Jump to content

Scorpion Saver, Metacrawler and Ividi Infection--related?

Sdart

By Sdart
in Resolved Malware Removal Logs

 Share

Recommended Posts

Sdart

Sdart

Posted
  • Author
Posted

Hey Kevin,

GOOD NEWS! It appears that whenever this nasty virus got a hold of my Google Chrome and Internet Explorer, it altered my proxy server settings, and changed the correct code that corresponds with it. Anyway--I sort of lack the appropriate jargon to accurately explain why my internet was being such a pain, but, the point is, because of your help, my computer is back to functioning normally now. Thank you SO much for your help. I am making a donation to PayPal. After having my computer hacked so callously, I found myself totally disillusioned by the fact that there are people that exist that just basically want to ruin people's laptops. Thankfully, you and the good people at Malwarebytes are fighting the good fight and doing some really important work. I am sounding totally corny now, but I really mean it. I am making a donation, and that will not thank you enough. Keep up the good work, and thank you so, so SO much.

-Sean

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

We need to remove FRST, first it is very important to deal with its Quarantine folder using FRST itself..

OK, we continue:

Delete any fixlist.txt file previously used, continue:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful. 

Next,

 

Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST

 

Next,

 

Uninstall adwcleaner.exe

  •   Please close all open programs and internet browsers.
  •   Double click on adwcleaner.exe to run the tool.
  •   Click on Uninstall
  • Click Yes at Would you like to Uninstall Adwcleaner

 

Next,

 

  • Download OTC by OldTimer from here http://oldtimer.geekstogo.com/OTC.exe or here http://www.itxassociates.com/OT-Tools/OTC.exe and save to your Desktop.
  • Double click OTC_Icon.jpg icon to start the program.
    If you are using Vista or Windows 7 accept UAC
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Begining Cleanup Process". Please select Yes.
  • Restart your computer when prompted.
  • This will remove tools we have used and itself.

 

Any tools/logs remaining on the Desktop or downloads folder can be deleted. Such as :-

 

RogueKiller plus its folder RK_Quarantine

 

Zoek, plus any logs. Also Navigate start > Computer > Expand C:\ > remove any files/folders named Zoek

 

Let me know if those steps complete, also if any remaining issues or concerns...

 

Next,

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Kevin.....

fixlist.txt

Link to post
Share on other sites
  • 2 weeks later...
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.