Trojan alchem.exe & polmx.exe I can't get them of my back

Discussion in 'Virus Information' started by =?Utf-8?B?RWRkaWU=?=, Jan 1, 2005.

  1. I have these 2 trojans on my system XP Home, and can't get rid of them. I am
    about to format my drive, but have not got a rescue disc's. How do I save my
    audio, printer, modem drivers etc and where do I find them to save. Please
    Help
     
    =?Utf-8?B?RWRkaWU=?=, Jan 1, 2005
    #1
    1. Advertisements

  2. 1) Download the following three items...

    Trend Sysclean Package
    http://www.trendmicro.com/download/dcs.asp

    Latest Trend signature files.
    http://www.trendmicro.com/download/pattern.asp

    Adaware SE (free personal version v1.05)
    http://www.lavasoftusa.com/

    Create a directory.
    On drive "C:\"
    (e.g., "c:\New Folder")
    or the desktop
    (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

    Download SYSCLEAN.COM and place it in that directory.
    Download the Trend Pattern File by obtaining the ZIP file.
    For example; lpt325.zip

    Extract the contents of the ZIP file and place the contents in the same directory as
    SYSCLEAN.COM.

    2) Update Adaware with the latest definitions.
    3) If you are using WinME or WinXP, disable System Restore
    http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    4) Reboot your PC into Safe Mode and shutdown as many applications as possible.
    5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
    platform and clean/delete any infectors/parasites found.
    (a few cycles may be needed)
    6) Restart your PC and perform a "final" Full Scan of your platform using both the
    Trend Sysclean utility and Adaware
    7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
    System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
    8) Reboot your PC.
    9) If you are using WinME or WinXP, create a new Restore point

    * * * Please report back your results * * *



    --
    Dave




    | I have these 2 trojans on my system XP Home, and can't get rid of them. I am
    | about to format my drive, but have not got a rescue disc's. How do I save my
    | audio, printer, modem drivers etc and where do I find them to save. Please
    | Help
     
    David H. Lipman, Jan 1, 2005
    #2
    1. Advertisements

  3. =?Utf-8?B?RWRkaWU=?=

    Br0wnbear Guest

    Eddie
    Don't use the hammer to kill the fly method of disinfection for your
    machine. These aren't that difficult to get rid of. David's
    suggestions will probably work for you. If they don't there are still
    other methods to clean up after the mess has begun.

    Hijack this is another tool that can probably assist in this cleanup.
    HiJackThis - http://www.spywareinfo.com/~merijn/downloads.html

    Post the Hijackthis log here in these forums for assistance.
    http://forum.aumha.org/

    hth
    John Brown
    Bears are hibern8n but we wake up to help once in awhile.
     
    Br0wnbear, Jan 1, 2005
    #3
  4. Sorry Dave & Br0wnbear
    thanks for the prompt reply, first time I have used a disscussion group
    realy impressed, You proberbly thought I hadden't got any protection

    I forgot to mention that I have System restored a number of times, have AVG
    7 and also downloaded Adware SE to get rid or these, but I still get the
    pesky little things when I run AVG I have removed AVG and redownloaded it but
    I still get this happening

    Thanks for your help
     
    =?Utf-8?B?RWRkaWU=?=, Jan 2, 2005
    #4
  5. =?Utf-8?B?RWRkaWU=?=

    Br0wnbear Guest

    Eddie

    Where are the files being reported by AVG 7?
    What were the results with Hijack This?
    What were the results with Sysclean?


    hth
    John Brown
    Bears are hibern8n but we wake up to help once in awhile.
     
    Br0wnbear, Jan 2, 2005
    #5
  6. In addition to what Br0wnbear asked...

    Submit the two EXE files to Virus Total - http://www.virustotal.com/flash/index_en.html
    and then post the EXACT results back in this thread.

    --
    Dave




    | On Sun, 2 Jan 2005 04:35:01 -0800, "Eddie"
    |
    | >Sorry Dave & Br0wnbear
    | >thanks for the prompt reply, first time I have used a disscussion group
    | >realy impressed, You proberbly thought I hadden't got any protection
    | >
    | >I forgot to mention that I have System restored a number of times, have AVG
    | >7 and also downloaded Adware SE to get rid or these, but I still get the
    | >pesky little things when I run AVG I have removed AVG and redownloaded it but
    | >I still get this happening
    | >
    | >Thanks for your help
    | >
    | Eddie
    |
    | Where are the files being reported by AVG 7?
    | What were the results with Hijack This?
    | What were the results with Sysclean?
    |
    |
    | hth
    | John Brown
    | Bears are hibern8n but we wake up to help once in awhile.
     
    David H. Lipman, Jan 2, 2005
    #6
  7. Thanks once again for your prompt replies, it been of great interest . Ive
    downloaded all of the software you told me to and will run it as soon as I
    can. Unfortunatly I have to work, flying tomorrow so will not be able to get
    rid of these things hopefully next weekend. But be sure I will contact and
    let you know the outcome as you have been very helpful, (I may still need
    help). By the way when I scan in AVG 7 it lets me know these still in the
    regstry but will not quaranteen them

    Eddie
     
    =?Utf-8?B?RWRkaWU=?=, Jan 2, 2005
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.