i have mssearchnet.exe infecting my computer i deleted it through dos out of windows\prefetch and windows\system32 but it just keeps coming back anybody have some suggestions on how to get this off also i have fat.exe and i deleted from windows\prefetch but im not sure if that was enough to fully get rid of that so if i did that right let me know if not let me know again thank you
just to make sure, if mssearchnet.exe is the spyware/malware that shows up as a windows upgrade globe in the icontray, and when you click the "upgrade baloon" you are forwarded to www.spyaxe.com, if it is, then there are multiple scans to complete. www.ewido.com is an excellent 14 day trial. also, http://www.safer-networking.org/en/download/index.html is spybot S&D 1.4 is an excellent spyware detector/cleaner. if this is what i think it is, then we will get rid of it ASAP, and these scans will help dramatically. if possible, can u post a screen shot of where you see mssearchnet.exe?
2. Run the "hijackthis.exe" file and a new window will appear. In that new window please click on the button that says "Do a system scan and save a logfile".
3. After the program finishes searching for abnormal objects, the logfile will be saved automatically in the same folder in which you have placed the contents of the archive.
4. Open the log, and then copy it and paste it on the forum... will need that log
Then, you should disabl the following Windows service if you use Windows XP (or any version above):
1. click START->RUN
2. type "services.msc"
3. in the Services window locate the Windows service named MESENGER
4. right click it and choose Properties
5. STOP the service and put it to the DISABLED mode - this is the cause for a lot of pop-ups that pop on your screen
I found this forum by Google. Here is my log file from Hijack This
Logfile of HijackThis v1.99.1 Scan saved at 06:20:44 PM, on 2005/12/21 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
i am so glad i found this forum, i got the same thing except i only got mssearchnet.exe. the thing is irritating and i went to noton's website and they said to turn off windows restore and run norton's system scan but that didn't pick up anything i use spybot 1.4 regulary and its helped me alot so far but all it picks up is smitfraud and it says HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\nvctrl.exe
According to FProt Antivirus, the three problematic files still left on my computer after numerous scans through Hijack This, Ewido, Ad Aware, and Spybot are as follows:
hpqaf9d.tmp mssearchnet.exe nvctrl.exe
I can' t remove them because supposedly a program is already using them even when i'm off the internet. Could someone please tell me how I remove these files and what else is a problem to my computer that I might not be aware about? Here's the latest HijackThis! log i have.
Logfile of HijackThis v1.99.1 Scan saved at 9:22:28 PM, on 1/2/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
I too was infected by mssearchnet (very annoying) and used AVG 7.1 Professional (Free 30 day trial) to get rid of it. It found a few malware applets that Ad Aware and Spybot missed. Good luck.
yeah i got rid of it once just by sheer luck becuase it was takign a long time to open when i checked in task manager, so i went ot system32 where it was located in mine and deleted it before it could start.... but then like two days later it came back and i duno how.... !!!! thing. it was with spyaxe but i got rid of spyaxe using another program that found and got rid of the trojan, so now it's just mssearchnet.exe thatn eeds to be removed. avg doesn't find anything, neither does norton, or spybot or adaware
I too had this file infecting my computer giving me pop-ups while working or playing a game. I tried several things to remove this pain, including terminating the program/process then deleting the file, yet that didn't work. Spybot did't find it, Ad-Aware didn't find it, McAfee didn't find it, but when i got AVG it found it while setting up! So hopefully AVG will get rid of it, i'm using version 7.1 and updated it. Will post here again if I can't remove it with AVG!
Now.. there will be a couple keys there that dont do anything but run the offending programs. Delete them. Next, the other two that look like they should be pointing to windows programs, I.E. Kernel32.dll, and wininet.dll. Modify those two files to point back to the appropriate files.
NEXT
Run your anti-virus stuff and spyware stuff as usuall, but pay attention to the virus filename. IIRC, hpqaf9d.tmp is a trojan downloader. Most programs should pick that one up. Now, run a file search through your HDD for mssearchnet, nvctrl and delete all that show up. Prefetch, the file, all of it. I think mssearchnet.exe is located in your /windows/system32/ dir.
hello guys i am dutch so forgive me if my english is not so good i just was hoping that you guys could help me out.
i have the program called mssearchnet.exe i just cant get it of my computer i keep getting pop-ups that advise me to get antispyware like spybot. plz help me to get this JUNK of my pc becouse it drives me crazy when i am playing a game and i keep getting the pop-ups.
forgive my bad english this is a scanninglog of hijacthis..
Logfile of HijackThis v1.99.1 Scan saved at 3:39:51, on 7-1-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Im new here, and I had teh same problem with mssearchnet.exe, and it really !!!!ed me off, so I know what you have been going through, and i found this site, wich has everything you have to do if you want to get rid of this malware, and another thing, as pandemonian have said you have to go to regedit and change the registers, otherwise u wont be able to close and delete the program msserach.net.
Here is the link they explain everything Bye Bye mssearchnet.exe
I went to safe mode and removed msseachnet.exe and nvctrl.exe but problem still haven't been solved because my home page in Explorer was abused so after further investigation I noticed that LDC42A.TMP file had to be cleaned. That's acctualy file that creates different name every time one is affected so you need also to search out files with extension .TMP created on the day you have been affected and remove the blody monster (myone was found in system32 folder).
This bugger is pretty hard to get rid of. I've got this thing two times, and the first time i had to reinstall windows to get rid of it. This time though i sat down and evaporated that thing.
1 Fist, if you're an XP user, download the Microsoft (GIANT) Anti Spyware, or if you're not, Download AdAware. Now, don't be lazy, google them out if you dont have em.
2 Download the new definitions and update the main program, and then run the scans.
3 Delete everything they find, then download Norton Antivirus Trail (15 Days), run Live Update, run a scan and delete everything it find.
4 Download smitfraud and install it.
5 Go to the start menu, run, and type msconfig.
6 Under the BOOT.INI tab, run in safemode. Restart your computer (there's a popup window that lets you do this automaticly)
7 Run Smitfraud, and it will delete everything it finds automaticly.
8 While still in safemode, repeat step 5, only type regedit instead. Under HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Currentversion/Policies there is a register key value that says kernel32.dll = mssearchnet.exe
9 Delete it. While here, check for things that you are sure not belong there, like values that have nvctrl.exe or fat.exe and delete them as well. WARNING! Do NOT make any changes in the regestry if you are not ENTIRELY sure of what yo are doing! I am not responsible for any dmg you might cause while editing you regestry!
10 Now, search for mssearchnet.exe and delete it. I found mine in the %SYSTEM32% folder, but the location may variate. Also search for fat.exe and/or nvctrl, if you have these viruses too, and delete them as well. In order to find them, just use the builtin search function in windows.
Finally, most of these instructions are written for windows XP users, so if something doesnt work and you dont have XP, dont balme me. In fact, im just doing this to help, and I am not responsible for any damage you may cause on your computer or company compyters or network. Good luck, and happy Virus&Spyware hunting! Give em hell from me!
can you please help me with this. I have mssearchnet.exe and i can't fix it.
Logfile of HijackThis v1.99.1 Scan saved at 8:52:56 μμ, on 21/2/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Currently it is Tuesday, January 06, 2009 3:53 PM (GMT +1) There are a total of 65.870 posts in 16.165 threads. In the last 3 days there were 22 new threads and 93 reply posts. View Active Threads
Who's Online
This forum has 27758 registered members. Please welcome our newest member, Nards. 52 Guest(s), 0 Registered Member(s) are currently online. Details
i use spybot 1.4 regulary and its helped me alot so far but all it picks up is smitfraud and it says HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\nvctrl.exe
Bye Bye mssearchnet.exe
|