Jump to content

jatt7846

Members
  • Content Count

    81
  • Joined

  • Last visited

About jatt7846

  • Rank
    Member

Previous Fields

  • System Specifications:
    HP 750n PC
  1. Hi, still seeking help!!!!!!!!!!!!!!!!!!!!!!!!!! :help:
  2. Someone please help, the pop ups are totally out of control. Thanks.
  3. Here is the log from Panda Activescan Incident Status Location Adware:adware/securityerror No disinfected C:\Documents and Settings\All Users\Start Menu\Online Security Center.url
  4. Hi, here is the SMITFILES log smitRem log file version 2.7 by noahdfear The current date is: Sat 10/15/2005 The current time is: 23:40:14.25 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ checking for ShudderLTD key ShudderLTD key present! Running LTDFix/PSGuard.com fix! checking for PSGuard.com key PSGuard.com key not present! ShudderLTD key was successfully removed! if previously present, PSGuard.com key was successfully removed! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Existing Pre-ru
  5. Here is the rest of the Ewido scan report. Data\Mozilla\Profiles\default\6s5i5rw9.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.106:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\6s5i5rw9.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\6s5i5rw9.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\6s5i5rw9.slt\cook
  6. Hi, I did run Adware and also Ewido scan whose log is posted below. Please let me know what else can I do. Thanks. --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 11:19:11 PM, 10/15/2005 + Report-Checksum: 58125382 + Scan result: HKLM\SOFTWARE\AutoLoader -> Spyware.AproposMedia : Cleaned with backup HKLM\SOFTWARE\Classes\a.a\CLSID\\ -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{145E6FB1-1256-44ed-A336-8B
  7. Hi, Can someone please take a look at my HJT log and tell me any fixes that I can do solve the problem. There is also a warning message on the desktop as a background image that I am not able to get rid of. Thanks. Logfile of HijackThis v1.99.1 Scan saved at 5:37:29 PM, on 10/15/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.
  8. I am sorry I lost you here on the last step. Once I save these 2 files 1) Winkey.reg (Save as type: regedit4 .reg type) 2) Winkey.hiv (Save as type: Scroll to select-regetd32/WinAPI *hiv *dat files) What do I do next? Also after "Copy and paste the bold text below into the address bar of Registrar Lite:(this is making a Registry backup for safety in case of error) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ I had to click on GO in order to File> Export and and save as. Hopefully that is what I had to do.
  9. Here is the new HJT log. Logfile of HijackThis v1.99.1 Scan saved at 7:15:56 AM, on 7/31/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C
  10. Jacee, I was out of town and should have posted that here. Anyways here are the Panda scan and smit file. Will post HJT log in the next reply. I am still getting the "Installing" when computer reboots. Thanks. Incident Status Location Adware:adware/superspider No disinfected
  11. Again after the reboot the Windows Installer window came up saying "Preparing to Install.......". A few seconds later the Norton Antivirus Window came up with this message "Norton Antivirus 2005 does not support the Repair feature, please uinstall and reinstall." I don't know what it is trying to install?????? I did say YES to the Winpatrol message and here is the new HJT log Logfile of HijackThis v1.99.1 Scan saved at 11:10:58 PM, on 7/25/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\sm
  12. Jacee, I apologise for not being precise in my response. I am not getting the following messages "IE can not find the Active Desktop HTML file. The file is needed for Active Desktop" Norton Antivirus is telling me that I have Bloodhound Virus on my computer but it can not fix. The wallpaper on my computer has a warning message printed on it that the computer has spyware and adware on it. Everytime I reboot WinPatrol asks me if I wish to change my homepage to "******". If you want to keep your homepage as espn.com than click NO. I have been saying NO evertime I reboot.
  13. Jacee, here it is. "Silent Runners.vbs", revision 39, http://www.silentrunners.org/ Operating System: Windows XP Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "Mozilla Quick Launch" = ""C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo" ["Mozilla, Netscape"] "MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "Recguard" = "C:\WINDOWS\SMINST\REC
  14. Here are the new logs but rebooting brings that item back. Logfile of HijackThis v1.99.1 Scan saved at 7:14:47 AM, on 7/25/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Progr
  15. Thanks for all your help so far. Here is the new HJT log and the smitfiles.txt file follows but I am not able to get rid of the following. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=31631 Logfile of HijackThis v1.99.1 Scan saved at 9:38:29 PM, on 7/24/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svcho
×
×
  • Create New...