[lynn777]

Hi, I'm new so excuse my lack of knowledge. My lap top (am using the home pc at the moment) has a 'shield' box popping up saying I've been infected. My clam av software says the virus has neen quarantined but I haven't a clue what to do now. Have asked a friend of mine to help but he wants to take my lap top and sort it from his home. Question - can he see my history even though I've cleared it? Will he have access to anything I don't want him to find? Your help very much appreciated.

[Advertisements]

Hello lynn777 and welcome to G2G!

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:

• Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
• Absence of symptoms does not always mean the computer is clean
• Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
• Please DO NOT run any scans or fix on your own without my direction.
• Please read all of my response through at least once before attempting to follow the procedures described.
• If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
• You must reply within 3 days or your topic will be closed

We can sort it here if you like. Here is what you need to do for me.

Step 1

We will need your clean PC and USB memory to download and transfer tools to infected PC. First we need to disinfect your USB memory so you can transfer files and not get infected.

Do this on the clean computer:

• 1 - Flash Drive Disinfector
  Download Flash_Disinfector.exe by sUBs from here and save it to your desktop.
  
• Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
• The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
• Wait until it has finished scanning and then exit the program.
• Reboot your computer when done.
  
  Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you run it. Don't delete this folder...it will help protect your drives from future infection.

Step 2

We need to disable malware processes on your system first

• Download TheKiller to your Desktop
• Note that TheKiller is renamed as explorer.exe
• Run it by double click (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
• Press OK button after program finish
• Do not restart your system after this step

NOTE: If malware blocks TheKiller from running please try to run it several more times

Step 3

Download OTL to your Desktop

• Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
  . Make sure all other windows are closed and to let it run uninterrupted.
  
• Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 4

Please don't forget to include these items in your reply:

• OTL log
• OTL Extras log

It would be helpful if you could post each log in separate post

[maliprog]

Hello lynn777 and welcome to G2G!

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:

• Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
• Absence of symptoms does not always mean the computer is clean
• Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
• Please DO NOT run any scans or fix on your own without my direction.
• Please read all of my response through at least once before attempting to follow the procedures described.
• If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
• You must reply within 3 days or your topic will be closed

We can sort it here if you like. Here is what you need to do for me.

Step 1

We will need your clean PC and USB memory to download and transfer tools to infected PC. First we need to disinfect your USB memory so you can transfer files and not get infected.

Do this on the clean computer:

• 1 - Flash Drive Disinfector
  Download Flash_Disinfector.exe by sUBs from here and save it to your desktop.
  
• Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
• The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
• Wait until it has finished scanning and then exit the program.
• Reboot your computer when done.
  
  Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you run it. Don't delete this folder...it will help protect your drives from future infection.

Step 2

We need to disable malware processes on your system first

• Download TheKiller to your Desktop
• Note that TheKiller is renamed as explorer.exe
• Run it by double click (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
• Press OK button after program finish
• Do not restart your system after this step

NOTE: If malware blocks TheKiller from running please try to run it several more times

Step 3

Download OTL to your Desktop

• Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
  . Make sure all other windows are closed and to let it run uninterrupted.
  
• Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 4

Please don't forget to include these items in your reply:

• OTL log
• OTL Extras log

It would be helpful if you could post each log in separate post

[lynn777]

Hi, thanks for your help but your instructions just don't make much sense to me as I'm just not computer literate. I'm tempted to hand it to my friend as have been quoted £50 to get it fixed by someone else and to be honest I can't afford that. Will my friend be able to see my history or more importantly - will he be able to see any photos I've downloaded although I've cleared them? Nothing bad there, just something that may touch a nerve. Thanks.

[maliprog]

It's up to you but our instructions can follow everybody who can write to this forum and knows how to copy and paste text.

If you want to be sure here is one Free History cleaner for you - Download History cleaner

Please let me know if you no longer need our help so I can close this topic.

[lynn777]

I appreciate your help but I don't even understand your first instruction saying I need to do this on my clean computer. How do I get it clean? I didn't do computers at school - we only had typewriters!!! lol And how do I install the history cleaner when the virus pop ups are hogging my screen and I'm unable to do anything let alone get onto this site from my lap top.

[maliprog]

I understand your position. You just have to trust him... there is no way you can be sure. Other way is to take your PC to local PC repair shop. They guarantee you privacy and I think you'll get your PC cleaned much cheaper. I think 50 pounds is to much ...at least from where I come

Please check local PC repair shop and ask them for price.

[maliprog]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.