malware removal

Hello, I need advice on how to remove a malware item which spyboot cannot
remove. Spyboot spotted a folder called BDE which is in the windows
directory, what I don't know whether the entire folder is malware or only
part of it. Is BDE a windows folder?, what I get with this is a pop up
advertising which after being closed keeps on opening. Please help me on how
to remove this manualy
Thank you for your assistance. I have xp home edition
Elly

"elly" wrote:

> Hello, I need advice on how to remove a malware item which spyboot cannot
> remove. Spyboot spotted a folder called BDE which is in the windows
> directory, what I don't know whether the entire folder is malware or only
> part of it. Is BDE a windows folder?, what I get with this is a pop up
> advertising which after being closed keeps on opening. Please help me on how
> to remove this manualy
> Thank you for your assistance. I have xp home edition
>

Hi Elly,
Yes it is Adware folder created to let advertising po-up on your computer,
to remove follow these steps:
Locate the folder in these pathes and Delete:
C:\BDE
C:\Windows\BDE
C:\Windows\System32\BDE
C:\Program Files\BDE

Also open the Local search on your desktp and search for these files/foldrs:
Bdeclean.exe
Bdeclean.glc
b3bupdate

Then Open a run command andtype in:
regedit.exe click [OK]
On the Registry Editor locates these Keys and delete the Entries for the
Adware:
<Quote>//** [be careful in editing the registry, if you done in the wrong
way you will render your OS useless]**//
KEY_CLASSES_ROOT\s3d_auto_file
HKEY_CLASSES_ROOT\.b3dini
HKEY_CLASSES_ROOT\b3d_auto_file
HKEY_CLASSES_ROOT\b3dini_auto_file
HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl
HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl.1
HKEY_ALL_USERS\Software\Brilliant Digital Entertainment
HKEY_CLASSES_ROOT\BDESmartInstaller.BDESmartInstaller
HKEY_CLASSES_ROOT\BDESmartInstaller.BDESmartInstaller.1
HKEY_CLASSES_ROOT\BDESmartInstaller25.BDESmartInstaller25.1
HKEY_CLASSES_ROOT\BDESmartInstaller25.BDESmartInstaller25
HKEY_LOCAL_MACHINE\SOFTWARE\Brilliant Digital Entertainment
HKEY_CLASSES_ROOT\CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}
HKEY_CLASSES_ROOT\CLSID\{67925165-C4B6-11D2-B9C6-0000E84F59A6}
HKEY_CLASSES_ROOT\Interface\{51958167-D5E3-11D1-AA42-0000E842E40A}
HKEY_CLASSES_ROOT\Interface\{51958168-D5E3-11D1-AA42-0000E842E40A}
HKEY_CLASSES_ROOT\Typelib\{51958166-D5E3-11D1-AA42-0000E842E40A}
HKEY_CLASSES_ROOT\TypeLib\{82FC7881-AACC-11D2-B9C6-0000E842E40A}
HKEY_CLASSES_ROOT\Interface\{67925164-C4B6-11D2-B9C6-0000E84F59A6}
HKEY_CLASSES_ROOT\CLSID\{3EEC42B5-FB94-40D3-A588-BB54B383A7CB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer
</Quote>
Also locate this Key:
[-] HKEY_Local machine\Software\Microsoft\Windows\CurrentVersion\Run = look
in the Right pane/window and locate this entry and delet:
"b3bUpdate"
"Bdeclean.exe"
"Bdeclean.lgc"

[-]HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\\CurrentVersion\RunOnce =
"b3bUpdate"
"Bdeclean.exe"
"Bdeclean.lgc"

Close the Registry Editor and then Run a Disk CleanUP and clear your Caches
and Temp files/folders.
Run a scan for Viruses and Malwares again to be sure all clean in some cases
the BDE is a Trojans, Borland Database Engine.
HTH.
Let us know.
Regards,
nass