1 reply to this topic

[ladyblue]

So I have recently got a virus called Infostealer.Gampass. Norton Antivirus removed it BUT there are still problems. This virus have changed some values in the registry and added some in the registry...I hope you all understand what I mean, English is not my native language.

When I went to the Nortons/Symantec info about how to remove from the registry and change the values in some of the changed registries, they only tell it in a kind of common way, not exactly what I should remove, and it seems that it is only for Windows XP/NT. I have Windows Vista.

Is there anyone here who could help? I have search the Internet for some clues, but nothing specific showed up.

[Rorschach112]

hello

• Download OTListIt2 to your desktop.
  
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• When the window appears, underneath Output at the top change it to Minimal Output.
  
• Check the boxes beside LOP Check and Purity Check.
  
• Under Custom Scan paste this in
  
  netsvcs
  msconfig
  safebootminimal
  safebootnetwork
  activex
  %systemroot%\System32\antiwpa.dll
  %systemroot%\SYSTEM32\wpa.dll
  %systemroot%\setup\scripts\biestart.exe
  %systemroot%\system32\drivers\royal.sys
  %systemroot%\system32\serauth1.dll
  %systemroot%\system32\serauth2.dll
  %systemroot%\system32\sysaudio.sys
  %systemroot%\system32\wdmaud.sys
  %systemroot%\system32\aeaudio.sys
  
  
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.