tayspen

Hi, your HJT version is out of date, it is important that you have the latest version so we are sure it scans everthing. So lets start by downloading[url=http://www.merijn.org/files/hijackthis.zip] Hijackthis (The newest Version)[/url].

Sorry we didnt get to you sooner. You are indeed loaded. [color=red]You may need to pront these instructions, as you will not have acess to interent while in safe mode[/color] First download ewido - [url]www.ewido.net[/url] - Install. Update. [color=blue] Do not run it yet[/color]. Then please boot into safe mode, …

Hi, Please download the newest version of HJT, and post a new log. [url]http://www.merijn.org/files/hijackthis.zip[/url] Insructions: [b] Download to your desktop Extract to its own folder Run HiJackThis.exe Click "Do system scan and save log" Post the text that pops up in notepad (The Log) [/b]

Hi, First just so you know you Internet Explorer is out fo date. you can run windows update to fix that. You had, or used to have WinFixer, I belive VundoFix.exe removes that. So lets run that. Please download [url=http://www.atribune.org/ccount/click.php?id=4]VundoFix.exe[/url] to your desktop. * Double-click VundoFix.exe to run it. * …

Hi, Please download [url=http://www.atribune.org/ccount/click.php?id=4]VundoFix.exe[/url] to your desktop. * Double-click VundoFix.exe to run it. * Click the Scan for Vundo button. * Once it's done scanning, click the Remove Vundo button. * You will receive a prompt asking if you want to remove the files, click YES * Once you click …

Hi and welcome to DaniWeb. First I think your Internet eplorer is out of date. You can run [b]Windows Update[/b] to fix that. Ok, you have a fair amount of nasties on your system. Lets boot into safe mode, and have windows show hidden files or folders. To do this: …

Thats a clean log [b]Goodfuzzy[/b]. Good job :).

Please [B]DO NOT[/B] double post asking the same question! Thanks. On to the log... Run HJT again and put a check next to the following items. [b] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://as.starware.com/dp/search?x=...N/6qkmqdXklR9k=[/url] R3 - URLSearchHook: ScriptInocUI Class - - (no file) O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - …

Perhaps you have a virus the scanners are overlooking, or your internet is hijacked. Download HJT - [url]http://www.merijn.org/files/hijackthis.zip[/url] - And post the log. We will take a look at it. Just run, and click "Do system scanand save log" Then post the text that pops up in notepad.

HI, boot into safe mode. To do this: [b] 1 Click the Start Button 2 In the Start menu click Control Panel 3 In the Control panel Window click the Folder Options Icon 4 The folder Options Window will now Open 5 Click the View Tab 6 In the view …

This should get you going. [url]http://www.codeproject.com/cs/miscctrl/systemhotkey.asp[/url] If you need a working sample of what you want to do, I will put one together for you :).

You did, but oculdnt you have just added on to the other threads you made. Now you have 3 threads with the same title ;). Any ways, scan with HJT again, and check the following. [b] O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file) O3 - Toolbar: Yahoo! …

This should do it: [url]http://www.daniweb.com/techtalkforums/thread6632.html[/url]

That is a [I]very[/I] short log. Are you sure you copied it all? If you used msconfig or any other tool to prevent items from running at start up, you need to re-enable them, so we can check to see if its malware. Also do the scan in normal mode …

Alright, lets get you cleaned up :). Lets first download and run some tools before we get deeper into the HJT logs. Please download ewido - [url]www.ewido.net[/url] - Install. Update. Scan. Remove anything it finds. Download smitRem.exe ([url]http://www.bleepingcomputer.com/resources/link240.html)[/url], saving the file to your desktop. Double click it to extract the …

Hi, and welcome :). For this fix we will need to boot into [color=red]safe mode[/color], and configure windows to show hidden files/folders. To do this, do the following. [b] 1 Click the Start Button 2 In the Start menu click Control Panel 3 In the Control panel Window click the …

