crunchie

Open Task Manager & end process on the following:[b] rporiy.exe [/b] Then go to C:\WINDOWS\system32 and delete the file manually. Uninstall EliteBar from add\remove programs. [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of "calsp.dll" [b](and nothing else),[/b] and …

You need to show hidden files\folders in order to [b]find[/b] this folder; C:\docume~1\owner\locals~1\[b]temp[/b] Once found, delete the contents, as well as following the other instructions :).

[b]Reboot into safe mode[/b] following the instructions [url=http://www.xtra.co.nz/help/0,,6156-1377929,00.html][u]here[/u][/url] and rescan with hijackthis. When the scan is finished [b][color=blue]tick the boxes next to all the following entries, then close all browser and explorer windows, and tell HijackThis to "Fix checked."[/color][/b] R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = [url]http://216.65.101.250/sbms/[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar …

[QUOTE=DaveSW]Cheers for that dlh6213! Hey version 1.99 is currently on beta. hopefully that'll fix it![/QUOTE] So far it doesn't :(. Merijn has my (and others, I would imagine) regkey settings that apply to this problem and is looking into it. Hopefully he will have it sorted for the final version.

Also, uninstall Windows AdControl from add\remove programs.

I am having the same problem. When I attempt to empty or delete the contents of the junk mail folder, I get a popup that asks for an OK, so when I hit OK, nothing happens. Been like this since the extra space. Empties automatically after 7 days, I think. …

You also need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by opening the program, going to config\misc tools, then uninstall & exit. You then have to delete the file manually. …

Possibly it is still in the registry as an orphaned entry. You can try a scan with hijackthis and if you see it delete it using the fix button. [b]Download [color=blue]HijackThis[/color] from [url=http://www.computercops.biz/downloads-file-328.html][u]here[/u][/url][/b] & unzip it into it's own, permanent folder, [color=red](Not a temporary folder or the desktop (in a …

Hi. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://websearch.drsnsrch.com/sidesearch.cgi?id=[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://websearch.drsnsrch.com/sidesearch.cgi?id=[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://websearch.drsnsrch.com/sidesearch.cgi?id=[/url] R0 - HKLM\Software\Microsoft\Internet …

Do you have an on board proxy like proxomitron? Found that it can play up with MSN.

Hi Lisa and welcome to Daniweb :). Hopefully you will be able to teach us a bit too :).

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. [color=blue]Scan with hijackthis and …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. [b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for …

Hi there. First of all you are running hijackthis from a temporary folder. The backups that hijackthis creates can be accidentally deleted when not in a permanent folder. Please do the following; Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, …

Please go [url=http://www.kaspersky.com/remoteviruschk.html][u]here[/u][/url] and have this file scanned. C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\server[1].exe

[b]Download [color=blue]HijackThis[/color] from [url=http://www.computercops.biz/downloads-file-328.html][u]here[/u][/url][/b] & unzip it into it's own, permanent folder, [color=red](Not a temporary folder or the desktop (in a folder on the desktop is fine) & not directly on your hard drive)[/color]. If you prefer an executable file, then download from [url=https://ssl.perfora.net/tools.radiosplace.com/HijackThis.exe][u]here.[/u][/url] If you have anything disabled in …

Hi there. First of all you are running hijackthis from a temporary folder. The backups that hijackthis creates can be accidentally deleted when not in a permanent folder. Please do the following; Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, …

Those are mostly MRU's (Most Recently Used) or folders etc that you have opened and can be deleted.

You cut off the top part of your log. Should have this; Logfile of HijackThis v1.98.2 Scan saved at 6:48:25 PM, on 11/23/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close …

1. [b]Download and install [color=blue][URL=http://computercops.biz/downloads-file-292.html] Ad-Aware SE,[/URL][/color][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware SE 3. Click on the[b]‘world’ [/b] icon at the top right of the Ad-Aware SE window and let AdAware SE …

Open Task Manager & end process on the following:[b] qedlace.exe [/b] Go to C:\WINDOWS\System32 and delete the file manually. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] O2 - BHO: (no name) …

[b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] and scrolling down to the uninstall tool. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 …

Hmmm. [url]http://www.theinquirer.net/?article=19801[/url]

Open Task Manager & end process on the following:[b] tapiap.exe [/b] Go to C:\WINDOWS\Help and delete the file manually. Your system is infected with the Virtumundo malware. Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip]Pocket KillBox[/url] Unzip the file to your desktop. Boot into Safe Mode: Restart your computer and as soon as it starts …

[b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] and scrolling down to the uninstall tool. [b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for Wintools removal instructions.[/b] [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. Looks like that log …

CTHELPER.EXE From sysinfo [quote]CTHELPER is a background task that is a plug-in manager for Creative drivers. The theory is that 3rd party manufacturers can use the CTHELPER plug-in interface to produce drivers, add-on features, and fixes that will integrate with a tighter fit with Creative’s sound drivers and utilities. Given …

Cannot see anything bad in that log. :(

Or you can go to [b]Start\Run[/b] and type in [b]msconfig[/b] and hit ok. Then go to the startup Tab and uncheck the entry there :).

