Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove backdoor .bot


  • Please log in to reply
21 replies to this topic

#1 nini1948

nini1948

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 29 April 2014 - 02:23 PM

I have a HP computer with windows vista 32 bit system and I've been told that they think it has backdoor.bot on it and that this can cause problems. I don't know much about computers and I would like to know if there is an easy way to remove this from my computer.



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:18 AM

Posted 29 April 2014 - 05:39 PM


Usually when a computer is infected with malware there will be indications (signs of infection) something is wrong.

Who told you there was a backdoor bot?
What security scans have you run so far?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 nini1948

nini1948
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 29 April 2014 - 07:21 PM

A friend of mine told me this I've run avast superantispyware and malewarebytes anti maleware. I did have an error code of 039dll but after I run these it is gone I'm not real sure I remember the error code correct but I think thats what it was. My friend was looking at some things and said he saw it somewhere on my computer but I don't know anything much about computers so I don't know how to get rid of it.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:18 AM

Posted 29 April 2014 - 07:29 PM

Please download Sophos Virus Removal Tool and save it to your desktop.
alternate download link
  • It is a large file so it may take some time to download.
  • Be sure to read and follow the instructions on that same page for installing and performing a scan.
  • If anything threats are detected, they will show in the Scan Results with an option to click a Details... button for more information.
  • Click on the Start clean up button to allow removal of all threats found and reboot the computer when done.
  • A log file should have been created...copy and paste the results in your next reply.
Logs are automatically saved to the following locations:
-- XP: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
-- Vista, Windows 7, 2008: C:\Program Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log



Please download and scan with the Kaspersky Virus Removal Tool from one of the following links and save it to your desktop.Be sure to print out and read the instructions provided in:
- How to Install Kaspersky Virus Removal Tool
- How to launch computer autoscan in Kaspersky Virus Removal Tool
  • Double-click the setup file (i.e. setup_11.0.0.1245x11_2012_18-23_13_03.exe) to install the utility.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • The required files will be exracted and installed...be patient as this will take a few minutes.
  • At the 'Welcome!' windows, check the box next to I accept the license agreement and click Start.
  • A new window will open with two tabs (Automatic Scan and Manual Disinfection) and two icons on the right.
  • For a more comprehensive (but longer) scan, click the icon which looks like a round gear...click Scan Scope and place a check mark in the box next to Local Disk (C:). System memory, Hidden Startups and Disk boot sector boxes should already be checked by default.
  • Click on the 'Automatic Scan' tab, and click the green Start scanning button to begin.
  • The time to finish and percentage completed will show as the scan is in progress...Important! Do not use the computer during the scan.
  • If no threats are detected, exit the program. If threats are detected, you will be prompted for action: Disinfect, Delete if disinfection failes.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • When finished, click the rectanular notepad icon > select Detected threats > click on to highlight and click the Save icon to save the results as a text file...name it avptool.txt).
  • Copy and paste the report results of avptool.txt with any threats detected in your next reply.
  • When finished, follow these instructions on How to uninstall Kaspersky Virus Removal Tool.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 nini1948

nini1948
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 29 April 2014 - 08:16 PM

This sounds complicated but I will give it a try. I have a question though once I get these run how do I find the logs in order to copy and paste them? It may be a while before I can do this so be patient with me. Is there any way that if I mess up doing this that this will harm my computer?



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:18 AM

Posted 30 April 2014 - 06:13 AM

Reread the instructions...I explain how to find the logs. Even the scans do not find anything, then there is no need to post the logs.

Create a new system restore point before running the scans. That way you can roll back to it if something does go awry.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 nini1948

nini1948
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 30 April 2014 - 07:26 AM

Thanks quietman 7 for your help I did read the instructions and they tell where the logs are located but not how to get to them. As I said before I don't know anything about computers so I don't understand if the logs will show up automatically after running the programs or if I have to go somewhere and type the name of the logs in to bring them up. Sorry for not understanding.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:18 AM

Posted 30 April 2014 - 08:58 AM

You should be able to save Kapersky's avptool.txt to a location of your choice like the Desktop.

To find the SophosVirusRemovalTool.log, you can just open Windows Explorer and navigate to the location of the file. If you cannot find (see) the folder/file, you may have to reconfigure Windows to show hidden files, folders.

Alternatively you can access the log using a Run command.
Go to Start > Run and type: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
press Ok
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 nini1948

nini1948
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 30 April 2014 - 02:35 PM

Ok I'm going to give this a try I hope everything goes alright. I just recently learned how to copy and paste so maybe I'll be able to do this. Thanks



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:18 AM

Posted 30 April 2014 - 02:45 PM

Not a problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 nini1948

nini1948
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 30 April 2014 - 03:47 PM

2014-04-30 14:48:03 Sophos Virus Removal Tool version 2.5
2014-04-30 14:48:03 Copyright © 2009-2014 Sophos Limited. All rights reserved.

2014-04-30 14:48:03 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2014-04-30 14:48:03 Windows version 6.0 SP 2.0 Service Pack 2 build 6002 SM=0x300 PT=0x1 Win32
2014-04-30 14:48:03 Checking for updates...
2014-04-30 14:48:21 Update progress: proxy server not available
2014-04-30 14:48:42 Option all = no
2014-04-30 14:48:42 Option recurse = yes
2014-04-30 14:48:42 Option archive = no
2014-04-30 14:48:42 Option service = yes
2014-04-30 14:48:42 Option confirm = yes
2014-04-30 14:48:42 Option sxl = yes
2014-04-30 14:48:42 Option max-data-age = 35
2014-04-30 14:48:42 Option EnableSafeClean = yes
2014-04-30 14:48:44 Component SVRTcli.exe version 2.5
2014-04-30 14:48:44 Component control.dll version 2.5
2014-04-30 14:48:44 Component SVRTservice.exe version 2.5
2014-04-30 14:48:44 Component engine\osdp.dll version 1.44.1.2151
2014-04-30 14:48:44 Component engine\veex.dll version 3.52.0.2151
2014-04-30 14:48:44 Component engine\savi.dll version 8.1.0.2151
2014-04-30 14:48:44 Component rkdisk.dll version 1.5.30.0
2014-04-30 14:48:44 Version info: Product version 2.5
2014-04-30 14:48:44 Version info: Detection engine 3.52.0
2014-04-30 14:48:44 Version info: Detection data 4.99
2014-04-30 14:48:44 Version info: Build date 3/12/2014
2014-04-30 14:48:44 Version info: Data files added 746
2014-04-30 14:48:44 Version info: Last successful update (not yet updated)
2014-04-30 14:48:59 Downloading updates...
2014-04-30 14:48:59 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2014-04-30 14:48:59 Update progress: [I49502] Found supplement SAVIW32 LATEST 4
2014-04-30 14:48:59 Update progress: [I49502] Found supplement IDE500 LATEST
2014-04-30 14:48:59 Update progress: [I49502] Found supplement IDE501 LATEST
2014-04-30 14:48:59 Update progress: [I49502] Found supplement IDE502 LATEST
2014-04-30 14:48:59 Update progress: [I49502] Found supplement IDE503 LATEST
2014-04-30 14:48:59 Update progress: [I49502] Found supplement IDE504 LATEST
2014-04-30 14:48:59 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2014-04-30 14:48:59 Update progress: [I19463] Syncing product SAVIW32 39
2014-04-30 14:49:03 Update progress: [I19463] Syncing product IDE500 171
2014-04-30 14:49:05 Installing updates...
2014-04-30 14:49:07 Update progress: [I19463] Syncing product IDE501 233
2014-04-30 14:49:07 Update progress: [I19463] Syncing product IDE502 180
2014-04-30 14:49:07 Update progress: [I19463] Syncing product IDE503 11
2014-04-30 14:49:07 Update progress: [I19463] Syncing product IDE504 1
2014-04-30 14:49:54 Update successful
2014-04-30 14:50:11 Option all = no
2014-04-30 14:50:11 Option recurse = yes
2014-04-30 14:50:11 Option archive = no
2014-04-30 14:50:11 Option service = yes
2014-04-30 14:50:11 Option confirm = yes
2014-04-30 14:50:11 Option sxl = yes
2014-04-30 14:50:11 Option max-data-age = 35
2014-04-30 14:50:11 Option EnableSafeClean = yes
2014-04-30 14:50:12 Component SVRTcli.exe version 2.5
2014-04-30 14:50:12 Component control.dll version 2.5
2014-04-30 14:50:12 Component SVRTservice.exe version 2.5
2014-04-30 14:50:12 Component engine\osdp.dll version 1.44.1.2151
2014-04-30 14:50:12 Component engine\veex.dll version 3.52.0.2151
2014-04-30 14:50:12 Component engine\savi.dll version 8.1.0.2151
2014-04-30 14:50:12 Component rkdisk.dll version 1.5.30.0
2014-04-30 14:50:12 Version info: Product version 2.5
2014-04-30 14:50:12 Version info: Detection engine 3.52.0
2014-04-30 14:50:12 Version info: Detection data 4.99G
2014-04-30 14:50:12 Version info: Build date 3/12/2014
2014-04-30 14:50:12 Version info: Data files added 590
2014-04-30 14:50:12 Version info: Last successful update 4/30/2014 2:49:54 PM

