also @ TechSpot: More evidence of a 7-inch Asus / Google co-developed tablet surfaces

TechSpot
Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

Please Help IE hijacked HJT file attached

Discussion in 'Virus and Malware Removal' started by bmac33, Mar 14, 2007.

Thread Status:
Not open for further replies.

  1. bmac33 Newcomer, in training

    Please Help IE hijacked HJT file attached Spyware is redirecting links from search to other search engines, TIA!
    bmac33, Mar 14, 2007
    #1

  2. tomrca Newcomer, in training

    well bmac33. this is my first suspect which should be removed. but first,would you make sure that hijack this is not in a temp folder. secondly go to THIS LOCATION and follow the instructions, after which post a fresh hjt.
    tomrca, Mar 14, 2007
    #2

  3. howard_hopkinso Newcomer, in training

    Hello and welcome to Techspot.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Backgrounds/Constitution.htm

    O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.comcastsupport.com/sdcxuser/asp/tgctlsr.cab

    O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_0_0_9/PCAXSetupv2.0.0.9.cab?

    Click on the fix checked button.

    Close HJT and reboot your system.

    Other than the above, your HJT log is clean.

    However, it appears you`re running more than one firewall programme. This is not recommended and can cause serious conflicts. Uninstall one of your software firewall programmes.

    Then, let us know is you`re still having problems.

    Regards Howard :wave: :wave:

    This thread is for the use of bmac33 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Mar 14, 2007
    #3

  4. bmac33 Newcomer, in training

    Thanks Everyone looks like I got it! Logs attached

    Thanks Everyone looks like I got it! Logs attached. I would like to know what it was if someon could tell me.
    bmac33, Mar 15, 2007
    #4

  5. howard_hopkinso Newcomer, in training

    You still haven`t uninstalled one of your software firewall programmes. It is very important that you do so. Since you are running Symantec/Norton, I suggest you uninstall Zonealarm.

    The entries I advised you to fix are still there. Please do the following.

    Disable Ad-Aware Ad-Watch as it may be interfering with the fix.

    1. Right click on the Ad-Watch icon in the system tray.
    2. At the bottom of the screen there will be two checkable items called "Active" and "Automatic".

    Active: This will turn Ad-Watch On\Off without closing it
    Automatic: Suspicious activity will be blocked automatically

    3. Uncheck both of those boxes.


    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Backgrounds/Constitution.htm

    O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.comcastsupport.com/sdcxuser/asp/tgctlsr.cab

    O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activ...pv2.0.0.9.cab?

    Click on the fix checked button.

    Close HJT and reboot your system.

    Other than the above, your HJT log is clean. I`m not sure what was causing your problems.

    Regards Howard :)

    This thread is for the use of bmac33 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Mar 16, 2007
    #5

  6. bmac33 Newcomer, in training

    Firewall

    Howard,
    Thanks so much for your help!
    You mention turning off one the firewalls because I am using Norton. My version of Norton does not include a firewall. I believe that currently Windows firewall and Zone Alarm are running, should I turn of windows firewall, will that do it or do you suggest something else?
    And one other quick question about Zone Alarm. in the past it always showed its icon which shows traffic in the tray but now it does not. True vector does show to be running on startup. Unless I click on the program icon and start it the icon will not show in the tray. Also when I open the control panel the check box to "load Zone Alarm at startup" is not checked and will not stay checked after I restart my machine.
    Thanks again,
    Brad
    bmac33, Mar 16, 2007
    #6

  7. howard_hopkinso Newcomer, in training

    You shouldn`t have Windows and Zonealarm firewalls running at the same time. Perhaps that`s what`s causing the problem with Zonealarm. Are you absolutely sure your Symantec/Norton product doesn`t have a firewall? If you are, then uninstalling and reinstalling Zonealarm may well solve the problem. Zonealarm, normally disable the Windows firewall by default, in order to prevent conflicts.

    Regards Howard :)

    This thread is for the use of bmac33 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Mar 16, 2007
    #7
Thread Status:
Not open for further replies.