22:25
LazyHacker
This nasty “Windows Restore” infection will hide all files and shortcuts on your computer from being seen. To make your files and shortcuts visible again, you can download the following very handy program to your desktop:
Download from Bleepingcomputer: Unhide
When you have downloaded the program do the following:
Double-click the Unhide.exe file on your desktop and allow the program to run. The program removes the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Next step is to prevent this from happening again:
Step 1
Download RogueKiller to your desktop.
1. Make sure no programs are running.
2. Right click RogueKiller.exe -> Run as administrator -> Press Yes.
3. When prompted, type 2 to validate and remove infections found.
4. The validation report – RKreport.txt will be generated on the desktop.
5. Keep running the program if it is blocked. If you can’t make the program run -> Rename it to winlogon.exe and try again.
Step 2
1. Download OTL to your desktop.
2. Double-Click “OTL.exe” (Make sure no programs are running)
3. In the emty box under Custom Scans/Fixes, paste the following text:
4. Click “Run Fix” at top left.
5. Let the program finish, reboot afterwards.
Step 3
1. Download Malwarebytes’ Anti-Malware, from the following location: Download Link (Note the download location)
2. When finish downloading, Save and close all open programs and browsers -> Double-click the downloaded file “mbam-setup.exe” to begin installation
3. Click continue and use the default settings through installation and when installation has finished make sure you leave both the – Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware checked -> Click Finish
4. Malwarebytes will now start and you will see a message stating that you should update the program before performing a scan. As Malwarebytes will automatically update itself after the install, you can press the OK button to close that box.
5. On the Scanner tab -> choose “Full system scan”
Malwarebytes will then scan your computer for spyware. The scan can take a long time, So I recommend you to do something else while scanning.
6. When the scan has finished click the “Show results” button -> A window displaying all the Malware found will be shown -> Click “Remove Selected” and Malwarebytes will start clean all the Spyware. Once the removal is done -> Press OK to restart
7. After restart your computer is now free of all Malware and Spyware
Step 4
Another very useful tool to remove virus and malware is Norton Power Eraser. It a free tool/file you donwload and scan your computer with, so if you have any concern that your computer is infected, here is a guide how to use NPE:
1. Download Norton Power Eraser
2. Click Save to Desktop
3. To run Norton Power Eraser, double click the NPE.exe file.
4. Click Accept on License Agreement.
(If your Norton Power Eraser version is not current, you need to download the latest version)
5. In the Norton Eraser Power Eraser window, click the arrow mark next to Scan, and then click System Scan – > Next to Include Rootkit Scan, click Restart.
6. After the computer is restarted, the scan starts automatically – > Wait for the scan to complete -> When Norton Power Eraser completes the scan, it displays the scan results under two categories; Detected and Suspected. The Detected section shows items that Norton Power Eraser considers risks, recommending that they be removed. The Suspected section shows items that require further review. Do one of the following depending on your situation.
7. If you see No Risks Found, Norton Power Eraser did not detect any risks on your computer. Click OK to exit.
8. If you see any files listed under Detected, the check box under Fix will be checked automatically. It is recommended to remove these files -> Click Fix.
Step 5
If you can’t run or are not allowed to run the above programs because your computer is infected, try the following online scanner:
Run the free online scanner called ESET Online Scanner
Note: You need to use Internet Explorer for this scan.
Check the box next to “YES”, I accept the Terms of Use -> Click Start
When asked, allow the ActiveX control to install -> Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked -> Click Scan
Wait for the scan to finish -> Any infections found have now been removed.
You shoul now proceed to run Malwarebytes and Norton Power Eraser!
If you followed this guide, your computer is not only Malware clean but also clean from any harmful stuff! So use Norton Power Eraser and Malwarebytes, because they are powerful and free. Use the programs whenever you feel like!
Download from Bleepingcomputer: Unhide
When you have downloaded the program do the following:
Double-click the Unhide.exe file on your desktop and allow the program to run. The program removes the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Next step is to prevent this from happening again:
Step 1
Download RogueKiller to your desktop.
1. Make sure no programs are running.
2. Right click RogueKiller.exe -> Run as administrator -> Press Yes.
3. When prompted, type 2 to validate and remove infections found.
4. The validation report – RKreport.txt will be generated on the desktop.
5. Keep running the program if it is blocked. If you can’t make the program run -> Rename it to winlogon.exe and try again.
Step 2
1. Download OTL to your desktop.
2. Double-Click “OTL.exe” (Make sure no programs are running)
3. In the emty box under Custom Scans/Fixes, paste the following text:
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\RunOnceEx: [] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
[2009/10/20 19:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]
4. Click “Run Fix” at top left.
5. Let the program finish, reboot afterwards.
Step 3
1. Download Malwarebytes’ Anti-Malware, from the following location: Download Link (Note the download location)
2. When finish downloading, Save and close all open programs and browsers -> Double-click the downloaded file “mbam-setup.exe” to begin installation
3. Click continue and use the default settings through installation and when installation has finished make sure you leave both the – Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware checked -> Click Finish
4. Malwarebytes will now start and you will see a message stating that you should update the program before performing a scan. As Malwarebytes will automatically update itself after the install, you can press the OK button to close that box.
5. On the Scanner tab -> choose “Full system scan”
Malwarebytes will then scan your computer for spyware. The scan can take a long time, So I recommend you to do something else while scanning.
6. When the scan has finished click the “Show results” button -> A window displaying all the Malware found will be shown -> Click “Remove Selected” and Malwarebytes will start clean all the Spyware. Once the removal is done -> Press OK to restart
7. After restart your computer is now free of all Malware and Spyware
Step 4
Another very useful tool to remove virus and malware is Norton Power Eraser. It a free tool/file you donwload and scan your computer with, so if you have any concern that your computer is infected, here is a guide how to use NPE:
1. Download Norton Power Eraser
2. Click Save to Desktop
3. To run Norton Power Eraser, double click the NPE.exe file.
4. Click Accept on License Agreement.
(If your Norton Power Eraser version is not current, you need to download the latest version)
5. In the Norton Eraser Power Eraser window, click the arrow mark next to Scan, and then click System Scan – > Next to Include Rootkit Scan, click Restart.
6. After the computer is restarted, the scan starts automatically – > Wait for the scan to complete -> When Norton Power Eraser completes the scan, it displays the scan results under two categories; Detected and Suspected. The Detected section shows items that Norton Power Eraser considers risks, recommending that they be removed. The Suspected section shows items that require further review. Do one of the following depending on your situation.
7. If you see No Risks Found, Norton Power Eraser did not detect any risks on your computer. Click OK to exit.
8. If you see any files listed under Detected, the check box under Fix will be checked automatically. It is recommended to remove these files -> Click Fix.
Step 5
If you can’t run or are not allowed to run the above programs because your computer is infected, try the following online scanner:
Run the free online scanner called ESET Online Scanner
Note: You need to use Internet Explorer for this scan.
Check the box next to “YES”, I accept the Terms of Use -> Click Start
When asked, allow the ActiveX control to install -> Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked -> Click Scan
Wait for the scan to finish -> Any infections found have now been removed.
You shoul now proceed to run Malwarebytes and Norton Power Eraser!
If you followed this guide, your computer is not only Malware clean but also clean from any harmful stuff! So use Norton Power Eraser and Malwarebytes, because they are powerful and free. Use the programs whenever you feel like!
Posted in: 
0 comments:
Post a Comment