the program.



6 –Double click that DDS program you saved to your desktop to do the scans and submit DDS Scan Logs along with your post. Be sure follow the instructions below carefully!
• If your AV has a script blocker, please disable it
• DoubleClick on dds.scr to run the tool

* A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
* Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).

• Copy&Paste both the DDS.txt and the DDS Attach.txt into your post for assistance.
Notice I say copy/paste BOTH logs. The Attach.txt log says at the top to attach it, please do not attach it but copy/paste it also

Now post your problems, in as much detail as possible. Any difficulty encountered when running any of these steps please make a note and post that information also. If you receive error messages or any type of message please copy those also, full wording of any messages received will greatly assist helper to work with you to get your problems solved.

All logs MUST be copy/pasted. Due to danger of opening items uploaded from infected computers NO attached logs will be opened. If you do not know or understand how to copy/paste we will be most happy to give instructions, with print screens on how to accomplish this.

(Copy & Paste, not as an attachment unless requested) these requested scanlogs:

MalwareBytes’ Anti-Malware log

BOTH DDS ScanLogs (DDS.txt & Attach.txt)
__________________
Regards,
Crash Override
25+ years as a Computer System Administrator and Technician. (Yeah, I know stuff...LOL)
Da Rules, Learn 'em and Live 'em!
Mike's free security tools
Registry Cleaners are Unnecessary!!!
Reformatting is your last course of action.
System Restore, Don't use it!
Just because it is on Youtube, does not make it true!
Spes mea in Deo est

Last edited by Crash Override; 05-05-2014 at 08:39 AM.
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 03:45 AM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Copyright 2000-2011 WorldStart, Inc