Remove-Malware.com Forums

[jmc333]

Tweak thank you sooooo much, that worked like a charm .
Quick question, i scanned with MBAM and it found 3 infected items under the category "registry data" its in HKEY something, my question is; is it safe to delete those or should i try scanning with something else to disinfect those items and not delete them?

[Dieselman]

Yes delete them and reboot. Update the data base and scan again. Then update SAS and scan again. Then scan with Hitman Pro. Warning on Hitman Pro..............There can be false positives so if your unsure of something ask us first.

http://www.surfright.nl/en

[jmc333]

Ok so i scanned with SAS and kt found nothing, Hitman is finishing up now and it has a bunch of tracking cookies along with 1 suspicious item (its uSeRinit.exe but its on my I drive so its actually just Rkill, something interesting though is that in Rkill's log its actually killing the process named userinit.exe, is that it just killing itself because i read that he had whitelisted that) Hitman also found a piece of Malware in the temp file, listed as jar_cache something so i'll delete that unless you guys tell me otherwise. I also scan with Gmer and it comes up with 2 things but i see no options to delete them?

[Dieselman]

Gmer is ok. Better off scanning with TDSSKiller.

http://support.kaspersky.com/viruses/so ... =208280684

So can you browse the internet now? Lets also run ATF Cleaner. Clean everything but the Prefetch.

http://www.atribune.org/index.php?optio ... &Itemid=25

[jmc333]

Diesel i can't delete what Hitman Pro found? it's asking for a product key but i don't have one O.o, i downloaded the free version.
Damn,
"The computer is member of a business domain
As stated in the End User License Agreement (EULA) of Hitman Pro, the one-time free license may only be used by home users. To aid the license terms we have added technology to detect whether or not the computer is a member of a business domain. This means that when the computer is part of a domain, the one-time free license is not available."

[jmc333]

oh also, TDSSKiller didn't find anything but Gmer did.
+ What exactly does ATF Cleeaner do?
(Scanning with Dr.Web CureIt atm)

[Dieselman]

Activate the 30 day trial in Hitman Pro. Then it should delete it. Or else just delete it yourself by going to exactly where it found it. Thats what I do lately. I scan with Hitman Pro and then go to the folder/file it finds and remove it myself. ATF cleaner is a temp file cleaner. A little stronger then CCleaner. Be sure what Gmer found is not a false positive.

[jmc333]

If i were to delete it manually would i just go to the file and put it in the recycling bin and then empty it?
+ how do i check if they're false positives?
thanks Diesel

[Dieselman]

You can upload any file to Virustotal and see what the results are. If the file is malicious just by pass the recycle bin by highlighting the file and then pressing Shift+Delete.

http://www.virustotal.com/

[jmc333]

I tried Virustotal before with the file but it didn't work :O, it would take like half a second to upload and then nothing would happen (talking about the Jar_cache thing.) I'll try again though.