in DESPERATE need of help

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by JCDenton_4, Nov 17, 2005.

  1. JCDenton_4

    JCDenton_4 Private E-2

    Alright- here is my problem. i seem to have some form of browser redirector that causes my browser (firefox) to be redirected and resized to ads. the blockers i have in place prevent any images from showing up, but i lose valuable work time when this happens.

    what i have done to stop it:
    i repeatedly run spybot: search and destroy, and it usually picks up several things
    i run ad-aware, which clears MRU files (i think thats the name) and tracking cookies.
    i have run CWShredder
    i ran Avast antivirus in boot mode (it found and deleted a lot of things) and i ran it in windows
    recently i used ad-aware and looked at the logfile and found a system file (command.exe) originating from an odd windows file. i looked around, and it redirected me to: command.adservs.com/uninstall.php
    i figured this was a trick, so i didnt download it, but i left the room to make a call. my assistant did- he installed it and ran it, then restarted the computer. i deleted the file on startup, the one containg this.
    in short, the browser redirection continues. is there any way to stop this?

    EDIT: i forgot to mention: DSO exploit is usually present when i run spybot, it seems to come back.
     
    JCDenton_4, Nov 17, 2005
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow the steps below:

    - Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

    Downloading, Installing, and Running HijackThis


    If you are having DSO exploit problems, you either do not have all of your Windows Updates, or your Spybot version is not current.
     
    chaslang, Nov 17, 2005
    #2
  3. JCDenton_4

    JCDenton_4 Private E-2

    well, i ran ad-aware in full mode (instead of smart) and i cleared about 200 criticals, but after i did it, firefox STILL is being redirected/opened at random times. i ran ALL the checks, but nothing is working. i am attaching my HJT logs with this, so please check those.
     

    Attached Files:

    JCDenton_4, Nov 18, 2005
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow the previous directions I gave you! You have not followed them and in order for us to continue helping you, those steps must be followed.
     
    chaslang, Nov 18, 2005
    #4
  5. JCDenton_4

    JCDenton_4 Private E-2

    I did all the things on the list- i am saying the only thing new was more criticals from ad-aware. i did every step, in order, and STILL this keeps happening. please help.
    (by the way: my priviledges to kill other users and system processes was revoked at about the same time)
     
    JCDenton_4, Nov 19, 2005
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    In order for use to help you, the directions given in message number 2 must be followed. You have not run all the steps in the READ & RUN ME and the procedure for HijackThis was not followed. You have multiple problems we need to fix and run thru those procedures will help make the fixes easier.

    Also you have appear to have a Look2Me infection. After completing ALL of the READ ME, follow the steps in the below link as it will help with some additional problems.

    Running Spy Sweeper...
     
    chaslang, Nov 19, 2005
    #6
  7. JCDenton_4

    JCDenton_4 Private E-2

    oops- i guess i skipped over that one. i downloaded it (and will buy it soon, probably) and it seems to have worked. i had 2 problems that i noticed- in the temp folder, there were 2 things- eula.htm and thanks.exe. i had no idea what they were, but im guessing that they werent good.

    Now: i still have another problem. at the same time that the popups/ browser redirectors started happening, i lost the access to end other users' programs. is there any way to fix this? i click on a process from one of the three other users on this computer, press delete, hit enter.... and: Access is denied. is there any cure for this?
     
    JCDenton_4, Nov 20, 2005
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds