4,383 Posted Topics
 | Hi. You are running hijackthis from a temporary folder, can you please download the self-extracting zip version from [url=http://www.malwareremoval.com/downloads.html]here.[/url] Uninstall the other version first, then manually delete the file. |
| | Re: Hijackthis log Hi. You are running hijackthis from a temporary folder, can you please download the self-extracting zip version from [url=http://www.malwareremoval.com/downloads.html]here.[/url] Uninstall the other version first, then manually delete the file. Or you can just move hijackthis into it's own, permanent folder. [b]Clear out your Temporary internet files and other temp files. … |
 | Download and run Winsockfix from here [url]http://www.softpedia.com/progDownlo...load-15337.html[/url] |
| | Looking now. Will not be long.  |
| | Run [color=blue]Hijackthis[/color] and go to the [color=green]process viewer[/color] by going to Config, Misc Tools, Process Viewer, to unload all instances of the following running processes;[b] C:\WINDOWS\svchost.exe C:\Documents and Settings\Greg\Menu Démarrer\Programmes\Démarrage\winupdate87741453[1].exe C:\WINDOWS\TEMP\q1272325.exe [/b] [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then [b][color=red]close all browser and … |
| | Re: kon4ay..... Hi shawndo. Caperjack seems to be offline, so I will fill in for him. =============== Run [b]HiJackThis[/b] then: 1. Click "[b][i]Config...[/i][/b]" 2. Click "[b][i]Misc Tools[/i][/b]" 3. Click "[b][i]Open Process manager[/i][/b]" - Next, while holding down the [b]CTRL[/b] key, locate ([i]if present[/i]) and click on ([i]highlight[/i]) each of the following: [b][color=#000000]C:\[/color][color=#ff0000]Q92194.exe[/color][/b] … |
| | Hi Nashii and welcome to Daniweb. =============== Go to [url=http://www.trendmicro.com/en/home/us/enterprise.htm]www.trendmicro.com[/url], and then: 1. Click "[b][i]Free Online Scan[/i][/b]". 2. Click "[b][i]Scan now, it's free[/i][/b]". It'll take a few minutes to download (especially with a dialup connection), so be patient. When it's down: 1. Select all available drives. 2. Check(tick) "[b][i]Auto Clean[/i][/b]". … |
| | Hi. First of all you need to update hijackthis to version 1.99.1. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.malwareremoval.com/downloads.html][u]here[/u][/url] and download the selfextracting zip version. Remove the old version by opening the program, going to config\misc tools, then uninstall & … |
| | [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of "dolsp.dll" [b](and nothing else),[/b] and move them to the "Remove" pane. Then click Finish. Uninstall Mywebsearch and P2P Networking from add/remove programs. Run [color=blue]Hijackthis[/color] and go to the [color=green]process viewer[/color] … |
| | Wait for the [b]real[/b] season. They are not called the blues for nothing. :mrgreen: |
| | Hi ReaperVelle. Run HiJackThis and click "Scan", then check(tick) the following, if present: O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present ...(Unless you've set these with a anti-spyware program like SpyBot's Immunize feature, have HiJackThis fix this.) O17 - HKLM\System\CCS\Services\Tcpip\..\{1C4D73FF-9BF3-4511-B887-6DD5E39DA985}: NameServer = 66.189.0.29,66.189.0.30,66.189.132.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{1C4D73FF-9BF3-4511-B887-6DD5E39DA985}: NameServer = 66.189.0.29,66.189.0.30,66.189.132.4 ...(Verify that these … |
| | Hi stucklikechuck. =============== Before we begin, let's move [b]HiJackThis[/b] to it's own folder; like [b]c:\HJT[/b]. When we're done '[i]cleaning[/i]' off your system, we're going to '[i]flush[/i]' the temporary folders which, with [b]HiJackThis[/b] [color=#ff0000][i]in it's current location, we'll lose both the program and the backups it creates. These backups are important … |
| | Hi Unlimited. - When we're done cleaning off your system, i'd recommend that you install all the critical windows updates available from Microsoft, upto service pack 1. This will help to make your system more secure and prevent many 'problems' from reoccuring in the future. =============== Download, unzip to your … |
| | Hi Seaner. =============== Now, let's open a [b]command prompt[/b] and unregister the dll(s) we're going to remove, by entering the following: [b][color=#000099]regsvr32 /u[/color] [color=#ff0000]POPUP_BL.DLL[/color][/b] It's ok, if these aren't found or 'error' out. If you want, just copy and paste the individual lines to the command prompt to save on … |
 | |
| | Hello! and welcome to the forums x_mp_femme. - The version of Internet Explorer your currently using is out of date, and should be upgraded as soon as possible. =============== Go to [url=http://www.trendmicro.com/en/home/us/enterprise.htm]www.trendmicro.com[/url], and then: 1. Click "[b][i]Free Online Scan[/i][/b]". 2. Click "[b][i]Scan now, it's free[/i][/b]". It'll take a few minutes … |
