hijacked forever?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by ckitchens, Aug 19, 2004.

  1. ckitchens

    ckitchens Private E-2

    :rolleyes:
    Trying to help my friend with her computer...run adaware, spybot, cwshredder and am still having troubles. Would appreciate any assistance with removal. Here is the hijack this log:
     

    Attached Files:

    • HJT.txt
      File size:
      5.4 KB
      Views:
      4
    Last edited by a moderator: Aug 19, 2004
    ckitchens, Aug 19, 2004
    #1
  2. Kaotic

    Kaotic Private E-2

    Ok you have quite a few things to get rid of. First close all running programs and then go into the control panel. Then double click add/remove programs and look for TV Media . If you do not see it listed close out the control panel and add/remove programs. Next open HighjackThis and remove the following.

    R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll

    O1 - Hosts: 64.200.25.145 gator.com #cooklop
    O1 - Hosts: 64.200.25.145 tripod.com #cooklop
    O1 - Hosts: 64.200.25.145 www.tripod.com #cooklop
    O1 - Hosts: 64.200.25.145 adultfriendfinder.com #cooklop
    O1 - Hosts: 64.200.25.145 www.adultfriendfinder.com #cooklop
    O1 - Hosts: 64.200.25.145 cj.com #cooklop
    O1 - Hosts: 64.200.25.145 www.cj.com #cooklop
    O1 - Hosts: 64.200.25.145 paypopup.com #cooklop
    O1 - Hosts: 64.200.25.145 www.paypopup.com #cooklop
    O1 - Hosts: 64.200.25.145 trafficmp.com #cooklop
    O1 - Hosts: 64.200.25.145 www.trafficmp.com #cooklop
    O2 - BHO: (no name) - SOFTWARE - (no file)

    O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

    O4 - HKCU\..\Run: [BMWER] C:\WINDOWS\BMWER.exe

    O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

    O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} - http://www.atelys.com/src/Speedup.ocx


    After you have removed the posted entries reboot the computer into safe mode. You do this by pressing the "F8" key before Windows loads. When you get into Windows go into My Computer. Then on the top of Explorer click on "Tools" and scroll down to "Folder Options" . Next click the "View" tab and scroll down until you see "Hidden Files And Folders" , and check "Show Hidden Files And Folders" .

    After you have done that look for a folder called "TV Media" on the C: drive and delete it. Make sure to empty the recycle bin before you reboot.

    The next step is to reboot the computer and let Windows load normaly and see if all is ok. If not report back. Hope this helps.

    Edit : Forgot to add that you should set the folder options back to hidding system folders before you reboot.
     
    Kaotic, Aug 19, 2004
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds