Logicaly’s guide: How to CLEAN your PC from keyloggers.
Hi all, this guide will help you on how to clean your pc from keyloggers.
Last update: February 8, 2010
Screenshots have now been added!!!
English is not my mother tongue, so some things are hard for me to explain, but I think i'm doing a good job, in general ^^
First of all, a note: Hijackthis is a tool, used for finding infections in your computer. Please note: THIS IS NOT A SCANNER. It shows both malicious rules, but also LEGIT rules. Do not fix rules in Hijackthis yourself!
You can find a list of forums that are qualified to look at your Hijackthis log here: http://asap.maddoktor2.com
In addition, here’s a list of forums where you can post your hijackthis logfile. – If you know any others, please let me know in a comment/reply!
Dutch/Belgium:
www.hijackthis.nl/forum
www.minatica.be/forum.php
http://www.antispywareoffensief.nl/forum/
English:
http://www.spywareinfoforum.com/
http://forums.techguy.org/
http://www.techsupportforum.com/
Before posting a Hijackthis log, please do the following steps upfront. I know this is a lot of work, but that way most malware is already deleted and your logfile can be looked at faster.
Please remember: Follow ALL steps, including step 7
Note: Vista/Win. 7 users must run installations and the downloaded programs as Administrator. You can do this by right-clicking the program and select Run as Administrator (The screenshot shows it for Hijackthis, You must use this for every program we use here)
http://img408.imageshack.us/img408/6665/guide1bb5.jpg <-- Screenshot
1.
This can take a few minutes, depending on how much trash there is on your PC. Please read what is being removed, you might not want the program to remove your Internet History or saved passwords.
- Download CCleaner here: here and install it.
- Once it’s booted, press the button to Clean up your system.
Note: CCleaner can ask you to install Yahoo Toolbar during the installation. Uncheck this option if you do not want the toolbar!
Screenshot: Click!
2.If you get an license note during the installation, press Use Free.
- Download Ad-aware Free Anti-Malware 8 here and install it.
It should update automatically, and this can take quite a while the first time. Just wait. If it doesn’t update automatically, do it manually by clicking the update-button.
- After the installation Ad-Aware may ask you to reboot before the first use. Please do this! Once the system is rebooted, start Ad-Aware.
Once Ad-Aware has finished updating, it might magically disappear.. It’ll be in your taskbar!
- Click on the Systemscan button. Wait until it is finished.
- Once it is finished, make sure you select everything and Quarantine/Delete it.[/li
Screenshot: Click!
- Close Ad-Aware once everything is completed.
3.
Wait until the operation has been completed.
- Download Spybot Search & Destroy here and install it.
- During the installation, uncheck "Use Internet Explorer protection (SDHelper)" and "Use system settings Protection (TeaTimer)"
- After the installation, boot Spybot S & D. Search for updates first, and download them all.
- Click on the Immunize tab afterwards, followed by clicking the Immunize button.
- Then go to the Search and Destroy tab. Click on Check All after that and wait until things are done.
Close Spybot afterwards.
- Select all problems found, and repair the problems.
Screenshot: Click!
4.
The Logfile will automatically be saved at the Logs tab in MBAM.
- Download MBAM (MalwareBytes' Anti-Malware) here and install it. Make sure that at the end of the installation, Update MalwareBytes' Anti-Malware and Start MalwareBytes' Anti-Malware is checked.
- Select Full Scan and start scanning. When it is done, select everything and delete the found objects.
- A logfile will also open automatically. Save this logfile and post it together with your Hijackthis logfile.
If MBAM found objects that can't be deleted, it will ask to reboot your computer. Allow this and restart your computer.
Screenshot: Click!
5. Do a full system scan with your virusscanner and remove all found infections.
If you do not have a virusscanner – GET ONE ASAP!!- , you can scan online with one of these scanners. (Use Internet Explorer to scan)
BitDefender: http://www.bitdefender.com/scan8/ie.html
Panda: http://www.pandasoftware.com/actives..._principal.htm
Kaspersky: http://www.kaspersky.nl/scanner
Remove all infections found.
6. Restart your computer.
7.
Screenshot: Click!
- Download Hijackthis here and install it.
- After the installation Hijackthis will open. Press Do a systemscan and save a logfile.
A notepad file will open. In the Notepad file, press CTRL + A to select everything, CTRL + C to Copy everything. Then press CTRL + V in a new topic at the forum you want to post the log.
Also paste the MBAM log on the forum you place the Hijackthis logfile.
Many thanks for reading, if you have questions or problems, please ask
Also: Please note: Doing this all, is NOT A GUARANTEE your computer is not infected. There is no scanner that has a 100% detection rate.
- Logicaly
PS. Logicaly is my new main. The old one was Magekíd. It’s still me
PSS. To that sneaky person posting in the US forums: WTB credits-link!
Please do NOT post your hijackthis logs in a reply/thread here, I'll most likely only redirect you to the correct forum ^^ (which you can see at the top of the post)
Edit: /sigh, people do it anyways:< Ah well.. /love