I've been Hijacked HELP!!!!!!!!!

Discussion in 'Malware Help (A Specialist Will Reply)' started by bahollings, Mar 19, 2005.

  1. bahollings

    bahollings Private E-2

    I keep a warning that says "warning your searchbar has been changed from etc etc to: (and theres nothing there at all)
    I have Windows XP and only use wireless and I'm working in Iraq. (I have no idea what info u need so will try and include everything)
    this is what I've done so far:
    Disabled restore: I then checked for (run and then typed services msc)Network Security, Workstation Netlogon Services & Remote Procedure Call (RPC) Helper , I did not have any of the three running (there were a couple that were similar but not word for word)
    I enabled viewing of hidden files. I then put my computer in safe mode.
    I cleaned my hard drive, then ran Ccleaner w/default options. message was 0 bytes removed.
    Then I ran Spy Bot S&D and it came up, Problem:COOLWWWSEARCH 1 entry.
    Ran Ad Aware it said: POSSIBLE-Reg Data Data Miner HKEY_Local_machines.
    I ran CW Shredder and it had the same warning as Spy Bot.
    I then ran Kill me 2 it said: "The Look2me infection was removed".
    I then ran About Buster,it said the same message as Spy Bot and CW Shredder EXCECPT at the end it said the "search page has been changed to www.google.com.
    I then ran HS Remover and it came up with the same message as Spy Bot it also said I removed 8 items)
    WHAT I COULDN'T DO IS:
    run Trend Micro's Free Online Virus Scan AND Symantec Security Check. when trying to run them I got a message for Trend that said "website is not authorized to host housecall. when trying to run Symantec I got a message that said I couldn't load Activex "can not verify publisher"
    when running "stinger" it came up with nothing.
     
    bahollings, Mar 19, 2005
    #1
  2. TheOldThug

    TheOldThug First Sergeant

    After doing ALL of the READ ME if you still have a problem:

    Make sure you have HijackThis 1.99.1 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, INCLUDING YOUR WEB BROWSER, e-mail. Close before running Hijack This!

    To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder for example C:\Program Files\HJT
     
    TheOldThug, Mar 19, 2005
    #2
  3. bahollings

    bahollings Private E-2

    I'm in over my head with this stuff, so I HOPE I attached the HJT log, if it didn't work please be patient with me I'm learning as I go
     

    Attached Files:

    bahollings, Mar 21, 2005
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds