Just delete the problem?!

If you already know you have them then you should already have located the infections. Thus I'm not sure what you are asking!

• How do you know you have these infections?
• Is your antivirus program reporting them?
• Isn't it fixing the problems?
• Did you try running your AV in safe boot mode?

It may not be so straight forward for you to fix this on your own. You should consider following the below procedure.

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.

• Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
• Make sure you check version numbers and get all updates.
• Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

• After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis​

Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.​

• When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
  • CounterSpy - only for Windows XP, 2K, & NT users
  • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
  • Bitdefender - from step 6
  • Panda Scan - from step 6
  • runkeys.txt - the log from GetRunKey.bat
  • newfiles.txt - the log from ShowNew.bat
  • HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

 

Okay! Make sure to attach all 6 requested logs!

 

How large are the files in bytes? There are file size limits. If they are larger than the allowed size or if you continue to have problems, put the logs into a ZIP file and attach the ZIP file.

 

That is not a problem and it is explained on the bottom of the download page for GetRunKey. It ran fine.

The only malware showing are what is in your BitDefender log and these need to be cleaned up by you since they are in your email and in something that appears to be from a newsgroup that has been accessed.


You did not attach a log from a CounterSpy scan. I'm not sure what you attached but it seems to something related to CounterSpy's system tray icon/process. Either way this has nothing to do with a scan log. I doubt we need a log from CounterSpy since your PC appears to be clean. You should uninstall the CounterSpy trial since we are finished with it.

Also per step 6 of the READ ME, you need to do the below:

Uninstall the below old versions of software:
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_08

Make sure you reboot after uninstalling the above!

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

 

That will not remove it from the registry. This is really not a malware issue but I will give you two things to try:

• reinstall the application
• then reboot
• after reboot, immediately uninstall it.

If the above does not work or you cannot do the above for some reason, try using the below to uninstall it:

Your Uninstaller! 2006


If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix, you can delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, and the C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
6. If we had you run Avenger, you can delete all files related to Avenger now.
7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
8. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
9. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!