Virus Removal

Community Forums/General Help/Virus Removal

AJ00200(Posted 2009) [#1]
I need all info I can get on the removal of a Brilliant Digital Virus (adware)

3 traces (Spy Sweeper says this - I don't know what it means.)


AJ00200(Posted 2009) [#2]
I unsigned atl.dll, but I can't delete it.
Anyone able to help?


AJ00200(Posted 2009) [#3]
Spybot Search and Destroy says IE is set to use a Proxy.
I have no proxy.


Stevie G(Posted 2009) [#4]
Try Ad-aware and Malwarebytes' Anti-Malware ( especially the later ).


puki(Posted 2009) [#5]
Mmm, I wonder if this could be a Blitz false positive.

One trigger for it is b3dupdate.exe and it is possible it will trigger on 'b3d'.

http://www.blitzbasic.com/Community/posts.php?topic=62879


_PJ_(Posted 2009) [#6]
As "puki" suggests, it may be a false positive, where .b3d file extension registrations are considered by the AV software to be the older versions of Brilliant Digitals' "Altnet" malware, which utilises the extension ".b3d"
This malware is mainly distributed with Kazaa and later spread through "Greetings Card" spam emails.

If toy ARE actually infected, though, removal instructions are here:

http://www.safer-networking.com/removeAltnet.php


AJ00200(Posted 2009) [#7]
Thanks, Ill try that.
I sure hope its not a Blitz false positive.
One of the websites I was on was listing the processed and files, but I found non of them.


As "puki" suggests, it may be a false positive, where .b3d file extension registrations are considered by the AV software to be the older versions of Brilliant Digitals' "Altnet" malware, which utilises the extension ".b3d"




AJ00200(Posted 2009) [#8]
Could the 3 traces mean 3 .b3d files?
I have 3 .b3d files for the Network RPG Community Project.

Good thing I asked here, or else I would be trying to remove a virus that doesn't exist.


_PJ_(Posted 2009) [#9]
Could the 3 traces mean 3 .b3d files?
I have 3 .b3d files for the Network RPG Community Project.



That's exactly what "puki" and I said.


The term "False Positive" (in this case) means that the Anti-Malware programs are reporting a positive result (i.e. Found malware), even though the resultant find is actually NOT malware, because it's legitimate and safe .b3d mesh files.

I'd recommend investing in anti-malware programs which actually identify what the "traces" they have discovered are, rather than just say "oh I found 3 of them" so that you can determine if they are false positives or not.


AJ00200(Posted 2009) [#10]
No, it's just that my subscription has expired, and won't tell where they are.

Spybot Search and Destroy is pointing to registry values that point to a 3D file viewer I made, so that is nothing then.

But the weird thing is that whenever I start Windows, it says it needs to close Window's Explorer to prevent another program from taking it over, but the start bar never flashes at all.
The only way to stop the messages is to use Task Manager to stop explorer.exe, then reopen it.

Any Ideas?
It also found the searchPixi Bar in IE

I'm going to tell Webroot about this.


Kryzon(Posted 2009) [#11]
Regarding virus\adware\rootkit removal, I can't point you to no place other than:

http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/online-scanner/

I used to have this adware that would pop a "Security Scan" ad and nothing could remove it, MalwareBytes, Ad-Aware, Spybot. Nothing.

That online scan removed it. It's great. You just download the components, choose what you want it to do and let it do its magic.

In case you're having second thoughts on who F-Secure is:
http://www.f-secure.com/en_EMEA/about-us/

I mean, I don't like the sound of "online scan" either, but at least this is a top company that we can trust. It's like the Norton of Europe.


GaryV(Posted 2009) [#12]
You are using IE, but then complain about getting a virus?

Download the latest version of Microsoft's malware remover.

*edit* Here is a link for ya:

http://www.microsoft.com/security/malwareremove/default.mspx


xlsior(Posted 2009) [#13]
You are using IE, but then complain about getting a virus?
Download the latest version of Microsoft's malware remover.


Using a Microsoft product to fix flaws in a Microsoft OS and Microsoft webbrowser?

Some people never learn. :-?


GaryV(Posted 2009) [#14]
Only freebie one I have used (we have to use it at work).


Kryzon(Posted 2009) [#15]
Seriously man, give that online scan a try. You'll be surprised.


AJ00200(Posted 2009) [#16]
OK, I will.
I was also supurised by the other scanners I have.
Norton sucks.

I use FirwFox.