|
| ||
| http:///?%20 in IE Address Bar Everytime I type in a url in the address bar it won't go to the page. It will have http:///?%20www.web page name. I'm unable to go to any webpage at all. I have downloaded IE 6.0 and reloaded with no change. I'm a novice and I'm lost. Thanks in advance for any assistance. |
| ||
| http:///?%20 in IE Address bar Everytime I type in a url in the address bar it won't go to the page. It will have http:///?%20www.webpagename. I'm unable to go to any webpage at all. I have downloaded IE 6.0 and reloaded with no change. I'm a novice and I'm lost. Thanks in advance for any assistance. Hijack This log posted below: Logfile of HijackThis v1.99.1 Scan saved at 09:57:34 AM, on 11/27/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\WINNT\System32\Ati2evxx.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\hidserv.exe C:\PROGRA~1\Iomega\System32\AppServices.exe c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\hkeyman.exe C:\WINNT\wanmpsvc.exe C:\WINNT\system32\atiptaxx.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINNT\system32\PRPCUI.exe C:\Program Files\Iomega\AutoDisk\ADUserMon.exe C:\WINNT\system32\svchost.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\WINNT\IdleProc.exe C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe C:\Program Files\HP CD-Writer\Mmenu\hpcdtray.exe C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe C:\PROGRA~1\mcafee.com\mps\mscifapp.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\America Online 9.0d\aoltray.exe C:\Program Files\GhostSurf\GhostSurf.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe C:\Program Files\QUICKENW\QWDLLS.EXE C:\Program Files\Microsoft Office\Office\1033\msoffice.exe C:\Program Files\Sony Handheld\HOTSYNC.EXE C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINNT\system32\wuauclt.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\America Online 9.0d\waol.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe C:\Program Files\America Online 9.0d\shellmon.exe C:\Program Files\America Online 9.0d\aolwbspd.exe C:\Program Files\Sony Handheld\palm.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\WinZip\winzip32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,Search = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer,Search = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:7212 R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file) F1 - win.ini: run=fntldr.exe O1 - Hosts: 1089288654 auto.search.msn.com O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn1\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINNT\system32\IETie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn1\ycomp5_5_7_0.dll O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Hotkey] C:\WINNT\System32\hkeyman.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe O4 - HKLM\..\Run: [!SysInit] C:\WINNT\system32\MsChkSys.exe O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [Microsoft Services] mssrev.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" O4 - HKLM\..\Run: [HP CD-Writer] C:\Program Files\HP CD-Writer\Mmenu\hpcdtray.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1118233638\EE\AOLHostManager.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run O4 - HKLM\..\Run: [McAfee Guardian] C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe /SU O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\RunServices: [Microsoft Services] mssrev.exe O4 - HKCU\..\Run: [AOL Instant Messenger (TM)] C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: FriendFinder Messenger.lnk = C:\Program Files\FriendFinder Messenger\FriendFinder Messenger\FFIMC.exe O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0d\aoltray.exe O4 - Global Startup: Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE O4 - Global Startup: GhostSurf.lnk = C:\Program Files\GhostSurf\GhostSurf.exe O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Allow personal info to reach this site - file://C:\Program Files\GhostSurf\info.allow.html O8 - Extra context menu item: Allow popups on this site - file://C:\Program Files\GhostSurf\popup.allow.html O8 - Extra context menu item: Allow this advertisement - file://C:\Program Files\GhostSurf\menu.allowimg.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Block personal info from this site - file://C:\Program Files\GhostSurf\info.block.html O8 - Extra context menu item: Block popups on this site - file://C:\Program Files\GhostSurf\popup.block.html O8 - Extra context menu item: Block this advertisement - file://C:\Program Files\GhostSurf\menu.blockimg.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O9 - Extra button: GhostSurf Privacy Center - {578FC4E3-151E-456c-AF8E-B63061EFE228} - C:\Program Files\GhostSurf\LaunchPCC.exe O9 - Extra 'Tools' menuitem: GhostSurf Privacy Center - {578FC4E3-151E-456c-AF8E-B63061EFE228} - C:\Program Files\GhostSurf\LaunchPCC.exe O9 - Extra button: (no name) - {578FC4E3-151E-456c-AF8E-B63061EFE228}} - (no file) O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {03A89EFD-E023-4606-A22D-45F77558EB4C} (ILINCInstall73 Class) - http://lm-learnlinc.ilinc.com/download/iLinc73i.dll O16 - DPF: {03A89EFD-E023-5707-A22D-45F77558EB4C} (ILINCInstall73 Class) - http://lm-learnlinc.ilinc.com/download/ilinci76.dll O16 - DPF: {03A89EFD-E023-7700-A22D-45F77558EB4C} (ILINCInstall77 Class) - http://lm-learnlinc.ilinc.com/download/ilinci77.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...0/mcinsctl.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...20/mcgdmgr.cab O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://lifeproducts.transamerica.com...ivexviewer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://sfg.webex.com/client/v_myweb...ex/ieatgpc.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{11179C27-A616-4FE3-93D4-A2748D265CC2}: NameServer = 205.188.146.145 O17 - HKLM\System\CS1\Services\Tcpip\..\{11179C27-A616-4FE3-93D4-A2748D265CC2}: NameServer = 205.188.146.145 O19 - User stylesheet: (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: McAfee SpamKiller Server (MskService) - Networks Associates Technology. Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe |
| ||
| Re: http:///?%20 in IE Address bar Your log shows signs of at least a few infections, but there's something you need to take care of before we begin the cleaning process: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe The log entry above indicates that you are running HJT from within a Temp/Temporary folder. You need to create a folder for HJT outside of any Temp/Temporary folders and move it there now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do. One of the normal steps in eliminating malicious programs is to entirely delete the contents of all Temp folders. Given that, if HijackThis (and other data that you care about) is living in those Temp folders, it will be erased along with everything else! Temp/Temporary folders are just that- Temporary. They are not meant for permanent storage, as their contents are often delete in the course of troubleshooting, by running disk clean-up utilities, etc. After moving HijackThis to a safe location, please do the following: You will need to close/quit all web browser programs and disconnect from the Internet for some of the following, so you should print out the following instructions or save them into a text file with Notepad. 1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can: http://www.kaspersky.com/scanforvirus.html http://housecall.trendmicro.com/ http://us.mcafee.com/root/mfs/default.asp?cid=9914 http://www.pandasoftware.com/active...n_principal.htm http://www.ravantivirus.com/scan/ http://www.bitdefender.com/scan/licence.php 2. Download and install these two utilities: ewido Security Suite - http://www.ewido.net/en/download/ Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en - Open ewido. If you receive a warning message saying "Database not found"; just click "OK" for this. Next, in the main screen, click "Update" and click "Start Update". After the update process completes, exit from Ewido. - Open MS Antispyware beta. Make sure the "AntiSpyware Autoupdater" feature is enabled, and that it has downloaded the most current antispyware updates. Close the program after you've verified this. 4. Reboot into Safe Mode (you get to the safe mode boot option by hitting the F8 key as your computer is starting up). 5. Run ewido and MS Antispyware beta consecutively (the order doesn't matter), and have both programs fix whatever they find. When ewido finds the first malicious object on your system, it will ask you if it should clean it. When it asks this, put a checkmark in the lower left corner of the box that says "Perform action on all infections", then choose clean and click OK. 6. While still in Safe Mode, open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types". - For every user account listed under C:\Documents and Settings, delete the entire contents of these folders (but not the folders themselves): Important: One of the normal steps in eliminating malicious programs is to entirely delete the contents of all Temp folders. Given that, if any data that you care about is living in those Temp folders, you need to move it to a safe location now, or it will be erased along with everything else! 1. Cookies 2. Local Settings\Temp 3. Local Settings\History 4. Local Settings\Temporary Internet Files - Delete the entire content of your C:\Windows\Temp folder. - Delete the entire content of your C:\Windows\Prefetch folder. Note- If you get any messages concerning the deletion of system files such as desktop.ini or index.dat, just choose to delete those files; they'll be automatically regenerated by Windows if needed. Windows will allow you to delete the versions of those files which exist in sub-folders within the main Temp/Temorary folders, but might not let you delete the versions of those files that exist in the main Temp folders themselves; this is normal and OK. - Empty your Recycle Bin. - Reboot normally. 7. Run HijackThis again and post the new log. Also post the scan report log that ewido generated. |
| ||
| Re: http:///?%20 in IE Address bar My computer had this same problem. It's something called a Layered Service Protocol (LSP) issue (category 'O10' in my HijackThis log) that might happen after removing adware. My steps: 1) Update Lavasaoft's Adaware (www.lavasoft.de) 2) Reboot, start up in Safe Mode (I pressed F8 during start-up to get option to run in Safe Mode) 3) Run Adaware. Reboot. Start in normal mode 4) You can Run HijackThis to see if it picks up any other misc. registry entries 5) Go to http://cexx.org/lspfix.htm and download LSP-fix 6) Run LSP-fix tool --- and you should no longer get the http:///?%20 and it should connect to the internet |
| ||
| Re: http:///?%20 in IE Address Bar My computer had this same problem. It's something called a Layered Service Protocol (LSP) issue (category 'O10' in my HijackThis log) that might happen after removing adware. My steps: 1) Update Lavasaoft's Adaware (www.lavasoft.de) 2) Reboot, start up in Safe Mode (I pressed F8 during start-up to get option to run in Safe Mode) 3) Run Adaware. Reboot. Start in normal mode 4) You can Run HijackThis to see if it picks up any other misc. registry entries 5) Go to http://cexx.org/lspfix.htm and download LSP-fix 6) Run LSP-fix tool --- and you should no longer get the http:///?%20 and it should connect to the internet |
| All times are GMT -4. The time now is 11:56 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC