Jump to content


Photo

I beg of you: HELP ME!


  • Please log in to reply
4 replies to this topic

#1 Amadeux

Amadeux

    Member

  • New Member
  • Pip
  • 3 posts

Posted 13 July 2004 - 06:22 PM

JWOEIJFFJJFOAIEJFJAEF

Edited by Amadeux, 21 September 2010 - 07:44 PM.


#2 Guest_splintercell990_*

Guest_splintercell990_*
  • Guests

Posted 13 July 2004 - 06:44 PM

Hello Amadeux,

We got a lot going on there, so we will take it step by step...

First, download the PeperFix, and save it to your desktop. Run the program, by clicking on Find and Fix, and let it remove the infection. Once its done, fix the following line in HJT:

O4 - HKLM\..\Run: [2LRX2W83X2T3MQ] C:\WINDOWS\System32\Xgf5Ow5.exe

Next, start About:Buster, hit Ok, Start, And Ok again to start the scan. It will generate a log. Post that log along with a new Hijack this log here. If this doesnt work, boot into safe mode and try. How to boot into safe mode?

Next, download Ad-aware from: http://www.lavasoft.de/res/aaw6.exe

Install the program and launch it.

First, in the main window, look in the bottom right corner and click on Check for updates now and download the latest reference files.

Next, we need to configure Ad-aware for a full scan.

Posted Image Click on the Gear icon (second from the left) to access the preferences/settings window

1. In the General window make sure the following are selected:
  • Automatically save log-file
  • Automatically quarantine objects prior to removal
  • Safe Mode (always request confirmation)
2. Click on the Scanning button on the left and select :
  • Scan Within Archives
  • Scan Active Processes
  • Scan Registry
  • Deep Scan Registry
  • Scan my IE favorites for banned URL’s
  • Scan my Hosts file
  • Under Click here to select drives + folders, choose:
  • All of your hard drives
Posted Image Click on the Advanced button on the left and select:
  • Include additional process information
  • Include additional file information
  • Include environment information
  • Include additional object details
Posted Image Click the Tweak button and select:
  • Under the Scanning Engine:
    • Unload recognized processes during scanning
    • Include basic Ad-aware settings in logfile
    • Include additional Ad-aware settings in logfile
  • Under the Cleaning Engine:
    • Let Windows remove files in use at next reboot
Posted Image Click on Proceed to save the settings.

Posted Image Click Start and on the next screen choose Activate in-depth Scan at the bottom of the page and then choose:
  • Use Custom Scanning Options
Posted Image Click Next and Ad-aware will scan your hard drive(s) with the options you have selected.
Posted Image Save the log file when it asks and then click Finish
Posted Image When finished, mark everything for removal and get rid of it. (Right-click the window and choose Select All from the drop down menu and click Next).
Posted Image Reboot your computer.

Next, download CWShredder:
http://www.spywarein.../CWShredder.exe
Double click and hit the fix button to fix all found problems, and Reboot.

Then Turn off System Restore. To do this, right-click My Computer and click Properties. Next, click the System Restore tab and check "Turn off System Restore". Finally, click Apply, and then click OK. Now, to finish resetting the system restore point, we need to turn ON System Restore once again. To do this, right-click My Computer and click Properties. Next, click the System Restore tab and UN-Check "Turn off System Restore". Finally, click Apply, and then click OK.

Next a full scan here and let it clean, making sure you reboot when it is done.

Post a fresh HijackThis logfile as well as the log from About:Buster in this thread once you are done :)

Edited by splintercell990, 13 July 2004 - 06:47 PM.


#3 Amadeux

Amadeux

    Member

  • New Member
  • Pip
  • 3 posts

Posted 14 July 2004 - 03:40 PM

JFOIAJFJAJJFAEWFAD

Edited by Amadeux, 21 September 2010 - 07:44 PM.


#4 Amadeux

Amadeux

    Member

  • New Member
  • Pip
  • 3 posts

Posted 14 July 2004 - 11:49 PM

OAIWJEFOIAJFJABKV

Edited by Amadeux, 21 September 2010 - 07:44 PM.


#5 Guest_splintercell990_*

Guest_splintercell990_*
  • Guests

Posted 15 July 2004 - 06:57 PM

Hello Amadeux,

First: Please go to Start > Control Panel > Add/Remove Programs, and look for an entry called TV Media and Altnets Point Manager. If they are there, please uninstall them by clicking on the "Remove" button.

I also noticed that you are using P2PNetworking. This is not technically malware by itself, but it installs malware in order to run properly and it opens the door for every other nasty program you can think of. I strongly recommend that you remove it. Read this article for alternatives that will provide some of the same function without the garbage: http://www.spywarein...m/articles/p2p/ If you opt to remove it, first use Add/Remove Program to remove it. Go to your control panel, then to add/remove programs and uninstall P2P networking. If asked whether you also want to remove Altnet components, say 'Yes'. P2P Networking is a totally useless Kazaa add-on, and it's been reported to be responsible for serious system slowdowns. You may also want to run KazaaBegone, which can be found here

Second: With all other browsers closed, please fix the following items in HijackThis:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll
O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -


Reboot, and in safe mode (press F8 after the BIOS loads), and delete the following folders:

C:\Program Files\TV Media<---folder
C:\WINDOWS\System32\P2P Networking<---folder

Good Luck :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button