Looks like i still have mssearchnet, but i cant be shure

Status
Not open for further replies.
S

slasher_65

Posts: 22   +0
Getting all the usual annoying "you have spyware! press this and we will fix all your problems". dont have time to say more, will elaberate later. thanks for your help!
 

Attachments

  • hijackthis.txt
    9.2 KB · Views: 6
Your system is infected with possibly the new variant of smitFraud.

Go HERE and follow the instructions.

Post a fresh HJT log, only after doing the above.

Regards Howard :)
 
just a quicky to say that i dont seem to be able to open CMD files. a tad strange. i can see them, but not open them. im workin on that! (unregognised file type not being able to open them)
 
Once you`ve followed the instructions, post a fresh HJT log. it may well be that some malware is blocking your use of the cmd files.

Untill I get a fresh HJT log from you, it`s hard to say.

Regards Howard :)
 
Have you tried running the Smitfraudfix from safe mode?

Try redownloading it. If that doesn`t help, skip that step for now and continue with the rest of the instructions.

Regards Howard :)
 
looks like i have the following


* trojan-downloader-zlob
* trojan agent winlogonhook


* cws-aboutblank
* elitemediagroup-mediamotor
* multidial
* safeguard protect
* security2k hijacker
* popuper
* spyfalcon fakealert
* spyware quake fakealert
* prosearch.com hijack
* navexcel navhelper


* desktop kazaa cookie
* howstuffworks cookie
* atwola cookie
* touchclarity cookie
 
The Windows malicious removal tool, should take care of the zlob problem. You can get it HERE.

Run the tool in safemode with system restore turned off.

Follow as many of the instructions as you can and post a fresh HJT log.

Regards Howard :)
 
at first the windows tool aint finding anything. ill just finnish the rest then try.
the cws thing is not being found by the cwsshredder. same for compleating the rest then trying.
 
A week has gone by since you started this thread and I have still not had a HJT log from you.

Until I do, there is nothing I can do to help you.

Follow as many of the instructions HERE as you can and post a fresh HJT log, after doing so.

Regards Howard :)
 
here you go.
after following all the instructions, i
still have all the nasties listed above, and the windows tool still not finding anything.
ewido finds 81 instances every time, although i tell it to fix them.
 
You need to follow Step 3 in the instructions Howard gave you in Safe Mode. Once you've done that successfully, post a new log. If Ewido is consistantly finding 81 entries when it's run and it's worrying you, you can post that log too when you post your next HJT log.
 
Spike said:
You need to follow Step 3 in the instructions Howard gave you in Safe Mode. Once you've done that successfully, post a new log. If Ewido is consistantly finding 81 entries when it's run and it's worrying you, you can post that log too when you post your next HJT log.
Click to expand...

Thanks Spike.

I`ll let you deal with this one from here on in.

I`m just fed up with people who can`t, won`t, or don`t want to follow instructions.

I`ve better things to do with my time.

Regards Howard :cool:
 
No problems Howard - I don't blame you. If the instructions aren't followed this time though, I won't be giving any second chances. lol
 
point of fact, the CMD file needed to use that is not recognised as a file type!
just a quicky to say that i dont seem to be able to open CMD files. a tad strange. i can see them, but not open them. im workin on that! (unregognised file type not being able to open them)
Click to expand...

and no, it wont work in safe mode.
it is also hiddon. (i know this by the fact that it is slightly transparent, not that i dont have "show hiddon files" turned on)
 
Double click the attached (zipped) reg file to add the info to the registry. Change the .cmd extension to .bat, and try again.
 
soz about taking years to reply, my conenction died for 3 days.
here is the new HJT file. i am now finding a trogin named winloginhook , plus all the usual adware.
thanks. (it seems that the smurtfruad is gone for good though. hurrah!)
the cws remover cant get the version of cws i have. something like cws about:blank
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
475
eriksnyman1
E
Z
Microsoft could soon sneak (more) Start menu ads into Windows
Replies
13
Views
164
user478318
user478318
Cal Jeffrey
Your outdated version of Windows Media Player 6 will still work after the Y2K38 bug ends...
Replies
6
Views
148
dangh
dangh

Latest posts

Back