4,383 Posted Topics
 | Run [color=blue]Hijackthis[/color] and go to the [color=green]process viewer[/color] by going to Config, Misc Tools, Process Viewer, to unload all instances of the following running processes;[b] desbyhdw.exe [/b] Then go to C:\WINDOWS\system32 and delete the file manually. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then … |
| | Please go [url=http://virusscan.jotti.org/][u]here[/u][/url] and have this file scanned. C:\WINNT\system32\[b]msoffice.exe[/b] Delete if bad and fix the F3 entry in hijackthis. =============== Go to [b]Add/Remove programs[/b] and remove(uninstall) the following, if present: [b][color=#ff0000]Desktop Search[/color][/b] The above could appear anywhere within the entry. Be careful not to remove any [i]personal[/i] or [i]system[/i] software. …  |
| | Hi. You are running hijackthis from a temporary folder, can you please create a new folder anywhere other than in a temporary folder, then move hijackthis.exe into it and run it from there. Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. [color=red]Go offline until you have completed all … |
| | You have the latest version of VX2. Download L2mfix from one of these two locations: [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url] Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double … |
| | FesselAJ, Hi! and welcome to the [your forum] forums. =============== Go to [url=http://www.trendmicro.com/en/home/us/enterprise.htm]www.trendmicro.com[/url], and then: 1. Click "[b][i]Free Online Scan[/i][/b]". 2. Click "[b][i]Scan now, it's free[/i][/b]". It'll take a few minutes to download (especially with a dialup connection), so be patient. When it's down: 1. Select all available drives. 2. … |
| | Re: New Log bubulchis, Hello! and welcome to the Daniweb forums. =============== Download, then unzip to "[b]C:\HJT[/b]", the newest version of [url=http://www.spywareinfo.com/~merijn/files/hijackthis.zip]HiJackThis[/url]; [i]version 1.99.1[/i]. Then repost your log, either now, or after following the steps in the solution ([i]if provided in this post[/i]). [color=#ff0000][i]This version has features that might be more helpful in …  |
| | nuclearian, Hello! and welcome to the Daniweb forums. =============== Run the PurityScan [url=http://www.purityscan.com/uninstall.html][u]uninstaller.[/u][/url] =============== Go to [url=http://www.trendmicro.com/en/home/us/enterprise.htm]www.trendmicro.com[/url], and then: 1. Click "[b][i]Free Online Scan[/i][/b]". 2. Click "[b][i]Scan now, it's free[/i][/b]". It'll take a few minutes to download (especially with a dialup connection), so be patient. When it's down: 1. Select … |
| | buckhuckle, Hello! and welcome to the Daniweb forums. =============== Let's look for, and delete, any program segments([i]prefetches[/i]) that might be present, and are associated with the '[i]problems[/i]' we're trying to remove from this system. To do this, let's: 1) Click "[b][i]Start | Search[/i][/b]", then search for each of these program's … |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then [b][color=red]close all browser and explorer windows[/color][/b] and hit the "Fix checked" button.[/color] O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - [url]http://static.windupdates.com/cab/D.../bridge-c11.cab[/url] [b]Blazefind Windupdates Adware[/b] Download, install and keep updated, [color=blue][b]Spywareblaster[/b][/color] from [url]www.javacoolsoftware.com[/url] to help keep your system clean. |
| | Kasaj, Hi! and welcome to the Daniweb forums. =============== Before we begin, let's move [b]HiJackThis[/b] to it's own folder; like [b]c:\HJT[/b]. When we're done '[i]cleaning[/i]' off your system, we're going to '[i]flush[/i]' the temporary folders which, with [b]HiJackThis[/b] [color=#ff0000][i]in it's current location, we'll lose both the program and the backups … |
| | CiscoJP, Hello! and welcome to the Daniweb forums. =============== Run [b]HiJackThis[/b] and click "[b][i]Scan[/i][/b]", then check(tick) the following, if present: [color=#9933cc][b] N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Jason Stroming\Application Data\Mozilla\Profiles\default\u87squkn.slt\prefs.js) [/b][/color] Now, with all windows closed except [b]HiJackThis[/b], click "[b][i]Fix checked[/i][/b]". =============== When your done, rescan your system … |
| | Please go [url=http://computercops.biz/postt106277.html][u]here[/u][/url] for the instructions on how to remove the Bube.d (aka Win32.Beavis) Removal [isrvs] infection. Once done, repost a new log here and we will finish off the clean up. |
| | Mechlsd, Hi! and welcome to the Daniweb forums. =============== Let's look for, and delete, any program segments([i]prefetches[/i]) that might be present, and are associated with the '[i]problems[/i]' we're trying to remove from this system. To do this, let's: 1) Click "[b][i]Start | Search[/i][/b]", then search for each of these program's … |
| | You also need to fix these with hijackthis, then delete the C:\WINDOWS\[b]IEXPLOR.EXE[/b] file after. O4 - HKLM\..\Run: [C:\WINDOWS\IEXPLOR.EXE] C:\WINDOWS\IEXPLOR.EXE O4 - HKLM\..\Run: [AtxBrw] C:\WINDOWS\IEXPLOR.exe |
| | algismorales. Please follow the below link and follow exactly the instuctions given there. Once you have done that, reboot and post another log here and we will finish the clean up :D. [url]http://www.broadbandreports.com/forum/remark,12688162~mode=flat[/url] |
| | [b]Download [color=blue]CWShredder[/color] from [url=http://computercops.biz/downloads-file-349.html][u]here[/u][/url] & run it.[/b] Select the [color=red]fix[/color] button & it will fix everything related to CoolWebSearch that is stored in it's database. Close [b]ALL[/b] windows, including Internet Explorer, before running CWShredder. [color=red]Reboot.[/color] To help prevent this from happening again, install the patches for the vulnerabilities that this … |
| | Hi and welcome to Daniweb gusfaz. ============== [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then [b][color=red]close all browser and explorer windows[/color][/b] and hit the "Fix checked" button.[/color] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.hotoffers.info/278/[/url] ============== Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your … |
| | Do you have the FkWare version of SysMon or other third party Sysmon Applications? [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] to TrendMicro for an on-line scan & set it to autoclean for you. When it completes, post back the full filename of any files that cannot be cleaned or deleted. Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan at …  |
| | You are going to love this (not), but you are running hijackthis from a temporary folder. Please move it into a folder that you have just created in a permanent location, such as C:\Program Files\hijackthis\hijackthis.exe and when done post back a new log. [b]Clear out your Temporary internet files and … |
| | What have you done with all the infected files from post #3? They all need to be deleted. The system restore can probably wait until you are clean as the only way the ones in the restore folder can affect your PC is if you [b]do[/b] a system restore :). …  |
| | If you can still see that program in add removes, do this too; Click Start > Run > Type or copy & paste regedit. The registry editor will open. Then go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall and delete the offending entry in the right hand pane. |
| | Hi thehosley. =============== Download, unzip to your desktop [url=http://www.intermute.com/spysubtract/cwshredder_download.html]CWShredder[/url] and run it, then: 1. Click "[b][i]Check For Update[/i][/b]" ([i]If an update isn't available, skip to step #4.[/i]) 2. Click "[b][i]Click here to Download the upate[/i][/b]". 3. When the new version has been downloaded, click "[b][i]Save[/i][/b]". 4. Click "[b][i]Fix ->[/i][/b]" =============== … |
 | This can be fixed without a reformat. You have hijackthis in a temp folder though and I much rather you had it in a permanent one. Can you create a folder and drag the HJT executable into that folder. Rescan and repost the log please. |
| | Hi foxkueh. =============== We'll need to unload [b]Spybot's Teatimer[/b] before we begin. To do this, right-click on the icon in the quick launch toolbar at the bottom on the screen, then select "[b][i]Exit[/i][/b]". =============== Download the newest version of [url=http://www.malwareremoval.com/downloads.html]HiJackThis[/url]; [i]version 1.99.1[/i]. Then repost your log, either now, or after … |
| | Hi shahss. DMR has requested that I take a quick peek at your problem. First up we will need to rid you of the VX2 infection. Download L2mfix from one of these two locations: [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url] Save the file to your desktop and double click l2mfix.exe. Click the Install button … |
| | i and welcome to Daniweb jesse_1012. [b]Clear out your Temporary internet files and other temp files. Go to Start > Settings > Control Panel >Internet Options.[/b] Under the General tab click the Delete temporary internet files, delete all Offline content as well. Clear out Cookies. Also, go to [b]Start > … |
| | Hi and welcome to Daniweb sfc20687. Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. Run Pocket Killbox and paste the full file path of each of the below files in the box and click on Standard File Kill and End Explorer Shell While Killing File. Click on the … |
| | Sorry nobody got back to you. We are all volunteers here and sometimes something get's missed :). As you have been deleting things since your log was posted, can you reboot and scan with hijackthis and post that log. Go [url=http://www.silentrunners.org/]here[/url] and download and run [color=blue]Silent Runners.vbs.[/color] It generates a … |
| | Hi and welcome to Daniweb patentleather11. =============== When we're done cleaning off your system, i'd [b]recommend[/b] that you install all the [color=#ff0000][b][i]critical windows updates[/i][/b][/color] available from [b]Microsoft[/b], upto [i]service pack 1[/i]. This will help to make your system more secure and prevent many '[i]problems[/i]' from reoccuring in the future. =============== … |
| | Re: Spyware troubles Hi and welcome to Daniweb Zephyr. =============== Download LSPFix and unzip to your desktop, then run it. Now, we need to: 1. check(tick) "I know what i'm doing". 2. click on (highlight) each occurance of the following, one at a time: fltmgr.dll 3. then click ">>", mo'ing each one, individually, … |
