Brandon

Experts
  • Content count

    34
  • Joined

  • Last visited

About Brandon

  • Rank
    New Member

Contact Methods

  • MSN
    brandon@hijackthisaid.org
  • Website URL
    http://
  • ICQ
    0
  1. Welcome.
  2. Hi thanos000, Download AboutBuster 6.0 and unzip it to your desktop. Boot your machine into safe mode. Run AboutBuster 6.0 and select "Begin Removal". Make sure you click "Yes" to every message box that appears. Restart your computer and run AboutBuster one final time. ------------------------------- Include the following in your next post: AboutBuster Log A new Hijack This Log
  3. We have a couple of last steps to perform and then you're all set. First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion. Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View tab. Under the Hidden files and folders heading UNSELECT Show hidden files and folders. CHECK the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. Next, let's clean your restore points and set a new one: Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points) 1. Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. 2. Restart your computer. 3. Turn ON System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check Turn off System Restore. Click Apply, and then click OK. System Restore will now be active again. store points which are likely to be infected) Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs: SpywareBlaster to help prevent spyware from installing in the first place. SpywareGuard to catch and block spyware before it can execute. IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email. You should also have a good firewall. Here are 3 free ones available for personal use: Sygate Personal FirewallKerio Personal Firewall ZoneAlarm and a good antivirus (these are also free for personal use): AVG Anti-VirusAvast Home Edition It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit Microsoft Windows Update monthly. And to keep your system clean run these free malware scanners AdAware SE PersonalSpybot Search & Destroy weekly, and be aware of what emails you open and websites you visit. To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place? If you wish to submit a complaint about malware, please click on the following image:
  4. You can just delete SmitfraudFix folder on your desktop if you do not need it anymore. Are you having any more problems?
  5. Please open up up Hijack This and do a "Do a system scan only" and Check the following boxes: R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (file missing) O2 - BHO: Nothing - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - C:\WINDOWS\system32\hp100.tmp (file missing) Next close all other windows then hijack this and click FIX CHECKED then close hijack this. Please go HERE to run Panda's ActiveScan Once you are on the Panda site click the Scan your PC button A new window will open...click the Check Now button Enter your Country Enter your State/Province Enter your e-mail address and click send Select either Home User or Company Click the big Scan Now button If it wants to install an ActiveX component allow it It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) When download is complete, click on My Computer to start the scan When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report into your next post.
  6. Please post a new Hijack This Log for me. Is your homepage hijacked anymore?
  7. You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site. Next, please reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, a menu with options should appear; Select the first option, to run Windows in Safe Mode, then press "Enter". Choose your usual account. Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd Select option #2 - Clean by typing 2 and press "Enter" to delete infected files. You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection. The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter". The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply. The report can also be found at the root of the system drive, usually at C:\rapport.txt
  8. Please download SmitfraudFix (by S!Ri) Extract the content (a folder named SmitfraudFix) to your Desktop. Open the SmitfraudFix folder and double-click smitfraudfix.cmd Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present). Please copy/paste the content of that report into your next reply.
  9. OK Good Now please post a Hijack This Log for me to look at.
  10. Hi Dmin11, Im going to redirect to you a different places where you can choose from, because I cant seem to find your problem. Please visit one of these forums: http://asap.maddoktor2.com/
  11. Thats alright Your log is clean. I dont know how to "fix" that about:blank thing you are seeing but I will ask around and get back to you on that.
  12. How much RAM do you have? I am thinking Norton is the problem for the system slowdown. Please run one more online scan for me. Please do an online scan with Kaspersky WebScanner Click on Kaspersky Online Scanner You will be promted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make that the following are selected:Scan using the following Anti-Virus database: Extended (if available otherwise Standard) Scan Options: Scan Archives Scan Mail Bases [*]Click OK [*]Now under select a target to scan: Select My Computer [*]This will program will start and scan your system. [*]The scan will take a while so be patient and let it run. [*]Once the scan is complete it will display if your system has been infected. Now click on the Save as Text button: [*]Save the file to your desktop. [*]Copy and paste that information in your next post. Then please post the Kaspersky Online log and one more hijack this log.
  13. Please download Pocket Killbox. Save it to your desktop. Please double-click Killbox.exe to run it. Select: Delete on Reboot then Click on the All Files button. [*]Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy): C:\WINDOWS\smdat32m.sys C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll [*] Return to Killbox, go to the File menu, and choose Paste from Clipboard. [*]Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!). If your computer does not restart automatically, please restart it manually. If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again. Please open hijack this and scan. Check the following boxes: O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - Next close all other windows then hijack this and click FIX Checked then close hijack this. Post another hijack this log and tell me how things are going.
  14. Hi Dmin11, Please open hijack this and scan. Check the following boxes: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmredir.a....1&bm=ho_search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 Next close all other windows then hijack this and click FIX Checked then close hijack this. For your system slowdown: Please download ATF Cleaner by Atribune. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Main menu to close the program. For Technical Support, double-click the e-mail address located at the bottom of each menu. Can you post your panda log and ewido log and a new hijack this log?
  15. Hi daveyboy, Please download Hijack This from HERE Once done extract all the files into a new folder eg; C:\HJT . Open up Hijack this and select "Do a system scan and save a log file" from the menu. Then copy all the contents into this thread.