crunchie

[b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of "inetadpt.dll" & "cdlsp.dll" [b](and nothing else),[/b] and move them to the "Remove" pane. Then click Finish. [b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for Wintools removal instructions.[/b] [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & …

You need to be able to somehow install a few programs on your computer to help get it up & running. Can you download to another computer then save the programs to disk? Hijackthis will fit on a floppy, the others will not. If you can do that, I will …

sunflower0475@c. Please do not tag onto the end of other members threads. Am moving your post to it's own thread.

Assuming you have XP? Clear your restore points now like so.. Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. Reboot. Turn ON System Restore. On the Desktop, right-click My Computer. …

Looks like you reinstalled a virus. [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an on-line scan & set it to autoclean for you. Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan as well.[/b]

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. Download About:buster from [url]http://malwarebytes.biz/AboutBuster.zip[/url] …

Also, before you post the log, [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning …

[b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for Wintools removal instructions.[/b] Uninstall WebRebates from add/remove if there. [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://srch-us7.hpwis.com/[/url] R1 …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by opening the program, going to config\misc tools, then uninstall & exit. You then have to delete …

You also have the peper trojan. To remove it please do the following: [b]Download the PeperFix.exe tool from here:[/b] [url]http://downloads.subratam.org/PeperFix.exe[/url] Click on the PeperFix.exe to launch it. Click the Find and Fix button. It will scan the %Systemroot% folder and locate all the peper files. You will be prompted to …

Hi :). You need to post a log that was scanned in normal mode.

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an …

Remove the following if you do not resolve it yourself: O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load

Download About:buster from [url]http://malwarebytes.biz/AboutBuster.zip[/url] and unzip it to your desktop. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' …

Do this first. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it …

[b]Download [color=blue]HijackThis[/color] from [url=http://www.computercops.biz/downloads-file-328.html][u]here[/u][/url][/b] & unzip it into it's own, permanent folder, [color=red](Not a temporary folder or the desktop (in a folder on the desktop is fine) & not directly on your hard drive)[/color]. If you have anything disabled in MsConfig, please re-enable it/them. Start HJT & with all browser …

[b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] O4 - Global Startup: SpywareBlaster.lnk = C:\Program Files\SpywareBlaster\spywareblaster.exe O15 - Trusted Zone: *.ebay.com O15 - Trusted Zone: *.linksynergy.com O15 - …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. [b]Close all (browser) windows …

BPS= [url]http://www.spywarewarrior.com/rogue_anti-spyware.htm[/url] If all of your Microsoft updates are up-to-date, then you have no problems regarding the DSO exploit. It is a known bug in Spybot that is yet to be remedied. Set Spybot to ignore it.

[b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] O2 - BHO: (no name) - {9AD28319-99FD-872D-AADE-9A73546279FA} - C:\WINDOWS\system32\atlfq.dll O4 - HKLM\..\RunOnce: [addgq.exe] C:\WINDOWS\addgq.exe O4 - HKLM\..\RunOnce: [msdu.exe] C:\WINDOWS\system32\msdu.exe O4 …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by opening the program, going to config\misc tools, then uninstall & exit. You then have to delete …

Please download and unzip [url=http://malwarebytes.biz/AboutBuster.zip]AboutBuster[/url] to a folder. Inside the folder is a readme file that has instructions on the use of the program. AboutBuster MUST be updated before you use it. Start AboutBuster, click the update button, check for update, drag the box to the side and hit download …

Have merged your two threads. Please do not post duplicates. Log is clean. :).

[b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here.[/u][/url] & scrolling down to the uninstall tool. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' …

[b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised …

Also, [b]remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here.[/u][/url] & scrolling down to the uninstall tool.

Please read this thread regarding bridge.dll [url]http://www.daniweb.com/techtalkforums/thread7370.html[/url]

Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have C:\HJT\ folder. Put your HijackThis.exe there, and double click to run it.

[QUOTE]Unzip HJT into it's own permanent folder before doing anything in order for it to create backups. (Not a temporary folder or the desktop & not directly on your hard drive).[/QUOTE] The reason for the above is because the majority of users have hijackthis running from a temporary folder. When …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. Open Task Manager & …

[b]Unzip HJT into it's own permanent folder[/b] before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop (in a folder on the desktop is fine) & not directly on your hard drive).[/color] [b]Close all (browser) windows & rescan with hijackthis.[/b] When …

Unzip HJT into it's own permanent folder before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop & not directly on your hard drive).[/color] Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in …

tinyaroa, I have split your post out to your own thread. Our forum rules ask that you not piggyback other members threads. You will receive better assistance for your problems too :).

[b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. Click My Computer, then …

[QUOTE=mikeandike22]Sorry i couldnt just read your log and tell you what to do but those things are ridiculous[/QUOTE] Restoring back means you can also lose good stuff that you may need too! There is absolutely nothing ridiculous about scanning ones computer for nasties. Adaware & spybot invariably do not remove …

This needs to go. O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE will be in either C:\Windows or C:\Windows\system32 folder. Make sure all programs are set to run in Msconfig, reboot then rescan with HJT [b](Get the latest version first)[/b] & post back. Start/Run & type in *Msconfig* go to startup tab & …

Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go [url=http://www.computercops.biz/downloads-file-328.html][u]here.[/u][/url] Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder. [b]Please go [url=http://www.pchell.com/support/wintools.shtml][u]here[/u][/url] for …

Two firewalls & two AV's ?? Looking for some conflict, are we?? You will find that only one firewall will work & the other wasting resources. Or, put a better way, one firewall will intercept possible in/excursions before the other one, rendering the second superfluous. Two AV's on the same …

[b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised …

At the top of this forum is the following link; [url]http://www.daniweb.com/techtalkforums/announcement.php?f=29&announcementid=1[/url] telling members where to post hijackthis logs. Taking you there [b]NOW.[/b] :)

Thank you :).

Welcome back :) , long time no see. If you just reformatted, you should not have a virus. It's nothing that I have heard of before. A little more info might be required. Try a couple of on-line scans to see if anything is picked up.

[b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised …

At the top of this forum there is a thread regarding the removal of bridge.dll. [url]http://www.daniweb.com/techtalkforums/thread7370.html[/url] Having said that, you have other matters that need fixing, so...... Uninstall Bargain Buddy from add/remove programs. [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in …

So far you have given us nothing to work with, so *nothing* is the result. :)

[QUOTE=sailor22]Using House Call virus checker I found I had a non removeable infected file named dpjumv.exe. Mcafee did not pick it up. I followed the advice given here and the file is gone. I am very grateful for your help. I was getting a lot of pop-ups even though I …

Hijackthis should see if you are hijacked.

[b]Reboot into safe mode[/b] following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & [b]close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://www.ztrhrgnzmgyjfbdmogqmyz.i...c2awxTdbQo.html[/url] R3 - Default URLSearchHook is …

[QUOTE=p3-450]If you think you have a trojan or anything else then try these online virus scanners [URL=housecall.trendmicro.com]Housecall[/URL] [URL=http://www.pandasoftware.com/activescan/activescan.asp?Language=2&Country=63&Partner=1&Ref=EN-PR-AS-107]Panda Active Scan[/URL][/QUOTE] Fancy meeting you here :cheesy: . Doing a bit of moonlighting are we?