Member Panel

Oender · 10:32 PM

Hello all, this is my first post in the forum; I hope the gurus and experts can save my computer! My work is now like a hell. :computer_

failures:

 Very slow connection speed
 Tons of browser pop up windows opens also when browser is closed
 Browser affected: IE, Opera and firefox.
 &nbsp

efault browser: Oepra 8.51
 Transparent shape banners appear on my screen (flash banners)
 Meesenger goes offline constantly.
 Banner, banner and more banners.

Please help me to delete the necessary entries on my HJT log!

merlin

Hello Oender and Welcome To PCHF

Could you please go to prework in my signature and follow the directions there and we will get ya cleaned up as fast as we can!!

joe5

Can you also download and run Stinger and Vcleaner , see below for links.
Also try an online AV scan.

Oender

Originally Posted by merlin

Hello Oender and Welcome To PCHF

Could you please go to prework in my signature and follow the directions there and we will get ya cleaned up as fast as we can!!

Dear Merlin.-

I did all the steeps that you tell me, but de adware still remain!

some samples

[IMG]

[/IMG]

I also uplodad myHJT log again!

Hope can help me again!

Oender

ladygreenwitch

Silly Oender,

That's because we haven't started the fix yet.

OK, let me take a look at your logs, and I will be right back.

TTFN

LGW

ladygreenwitch

:smiley: Hi Oender,

OK, here is some information about one of the worms you are infected with, I include it because it may prove useful in your protecting yourself in the future, as it appears that you do a pretty good job of protecting your PC.

http://www.sophos.com/pressoffice/ne...a_priston.html

OK, Please do the following. Download Counter Spy and RegSupremePro, and Housecall, from my signature.

Please use the CCleaner again, double check that you have System Restore disabled, and all files and folders are showing.

Install and run Housecall, let it fix all that it finds.

Next install and run Counter Spy, also, let it fix all that it finds.

Please do a system search and delete any reference to "Look2me"

Please run HijackThis again, and fix the following, if they are still present. Afterward delet the files/folders in bold.

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - (no file)
O4 - HKCU\..\Run: [Nllo] C:\WINDOWS\System32\??oolsv.exe
O20 - Winlogon Notify: RunServices - C:\WINDOWS\system32\n66q0gj5e6o.dll (file missing)
O20 - Winlogon Notify: WebCheck - C:\WINDOWS\system32\strialui.dll

Now run CCleaner again. Next, install RegSupremePro, it will want to make a backup to your cache, let it. Once it has finished, click on the Registry Cleaner tab, select Aggressive, let it run. When it is done, click on Select, choose All. Click on Fix and let it fix all that it finds.

Reboot your PC, now run a new ewido scan, and a new HJT scan and post their logs back here.

Look forward to your reply,

TTFN

LGW

Oender

Originally Posted by ladygreenwitch

Silly Oender,

That's because we haven't started the fix yet.

OK, let me take a look at your logs, and I will be right back.

TTFN

LGW

Hello again

:huh: I get some extra interesting info! I ended the ADSL connection in the moment when the browser was trying to retrieve a new banner. A error screen appears with the base domain www.ad-a-w-a-r-e.com <-- this domain then redirects to the banner server. Another tip: all the URL?s of banner have a little F1 flag icon, all the same.

eoc.

Oender
Mexico City

Member Panel

Sponsors and Ads

Join the Team

Live Tag Cloud