Preparation guide for malware removal

This forum is committed to providing assistance to remove spyware, adware, trojans, worms, and other forms of malware.

Preparation guide for malware removal

Postby malwarekiller » 2012-03-06 5:16


This is an information only topic ~ Do not post logs or ask for help here
To get assistance create a new topic in the Virus and Worms forum


I work here: http://community.trendmicro.com/t5/Malware-Discussions/bd-p/malware

[*]Download RogueKiller and save it on your desktop.
http://www.geekstogo.com/forum/files/file/413-roguekiller/
[*]Quit all programs
[*]Start RogueKiller.exe.
[*]Wait until Prescan has finished ...
[*]Click on Scan

Image

[*]Wait for the end of the scan.
[*]The report has been created on the desktop.
[*]Click on the Delete button.

Image

[*]The report has been created on the desktop.
[*]Next click on the ShortcutsFix

Image

The report has been created on the desktop.
Please post:

All RKreport logs located on your desktop.


NEXT


[*]Download OTL to your Desktop.
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[*]Select All Users
[*]Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
explorer.exe
netbt.sys
atapi.sys
volsnap.sys
redbook.sys
lsi_sas.sys
lsi_scsi.sys
cdrom*
tcpip.sys
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
C:\Windows\assembly\tmp\U\*.* /s
C:\Program Files\Common Files\ComObjects\*.* /s
CREATERESTOREPOINT


[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]attach both logs


NEXT

[*]Download aswmbr.exe ( 1.8mb ) to your desktop.
http://public.avast.com/~gmerek/aswMBR.htm
[*]Double click the aswMBR.exe to run it Click the "Scan" button to start scan.

Image

Click the [Scan] button to start scan

Image

On completion of the scan click [Save log], save it to your desktop and post in your next reply
Last edited by malwarekiller on 2012-03-06 5:53, edited 3 times in total.
UNITE AGAINST MALWARE.
malwarekiller
Member

Member
 
Posts: 8
Joined: 2012-03-06 5:00

Re: Preparation guide for malware removal

Postby 1234avast » 2012-03-06 5:19

awesome and welcome to the forums :) and Rats and other forum users note that this is a malware removal expert he is qualified and is willing to help out in the forums :) a very good friend of mine
avast! Free Antivirus * Anvi Smart Defender * Comodo Firewall with Defense+
1234avast
Regular Member

Regular Member
 
Posts: 98
Joined: 2012-01-25 22:13

Re: Preparation guide for malware removal

Postby malwarekiller » 2012-03-06 5:21

thanks for welcome message!
UNITE AGAINST MALWARE.
malwarekiller
Member

Member
 
Posts: 8
Joined: 2012-03-06 5:00

Re: Preparation guide for malware removal

Postby Rats » 2012-03-06 7:51

Hi malwarekiller
Welcome to the forum :D

Its always good to have some more help at hand, :D

I must make it clear to the forum users that tools such as RogueKiller and OTL / aswmbr.exe should
only be used in supervision, as inexperienced users can make mistakes with such, and inadvertently damage
their OS.. :|
User avatar
Rats
Advanced Member

Advanced Member
 
Posts: 249
Joined: 2012-01-10 9:28
Location: 42 Evergreen Terrace

Re: Preparation guide for malware removal

Postby 1234avast » 2012-03-06 8:44

believe me rats he is really really experienced and have dealt and cured malware as deadly as you can imagine the tools are deadly but he knows how to use it... his been helping out in the trend micro forums and they accepted him :) defeated a TDL4 botnet which denies access to safe mode... attacks mbr and does not even allow to run OTL and the other tools trust me rats he will do a very good job in the forum malware removal section :)
avast! Free Antivirus * Anvi Smart Defender * Comodo Firewall with Defense+
1234avast
Regular Member

Regular Member
 
Posts: 98
Joined: 2012-01-25 22:13

Re: Preparation guide for malware removal

Postby malwarekiller » 2012-03-06 10:26

Hi u can look at the cases i attend look here:
http://community.trendmicro.com/t5/Malware-Discussions/TROJ-ZACCESS-CQJ/td-p/65582
UNITE AGAINST MALWARE.
malwarekiller
Member

Member
 
Posts: 8
Joined: 2012-03-06 5:00

Re: Preparation guide for malware removal

Postby Rats » 2012-03-06 12:48

I am aware of malwarekiller's work on Trend Community Malware Discussions forum

And I was not Doubting his ability or work ethic. I don't just mod and post here people :mrgreen:

I was simply stating that users should not run these programs by them self's
cos there's one or 2 idiots who will without supervision run such program's and the damage their OS

As for malware removal here there is not so much of it at the min,

I am happy if malwarekiller wish's to help out in the forum :mrgreen: provided Ivy or Anvisoft has no objections

please remember that all help forums work differently and are run differently and Ivy and my self have final say on this forum
User avatar
Rats
Advanced Member

Advanced Member
 
Posts: 249
Joined: 2012-01-10 9:28
Location: 42 Evergreen Terrace

Re: Preparation guide for malware removal

Postby malwarekiller » 2012-03-07 0:45

No problem! Rats as it is i see this forum is silent at current point i will keep monitoring if anybody needs help
UNITE AGAINST MALWARE.
malwarekiller
Member

Member
 
Posts: 8
Joined: 2012-03-06 5:00

Re: Preparation guide for malware removal

Postby 1234avast » 2012-03-07 3:34

OTL roguekiller and other advanced tools kmust not be simply used as play toys.... one error=unfunctional
avast! Free Antivirus * Anvi Smart Defender * Comodo Firewall with Defense+
1234avast
Regular Member

Regular Member
 
Posts: 98
Joined: 2012-01-25 22:13

Re: Preparation guide for malware removal

Postby aurora » 2012-03-08 9:24

I totally agree do not want any greenhorn ( rookie) using either of those. They could easily Brick your System.
aurora
Regular Member

Regular Member
 
Posts: 134
Joined: 2012-02-11 16:53

Next

Return to Malware Removal Assistance

Random Threads
ThreadThread StarterViews
Help needed! Police E-Crime virus problem?Gabays5502
Ceannaigh Mont Blanc Cufflinks Store Ar Líne Díolnfernandesher0
Politite locked my computer; I need to pay the fine via Ukash to unlock my computersalman6520
How to remove TrojanDownloader:VBS/Psyme.Y?Ethen3240
I cannot remove answers.nixxie.com virus from my computer, please help me?!brayden6066

Who is online

Users browsing this forum: No registered users