mad.dll

Anyone have a bout with this lovely yet? From my research - the ONLY way to remove it is to boot the PC from the Windows XP CD - then delete it off the hard drive because it loads itself with Windows if you just boot from the hard drive.

Anyone have any other success is getting this guy off another way since the pc in question came with the old restore image CD and not a true XP CD.

 

There is a thread here: https://www.wilderssecurity.com/showthread.php?t=50662 If you READ through the ENTIRE thread BEFORE proceeding, then download EVERY program suggested, and run EVERY program in SAFE MODE when your are at the SAFE MODE step, this should get you sorted.

What I have suggested is slightly different from the step by step instructions, in that you are downloading EVERY program first and then running all in SAFE MODE when you are at the Safe Mode Step.

Let us know how you go...

Cheers

 

I did just about every stop you suggested there (though not all at once in that order) using all those tools and this is the last bugger left. Just can't delete the thing and it causes TV Media to be reinstalled every time IE Explorer is started up.

 

OK, if you get to the point of having run all the steps and are still seeing issues, you will need to download HijackThis and post a log on an appropriate forum as advised in the General Cleaning thread.

In the mean time I have found a running link to the same issue here: http://www.2-spyware.com/remove-tv-media-display.html

Hope this helps...

Cheers

 

Been there, done that with Hijack this and with that thread. Hijack this cannot delete the file - even on reboot and I hav ebeen thorugh that thread you reference!

 

This thread: http://www.2-spyware.com/remove-tv-media-display.html goes through a manuel deletion method, have you tried that?

Cheers.

 

Here is a some instructions to remove it:
http://2-spyware.com/remove-tv-media-display.html

in there they also mention going to www.webroot.com which a spysweeper can also remove it from there.

 

what a coincidence.

 

I believe I did everything on that post but try booting from the Win XP cd - guess I will try that when I get a hold of one. This dll loads with windows so you can't rename or delere it - even in safe mode - even with command prompt - even with Hijack This on reboot. When I remove TV Media, this thing puts it back on the computer the first time IE is opened. Nice, huh? Microsoft has stated that TV Media will interfere with the upgrade to SP2 - blue screen and all.

I guess by booting from the XP CD with a vanilla boot up that dll won't be in use and can be deleted that way. One person actually removed their hard drive and attached it to another pc to get rid of it. Total Velocity should be sued for this one!

 

That is fairly standard practice for a stubborn infection like this, it's something quite easy to do so long as you have a clean fully protected PC available.

Cheers

 

FINALLY got rid of it using killbox !!!

 

Good to see, and thanks for keeping us posted...

Cheers

 

simple fix,

install the hard drive on a friends computer as a slave drive,
go to the drive and find the mad.dll file located in system32 directory,
hit the delete key,

so easy