Hi there Makospawn. Yup , you have a couple of infections on there. Lets get rid of them.
Please download VundoFix.exe from
here , and save it to your desktop.
- Double-click VundoFix.exe to run it.
- Put a check next to Run VundoFix as a task.
- You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
- When VundoFix re-opens, click the Scan for Vundo button.
- Once it's done scanning, click the Remove Vundo button.
- You will receive a prompt asking if you want to remove the files, click YES
- Once you click yes, your desktop will go blank as it starts removing Vundo.
- When completed, it will prompt that it will shutdown your computer, click OK.
- Turn your computer back on.
Go to add/remove programs and find "My Web Search" , "Search Assistant - My Way" and/or "My Way Speedbar" in the list and uninstall it if present.
Then boot in safemode (hit f8 when booting up) and fix these with hijackthis:
(if still present)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\
MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: ScriptInocUI Class - - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: ATLDistrib Object - {2353FCBC-012D-487B-8BF3-865C0929FBEB} - C:\WINDOWS\system32\sstqo.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com/menusearc...p=ZSxdm477YYUS
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache...alFWBInitialSe tup1.0.0.15.cab
O20 - Winlogon Notify: pmnlk - pmnlk.dll (file missing)
O20 - Winlogon Notify: sstqo - C:\WINDOWS\system32\sstqo.dll
Delete the folder in bold , and manually search for , and delete this file:
ShowWnd.exe
When done please post the contents of C:\vundofix.txt and a new HiJackThis log.
PC Help Forum
» Security & Safety
» Spyware / AdWare
»
another PC full of xxWare
another PC full of xxWare
Linear Mode
