HydraHeaded

Hi,

Since the past few days, Internet Explorer used to start up on its own, automatically. I rarely use it; I use Firefox. In the end, I just uninstalled Internet Explorer. Now a small window comes up, asking whether I want to connect or stay offline. Zone Alarm gives a regular message of spy-site blocking, this is the full message:

Blocked site name 89.188.16.50/css4.dll?sid=FC545C5B4F080F0F000D54585C5B585E5E4F1 F545B365C365836085B51363A0C1B1F000A0C4939080A02495 B4F0A000D54595D2B2D5A5F5F2C515A5A2C5D5B2D5C505C2A5 A5B2D2D5B2D5E2B5B5B2D5C2B4F081D545E5A5F5C2F282B595 95A5E5858582D2D502A5C51585C5B585E5E2A2F2F2F2F

I have got Zone Alarm; BitDefender; SpywareDoctor, Spybot Search & Destroy; I have already scanned with everything except the antivirus. Spyware Doctor gave three infections, but said that it was not able to clean one. Zone Alarm gave one infection, and cleaned it. But the problem is still there!

So exactly what has got into my computer? And how is it possible, after all these softwares standing in between?

Thanx for the help.

GameMaster

Click here to download HJTsetup.exe

• Save HJTsetup.exe to your desktop.
• Double click on the HJTsetup.exe icon on your desktop.
• By default it will install to C:\Program Files\Hijack This.
• Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
• Put a check by Create a desktop icon then click Next again.
• Continue to follow the rest of the prompts from there.
• At the final dialogue box click Finish and it will launch Hijack This.
• Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
• Click Save to save the log file and then the log will open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

__________________
dznutz:

SirKenin

The easiest way to rid yourself of pests with very little interaction is the following:

Download combofix

Download Smitfraudfix

Download Super Antispyware.

Download Ccleaner.

Install them and check for updates for Super Antispyware before proceeding.

Run combofix in normal mode. After it's rebooted and given you a log, reboot into safemode.

Run Smitfraudfix in Safe Mode.

Run Ccleaner in Safe Mode (make sure you're under your own user account). Do the files and registry cleaner sections.

Run Super Antispyware in normal mode.

Then, if anything happens to be left over, which believe me when I say it will be very little, if anything, THEN run Hijackthis or Autoruns to catch the stragglers. The combofix log is very good at identifying files created recently.

I have noticed that people love to complicate things, and I've seen 10 page threads that should have been 10 posts. I do this several times a day on site and in most cases I have a computer totally cleaned out in 45 minutes or less. Very rarely (Less than 5% of the cases I address) does it take more than that.

HydraHeaded

I have just read these two replies now. If only I had read the first reply earlier...

After posting this message, I immediately started HijackThis, and it gave a whole lot of results, as possible infections, and I didn't know what to do, and I thought that since the program is anti-spyware, it probably won't harm, so I selected everything and clicked on fix all. What happened after this is nothing; the problem didn't go away, but the next time I restarted the computer, at the time of logging in (as user), it said that this copy of Windows needs to be activated. It would start only in Safe Mode, and Restoring to an earlier point didn't help. Then a friend of mine gave me some small kind of undo software, something called WGFix.exe (not sure about the name), and I started the computer in Safe Mode and ran that, and it said that it had fixed the problem, so I started the compu again, and this time it started up normally. I don't know what HijackThis did to my compu, but I'm never gonna use it again!

Well, I'll go over all that you have said, and will come back after some time. I have to be more careful even in spyware-removal now

Anyway, thanx.

lewcent

Sorry for this post in the wrong area, but computerforum.com won't let me post in the "equipment for sale" area.

I just want to ask you if you still have the following for sale?

used Dell R0224 Data/fax modem, front panel dual PCMCIA and front and rear firewire port assembly $50 (Dell 2400C and 4600C)

Thanks in advance,
and most sincere apologies to those in this forum for this off-topic post.

lewcent.

SirKenin

I do have another set, yes.. Maybe post a thread in O/T and I'll respond there.

GameMaster

Oh great that you read what I wrote... look what I said:

Why did you fix all the entries??

I don't know did the program your friend gave you fixed the problem, but it would be good to restore it.

Please open HijackThis again ( if you dare ) and choose View the list of backups.
Check all entries and click Restore.
Reboot your cmputer and all will be restored.

Now, if you'd like us to clean your computer, post another HijackThis log and this time don't fix any entries without a suggestion from someone of us here.


SirKenin, I have no doubts you are great in helping people...but CommoFix should be the last tool to use ( or to be used on greatly infected computers ) and it's stupid to run it on some infections that don't need CF as a special treatment.

__________________
dznutz:

Punk

I want to add that smitfraudfix is a tool made for smitfraud infections ONLY.
Combofix is a powerful tool once you know how to read the script

__________________
Punk's Website making and registering tutorial!

Rise And Fall, Rage And Grace

The Offspring!

SirKenin

Smitfraudfix does more than scan for smitfraud infections, actually.. And Combofix is always the first tool to use. It gets rid of a wide array of issues, and also tells you what files have recently been added to your computer, an excellent way to track down varmints. Super Antispyware gets rid of the remainder, stuff that Spybot and Ad-aware, as useless as they are, are powerless to get rid of.

Going one by one is just plain stupid when automated tools can do it for you with a mouse click.

Hijackthis, for instance.. 1) It can do a lot of damage in the wrong hands.. 2) A lot of malware can detect it and avoid it. 3) Malware can detect a scan and actually block portions of the scan, or disable it altogether. 4) Some malware, which combofix and Smitfraudfix take care of, can not be deleted by Hijackthis, even though HJT detected it and *said* it was removing it.

I've been doing this for a long, long time as you probably were able to tell. When you're on the clock, you don't have time to screw around like people do in this forum.

Punk

Yeah but by analyzing a HJT log, you can locate and know what kind of infection is on the computer. from that you can choose the tool that will remove it, without, sometimes, using combofix or smitfraud. I've been doing this for a year already, took some training at different forums and learned from Buzz and Ceewi1 here, and by making automatically downloading combofix and smitfraudfix won't fix the problem most of the time...

And smitfraudfix isn't that easy to use when you don't know how to use it... You need to give them some information about this program instead of just throwing them at victims...

Anyway if you don't have the time to help someone then why bother post here?

__________________
Punk's Website making and registering tutorial!

Rise And Fall, Rage And Grace

The Offspring!