How to get rid of this

  • Thread starter Thread starter Artur
  • Start date Start date
A

Artur

Hi,

How to remove from the Register of my WinXP Pro SP2
the following malware:
spyware: iehelp
adaware: favadd, wupd, ist.istbar

My system is clean but I can't get rid of above.

I'm looking for a freeware or shareware software.

Regards,
Artur
 
From: "Artur" <[email protected]>

| Hi,
|
| How to remove from the Register of my WinXP Pro SP2
| the following malware:
| spyware: iehelp
| adaware: favadd, wupd, ist.istbar
|
| My system is clean but I can't get rid of above.
|
| I'm looking for a freeware or shareware software.
|
| Regards,
| Artur



If you are using any version of Sun Java that is prior to JRE Version 6.0,
then you are strongly urged to remove any/all versions.
There are numerous vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java JRE/JSE
Version 6.0 update 1 (jre 6u1)

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.6.0_01

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp

FYI:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1



For non-viral malware...

Please download, install and update the following software...

* Ad-aware SE 2007
http://www.lavasoft.de/
http://www.lavasoftusa.com/
http://www.lavasoft.de/ms/index.htm

* SpyBot Search and Destroy v1.4
http://security.kolla.de/
http://www.safer-networking.org/microsoft.en.html

* SuperAntiSpyware
http://www.superantispyware.com/superantispywarefreevspro.html

After the software is updated, I suggest scanning the system in Safe Mode.


For viral malware...

* Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/downloads/dl/35905.asp

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *
 
Thank you very much for your answer.
| How to remove from the Register of my WinXP Pro SP2
| the following malware:
| spyware: iehelp
| adaware: favadd, wupd, ist.istbar
|
| My system is clean but I can't get rid of above.
|
| I'm looking for a freeware or shareware software.
Click to expand...
If you are using any version of Sun Java that is prior to JRE Version 6.0,
then you are strongly urged to remove any/all versions.
There are numerous vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java JRE/JSE
Version 6.0 update 1 (jre 6u1)

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.6.0_01
Click to expand...

At the moment I have: C:\Program Files\Java\jre1.5.0_07
I don't remember what it is used for but I understand that I should update it.

From time to time an icon of Sun Java appears on the task bar and in the same time
a directory Sun is created in the C:\Windows and under C:\Documents and Settings.
As I don't know what it is for, I always cancel the icon.
I don't know if it is connected with the version of jre.
Could you explain it to me, please?

For non-viral malware I use:
Ad-Aware SE Personal Build 1.06r.1 with installed definition file: SE1R178.29.06.2007
SpyBot Search and Destroy 2000-2005 (from Help -> About).
a-squered Free 2.0
Unfortunatelly, none of them is able to remove the malware mentioned above,
in Safe Mode either.

For viral malware I use:
AVG Free Edition ver. 7.5.476 with virus base 269.9.14/880 with Resident Shield.

I'll try to download and install all other software you suggested.

Thanks once again.
Regards
Artur
 
From time to time an icon of Sun Java appears on the task bar and in the same time
I remove not only the icon but also the Sun subdirectory in the above directories.
Is it correct?

Artur
 
From: "Artur" <[email protected]>


|
| I remove not only the icon but also the Sun subdirectory in the above directories.
| Is it correct?
|
| Artur

Fisrt use the Control Panel applet "Add/Remove Programs" and remove ALL versions of Sun Java
before installing v6 update 1.
 
Fisrt use the Control Panel applet "Add/Remove Programs" and remove ALL versions of Sun Java
before installing v6 update 1.
Click to expand...

I used the Add/Remove Programs and removed J2SE Runtime Environment 5.0 Update 7 yesterday.
Since then the computer hasn't prompted to install Sun Java yet. If it does, I'll install ver. 1.6.0_01.

I also downloaded and installed the SuperAntiSpyware and scanned the system in Safe Mode.
It found 4 trojans in 3 files and although the IEXPLORER (C:\WINDOWS\IEXPLORER.EXE)
was among checked and removed or at least quarantined files, after rebooting the IEXPLORER works.
The list of quarantined Items in ManageQuarantine.. in SuperAntiSpyware Main Menu window
is empty.
It didn't find the malware I mentioned in my first news. However I think it was a false alarm,
as it was found by Panda ActiveScan program only and, as I read in the Internet, a lot of people
don't trust the Panda program.

What do you think about AVG Free Edition ver.7 ? I am used to it and I don't know whether
I should replace it with one of the components of MULTI_AV like McAfee or Kaspersky.
I read that one should use just one antivirus program in a system.
By the way, I use the firewall that is in the WinXP Pro SP2 only - is it enough?

