jwbirdsong

You may wish to print out a copy of these instructions to follow while you complete this procedure. Please save Hijack This in a permanent folder (i.e. C:\HJT). This ensures backups are saved and accessible. Help with unzipping files is HERE First of all, you will need to print out this post and/or save a copy as a text file in Notepad so that you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix Please download FixWareout from one of these sites: http://downloads.subratam.org/Fixwareout.exe http://www.bleepingcomputer.com/files/lonny/Fixwareo

Your HijackThis version is WAYYYY out dated. Please download HijackThis version 1.99.1 from HERE and make sure to unzip and to it's own, permanent folder. To run HijackThis click Scan and then Save log, Post the new log in a reply to this thread. I would be happy to take a look at it.

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

It's why were here!

Congratulations, your log is clean. First, let's clean your restore points and set a new one: Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected) 1. Turn off System Restore.On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. 2. Restart

Download Hoster from here: http://www.funkytoad.com/download/hoster.zip Unzip some where permant Help with unzipping files is HERE Run the program Press 'Restore Original Hosts' and press 'OK' Exit Program. Run the KASPERSKY ON-LINE one more time and post results along w/ a FINAL HijackThis log

You've got a bunch of poeple pulling for you in this race Bubba_Bob ...good luck

Log is looking great.. You should manually clear out the quarantine folder here ---> C:\Program Files\Yahoo!\YPSR\Quarantine\ Couple of quick questions though. O1 - Hosts: 207.68.172.246 msn.com O1 - Hosts: 207.68.172.246 msn.com O1 - Hosts: 207.68.172.246 msn.com O1 - Hosts: 207.68.172.246 msn.com O1 - Hosts: 207.68.172.246 msn.com The above indicates you have 5 duplicate lines in your hosts file..did YOU put them there...FWIW that is the correct IP for MS so the enries are OK I just wonder why there are 5. Other thing that may be of concern is O17 - HKLM\System\CCS\Services\Tcpip\..\{324

Looking really good!! First of all, you will need to print out this post and/or save a copy as a text file in Notepad; that way you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix Next, please enable viewing of hidden files as follows: 1) Go to My Computer, and click on the "Tools" menu 2) Click "Folder options" 3) Select the "View" tab 4) Make sure "Show hidden files and folders" is selected 5) Make sure "Hide extensions for known file types" is unchecked 6) Make sure "Hide protected operating system files (recommended)" is unchecked Please

Also when you go to post your replies and have Notepad open..click Format>click wordwrap once to toggle the setting.

First of all, you will need to print out this post and/or save a copy as a text file in Notepad so that you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix Please temporarily disable MSAS by doing the following: It may interfere with the fix. Open Microsoft AntiSpyware. Click on Options -> Settings. In the left pane, click on Real-time Protection. Under Startup Options uncheck Enable the Microsoft AntiSpyware Security Agents on startup (recommended). Under Real-time spyware threat protection uncheck Enable real-time spyware threat pro

Congratulations, your log is clean. First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion. * Click Start. * Open My Computer. * Select the Tools menu and click Folder Options. * Select the View tab. * Under the Hidden files and folders heading UNSELECT Show hidden files and folders. * CHECK the Hide protected operating system files (recommended) option. * Click Yes to confirm. * Click OK. Next, let's clean your restore points and set a new one: Reset a

Log look great except still a couple of services to kill.. Follow the procedure from the 1st post and stop then kill the following services. cvcworking setting (cvcWork) Windows Logon (winlog) Is the name to look for in the list and stop (1st part of fix) Then use cvcWork winlog as the name for HijackThis part spend a few hour browsing the web and come back let me know...If all is well I'll have some advise on how to stay clean.

Well just off the top I'd say you have a bad keyboard...you DO have some nasty Trojans/Spys so let's get you cleaned up, shall we? First of all, you will need to print out this post and/or save a copy as a text file in Notepad; that way you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix Click HERE to download Atri's ATF Cleaner (Atri'sTempFile)..Download to your desktop More info on this tool HERE Next, please enable viewing of hidden files as follows: 1) Go to My Computer, and click on the "Tools" menu 2) Click "Folder options" 3) Selec

First of all, you will need to print out this post and/or save a copy as a text file in Notepad so that you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix. First off please put HijackThis in it's own, permanent folder. It's needed for backups. Help with unzipping files is HERE Download AboutBuster 6.0: http://www.besttechie.net/tools/AboutBuster.zip http://www.malwarebytes.org/AboutBuster.zip Once downloaded, unzip it, and put the folder on your desktop Don't run it yet, well do it later in safe mode. You may have previously ran some of th

I'm starting to get mystified.....Please download Bobbi Flekman Registry Search from THIS page. Run it and paste into the TOP section. Leave all other boxes checked (default) click OK..post resulting log...Also Boot to Safemode and use same tool to search for . NOTE the last search MUST be done in safe mode.

Well the only thing that catches MY eye is and that's just because it's not very common. Do you use the Xerox Document Workcentre XE8x series?? Please click and download Silent Runners. * Save it to the desktop. *Double clicking the "Silent Runners" icon on your desktop to run it . *Now you will see a text file appear on the desktop - it is NOT done yet, so let it run (it won't appear to be doing anything!) * After you receive the "All Done!" prompt, double-click on the new text file on the desktop and copy/ paste it here. *NOTE* If you receive any warning message about scripts, please

After I went away and realised we were talking about FF...tg1911 has probably hit on it..you need the flash plugin in your plung in folder. Get it HERE make sure to get the FLASH player.

Check you setting in IE>Tools>Internet Options>Security(tab)> Internet(Globe). Too high of a setting will stop it from showing.... It's a flash page..Default setting at internet will let you see it but make sure to go back to a higher setting afterward to remain secure on the web. Disregard...I read your question the other way around...NOT seeing in IE......Well same principal should appy... I can see it fine in both too Matt