Please download HJT, and post a log, we will verify that its not a virus, then go from there :). [url=http://www.merijn.org/files/hijackthis.zip]Download Here[/url] [b]Post a log[/b]

Hi, you still have SpyAxe ;). First download SmitRem Dont run it yet. - [url]http://noahdfear.geekstogo.com/click%20counter/click.php?id=1[/url] Then Please boot into safe mode - [url]http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument[/url] - And Run HJT, please check the following. [b] C:\WINDOWS\System32\nvctrl.exe O3 - Toolbar: SecurityToolbar - O4 - HKLM\..\Run: [stratas] lockx.exe O4 - HKLM\..\RunServices: [stratas] lockx.exe O4 - …

Hi, and welcome. Lets boot into safe mode, and configure winodws to Show hidden files. To do this do the following. [b] file 1 Click the Start Button 2 In the Start menu click Control Panel 3 In the Control panel Window click the Folder Options Icon 4 The folder …

Hi, and welcome to DaniWeb :D. This line show that HJT was run from an "unsafe" loaction. It needs to be in its own folder. The line: [b]C:\Documents and Settings\Anthony\Local Settings\Temp\HijackThis.exe[/b] To do this Open Internet Explorer Right click [url=http://www.merijn.org/files/hijackthis.zip]HERE[/url] And Click "Save Target As...", When the dialog box comes …

Hi, Please download Ewido - [url]www.ewido.net[/url] - Install it. Update. Scan, Remove anyting it finds. I think that should take care of the infections you have. [b]When done please post the ewido log, and a new HJT log[/b]

Hi, and welcome. Lets start by downloading [URL=http://www.merijn.org/files/hijackthis.zip]hijackthis![/URL]. Once downloaded [i]unzip[/i] to its [i]own[/i] folder to not run it while its still zipped up. Run it and click do system scan and save log. When its done a notepad document will pop up. Copy that log, and post it here.

Try disabling all firewalls, then trying.

If you Havnt emptyed your recycle bin since you did it, it is most likley in there. To recover: [b]Click the Recycle bin on your desktop>Look for the folder (Kimberlys Documents)>Right click>Click Restore.[/b] If it wasnt in the bin post back. but, I wasn't even aware that the my documents …

AVG is great, personally I have not used or heard of the other one, other good one's are Miscrosoft Antispyware, ewido, and Ad-Aware. Links to those, and many many more can be found [URL=http://www.toughadmin.com/forum/viewtopic.php?t=23]here[/URL] If you have any questions about any of them, feel free to ask :).

Please download the newer version of HJT, and post a new log. [url]http://www.merijn.org/files/hijackthis.zip[/url]

Looks clean to me :). Congrats!

You may have things that are booting as windows starts, things that may not need to b e. To check this, do the following. [b]Start>Run>Type msconfig[/b] Then click the [b]startup[/b] tab. Uncheck anything that you are sure doesnt need to boot. -T

Hi, just a bit of clean-up :). Run HJT again and put a check next to the following items. [b] O9 - Extra button: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file) O16 - DPF: {A0EAC162-A012-4AD8-B2E1-D5A0BBBCDA51} (PopupSh Control) - [url]http://206.222.26.90/images/PopupSh.ocx[/url] [/b] Then please download ewido - [url]www.ewido.net[/url] - Install. Update. Scan. …

Can you logon? If so you maybe do some virus scans. ([url]www.ewido.net[/url] - Great scanner)

i have never used AVG, so Im not sure how it updates itself, but perhaps its connecting to that IP to download updates?

HI, please scan with HJT again, and place a check next to the following items. [b] R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file) O8 - Extra context menu item: &Search - [url]http://bar.mywebsearch.com/menusear...?p=ZCxdm231YYUS[/url] O8 - Extra context menu item: Grip.com - file://C:\Program Files\GRIPCZ44\Cache\SelectedContextSearch.htm O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - …

Yes, you have indeed been infected. But lets clean you up :). First lets boot into safe mode, and configure windows to show hidden folders. To do this, do the following: [b] file 1 Click the Start Button 2 In the Start menu click Control Panel 3 In the Control …

Hi, Please run HJT again and plcae a check next to thed following. [b] O2 - BHO: CVirtualDNSObj Object - {86C510E9-97EF-4749-914F-0280247BE3A6} - C:\WINDOWS\VirtualDNS.dll (file missing) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O20 - Winlogon Notify: msupdate - msupdate32.dll (file missing) [/b] Then if these …

Hi, to change where the taskbar is located simply click it and hold. Then drag it to the bottom of the screen. To change the size, right click it and make sure [b]Lock taskbar[/b] does not have a check by it. Then but your mouse on the top of the …

Try [url=http://www.ccleaner.com/]CCleaner[/url] it removes unneeded files, and if configured correctly cn free up lots of space.

Hi, Please boot into [URL= O23 - Service: AlfaCleanerService - AlfaCleaner.com - C:\Program Files\AlfaCleaner\ACServer.exe ]safe mode[/URL] Scan with HJT again, and place a check on these items. [b] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://lookfor.cc/sp.php?pin=47254[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://lookfor.cc?pin=47254[/url] O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - …

Hi, htis AIM seems to be a popular one to catch ;). Please [URL=http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406]boot into safe mode[/URL], and run HJT, and put a check next to these items. [b] O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - [url]http://www.comcast.net/[/url] (file missing) O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - [url]http://www.comcastsupport.com/[/url] (file …

Hi, You can post a [URL=http://www.merijn.org/files/hijackthis.zip]HiJackThis[/URL] log in the [URL=http://www.daniweb.com/techtalkforums/forum64.html]Spyware/Virus section of DaniWeb[/URL]. Then we will have a look at your log, and help you get rid of it. To save log. Run HJT (Exptract it to its Own folder). Click Do system scan and save log. Then a notepad …

Hi, here are detailed instructions to follow. [url]http://www.bleepingcomputer.com/tutorials/tutorial94.html[/url]

HI, Scan again and put a check next to the following. [b] O4 - HKLM\..\Run: [FinishOptions] C:\DOCUME~1\BIGD~1\LOCALS~1\Temp\hpbinxst.exe [/b] IM not usre about this one, oyu might want to wait for a second opinio. [b] O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon [/b] Then download ewido - [url]http://www.ewido.net/en/[/url] -Install it. Update it. …

Hi, post a HJT log so we can check to make sure you dont have more infections. Then we will help you get rid of em'

I have never heard of it. And a goolge search didn't turn up anything. Did AVG remove it? If not and you wanna get rid of it you could post a HJT log... -T

So, if I understand correctly, when an error is thrown you want to add the error Message (the text) to a listbox? If so this should do it. THis example the program trys to open that file, and since it doesnt exist, its add the error to the listbox. [code] …

Hi, Your version of HJT is out of date, to make sure that its scanning everything please download the newest version and post a new log. Dowload: [url]http://www.merijn.org/files/hijackthis.zip[/url] Oh, and your other post was in "Community Introductions" :)

Try to reapir is. [b]Start-->Settings-->Control panel-->Add/remove programs[/b] From the list select internet explorer and click on remove and select repair. More info-http://support.microsoft.com/?kbid=194177

Hi, scan again with HJT, then check off the following: [b] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://searchbar.findthewebsiteyouneed.com[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://searchbar.findthewebsiteyouneed.com[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.findthewebsiteyouneed.com[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://searchbar.findthewebsiteyouneed.com[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://searchbar.findthewebsiteyouneed.com[/url] O2 - BHO: XBTB04715 - …

Hi, and welcome, this needed to have been posted in the spyware/virus section. Im sure it will be move there. Any ways, Run HJT and check off the following. [b] O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - (no file) O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file) …

Have a look here, a repair install should suffice - [url]http://support.microsoft.com/?kbid=318378[/url]

The only way to get red off everything is by formatting the harddrive. Info on how to do that here - [url]http://support.microsoft.com/?kbid=313348[/url]