• Content Count

  • Joined

  • Last visited

Everything posted by Dan

  1. Please print these instructions out for use in Safe Mode. First, Please go Start --> Control Panel --> Add Remove Progams. Uninstall ISTSVC. Please download VundoFix.exe to your desktop. Double-click VundoFix.exe to extract the files This will create a VundoFix folder on your desktop. After the files are extracted, please reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter. Once in safe mode open the VundoFix folder and doubleclick on KillVun
  2. Can you post a log in regular mode please? Thanks, Danny
  3. Hi, Did you run those scans? If you did, please run Ewido: Please download ewido security suite it is a free version of the program. Install ewido security suite When installing, under "Additional Options" uncheck..Install background guard Install scan via context menu [*]Launch ewido, there should be an icon on your desktop, double-click it. [*]The program will now open to the main screen. [*]When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment. [*]You will need to update ewido to the latest definition files.
  4. Hi, I suggest you uninstall Blubster. This program contains spyware and adware. More info here: http://spywareinfo.com/articles/p2p/ Open HiajckThis and check the following items (If Present): R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\M
  5. Hi, Please download the updated version of HijackThis 1.99.1 http://www.besttechie.net/tools/HijackThis.exe Post a new log. Danny
  6. Hi, Click "Start --> Control Panel --> Add Remove Programs. Uninstall (If present): WinTools Media Access Open HijackThis, click the "Scan" button, and check the following items (If present): O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing) O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (file missing) O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WTools
  7. I'm looking forward to the changes here Danny
  8. Hi, Can you please turn off wordwrap? To do this: Open Notepad, and uncheck "Format -->Wordwrap". Post a new log. Danny
  9. Hey! I'll check it out later, since my school filters block it (Adult Content :x) Danny
  10. Hey Jeff, Are you sure that the directory is CHMOD'd correctly? Danny
  11. Cool TT Hopefully people'll abandon that place
  12. Just forget her then...just say "Have fun infecting your computer again " Danny
  13. Yes! Welcome back besttechie.net once again!!! Danny
  14. Hi, Boot into Safe Mode. Open up VundoFix, and follow the previous directions. Instead, please use these file names: C:\WINDOWS\system32\byvww.dll For the first file name ^^ C:\WINDOWS\system32\wwvyb.* For the 2nd file name. Please post back a new HijackThis log and a VundoFix log.\ Danny
  15. I second laxman I have it on my computer and it works wonderfuly (You need to download codecs for some tho) Danny
  16. Hi, I don't think you can. http://www.famatech.com/products/comparisons/ There it says the features of it. But you can run IE or an ftp program on there right? You could upload the files to a server, or email them to yourself...Kinda a pain tho. Danny
  17. Great suggestions...I would let her sue as well; not my money I'm wasting Danny
  18. Can you post a new HijackThis log, to see if there are any remaining items to fix? Thanks, Danny
  19. YAY!!! I'm so glad BT is back up Jeff, I know how much this site means to you, and I'm glad to have it back up Danny
  20. Hi, I belive they are just random baddies. This may happen from just being on an unprotected computer that is on the internet for a couple of hours. PlanDvd.exe is a random malware. If your firewall sees that an application is launching, etc, etc, say NO unless you know it's safe. Of course you can stay here! Feel free to post in Open Chat or whereever you want to! Danny
  21. Hi, Open HijackThis, and click the "Scan" button. Check the following items: R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file) O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - (no file) If you or your administrator did not put this restriction on Control Panel, also check this item. These restrictions can also be set by software like Spybot Search & Destroy, SpywareBlaster or another similar protection software: O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - H
  22. Hi, Sorry for the late reply. First, Download LSPFix.exe to a convenient location. Do NOT run this program. This is only to be used if you lose Internet Access after removing NewDotNet. To Get rid of NewDotNet, go to: Start > Control Panel > Add or Remove Programs and remove the following: New.Net Applications or New.Net Domains (anything that says New.Net) If it is not there, go here and follow Procedure 4: NewDotNet Removal Procedure 4. In the event that you lose Internet access after removing New.Net, please double-click LSPFix.exe that you downloaded earlier. You will see 2 panels