Thanks for youe help.
Regards
Artur
 
Artur said:
Hi,

How to remove from the Register of my WinXP Pro SP2
the following malware:
spyware: iehelp
adaware: favadd, wupd, ist.istbar

My system is clean but I can't get rid of above.
Click to expand...
f-disk and format will sort it for good.
 
'Dave {???}'
| f-disk and format will sort it for good.
_____

So will a hammer, but so what?

Phil Weldon

in message |
| > Hi,
| >
| > How to remove from the Register of my WinXP Pro SP2
| > the following malware:
| > spyware: iehelp
| > adaware: favadd, wupd, ist.istbar
| >
| > My system is clean but I can't get rid of above.
| >
| f-disk and format will sort it for good.
|
|
|
 
Artur aka (e-mail address removed),after much thought,came up with this jewel:
I used the Add/Remove Programs and removed J2SE Runtime Environment
5.0 Update 7 yesterday. Since then the computer hasn't prompted to
install Sun Java yet. If it does, I'll install ver. 1.6.0_01.
Click to expand...

Don't wait for a prompt-just install the latest and greatest-
Sun Java 6.0

I also downloaded and installed the SuperAntiSpyware and scanned the
system in Safe Mode. It found 4 trojans in 3 files and although the
IEXPLORER (C:\WINDOWS\IEXPLORER.EXE) was among checked and removed or
at least quarantined files, after rebooting the IEXPLORER works. The
list of quarantined Items in ManageQuarantine.. in SuperAntiSpyware
Main Menu window is empty. It didn't find the malware I mentioned in
my first news. However I think it was a false alarm, as it was found
by Panda ActiveScan program only and, as I read in the Internet, a
lot of people don't trust the Panda program.

What do you think about AVG Free Edition ver.7 ? I am used to it and
I don't know whether I should replace it with one of the components
of MULTI_AV like McAfee or Kaspersky. I read that one should use
just one antivirus program in a system. By the way, I use the
firewall that is in the WinXP Pro SP2 only - is it enough?

Thanks for youe help.
Regards
Artur
Click to expand...

The XP firewall is minimal at best. Buy a router with built-in firewall.
I don't care much for AVG or Avast. Use a good AntiVirus program like
NOD32 or if you need a free one use AntiVir. MULTI_AV can be used for
an on-demand AV. BitDefender has a free,on-demand scanner. You would be
better off learning how to make your system more secure like turning
off unused services,using a more secure browser and email client etc.I
have more tips and links on my pages.
max
--
My Pages:
Virus Removal Instructions:
http://www.freespaces.com/maxwachtel/removal.html
Keeping Windows Clean:
http://www.freespaces.com/maxwachtel/keepingclean.html
Tools: http://www.freespaces.com/maxwachtel/tools.html
Change nomail.afraid.org to gmail.com to reply. nomail.afraid.org is
specifically setup for USENET.Feel free to use it yourself.
Always remember - only download files from Trusted Sites.
 
Thank you very much.
Don't wait for a prompt-just install the latest and greatest-
Sun Java 6.0
Click to expand...

What does the WinXP Pro SP2 need Sun Java to?
My Pages:
Virus Removal Instructions:
http://www.freespaces.com/maxwachtel/removal.html
Keeping Windows Clean:
http://www.freespaces.com/maxwachtel/keepingclean.html
Tools: http://www.freespaces.com/maxwachtel/tools.html
Click to expand...

I not only have read your news carefully but also visited your pages.
In the near future I'll try to apply the tools.

Regards
Artur
 
Artur aka (e-mail address removed),after much thought,came up with this jewel:
Thank you very much.


What does the WinXP Pro SP2 need Sun Java to?
Click to expand...

Microsoft's Java Virtual is not supported anymore(because of lawsuits)
so you need to install the java runtime from Sun.
Some pages you visit use java,that is why the java icon appears in your
toolbar from time to time.
I not only have read your news carefully but also visited your pages.
In the near future I'll try to apply the tools.
Click to expand...

Thanks for taking the time to read my pages. I also have links to more
info on my Tools page.

max
--
My Pages:
Virus Removal Instructions:
http://www.freespaces.com/maxwachtel/removal.html
Keeping Windows Clean:
http://www.freespaces.com/maxwachtel/keepingclean.html
Tools: http://www.freespaces.com/maxwachtel/tools.html
Change nomail.afraid.org to gmail.com to reply. nomail.afraid.org is
specifically setup for USENET.Feel free to use it yourself.
Always remember - only download files from Trusted Sites.
 
Back
Top