cancel
Showing results for 
Search instead for 
Did you mean: 
momb
Level 7

How to remove GenericDropper!bei ?

I recently had Reboot-AH, Generic Downloader.x!bok, and FakeAlert-XPSecCenter detected by Mcafee and quarantined. This solved the slowdown problem I was having with my computer. However, I still have a problem with my browser being redirected to other sites when I try to use a search engine, a different site each time. I have updated Mcafee and run scans with the System Restore turned off and it found nothing. When I ran the Free Scan from the Mcafee site it found this GenericDropper!bei, but did not tell me how to remove it. I am using Windows XP Professional with Service pack 2 and the Mcafee security suite from AT&T- Version 9.15. The Virus scan version is 13.15, the DAT is 5783, and the engine is 5301.4018. Hope this is the right forum, it's the first time I've used it. Hope someone can help me.
0 Kudos
14 Replies
exbrit
Level 21

RE: How to remove GenericDropper!bei ?

According to http://vil.nai.com/vil/content/v_239604.htm McAfee should have removed it unless it was trapped in your System Restore folder (shown as "System Volume Information" in most scanners) then temporarily disabling System Restore should then get rid of it.

To be on the safe side scan using the free version of these two tools and let them remove anything they find. Reboot if asked to. Update tme first before running.

http://www.superantispyware.com/superantispywarefreevspro.html

(Might be a good idea to keep that one for future use)

and

http://www.malwarebytes.org/mbam.php

Lastly I strongly recommed you update to SP3 as it has been released for some time now. There is help with that here: http://community.mcafee.com/showthread.php?t=220807
0 Kudos
momb
Level 7

What is tme?

Thank you so much for the help, I will try it right away. First I'd like to ask what you meant by "update tme first before running"? And do I have to disable McAfee when I run these other two programs? Sorry to ask about what are probably obvious things, but I don't really know too much about this.
momb:confused:
0 Kudos
exbrit
Level 21

RE: What is tme?

I meant update them before running, sorry about the typo.
0 Kudos
momb
Level 7

Will try it now

Thank you for your patience with me, I will try it now
0 Kudos
exbrit
Level 21

RE: Will try it now

No problem. Good luck.Smiley Happy
0 Kudos
momb
Level 7

Scans are done but problem remains

I ran scans with both programs, the superantispyware found an unknown trojan which was removed, and the Malwarebytes scan afterwards showed nothing. I'm still having trouble when I use a search engine, it keeps getting redirected to other sites than what I'm trying to get to. It will go to a different one each time and they all seem to end with php. Any other suggestions?
0 Kudos
momb
Level 7

worms and trojans found in task manager?

I just tried to check the processes that show in task manager against a list on the web, and many of them are worms or trojans according to this site. It is www.tasklist.org. Are they legitimate, with correct information? They also say that these can be removed with Easy Spy Remover; this makes me suspicious since I can't imagine Mcafee missing 14 worms and trojans but the program they recommend can clean them off. Can you tell me if they are reliable?
Thank you,
momb
0 Kudos
exbrit
Level 21

RE: worms and trojans found in task manager?

Take no notice of what "they" say....use both of the tools I linked above - use them twice or three times if necessary.

If that doesn't help then download Hijackthis and post its log on one of the following forums for expert help and advice:

DOWNLOAD HIJACKTHIS

Do not post the log here, we can't help!

Post the logs at a specialist Forum:

AUMHA FORUM

BLEEPING COMPUTER FORUM

GEEKS TO GO FORUM

MAJOR GEEKS FORUM

MALWAREBYTES FORUM

MALWARE REMOVAL FORUM

SPYWAREHAMMER FORUM

SPYWARE INFO FORUM

WHAT THE TECH FORUM

Be sure to read all the sticky announcements/instructions at the top of each malware forum!
0 Kudos
momb
Level 7

ok, will do

Thanks, I ran them both but only once. I will do it again. Should I disable System Restore when I run them, and should I be in Safe Mode or just boot regularly?
All the best,
momb
0 Kudos