4,383 Posted Topics
 | Try this: 1. Tools | Internet Options - General tab - Home page section 2. Change Address to «about:blank» 3. Click Apply then OK 4. Restart IE 5. Reset your homepage & click apply, then ok. If that doesn't work, do this: [list=1][*]Make sure your settings allow you to view …  |
| | Please read before you post! [url]http://www.daniweb.com/techtalkforums/announcement.php?f=29&announcementid=1[/url] Tells where to post hijackthis logs. |
| | [list=1][*]Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders". [*]Press Ctrl+Alt+Delete once => Click Task Manager => Click the Processes tab => Double-click the … |
| | Re: About:Blank Woes Are you insured? :evil: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\Joe\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\Joe\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\Joe\LOCALS~1\Temp\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank … |
| | [b]Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an on-line scan & set it to autoclean for you.[/b] [b]Try [URL=http://www.pandasoftware.com/activescan/com/activescan_principal.htm][u]this[/u][/URL] scan as well.[/b] Update both Adaware & spybot. Set Adaware up this way: In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites … |
| | [list=1][*]Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders". [*]Press Ctrl+Alt+Delete once => Click Task Manager => Click the Processes tab => Double-click the …  |
| | [b]Reboot into safe mode[/b] following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\WINDOWS\Downloaded Program … |
| | [list=1][*]Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders". [*]Press Ctrl+Alt+Delete once => Click Task Manager => Click the Processes tab => Double-click the … |
| | Looks like you did that in safe mode?? [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm Delete … |
| | [list=1][*]Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders". [*]Press Ctrl+Alt+Delete once => Click Task Manager => Click the Processes tab => Double-click the … |
| | The rest of the log would be nice to see :) |
| | Can you download the following app & run it. [url=http://tools.zerosrealm.com/VX2Finder.exe][u]VX2Finder[/u][/url] [b]Sign off and stay off the internet until the entire procedure is complete.[/b] Open VX2Finder and click on the [color=red]*click to find VX2.BetterInternet*[/color] button. Put a check beside all files. Then select the *Delete these files* button. You will be … |
| | [list=1][*]Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders". [*]Press Ctrl+Alt+Delete once => Click Task Manager => Click the Processes tab => Double-click the … |
| | Download & instal Adaware from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url] & update it B4 scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised …  |
| | [b]Reboot into safe mode[/b] following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & navigate to & delete the following: C:\WINDOWS\SYSTEM\FBJJK.DLL< file C:\WINDOWS\TEMP< folder contents In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to [url=http://www.xtra.co.nz/help/0,,4155-1916458,00.html][u]here.[/u][/url] Still in safe [b]Close all (browser) windows & rescan with hijackthis.[/b] … |
| | Both Adaware & Spybot Search & Destroy are free programs & will remove most of the malware on your computer. Download the following first & set them up as explained then post back if you are still having problems :) . Download & instal Adaware from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url] & update it … |
| | Uninstall spykiller as it is a scam & a rip off of another spy removal program & may also install spyware on your computer. [url]http://www.netrn.net/archives2/000550.html[/url] [list=1][*]Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and … |
| | [list=1][*]Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders". Uncheck the Hide protected operating system files option. [*]Press Ctrl+Alt+Delete once => Click Task Manager … |
| | Hi & welcome. Check this thread out [url]http://www.daniweb.com/techtalkforums/thread7370.html[/url] & also [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://search200.com/passthrough/in...p://www.msn.ca/[/url] R1 - HKCU\Software\Microsoft\Internet … |
| | Yes, I would delete all of those files. You may have to be in safe mode. Get there by tapping F8 whilst booting up. In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to [url=http://www.xtra.co.nz/help/0,,4155-1916458,00.html][u]here.[/u][/url] |
| | Re: Blank Hijacked [b]Reboot into safe mode[/b] following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & run the shredder. Reboot normally. Please go [url=http://windowsupdate.microsoft.com/][u]here[/u][/url] & install ALL critical updates required for your system. |
 | The FO & the F2 are ok. Try ridding the 018 in safe mode. |
| | Well done rc_satina, good to see that you were able to solve your problem :) . |
| | [b]Unzip HJT into it's own permanent folder[/b] before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop & not directly on your hard drive).[/color] Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in … |
| | R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\GENEKE~1\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\GENEKE~1\LOCALS~1\Temp\sp.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\GENEKE~1\LOCALS~1\Temp\sp.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\GENEKE~1\LOCALS~1\Temp\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\GENEKE~1\LOCALS~1\Temp\sp.html R0 - … |
| | Have split your post out to your own thread as it is too confusing to diagnose different logs in the one thread. Plus it is not fair on the original poster. [b]Download [color=blue]CWShredder[/color] from [url=http://www.computercops.biz/zx/phoenix22/cws.zip][u]here[/u][/url] & run it.[/b] Select the [color=red]fix[/color] button & it will get rid of everything related … |
| | Reboot into safe mode following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & navigate to & delete the following: C:\WINDOWS\system32\crnm.exe< file C:\WINDOWS\system32\windh.exe< file C:\WINDOWS\jlxzg.dll< file C:\WINDOWS\system32\winfi32.dll< file Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & … |
| | Hi & welcome. It is recommended that you first run both Adaware & spybot after updating them. Following that, if the problem persists, you may then post an HJT log upon request :) . So, if you do still have problems subsequent to running those programs, please post your log. … |
| | First up you can try a repair of IE by going to add/remove programs, select IE & you should get an option to repair. If this doesn't fix it download & install Adaware, update it & in settings make sure to tick; scan within archives, deep scan registry & then … |
| | Re: Friends HJT log, Uninstall MyWebSearch from add/remove programs. [b]Close all (browser) windows & rescan with hijackthis.[/b] When the scan is finished place a check in the box to the left of the following entries & click [color=red]'fix checked':[/color] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://red.clientapps.yahoo.com/cus...://my.yahoo.com[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://red.clientapps.yahoo.com/cus...://my.yahoo.com[/url] R0 - … |
| | Can you download the following app & run it, making sure to have one internet exploder window open. Save the log & paste the results back here. [url=http://tools.zerosrealm.com/VX2Finder.exe][u]VX2Finder[/u][/url] |
| | Have HJT fix this entry: O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) Please go [url=http://windowsupdate.microsoft.com/][u]here[/u][/url] & install ALL critical updates required for your system. Check for updates with spybot. Do you have the latest version? 1.3 is the latest. If you still have the warning come up … |
| | Firstly, hi & welcome. [b]Download [color=blue]CWShredder[/color] from [url=http://www.computercops.biz/zx/phoenix22/cws.zip][u]here[/u][/url] & run it.[/b] Select the [color=red]fix[/color] button & it will get rid of everything related to CoolWebSearch that is stored in it's database. Close [b]ALL[/b] windows, including Iinternet Explorer, before running CWShredder. [color=red]Reboot.[/color] To help prevent this from happening again, install the …  |
| | Download dllfix from the following link. [url]http://tools.zerosrealm.com/dllfix.exe[/url] Create a folder on your desktop, doubleclick on the dllfix and install it into the folder you just created. 1.Run start.bat and press option 1. 'output.txt' will be created in the folder. Post the results of the log here, with another HJT log. |
| | There are several about:blank issues so one cannot be specific until the hijack is sighted. I would first run Adaware & spybot, the run hijackthis & post it here. [b]Download & instal [color=blue]Adaware[/color] from [url=http://www.computercops.biz/downloads-file-292.html][u]here[/u][/url][/b] & [color=red]update[/color] it before scanning. In settings under 'scanning,' have it set to 'scan within … |
| | Re: W32.Spybot.Worm Go [url=http://housecall.trendmicro.com/][u]here[/u][/url] for an on-line scan & set it to autoclean for you. Need more info too. What operating system, where is the file located etc. |
| | Re: Hijack this... First of all we have to remove Newdotnet, either from add/remove programs, or by going [url=http://www.newdotnet.com/#remove][u]here.[/u][/url] & scrolling down to the uninstall tool. Unzip HJT into it's own permanent folder before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop & … |
| | Another member tried adware away & it fixed it too, for a couple of days. |
 | Download dllfix from the following link. [url]http://tools.zerosrealm.com/dllfix.exe[/url] Create a folder on your desktop, doubleclick on the dllfix and install it into the folder you just created. 1.Run start.bat and press option 1. 'output.txt' will be created in the folder. Post the results of the log here. |
| | Download dllfix from the following link. [url]http://tools.zerosrealm.com/dllfix.exe[/url] Create a folder on your desktop, doubleclick on the dllfix and install it into the folder you just created. 1.Run start.bat and press option 1. 'output.txt' will be created in the folder. Post the log here plz. |
| | Download [color=blue][b]CWShredder[/b][/color] from [url=http://www.computercops.biz/zx/phoenix22/cws.zip][u]here[/u][/url] & run it. Select the fix button & it will get rid of everything related to CoolWebSearch that is stored in it's database. Close ALL windows, including IE, before running CWShredder. Reboot. To help prevent this from happening again, install the patches for the vulnerabilities that … |
| | You have several dialers there. Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked' : O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} (DialerWeb Class) - [url]http://212.145.159.194/251065/dialercab/WebRecomendada.cab[/url] O16 - DPF: {73F0FD85-BD47-4A95-86D1-DE38860462C1} (PremiumHTML Class) … |
| | Download dllfix from the following link. [url]http://tools.zerosrealm.com/dllfix.exe[/url] Create a folder on your desktop, doubleclick on the dllfix and install it into the folder you just created. 1.Run start.bat and press option 1. 'output.txt' will be created in the folder. Post the log back here please. |
| | Reboot into safe mode following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & navigate to & delete the following: C:\DOCUME~1\Master\LOCALS~1\Temp< folder contents C:\WINDOWS\System32\iexplore.exe< file In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to [url=http://www.xtra.co.nz/help/0,,4155-1916458,00.html][u]here.[/u][/url] Close all (browser) windows & rescan with hijackthis. When the scan … |
| | [QUOTE=purple]What do I need to do to fix this problem WINDOWS\System32\bridge.dll could not be found[/QUOTE] please read this thread: [url]http://daniweb.com/techtalkforums/thread7370.html[/url] |
| | When you have run all those programs, you MUST reboot your machine to ensure a full log. I can see that you never rebooted after running adaware so please do that first, then rescan with hijackthis & post that log please. |
| | Download LSPfix from [url=http://www.computercops.biz/downloads-file-334.html][u]here[/u][/url] Run the program by double clicking on the file then click *Finish*. Do not move anything from the left window, just hit the finish button after starting it. |
| | Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked' : R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com* R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file) R3 - URLSearchHook: … |
| | Reboot into safe mode following the instructions [url=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406][u]here[/u][/url] & navigate to & delete the following: c:\windows\TEMP< folder contents C:\WINDOWS\SYSTEM\CKNP.DLL< file In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to [url=http://www.xtra.co.nz/help/0,,4155-1916458,00.html][u]here.[/u][/url] Close all (browser) windows & rescan with hijackthis. When the scan … |
| | Unzip HJT into it's own permanent folder before doing anything in order for it to create backups. [color=red](Not a temporary folder or directly on the desktop & not directly on your hard drive).[/color] Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in … |
The End.