Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

spyware.perfect removal?

Status
Not open for further replies.
krafty88

krafty88

Technical User
Feb 3, 2006
1
CA
Greetings. Hope I'm in the right place to ask this type of question. The computer I'm working on is infected with spyware.perfect or in Mcfee's terms, keylogger-perfect. There are 9 instances and I can't seem to get rid of them. I believe the reason is that the infected files are still on the system - only problem is I don't know where they are. I did the McAfee online scan and it came up with something like this:
c:\..\..\inst_something runescape_something.exe

I could not find the full path. I have norton antivirus running and have attempted their posted clean up routine numerous time, but it doesn't work because none of the files they say to delete exist, nore do the registry settings they say to delete.

I know the spyware and virus stuff was coming from the game runescape because the rules were not followed, so I did a search on "rune" and deleted all files found.

Any help would be most appreciated.
 
Sort by date Sort by votes
First off I reccomend downloading and running ewido from the link below.


Second off I reccomend this online system scan. Do a full system scan.


3rd when done, download hijackthis from the link below. Extract to desktop or prefered folder. Open it up, choose do a system scan and save a logfile. Post the logfile on here and unless your sure of what your doing dont attempt to fix anything as most items are legit.

 
Upvote 0 Downvote


Download the pocket killbox




Double-click on Killbox.exe to run it. Now put a tick by Delete on
Reboot. In the "Full Path of File to Delete" box, copy and paste each
of the following lines one at a time then click on the button that has
the red circle with the X in the middle after you enter each file.
It will ask for confimation to delete the file on next reboot. Click
Yes. It will then ask if you want to reboot now. Click No. Continue
with that same procedure until you have copied and pasted all of
these in the "Paste Full Path of File to Delete" box.Then click yes
to reboot after you entered the last one.


Note: It is possible that Killbox will tell you that one or more files do not
exist. If that happens, just continue on with all the files. Be sure you
don't miss any.


If there are any other files showing up in a hijack this log out of the ones listed in the symantec site put them through the killbox as well, or wait for advice!



C:\Program Files\BPK



Run ActiveScan online virus scan here


When the scan is finished, anything that it cannot clean have it delete it.
Make a note of the file location of anything that cannot be deleted so you
can delete it yourself.
- Save the results from the scan!



post another hijack this log, the ewido and active scan logs


Member of ASAP Alliance of Security Analysis Professionals

under the name khazars
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

BionicJohn
  • Locked
  • Question
URUASY.A Ransomware Trojan - Help needed with removal
Replies
6
Views
196
BionicJohn
BionicJohn
izzer43
  • Locked
  • Question
Manual Removal of Virus "TIDSERV 2" required by Norton
Replies
0
Views
107
izzer43
izzer43
Sentrif
  • Locked
  • Question
MS Removal and ESET NOD32
Replies
13
Views
187
allteltec
allteltec
Bluejay07
  • Locked
  • Question
Virus removal and blocking exe files
Replies
4
Views
122
Bluejay07
Bluejay07
Iam2391212
  • Locked
  • Question
Win 7 AnitVirus 2012 removal ( .exe's and .com's wont open)
Replies
8
Views
130
Iam2391212
Iam2391212

Part and Inventory Search

Sponsor

Back
Top