| | Scuse me Caperjack. galtg has the horse server infection. Can you do the following please. First, download HSFix from [url=http://www.atribune.org/downloads/HSFix.zip]here.[/url] After it is downloaded, create a new folder on your desktop called "HSFix" and extract all the files into the newly created folder. [b]Reboot into safe mode[/b] following the instructions … |
| | Hi Fitzad. =============== Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. Run Pocket Killbox and paste the full file path of each of the below files in the box and click on Standard File Kill and End Explorer Shell While Killing File. Click on the button with the … |
| | Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. Run Pocket Killbox and paste the full file path of each of the below files in the box and click on Standard File Kill and End Explorer Shell While Killing File. Click on the button with the red circle and … |
| | Hi and welcome to Daniweb falcon123. - We'll need to disable [b]AdAware's [i]AdWatch[/i][/b], since it might interfere with other program(s) we might be using to 'clean' off your system; you can re-enable it after we're done. To disable this feature, run Run [b]AdAware SE[/b], then: 1. Click "[b][i]AdWatch[/i][/b]". 2. Click … |
| | [b]Download [color=blue]moveonboot[/color][/b] from [url=http://www.webattack.com/get/moveonboot.html][u]here[/u][/url] & the file(s) you choose will be deleted on reboot. MoveOnBoot allows you to copy, move or delete files on the next system boot. This comes in very handy, if you need to replace or delete files which are locked by other applications, loaded into memory … |
| | Try putting it in your trusted zone in Internet Options. |
| | Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. Run Pocket Killbox and paste the full file path of each of the below files in the box and click on Standard File Kill and End Explorer Shell While Killing File. Click on the button with the red circle and … |
| | Try doing a system restore back to a point before the problem occurred. |
| | Answering here [url]http://www.daniweb.com/techtalkforums/thread20032.html[/url] |
| | Hi and welcome to Daniweb MarkWaugh. How is Steve? =============== Run [b]HiJackThis[/b] and click "[b][i]Scan[/i][/b]", then check(tick) the following, if present: [color=#9933cc][b] O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present [/b][/color] ...[color=#ff0000](Unless you've set these with a anti-spyware program like [b]SpyBot's[/b] [i]Immunize[/i] feature, have [b]HiJackThis[/b] fix this.)[/color] [color=#9933cc][b] O16 - DPF: {11111111-1111-1111-1111-111191113457} … |
| | 1. [b]Download and install [URL=http://www.lavasoftusa.com/software/adaware/][color=blue] Ad-Aware SE,[/color][/URL][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware SE 3. Click on the[b]‘world’ [/b] icon at the top right of the Ad-Aware SE window and let AdAware SE … |
| | Hi and welcome to DaniWeb on2dvd. That is a Clean log. |
| | Hi and welcome unabobber. =============== Let's look for, and delete, any program segments([i]prefetches[/i]) that might be present, and are associated with the '[i]problems[/i]' we're trying to remove from this system. To do this, let's: 1) Click "[b][i]Start | Search[/i][/b]", then search for each of these program's [i]base name(s)[/i], in all … |
| | Download the [url=http://www.bleepingcomputer.com/files/spyware/KillBox.zip][color=blue]Pocket KillBox[/color][/url] Unzip the file to your desktop. Run Pocket Killbox and paste the full file path of each of the below files in the box and click on Standard File Kill and End Explorer Shell While Killing File. Click on the button with the red circle and … |
| | [QUOTE]i used killbox the way you said crunchie (did you write that proggie?)[/QUOTE] I wish :D. I am but a humble heavy duty fitter who works on crushing equipment for a mining company :D. Pretty far removed from program writing, but thanks anyway's. |
| | Re: Major Issues 1. [b]Download and install [URL=http://www.lavasoftusa.com/software/adaware/][color=blue] Ad-Aware SE,[/color][/URL][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware SE 3. Click on the[b]‘world’ [/b] icon at the top right of the Ad-Aware SE window and let AdAware SE … |
| | [b]Reboot into safe mode[/b] following the instructions [url=http://www.xtra.co.nz/help/0,,6156-1377929,00.html][u]here[/u][/url] and [b]Clear out your Temporary internet files and other temp files. Go to Start > Settings > Control Panel >Internet Options.[/b] Under the General tab click the Delete temporary internet files, delete all Offline content as well. Clear out Cookies. Also, go … |
| | With the new hijackthis log, please post another log from silent runners. There is a file that reinstalls this infection that hijackthis cannot see. Make sure that you post the entire log. Go [url=http://www.silentrunners.org/]here[/url] and download and run [color=blue]Silent Runners.vbs.[/color] It generates a log, please post the information back in … |
 | [QUOTE=caperjack]its you !LOL, i started using it again new version and it doesn't seem any slower . i like the multiple homepage feature ,i opened 5 of my most use sites in 5 different tabs ,go to tools option and set home page to current page and it sets all … |
| | Am working on this now. Will not be long :). |
The End.