Malware removal

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Istranha, May 27, 2007.

  1. Istranha

    Istranha Private E-2

    Hello!

    I bumped on the "maware removal guide" and decided to check the computers at home. I have 4 computers, and i did it on the server. I wasn't very worried since they all have the avast and spybot, and we run them from time to time, but i was surprised by the stuff that all those programs kept finding (and couldnt clean it sometimes).
    So, here is what i did: i uninstalled the avast but i left the spybot, since its part of the procedure. At step 5, the computer didnt let me run the counterspy in safe mode, but it accepted the avg fine. The rest of it went ok. So i am posting the reports so i am sure to have all malwares removed, to follow with step 8. Oh yes, I am doing the same thing on the other 3 client computers. Not today though, once per weekend. :p Should i post their reports too, or just to follow those steps should be enough? I dont want to bug u every week with those reports, unless i absolutely have to. :p
    One last thing. I just want say thanks for the guide and the support with those reports. Its a great help, i feel lucky for having found it.
     

    Attached Files:

    Istranha, May 27, 2007
    #1
  2. Istranha

    Istranha Private E-2

    Here are the rest of the reports
     

    Attached Files:

    Istranha, May 27, 2007
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Spybot does not provide any active real time protection unless Teatime is used. So you should not make the mistake of thinking Spybot is going to protect you. You need an antispyware program with realtime active protection.

    Why??? No you have no antivirus and are unprotected! This is bad thing to do.

    You should post them in separate threads for each PC if you want to work on them.


    Note: You did not do step 2 of the READ ME properly!

    Do you know what the below files are for? Info I have says they are Virus.Win32.Hidrag.a
    Code:
    "C:\WINDOWS\"
desins~1.exe  31 Oct 2006      128000  "DesinstWRecnet.exe"
desins~1.ini  31 Oct 2006        5361  "DesinstWRecnet.ini"
desins~2.exe  31 Oct 2006      122880  "DesinstRecnet.exe"
    Are all the items in the C:\instaladores\DVD RIPPER\ folder valid licensed programs or are they things you downloaded using P2P or from crack sites? Bitdefender believed they were all infected and I also see that you do have Kingdia installed already. You should manually clean all of this up.

    Per step 6 of the READ ME, uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 3

    Make sure you reboot after uninstalling the above!

    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment


    Do you know what the below registry keys are for?
    Code:
    [HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\Explorer\sharedtaskscheduler]
"{A3717295-941D-416F-9384-ED1736729F1C}"="scpLIB"
[HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\Explorer\ShellExecuteHooks]
"{E37CB5F0-51F5-4395-A808-5FA49E399F83}"="GbPlugin ShlObj"
    In I have on the second one says it is this: http://www.popupsentry.com/G/GBIEH.DLL-3537.html


    Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Are you having any malware problems on this PC or your other PCs? There are really no major active problems showing.
     
    chaslang, May 27, 2007
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds