Persistent malware

Discussion in 'Computer Support' started by Tanel Kagan, Jan 27, 2006.

  1. Tanel Kagan

    Tanel Kagan Guest

    Hello,

    A few days ago my browser was hijacked by some spyware/malware, which kept
    directing me to www.adwarepunisher.com , to try to get me to download their
    software, which was the cause of the problem in the first place.

    I have run Microsofts Antispyware, SpyBot Search and Destroy, Ad-Aware,
    PestPatrol, CCleaner, CWShredder and Hijack This. I've also carried out an
    online Trojan scan at www.windowsecurity.com .

    I have deleted all suspicious entries and threats reported by these
    softwares, uninstalled all suspicious looking programs from the Control
    Panel and also disabled all unnecessary startup processes.

    I have done all this in both safe mode and in normal mode, yet still my
    machine appears to be infected. The explorer interface (windows, menus etc)
    seem to "stick" frequently and opening folders or running programs takes a
    long time.

    As for using the internet, this is again slow and every now and then I get a
    redirect to statcash.com (209.66.115.35).

    Does anyone have any other ideas? Whilst I appreciate all help, please
    don't suggest I try yet *another* program, because if the 7 I've tried
    (which I believe are the most comprehensive and trusted) haven't found
    something then I sincerely doubt another program would.

    Many thanks,

    Tanel.
     
    Tanel Kagan, Jan 27, 2006
    #1
    1. Advertising

  2. Tanel Kagan

    EricP Guest

    On Fri, 27 Jan 2006 16:16:07 +0000 (UTC), "Tanel Kagan"
    <tanelkagan@(nospam)hotmail.com> wrote:

    >Hello,
    >
    >A few days ago my browser was hijacked by some spyware/malware, which kept
    >directing me to www.adwarepunisher.com , to try to get me to download their
    >software, which was the cause of the problem in the first place.
    >
    >I have run Microsofts Antispyware, SpyBot Search and Destroy, Ad-Aware,
    >PestPatrol, CCleaner, CWShredder and Hijack This. I've also carried out an
    >online Trojan scan at www.windowsecurity.com .
    >
    >I have deleted all suspicious entries and threats reported by these
    >softwares, uninstalled all suspicious looking programs from the Control
    >Panel and also disabled all unnecessary startup processes.
    >
    >I have done all this in both safe mode and in normal mode, yet still my
    >machine appears to be infected. The explorer interface (windows, menus etc)
    >seem to "stick" frequently and opening folders or running programs takes a
    >long time.
    >
    >As for using the internet, this is again slow and every now and then I get a
    >redirect to statcash.com (209.66.115.35).
    >
    >Does anyone have any other ideas? Whilst I appreciate all help, please
    >don't suggest I try yet *another* program, because if the 7 I've tried
    >(which I believe are the most comprehensive and trusted) haven't found
    >something then I sincerely doubt another program would.
    >
    >Many thanks,
    >
    >Tanel.
    >


    Spybot will control this malwear. Did you Update it to the latest
    definitions when you ran it?
     
    EricP, Jan 27, 2006
    #2
    1. Advertising

  3. Tanel Kagan

    °Mike° Guest

    In message <drdh07$fjo$-infra.bt.com>,
    "Tanel Kagan" <tanelkagan@(nospam)hotmail.com> took 32 lines to impart
    the following:

    >Hello,
    >
    >A few days ago my browser was hijacked by some spyware/malware, which kept
    >directing me to www.adwarepunisher.com , to try to get me to download their
    >software, which was the cause of the problem in the first place.
    >
    >I have run Microsofts Antispyware, SpyBot Search and Destroy, Ad-Aware,
    >PestPatrol, CCleaner, CWShredder and Hijack This. I've also carried out an
    >online Trojan scan at www.windowsecurity.com .
    >
    >I have deleted all suspicious entries and threats reported by these
    >softwares, uninstalled all suspicious looking programs from the Control
    >Panel and also disabled all unnecessary startup processes.
    >
    >I have done all this in both safe mode and in normal mode, yet still my
    >machine appears to be infected. The explorer interface (windows, menus etc)
    >seem to "stick" frequently and opening folders or running programs takes a
    >long time.
    >
    >As for using the internet, this is again slow and every now and then I get a
    >redirect to statcash.com (209.66.115.35).
    >
    >Does anyone have any other ideas? Whilst I appreciate all help, please
    >don't suggest I try yet *another* program, because if the 7 I've tried
    >(which I believe are the most comprehensive and trusted) haven't found
    >something then I sincerely doubt another program would.
    >
    >Many thanks,
    >
    >Tanel.