Try this. Right click on your desktop and select NEW>FOLDER. Rename the folder to hijackthis. Go to where you currently have hijackthis.exe (the one that you used to create the log you posted) and instead of double clicking on it, just left click and hold down the mouse button. Drag …

Your last log looks ok, but this infection is known to return :evil: Download [url=http://www.downloads.subratam.org/CWShredder.exe]CWShredder v1.59.1[/url]. Save it to your desktop. Do not run it yet. We will run it later. Download the [url=http://securityresponse.symantec.com/avcenter/venc/data/backdoor.agent.b.removal.tool.html]Backdoor.Agent.B Removal Tool[/url] from Symantec. Follow Symantec's instructions for how to run it. Be sure to save …

[QUOTE=jbroad70]Hi All, I'm new here and have the same problem with the About:Blank homepage. Here is my Hijack This report. I also have been trying to delete an xxx toolbar in the add/delete progams file, but that's not working. Any help would be greatly appreciated. Thanks.[/QUOTE] Please do the following. …

[b]Download [color=blue]CWShredder[/color] from [url=http://computercops.biz/downloads-file-349.html][u]here[/u][/url] & run it.[/b] Select the [color=red]fix[/color] button & it will fix everything related to CoolWebSearch that is stored in it's database. Close [b]ALL[/b] windows, including Internet Explorer, before running CWShredder. [color=red]Reboot.[/color] To help prevent this from happening again, install the patches for the vulnerabilities that this …

[b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for Wintools removal instructions.[/b] Go to add\remove programs and remove [b]Windows AdControl[/b] You are running hijackthis from your desktop folder. The backups that hijackthis creates can be accidentally deleted when not in a permanent folder of it's own. Please do the following; Click My Computer, then C:\ …

[b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL [b]Reboot into safe mode[/b] following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] …

I get that 404 too on that site.

Where is it located? If it's in the system restore folder, no AV can deal with it. You will have to turn system restore off, run your AV, then switch back on again. [b]Reboot into safe mode[/b] following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & [b]clear out your Temporary internet files and other …

That is an incomplete log. When you have saved the log, highlight the entire text and copy it to clipboard. Paste it here when done. Make sure you have version 1.98.2 and that it is in a permanent folder. Click My Computer, then C:\ In the menu bar, File->New->Folder. That …

Same goes for me :) except I'm an old fart from Australia :mrgreen: . Enjoy.

This one should stop the pop-ups; O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll

Nothing bad there. Probably one of those Microsoft gremlins :). Every now and then this old PC of mine requests a password, even though I have set it to remember it.

[b]Download [color=blue]HijackThis[/color] from [url=http://www.computercops.biz/downloads-file-328.html][u]here[/u][/url][/b] & unzip it into it's own, permanent folder, [color=red](Not a temporary folder or the desktop (in a folder on the desktop is fine) & not directly on your hard drive)[/color]. If you prefer an executable file, then download from [url=https://ssl.perfora.net/tools.radiosplace.com/HijackThis.exe][u]here.[/u][/url] If you have anything disabled in …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. [color=blue]Scan with hijackthis and …

Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have C:\HJT\ folder. Put your HijackThis.exe there, and double click to run it. 1. [b]Download and install [color=blue][URL=http://computercops.biz/downloads-file-292.html] Ad-Aware SE,[/URL][/color][/b] keeping the …

[color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe Reboot and delete the dxsetu.exe file. What does this translate to? O4 - HKLM\..\Run: [[b]Taakcontrole[/b]] C:\WINDOWS\taskmon.exe Download and install …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. Open Task Manager & …

[color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://srch-us5.hpwis.com/[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://red.clientapps.yahoo.com/cus.../search/ie.html[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://red.clientapps.yahoo.com/cus...//www.yahoo.com[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search …

I see two nasties there. Bargain Buddy and Ebates. Those folders under uninstall are what is on your PC. We cannot see the entire list so you will have to go through them and see what is there.

I have split your post out to your own thread. Please do not tag on to other members threads. You will not get the required assistance and it is unfair to the original poster :). [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] to TrendMicro for an on-line scan & set it to autoclean for you. …

Now then. What did I tell you?? Open Task Manager & end process on the following:[b] ns.exe MiCr0s0ft.exe Microsoftx.exe[/b] Then go to C:\WINDOWS\System32 and delete them manually. [b][color=red]Close all (browser) windows & rescan with hijackthis.[/color][/b] When the scan is finished place a check in the box to the left of …