Solved

wont let me in to surtin websites

Posted on 2006-11-20
6
218 Views
Last Modified: 2011-09-20
hi

My computer wont let me into surtin websites it just comes up with this site is blocked due to spyware you have to download system doctoer to contuine. i know system docter is bad so does anyone have any ideas how to fix this?

I have done scans and it says i have no viris so i have no idea what to do im thinking just reformating the whole thing.

Any ideas would be great.

Thanks
0
Comment
Question by:Nicola86
  • 4
6 Comments
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17983240
It could be smitfaud or it could be something, let's look at your hijackthis log.
The log will tell us what malware infection is in your system.

Please download HijackThis 1.99.1
http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe

Make sure all startup entries are enabled.
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

Then upload the logs to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

If you have problem uploading, just paste the hijackthis log here in your topic.


0
 

Author Comment

by:Nicola86
ID: 17983263
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 250 total points
ID: 17983429
Thanks for the log.
It is smitfraud infection!

Please download SmitfraudFix(by [b]S!Ri[/b])
http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Extract the content a folder named SmitfraudFix to your Desktop.

Open the SmitfraudFix folder and double-click "smitfraudfix.cmd"
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note: process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.


After you've done that, do this below:
Reboot your computer in Safe Mode by rebooting the computer,
and repeatedly tapping the F8 key as the pc starts. Choose "Safe Mode" from the options listed.
 
Once in Safe Mode, open the SmitfraudFix folder again and double-click
smitfraudfix.cmd
 
Select option #2 - Clean by typing 2 and press "Enter" to delete infected
files.
 
You will be prompted : "Registry cleaning - Do you want to clean the
registry?" answer "Yes" by typing Y and press "Enter" in order to remove
the Desktop background and clean registry keys associated with the
infection.
 
The tool will now check if wininet.dll is infected. You may be prompted to
replace the infected file (if found); answer "Yes" by typing Y and press
"Enter".
 
The tool may need to restart your computer to finish the cleaning process;
if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt



0
ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17983547
These are Not recommended, it should be uninstalled and then remove their folders if still present:
MyGlobalSearch
Block Checker


Please fix these entries in hijackthis while all browsers and other windows are closed click "Fix Checked":(some entries will not be there don't worry)

O2 - BHO: (no name) - {192c5b4a-3efd-40c7-9f99-c472deb8efc0} - C:\Program Files\Perfect Codec\isaddon.dll
O2 - BHO: System Process - {C2EEB4FA-B6D6-41b9-9CFA-ABA87F862BCB} - C:\WINDOWS\system32\navshext1.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE  
O4 - HKLM\..\Run: [BlockChecker] C:\Program Files\Block Checker\block-checker.exe
O4 - HKCU\..\Run: [WinFixer2006] "C:\Program Files\WinFixer_2006\uwfx6.exe" /min
O4 - HKCU\..\Run: [BraveSentry] C:\Program Files\BraveSentry\BraveSentry.exe
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.bigfishgames.com/online/ricochetlostworlds/ReflexiveWebGameLoader.cab   
O21 - SSODL: featherweed - {ab340860-fd81-4a65-b345-82eb77a66b5e} - C:\WINDOWS\system32\jbtazy.dll (file missing)


Let us know if problem persists so we can suggest additional scanners. For sure smitfraudfix will fix the smitfraud infection but you may have other nasties hiding there as well.
0
 
LVL 6

Expert Comment

by:Mnf
ID: 17996589
Try spybot it will remove it immediately
www.safer-networking.org/en/download/
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 18001116
Cool.

Thanks!
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question