Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Suspected malware "recycler\s" on my external hd

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Suspected malware "recycler\s" on my external hd

Unread postby peku006 » March 25th, 2009, 12:42 pm

Hi bongoli

Occasionally you’ll get a Zonealarm Alert that says a program “wants to act as a server,” or “wants to accept connections from the Internet.” Allowing a program to act as a server means that an outside connection can access your PC through that program! Practically all Trojans and many other malware want server rights, so beware! Typically, the only programs that may need server rights are the file sharing programs like Bearshare, or games that require point-to-point connections with other players across the Internet

Great that your machine is running better now, the scans are fine and it looks like your machine is clean

Delete RSIT from your desktop, also delete this folder C:\rsit.

Double-click OTListIt2.exe to start it.
Click the Clean up button
Click Yes to the reboot.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore-WINDOWS XP
This is a good time to clear your existing system restore points and establish a new clean restore point:

Turn off System Restore
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply, and then click OK.
  • Reboot.
Turn ON System Restore
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • UN-Check *Turn off System Restore*.
  • Click Apply, and then click OK.
This will remove all restore points except the new one you just created.

Here are some free programs I recommend that could help you improve your computer's security.

Spybot Search and Destroy 1.6
Download it from here. Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here

Install SpyWare Blaster 4.0
Download it from here
Find here the tutorial on how to use Spyware Blaster here

Install WinPatrol
Download it from here
Here you can find information about how WinPatrol works here

Install FireTrust SiteHound
You can find information and download it from here

Install MVPS Hosts File from here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com

Please check out Tony Klein's article "How did I get infected in the first place?"

Read some information here how to prevent Malware.

Is your pc running slow?
Read What to do if your Computer is running slowly

Happy surfing and stay clean! :thumbup:
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway
Advertisement
Register to Remove

Re: Suspected malware "recycler\s" on my external hd

Unread postby bongoli » March 25th, 2009, 4:20 pm

Hey peku006,

I had a few questions for you. I know when AutoRunEater found the problems it put it into a vault. It made a backup of those files, is it okay if I have it clear backup or is there a risk of it infecting my computer? Also, I think that the AVG vault is a hidden folder in whichever drive the problems were found in, so will it be a problem if I plug my drives into other computers? What I would like to know is what are the chances that the malware is still hidden in my external hard drives somewhere?

In terms of the spyware protection programs you recommended, I am using spybot, is that good enough or should I upgrade to one of the ones you recommended?

Thank you very much for all your help.

-Bongoli
bongoli
Active Member
 
Posts: 13
Joined: March 18th, 2009, 11:50 am

Re: Suspected malware "recycler\s" on my external hd

Unread postby peku006 » March 25th, 2009, 6:17 pm

Hi bongoli

I am sorry ,but I have never used the AutoRunEater..........
I think that it will automatically delete suspicious autorun.inf files and do not put them in quarantine
Combofix also removes bad autorun.inf files and Flash_Disinfector wrote a new clean autorun.inf file....I am sure you have a clean autorun.inf file
if you think that the external hard drives are not clean, you can scan they for example with Kaspersky
you can delete all AVG Virus Vault contents in one go: - Open the AVG Control Center program -> right click on "AVG Virus Vault" tab -> choose "Empty vault".

Spybot and Spyware Blaster are excellent programs together with MalwareBytes AntiMalware. It is a good program to have and to run every few weeks just to be sure that you are still clean.
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Suspected malware "recycler\s" on my external hd

Unread postby bongoli » March 25th, 2009, 6:36 pm

Hey,

Thanks for the information. I forgot to mention that previously, upon plugging in the external hard drives, there would be a display box showing the files being read onto my computer and a pop up saying usb device has been plugged in. However, I no longer get them. This just came to mind when you said the autorun.inf files should have been re-written by the Flash-Disinfector. I'm sure it won't be a big issue, but just thought I should let you know.

Also, I don't see the rsit files you told me to delete, on my desktop or in my C drive.

I am going to wait on the system restore and OTList2 instructions until we get this sorted out.

Thanks,
Bongoli
bongoli
Active Member
 
Posts: 13
Joined: March 18th, 2009, 11:50 am

Re: Suspected malware "recycler\s" on my external hd

Unread postby peku006 » March 26th, 2009, 2:58 am

Hi Bongoli

I´m sorry i made mistake :oops: you do not have rsit , continue OTList2 and system restore instructions

troubleshooting tips for general USB problems in Windows XP
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Suspected malware "recycler\s" on my external hd

Unread postby NonSuch » March 28th, 2009, 2:55 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 490 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware