Dcads Virus Removal

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

READ & RUN ME FIRST. Malware Removal Guide

 

Please disable all anti-virus and anti-spyware programs while we do the following:

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Have you uninstalled Firefox and tried re-installing? Tell me how things are running.

 

Let's reset your IE defaults and then I want you to run a BitDefender online scan:

Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Bitscan link: agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files. Once Bitdefender completes the scan:

Click-on the Detected Problems tab. Then select Click here to export the scan report

When the window comes up to save the report, change the Save as type: box to Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click save. This will save a file named bdscan.txt in whatever folder you are currently in when you save the file (take notice of where you are at so you can find it later). This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

 

Go Here and enter your email addy then download the program when you get the reply. Run it and save the log.

 

Let me know what it finds.

 

Both would be sweet ...let one finish before you start the other.

 

That was good....you really need to uninstall Limewire ...it is known to have malware.

Are you still having problems?

 

Please download AdAware.

Tell me if that kills it.

 

Please download Navilog1 by IL-MAFIOSO:
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip

• Extract its contents to the desktop.
• Double click on navilog1.exe to install it on your computer.
• When the installation is complete, the tool will start automatically.
• If it doesn't start automatically, please double click on Navilog1 shortcut on your desktop to run it.
• Press E for English from the language Menu.
• Type 1 in the next Menu to select Search and press Enter.
• Wait for the Scan to finish (It may take a reasonable amount of time)
• Press any key as requested .
• A new document will be produced: fixnavi.txt.
• Please copy/paste the contents of this report in your next reply.

The report is also saved in the root of the directory, "%SystemDrive%\fixnavi.txt". (usually C:\fixnavi.txt)

 

That may just do it!

 

I see AdAware found the ad-yield cookies among a host of others ....how are you running now?

 

Then let's try uninstalling again and download here:
Mozilla Firefox

 

Everything looks good ...If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
* Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix, you can delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, C:\WINDOWS\nircmd.exe, C:\combofix.txt and C:\ComboFix-quarantined-files.txt logs that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
5. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
6. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
7. If we had you run Avenger, you can delete all files related to Avenger now.
8. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
9. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
10. If you are running Windows XP or Windows ME, do the below:
* Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
* Then reboot and Enable System Restore to create a new clean Restore Point.
11. After doing the above, you should work thru the below link:
* How to Protect yourself from malware!

 

Good to know ....safe surfing.