Preliminary Cleanup Steps
When posting logs, please copy and paste them. Also be sure to include every single line in the log as ALL the lines are important. It may seem like insignificant information to you, but it really does mean something to those of us who know how to read them.
Credit for the information below goes to our own jholland1964 and MikeN. and PhilliePhan from Daniweb
Please Uninstall any P2P (peer-to-peer) programs from the infected computer before posting in this forum.
P2P software circumvents common-sense security measures and opens a user’s computer to a world of hurt.
Our regular volunteers' time is valuable and most are not willing to waste it on a machine that is almost certain to be re-infected in short order.
So, please remove all P2P software before beginning the cleaning process. Failure to do so may result in your thread being ignored.
This also includes the use of cracked software and/or operating systems. The distribution and use of cracked copies is illegal and will not be tolerated here ever. It is also an easy way to get serious infections on the computer and if your computer is found to be infected because of the use of cracked software you will not receive assistance or further assistance.
1-Please Download CCleaner (works with ALL operating systems)
• You can put CCleaner on your Desktop for easy access. Leave it for now.
2 – Download DDS by sUBs and save it to your Desktop (Windows 8 users skip this instruction. DDS is NOT compatible with Windows 8)
• Just leave it there for now.
Now, please begin the Initial Cleaning Process:
3 - Close ALL unnecessary programs including all browsers, all email, all music players, video players, chat programs, etc.
Every extra program that is open during this process can slow or corrupt the cleaning.
The less running the better. When told to use a browser use only ONE browser window.
Cleaning all temp files from the computer helps the scanners by eliminating the necessity of scanning temp files. Temp files are just that, temporary files, not needed and should be removed before the cleaning process begins.
4. -If you are able, RUN CCleaner.
On the Windows Tab place check marks next to the following;
Internet Explorer - Temporary Internet Files
System - Temporary Files, Empty Recycle Bin
On the Applications Tab - place check mark next to Internet Cache of all browsers installed.
*NOTE : If you would like to keep your saved passwords in those browsers, be sure to click No at the prompt.
**There are other less used browsers that also are supported by CCleaner including SeaMonkey, Chrome Plus, SRWare Iron, Pale Moon, Phoenix, Netscape Navigator, Avant, Maxthon and others. While these may not be listed by name their temporary files will be cleaned out when Temporary System Files are cleaned with CCleaner.**
Be sure to Close ALL browsers. Cleaning cannot be done with these programs open.
• Click on the Analyze Button to run CCleaner
• It will scan the computer and then give a list of unnecessary found files.
• Click the Run Cleaner button to remove these.
When this is complete then proceed with the next steps.
5 -Please download Malwarebytes-Antimalware to your Desktop.
DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
Windows 2000, XP, Vista, 7, 8 (32-bit and 64-bit). Download, Install, Update. ALWAYS updating FIRST. MBA-M has daily updates, sometimes more than once a day so the rule is, UPDATE, UPDATE, UPDATE, BEFORE each and every scan.
Threat scan ==> This is THE recommended scan from MBA-M. It is a very capable, very comprehensive scan and it looks for malware every place that it might be on the system.
By MBA-M Program default, PUP (Potentially Unwanted Programs) are Not marked for removal, users must read through the list of items found and place check marks next to each of those manually for removal.
Even when malware is found and removed using the Threat scan, MBA-M says that the use of the Custom scan is rarely needed.
Generally only in the case of multiple hard drives and USB devices that have all shown infections on the Threat Scan or if a Rootkit is suspected would the Custom Scan be used.
Custom scan ==> partial or Full scan - depending upon what you choose to scan. The Custom scan REQUIRES users to manually configure what will and won't be scanned and it is very complex to use
Custom Scan is not really for the average user because you have to go through the choices and decide what will and won't be scanned. This type of scan takes an extremely long time and is rarely needed or recommended at this time.
There is also a Hyper Scan listed in the program but this is only available on the Pro version of the program.
6 –Double click that DDS program you saved to your desktop to do the scans and submit DDS Scan Logs along with your post. Be sure follow the instructions below carefully!
• If your AV has a script blocker, please disable it
• DoubleClick on dds.scr to run the tool
* A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
* Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).
• Copy&Paste both the DDS.txt and the DDS Attach.txt into your post for assistance.
Notice I say copy/paste BOTH logs. The Attach.txt log says at the top to attach it, please do not attach it but copy/paste it also
Now post your problems, in as much detail as possible. Any difficulty encountered when running any of these steps please make a note and post that information also. If you receive error messages or any type of message please copy those also, full wording of any messages received will greatly assist helper to work with you to get your problems solved.
All logs MUST be copy/pasted. Due to danger of opening items uploaded from infected computers NO attached logs will be opened. If you do not know or understand how to copy/paste we will be most happy to give instructions, with print screens on how to accomplish this.
(Copy & Paste, not as an attachment unless requested) these requested scanlogs:
MalwareBytes’ Anti-Malware log
BOTH DDS ScanLogs (DDS.txt & Attach.txt)
25+ years as a Computer System Administrator and Technician. (Yeah, I know stuff...LOL)
Da Rules, Learn 'em and Live 'em!
Mike's free security tools
Registry Cleaners are Unnecessary!!!
Reformatting is your last course of action.
System Restore, Don't use it!
Just because it is on Youtube, does not make it true!
Spes mea in Deo est
Last edited by Crash Override; 05-05-2014 at 08:39 AM.