F-Secure.com
Description: Backdoor:W32/PoisonIvy
Here is some advise to help you out.
Disconnect your system from the network and use a different
system to download this software using a flash drive.
Download
MalwareByte's Anti-Malware.
Also, if you don't already have this on your system, download
SpyBot-Search & Destroy.
Download this updated SpyBot-S&D program executable which you can extract to the
SpyBot-S&D program folder.
SpybotSD.exe-1.6.3.51.zip
To show that it is legit, here is the page link where you can find the update:
http://forums.spybot.info/downloads.php?id=37
Here's the Newest
SpyBot Definition Updates so you won't need to update before scanning.
If you need a good Anti-Virus, I would recommend downloading
Avast! Home Edition (FREE)
- Pay attention to the installer dialogs
Once you have the needed software Install MalwareByte's Anti-Malware.
Do a full scan and let it fix anything it finds and Save the log as you will need it later.
Next, Install SpyBot-S&D, but do not select the TeaTimer during the install setup as it is more trouble than it is worth. Then install the definition update and the 1.6.3.51 program update.
Once you have installed SpyBot-S&D and installed the update, start the program. You'll get a small pain in the butt dialog window which you will need to click through until you see the
Start using program button. After that, maximize the program then in the file menu select
Mode > Advanced Mode. Next, on the bottom left select
Settings > Settings Scroll down to
Web update and select
Display available Beta versions.
Now close SpyBot-S&D so it'll remember the settings that were just set and wait a few seconds.
Open SpyBot-S&D again, then on the left panel select
Settings > Ignore Products > (main window) Cookies tab
So your page links on most sites will work correctly without being blocked, be sure to select these items:
BFast
Commission Junction
DoubleClick
LinkSynergy
Qksrv
These are most commonly used for redirects by the majority of websites you visit including Microsoft, Amazon, you name it, they probably use these ones. Block these ones and you will have trouble with a lot of links not working.
Now close the program again to save these settings and wait a few seconds, then reopen again.
In the left panel, select Immunize and as soon as it finishes loading in the main window, click the Immunize button that has the green plus.
Now in the Left panel, select
Search & Destroy then select the
Check for Problems button and when it finishes, let it fix anything it finds and save the log file.
-
Head on over to the
Spywareinfo Forums, Home of the Boot Camp and register there. Then once you have completed registration, select the Malware Removal forum and before you post anything, be sure you read the Pinned threads first as they are very important.
The Pinned Threads to read are as follows:
- 1)
"Hijacked Users" - Start here
- 2)
ATTENTION NEWBIES! IMPORTANT!
- 3)
The various helper groups here
- 4)
Removal Tools: "Malwarebytes' Anti-Malware"
- 5)
Removal Tools: "Spybot"
- 6)
Not getting help with your log?
- 7)
So how did I get infected in the first place?
After you have finished reading the information in the pinned threads, Create a New post in the Malware Removal forum asking for help and include any requested information including the MalwareByte's Anti-Malware Log and the SpyBot-S&D Log.
Good Luck