Scan your PC for Errors

Member Panel

Remember me ?

Forgot password?   

Join the PC Help Forum Team

Join PC Help Forum on Facebook

Join the PCHF Distributed Computing Teams

Try the NEW PC Help Forum Dark style

Link to PCHF from other parts of the Internet
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Resolved] my start page is blank even if i change it. help!

[Fixed] Hijackthis! Logs - [Resolved] my start page is blank even if i change it. help! posted in the Security & Safety forums; :computer_ Logfile of HijackThis v1.99.1 Scan saved at 3:08:18 PM, on 10/30/2005...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 10-30-2005
New Poster
  
Join Date: Oct 2005
Posts: 1
justin geiger - See this Members User comments on their Profile page
Default [Resolved] my start page is blank even if i change it. help!
:computer_

Logfile of HijackThis v1.99.1
Scan saved at 3:08:18 PM, on 10/30/2005
Attached Files
File Type: txt log.txt (7.8 KB, 3 views)


Last edited by Hengis; 10-30-2005 at 10:34 PM.
  #2  
Old 10-31-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Welcome to PCHF Justin , you have quite a bunch of nasty's on there but we'll get rid of them.



Before using HijackThis Please Do the Following:



Show hidden files and folders:

For XP:
  1. On the Tools menu in Windows Explorer, click Folder Options.
  2. Click the View tab.
  3. Under Hidden files and folders, click Show hidden files and folders.
  4. If you see a warning message, click Yes.
  5. Click Apply.
  6. Click OK.


Disable System Restore to prevent re-infection.
(If you have/use it. You can turn it back on when youre PC is clean).

How to disable system restore:

WinXP.
  1. Click the Start button.
  2. Right-click My Computer, and then click Properties.
  3. On the System Restore tab, check Turn off System Restore or Turn off System Restore on all drives.

First of all I need you to download some programs for use later.

Download this file and unzip it to your desktop

Download about:Buster from here. Once it is downloaded extract it to c:\aboutbuster and check for updates. Do NOT use it yet

Download CWShredder from here, install it, check for updates but again, don't use it yet.

Download and install Ewido Security Suite Trial from here.

Download the Hoster from here. Press "Restore Original Hosts" and press "OK". Exit Program. This will restore the original Hosts file.

And download CCleaner



Then go to "add and remove programs" and uninstall "AdwareAlert" there.


Reboot your computer into Safe Mode by tapping F8 while booting up and continue for the rest of the fix in SAFE MODE

While in safe mode, double click on the HSfix.reg file you downloaded at the beginning. Grant it permission to add the registry items.

Then Open cwshredder that you downloaded in the first step. Close all browser windows and click on the fix/next button.

And then fix these with hjt:
(if still present)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\tasrc.dll/sp.html#12047
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\tasrc.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\tasrc.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\tasrc.dll/sp.html#12047
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [atltk32.exe] C:\WINDOWS\atltk32.exe
O4 - HKLM\..\Run: [atljq32.exe] C:\WINDOWS\system32\atljq32.exe
O4 - HKLM\..\Run: [mfcro32.exe] C:\WINDOWS\system32\mfcro32.exe
O4 - HKLM\..\Run: [atlds.exe] C:\WINDOWS\atlds.exe
O4 - HKLM\..\Run: [javaac.exe] C:\WINDOWS\system32\javaac.exe
O4 - HKLM\..\Run: [sdkqf32.exe] C:\WINDOWS\system32\sdkqf32.exe
O4 - HKLM\..\Run: [sysre32.exe] C:\WINDOWS\sysre32.exe
O4 - HKLM\..\Run: [apiyf32.exe] C:\WINDOWS\system32\apiyf32.exe
O4 - HKLM\..\Run: [apprj32.exe] C:\WINDOWS\system32\apprj32.exe
O4 - HKLM\..\Run: [sdkev.exe] C:\WINDOWS\system32\sdkev.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
Then delete the files in bold and run Ccleaner.


Now navigate to the c:\aboutbuster directory and double-click on AboutBuster.exe. Click Begin Removal to allow AboutBuster to scan. When it has finished, AboutBuster will open a 'Scan Completed' window. Click OK. Another information window will open. Click on Exit. AboutBuster will inform you that a log has been created. Click OK. I will need you to post that log later.


Reboot and and run Ewido:

  • Install Ewido Security Suite.
  • When installing, under Additional Options uncheck Install background guard and Install scan via context menu
  • Launch Ewido, there should be a big "E" icon on your desktop, double-click it.
  • The program will prompt you to update click the "OK" button
  • The program will now go to the main screen
  • You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
  • The update will start and a progress bar will show the updates being installed.*
  • After the updates are installed, exit ewido.
Once the updates are installed do the following:
  • If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.
  • Reboot into Safe Mode, restart your computer, tap the F8* key. Use your up arrow key to highlight Safe Mode, then hit enter.
Close all open windows/programs/folders and then run Ewido.* Have nothing else open while ewido performs its scan!
  • Click on Scanner , Settings
  • Under "How to scan" all boxes should be selected
  • Under "Possibly unwanted software" all boxes should be selected
  • Under "What to scan" select scan every file
  • Click OK, Complete system scan
  • Let the program scan the machine
  • If ewido finds anything, it will pop up a notification.*
NOTE:* We have been finding some cases of false positives with the new version of Ewido, so you need to step through the fixes one-by-one.* If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged.* In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action.*

DO NOT check "Perform action with all infections."* If you are unsure of an entry, select "none" for the time being.* We will see that in the log when you post it later and let you know if ewido needs to be run again.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report.

Click Save report. Save the report to your desktop, exit ewido


Note:

If during your scan Ewido "crashes" or "hangs", please try scanning again. Before running the scan, click on 'Scanner' (the 3rd bar from the top on the left) and Choose 'Settings'. Uncheck 'Scan in NTFS Alternate Data Streams' as this can cause problems in overly infected systems. Click 'OK' and run a new scan.


And i see that you have 2 AV's running , that will cause conflicts with one and the other and do more harm then good. You really should remove one of them.

Also it is a good idea to go to winupdate and get fully updated to prevemt problems like this.


Now please post a new hjt log , the Ewido log and the aboutbuster log.


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!

Bookmarks

« [Fixed] any1 with any knowledge on how to stop so many programs running | [FIXED] HiJackThis! Log »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Resolved] hijacked start page, popups, icons mmckeown100 [Fixed] Hijackthis! Logs 4 12-04-2005 02:30 AM
[Resolved] No Icons, No Start button on Desktop bucket4us [Fixed] Hijackthis! Logs 3 10-25-2005 12:42 AM
[Answered] PLEASE HELP - CHAPTER AND PAGE NUMBERS netti IT News 8 08-08-2005 07:47 AM
[FIXED] Hijacked Home Page! dspade [Fixed] Hijackthis! Logs 6 07-23-2005 02:47 PM
Keyboard shortcut heaven. joe5 Windows Tutorials 4 07-11-2005 10:27 PM

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 05:54 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top