 |  |  |  |  |  |  |  |
Im infected with the Hotoffers.info bug
 |
Hello everybody,
I am working on a computer that has this hotoffers bug wich keeps placing porn links on the desktop. I cant get on the internet with the infected computer, it only tries to go to their website and zonealarm block them out. Im using my jump drive to xfer files onto the infected computer. I also would need a link to what ever programs I would need to post the info you guys would need.
I am working on a computer that has this hotoffers bug wich keeps placing porn links on the desktop. I cant get on the internet with the infected computer, it only tries to go to their website and zonealarm block them out. Im using my jump drive to xfer files onto the infected computer. I also would need a link to what ever programs I would need to post the info you guys would need.
Hotoffers infections have been a pretty popular topic here in the last few months. Please review the suggestions given in our recent hotoffers-related threads and see if one of those solutions works for you:
http://www.daniweb.com/techtalkforum...earchid=373139
If you cannot find a fix that works, or if you have any questions about the procedures described in those threads, please repost here. When you do, it would be a good idea to give us a HijackThis log as well:
Download HijackThis onto your jump drive:
http://www.stevewolfonline.com/Downl...HijackThis.exe
You should be able to run HJT right from the jump drive, but if not, create a folder on the hard drive for HJT and move it there. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do.
Run HijackThis, but do not have HJT fix anything yet; only have it scan your system! Once the scan is complete, the "Scan" button will turn into an option to "Save log...". Save the log in the folder you created for HiajckThis, open the log in Windows Notepad, and cut-n-paste the entire contents of the log here. The log contents will tell us a lot about what "nasties" have crept into your system, and once we analyse the log we can tell you what to do from there.
http://www.daniweb.com/techtalkforum...earchid=373139
If you cannot find a fix that works, or if you have any questions about the procedures described in those threads, please repost here. When you do, it would be a good idea to give us a HijackThis log as well:
Download HijackThis onto your jump drive:
http://www.stevewolfonline.com/Downl...HijackThis.exe
You should be able to run HJT right from the jump drive, but if not, create a folder on the hard drive for HJT and move it there. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do.
Run HijackThis, but do not have HJT fix anything yet; only have it scan your system! Once the scan is complete, the "Scan" button will turn into an option to "Save log...". Save the log in the folder you created for HiajckThis, open the log in Windows Notepad, and cut-n-paste the entire contents of the log here. The log contents will tell us a lot about what "nasties" have crept into your system, and once we analyse the log we can tell you what to do from there.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
DMR, your DaniWeb link doesn't work 
Chilkat, try this to get rid of HotOffers:
Boot into Safe Mode and do a search for these files:
param32.dll
guninst.exe
popup_bl.dll
systr.dll
svrhost.exe
Delete them, and then reboot normally
Delete all the HotOffer icons from your desktop.
Empty your Recycle Bin.
Get HijackThis as DMR suggested, and post the log as there will probably be some more cleanup to do.
Chilkat, try this to get rid of HotOffers:
Boot into Safe Mode and do a search for these files:
param32.dll
guninst.exe
popup_bl.dll
systr.dll
svrhost.exe
Delete them, and then reboot normally
Delete all the HotOffer icons from your desktop.
Empty your Recycle Bin.
Get HijackThis as DMR suggested, and post the log as there will probably be some more cleanup to do.
Links to help you help yourself :
Protect Your PC & Avoid Infections -- http://www.daniweb.com/techtalkforums/thread27519.html
Cleanup Procedures & Tools -- http://www.daniweb.com/techtalkforums/thread27570.html
Infection Removal & HijackThis Use -- http://www.daniweb.com/techtalkforums/thread28196.html
Protect Your PC & Avoid Infections -- http://www.daniweb.com/techtalkforums/thread27519.html
Cleanup Procedures & Tools -- http://www.daniweb.com/techtalkforums/thread27570.html
Infection Removal & HijackThis Use -- http://www.daniweb.com/techtalkforums/thread28196.html
•
•
•
•
Originally Posted by dlh6213
DMR, your DaniWeb link doesn't work
I even made sure to test the link after I posted, because this has happened to me a few times before. I'll have to ask Dani if she can find out what makes search-result links "go stale"....
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
|
Similar Threads
- Hotoffers.info Trojan (Viruses, Spyware and other Nasties)
- Hotoffers.info (Viruses, Spyware and other Nasties)
- Hotoffers.info virus (Viruses, Spyware and other Nasties)
- need help removing hotoffers.info hijacker (Viruses, Spyware and other Nasties)
- hotoffers.info hijacker like everyone else... (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: I know it is stupid but how do I get rid of a downloader trojan
- Next Thread: is this where i post hjt
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare domains e-mafia education email europe exam facebook fancheckvirus gaming gtaiv halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses war warning windows worm yahoo zeroday