2014-04-30 15:00:55 Could not open C:\hiberfil.sys
2014-04-30 15:01:27 Could not open C:\pagefile.sys
2014-04-30 15:04:34 >>> Virus 'Troj/DwnLdr-KZI' found in file C:\Program Files\Download Internet Explorer 10\teststststststs.exe
2014-04-30 15:04:34 >>> Virus 'Troj/DwnLdr-KZI' found in file C:\Users\Public\Desktop\Download Internet Explorer 10.lnk
2014-04-30 15:04:34 >>> Virus 'Troj/DwnLdr-KZI' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
2014-04-30 15:10:10 Could not open C:\System Volume Information\{011b01c9-aa27-11e3-868a-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{0dbb8b0f-d09d-11e3-abe7-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{0dbb8b15-d09d-11e3-abe7-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{2fc32cef-aeaa-11e3-8cad-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{2ffe5468-c704-11e3-a98d-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{459808c4-c9ac-11e3-8756-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{4d0eead2-bad8-11e3-afa8-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{51e605e6-bdeb-11e3-b4dd-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{6bfab428-c30a-11e3-8dc7-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{72eb0f03-b60d-11e3-acd5-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{7bde5121-b44c-11e3-98ec-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{9611f64f-cfaa-11e3-8f9a-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{965a41e9-aece-11e3-862b-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{9da68389-ab88-11e3-9deb-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{a78377ef-c4a7-11e3-a389-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{a9d6e32e-b808-11e3-88d2-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{b46cdb64-b2ee-11e3-a8b3-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{b66befd0-a92d-11e3-8c3a-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{d65d368d-ca2b-11e3-967e-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{e30e648e-bf2c-11e3-9b6e-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{e4d34527-b9c7-11e3-8df7-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{e67e9469-b684-11e3-ac21-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{e9ca050d-ccaa-11e3-8004-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:10:10 Could not open C:\System Volume Information\{fef1a463-c0b1-11e3-a4f6-0023548bd1a9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-04-30 15:17:37 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2014-04-30 15:17:37 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2014-04-30 15:17:43 Could not open C:\Windows\System32\config\components
2014-04-30 15:17:43 Could not open C:\Windows\System32\config\RegBack\COMPONENTS
2014-04-30 15:17:43 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2014-04-30 15:17:43 Could not open C:\Windows\System32\config\RegBack\SAM
2014-04-30 15:17:43 Could not open C:\Windows\System32\config\RegBack\SECURITY
2014-04-30 15:17:43 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2014-04-30 15:17:43 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2014-04-30 15:42:07 Could not open LOGICAL:0008:00000000
2014-04-30 15:42:07 Could not open I:\
2014-04-30 15:42:07 Could not open LOGICAL:0009:00000000
2014-04-30 15:42:07 Could not open J:\
2014-04-30 15:42:07 Could not open LOGICAL:000A:00000000
2014-04-30 15:42:07 Could not open K:\
2014-04-30 15:42:07 Could not open LOGICAL:000B:00000000
2014-04-30 15:42:07 Could not open L:\
2014-04-30 15:42:07 Could not open PHYSICAL:0081:0000:0000:0001
2014-04-30 15:42:07 Could not open PHYSICAL:0082:0000:0000:0001
2014-04-30 15:42:07 Could not open PHYSICAL:0083:0000:0000:0001
2014-04-30 15:42:07 Could not open PHYSICAL:0084:0000:0000:0001
2014-04-30 15:42:07 The following items will be cleaned up:
2014-04-30 15:42:07 Troj/DwnLdr-KZI
2014-04-30 15:43:30 Threat 'Troj/DwnLdr-KZI' has been cleaned up.
2014-04-30 15:43:30 File "C:\Users\Public\Desktop\Download Internet Explorer 10.lnk" belongs to 'Troj/DwnLdr-KZI'.
2014-04-30 15:43:30 File "C:\Users\Public\Desktop\Download Internet Explorer 10.lnk" has been cleaned up.
2014-04-30 15:43:30 File "C:\Program Files\Download Internet Explorer 10\teststststststs.exe" belongs to 'Troj/DwnLdr-KZI'.
2014-04-30 15:43:30 File "C:\Program Files\Download Internet Explorer 10\teststststststs.exe" has been cleaned up.
2014-04-30 15:43:30 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609" belongs to 'Troj/DwnLdr-KZI'.
2014-04-30 15:43:30 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609" has been cleaned up.
2014-04-30 15:43:30 Removal successful
2014-04-30 15:43:31 Contents of SafeClean bin directory:
2014-04-30 15:43:31 {
2014-04-30 15:43:31     RecordID   : "0000000000000001",
2014-04-30 15:43:31     ItemType   : "1",
2014-04-30 15:43:31     Location   : "C:\Users\Public\Desktop\",
2014-04-30 15:43:31     FileName   : "Download Internet Explorer 10.lnk",
2014-04-30 15:43:31     ThreatName : "Troj/DwnLdr-KZI",
2014-04-30 15:43:31     Checksum   : "8705ce885eb3663781b00d880f82bf13078ea04416abc4be393bb31699988594",
2014-04-30 15:43:31     TimeStamp  : "Wed Apr 30 15:43:25 2014"
2014-04-30 15:43:31 }
2014-04-30 15:43:31 {
2014-04-30 15:43:31     RecordID   : "0000000000000002",
2014-04-30 15:43:31     ItemType   : "1",
2014-04-30 15:43:31     Location   : "C:\Program Files\Download Internet Explorer 10\",
2014-04-30 15:43:31     FileName   : "teststststststs.exe",
2014-04-30 15:43:31     ThreatName : "Troj/DwnLdr-KZI",
2014-04-30 15:43:31     Checksum   : "45fd945609e981def3f08eb3d0ce26dd28135499a21d5a0c90fada9ff56b2957",
2014-04-30 15:43:31     TimeStamp  : "Wed Apr 30 15:43:25 2014"
2014-04-30 15:43:31 }



#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:18 AM

Posted 30 April 2014 - 04:09 PM

Sophos found and removed Troj/DwnLdr-KZI. Please continue with Kaspersky.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 nini1948

nini1948
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 01 May 2014 - 09:34 AM

Sorry for being so long getting back but I had trouble with the kaspersky program. I started the scan and all of a sudden it stopped and I got the message Kaspersky had stopped responding so I waited awhile thinking it would start back again but I gave up on that and closed it out and started the scan again but this time it said it was going to take over a day to run the scan so I let it run thinking that would change but it didn't and I let it run for a long time so I give up on it stopped the scan and removed it then I went back and installeded it again and this time it run correctly. In all the scan I attempted and the last one that run correctly there were no threats so there wasn't a log to copy and paste. Does this mean my computer is clean or is there some more things I need to do. Once again thanks for your help.



#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:18 AM

Posted 01 May 2014 - 04:49 PM

That's good.

 

Now lets try doing an online scan to see if it finds anything else that the other scans may have missed.

Please perform a scan with Eset Online Anti-virus Scanner.
If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
Vista/Windows 7/8 users need to run Internet Explorer/Firefox as Administrator.
To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
 

  • Click the green esetOnline.png button.
  • Read the End User License Agreement and check the box:
  • Check esetAcceptTerms.png.
  • Click the esetStart.png button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check esetScanArchives.png and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan can take some time to complete...close all programs and do NOT use the computer while the scan is running.
    If given the option (when threats are found), choose "Quarantine" instead of delete.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop as ESETScan.txt.
  • Push the esetBack.png button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.

- Note: If you recognize any of the detections as legitimate programs, it's possible they are "false positives" and you can ignore them or get a second opinion if you're not sure. Eset's detection rate is high and can include legitimate files which it considers suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not always the case. Be careful what you choose to remove. If in doubt, ask before taking action.
 

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 nini1948

nini1948
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 01 May 2014 - 07:35 PM

I went to the website of eset on-line anti-virus scanner and it says it is a 30 day trial I don't want to have to purchase it. I want to be sure that if I run thia I don't have to purchase it after the 30 days. Also you say to be careful of doing away with the threats how can I make sure I don't remove something I need I know you said to ask before I do anything if I question it but you might mot be available at the time can I keep it until I get an answer from  you on the logs if so how do I do that?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users