Help, have tried with multiple programs but...

Vesbiz Downloader cannot be removed, so could any of you please give me some advice on how to remove it once and for all, thanks.

 

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

After doing ALL of the above if you still have a problem:


http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

In addition a little more information is needed. What OS and AV prg are you using. As any of the latest AV packages should detect and remove that trojan, if not in normal mode than in safe mode. And if all else fails than download an AV CLI with latest defs and that should get rid of it.

 

I appreciate the help, but I got this thread under control.

 

I forgot to mention I do have Windows 98.

 

Okay! Procede with the READ ME and do all that apply to you.

 

I keep getting Cdilla on Spysweeper searches and i was wondering if that is useful or should i delete it.

 

well ive tried all those prgs and did the steps but the bastards still to seem to find there way back in so ive attached my HJT log below enjoy .

 

Attach the log from SpySweeper, also do you have a Compaq?

Are you familiar with BITLORD?

Now, look in Add/Remove Programs for MEDIA ACCESS and uninstall it.

After doing the above, reboot and post a fresh HJT log.

 

I have a HP thats hasnt been upgraded since 02
Yes i do use bitlord regularly

 

Please look in Add or Remove Programs for the following and Uninstall them if found:

Media Access

AD ARREST POP UP STOPPER FOR KAZAA <-- Its up to you!

Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
O4 - HKCU\..\Run: [Ad Arrest] C:\PROGRAM FILES\AD ARREST POP UP STOPPER FOR KAZAA\ADARREST.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload Class) - http://download.paltalk.com/webregtest/RegDload.CAB
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c11.cab

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Navigate to and DELETE the following if they should remain:

C:\Program Files\Media Access ←–– Delete this whole folder if it exist!

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.
Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT

Scan with HijackThis and attach the new log.

 

heres the new log

 

Your HJT log is clean!

Are you having any further problems?

 

No more probs and thanks very much for your help, now that everything is clean im not worried about those annoying pop ups anymore. But im still unsure about that Cdilla thing that still pops up in spysweeper.

 

Attach your SpySweeper log and let me see exactly what its finding.

You should also see this article on How to Protect yourself from malware!

 

It says
C-Dilla is a copyright protection application that prevents software from being copied from one computer to another without the author’s permission.

 

I need the log from SpySweeper so I can see what its finding. Files or registry entries so we can manually remove it.