Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Infected! the horror..

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Infected! the horror..

Unread postby EZSundayAM » June 22nd, 2011, 3:04 pm

Thanks!!

1) I got the results (below) from look.
2) Backed up registry with ERUNT
3) Ran OTM.exe

FYI: OTM needed to restart my machine, so I couldn't copy from the Results window,
but the .log file (below) was easily found as you described.

My machine seems to be running perfectly! It's faster than I ever remember it, and zero errors lately.

Standing by..

--------------------------------------------------
look.txt

Volume in drive C has no label.
Volume Serial Number is 2A9F-C34D

Directory of c:\program files\Antivrus

06/08/2011 08:52 AM <DIR> .
06/08/2011 08:52 AM <DIR> ..
06/08/2011 08:52 AM <DIR> Trend Micro
0 File(s) 0 bytes

Directory of c:\program files\Antivrus\Trend Micro

06/08/2011 08:52 AM <DIR> .
06/08/2011 08:52 AM <DIR> ..
06/08/2011 08:54 AM <DIR> HiJackThis
0 File(s) 0 bytes

Directory of c:\program files\Antivrus\Trend Micro\HiJackThis

06/08/2011 08:54 AM <DIR> .
06/08/2011 08:54 AM <DIR> ..
03/25/2010 06:42 PM 388,096 HiJackThis.exe
1 File(s) 388,096 bytes

Total Files Listed:
1 File(s) 388,096 bytes
8 Dir(s) 4,571,955,200 bytes free




--------------------------------------------------
OTM.exe

All processes killed
========== FILES ==========
c:\users\cmack\appdata\local\BIT76C4.tmp moved successfully.
c:\users\cmack\appdata\local\BITFC6D.tmp moved successfully.
C:\Users\Cmack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I2VHFTM3\winamp5572_full_emusic-7plus_en-us[1].exe moved successfully.
C:\Users\Cmack\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\532f4a01-640c1b0b moved successfully.
C:\Users\Cmack\AppData\Roaming\53F86A63F5D4F100F6889BC00BC54BC1 folder moved successfully.
C:\Windows\System32\dll moved successfully.
F:\Downloads\@Apps\Miro_Installer.exe moved successfully.
F:\from 500p1\Apps\@Media.Players\WinAmp\winamp5572_full_emusic-7plus_en-us.exe moved successfully.
F:\from 500p1\Projects\KBwM\Reference.GPS\GPS Pack.rar moved successfully.
F:\from 500p1\Self\Self Help\SelfHelp.Tony Robbins\Make Money Doing What You Love [Tony Robbins, T Harv Eker, Robert Kiyosaki, Bob Proctor]\Online Texas Holdem Poker Players CP\ProCalculatem.exe moved successfully.
========== COMMANDS ==========
Restore point Set: OTM Restore Point
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Cmack
->Temp folder emptied: 49928859 bytes
->Temporary Internet Files folder emptied: 81924833 bytes
->Java cache emptied: 81024 bytes
->FireFox cache emptied: 69732849 bytes
->Google Chrome cache emptied: 20058893 bytes
->Flash cache emptied: 10153 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1196885 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 161197925 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 125142 bytes
RecycleBin emptied: 105855078 bytes

Total Files Cleaned = 467.00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 06222011_144549
EZSundayAM
Active Member
 
Posts: 9
Joined: June 8th, 2011, 1:23 pm
Advertisement
Register to Remove

Re: Infected! the horror..

Unread postby Jack&Jill » June 22nd, 2011, 11:03 pm

Hello EZSundayAM :),

Congratulations, you are All Clear to go. Glad to hear everything is good and running :). If you have any more problems, please let me know.

Now we need to clear out the programs we have been using to clean up your computer. They are not suitable for general malware removal and could cause damage if used inappropriately.
  • Run OTM by double clicking on OTM.exe. Click on CleanUp, proceed to reboot if prompted.
  • Delete the TDSSKiller and GMER (28vhkfi0.exe) files on your desktop.
  • Delete any logs on the desktop.

Some tips to help you stay clean and safe:

1. Keep your Windows up to date. Enable Automatic Updates for Windows Vista to always update the latest security patches from Microsoft, or you can download from the Microsoft website. Otherwise, your computer will be vulnerable to new exploits or malwares.

2. Purge System Restore, for this one time only. A recovery feature will only be useful if it is clean from malwares. See Windows Vista System Restore Guide for some detail explanations.

3. Update your Antivirus program regularly, it is a must for constant protection against viruses. If you do not have one, Microsoft Security Essentials and Avast are some great and free antivirus programs that you can try. For paid versions, Avast, ESET NOD32 and Kaspersky are some good options. Please keep only one AV installed.

4. Install Malwarebytes' Anti-Malware if you haven't and use it occasionally. It is a new and powerful anti-malware tool, totally free but for real-time protection you will have to pay a small one-time fee.

5. Install WinPatrol, a great protection program that helps you monitor for unwanted files or applications. If you choose WinPatrol, please uninstall Spybot.

6. Use a hosts file to block the access of bad sites from your computer. Get yourself a MVPS Hosts for this purpose.

7. Install Web of Trust (WOT). WOT keeps you from dangerous websites with warnings and blockings.

8. Protect your computer from removable or USB drive infections with Panda USB Vaccine, an effective method to prevent malware from spreading.

9. Keep all your softwares updated. Visit Secunia Software Inspector to find out if any updates required.

10. Also look up:
Computer Security - a short guide to staying safer online
PC Safety and Security - What Do I Need? By Glaswegian
How to prevent malware: By miekiemoes
So how did I get infected in the first place? By Tony Klein
Microsoft Online Safety

Stay safe.

If you have been helped and wish to donate to support this volunteer site, go to Donations For Malware Removal.
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Infected! the horror..

Unread postby EZSundayAM » June 24th, 2011, 10:35 pm

Thank you very much!!! I cleared up the stuff we used, uninstalled Spybot, and installed WinPatrol. I'm definitely going to follow the other recommendations such as MVPS Hosts and WOT this weekend. I also deleted my old restore files and created a new one while my machine is squeaky clean. I really really appreciate your help!! Thanks a million!
EZSundayAM
Active Member
 
Posts: 9
Joined: June 8th, 2011, 1:23 pm

Re: Infected! the horror..

Unread postby Jack&Jill » June 25th, 2011, 11:13 am

My pleasure :D .

Take care.
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Infected! the horror..

Unread postby Gary R » June 28th, 2011, 1:38 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 465 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware