-
IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Manual Removal of Lamers Death Trogan - Please Review
G
Hello Everyone,
Trial Anti-Spyware has identified but cannot remove Lamers Death 2.6 on my PC. I would like to attempt to remove it manually and would so much appreciate a X-Pert going over the instructions I have to do so, before I go ahead. Will only have a System Restore Point to revert back to if this information (from Pest Patrol) is faulty or I make a mistake.
Could I screw things up badly following these directions?
Thanks in Advance,
sd
___________________
Detection and Removal
Manual Removal
Follow these steps to remove Lamers Death from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
Stop Running Processes:
Kill these running processes with Task Manager:
client.exe
death.exe
editor.exe
lamers_death2.5c_server.exe
lamers_death2.5e_server.exe
lamers_death2.5g.exe
lamers_death2.5j_server.exe
lamers_death2.6c.exe
lamers_death2.6d.exe
serv2.6.exe
server.exe
systemroot+\winsock.exe
Remove Autorun Reference:
Go To the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
If you find the value HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\winsock.exe, delete it and reboot the machine immediately.
If you find the value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\winsock.exe, delete it and reboot the machine immediately.
If you find the value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices\winsock.exe, delete it and reboot the machine immediately.
Unregister DLLs:
Unregister these DLLs with Regsvr32, then reboot:
editor.dll
systemroot+\interface.dll
systemroot+\system\runexec.dll
Clean Registry:
Remove these registry items (if present) with RegEdit:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\winsock.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\winsock.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices\winsock.exe
Remove Files:
Remove these files (if present) with Windows Explorer:
client.exe
death.exe
death.ini
editor.dll
editor.exe
faq.htm
gammas.txt
help.txt
history.txt
lamers_death2.5c_server.exe
lamers_death2.5e_server.exe
lamers_death2.5g.exe
lamers_death2.5j_server.exe
lamers_death2.6c.exe
lamers_death2.6d.exe
mustdie grey.ldgamma
na
readme.htm
readme.html
readme.txt
serv2.6.exe
server.exe
systemroot+\interface.dll
systemroot+\system\runexec.dll
systemroot+\winsock.exe
whatsnew.txt
Trial Anti-Spyware has identified but cannot remove Lamers Death 2.6 on my PC. I would like to attempt to remove it manually and would so much appreciate a X-Pert going over the instructions I have to do so, before I go ahead. Will only have a System Restore Point to revert back to if this information (from Pest Patrol) is faulty or I make a mistake.
Could I screw things up badly following these directions?
Thanks in Advance,
sd
___________________
Detection and Removal
Manual Removal
Follow these steps to remove Lamers Death from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
Stop Running Processes:
Kill these running processes with Task Manager:
client.exe
death.exe
editor.exe
lamers_death2.5c_server.exe
lamers_death2.5e_server.exe
lamers_death2.5g.exe
lamers_death2.5j_server.exe
lamers_death2.6c.exe
lamers_death2.6d.exe
serv2.6.exe
server.exe
systemroot+\winsock.exe
Remove Autorun Reference:
Go To the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
If you find the value HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\winsock.exe, delete it and reboot the machine immediately.
If you find the value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\winsock.exe, delete it and reboot the machine immediately.
If you find the value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices\winsock.exe, delete it and reboot the machine immediately.
Unregister DLLs:
Unregister these DLLs with Regsvr32, then reboot:
editor.dll
systemroot+\interface.dll
systemroot+\system\runexec.dll
Clean Registry:
Remove these registry items (if present) with RegEdit:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\winsock.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\winsock.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices\winsock.exe
Remove Files:
Remove these files (if present) with Windows Explorer:
client.exe
death.exe
death.ini
editor.dll
editor.exe
faq.htm
gammas.txt
help.txt
history.txt
lamers_death2.5c_server.exe
lamers_death2.5e_server.exe
lamers_death2.5g.exe
lamers_death2.5j_server.exe
lamers_death2.6c.exe
lamers_death2.6d.exe
mustdie grey.ldgamma
na
readme.htm
readme.html
readme.txt
serv2.6.exe
server.exe
systemroot+\interface.dll
systemroot+\system\runexec.dll
systemroot+\winsock.exe
whatsnew.txt
