3 replies to this topic

[Cohort]

Hi, Can anyone help. I have a computer that was very infected with Malware Defender 2009. Most of the problems have now gone, but 3 items remain.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db3e49c6-91a0-4394-9bff-9447f56b49b1} (Trojan.BHO.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{db3e49c6-91a0-4394-9bff-9447f56b49b1} (Trojan.BHO.H) -> Delete on reboot.

c:\windows\system32\plkdgia.dll (Trojan.BHO.H) -> Delete on reboot.

MalwareBytes reboots the computer, all 3 items remain on the computer. I have tried scanning in safe mode, same result. I have tried removing the registry entries, but it wont let me. I have also tried booting from the windows CD, going to recovery console and deleteing the file, but cant even find it there.

What next?

[GT500]

Please follow these instructions (skipping any steps you are unable to complete) for posting in our Malware Removal - HijackThis Logs forum. If you cannot follow any of those steps, then please create a new topic in that forum explaining what happened when you tried to run each of the tools in the instructions, and the expert who helps you will be able to suggest steps to take to get the tools working.

[JMJFOK]

Cohort, on Mar 12 2009, 01:10 PM, said:

Hi, Can anyone help. I have a computer that was very infected with Malware Defender 2009. Most of the problems have now gone, but 3 items remain.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db3e49c6-91a0-4394-9bff-9447f56b49b1} (Trojan.BHO.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{db3e49c6-91a0-4394-9bff-9447f56b49b1} (Trojan.BHO.H) -> Delete on reboot.

c:\windows\system32\plkdgia.dll (Trojan.BHO.H) -> Delete on reboot.

MalwareBytes reboots the computer, all 3 items remain on the computer. I have tried scanning in safe mode, same result. I have tried removing the registry entries, but it wont let me. I have also tried booting from the windows CD, going to recovery console and deleteing the file, but cant even find it there.

What next?

Same problem here - Can anyone help us?

[AdvancedSetup]

Yes we can help you, just not in this forum. Please read the ENTIRE post below and someone will help you as soon as they can.


Hello and Welcome to Malwarebytes.org

If you're having Malware related issues with your computer that you're unable to resolve.

• Please read and follow the instructions provided here: I'm infected - What do I do now?
  
• If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
  
• When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.

• Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  
• Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  
• Using these other tools often makes the cleanup task more difficult and time consuming.
  
• If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  
• Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  
• There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review

• NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.