Wurldmedia

D

Dick Ahern

This tracking program comes from weather.com. It creats a
RegVal and RegKey.

It is not spotted by MS AntiSpyware,Trend Micro
Pc-cillin,SpyBot S&d,or SpyBot.

It is only spotted and removed by Ad-Asware SE.

I use this site frequently and it really irks me that every
time I go to this site I know I am going to pick up this
tracking program.

What can I do to prevent dowload, or must I run Ad-Aware
everytime after visiting this site?

Any assistance with this problem is appreciated.
 
B

Bob Dietz

What RegVal and what RegKey? (What are the values?)
Which version of Windows are you running?
 
G

Guest

Running Windows XP,, SP2

Ad-Aware shows the following
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

WurldMedia Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\fenx

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 5

1:28:18 PM Scan Complete

and

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

WurldMedia Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "ltr2"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\fenx
Value : ltr2

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1
 
B

Bob Dietz

Based on the following pages, I think you need to look at IE BHO's.
http://www.alegsa.com.ar/Visitas/i47/A trojan that won t stay away.php
http://www.doxdesk.com/parasite/WurldMedia.html
http://sarc.com/avcenter/venc/data/adware.wurldmedia.html

See if the following steps don't cure the problem.
Close all instances of Internet Explorer!
Open Task Manager and verify that there are no stealth instances of
Internet Explorer. If there is/are, kill it/them.
Look for suspicious or mysterious BHOs.
(The path might include "WurldMedia.")
Send all suspicious or mysterious BHOs to Spynet for anaysis.
Permanently remove any BHO that is obviously a part of "WurldMedia."
Block any other suspicious BHOs.
Run an Ad-Aware scan so the "WurldMedia" reg keys are removed.
Start Internet Explorer; connect to the web and browse a couple sites.
Run another Ad-Aware scan and verify that the "WurldMedia" reg key
haven't returned.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Why Spybot finds these but Ad-Aware doesn't 14
ADW_ELITEBAR.D 1
Undetected Hijack (Mega Power Pills) 1
WindUpdates (Browser Plug-in) 3
Should I buy Trend Micro Titanium Antivirus+ 2012? For internet security? 13
Windows file explorer trying to connect to us.2.cqcounter.com 1
hijacker.WTLBAss 1
Repdirection - Antispyware comparison reports ! 2

Top