please help
- ninjafreek
- Newbie
- Joined: Mar 05, 2008
- Posts: 14
- Status: Offline
March 5th, 2008, 5:49 pm
- Anonymous
- Bot
- Joined: 25 Feb 2008
- Posts: ?
- Loc: Ozzuland
- Status: Online
March 5th, 2008, 5:49 pm
- penguin
- Flying penguins
- Joined: Oct 12, 2007
- Posts: 1647
- Loc: Behind you !
- Status: Offline
March 5th, 2008, 5:49 pm
Then remove them 
- spork
- Brewmaster
- Joined: Sep 22, 2003
- Posts: 6128
- Loc: Seattle, WA
- Status: Offline
March 5th, 2008, 5:51 pm
The Beer Monocle. Classy.
- ninjafreek
- Newbie
- Joined: Mar 05, 2008
- Posts: 14
- Status: Offline
March 5th, 2008, 5:55 pm
- ninjafreek
- Newbie
- Joined: Mar 05, 2008
- Posts: 14
- Status: Offline
March 5th, 2008, 5:56 pm
- spork
- Brewmaster
- Joined: Sep 22, 2003
- Posts: 6128
- Loc: Seattle, WA
- Status: Offline
March 5th, 2008, 5:56 pm
The Beer Monocle. Classy.
- ninjafreek
- Newbie
- Joined: Mar 05, 2008
- Posts: 14
- Status: Offline
March 5th, 2008, 5:58 pm
ok
well thanks to everybody who helped imsorry im such a noob i am only 13
well thanks to everybody who helped imsorry im such a noob i am only 13
- ninjafreek
- Newbie
- Joined: Mar 05, 2008
- Posts: 14
- Status: Offline
March 5th, 2008, 6:19 pm
- Bogey
- Bogey
- Joined: Jul 14, 2005
- Posts: 8211
- Loc: USA
- Status: Offline
March 5th, 2008, 9:24 pm
Are you using Windows XP Pro or Vista? Are you using Internet Explorer or Firefox? When you scan your computer with hijackthis there are like 5 lines starting from Logfile... below is an example of what I'm talking about.
Post that information here. I need to see that information before I actually know how to help you. With that information tell me what kind of browser you are using. Firefox or Internet Explorer?
It does look like you got some infections from that log you posted. Let me try to give you an extended "tutorial" (for lack of a better word) on how to remove them. And some trojans and infections in the same way in layman's terms
First, turn on hijackthis and remove the following by selecting them and pressing "fix".
Okay, for the trojan that you mentioned...
Download smitfraudfix. Go to safe mode. If you don't know how, restart and continuesly press F8 to get into a menu. Select the option which would turn the computer on in safe mode.
Once the computer loads into the safe mode run smitfraudfix and choose option 1. When option 1 finishes do option 2. Than you can quit out of smitfraudfix.
And after all of that is done run your hijackthis and post a new log here. And tell us if you are still experiencing any problems.
Hope that fixes your problem
Quote:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:11:56 PM, on 3/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Scan saved at 8:11:56 PM, on 3/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Post that information here. I need to see that information before I actually know how to help you. With that information tell me what kind of browser you are using. Firefox or Internet Explorer?
It does look like you got some infections from that log you posted. Let me try to give you an extended "tutorial" (for lack of a better word) on how to remove them. And some trojans and infections in the same way in layman's terms
First, turn on hijackthis and remove the following by selecting them and pressing "fix".
Quote:
C:\PROGRA~1\MYWEBS~1\bar\6.bin\m3SrchMn.exe
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\6.bin\MWSBAR.DLL
O2 - BHO: TVEngine Helper - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\spamblockerutility\sbtv\sbtvhelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\6.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbOEAddOn.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\6.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\6.bin\m3SrchMn.exe" /m=2 /w
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\6.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZK
O20 - AppInit_DLLs: inetcplcsys.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\6.bin\MWSBAR.DLL
O2 - BHO: TVEngine Helper - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\spamblockerutility\sbtv\sbtvhelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\6.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbOEAddOn.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\6.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\6.bin\m3SrchMn.exe" /m=2 /w
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\6.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZK
O20 - AppInit_DLLs: inetcplcsys.dll
Okay, for the trojan that you mentioned...
Download smitfraudfix. Go to safe mode. If you don't know how, restart and continuesly press F8 to get into a menu. Select the option which would turn the computer on in safe mode.
Once the computer loads into the safe mode run smitfraudfix and choose option 1. When option 1 finishes do option 2. Than you can quit out of smitfraudfix.
And after all of that is done run your hijackthis and post a new log here. And tell us if you are still experiencing any problems.
Hope that fixes your problem
"Bring forth therefore fruits meet for repentance:" Matthew 3:8
1, 2
To Reply to this topic you need to LOGIN or REGISTER. It is free.
Post Information
- Total Posts in this topic: 24 posts
- Users browsing this forum: No registered users and 109 guests
- You cannot post new topics in this forum
- You cannot reply to topics in this forum
- You cannot edit your posts in this forum
- You cannot delete your posts in this forum
- You cannot post attachments in this forum
