to the Virus/Trojan/Spyware/Malware Removal forum
I am thcbytes
and I am here to help you!
I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer
. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.
Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.
In the upper right hand corner of the topic you will see a button called Watch this topic
. Click on this then choose Immediate E-Mail notification
and then Proceed
and you will be advised when I respond to your topic by email.
Please try to complete the steps and reply at least every 24 hours. If you find that your delayed just post a quick reply here and let me know!! After 5 days if your topic is not
replied I will assume it has been abandoned and I will close it.I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!
Again I would like to remind you to make no
further changes to your computer unless I direct you to do so. Your computer fix will be based on the current
condition of your computer! Any changes might delay my ability to help you.
Lastly if you have not already done so you should consider backing up your important data - pictures, documents, etc... Worse case scenario is need for a wipe and reinstall your operating system to its factory settings. Therefore your precious data will be salvaged. There are both free and paid applications available.Cobian BackupDriveImage XMLCrashPlan
Why do you think your USB is infected with an exploit kit? Typically the Angler kit is a drive-by download from an infected website that hosts the kit and infects your computer. Indeed much can by dropped and a USB can become infected but it would have to have been infected from somewhere. Make sense?
To answer your question about infecting the rest of your computer from the USB the answer depends on your OS. If your OS is Windows 7 or above then autorun is disable by default so unless you open that USB simply plugging it in should be low risk.
Is your computer displaying any concerning behavior?
If you like I am happy to take a look at your computer and USB drive.
Plug in the USB, do not open it, and do this please.
Please download Junkware Removal Tool
and save it to your desktop.
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
- Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
- Please allow the program time to run
- Once completed a Notepad document will open on your desktop
Copy and paste the contents in your reply
Please download AdwCleaner
by Xplode and save to your Desktop.
- Double click on AdwCleaner.exe to run the tool.
- The tool will start to update the database, please wait a bit.
- Click on I agree button.
- Click on the Scan button.
- AdwCleaner will begin...be patient as the scan may take some time to complete.
- After the scan has finished, click on the Report button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
A copy of all logfiles are saved in the root of the drive typically C:\AdwCleaner.txt.
Copy and paste the contents of that logfile in your next reply.
Download Farbar Recover Scan Tool
for either 32 bit
or 64 bit
systems and save it to your desktop ---> Important
- If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
- Double click the icon
- Click Yes to the disclaimer
- Make sure the Addition.txt box is checked
- Click Scan and allow the program to run
- Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
- 2 Notepad documents should now be open on your desktop.
- Please copy and paste the contents of both in your reply
Carefully answer all my questions and post all the logs I have requested.