Begin2search problems / hjt log in safe mode

Status
Not open for further replies.
B

beaglescout

i followed the instructions in the sticky thread and appeared to have removed begin2search. however it still doesn't work like it did before (start page does not load on this computer even when it loads on other computers)

at first i tried to use firefox instead of ie but it says "connection refused when attempting to contact _______ (insert any site)" (still gives same error).

the HJT log from safe mode: (attached because i'm currently unable to post links)

thanks for any help you can give.
 
Hello and welcome to Techspot.

Let Hijackthis get rid of the following.

O2 - BHO: Xbrowse Class - {83DC91DB-7896-43E3-B34D-A7D043F16BB1} - C:\Documents and Settings\All Users\Application Data\RDSA\rdsa.dll

I`m not to sure about this one I`ve done a google search but found nothing!!

O4 - HKLM\..\Run: [hpmvsb] C:\WINDOWS\system32\hpmvsb.exe ????

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

I think that`s about it.

Regards Howard
santa2.gif
 
No point in throwing out innocent files:
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
if you still leave (some of) the baddies in!

In Safe Mode, Fix with HJT:
O2 - BHO: Xbrowse Class - {83DC91DB-7896-43E3-B34D-A7D043F16BB1} - C:\Documents and Settings\All Users\Application Data\RDSA\rdsa.dll
O2 - BHO: Xbrowse Class - {CE7EF827-47CC-48EB-B570-C367F1E1277E} - C:\Documents and Settings\All Users\Application Data\x1ff\x1ff.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [hpmvsb] C:\WINDOWS\system32\hpmvsb.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

Then reboot again in safe mode and find and delete:
c:\documents and settings\all users\application data\rdsa <--- FOLDER
c:\documents and settings\all users\application data\x1ff <--- FOLDER
 
Status
Not open for further replies.

Similar threads

Shawn Knight
Google fully discontinues cache links in Search
Replies
9
Views
524
Tinderbox
Tinderbox
midian182
Chrome incognito mode not so private: Google to settle in class-action lawsuit
Replies
10
Views
314
user556
U
T
TechSpot site loading slowly when logged in?
Replies
0
Views
1K
Theinsanegamer
T

Latest posts

Back