Jump to content


Photo

Please help with a Hijack This log. Thanks!


  • Please log in to reply
8 replies to this topic

#1 canaday

canaday

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 05 July 2004 - 10:23 AM

Dear Moderator,

This is the Hijack This log I obtained a few minutes ago. I have tun Adware Plus and Spybot on my machine; however problems persist.

Thanks for all your help.

Edited by canaday, 05 July 2004 - 03:22 PM.


#2 jwbirdsong

jwbirdsong

    Slasher O' spyware

  • Emeritus
  • PipPipPipPipPip
  • 2,045 posts

Posted 05 July 2004 - 12:16 PM

Press Ctrl+Alt+Del and 'end task' on any of the follow that are present
c:\iupdate.exe
Put a check next to these in hijackthis:
R3 - URLSearchHook: (no name) - {6E6DD93E-1FC3-4F43-8AFB-1B7B90C9D3EB}_ - (no file)
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE <---Optional but Highly recommended to remove not needed at start and huge resource hog
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present <----- Fix unless you or your system administrator has put this restriction into place using HiJackThis or SpywareBlaster
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present <----- Fix unless you or your system administrator has put this restriction into place using HiJackThis or SpywareBlaster]
THEN WITH ALL OTHER WINDOWS CLOSED ,press "Fix".


Make sure you are set to Show Hidden Files and Folders and delete the following files/folders:-
C:\Program Files\TV Media\ <----ENTIRE FOLDER!!
c:\iupdate.exe
Delete files/folder from the following directories (But not the directory itself, for example delete all files/folder IN temp; but not temp itself!)
[*]C:\Windows\Temp\
[*]C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
[*]C:\Documents and Settings\<All other users Profile>\Local Settings\Temp\
[*]C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <---This will delete your internet cache--including cookies. This is recommended and strongly suggested.
[*]C:\Documents and Settings\<All other users Profile>\Local Settings\Temporary Internet Files\
[*]Empty your "Recycle Bin"


You'll need to turn off the System Restore. It may have a copy of the virus. This can be done by following the instructions of your OS here.
Run an online virus scan at Housecall and/or Panda Online.
Trun System Restore back on.

Reboot

Check for the new version (1.98)of HijkackThis by using Config>Misc Tools>"check for online update" button.
Then Reboot and post a fresh log back to this thread.

Edited by jwbirdsong, 05 July 2004 - 12:17 PM.

Things you need(all FREE)
Anti-Virus (Only One of these)
AVG Avast
Firewall (Only One here too)
Kerio(Direct Download) Zone Alarm
Misc. (Use all 3 together)
IE Spyads SpywareBlaster Spyware Guard
Windows Update (Once a week)
get all CRITICAL Updates

Things you want(Still Free)
Mozillia Firefox
Google Toolbar (stops pop-ups)
Ad-Aware
Spybot S&D
MS MVP Hosts file

Please donate to the site to help us help you. Info found HERE

Posted Image
PROUD member Since 2004

#3 canaday

canaday

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 05 July 2004 - 12:50 PM

Hi
thanks for your help! i couldn't remove the TV Media folder - it says it's being used by another person or program. How do I remove it?
Thanks,
Canaday

#4 jwbirdsong

jwbirdsong

    Slasher O' spyware

  • Emeritus
  • PipPipPipPipPip
  • 2,045 posts

Posted 05 July 2004 - 01:03 PM

Boot to safe mode (instructions) and remove from there.
Things you need(all FREE)
Anti-Virus (Only One of these)
AVG Avast
Firewall (Only One here too)
Kerio(Direct Download) Zone Alarm
Misc. (Use all 3 together)
IE Spyads SpywareBlaster Spyware Guard
Windows Update (Once a week)
get all CRITICAL Updates

Things you want(Still Free)
Mozillia Firefox
Google Toolbar (stops pop-ups)
Ad-Aware
Spybot S&D
MS MVP Hosts file

Please donate to the site to help us help you. Info found HERE

Posted Image
PROUD member Since 2004

#5 canaday

canaday

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 05 July 2004 - 02:25 PM

thanks! unfortunately that didn't help. even in diagnostic mode, TV media still appears to be used by "another person or program".

#6 canaday

canaday

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 05 July 2004 - 02:55 PM

i think i fixed it in safe mode using the program you suggested.

Edited by canaday, 05 July 2004 - 05:20 PM.


#7 jwbirdsong

jwbirdsong

    Slasher O' spyware

  • Emeritus
  • PipPipPipPipPip
  • 2,045 posts

Posted 05 July 2004 - 03:33 PM

Congratulations, your log is clean.

To reduce the potential for spyware infection in the future, I strongly recommend installing SpywareBlaster and SpyWareGuard and IE/Spyad.

SpywareBlaster and SpywareGuard are by JavaCool and both are free programs. SpywareBlaster will prevent spyware from being installed and consumes no system resources. SpywareGuard offers realtime protection from spyware installation attempts.

IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It is free.

More info and download is available at link in my signature

And also see TonyKlein's good advice in
So how did I get infected in the first place?
Things you need(all FREE)
Anti-Virus (Only One of these)
AVG Avast
Firewall (Only One here too)
Kerio(Direct Download) Zone Alarm
Misc. (Use all 3 together)
IE Spyads SpywareBlaster Spyware Guard
Windows Update (Once a week)
get all CRITICAL Updates

Things you want(Still Free)
Mozillia Firefox
Google Toolbar (stops pop-ups)
Ad-Aware
Spybot S&D
MS MVP Hosts file

Please donate to the site to help us help you. Info found HERE

Posted Image
PROUD member Since 2004

#8 canaday

canaday

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 05 July 2004 - 05:20 PM

thanks a lot for all your help. i'll definitely check out the links you suggested.

all the best,
canaday

#9 jwbirdsong

jwbirdsong

    Slasher O' spyware

  • Emeritus
  • PipPipPipPipPip
  • 2,045 posts

Posted 05 July 2004 - 05:21 PM

It's why we're here
Things you need(all FREE)
Anti-Virus (Only One of these)
AVG Avast
Firewall (Only One here too)
Kerio(Direct Download) Zone Alarm
Misc. (Use all 3 together)
IE Spyads SpywareBlaster Spyware Guard
Windows Update (Once a week)
get all CRITICAL Updates

Things you want(Still Free)
Mozillia Firefox
Google Toolbar (stops pop-ups)
Ad-Aware
Spybot S&D
MS MVP Hosts file

Please donate to the site to help us help you. Info found HERE

Posted Image
PROUD member Since 2004




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button