Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Option Disabled


  • Please log in to reply
5 replies to this topic

#1 GoodFortitude

GoodFortitude

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:10:21 AM

Posted 25 May 2007 - 12:09 PM

Whenever I click on the search option, or help and support, in my start menu nothing happens. This took place shortly after getting the spylocked virus. I recently downloaded and ran super anti-spyware. It found and fixed a few things as well like trojan.winantivirus 2006. But these features are still disabled. I checked my task manager and msconfig and that seemed to be fine. What could be the problem? Also, I ran gmer for rootkits and got this. Don't know how to deal with it though. Thanks for your help.


GMER 1.0.12.12244 - http://www.gmer.net
Rootkit scan 2007-05-25 00:22:39
Windows 5.1.2600 Service Pack 2


---- Kernel code sections - GMER 1.0.12 ----

? C:\WINDOWS\system32\DRIVERS\update.sys

---- Devices - GMER 1.0.12 ----

Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F7A70EAC] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F7A71026] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A71147] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F7A70EAC] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F7A71026] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A71147] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F7A70EAC] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F7A71026] SMTCPMON.SYS
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A71147] SMTCPMON.SYS
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F7A70EAC] SMTCPMON.SYS
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F7A71026] SMTCPMON.SYS
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A71147] SMTCPMON.SYS
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [F7A70EAC] SMTCPMON.SYS
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [F7A71026] SMTCPMON.SYS
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A71147] SMTCPMON.SYS

---- EOF - GMER 1.0.12 ----

A man isn't measured by how many men he can bring down but, rather, by how many he brings up.

 

Change your circumstances; change your mind.


BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,612 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:21 AM

Posted 25 May 2007 - 01:05 PM

Use the program in the link below to remove Spylocked.
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
Then run the Super Antispyware again in safe mode.

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,584 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:21 AM

Posted 25 May 2007 - 01:20 PM

SMTCPMON.SYS is part of the Secretmaker software and from what I can find it has caused a lot of problems with Windows XP but I don't believe its related to your issue.

update.sys is a Microsoft driver for updating system components.

SuperAntispyware is good but you should follow the instructions provided in the self-help guide "How to remove SpyLocked and SpywareLocked".

If you already tried that, then follow the the instructions for using Vundofix in "How To Remove Winfixer/Virtumonde/Msevents/Trojan.vundo".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 GoodFortitude

GoodFortitude
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:10:21 AM

Posted 25 May 2007 - 01:23 PM

O.k. thanks buddy. I'll try it and get back with you later. thanks again. Sweet...nice work quietman. Will do. let you know later. thanks

Edited by GoodFortitude, 25 May 2007 - 01:32 PM.

A man isn't measured by how many men he can bring down but, rather, by how many he brings up.

 

Change your circumstances; change your mind.


#5 GoodFortitude

GoodFortitude
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:10:21 AM

Posted 29 May 2007 - 01:55 PM

Sorry, it took so long to get back...away for the weekend. Anyway, I did everything you two said to do. Nothing conclusive. I did however look up a little on the secretmaker software and found out that 1. I never installed it myself and 2. don't know how to remove it, can't find files for it, and it doesn't show up in add/remove prgrms.

Other than that I couldn't find anything at all as to what could cause my search option to be unresponsive. I did post my hijack this log under the title "enabling search option". Thanks again.

Edited by GoodFortitude, 30 May 2007 - 01:21 AM.

A man isn't measured by how many men he can bring down but, rather, by how many he brings up.

 

Change your circumstances; change your mind.


#6 mrbux

mrbux

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 02 June 2007 - 02:53 PM

After reviewing all the fixes available to get rid of Spylocked, I downloaded the non-beta version of Microsoft Defender, just to see how it would work, ran a scan, and it removed Spylocked! I was Spyschocked! It looks like a very good spyware scanner, for free...

I'd be curious to know if it works as well for everyone...


MrBux




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users