Another victim to PestTrap

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by lreops, Sep 29, 2006.

  1. lreops

    lreops Private E-2

    Hello, my name is Ron and I am new to MajorGeeks. I am not as computer literate as I once thought after reading some of the stickys I've read about my situation.

    I fell victim to a scam that I see many others have also fell for. I got notice that my computer was infected with a virus and paniced and purchased PestTrap. I noticed right away that something was wrong and in researching this, came across this site and realized how much of a mistake I made. Now I need to correct this blunder.

    I have since uninstalled PestTrap but when I run SpyBot, I see that there are things there that keep reappearing, such as CasaleMedia, CoreMetrics, PestTrap, and TargetNet.

    I have read through the various threads and printed "Read & Run me first" and "SpywareStrike, Smitfraud, SpySheriff, SpyAxe & PSGuard Removal" but am not sure if these procedures are the ones that I should do. Also. there are actions to take that I have no idea what they are or how to do them.

    That is why I am asking if these are the steps I need to preform or if my situation requires a different method. Please help!!

    One other question I have is this. I am familiar with AVG and have had it before but my IP offered their own virus protection to subscribers for free so I had that installed. Question is this, can I run two different virus protections without them interfering with each other and would you recommend doing this?

    Please remember that I am not that literate on the computer so you may have to be a little more descriptive with your remedy to my problem.
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    As mentioned in the READ & RUN ME sticky, only one antivirus program should ever be installed.

    As far as your malware problems are concern, junk like this can often install more junk. It would be best if you followed the procedure below. This way we can be sure to remove everything that is bad.

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Downloading, Installing, and Running HijackThis

    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.


    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy - ONLY IF you were not able to run Windows Defender
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
  3. lreops

    lreops Private E-2

    Ok, I'm working my way through the "READ & RUN ME FIRST Before asking for support" and I'm stuck on #4. I've downloaded both GetRunKey and ShowNew and I am not sure how to attach the log.

    I've created two folders in My Documents to hold both of them. When I go into them and double click getrunkey. bat and shownew.bat, I get the notepad with the log but can't firgure what I need to do to attach them.

    Ron
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You are not supposed to run any of the scans in step 4. It tells you that! I quote and highlight in bold enlarged red print where it states this in step 4:


    You must run them later after all the other tools are run. If you run things out of order you will give us incorrect information! All scans are supposed to be run in steps 5, 6, and 7 and in the order specified. ORDER IS IMPORTANT.

    The READ ME also refers to the below link in about 4 locations:

    HOW TO: Attach Items To Your Post
     
  5. lreops

    lreops Private E-2

    I wasn't aware that any scans were preformed. For the GetRunKey, I clicked on the 'Using GetRunKey' which brought up that page. I then went to the run 'XPHomeFix' which brought up the 'File Download' window. Then I clicked 'run', is this where I messed up? Should I have clicked save instead? Like I have mentioned, this isn't my line of expertise and am trying to go slow and precise with your instructions, but some are still a little challenging to completly understand exactly what you are saying to do.
     
  6. lreops

    lreops Private E-2

    Sorry again. Just a point of habit to hit 'run' when that download window appears and was not aware that it would preform a scan in the process. Is there a way to undo my mistake or can I continue with the following steps?
     
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You only need to use the XPHomeFix if when you run the GetRunKey.bat or ShowNew.bat programs, you get the error message indicated. All you need to do to begin with is download (NOT RUN) the GetRunKey.zip and ShowNew.zip files that are attach at the bottom of those links. Then you need to EXTRACT all files from the ZIP files just downloaded as instructed. You do not run them until later in step 6 b. If you already ran them before doing ALL the other steps, then just run them again later when you get to step 6b. They will just overwrite the previous files.
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You should almost NEVER click run in the download popup. Always download the files to a location (properly named for future reference) on your PC. Then run or extract or whatever later.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds