4,383 Posted Topics
 | [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised … |
| | Run [b]HiJackThis,[/b] click "[b][i]Scan[/i][/b]", then check(tick) the following, if present: [b] O2 - BHO: (no name) - {EA15FA6B-EB9F-C0CB-3D91-8708FA5BC5AF} - C:\DOCUME~1\Kurt\APPLIC~1\ACIDGR~1\program mapi.exe [/b] [b] O4 - HKLM\..\Run: [ViewAcidMessBalm] C:\Documents and Settings\All Users\Application Data\real phone view acid\jump bin.exe [/b] Now, close [b]all[/b] instances of Internet Explorer and any other windows you have …  |
| | If you want to you can also create a folder on your desktop & place the hijackthis.exe in to that folder. Right click on your desktop then select: New then Folder. Name it hijackthis. As long as hijackthis is in it's own folder, it's ok (provided that the folder is … |
| | Simply the best browser is now free. Click the link in my signature to download it. |
 | Hi. Sorry for the delay, been getting my beauty sleep :cheesy: . Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked' : O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} … |
 | Re: barbara Hi. You are running hijackthis from a temporary folder. You need to create a new folder in a permanent directory of your choice, (a folder on the desktop is fine) name the new folder [b]hijackthis[/b] and move or unzip hijackthis.exe into that folder. Once you have done that, rescan with … |
| | Roper, hi and welcome to Daniweb :). == Download [b]CWShredder 2.15[/b] from [url=http://www.intermute.com/products/cwshredder.html][u]here.[/u][/url] Run it and press the *fix,* not scan and allow it to clean the infection. [b]Close all browser and explorer windows before hitting the fix button.[/b] =============== Please download the trial version of Ewido Security Suite here: … |
| | First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. If not listed there, run this uninstaller: [url]http://members.rogers.com/rjmac/new_uninstall.exe[/url] |
| | [b]Download [color=blue]HijackThis[/color] [b][color=red][SIZE=3]self-extracting[/SIZE][/color][/b] zip version from [url=http://www.malwareremoval.com/downloads.html][u]here.[/u][/url][/b] Once downloaded, double click on the file & it will install into it's own, permanent folder. Start HJT & press the "Do a system scan and save a log file" button. When the scan is finished a window will pop up giving you … |
| | Download L2mfix from one of these two locations: [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url] Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for … |
| | 1. [b]Download and install [URL=http://www.lavasoftusa.com/software/adaware/][color=blue] Ad-Aware SE,[/color][/URL][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware SE 3. Click on the[b]‘world’ [/b] icon at the top right of the Ad-Aware SE window and let AdAware SE … |
| | You have some entries there that need removing. =============== Let's look for, and delete, any program segments ([i]prefetches[/i]) that might be present, and are associated with the '[i]problems[/i]' we're trying to remove from your PC. To do this, let's: 1) Click "[b][i]Start | Search[/i][/b]", then search for each of these … |
| | Download L2mfix from one of these two locations: [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url] Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for … |
| | Re: tinkopal popup You have some entries there that need removing. =============== Run [b]HiJackThis[/b] then: 1. Click "[b][i]Open the Misc Tools Section[/i][/b]" 2. Click "[b][i]Open Process manager[/i][/b]" - Next, while holding down the [b]CTRL[/b] key, locate ([i]if present[/i]) and click on ([i]highlight[/i]) each of the following: [b]C:\WINDOWS\SYSTEM\MSCJPZD.EXE[/b] Now double-check and make sure that … |
| | Hi. Welcome to the Daniweb forums :). You are running hijackthis from a temporary folder. You need to create a new folder in a permanent directory of your choice, (a folder on the desktop is fine) name the new folder [b]hijackthis[/b] and move or unzip hijackthis.exe into that folder. Once …  |
 | Please post another log and update about buster as we will use both together. |
| | Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked' : R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R3 - Default URLSearchHook is missing O2 … |
