SIREFEF and malware

[sarahk1225]

Final log....I hope! 

[magna86]

>> Open Notepad
* by click start
* Click Run
* Type notepad into the box and click enter
* Notepad will open
* Copy and Paste everything from the Code box into Notepad:

Code: [Select]


Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]




* Go to File > Save As
* Save File name as Fix.reg
* Change Save as Type to All Files and save the file to your desktop
* Close Notepad, and double-click Fix.reg on your Desktop
* When it asks if you want to merge the info to the registry, hit YES/OK
Reboot computers


******************




It is necessary to uninstall AVZ Antiviral Toolkit .

• Re-run AVZ [/color] (double click on icon);
  
  
• The menu choose File > Scripts Standard ;
  
  
• In the window that opens check the 6 and click Execute Selected Scripts;
  
  
• Click Yes ;
  
  
• After the procedure you will receive notification: Script Executed ;
  
  
• Quit the program and delete the folder where is program.

****************

It is necessary to uninstall the ComboFix :

• Click Start (or ) then Run.
  
  
  On Windows7 or Vista you may use Start Search field if Run is not available.
  
  
• In the line of text type in (Copy) the following:

Code: [Select]

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

• then click OK (or press Enter ).

Wait for the uninstall process is complete.


--------------------

>> How is your computer running now?

[sarahk1225]

I could not complete the first step because the pop up box told me "can't add to registry..." and something about only adding binary files?
:-(

[magna86]

I could not complete the first step because the pop up box told me "can't add to registry..." and something about only adding binary files?
:-(

Ok, no problem, now go to Step2 and Step3 ( uninstall AVZ and Combofix )
Then...
Download AppRemover (~ 6MB) on Desktop .
Run the tool.

Click Next, choose the second option (Clean Up a Failed Uninstall), confirm with Continue, go to Next, wait to be finished, choose what is found and remove it by clicking on the Next .

// this step ( and first step with fix.reg ) is not as important, this is just remove the remains legitimate entrys.

[sarahk1225]

Only two things did not happen:
1) that fix.reg thing. I know you said it's not important, but of course I tried again a few times anyway (there's that bravery thing again! lol). Same results. Not gonna happen
2) App remover did not find any traces of anything to uninstall. I also clicked the bottom part which said something like "don't see anything? try this". Yeah well I "tried that" and I got nothin'. Hopefully that's a good sign?

So  can I officially erase all of those strange notepad files I made? Is there anything new that I have done or added during this removal process that I should definitely NOT delete?

Anyway....I have had ZERO Avast warnings since earlier today when I ran that combofix. WHOOO HOOOO! Virus free....right?!
Thanks soooooo much! You guys are amazing. I'm on my way out the door now to get "avast! Forum" tattooed on my face.

 

[magna86]

Abaut that fix.bat, it's a a some locked keys theyfor it is irrelevant. 

>> Re-run OTL and click on CleanUp! button.

After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

No need for future actions, just turn on your antivirus and be safe. 

Please help me! This is my boyfriend's computer and I feel awful about ruining it

I hope your boyfriend didnt found out that abaut us 


 

[sarahk1225]

So far so good!
My computer is running really slow now at startup, but I am willing to look past that if it means those crazy viruses are gone!
Thank you so much for everything. I can sleep better at night now. lol

P.S. No, my boyfriend will NOT be finding out about us. I have to keep you as my dirty little secret...especially because he thinks I am a genius after I removed some very harmful viruses all by myself! hahaha.

[magna86]

So far so good!
My computer is running really slow now at startup...

You may use CCleaner ( aka CrapCleaner ) to control your sturtup.
http://www.piriform.com/CCLEANER
Install > tools > sturtup > (Windows tab).
Leave only malwarebytes, avast, and perhaps dells webcam.
Other may free from Yes switch to No. You can easily turn on them again.
Also, you may use his registry and cleaner options.

P.S. No, my boyfriend will NOT be finding out about us. I have to keep you as my dirty little secret...

It'll be our little secret