CleverIEHooker.Jeired (Hijackthis Log)

Discussion in 'adware, spyware & hijack cleaning' started by n0rstar, Jun 5, 2004.

Thread Status:
Not open for further replies.
  1. n0rstar

    n0rstar Registered Member

    Joined:
    Jun 5, 2004
    Posts:
    4

    Search and Destroy keeps finding a Registry key and calling it this notorious CleverIEHooker.Jeired At first it was 3 Registry keys, I managed through deleting them manualy with a combination of running adaware 6.0, S&D & PestPatrol I managed to get all but 1 to go away, and it keeps self repairing. I googled and read many forum posts about it and didn't find a jeired.dll or fxsrcom.dll

    I think perhaps it is this TVm.exe so I tryed deleting those but to no avail they both keep comming back.

    HELP!!! :>
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi n0rstar,

    Is that your entire log?

    If so, check the following items in HijackThis.
    Close all windows except HijackThis and click Fix checked:

    R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

    O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

    O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

    Then reboot into safe mode and delete:
    C:\Program Files\TV Media <= entire folder

    Regards,

    Pieter
     
  3. n0rstar

    n0rstar Registered Member

    Joined:
    Jun 5, 2004
    Posts:
    4
    ok, after some more diligent search I came to the conclusion TVm.exe is the culprit. I searched all HD's for jeired.dll and it showed nothing, so then I searched for Containing Text: jeired.dll in hopes of it finding a link to it in a boot file. all that turned up was this tvm.exe. After I tryed to manualy delete this folder it respawned, but I was left with 1 reg key not 2, maken me think one of the .dlls I managed to get rid of spawned the other 2 regkeys. I am going to slave out this HD and go in and try to delete this TVm.exe from my system. I will let u know how I make out.
     
  4. n0rstar

    n0rstar Registered Member

    Joined:
    Jun 5, 2004
    Posts:
    4
    LOL ain't that a hoot and a hollar, had I refreshed my page I wouldn't had to make that previous post, but it is without a doubt reassuring knowing I am not the only one that came to that conclusion :>

    thanks a ton <3
     
  5. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    LOL indeed,

    Pieter
     
  6. n0rstar

    n0rstar Registered Member

    Joined:
    Jun 5, 2004
    Posts:
    4
    Well its gone :>

    running the S&D prior to the reboot did not expel the regkeys, so when I booted in safe mode I deleted the folder first, then deleted the regkeys, now I am 100% spyware free :D thanks again <3
     
  7. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
Thread Status:
Not open for further replies.