Four Steps to Trojan Horse Back Door Generic PC Clean-up

This material has been so helpful to me that I thought I would share it with my readers and make a blog post out of it: I hope it helps you as much as it helps me on an ongoing basis
Here is a series of free PC-tools you can use to clean up your system from unwanted files:
1. MiniToolBox
Please, download MiniToolBox, save it to your desktop and run it. 
Check mark the following check-boxes: 
– Flush DNS 
– Report IE Proxy Settings 
– Reset IE Proxy Settings 
– Report FF Proxy Settings 
– Reset FF Proxy Settings 
– List content of Hosts 
– List IP configuration 
– List Winsock Entries 
– List last 10 Event Viewer log 
– List Installed Programs 
– List Users, Partitions and Memory size.
Note: When using “Reset FF Proxy Settings” option Firefox should be closed.


Please download and extract it.
– Run TDSSKiller.exe.
– Click on Change Parameters 
– Put a check in the box of Detect TDLFS file system
– Click Start scan.
– When it is finished the utility outputs a list of detected objects with description.
– The utility automatically selects an action (Cure or Delete) for malicious objects.
– The utility prompts the user to select an action to apply to suspicious objects (Skip, by default).
– Leave the options as it is and click Continue
– Reboot if needed.  Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.
3.  SUPERAntiSpyware Free
Next run Superantisypware (SAS): 
Please download and scan with SUPERAntiSpyware Free
– Double-click SUPERAntiSypware.exe and use the default settings for installation.
(For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide).
– An icon will be created on your desktop. Double-click that icon to launch the program.
– If it will not start, go to Start > All Programs > SUPERAntiSpyware and click on Alternate Start.
– If asked to update the program definitions, click “Yes“. If not, update the definitions before scanning by selecting “Check for Updates“. (If you meet any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
– In the Main Menu, click the Preferences… button.
– Click the “General and Startup” tab, and under Start-up Options, make sure “Start SUPERAntiSpyware when Windows starts” box is unchecked.
– Click the “Scanning Control” tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
– Close browsers before scanning.
– Scan for tracking cookies.
– Terminate memory threats before quarantining.
– Click the “Close” button to leave the Control Center screen.
– Back on the main screen, under “Select Scan Type” check the box for Complete Scan.
– If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
– Click the Scan your computer… button.
– After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click “OK“.
– Make sure everything has a checkmark next to it and click “Next“.
– A notification will appear that “Quarantine and Removal is Complete“. Click “OK” and then click the “Finish” button to return to the main menu.
– If asked if you want to reboot, click “Yes” and reboot normally.
– To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
– Click the View Scan Logs button at the bottom. 
– This will open the Scanner Logs Window.
– Click on the log to highlight it and then click on View Selected Log to open it.
Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.

4.  EST

Finally run ESET online version:
Hold down control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
– Click on the “ESET Online Scanner” button
– For alternate browsers only: Microsoft Internet Explorer users can skip these steps:
a) Click on “esetsmartinstaller_enu.exe” to download the ESET Smart Installer.  Save it to your desktop.
b) Double click on the esetsmartinstaller_enu icon on your desktop.
– Check: Yes, I accept the Terms of Use
– Click the  start button
– Accept any security warnings from your browser
– Under scan settings, check  and check Remove found threats 
– Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology
– ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
– When the scan completes, push “List of found threats” and proceed as you wish.
NOTE: In some instances if no malware is found there will be no log produced. 
Please follow Bruno Gebarski on Twitter, LinkedIn or Google+

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s