2nd step - I think I am Infected. What do I do?
May 31, 2015 16:09:44 GMT -8
Krusty, toni, and 6 more like this
Post by dbrisen on May 31, 2015 16:09:44 GMT -8
FIRST >>>>
Do Not use advanced tools or any tools used on this board without supervision.
Malware removal can be difficult over a forum as it is, without a user doing their own actions, the tools used are more advanced and thus have added danger that comes with that. This board is protected so that only Malware removers, Admin and Mods can reply to a users thread but all members can create a thread asking for removal of Infection(s)
Make changes to your computer only when the Malware Expert specifically states it. The Malware Experts request specific steps to be followed, as some malware removal requires multiple steps and evaluations along the way. When you take other advice or make other changes, this often negates the work done by the expert, and can sometimes result in an inoperable system.
This also includes any tools or steps other than those the from the Malware Expert. We need to be certain about the state of your system to see what actually is going on, and what is required to fix the system while not harming the rest of the system. Most often, well-intentioned independent efforts can make things much worse. The malware remediation tools are more advanced than other tools, and can often create bigger problems when used without expert guidance.
Follow all the directions in order, and to the end. Please perform all steps in the order they are listed in each set of instructions. As you might imagine, some steps are a bit complicated. If things are not clear, be sure to stop and let the Malware Expert know the problem. We don't mind clarifying a situation, as others might have the same question. If a tool does not run as expected, don't force it. Stop the steps, and update the forum topic with the current situation. It is better stop and let us know, than to force a tool to run and cause bigger problems. Bottom line is, if you are not sure about something, STOP and ASK until you are sure.
Also, when your computer is clean and we are finished, the Expert will tell you we are finished. Malware removal is a process that requires verification, and we want to be sure your system is completely clean before we're done.
When describing your problem, provide as much information as possible, as soon as possible. Explain as best you can what happens with your computer, e.g. it beeps three times, black screen with cursor then goes no further, system gets stuck at the Windows startup logo, etc. This helps the expert to understand what is happening to the system and what may be wrong. If your computer cannot start up successfully please provide details about your installed Windows Operating System, including the Version, Edition and if it is a 32bit or a 64bit system. (e.g. Windows Vista Home Premium 32-bit)
When the user follow instructions and things still go a little haywire, and it does happen, it is up to us to sort the extra problem out.
Take longer to read if your language is not English, so that hopefully it is understood.
>>>>>> Reply stating you have read the post fully. <<<<<<<
SECOND >>>>
- Save ALL Tools to your Desktop-
All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.
Choose Settings. at the bottom of the screen click the "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. 
Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.
Internet Explorer - Click the Tools menu in the upper right-corner of the browser. 
Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then move (Cut and Paste) them to the desktop.
THIRD >>>>
Please download Farbar Recovery Scan Tool 32bit and save it to your Desktop.
Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.
Place both FRST.exe and FRST64.exe onto your desktop from where ever it downloaded to. IF IT IS NOT ON THE DESKTOP (YOU DID NOT DOWNLOAD DIRECTLY TO DESKTOP), THEN RIGHT CLICK ON THE DOWNLOADED FILE AND SELECT CUT. FIND A BLANK SPOT ON YOUR DESKTOP AND RIGHT CLICK ON IT, SELECT PASTE AND THE FILE WILL BE ON THE DESKTOP. Thank You (this is very important later on)!
Start one of the FARBAR tools that are on your Desktop by double clicking on it and answering Yes or Allow to the User Access Prompt that displays (if it does). (Note: If running XP then just double click on the file to run them.)
Only one of the downloaded files will run on your system; that will be the correct version for your system. You can delete the other version.
The tool will start to run. Wait for the tool's status line to say "The tool is ready to use."
Press the Scan button.
It will make two logs (FRST.txt and Addition.txt) on your Desktop. Please attach the logs in your reply back.
Notes:
If your Security software blocks the running or download of FRST / FRST64, please disable the security software or make an exception for this file. FRST is updated very frequently and is safe to run but because of the frequent changes (to keep up with newest malware techniques) most Security Software does not approve of the unknown file.
NOTICE >>>> The forum may not allow anyone to attach or post the FRST.txt or Addition.txt files directly. If you have any problems with this, please use wikisend.com or pastebin.com to upload the file(s) and then post the download link(s) here in your a post in your thread on the malware board. <<<<
NOTICE >>>> Please see the thread 3rd - How to Post to Wikisend.com for details on uploading file to wikisend.com and providing the links. <<<<
LAST >>>>
Go to the Malware Removal (Protected) board and, once viewing the board, click on Create Thread (in the upper right hand corner).
