Puper, DLSearchbar.asp, Exploit maiden4u.biz

Discussion in 'Malware Help (A Specialist Will Reply)' started by Justjim, Apr 6, 2006.

  1. Justjim

    Justjim Private E-2

    I've been searching for a week trying to find a way to remove these and run every scan I can find. Spybot S&D, McAfee, CCleaner and AdAware can remove it.

    Does anyone know how to get rid of these?

    Thanks
     
    Justjim, Apr 6, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That is not enough information to go on. I don't know if you are talking about specific files. registry keys, installed programs, cookies ....etc.

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
      • Bitdefender
      • Panda Scan
      • HijackThis
    .
     
    chaslang, Apr 6, 2006
    #2
  3. Justjim

    Justjim Private E-2

    I've followed the procedures and atttached are the 3 logs - also the Bazooka scan that advises I have the Exploit Maiden4u.biz.

    I can't attach the HijackThis log to the message since it was uploaded earlier. Therefore I've cut and pasted it below.

    Please lelp me get rid of this stuff or I'll have to reformat.

    Thanks.

    Edit by chaslang:Inline HJT log attached
     

    Attached Files:

    Last edited by a moderator: Apr 7, 2006
    Justjim, Apr 7, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    There is no reason why you should not be able to attach your HJT log and why did you post one that is three days old. You need to attach a current HJT log that was obtained after running the READ & RUN ME steps. If you are attaching a duplicate log that was posted in another thread, why aren't you still working in your original thread.

    Your Bitdefender log is also old (3/31/06) and I assume the same is true for your Panda log. You must run the tools now since you have new infections. You began a new thread because you have new problems (I assume), thus you must run new scans.

    If your problem is just due to files like C:\WINDOWS\system32\$$$_.log being detected by Bazooka. Then just delete the file.

    Also delete the items in your Panda log if you did not already delete them:
    C:\Documents and Settings\Jim Slattery\Favorites\Antivirus Test Online.url
    C:\WINDOWS\Downloaded Program Files\OSD149F.OSD
    C:\WINDOWS\INF\biK.inf
    C:\WINDOWS\SYSTEM32\thun.dll
    C:\WINDOWS\SYSTEM32\??stem\logonui.exe
     
    Last edited: Apr 7, 2006
    chaslang, Apr 7, 2006
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds