dlh6213

Best protective measures, in my opinion -- Nod32 (Antivirus) Spybot Ad-Aware CounterSpy Ewido Any browser other then IE Hardware firewall (if you have an internet connection that is not dial-up) Software firewall SpywareBlaster Links to all of these, and more, can be found in the Protection link below.

Follow the suggestions in these threads: [url]http://www.daniweb.com/techtalkforums/thread27519.html[/url] [url]http://www.daniweb.com/techtalkforums/thread27570.html[/url] Then, right-click in an open area of your desktop, select [B]New[/B], [B]Folder[/B]; give the new folder a name (something like HJT or HijackThis), and drag the hijackthis.exe icon that is on your desktop into the new folder. Close any open browser windows, …

Hi Andru, welcome to DaniWeb :D Yes, go ahead and post your HijackThis log, but before doing so, please review the links in my signature block below. When you post your HJT log please post your Ewido log as well.

First, right-click on an empty area of your desktop and select [B]New[/B], [B]Folder[/B]; give the new folder a name (something like HJT or HijackThis), and then drag the hijackthis.exe icon that is on your desktop into the new folder. Next, download, install, update, and run these utilities: [B]CWShredder[/B] -- [url]http://www.intermute.com/spysubtract/cwshredder_download.html[/url] …

Hi Mark, welcome to DaniWeb :D Please go to Windows Update and get the Critical Updates for Windows and IE. Go to Add/Remove Programs in your Control Panel and remove [B]WareOut[/B], if present. Scan with HijackThis and have it fix the following entries: R3 - URLSearchHook: (no name) - {28E53C8A-53A4-6D46-4D28-9C92E80B17F4} …

Hi Old Dominon, welcome to DaniWeb :D Please follow the recommendations and instructions in the links below. When you've finished (and moved HijackThis), please post a new log so we can clean up anything that's left.

Fixreg32.com is a blacklisted spam site ([url]http://www.joewein.de/sw/spam-bl-f.htm[/url]) Follow the recommendations and instructions in the links below. After you've done that, post your HijackThis log in this thread.

Hi rmdcorp, welcome to DaniWeb :D I've moved your thread to the virus forum as this is the only place where HijackThis logs are to be posted. Follow the recommendations and instructions in the links below. After you've done that, and moved HijackThis, please post a new log to clean …

Hi Reyhan, welcome to DaniWeb :D Follow the recommendations and instructions in the links below. When you get to the end of the third one (infection removal), go to post #5 and follow the instructions carefully. Post your new HJT and Ewido logs when you've finished.

Hi Europa, what problems are you having, if any? Go to Add/Remove Programs in your Control Panel and remove [B]Viewpoint[/B] (or [B]Viewpoint Manager[/B], [B]ViewMgr[/B], or something similar). Scan with HijackThis and have it fix the following entry: O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe Go to C:\Program Files and delete …

Please begin by following the recommendations in the 'pinned' topics at the top of this forum (Protecting, Cleaning, & Specific Infections). Go to Window Update and get SP1a for both XP and IE (don't get SP2, not at this time anyway). Post a new HijackThis log after completing the above.

[QUOTE=ryun]...one other question the O-16 with dealerconnect in it. you told me to erase it, but dealerconnect is a program we use to interface with Daimlerchrysler should I still erase it?[/QUOTE]See this thread for some basic information about HijackThis (including O16 entries): [url]http://www.daniweb.com/techtalkforums/thread28196.html[/url]

Hi Albie, welcome to DaniWeb :D I've split your post into it's own thread per forum rules ([url]http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_faq#faq_rules[/url]) Please follow the recommendations and instructions in the three links from my signature below. In the third one, follow the instructions in posts #1 and then #4.

Hi Dreg, welcome to DaniWeb :D Please start by following the recommendations and instructions in the links below. When you get to the end of the third one, follow the instructions in post #5 to clean up the Aurora/Nail infection. After you've completed all that, post a new log to …

Hi AMendoza, welcome to DaniWeb :D Please start by following the recommendations and instructions in the links below. After you've done that, post a new log to clean up anything remaining.

Hi David (and mom), welcome to DaniWeb :D I've moved your thread to the Virus forum because that seems to be your primary problem. Follow the recommendations and instructions in the links below, and then post back with any remaining problems. If you can get HijackThis and run it, that …

You can also try using System Restore to set your system back to a time before you started having problems.

Try posting your problems in the Windows XP forum or Windows Software forum, maybe someone will be able to help.

No one can tell you what utilities you need without first knowing what virus you have. Follow the recommendations and instructions in the links below to get started.

We'll be happy to help you out, but before you post a HijackThis log, follow the suggestions and instructions in the links below.

If you have Windows XP, download WinsockXPFix from here: [url="http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/WinsockXPFix/WinsockXPFix.exe"]WinsockXPFix[/url] Run it, and click the [B]Fix[/B] button; choose [B]YES[/B] when asked if you want to proceed. If it still doesn't work, try IEFix -- [url]http://windowsxp.mvps.org/IEFIX.htm[/url] If it still isn't working (or even if it is), get the latest, self-extracting, version …

If I'm understanding your question correctly, try this: Log on to MSN Messenger In the top Menu bar, click [B]Contacts[/B] In the drop-down box, click [B]Manage Contacts[/B] Select [B]Delete a Contact...[/B] Click the name of the person you wish to delete, and click on [B]OK[/B]. If this isn't what you …

[QUOTE=ep2002]Ok, I did that, but how do I know if it worked? I also DLed HJT b/c when I got a new computer 6 months ago it was lost. Should I run it & send you the code? I don't even remember how after all this time LOL Thanks Michelle[/QUOTE] …

In the future can you please copy & paste your logs rather then attaching them? Makes them much easier to work with :) Thanks. Download [b]Ewido Security Suite[/b] from here: [url="http://fileforum.betanews.com/detail/ewido_security_suite/1098736486/1"]http://fileforum.betanews.com/detail/ewido_security_suite/1098736486/1[/url] Install and update it, and then [u]close the program (don't scan yet)[/u]. Reboot into Safe Mode. Run a full …

Hi Erin, welcome to DaniWeb :D Please follow the recommendations and instructions in the three links below. When you get to the third one, after completing the basic HijackThis stuff (in the first post), go to post #4 and follow the instructions there. If you have questions about anything, feel …

Hi Freaky_dug, welcome to DaniWeb :) Please get the latest, self-extracting, version of HijackThis from here (in line 2): [url]http://www.malwareremoval.com/downloads.html[/url] Then [B]close any open browser windows[/B], 'Scan and Save Log' with HijackThis, and then copy and paste the log here.

I've split your post into it's own thread per forum rules ([url]http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_faq#faq_rules[/url]) Please follow the recommendations and instructions in the three links from my signature below. After you get the recommended updates and move HijackThis, please post a new log.

Scan with HijackThis and have it fix the following entries: R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url]http://search.qsrch.com/[/url] O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file) O3 - Toolbar: (no name) - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - (no file) O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: …

Hi Jsankiewicz, welcome to DaniWeb :D Please go to Windows Update and get SP1a for both XP and IE (don't get SP2 at this time). Then get the latest, self-extracting, version of HijackThis from here (in line 2): [url]http://www.malwareremoval.com/downloads.html[/url] Close any open browser windows, 'Scan and Save Log' with HijackThis, …

I'm afraid I can't help with the defense, just some advice. 1.) If you don't log in to the computer, how do you know no one else has access to it? You should set up so you [I]do[/I] have to log in. 2.) Stay away from wunderground.com; is checking the …

The easiest way to get to your ActiveX settings is to Open Internet Explorer, click on the Tools tab, click on Internet Options, click on the Security tab, and then click on the Custom Level button. You will see several options for different settings; go down the list and make …

Make sure that computer meets [B]all[/B] the system requirements for XP: [url]http://www.microsoft.com/windowsxp/pro/upgrading/sysreqs.mspx[/url] That's a pretty expensive CD to be writing on like that!

You can read what's said here about Matcli.exe, it's spyware, but without it some of your support may not be available (but you can always come here for help :) ) -- [url]http://www.hardavenue.com/startup/matcli.exe.php[/url] Scan with HJT and have it fix the following entry: O9 - Extra button: (no name) - …

[QUOTE=tracy433]I spoke to soon :mad: the same popups are back as soon as I finished my post I went to my favourite parenting site and bam first popup and now they have been popping up regulary .I have done an Ad-Aware SE scan which only had some cookies which i …

If you have XP, try an in-place upgrade (aka repair installation); instructions can be found here: [url]http://support.microsoft.com/default.aspx?scid=kb;en-us;315341&Product=winxp[/url]

Hi Shane, For future reference, if you don't get a reply to a post, you can 'bump' it to the top of the forum by simply making another post in the existing thread yourself rather then starting a new thread. Also, by looking through your past threads, it appears you …

Your log shows you have HijackThis in two locations ([B]C:\Documents and Settings\RAA\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe[/B] [U]and[/U] [B]C:\hijackthis\HijackThis.exe[/B]), you should remove the one in the Temp folder so you don't accidently use it. Scan with HijackThis and have it fix the following entries: O9 - Extra button: Related - …

Hi Phoenixm, welcome to DaniWeb :D I've split your post into it's own thread per forum rules ([url]http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_faq#faq_rules[/url]) Please follow the recommendations and instructions in the three links from my signature below. After you've done the Aurora fix, please post a new HJT log.

Hi Raksta, welcome to DaniWeb :D I've split your post into it's own thread per forum rules ([url]http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_faq#faq_rules[/url]) Please follow the recommendations and instructions in the three links in my signature below. After you've done the Aurora fix, please post a new HJT log.

Hi jillcwood, welcome to DaniWeb :D Please follow the suggestions in these threads (in sequence): [url]http://www.daniweb.com/techtalkforums/thread27519.html[/url] [url]http://www.daniweb.com/techtalkforums/thread27570.html[/url] [url]http://www.daniweb.com/techtalkforums/thread28196.html[/url] After you've completed the steps in post #1 of the Specific Fix thread, go to post #5 (first), and then post #2. Post a new HijackThis log when the suggested steps have …

Please follow the instructions found here: [url]http://www.bleepingcomputer.com/forums/How_to_remove_Antivirus_Gold_or_AVGold-t22397.html[/url] Get [B]CounterSpy[/B] from here and allow it to do a full system scan: [url]http://www.download.com/CounterSpy/3000-8022_4-10375153.html?tag=lst-0-1[/url] Go to Windows Update and get the Critical Updates for your system.

Please follow the suggestions in these threads (in sequence): [url]http://www.daniweb.com/techtalkforums/thread27519.html[/url] [url]http://www.daniweb.com/techtalkforums/thread27570.html[/url] [url]http://www.daniweb.com/techtalkforums/thread28196.html[/url] Post a new HijackThis log when the suggested steps have been completed. :)

Hi r_evans, welcome to DaniWeb :D I've split your post into it's own thread per the site rules: "[B]Every question or new thought should have its own thread[/B]. Replies to a previous post should be thread replies to that particular thread. [B]Do not piggyback threads by posting your question as …

Without more information, about all I can suggest is to review the 'pinned' threads at the top of this forum to see if there's anything you haven't tried yet.

I'll let DMR finish this up; I just have a couple of things to throw in here... There's some info on protecting your computer in this thread: [url]http://www.daniweb.com/techtalkforums/thread27519.html[/url] And see if this will help with that file you're trying to get rid of: Download, install, and update [b]CWShredder 2.15[/b] --http://www.intermute.com/products/cwshredder.html. …

If you saved a copy of the HijackThis log before you made any changes, please post it here along with the results of a current scan. Did you back up the Registry before making any changes to it?

Log on to her account, scan with hijackthis, and post the log please. I would also suggest removing [B]Viewpoint Manager[/B] (using Add/Remove Programs), and then go to C:\Program Files and delete the [B]Viewpoint[/B] folder.

Hi Brandon, welcome to DaniWeb :D Start with this: [url]http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyid=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en[/url] Reboot into Safe Mode. Then scan with HijackThis and have it fix the following entries: O2 - BHO: (no name) - {C003C49F-53E4-4A72-B7D6-0B2B9997392F} - (no file) O4 - HKLM\..\Run: [CY_BG] C:\WINDOWS\bp_bg.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 …

Hi Paul, welcome to DaniWeb :D Please follow the instructions in post #4 of this thread: [url]http://www.daniweb.com/techtalkforums/thread28196.html[/url]

Hi SilentK, welcome to DaniWeb :D Scan with HijackThis and have it fix the following entry: R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [url]http://www196.paypopup.com/links.ph...rame=false&bk=2[/url] Close any open windows, other then HijackThis, before hitting [B]Fix checked[/B]. Download, install, and update [B]Ewido [/B], but [U]don't[/U] scan with it yet: [url]http://www.download.com/Ewido-Security-Suite/3000-8022_4-10326287.html?tag=lst-0-1[/url] Reboot into Safe …