about:blank; AAWTMP file; DLM spyware

I really need help with spyware and trojan virus problems. I have run Ad-aware, spybot and Norton many times to try and fix. Let me know how to proceed.
Thanks!
Jennbeck

 

Hi Jennbeck,

Generally, it is a good idea to start with the Cleanup Tutorial HERE:

READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan and Virus Removal

There are only a few of us Volunteers who regularly offer advice in this forum. Running through the above Tutorial will remove a lot of stuff that would otherwise clog a HijackThis Log and save us valuable time.

Please let us know the steps that you are able to complete and the ones that give you problems. Note that you need to be in Safe Mode with System Restore OFF (if you have it) and have the Viewing of Hidden Files ENABLED as per the instructions in the link. Make sure to do the Online Scans.

Post back and let us know how you fared. Also, send us a HijackThis Log. Please be sure to follow the instructions below:

Note that your HijackThis should be up-to-date (v1.99.1) and MUST be extracted to its own safe folder – C:\Program Files\HijackThis!
Should you need a Fresh Download of HJT, get it HERE: HijackThis v1.99.1

Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

Please save your HJT Log as a .txt File and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

I’ve been tied up with work lately and cannot visit this forum too often these days, but somebody will try to take a look when they get a chance.

Best luck
PP

 

Thanks PP,

Yeah stupid me I saw that tread after I posted. Well I ran through all the steps of removal of spyware and still am having a problem with VX2. It doesn't seem to work properly in Ad-aware. I may have to uninstall and reinstall adaware??? I am also having issues with DLmax.dll. Please advise further when you can.

Thanks!
Jennifer

 

No need in reinstalling Ad-Aware, you probably have the newest version which takes some time to remove. For now go ahead and post a HJT log.

Make sure you have HijackThis 1.99.1 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT


We are very busy here at MajorGeeks.Com PhilliePhan or myself with check back when time permits.!

Also, Please download the following items:
DO NOT USE THEM YET, JUST SAVE THEM TO YOUR DESKTOP!

KILL 2 ME.zip

L2MeFix Tool

Generic Detection Tool - NT/2000/XP

VX2.BetterInternet Finder XP/2k - Version Msg126

Pocket KillBox

 

OK.. I downloaded the additional programs.. actually already ran some of them from the first set of instructions. I will wait for your next instructions.
Thanks!
Jenn

 

Go ahead and do another scan with HijackThis and Check the Boxes for the following:

Again, make sure All Browser Windows are Closed when you Click FIX.


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.prodigy.net:8080;http=proxy.prodigy.net:8080;http=proxy.prodigy.net:8 080;http=proxy.prodigy.net:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;www.prodigy.net;enroll.prodigy.net;enroll-isp.prodigy.net

R3 - URLSearchHook: (no name) - _{87766247-311C-43B4-8499-3D5FEC94A183} - (no file)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)

O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)



NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.


Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

Reboot to Normal Windows and Scan with HijackThis and attach the new log.
Let me know of any problems you may have encountered with the above instructions and how your computer is running now.

Good Luck!

 

Sorry, I didnt realize your running WindowsME, Please download this tool.

Generic Detection Tool - 98\ME


1) Extract this file to your desktop.

2) Open the folder and run FindIt9xME

Allow it as much time as it needs to completed.

3) After it is complete, please attach that log.

 

Ok.. I have attached the two logs. I think we are getting close! Or could possibly have fixed it.

 

Your logs are clean! Are you currently experiencing any problems?

 

Things Are Running Great!!! I Am So Grateful!! Thank You!!! You Guys Rule!

 

Your Welcome! Glad things are running better for you.

Wouldnt hurt to read up on Chaslang's article on How to Protect yourself from malware!