We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Google Search Hijacking Clickcheck.ru Infection
Comments
-
OK I did run both of those. It found a lot of stuff.
I then installed ComboFix and it ran a scan again. This time it only took a few minutes, I was so happy
Here's my new combofix log.
game5media.com/combofix2.txt
EDIT: I also noticed combofix didn't try to reboot this time... I mean it found a rootkit and listed some files then rebooted, but when ti came back and ran the scan that produced this log file it didn't try to reboot. I also notice there is no Combofix icon on my desktop to drag files to.0 -
Run the CLEANER part of ccleaner again (to remove the TEMP files the nasties keep creating)
Open notepad and copy/paste the text in RED below
File::
c:\windows\system32\drivers\wwuozhmt.sys
c:\windows\system32\mlfcache.dat
Save this as "CFScript"
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply
Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
Then please run a KASPERSKY ONLINE SCAN
Scan MY COMPUTER
Post all infection locations so I can see what to remove (Kaspersky ONLY scans):idea:0 -
I can't find ComboFix anywhere
Like I said it didn't reboot a second time and there is no desktop icon for me to drag the CFScript to.
I'm lost, what do you think I should do?0 -
Just download it again:idea:0
-
OK sorry for the delay in response. It took me like 20 minutes to realize what I was doing wrong. I was clicking OPEN when I download it instead of SAVE so it wasn't saving to my desktop. I was expecting it to install and it just .... ran
Ok so I did the drag CFScript thing after running CCLEANER and I am a now about to run Kapersky scan0 -
I could do with seeing the latest combofix log too as nasties keep appearing:idea:0
-
game5media.com/combofix3.txt0
-
Kapersky scan is only at 30% so far.
Only 1 infected file so far.0 -
67% 45 infected objects.
I just checked and clickcheck.ru is still redirecting google results in FF0 -
Back up your stuff and reinstall Windows.
You've been at this for hours now; you'd have been done several times over.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards