1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Search Bar!

By grimesy69
Apr 8, 2005
  1. iam now using firefox after failing to get rid of my tool bar in I.E, even after following all of real black stuffs instructions. i have stopped using I.E so i now longer see the toolbar but its still on my system. i have attatched my hijackthis log file. here is the link to a previous thread about my toolbar https://www.techspot.com/vb/topic24055.html
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    C:\Documents and Settings\Dan Grimes\Desktop\hijackthis\HijackThis.exe
    For the umpteenth time, MOVE Hijackthis to its own folder, NOT on the Desktop!!!!!

    As I am not familiar with ColdFusion, I did not check any of its components, I'm assuming they are 'safe'.

    Boot in Safe Mode.
    Switch System restore OFF.
    Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:

    iexplore.exe (maybe 2 or more times)
    Copy Knob.exe

    UNinstall, if you can, anything to do with:
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\DOCUME~1\DANGRI~1\APPLIC~1\FilmWipe\Copy Knob.exe
    This searchbar: C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll (you can always reinstall if you trust it, I wouldn't!)

    Next, run a HJT scan and place a tick-mark in the box before these lines (if still there):
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.pkwumioococgefhbafszvszv...BjAuPG8wRn9tEZYKccVCv_AvTW/ucrkaUyYE4zutF.htm
    O2 - BHO: (no name) - {4C0277F9-A0B6-BBC9-F341-A8738A9B76EE} - C:\DOCUME~1\DANGRI~1\APPLIC~1\FilmWipe\Copy Knob.exe
    O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [Keep Cdrom] C:\DOCUME~1\DANGRI~1\APPLIC~1\anteheck\Objuser.exe
    O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
    Unless this O17 is YOUR ISP, fix it:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BAB8B84A-2B48-409C-882C-E25214CD6548}: NameServer =
    O23 - Service: NetServer - Unknown owner - C:\WINDOWS\system32\Netserver.exe" -service (file missing)

    You need to decide if you want to fix this. The (file missing) indicates some error. HJT can 'fix' it, but I don't know the consequence.
    O23 - Service: ColdFusion Management Repository Server (ColdFusion Management Repository) - Unknown owner - C:\CFusion\jrun\bin\jrun.exe" -jrundir "C:\CFusion\jrun" -nt "ColdFusion Management Repository" "cfam (file missing)

    When done, delete the highlighted bold files. When a directory-name is bold, delete everything in it, including that directory itself.
    Also delete these files (should be in the same directory as C:\WINDOWS\system32\netserver.exe):

    Boot normal. When all OK, switch System Restore back on.
  3. grimesy69

    grimesy69 TS Rookie Topic Starter Posts: 52

    search bar

    thankyou realblack stuff my toolbar has now gone thanks for all your help

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...