Sea of Thieves Review
Hi guys i am currently at a friends house trying to remove the masses of malware from there computer:( I managed to download windows onecare which i know to be good.it destroyed most of them but a few remain and reinstal them selfs upon every startup after being removed some of these are trogan:win32/meredrop Tibs LDS trojan and agent downloader.the progams and c drive options have been removed to (tipical) all of this seemed to start after some trouble with a thing called platte acount which was demanding money for an bill that was never created? i have reasearched this and found others to have had problems with this mystery bill and program? any ideas on how to rid of it before the awfull words "format" are spoke
Also ccleaner,Spybot s&d.What antivirus and firewall is on the pc?
Simply open notepad and paste the following program into it (everything below the lines).
Once you've done that go to save it.
Call the file platte.cmd and in the box at the bottom called "Save as type" select all files.
I'd suggest saving it to your desktop so its easy to find. Run it the first time and once its completed it will tell you to restart.
Do so and then run it a second time, it will talk you through the process as you go so you know when to restart and what's required of you.
I have to confess that I've not been able to try this out myself, however it has worked for others that have tried it.
Let us know how you go with this.
if not exist c:\windows\system32\pm_proc2.exe goto noplatte
if exist c:\platteStage2.tmp goto stage2
echo Into Stage2 > c:\platteStage2.tmp
echo Y| CACLS c:\windows\system32\pm_proc1.exe /D Everyone
echo Y| CACLS c:\windows\system32\pm_proc2.exe /D Everyone
echo Stage 1 of the uninstall process has completed please restart your computer and run this file again to complete the removal
echo Stage 2 of the uninstall process has completed you should now be able to delete desktop icons for Platte and be Platte free
echo Platte Media is not installed
Thanks 4 yr help so far ppl but i have had no luck yet i have tryed the various virus/trojan removers and the program to remove the platte worked but then 5 mins after restarting it came back to the desktop think it and the trojans are conected and that they reinstaled it! its running the standed windows firewall with xoftspy Se and now live onecare,with spybot sd,a squared and super anti spyware.any more help Please!!! thanks guys
you could have reposted in this thread instead of starting a new one :-) i don't know if it helps anyone but i think the windows firewall doesn't have outbound protection as default i think you have to configure it yourself-good luck hope someone can help
Disconnect from the internet
Switch OFF system restore.
Run the program
check the program does NOT reappear.
switch restore back on
reconnect to the internet.
firstly thanks to all of you for yr help! :) and thanks to Fruit Bat /\0/\ for the platte removel program thats gone for good! to uninstall what i think was the host trojan the pesky winctrl32.dll i used a program called SDfix which had this trojan in its catalog a link can even be found on this forum! once this was gone i just wiped out the small fries with a virus scaner and it seems fine now but two things im still unsure about-it still says virus alert! next to the clock,i have run several full scans with different scanners and they all say all's good? and i cant seem to get local drive c back in my computer? any ideas??
To get rid of the "Virus Alert" next to the clock you have to go into the registry. (Start>Run and Type regedit) First of all back up the registry (File>Export) Then do a search for "Virus Alert" without the quotes. You`ll find it in a registry key looking something like hh:mm Virus Alert! Just delete the wording, not forgetting the space before the V but leave hh:mm.
did you ever get rid of the above. I've got the same and wandered if you could get anything for it that didn't involve paying out ?
Run the command as stated in my post
Sun, 03/08/[email protected]:34
This thread is now locked and can not be replied to.