Solved unknown start-up items/executables

[zeamann]

i just need to know if the following start-up items/executables are okay:
1. KbdbbnvYbaeVFmwUBrP has two command instances (1 ended with "o" the other with "e" and both located in HKCU\SOFTWARE....
2. BEMET muzik same location as above
3. Bron-Spizaetus located in HKLM\SOFTWARE...
4. CCHpix 041 and
5. CCHpix 048 and
6. Crukvm and
7. Tok-Cirrhatus-1695 and
8. Xoausuf are all located in HKCU\SOFTWARE...

please NOTE that i've disabled all of the above with no problem but no.1 item somehow managed to repeatedly enabled itself. NOTE too that i did this after running MalwareBytes free and then ASC free. MalwareBytes 1st run found and fixed more than 300 infections and 2nd run found nothing. surprisingly (to me personally) ACS 1st run and subsequent 3 or 4 runs found 2 (trojan.generic) same infections.

does this mean that no.1 startup item is related to the infection ASC kept detecting?

and of course, i did all of this on a Vista Home Premium 32-bit HP Pavilion p6617c PC that belongs to Health Inspection Unit.

greatly appreciate urgent assistance as tomorrow is Monday. God Bless,

Zeamann.

 

[zeamann]

with no problem

means the machine is a bit faster in responding now.

 

[whs]

That looks like a lot of infections. The one that keeps coming back you may have to remove manually. Look on the web, there may be a procedure. Search by the name of the bugger. Else send a PM to Corrine. She may know how to deal with it.

You have to understand that a scanner or an AV program may remove a virus. But the damage the virus has made it cannot fix. Ultimately you may be best off to reinstall since I suppose you have no images. Image, image, image - then you can fix problems like that in no time.

 

[gregrocker]

I would clean reinstall. If the Startup reg keys are infected it will never be cleaned completely.

Besides, a clean reinstall is better than getting a new computer with today's factory bloatware larded in.

Reinstalling Windows 7

 

[zeamann]

just as i thought. thanks a lots and by the way; what does PM stands for? and how do i send the PM to Corrine? Who is he/she?

i forgot to mention that this HP PC has out-dated avira anti-virus and expired-trial-period norton anti-virus. i've removed norton anti-virus this morning. if both avira and malwarebytes both run on this PC, will there be a conflict between them?

I am thinking about removing avira anti-virus too and replace it with MSE free and see if it can remove these infections completely. can you direct me to where i may get detail on how to offline-update malwarebytes on vista home premium PC?

this is my last night to deal with this PC before it goes back tomorrow into the office again with its infections. please assist asap.

thanks a lots in advance again and God Bless,

Zeamann.

 

[Britton30]

PM is a Private Message and Corrine is one of our malware/security experts.

 

[zeamann]

I would clean reinstall. If the Startup reg keys are infected it will never be cleaned completely.

Besides, a clean reinstall is better than getting a new computer with today's factory bloatware larded in.

Reinstalling Windows 7

if this is were my own PC i could just do what you recommended; so if there is really no way to clean this PC, then i may have to also recommend a clean re-install to the Health Inspector.

just to prepare myself, will the recovery option during post-boot do the trick or do i need to have an OS disk (cd/dvd) on-hand. it is my understanding that a clean install will mean re-formatting the hdd which will require creation of data backup first. please advise further.

thanks a lots and God Bless,

Zeamann.

 

[zeamann]

PM is a Private Message and Corrine is one of our malware/security experts.

thanks a bunch. greatly appreciated. i will contact her right away.

God Bless,

Zeamann

 

[gregrocker]

Factory Recovery run from boot is another option which can overcome the infection in most cases. It would be best to have the Recovery Disks as a backup if you can still make them.

Otherwise here is the latest Official Win7 ISO download for clean reinstall: Win7 Home Premium x64 SP1 English Official ISO download
Burn to DVD or write to flash stick using Windows 7 USB-DVD Download Too.

In either case you will need to back up your files externally, and I would scan them with Malwarebytes and your AV after exporting.

It may be faster to Factory Recover or Clean Reinstall depending upon how many programs need to be reinstalled. Dragging data to external and then back into User Folders after reinstall is fast and easy.

 

[zeamann]

PM is a Private Message and Corrine is one of our malware/security experts.

thanks a bunch. greatly appreciated. i will contact her right away.

God Bless,

Zeamann

I've just PMed Corrine and am now waiting for her expert view on this. However, I am still open to discuss a clean re-install.

Thanks a bunch again guys and God Bless,

Zeamann.

 

[whs]

If you reinstall, you are best off with Greg's recommendation to download the .iso. Then you get a much cleaner system.

Reinstalling from the recovery partition may be a tad easier, but you get all that useless stuff again that your OEM figured you should have.

 

[zeamann]

Factory Recovery run from boot is another option which can overcome the infection in most cases. It would be best to have the Recovery Disks as a backup if you can still make them.

Otherwise here is the latest Official Win7 ISO download for clean reinstall: Win7 Home Premium x64 SP1 English Official ISO download
Burn to DVD or write to flash stick using Windows 7 USB-DVD Download Too.

In either case you will need to back up your files externally, and I would scan them with Malwarebytes and your AV after exporting.

It may be faster to Factory Recover or Clean Reinstall depending upon how many programs need to be reinstalled. Dragging data to external and then back into User Folders after reinstall is fast and easy.

does "in most cases" means that a reinstall by recovering from post boot option can fail to wipe clean the infections?

 

[zeamann]

Factory Recovery run from boot is another option which can overcome the infection in most cases. It would be best to have the Recovery Disks as a backup if you can still make them.

Otherwise here is the latest Official Win7 ISO download for clean reinstall: Win7 Home Premium x64 SP1 English Official ISO download
Burn to DVD or write to flash stick using Windows 7 USB-DVD Download Too.

In either case you will need to back up your files externally, and I would scan them with Malwarebytes and your AV after exporting.

It may be faster to Factory Recover or Clean Reinstall depending upon how many programs need to be reinstalled. Dragging data to external and then back into User Folders after reinstall is fast and easy.

hey Greg,

will win-to-flash software do the same trick as your link for "USB -DVD Download Tool"? i'm really sure i've tried using it with vista and win7 systems last year only as a try-out on a newly created partition and i believe i still have it in my official laptop. please advise.

 

[zeamann]

If you reinstall, you are best off with Greg's recommendation to download the .iso. Then you get a much cleaner system.

Reinstalling from the recovery partition may be a tad easier, but you get all that useless stuff again that your OEM figured you should have.

downloading of the iso has already begun like 5 minutes but just out of curiosity, will this iso require activation after installation is complete?

i already got a "pirated copy" of vista all and both win7 32 and 64 bit versions but they all need activation so i only used them in the past to play around with dual-booting and creating/deleting partitions.

please advise.

 

[whs]

If you reinstall, you are best off with Greg's recommendation to download the .iso. Then you get a much cleaner system.

Reinstalling from the recovery partition may be a tad easier, but you get all that useless stuff again that your OEM figured you should have.

downloading of the iso has already begun like 5 minutes but just out of curiosity, will this iso require activation after installation is complete?

i already got a "pirated copy" of vista all and both win7 32 and 64 bit versions but they all need activation so i only used them in the past to play around with dual-booting and creating/deleting partitions.

please advise.

Yes it will need activation with your key that is on the COA sticker on your box.

 

[zeamann]

If you reinstall, you are best off with Greg's recommendation to download the .iso. Then you get a much cleaner system.

Reinstalling from the recovery partition may be a tad easier, but you get all that useless stuff again that your OEM figured you should have.

downloading of the iso has already begun like 5 minutes but just out of curiosity, will this iso require activation after installation is complete?

i already got a "pirated copy" of vista all and both win7 32 and 64 bit versions but they all need activation so i only used them in the past to play around with dual-booting and creating/deleting partitions.

please advise.

Yes it will need activation with your key that is on the COA sticker on your box.

i think it is better if i purchase a multi-license from MS Web store for both vista and win 7 OSs as I will be a licensed IT specialist on my island in the near future. i believe i could use that iso with a purchased license, right?

 

[whs]

Yeah, but that would be a waste. The key on your system comes for free.

 

[Britton30]

Any Genuine key will activate the iso install as long as it is for a Home Premium edition.
The Windows DVD to USB tool works perfectly too, it's free why not use it?

 

[Corrine]

if this is were my own PC i could just do what you recommended; so if there is really no way to clean this PC, then i may have to also recommend a clean re-install to the Health Inspector.

just to prepare myself, will the recovery option during post-boot do the trick or do i need to have an OS disk (cd/dvd) on-hand. it is my understanding that a clean install will mean re-formatting the hdd which will require creation of data backup first. please advise further.

thanks a lots and God Bless,

Zeamann.

Hi, Zeamann.

My apology for the delay in responding. I've been tied up elsewhere and am just making it to Seven Forums this evening.

Since this isn't your computer and appears to be a business-owned machine, I would not be willing to take responsibility for assisting in malware removal. In this particular case, with out-dated security software and apparently a driver/service re-adding those entries to start-up, the machine is best off with a clean install.

In addition, please note that although the software being used is "free", that applies to personal use, not on business-owned machines.

As to ASC, I suspect that is IOBit's Advanced System Care. I can assure you that a registry cleaner will not be useful in cleaning this machine, particularly, one with a reputation for stealing other vendor's files. Based on IOBit's past practices, I wouldn't run it on my computer. See the following for additional information:
-- IOBit Steals Malwarebytes' Intellectual Property
-- IOBit’s Denial of Theft Unconvincing
-- IOBit Theft Conclusion

 

[zeamann]

Thank you ever so much Corrine for your time to share your most valuable expertise and especially the info about IOBIT's ASC. I've already made a decision about ASC as I read your message but I don't have to let you know as you can guess it correctly.

I will ask Health Inspector his permission to have his PC system recovered to its factory setting since it is hard to get a OS CD on this island.

I will now mark this thread as solved.

Thank you all again for your never-ending commitment to the lesser gifted and God Bless,