    You have apparently used HijackThis, but didn't say what steps
    you took. UPDATE HijackThis, re-run it and post the FULL
    log here.
    --
    Basic computer maintenance
    http://uk.geocities.com/personel44/maintenance.html
     
    °Mike°, Jan 27, 2006
    #3
  4. Tanel Kagan

    PC Guest

    "Tanel Kagan" <tanelkagan@(nospam)hotmail.com> wrote in message
    news:drdh07$fjo$-infra.bt.com...
    > Hello,
    >
    > A few days ago my browser was hijacked by some spyware/malware, which kept
    > directing me to www.adwarepunisher.com , to try to get me to download
    > their
    > software, which was the cause of the problem in the first place.
    >
    > I have run Microsofts Antispyware, SpyBot Search and Destroy, Ad-Aware,
    > PestPatrol, CCleaner, CWShredder and Hijack This. I've also carried out
    > an
    > online Trojan scan at www.windowsecurity.com .
    >
    > I have deleted all suspicious entries and threats reported by these
    > softwares, uninstalled all suspicious looking programs from the Control
    > Panel and also disabled all unnecessary startup processes.
    >
    > I have done all this in both safe mode and in normal mode, yet still my
    > machine appears to be infected. The explorer interface (windows, menus
    > etc)
    > seem to "stick" frequently and opening folders or running programs takes a
    > long time.
    >
    > As for using the internet, this is again slow and every now and then I get
    > a
    > redirect to statcash.com (209.66.115.35).
    >
    > Does anyone have any other ideas? Whilst I appreciate all help, please
    > don't suggest I try yet *another* program, because if the 7 I've tried
    > (which I believe are the most comprehensive and trusted) haven't found
    > something then I sincerely doubt another program would.
    >
    > Many thanks,
    >
    > Tanel.
    >
    >



    Tanel

    Add up the time you have spent 'fixing' this spy/malware infection.
    If it adds up to more than a couple of hours your 'fastest' way of fixing
    the problem is to back your data up, Zero, Partition then Format the hard
    drive and reinstall your OS and applications.

    Cheers
    Paul.
     
    PC, Jan 27, 2006
    #4
  5. Tanel Kagan

    Billh Guest

    Tanel Kagan wrote:
    > Hello,
    >
    > A few days ago my browser was hijacked by some spyware/malware, which kept
    > directing me to www.adwarepunisher.com , to try to get me to download their
    > software, which was the cause of the problem in the first place.
    >
    > I have run Microsofts Antispyware, SpyBot Search and Destroy, Ad-Aware,
    > PestPatrol, CCleaner, CWShredder and Hijack This. I've also carried out an
    > online Trojan scan at www.windowsecurity.com .
    >
    > I have deleted all suspicious entries and threats reported by these
    > softwares, uninstalled all suspicious looking programs from the Control
    > Panel and also disabled all unnecessary startup processes.
    >
    > I have done all this in both safe mode and in normal mode, yet still my
    > machine appears to be infected. The explorer interface (windows, menus etc)
    > seem to "stick" frequently and opening folders or running programs takes a
    > long time.
    >
    > As for using the internet, this is again slow and every now and then I get a
    > redirect to statcash.com (209.66.115.35).
    >
    > Does anyone have any other ideas? Whilst I appreciate all help, please
    > don't suggest I try yet *another* program, because if the 7 I've tried
    > (which I believe are the most comprehensive and trusted) haven't found
    > something then I sincerely doubt another program would.
    >
    > Many thanks,
    >
    > Tanel.
    >
    >

    I know you did not ask for more programs but I have tried these three on
    some recent nasties and they work for me.

    EMCO Malware Destroyer http://www.emco.is/malwaredestroyer/features.html
    Ewido http://www.ewido.net/en/
    http://www.help2go.com/Tutorials/Sp...ith_smitRem.exe_(formerly_SpyAxeFix.exe).html

    Other things you can do is switch to FireFox which would have avoided
    this whole thing in the first place.

    Or as suggested by PC maybe it is time to throw in the towel reformat
    and start over.

    http://dban.sourceforge.net/ use this to wipe your drive.
     
    Billh, Jan 28, 2006
    #5
  6. Re: Re: Persistent malware

    Billh wrote:

    Tanel Kagan wrote:
    >I know you did not ask for more programs but I have tried these three on
    >some recent nasties and they work for me.
    >
    >EMCO Malware Destroyer http://www.emco.is/malwaredestroyer/features.html
    >Ewido http://www.ewido.net/en/
    >http://www.help2go.com/Tutorials/Sp...ith_smitRem.exe_(formerly_SpyAxeFix.exe).html
    >
    >Other things you can do is switch to FireFox which would have avoided
    >this whole thing in the first place.
    >
    >Or as suggested by PC maybe it is time to throw in the towel reformat
    >and start over.
    >
    >http://dban.sourceforge.net/ use this to wipe your drive.
    >
    >


    What are your feelings now?
     
    Liza Smorgaborgsson, Jan 30, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. dmorgan1

    why's my bridge un-persistent?

    dmorgan1, Aug 2, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    424
    dmorgan1
    Aug 2, 2005
  2. [iMpLoDe]
    Replies:
    4
    Views:
    6,224
    [iMpLoDe]
    Jan 17, 2005
  3. Sascha E. Pollok

    Cisco dialer-persistent reconnect delay

    Sascha E. Pollok, Mar 20, 2006, in forum: Cisco
    Replies:
    1
    Views:
    2,327
  4. Replies:
    2
    Views:
    579
  5. LO&MsLO

    'persistent cookies' from government web sites?

    LO&MsLO, Feb 4, 2004, in forum: Computer Support
    Replies:
    1
    Views:
    415
    Patrick
    Feb 4, 2004
Loading...

Share This Page