Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Some of the infected objects were not deleted

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Need help. Malware associated files

Unread postby clean1computer » January 11th, 2011, 1:53 am

Hello. These malware associated files appeared in my computer, all on one day. Is it possible to delete them or deal with them?
How can I check if I have malware in my computer?
Thank you.

v2.0.50727
oodag
ras
Lhsp
nview
RegisteredPackages
Database
DataStore
chars
StartHtmico
x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790

CONFIG.NT
vbaddin.ini
vb.ini
control.ini
REGLOCS.OLD
wpdtrace.log
system.ini.backup
win.ini.backup
secsetup.inf
secedit.sdb
clean1computer
Active Member
 
Posts: 3
Joined: January 11th, 2011, 1:41 am
Advertisement
Register to Remove

I cannot have access to 'Local Settings' catalog.

Unread postby clean1computer » January 11th, 2011, 2:22 am

Malwarebytes' Anti-Malware found 23 infected files on my computer. While scanning, it was written on the screen: "C:\Documents and Settings\Local Settings ... is being scanned".
I can see 'Documents and Settings' catalog on my computer. However when I open 'Documents and Settings', there is no 'Local Settings' catalog there. I tried to open 'Local Settings' through Total Commander or through My computer.
Why can I not have access to Local Settings, if this is my own computer and I have the administrator rights? Thank you.
clean1computer
Active Member
 
Posts: 3
Joined: January 11th, 2011, 1:41 am

Some of the infected objects were not deleted

Unread postby clean1computer » January 11th, 2011, 2:39 am

I attached a screenshot of scanning for malware.
I ran 'delete the infected objects'. But it seems some of the infected objects were not deleted. Below is the log.
Thank you very much for your time.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Версия базы данных: 5501

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

11.01.2011 9:41:23
mbam-log-2011-01-11 (09-41-23).txt

Тип сканирования: Быстрое сканирование
Просканированные объекты: 202607
Времени прошло: 19 минут, 12 секунд

Заражённые процессы в памяти: 2
Заражённые модули в памяти: 1
Заражённые ключи в реестре: 10
Заражённые параметры в реестре: 7
Объекты реестра заражены: 3
Заражённые папки: 3
Заражённые файлы: 5

Заражённые процессы в памяти:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 248 -> Not selected for removal.
c:\program files\search settings\searchsettings.exe (PUP.Dealio) -> 220 -> Not selected for removal.

Заражённые модули в памяти:
c:\program files\search settings\searchsettingsres409.dll (PUP.Dealio) -> Not selected for removal.

Заражённые ключи в реестре:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\SearchSettings.BHO.1 (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\SearchSettings.BHO (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully.

Заражённые параметры в реестре:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\SEARCHSETTINGSRES409.DLL (PUP.Dealio) -> Value: SEARCHSETTINGSRES409.DLL -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal.

Объекты реестра заражены:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Заражённые папки:
c:\documents and settings\home.home-6867770527\application data\Dealio (PUP.Dealio) -> Not selected for removal.
c:\documents and settings\home.home-6867770527\application data\Dealio\res (PUP.Dealio) -> Not selected for removal.
c:\documents and settings\home.home-6867770527\application data\Dealio\temp (PUP.Dealio) -> Not selected for removal.

Заражённые файлы:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.
c:\program files\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal.
c:\program files\search settings\searchsettingsres409.dll (PUP.Dealio) -> Not selected for removal.
c:\program files\search settings\searchsettings.dll (PUP.Dealio) -> Not selected for removal.
c:\documents and settings\home.home-6867770527\application data\Dealio\res\widgets.xml (PUP.Dealio) -> Not selected for removal.
You do not have the required permissions to view the files attached to this post.
clean1computer
Active Member
 
Posts: 3
Joined: January 11th, 2011, 1:41 am

Re: Some of the infected objects were not deleted

Unread postby Gary R » January 11th, 2011, 3:51 am

We need to know what's running on your computer so that we can give you appropriate instructions.

May I draw your attention to THIS topic, which you should have read, and which tells you what we need you to post so that we can help you.

This thread will now be closed.

If you still need help, please start a new thread with:-
  • A HijackThis log.
  • An Uninstall list.
  • Details of the problems you're experiencing.

If for any reason you can't run HijackThis, please let us know in your post.

User avatar
Gary R
Administrator
Administrator
 
Posts: 21866
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 51 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware