Hijacked on the Internet Highway. HELP!

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I posted to the forum about a week ago and got some great guidance from Jan. Unfortunately, I still have a problem. My computer still tells me I have Vx2 (Transponder) and CWS_NS3 running in memory. I tried Jan's methods running CWShredder, Spybot, Spysweeper, and other suggestions by Jan with no success. I have turned off System Restore when running these programs and turned back on after reboot. Still have a problem of redirecting my home page and search pages as well as crazy popups. Can anyone offer further suggestions? JD
 
Hi JD :-)

This just became available and is a cleaner for this variant.

Try the following and see if it will help.

VX2 Variant Plug-In Cleaner - From Ad-Aware:
This VX2 variant registers itself in a way, which gives it system
privileges. It also prevents the user from viewing this information by
removing the user's rights to do so. Furthermore it constantly
monitors the registry and prevents any attempts to remove its
associated values. This makes it very difficult for the user to
manually remove it

Close Ad-Aware 6 build 181 and Ad-Watch (if running)
- Download the free VX2 Cleaner at
http://updates.ls-servers.com/plvx2cleaner.exe
- Install the VX2 Cleaner
- Start Ad-Aware 6 build 181
- Go to "Plug-ins"
- Select the VX2 Cleaner plug-in and click "Run Plugin"
- If your computer isn't infected, click "Close".

Hope this helps.

Jan :)
Smiles are meant to be shared,
that's why they're so contagious.
 
JD said:
I posted to the forum about a week ago and got some great guidance from Jan. Unfortunately, I still have a problem. My computer still tells me I have Vx2 (Transponder) and CWS_NS3 running in memory. I tried Jan's methods running CWShredder, Spybot, Spysweeper, and other suggestions by Jan with no success. I have turned off System Restore when running these programs and turned back on after reboot. Still have a problem of redirecting my home page and search pages as well as crazy popups. Can anyone offer further suggestions? JD
Click to expand...
If all of that does not work, open the registry (regedit)
Go to:
HKLM>software>Microsoft>Windows>current version>Run
Delete entries you cannot recognize.
Also, hold the shift button while logged on to Windows to prevent as
much as possible from software to load.
 
You have what is called the "Look2Me" parasite. You will need special tool
to remove it.
Some support here.
http://www.pchell.com/support/look2me.shtml
--

If you do not feel at ease to edit the Registry the I suggest you get help
from this forum.

Go to http://www.spywareinfo.com/downloads.php#det
Download "Hijack This!" [freeware] or download direct (below):
http://www.merijn.org/files/hijackthis.zip

If you get a 404 error or Access denied, try:
http://216.180.252.218/~spywareinfo.com/downloads/tools/hijackthis.zip

Unzip the Download file in a NEW FOLDER that you can create before you start
the download.
DO NOT install in your Desktop folder.
DO NOT use any of the TEMP folders that are presently in your computer.
Double-click "HijackThis.exe" and Press "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log"
button.
Click: "Save Log" (generates "hijackthis.log")

Next, HijackThis | Config [button] | Misc Tools [button]
Click: Generate StartupList log [button] (generates "startuplist.txt")

Next, go to the below location:
http://www.spywareinfo.com/forums/

Sign in, then copy and paste both files in your message.

HijackThis Quick Start Help
http://www.tomcoyote.org/hjt/

The Tutorial if you want to know more about the results or the .log file.
http://www.merijn.org/htlogtutorial.html




Henri Leboeuf
Web page: http://www.colba.net/~hlebo49/index.htm
===
JD said:
I posted to the forum about a week ago and got some great guidance from
Click to expand...
Jan. Unfortunately, I still have a problem. My computer still tells me I
have Vx2 (Transponder) and CWS_NS3 running in memory. I tried Jan's methods
running CWShredder, Spybot, Spysweeper, and other suggestions by Jan with no
success. I have turned off System Restore when running these programs and
turned back on after reboot. Still have a problem of redirecting my home
page and search pages as well as crazy popups. Can anyone offer further
suggestions? JD
 
Back
Top