4,383 Posted Topics
 | Hi. First of all you need to update hijackthis to version 1.98.1 Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. Remove 1.97 from the folder it is in & replace it with 1.98.1. (Put hijackthis into it's own folder) Please go [url=http://windowsupdate.microsoft.com/][u]here[/u][/url] & install ALL updates required for …  |
| | Re: prosearching First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. - If not listed there, run this uninstaller: … |
| | Re: "Ibacfobb" Please go [url=http://www.kaspersky.com/remoteviruschk.html][u]here[/u][/url] and have this file scanned. C:\WINDOWS\system32 [b]IBACFOBB.EXE[/b]  |
| | Re: about blank ... [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised … |
| | I am not familiar with McAfee, but there probably is an option to configure the firewall to stealth those open ports. I run Sygate Professional & come up 100% stealth out of the box. From GRC; [url]http://www.grc.com/port_1024.htm[/url] [url]http://www.grc.com/port_135.htm[/url] |
| | Uninstall Kazaa & then run Kazaabegone from [url=http://www.computercops.biz/downloads-file-331.html][u]here.[/u][/url] to clear out the remnants. Clear out your Temporary internet files and other temp files. Go to Start > Settings > Control Panel >Internet Options. Under the General tab click the Delete temporary internet files, delete all Offline content as well. Clear … |
| | Hi. First of all you need to update hijackthis to version 1.98.1 Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. Remove 1.97 from the folder it is in & replace it with 1.98.1. Go to add/remove programs & uninstall *Virtumundo* if found. [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the … |
| | Hi. First of all you need to update hijackthis to version 1.98.1 Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. Remove 1.97 from the folder it is in & replace it with 1.98.1. Could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', … |
| | O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - [url]http://software-dl.real.com/221b2b1...ip/RdxIE601.cab[/url] Only baddy that I can see. Try doing a checkdisk having it attemp to repair any errors & then do a defrag. |
| | [b]Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url][/b] On the opening screen, click the "I know what I'm doing" checkbox. Check all instances of "lspak.dll" (and nothing else), and move them to the "Remove" pane. Then click Finish. [b]Unzip HJT into it's own permanent folder[/b] before doing anything in order for it to create … |
| | Uninstall *spydoctor* for the following reason; [url]http://www.spywarewarrior.com/rogue_anti-spyware.htm[/url] Try Adaware cloak. To use Ad-aware Cloak, save it to your system, and run the program before opening Ad-aware. Once Ad-aware Cloak opens, click "Activate Cloak" and then open Ad-aware and scan as normal. When you are done using Ad-aware, close Ad-aware Cloak. … |
| | Hi. First of all you need to update hijackthis to version 1.98.1 Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. Remove 1.97 from the folder it is in & replace it with 1.98.1. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' … |
| | Re: Data Miner It's possible that your friend's computer is infected with something. The *data miner* cookies keep getting re-installed whenever you visit certain sites. To prevent it you can change your cookie options to allow you to decide which cookies can be stored & which ones not. Go to Internet Options\Privacy\Advanced & … |
| | [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] O2 - BHO: (no name) - {E7F9591B-27AB-4959-992E-D7A4F2437DB4} - C:\WINDOWS\System32\bgpik.dll Download About:buster from [url]http://malwarebytes.biz/AboutBuster.zip[/url] and unzip it to your desktop. Click … |
| | Download [url=http://securityresponse.symantec.com/avcenter/venc/data/w32.gaobot.removal.tool.html][u][b]this[/b][/u][/url] removal tool for the W32.Gaobot.AFJ worm. [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an on-line scan & set it to autoclean for you.[/b] [b]Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan as well.[/b] Click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You … |
| | Hi. First of all you need to update hijackthis to version 1.98. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. Remove 1.97 from the folder it is in & replace it with 1.98. Also, you need to read this thread; [url]http://www.daniweb.com/techtalkforums/thread7370.html[/url] |
| | [b]Unzip HJT into it's own permanent folder[/b] before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop (in a folder on the desktop is fine) & not directly on your hard drive).[/color] [b]Close all (browser) windows & rescan with hijackthis.[/b] When … |
| | You can either use system restore to go back to a time before this hijack, or: [list=1][*]Make sure your settings allow you to view "Hidden files" & "hide protected operating system files" is unchecked. Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be … |
| | [b]First of all we have to remove Newdotnet,[/b] either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here.[/u][/url] & scrolling down to the uninstall tool. [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & … |
| | [QUOTE=mikeandike22]adaware or spyware search then say goto hijacked this log and sya fix[/QUOTE] What :?: :?: |
| | Re: Kellie.399 If you are concerned, [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an on-line scan & set it to autoclean for you.[/b] [b]Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan as well.[/b] |
| | Before you set spybot to ignore the DSO exploit, make sure you have [b]all[/b] the microsoft updates & patches installed. Try Adaware to clean up those others. If that does not work, you can post a hijackthis log. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In … |
| | [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an on-line scan & set it to autoclean for you.[/b] [b]Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan as well.[/b] Fix this line with hijackthis, making sure that [b]all[/b] other windows are closed. O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load Post another log as there [b]will[/b] be more to do. |
| | Re: Bridge.dll Help! Close all (browser) windows & have HJT fix these entries= O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load Do you have xfire on your computer? |
| | Re: e-catalog hijack [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised … |
| | First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. Then you really should post a log that … |
| | Opera will not be the cause of it, but if you want to rid it from add/remove do this. Before manually editing the registry always back it up. On Windows ME and XP creating a Restore Point will do. Click Start > Run > Type or copy & paste regedit. … |
| | [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] O2 - BHO: (no name) - {83DD6F6C-EE6A-F78B-5F28-FAB031824F81} - C:\WINDOWS\atlkz.dll O4 - HKLM\..\Run: [iezd.exe] C:\WINDOWS\iezd.exe O4 - HKLM\..\RunOnce: [appgg.exe] C:\WINDOWS\system32\appgg.exe Download … |
| | Unfortunately this forum is not authorized in the use of FindnFix. Can you try this instead. Download About:buster from [url]http://malwarebytes.biz/AboutBuster.zip[/url] and unzip it to your desktop. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active … |
| | I have moved your post to it's own thread. Please do not tag on to the end of other members threads. |
| | Does the program actually remove them, or just disguise them?? I am trying to get more info on it. If it only prevents the running of these programs it's not much cop. You also have to pay for it. |
| | Nothing wrong there. What makes you say you are hijacked?  |
| | Still gonna have some bugs in there. |
| | I have no idea what operating system, what IE version or what hijackthis version you are using as you have cut off the top of the log. Please include it in your next post. [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check … |
| | This what you are after? Download: "StartDreck", from here: [url]http://www.niksoft.at/download/startdreck.htm[/url] Unzip to its own folder and start the program, Press 'Config' Press 'Unmark All' Check the following boxes only: Registry -> Run Keys System/drivers> Running processes Press 'Ok' Press 'Save' and select the location to save the log file (default … |
| | Download CWShredder from [url]http://209.133.47.200/~merijn/files/CWShredder.exe[/url] & run it. Select the fix button & it will get rid of everything related to CoolWebSearch. Reboot after doing this & post another log please. |
| | Create another folder in a different directory, move hijackthis.exe to that folder & try again. |
| | [b]Unzip HJT into it's own permanent folder[/b] before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop (in a folder on the desktop is fine) & not directly on your hard drive).[/color] [b]Close all (browser) windows & rescan with hijackthis.[/b] When … |
| | That is not a full log. Please copy the entire log & post it back here please. |
| | Cannot see anything bad in your log. Do you have everything set to start in Msconfig? If not, do so, then reboot & post another log. Also, there is a new version of hijackthis out now so you need to update before your next log. |
| | ....................??????????????????????!!!!!!!!!!!!!!!!!!!!!!!!! |
| | Caperjack is right. You have been hijacked by newdotnet & have other problems that need rectifying. |
| | If you do not have Adaware, then please download it but [b]not[/b] run it yet. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan … |
| | Re: Help With Trojan [b]Unzip HJT into it's own permanent folder[/b] before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop (in a folder on the desktop is fine) & not directly on your hard drive).[/color] [b]Close all (browser) windows & rescan with hijackthis.[/b] When … |
| | Do this first: [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an on-line scan & set it to autoclean for you.[/b] [b]Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan as well.[/b] [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' … |
| | Hope you don't mind caperjack :) . Just a bit of housekeeping now. [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] R3 - Default URLSearchHook is missing O3 … |
| | Download and install APM from: [url]http://www.diamondcs.com.au/index.php?page=apm[/url] In the upper window of APM select explorer.exe Select Unload DLL and click OK on the prompts that follow. |
| | R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\User\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\User\LOCALS~1\Temp\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\User\LOCALS~1\Temp\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\User\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\User\LOCALS~1\Temp\sp.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\User\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP … |
| | Also, [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload … |
| | At the top of this forum is a notice telling members to post their hijackthis logs in the security forum!! Moving out now so hang on to your breakfast............................................................................. [b]Unzip HJT into it's own permanent folder[/b] before doing anything in order for it to create backups. [color=red](Not a temporary folder … |
The End.