Hi-jacked again Control panel locked found this.
 

Some site that signed up to trade traffic hi-jacked me when I clicked to check their link. Now when I click on anything in the control panel I get this messgae "access to specified device,path or file denied".

Found this file : C\WINDOWS\915D8JKSX8.exe in thte startup menu and deleted it but still getting the message

Oh well, maybe I'll just thow this computer away. I actually hate the internet anyway, mostly because of this stuff. How can anyone make money from their porn site by doing this? I will never click on a page that hi-jacked my home page so I don't get it.

PS: anyone know how to get rid of that message?
I ran spybot but it didn't help.

HiJack This http://mjc1.com/mirror/hjt/

Thanks PK,
I downloaded it and ran it but I sill get that message in the control panel. It's not easy to understand the program but I deleted a few things that were way off.

I just don't understand the motivation for this stuff at all.
I have no idea why regular people would bother with the internet with all this stuff going on. I make money and still I keep thinking about finding something else so that I will never have to go on the internet again.

reformat

try this site. He's a great guy http://www.merijn.org/

Try virus checker and ad aware. If these don't work try google search looking for the name that was in the start menu. Hopefully this helps...

Na... what he has running in his system most likely won't let him run Ad-Aware, etc. If it does it will do nothing to help.


January 24, 2004:

CWS.Smartsearch is killing CWShredder, HijackThis, Spybot S&D and Ad-Aware as well as several anti-spyware sites when they are opened. I can't figure out how to make CWShredder evade this, so I'm recommending PepiMK's CoolWWWSearch.SmartKiller removal tool which you should run first. CWShredder will then run properly and cleanup the complete parasite.


I got the help I needed when I got infected with a veriant of the CWS.Smartsearch trojan that exploits the ByteCodeVerifier vulnerability in the Microsoft Virtual Machine to execute unauthorized code.

If it's blocking you from getting to merijn then try here: http://216.180.233.153/~merijn/index.html.

I think you are right!

I saw this on my computer "CWS.Smartsearch ".
I thought I removed it but the problem is still there; but this was seen when the problem happened and my computer was spotless before I saw this.

That's what it is, no doubt.

:1orglaugh :thumbsup

Your RUNDLL32.EXE has been replaced by a shit one.

What O/S are you runnin'?

Windows 98 second edition.

You have a good point; I tried to run that exe and it didn't work.

http://home.bendcable.com/CooperSoft/Patch/RUNDLL32.EXE

goes in c:\windows

overwrite if asked

reboot

or you can run sfc in Run... and extract

There was a farmer who had a dog and BINGO was his name-O.
You know the song.

Yep, That did it. Back to normal again. So I guess I'll wait until tomorrow before I decide to quit the internet again.:1orglaugh

I'd kiss your ass through the internet right now but I'm black and my lips can't fit through all this fiber optic shit.

Don't click on email attachment that you don't know for sure
exactly what they are and get yer butt over to Windows Update
and get the criticals.

Virus writers and spyware writers will always be on the losing end.
Fuck 'em.