| | The bottom part of silent runners log is missing. Please repost the complete log. |
| | Go to [b]Add/Remove programs[/b] and remove(uninstall) the following, if present: [b][color=#ff0000]Messenger Plus! 3[/color][/b] [b][color=#ff0000]MessengerPlus[/color][/b] The above could appear anywhere within the entry. Be careful not to remove any [i]personal[/i] or [i]system[/i] software. If you installed it without the sponsor, then skip that bit. =============== Run [b]HiJackThis[/b] then: 1. Click "[b][i]Config...[/i][/b]" …  |
| | Hi Olly. - When we're done cleaning off your system, i'd [b]recommend[/b] that you install all the [color=#ff0000][b][i]critical windows updates[/i][/b][/color] available from [b]Microsoft[/b], upto [i]service pack 1[/i]. This will help to make your system more secure and prevent many '[i]problems[/i]' from reoccuring in the future. =============== Run [b]HiJackThis[/b] and click … |
| | Hi and welcome BigW/ =============== Let's look for, and delete, any program segments([i]prefetches[/i]) that might be present, and are associated with the '[i]problems[/i]' we're trying to remove from this system. To do this, let's: 1) Click "[b][i]Start | Search[/i][/b]", then search for each of these program's [i]base name(s)[/i], in all … |
| | Hi spadbal. - We'll need to unload [b]Spybot's Teatimer[/b] before we begin. To do this, right-click on the icon in the quick launch toolbar at the bottom on the screen, then select "[b][i]Exit[/i][/b]". =============== Run [b]HiJackThis[/b] then: 1. Click "[b][i]Config...[/i][/b]" 2. Click "[b][i]Misc Tools[/i][/b]" 3. Click "[b][i]Open Process manager[/i][/b]" - … |
| | 1. [b]Download and install [URL=http://www.lavasoftusa.com/software/adaware/][color=blue] Ad-Aware SE,[/color][/URL][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware SE 3. Click on the[b]‘world’ [/b] icon at the top right of the Ad-Aware SE window and let AdAware SE … |
| | Please go to [url]http://computercops.biz/postt106277.html[/url] and follow Calamity Janes instructions for this removal. Once you are done, post back here with the results please. So far that is the only known way to cure this. |
| | If I were you I would reboot, rescan with hijackthis and post that log. You have other nasties on there that need to go and the uninstaller may have given you more. |
| | Run [color=blue]Hijackthis[/color] and go to the [color=green]process viewer[/color] by going to Config, Misc Tools, Process Viewer, to unload all instances of the following running processes;[b] C:\WINDOWS\system32\xpsp2fw.exe C:\WINDOWS\System32\govpefx.exe [/b] Once stopped, delete those files manually. There is more to do but unfortunately hijackthis is in a Temp folder. Please move it … |
| | Run Spybot again and use the recovery option to reinstate whatever was removed. |
| | Re: virus again??? Download [url=http://www.bleepingcomputer.com/files/aboutbuster.php][color=blue]about:Buster[/color][/url] and unzip it to your Desktop. Doubleclick on AboutBuster.exe to run it and then click on Update > Check for Update. If there is an update available, click on 'Download Update and wait while it downloads. Once downloaded, click on Exit. When you have done this, boot into … |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then [b][color=red]close all browser and explorer windows[/color][/b] and hit the "Fix checked" button.[/color] O2 - BHO: CDownCom Class - {031B6D43-CBC4-46A5-8E46-CF8B407C1A33} - C:\WINDOWS\Downloaded Program Files\ipreg32.dll (file missing) O2 - BHO: IE HELP - {54F8C0E2-34F9-474F-B47F-2CFCFE2300A2} - C:\WINDOWS\system32\IMULiver.dll O3 - … |
| | with your useless AOL disks: [url]http://www.nomoreaolcds.com/index.htm[/url]  |
| | Re: Just joined Welcome Steve :). Good to have you here. Hope that you enjoy what Daniweb has to offer.  |
 | If you do not have the beta version of spybot, then you have the final version, so you can download the fix :). |
| | That active X can safely be deleted. It will be reinstalled the next time needed. Your Adaware version may be out of date, so please do the folowing; 1. [b]Download and install [URL=http://www.lavasoftusa.com/software/adaware/][color=blue] Ad-Aware SE,[/color][/URL][/b] keeping the default options. [b]However, some of the settings will need to be changed before … |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then [b][color=red]close all browser and explorer windows,[/color][/b] and hit the "Fix checked" button.[/color] O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1031.dll,InstantAccess O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - [url]http://akamai.downloadv3.com/binari...netslv32_EN.cab[/url] Reboot … |
| | Once you have moved hijackthis, please do the following; [b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for Wintools removal instructions.[/b] You have the latest version of VX2. Download L2mfix from one of these two locations: [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url] Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the … |
| | Turnip. This is an appropriate place to post :D. That is why this forum was set up in the first place, to help people who are having problems. Personally I do not trust the online hijackthis log scanners as they do not give enough direction and have too many false … |
| | Run [color=blue]Hijackthis[/color] and go to the [color=green]process viewer[/color] by going to Config, Misc Tools, Process Viewer, to unload all instances of the following running processes;[b] C:\WINDOWS\system\nnqqxeqs.exe [/b] Go to C:\WINDOWS\system and delete the file manually. |
| | [b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] and scrolling down to the uninstall tool. [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of "winlspak.dll" [b](and nothing else),[/b] and move them … |
 | OurNation. Where did you unearth this one from :). 25/02/2004 :D. |
| | After you have got through doing that; You have the latest version of VX2. Download L2mfix from one of these two locations: [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url] Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly … |
| | What operating system do you have? Please reply before doing the following; [b]Reboot into safe mode[/b] following the instructions [url=http://www.xtra.co.nz/help/0,,6156-1377929,00.html][u]here[/u][/url] and [b]Clear out your Temporary internet files and other temp files. Go to Start > Settings > Control Panel >Internet Options.[/b] Under the General tab click the Delete temporary internet … |
| | [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] to TrendMicro for an on-line scan & set it to autoclean for you. When it completes, post back the full filename of any files that cannot be cleaned or deleted. Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan at Panda as well.[/b] 1. [b]Download and install [URL=http://www.lavasoftusa.com/software/adaware/][color=blue] Ad-Aware SE,[/color][/URL][/b] keeping the default options. … |
| | Internet options/advanced there is an option for IE tp play video from the net. Uncheck that & see if media player is then chosen. Also, the movie that you are selecting may not be in media player format. |
| | Hi. First of all you need to update hijackthis to version 1.99.1. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.degs.co.uk/files/hijackthis.exe][u]here.[/u][/url] Remove the old version by opening the program, going to config\misc tools, then uninstall & exit. You then have to delete … |
| | First of all, hijackthis will remove from the registry those 04 entries that need removing. Second, do a system search for those files and delete them. Fixing the reg entries does [b]not[/b] remove the files. Go [url=http://www.silentrunners.org/]here[/url] and download and run [color=blue]Silent Runners.vbs.[/color] It generates a log, please post the … |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then [b][color=red]close all browser and explorer windows,[/color][/b] and hit the "Fix checked" button.[/color] O2 - BHO: Setup.Setup1 - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll [b]Reboot into safe mode[/b] following the instructions [url=http://www.xtra.co.nz/help/0,,6156-1377929,00.html][u]here[/u][/url] and navigate to and delete the following if … |
| | It might be, but you may lose some important stuff like updates, emails etc.  |
 | I am logging off now, but if you want you can download silent runners so that we can see if there is anything else running there that hijackthis cannot pick-up? I will have to check back tomorrow to have a look at the results. Go [url=http://www.silentrunners.org/]here[/url] and download and run … |
| | You have a worm and a trojan. [b]Reboot into safe mode[/b] following the instructions [url=http://www.xtra.co.nz/help/0,,6156-1377929,00.html][u]here[/u][/url] and navigate to and delete the following: C:\WINDOWS\[b]SVCHOST.EXE[/b] C:\WINDOWS\[b]smss.exe[/b] [b]Reboot normally after doing the above, rescan with hijackthis, then post that log here please.[/b] |
| | Hi. First of all you need to update hijackthis to version 1.99.1. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.malwareremoval.com/downloads.html][u]here[/u][/url] and download the selfextracting zip version. Remove the old version by opening the program, going to config\misc tools, then uninstall & … |
| | [url]http://www.daniweb.com/techtalkforums/showpost.php?p=97792&postcount=8[/url] |
The End.