| | Re: WinFixer 2005 Thanks Shane, but MS will not get this one :). ===================== Please print these instructions out for use in Safe Mode. Please download [url=http://www.atribune.org/downloads/VundoFix.exe][b]VundoFix.exe[/b][/url] to your desktop.[list] [*]Double-click [b]VundoFix.exe[/b] to extract the files [*]This will create a [b]VundoFix[/b] folder on your desktop. [*]After the files are extracted, please reboot your … |
| | Re: Upqtquws But we here recommend these first :D; [url]http://www.daniweb.com/techtalkforums/thread28196.html[/url] [url]http://www.daniweb.com/techtalkforums/thread27570.html[/url] Nice link though chrisbliss18 :) |
| | You have some entries there that need removing. =============== Open a [b]command prompt[/b] by going to the start menu and then select 'Run'. In the box that pops up type in 'cmd'. The command prompt will open. OR You can go to Start -> Programs -> Accessories -> Command Prompt. … |
| | It does not look like you ran option #2 in VX2 fix. Close any programs you have open since this step requires a reboot. From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing enter, then press … |
| | Please download miekiemoes' LQfix batch here: [url]http://www.downloads.subratam.org/LQfix.zip[/url] Unzip it to the desktop but do NOT run it yet. It may be best to to right click on the link and select 'Save As' and save it to your desk top. Next, please reboot your computer in Safe Mode by doing … |
| | raphaeln, Hi and welcome to the Daniweb forums :). =============== Download, then unzip to "[b]C:\HJT[/b]", the newest version of [url=http://www.spywareinfo.com/~merijn/files/hijackthis.zip]HiJackThis[/url]; [i]version 1.99.1[/i]. Then repost your log, either now, or after following the steps in the solution ([i]if provided in this post[/i]). [color=#ff0000][i]This version has features that might be more helpful … |
| | Thread closed. Being assisted here; <a href="http://www.daniweb.com/techtalkforums/thread32142.html" rel="nofollow">http://www.daniweb.com/techtalkforums/thread32142.html</a> |
| | |
| | Hi and welcome to Daniweb forums :). Please print these instructions out for use in Safe Mode. Please download [url=http://www.atribune.org/downloads/VundoFix.exe][b][color=red]VundoFix.exe[/color][/b][/url] to your desktop.[list] [*]Double-click [b]VundoFix.exe[/b] to extract the files [*]This will create a [b]VundoFix[/b] folder on your desktop. [*]After the files are extracted, please reboot your computer into [b]Safe Mode[/b]. … |
| | cermak10, Hi and welcome to the Daniweb forums :). =============== Please visit at least two of the following sites for an online virus scan: BitDefender Free Online Virus Scan [url]http://www.bitdefender.com/scan/licence.php[/url] Make sure you tick [b]AutoClean[/b] under [b]Scan Options.[/b] Panda ActiveScan [url]http://www.pandasoftware.com/activescan/com/activescan_principal.htm[/url] Make sure you tick [b]Disinfect automatically[/b] under [b]Scan Options.[/b] … |
| | Re: winstyle2.dll Cannot see anything. Please visit at least two of the following sites for an online virus scan: BitDefender Free Online Virus Scan [url]http://www.bitdefender.com/scan/licence.php[/url] Make sure you tick [b]AutoClean[/b] under [b]Scan Options.[/b] Panda ActiveScan [url]http://www.pandasoftware.com/activescan/com/activescan_principal.htm[/url] Make sure you tick [b]Disinfect automatically[/b] under [b]Scan Options.[/b] Housecall at TrendMicro [url]http://housecall.trendmicro.com/housecall/start_corp.asp[/url] Make sure you … |
| | Click [url=http://www.geekstogo.com/modules.php?modid=5&action=download&id=4]here[/url] to download Killbox by Option^Explicit. *Extract the program to your desktop and double-click on its folder, then double-click on Killbox.exe to start the program. *In the killbox program, select the [b]Delete on Reboot[/b] option. *Copy the file names below to the clipboard by highlighting them and pressing Control-C: … |
| | My apologies ! !. I made an error of judgement and will be more careful with my editing in future :). |
| | Downloading cracks etc will soon load you up too. |
| | MrKim, hi and welcome to Daniweb :). == Download and run blacklite F-Secure Blacklight: [url]http://www.f-secure.com/blacklight/try.shtml[/url] leave [X]scan through windows explorer checked, click > scan then > next, If any items show, have blacklite rename them except for wbemtest.exe" [b]Do not rename "wbemtest.exe" its a windows file.[/b] The tool will ask … |
| | Have a read here [url]http://www.daniweb.com/techtalkforums/thread17906.html[/url] |
| | The thing that you [b]must[/b] do is update to IE 6 with Service Pack 1. That may well cure it. Have you tried installing FireFox to see if you can surf OK? |
| | Re: bling.exe Adaware's Adwatch has probably reinstated those values. Disable it and remove those keys again. If still no luck, uninstall Adaware and try again. |
| | Hi and welcome to Daniweb forums :). == Download L2mfix from one of these two locations: [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url] Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. … |
| | Hi and welcome to Daniweb :). First up, in my signature I request that [b]all[/b] members post for help here in the public forums, not through PM. I ask that you respect that :). == We need to remove(uninstall) the 'lop' infection by going to [url=http://66.220.17.157/help.html]here[/url], then downloading and running … |
| | Re: IE hijacked Jessykah. Can you please do a system restore to just before you made the above changes. Once done, please post an hijackthis log and we will recommence your repairs :). Here is how to do it; [url]http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx[/url] |
| | Run hijackthis and go to misc tools\delete a file on reboot and enter the full path to the file. [b]C:\WINDOWS\DownloadedProgramFiles\CONFLICT.1\GainPlugin.dll[/b] Reboot on request. |
| | Ran a log through [the scanner](www.hijackthis.de) and these are the results: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.flhrhdisywxtypjrrhipzzo....mBaXrZ8OdK1.php Safe. This page has been identified as safe. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ggqtkweturoedmnnqgrlvj.i...E96VBQZoo4.html Safe. This page has been identified as safe. Both these entries are from a LOP infection, but … |
| | joeman3285. If you decide to download hijackthis, we prefer that you post the log here for analysis. I do not recommend using automated online scanners for hijackthis logs. |
| | Please download miekiemoes' LQfix batch here: [url]http://www.downloads.subratam.org/LQfix.zip[/url] Unzip it to the desktop but do NOT run it yet. It may be best to to right click on the link and select 'Save As' and save it to your desk top. Next, please reboot your computer in Safe Mode by doing … |
| | Please visit at least two of the following sites for an online virus scan: BitDefender Free Online Virus Scan [url]http://www.bitdefender.com/scan/licence.php[/url] Make sure you tick [b]AutoClean[/b] under [b]Scan Options.[/b] Panda ActiveScan [url]http://www.pandasoftware.com/activescan/com/activescan_principal.htm[/url] Make sure you tick [b]Disinfect automatically[/b] under [b]Scan Options.[/b] Housecall at TrendMicro [url]http://housecall.trendmicro.com/housecall/start_corp.asp[/url] Make sure you tick [b]Auto Clean.[/b] … |
| | Hi. Welcome to the Daniweb forums :). You are running hijackthis from a temporary folder. You need to create a new folder in a permanent directory of your choice, (a folder on the desktop is fine) name the new folder [b]hijackthis[/b] and move or unzip hijackthis.exe into that folder. == … |
 | You need to disable or even uninstall, Adaware's Adwatch and M$ Antispyware. These programs do not discriminate when the registry is trying to be altered. They simply either prevent the change, or reinstate the previous settings :). |
 | Re: Hijackthis log You have some entries there that need removing. =============== We need to remove(uninstall) the 'lop' infection by going to [url=http://66.220.17.157/help.html]here[/url], then downloading and running the uninstaller(s) that relate to the application(s) your wanting to remove. The following selections are available: "[b][color=#ff0000]Start page[/color][/b]", "[b][color=#ff0000]Search engine[/color][/b]", "[b][color=#ff0000]Accessories Toolbar[/color][/b]". =============== Run [b]HiJackThis,[/b] click … |
| | Download and run blacklite F-Secure Blacklight: [url]http://www.f-secure.com/blacklight/try.shtml[/url] leave [X]scan through windows explorer checked, click > scan then > next, If any items show, have blacklite rename them except for wbemtest.exe" Do not rename "wbemtest.exe" its a windows file. The tool will ask if you want to reboot, (restart) choose yes. … |
| | [QUOTE=ddtredskull]just type your homepage address and hit apply !!![/QUOTE] Not for this one :). |
| | Re: spyware You may want to read this too; [url]http://www.daniweb.com/techtalkforums/thread27519.html[/url] |
| | Thanks for the link, but these tools are nowhere near as affective or accurate as the personal touch :). |
The End.