4,383 Posted Topics
 | My apologies :). I should have looked closer. |
| | Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. [color=blue]Scan with hijackthis and … |
| | Re: dxsetu.exe error That is a virus. Find and delete it. Good idea to also post a hijackthis log though. [url]http://www.daniweb.com/techtalkforums/thread13452-dxsetu.exe.html[/url] |
| | Re: My Wife's PC Stop posting hijackthis logs into new threads please. I have already merged two of your other threads. Thank you.  |
| | Re: Dxsetu.exe error [b]Unzip HJT into it's own permanent folder[/b] before doing anything in order that the backups it creates cannot be deleted by accident. [color=red](Not a temporary folder or directly on the desktop (in a folder on the desktop is fine) & not directly on your hard drive).[/color] [b]Rescan with hijackthis.[/b] When … |
| | First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. If not listed there, run this uninstaller: [url]http://members.rogers.com/rjmac/new_uninstall.exe[/url] |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] O1 - Hosts: 213.159.117.235 auto.search.msn.com O18 - Protocol: start - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\DGJMPSVY.dll O18 - Filter: text/html - {63B95211-7D77-11D2-9F80-00104B107C96} - C:\WINDOWS\System32\DGJMPSVY.dll O18 - Filter: … |
 | [b]Download [color=blue]HijackThis[/color] from [url=http://www.computercops.biz/downloads-file-328.html][u]here[/u][/url][/b] & unzip it into it's own, permanent folder, [color=red](Not a temporary folder or the desktop (in a folder on the desktop is fine) & not directly on your hard drive)[/color]. If you prefer an executable file, then download from [url=https://ssl.perfora.net/tools.radiosplace.com/HijackThis.exe][u]here.[/u][/url] If you have anything disabled in … |
| | Hi there. First of all you are running hijackthis from a temporary folder. The backups that hijackthis creates can be accidentally deleted when not in a permanent folder. Please do the following; Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, … |
| | Can you please download this file from here: [url=http://www.bleepingcomputer.com/files/spyware/getservice.zip]Getservice.zip[/url] Extract the file to the c:\ drive. Then navigate to the c:\getservices and double-click on the getservices.bat file. A notepad will open up. Please paste the contents of that notepad into this post. Post another hijackthis log at the top of … |
| | [b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] and scrolling down to the uninstall tool. [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of 'osmim.dll' [b](and nothing else),[/b] and move them … |
| | You have a couple of nasties there, but you are running hijackthis from a temp folder. Please move it to a permanent one and we will rid you of the extra baggage :). Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New … |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://search.hpwis.com/[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://search.hpwis.com/[/url] O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL … |
| | Hi and welcome :). Please uninstall Web_Rebates from add\remove programs. Windows AdTools also, if there. [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] R3 - Default URLSearchHook is missing O2 - BHO: … |
| | [color=blue]Scan with hijackthis and tick the boxes next to all the following entries, then close all browser and explorer windows, and hit the "Fix checked" button.[/color] O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - [url]http://software-dl.real.com/27e32a9ba5febf3e0105/netzip/RdxIE601.cab[/url] [b]Netster[/b] O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - [url]http://acceso.masminutos.com/laaplicacion.cab[/url] [b]Marcador[/b] |
| | [b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] and scrolling down to the uninstall tool. Reboot and post another log. |
| | If you still require assistance, please [b]download [color=blue]HijackThis[/color] from [url=http://www.computercops.biz/downloads-file-328.html][u]here[/u][/url][/b] & unzip it into it's own, permanent folder, [color=red](Not a temporary folder or the desktop (in a folder on the desktop is fine) & not directly on your hard drive)[/color]. If you prefer an executable file, then download from [url=https://ssl.perfora.net/tools.radiosplace.com/HijackThis.exe][u]here.[/u][/url] … |
| | [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] to TrendMicro for an on-line scan & set it to autoclean for you. Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan at Panda as well.[/b] Please put hijackthis in a permanent folder so that we can go ahead with the fixes needed. Click My Computer, then C:\ In the menu bar, File->New->Folder. That … |
| | Download Registrar Lite from here: [url]http://www.resplendence.com/download/reglite.exe[/url] Put it in its own folder. You may want to keep this program. It is an excellent free, registry editor. Install, run, copy and paste this line to reglite's address bar: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs and hit the "go" tab. Find: "Appinit_Dlls" value on the right … |
| | Fasten seat belts, moving to security. Make sure to have your boarding passes ready :). |
| | Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. Reboot. Turn ON System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check *Turn off System …  |
 | Only one thing I can see. [b][color=red]Close all (browser) windows & rescan with hijackthis.[/color][/b] When the scan is finished place a check in the box to the left of the following entries & click [b][color=red]'fix checked':[/color][/b] O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe [b]Reboot into safe mode[/b] following the instructions [url=http://www.xtra.co.nz/help/0,,6156-1377929,00.html][u]here[/u][/url] … |
| | Re: Security Alerts You need to configure Norton to not flag (pop up) each and every alert. I cannot remember how to do it though :(. |
| | Also, [b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for Wintools removal instructions.[/b] Uninstall Web_Rebates from add\remove programs. P2P Networking too. [b]Download the PeperFix.exe tool from here:[/b] [url]http://downloads.subratam.org/PeperFix.exe[/url] Click on the PeperFix.exe to launch it. Click the Find and Fix button. It will scan the %Systemroot% folder and locate all the peper files. You will …  |
| | Fixing the following with hijackthis should prevent them from running automatically; O4 - Startup: Gerenciador do HotSync.lnk = C:\Arquivos de programas\Palm\HOTSYNC.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE You can also go … |
| | Merged your two threads. Please do not start another for the same problem :). First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file … |
| | Sassy. Do not install the 3rd party sponsor that comes with mess plus or you will be infected with the LOP hijacker. |
| | When does that apply? I just retrieved my mail from Hotmail using Incredimail, so it still works. |
| | A little bit more information would be nice :). |
| | Have split out your posts to there own thread. Download Registrar Lite from here: [url]http://www.resplendence.com/download/reglite.exe[/url] Put it in its own folder. You may want to keep this program. It is an excellent free, registry editor. Install, run, copy and paste this line to reglite's address bar: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs and hit … |
| | Delete the file manually and rescan. |
| | [b][color=red]Close all (browser) windows & rescan with hijackthis.[/color][/b] When the scan is finished place a check in the box to the left of the following entries & click [b][color=red]'fix checked':[/color][/b] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - … |
| | First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. If not listed there, run this uninstaller: [url]http://members.rogers.com/rjmac/new_uninstall.exe[/url] … |
| | When you have received a reply at the other forum you posted your log, let us know if you still require assistance :). |
| | Download [url=http://www.downloads.subratam.org/CWShredder.exe]CWShredder v1.59.1[/url]. Save it to your desktop. Do not run it yet. We will run it later. Download the [url=http://securityresponse.symantec.com/avcenter/venc/data/backdoor.agent.b.removal.tool.html]Backdoor.Agent.B Removal Tool[/url] from Symantec. Follow Symantec's instructions for how to run it. Be sure to save the log file. I will need to see it later. Restart your computer. … |
| | Re: Stupid Search200 First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. If not listed there, run this uninstaller: [url]http://members.rogers.com/rjmac/new_uninstall.exe[/url] … |
| | Did you go to the Wintools removal instructions page? 1. [b]Download and install [color=blue][URL=http://computercops.biz/downloads-file-292.html] Ad-Aware SE,[/URL][/color][/b] keeping the default options. [b]However, some of the settings will need to be changed before your first scan[/b] 2.[b]Close ALL windows[/b] except Ad-Aware SE 3. Click on the[b]‘world’ [/b] icon at the top right … |
| | [b][color=red]Close all (browser) windows & rescan with hijackthis.[/color][/b] When the scan is finished place a check in the box to the left of the following entries & click [b][color=red]'fix checked':[/color][/b] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O4 - HKLM\..\Run: [ExplorerTask] F:\WINNT\ServicePackFiles\i386\explorer.exe O4 - HKLM\..\Run: … |
| | Nothing real serious there, but we will need to see hijackthis in a permanent folder before we can advise any repairs. Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have … |
| | Open Sygate and hit the Applications button. Scroll down to OE then right click on it and select Allow. |
| | [b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here[/u][/url] & scrolling down to the uninstall tool. [b][color=red]Close all (browser) windows & rescan with hijackthis.[/color][/b] When the scan is finished place a check in the box to the left of the following entries & … |
| | [b]Download [color=blue]CWShredder[/color] from [url=http://computercops.biz/downloads-file-349.html][u]here[/u][/url] & run it.[/b] Select the [color=red]fix[/color] button & it will fix everything related to CoolWebSearch that is stored in it's database. Close [b]ALL[/b] windows, including Internet Explorer, before running CWShredder. [color=red]Reboot.[/color] To help prevent this from happening again, install the patches for the vulnerabilities that this … |
| | The only problem I see there is that you have hijackthis in a temp folder. If you have fixed anything before running hijackthis then posted the log I will need you to reboot, rescan with hijackthis straight away, with [b]all[/b] instances of Internet Explorer [b]closed[/b] & post that log. Click … |
| | Re: Virus attacked Open Task Manager & end process on the following:[b] conime.exe[/b] Then delete the file manually by going to; C:\WINDOWS\System32 |
| | Re: Dso Exploit It is a true solution [b]if[/b] you have [b]all[/b] your security patches installed!! Go to Spybot S&D's forums and see for yourself :). |
| | Re: Slowed internet Go into add\remove programs & uninstall Webrebates & WebHancer. Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have C:\HJT\ folder. Put your HijackThis.exe there, and double click to run it. … |
| | [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of "lspak.dll" (and nothing else), and move them to the "Remove" pane. Then click Finish. [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check … |
| | Also if you wish, you can try the latest version of CWShredder. It allegedly removes the hidden dll, but I do not know for sure as I am not infected :). Download [color=blue][b]CWShredder 2.0[/b][/color] from [url=http://www.intermute.com/spysubtract/cwshredder_download.html][u]here.[/u][/url] Run it and press the *fix,* not scan and allow it to clean the … |
| | [b]Reboot into safe mode[/b] following the instructions [url=http://www.xtra.co.nz/help/0,,6156-1377929,00.html][u]here[/u][/url] & [b]close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://www.123mania.com/0409/ie.asp[/url] R3 - URLSearchHook: SrchHook Class … |
| | Go [url=http://windowsupdate.microsoft.com/][u]here[/u][/url] & install ALL critical updates required for your system. That should ensure that you are patched against the DSO exploit. If Spybot keeps finding it after that, set it to ignore that particular problem. |
The End.