^ I guess it could help somebody
I'll add the disclaimer that I dont have a clue what a lot of these apps do to your system, and am not responsible for any negative effects caused by any of them ;-)As I did each step the logfiles and finds were checked by (german language) experts from
www.trojaner-board.deMy last find was with ESET Online Scanner.
Avira Anti-virus, Malwarebytes Anti-Malware, and OTL.exe all found multiple files
Initially the computer could not be started - I used windows recovery disk and did a system restore.
The infected account was a user account (luckily) and could not be used - so I worked from the Admin account.
Update all apps before scanning:
------------------
Full scan with Malwarebytes Anti-Malware (
http://www.malwarebytes.org/)
(select free-mode if you're just installing for this scan)
Click on 'Show results' when finished, save.
------------------
Scan with your local anti-virus
------------------
Full scan with OTL.exe from Oldtimer
tutorial (+ dl link bottom of post one)
OTL Tutorial - How to use OldTimer ListIt Run as admin with these settings:
- All users
- Output: Minimal
- Standard registry: Safelist
Output: 2 logfiles
------------------
^ you will need help with OTL, because depending on files found, a script has to be prepared to 'cleanse' them (again via OTL.exe).
------------------
Scan with Malwarebytes Anti-Rootkit (
http://www.malwareby...roducts/other_tools/)
Output: 1 logfile
------------------
Run AdwCleaner
softpedia link / home:
http://general-chang...og-team.fr/fr/outilsWhen finished click [Delete]
Output: 1 logfile
------------------
'Detail scan' with Emsisoft Anti-Malware (
http://www.emsisoft.com/en/)
Save results
------------------
Windows Repair Tool (AIO) (
http://www.tweaking....pair_all_in_one.html)
Run Repair_Windows.exe
Click on 'Start repairs' Tab then: Start
choose these settings
- Register System Files
- Repair WMI
- Repair Windows Firewall
- Repair Winsock & DNS Cache
- Repair Proxy Settings
- Set Windows Services To Default Startup
and restart
------------------
ESET Online Scanner (
http://www.eset.com/us/online-scanner)
(Works in IE. Otherwise download an app. Run browser as admin)
Disable local antivirus and firewall
Tick: Remove found threads und Scan archives.
Output: 1 logfile
------------------
Either update Java RT and disable it in all browser
or
uninstall Java RT
------------------
In IE internet settings -
Security Tab
Tick: Enable protected mode
Click: Reset all zones to default level
------------------
Delete all system restore points (disable & re-enable System Restore)
------------------
CCleaner (I did this for each user account - it's possible there's an easier way)
delete all temporary internet files
Fix the registry (as said above - I never do this otherwise)
http://www.piriform....om/ccleaner/features------------------
I also updated Adobe Reader and disabled it's browser plugins