Please give your thread a title that briefly describes your problem (for example, Suspect I have Poweliks or Adware popups in Chrome).
In the body of the post, give details that you can.
Please post the links to any files posted on wikisend.com or pastebin.com in the end of the post body.
Do Not use advanced tools or any tools used on this board without supervision.
Malware removal can be difficult over a forum as it is, without a user doing their own actions, the tools used are more advanced and thus have added danger that comes with that. This board is protected so that only Malware removers, Admin and Mods can reply to a users thread but all members can create a thread asking for removal of Infection(s)
Make changes to your computer only when the Malware Expert specifically states it. The Malware Experts request specific steps to be followed, as some malware removal requires multiple steps and evaluations along the way. When you take other advice or make other changes, this often negates the work done by the expert, and can sometimes result in an inoperable system.
This also includes any tools or steps other than those the from the Malware Expert. We need to be certain about the state of your system to see what actually is going on, and what is required to fix the system while not harming the rest of the system. Most often, well-intentioned independent efforts can make things much worse. The malware remediation tools are more advanced than other tools, and can often create bigger problems when used without expert guidance.
Follow all the directions in order, and to the end. Please perform all steps in the order they are listed in each set of instructions. As you might imagine, some steps are a bit complicated. If things are not clear, be sure to stop and let the Malware Expert know the problem. We don't mind clarifying a situation, as others might have the same question. If a tool does not run as expected, don't force it. Stop the steps, and update the forum topic with the current situation. It is better stop and let us know, than to force a tool to run and cause bigger problems. Bottom line is, if you are not sure about something, STOP and ASK until you are sure.
Also, when your computer is clean and we are finished, the Expert will tell you we are finished. Malware removal is a process that requires verification, and we want to be sure your system is completely clean before we're done.
When describing your problem, provide as much information as possible, as soon as possible. Explain as best you can what happens with your computer, e.g. it beeps three times, black screen with cursor then goes no further, system gets stuck at the Windows startup logo, etc. This helps the expert to understand what is happening to the system and what may be wrong. If your computer cannot start up successfully please provide details about your installed Windows Operating System, including the Version, Edition and if it is a 32bit or a 64bit system. (e.g. Windows Vista Home Premium 32-bit)
When the user follow instructions and things still go a little haywire, and it does happen, it is up to us to sort the extra problem out.
Take longer to read if your language is not English, so that hopefully it is understood.
>>>>>> Reply stating you have read the post fully. <<<<<<<
SECOND >>>>
- Save ALL Tools to your Desktop-
All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then move (Cut and Paste) them to the desktop.
THIRD >>>>
Please download Farbar Recovery Scan Tool 32bit and save it to your Desktop.
Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.
Place both FRST.exe and FRST64.exe onto your desktop from where ever it downloaded to. IF IT IS NOT ON THE DESKTOP (YOU DID NOT DOWNLOAD DIRECTLY TO DESKTOP), THEN RIGHT CLICK ON THE DOWNLOADED FILE AND SELECT CUT. FIND A BLANK SPOT ON YOUR DESKTOP AND RIGHT CLICK ON IT, SELECT PASTE AND THE FILE WILL BE ON THE DESKTOP. Thank You (this is very important later on)!
Start one of the FARBAR tools that are on your Desktop by double clicking on it and answering Yes or Allow to the User Access Prompt that displays (if it does). (Note: If running XP then just double click on the file to run them.)
Only one of the downloaded files will run on your system; that will be the correct version for your system. You can delete the other version.
The tool will start to run. Wait for the tool's status line to say "The tool is ready to use."
Press the Scan button.
It will make two logs (FRST.txt and Addition.txt) on your Desktop. Please attach the logs in your reply back.
Notes:
If your Security software blocks the running or download of FRST / FRST64, please disable the security software or make an exception for this file. FRST is updated very frequently and is safe to run but because of the frequent changes (to keep up with newest malware techniques) most Security Software does not approve of the unknown file.
NOTICE >>>> The forum may not allow anyone to attach or post the FRST.txt or Addition.txt files directly. If you have any problems with this, please use wikisend.com or pastebin.com to upload the file(s) and then post the download link(s) here in your a post in your thread on the malware board. <<<<
NOTICE >>>> Please see the thread 3rd - How to Post to Wikisend.com for details on uploading file to wikisend.com and providing the links. <<<<
LAST >>>>
Go to the Malware Removal (Protected) board and, once viewing the board, click on Create Thread (in the upper right hand corner).
Please give your thread a title that briefly describes your problem (for example, Suspect I have Poweliks or Adware popups in Chrome).
In the body of the post, give details that you can.
Please post the links to any files posted on wikisend.com or pastebin.com in the end of the post body.