Home Page Hyjack and adware or spyware pop ups

Discussion in 'Malware Help (A Specialist Will Reply)' started by jonnyfive, Aug 9, 2006.

  1. jonnyfive

    jonnyfive Private E-2

    I have a Sony Vaio Pentium 4, 3.2 GHZ Desktop with 512 MB of RAM and a 250 MB Hard drive. Windows XP Home Ed. Version 2002 SP2 Just today started being hit with redirecting web pages when opening a new browser. Being taken to sites to buy all kinds of different spyware or adware software. I was informed that IP address 195.126.18.11 had taken over control of my system although I am not an expert at this...obviously, so I don't know how seriously to take that, or if it is just a scare tactic to buy the software they want me to. Anyway I've alreay gone through most of the steps in your Hyjack this article to clean it but I wanted to post my first 2 logs before calling it for the night. I'm in NY and east coast is getting late. I will check back for any responces from the experts tomorrow after work and will resume with going into safe mode and cleaning, where I will then post any other logs you requested to properly help me get rid of this crap. Thanks and no amount of feedback is to much.
    P.S. I have a Yellow triangle in my systray blinking and giving me alerts that my system is infected, and I've already seen Trojan i worm_attck_v 122.02a and W32.myzor.fk@yf and OPHE ver 4.12_23 pop up in there somewhere. Again don't know if those are real because it seems highly unlogical that a spyware or adware or virus or trojan would just announce itself.
     

    Attached Files:

    jonnyfive, Aug 9, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    Besides finishing the rest of the READ ME you will need to run the below!

    Download SmitfraudFix (by S!Ri) to your Desktop.
    http://siri.urz.free.fr/Fix/SmitfraudFix.zip

    Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.

    Open the SmitfraudFix folder and double-click smitfraudfix.cmd
    Select option #1 - Search by typing 1 and press Enter
    This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please attach that log in your next reply.

    Note: process.exe ( which is used my SmitFraudFIx ) is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user. The below is a link to what process.exe is.

    http://www.beyondlogic.org/consulting/proc...processutil.htm


    IMPORTANT: Do NOT run any other options until you are asked to do so!
     
    chaslang, Aug 9, 2006
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds