4,383 Posted Topics
 | Are you still having problems? If so, it could possibly be a proxy server problem. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r21.mchsi.com:8000 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.r21.mchsi.com  |
| | Please just hit the reply button below rather than start a new thread :).  |
| | 1st up, do not stress. You do [b]not[/b] have the VX2 infection :D. What did you delete with killbox? Hopefully they were not system files. As the warning in dllcompare says, not everything there means you are infected! [color=blue]Scan with hijackthis and tick the boxes next to all the following …  |
| | Hi. Run hijackthis and go to [b]config\misc tools\delete a file on reboot[/b] and enter the following; (One at a time) [b]C:\WINDOWS\SYSTEM\tibs3.exe C:\WINDOWS\system32\xpsp2fw.exe C:\WINDOWS\system32\wuclient.exe[/b] When asked to reboot after each, click no. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer … |
| | Being answered here [url]http://www.daniweb.com/techtalkforums/thread16688.html[/url] |
| | Can I play too? :). [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://dr-search4u.com/sp.htm[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://dr-search4u.com/index.htm[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page … |
| | tomoliveri. 18 posts and they are almost all the same! I am certain that Msconfig is no Panacea for PC problems, so can you please stop spamming these boards :). Thank you. |
| | Open Task Manager & end process on the following:[b] cmd32.exe [/b] Go to C:\WINDOWS\System32 and delete the file manually. It is added by the TANKED WORM! [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix … |
| | Cannot see a cause for it there. Try running the latest version of hijackthis. You can get it from one of the sticky posts at the top of this forum. Go to system properties (right click MyComputer > properties) > Advanced tab > under startup and recovery click settings > … |
| | Open Task Manager & end process on the following:[b] WinMNGR.exe [/b] Go to C:\WINDOWS and delete the WinMNGR.exe file manually. Uninstall EliteToolBar from add\remove programs. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" … |
| | It is possible that these sites are in your host file and being blocked. Download the [url=http://members.aol.com/toadbee/hoster.zip][color=blue]Hoster.[/color][/url] Run it and press "Restore Original Hosts" and press "OK". Exit Program. Note that if you have a custom host file, this will remove it. You can edit the host file with this … |
| | 1. [b]Download and install [color=blue][URL=http://www.lavasoftusa.com/software/adaware/] Ad-Aware SE,[/URL][/color][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware SE 3. Click on the[b]‘world’ [/b] icon at the top right of the Ad-Aware SE window and let AdAware SE … |
| | [QUOTE=tomoliveri]start run type: msconfig click selective startup unclick load startup items click ok restart redo this every month and for every body else do the same!! it makes your computer like... 5X faster! i need not say more[/QUOTE] You can stop spamming these posts now please. Not everyone has Msconfig … |
| | Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. Run Pocket Killbox and paste the full file path of each of the below files in the box and click on Standard File Kill and End Explorer Shell While Killing File. Click on the button with the red circle and … |
| | Just do a system restore to a time before you started fixing things, then post a log after. |
 | [b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] and scrolling down to the uninstall tool. Also uninstall Webhancer. |
| | Re: Hijack This log Follow dlh6213's instructions here; [url]http://www.daniweb.com/techtalkforums/thread16475.html[/url] |
| | Hi. First of all you need to update hijackthis to version 1.99. Get it [url=http://www.merijn.org/files/hijackthis_sfx.exe][u]here.[/u][/url] Remove the old version by opening the program, going to config\misc tools, then uninstall & exit. You then have to delete the file manually. This is a self extracting version. |
| | Can you follow dlh6213's 2nd post and report back with the log please. |
| | Hi there. First of all you are running hijackthis from a temporary folder. The backups that hijackthis creates can be accidentally deleted when not in a permanent folder. Please do the following; Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, … |
| | Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. Run Pocket Killbox and paste the full file path of each of the below files in the box and click on Standard File Kill and End Explorer Shell While Killing File. Click on the button with the red circle and … |
| | Hi there. Uninstall P2P Networking from add\remove programs. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = [url]http://www.isearch.com/index.php?ap...ODQ6NTo5&Terms=[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm O2 - BHO: … |
| | Please post a new hijackthis log if you still require help. |
| | All I can see is this one; O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - [url]http://207.188.7.150/166e32ca63196d...ip/RdxIE601.cab[/url] This one is suspicious. Do you know what it is? C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8b5e9cdb91dddbb342695fbdc36fe0e4\update\update.exe |
| | Re: Hijacked AGAIN!! Hi. First of all you need to update hijackthis to version 1.99. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by opening the program, going to config\misc tools, then uninstall & exit. You then have to delete … |
| | [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] to TrendMicro for an on-line scan & set it to autoclean for you. Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan at Panda as well.[/b] 1. [b]Download and install [color=blue][URL=http://www.lavasoftusa.com/software/adaware/] Ad-Aware SE,[/URL][/color][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] … |
| | [b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] and scrolling down to the uninstall tool. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 … |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 Reboot and see if you still have the same problem. |
| | Go to your Control Panel and double click on the Sun Java icon. Go to the cache Tab and clear the cache. Open Task Manager & end process on the following:[b] frmcrwb.exe [/b] Go to C:\windows and delete the file manually. [color=blue]Scan with hijackthis and tick the boxes next to … |
| | First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. If not listed there, run this uninstaller: [url]http://members.rogers.com/rjmac/new_uninstall.exe[/url] … |
| | It's either the monitor or the graphics card. Can you get another to test with? |
| | You do have a CWS infection. Did you have all Internet explorer and Windows explorer windows closed when you [b]fixed[/b] with CWShredder? Did you use the latest version? [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit … |
| | Please try this first. Dav555 very kindly provided this fix: [quote]you should fixed the following problems with HijackThis F0 - system.ini: Shell=Explorer.exe winsock.scr F2 - REG:system.ini: Shell=Explorer.exe winsock.scr O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe then delete the following files with GiPo@FileUtilities (Move on boot) (Remember to go into explorer, folder options, … |
| | Download: "StartDreck", from here: [url]http://www.niksoft.at/download/startdreck.htm[/url] Unzip to its own folder and start the program, Press 'Config' Press 'Unmark All' Check the following boxes only: Registry -> Run Keys System/drivers> Running processes Press 'Ok' Press 'Save' and select the location to save the log file (default is the same folder as … |
| | You may be able to fix it by doing a repair of Internet Explorer, or by reinstalling it. Control Panel>add\remove programs>Add\Remove Windows Components. |
 | Download [color=blue][b]CWShredder 2.0[/b][/color] from [url=http://www.intermute.com/spysubtract/cwshredder_download.html][u]here.[/u][/url] Run it and press the *fix,* not scan and allow it to clean the infection. 1. [b]Download and install [color=blue][URL=http://www.lavasoftusa.com/software/adaware/] Ad-Aware SE,[/URL][/color][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware … |
| | You have posted only half of the log :). Uninstall Messenger Plus as it comes bundled with LOP, the infection you currently enjoy :). You can reinstall Messenger Plus without the sponsor. Click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or … |
| | Hi. First of all you need to update hijackthis to version 1.99. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by opening the program, going to config\misc tools, then uninstall & exit. You then have to delete … |
| | Hey. You've managed to dredge up a pretty old thread :). You really need to start your own thread when you have a problem rather than tag on to someone else's thread (even a dead one :D). I will split yours out to your own thread and then give you … |
| | Spybot is blocking 3rd party tracking cookies by the sound of it. You can set it up to not give you a notice every time. |
| | Re: HJT log help pls The free version of flashget is regarded as bad. I ran a check of your version and it appears to be ok. |
| | c:/windows/explorer.exe is a legitimate file. Sounds like you may have to reconfigure blackice. |
| | I would just fix this one with hijackthis. O2 - BHO: ipsmsnai - {2C15064C-676B-D3B0-65F9-B3C53F46B198} - C:\WINDOWS\system32\ipsmsnai.dll |
| | Open Task Manager & end process on the following:[b] isrvs [/b] Go to [b]C:\WINDOWS[/b] and delete the [b]isrvs[/b]folder. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] O2 - BHO: IE Update Class … |
| | Hi. First up we need to get rid of some crap before having a go at VX2. [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of "calsp.dll" [b](and nothing else),[/b] and move them to the "Remove" pane. Then click … |
| | Go [url=http://www.silentrunners.org/]here[/url] and download and run Silent Runners.vbs. It generates a log, please post the information back in this thread. [url]http://downloads.subratam.org/DllCompare.exe[/url] Now open DllCompare.exe and click the "Run Locate.com" button. Then click the "Compare" button (this will take a few minutes) When it finishes click the "Make Log...." button. save … |
| | If you still need help, please post another hijackthis log taken after a reboot. |
| | If you can burn any important stuff to disk, do so. I always make sure that anything I do not want to lose is copied onto a CD-R. |
| | Try this version; [url]http://www.bleepingcomputer.com/files/hijackthis1982.php[/url] |
| | Re: Secret Spyware Please go [url=http://windowsupdate.microsoft.com/][u]here[/u][/url] & install ALL updates required for your system. [b]Download [color=blue]HijackThis[/color] from [url=http://computercops.biz/downloads-file-328.html][u]here[/u][/url][/b] & unzip it into it's own, permanent folder, [color=red](Not a temporary folder or the desktop (in a folder on the desktop is fine) & not directly on your hard drive)[/color]. If you prefer an executable … |
The End.