Tech Support Forum - View Single Post

palguy · 03-01-2005, 04:11 AM

Hello simplejonny,

It appears you have a stubborn one here. Let's try this.

Download FixAgent and unzip it. Run FixAgent.exe. It should fix something. If nothing is fixed, skip to the next step for the HijackThis fixes. If something is found, also download home_missing_114 and unzip it. Run the Home winkey missing batch file. Remember: ONLY run home_missing_114 if FixAgent found something.

Run HijackThis and fix the following entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\se.dll/sp.html
O2 - BHO: (no name) - {DF6FB898-7EC1-44DF-969D-03B16D8F2ECC} - C:\winnt\System32\lebhmi.dll
O18 - Filter: text/html - {36F3D2B0-9C3B-44FC-A1C5-881B42CFE1B7} - C:\winnt\System32\lebhmi.dll
O18 - Filter: text/plain - {36F3D2B0-9C3B-44FC-A1C5-881B42CFE1B7} - C:\winnt\System32\lebhmi.dll

Delete this file:

C:\winnt\System32\lebhmi.dll

Download StartDreck

Unzip to its own folder and start the program:
Press 'Config'
Press 'mark all'

Uncheck the following boxes only:
System/Running Process -> List Modules
System/Drivers -> NT Services
System/Drivers -> NT Kernel- and FS-drivers
Press 'OK'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Post the log in this thread.

Right click on this link and choose Save As. Save it somewhere. Now run that program and do a search for these (search and save them separately):

HOSFS.SAM
SUCHOST.EXE

Save the file and post the contents in the forum.

Run a new HijackThis scan, save it, post a copy of it along with the above requested information.

03-01-2005, 04:11 AM	#12 (permalink)
palguy Registered User Join Date: Nov 2004 Posts: 369 OS: xp	Hello simplejonny, It appears you have a stubborn one here. Let's try this. Download FixAgent and unzip it. Run FixAgent.exe. It should fix something. If nothing is fixed, skip to the next step for the HijackThis fixes. If something is found, also download home_missing_114 and unzip it. Run the Home winkey missing batch file. Remember: ONLY run home_missing_114 if FixAgent found something. Run HijackThis and fix the following entries: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\se.dll/sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\se.dll/sp.html O2 - BHO: (no name) - {DF6FB898-7EC1-44DF-969D-03B16D8F2ECC} - C:\winnt\System32\lebhmi.dll O18 - Filter: text/html - {36F3D2B0-9C3B-44FC-A1C5-881B42CFE1B7} - C:\winnt\System32\lebhmi.dll O18 - Filter: text/plain - {36F3D2B0-9C3B-44FC-A1C5-881B42CFE1B7} - C:\winnt\System32\lebhmi.dll Delete this file: C:\winnt\System32\lebhmi.dll Download StartDreck Unzip to its own folder and start the program: Press 'Config' Press 'mark all' Uncheck the following boxes only: System/Running Process -> List Modules System/Drivers -> NT Services System/Drivers -> NT Kernel- and FS-drivers Press 'OK' Press 'Save' and select the location to save the log file (default is the same folder as the application) Post the log in this thread. Right click on this link and choose Save As. Save it somewhere. Now run that program and do a search for these (search and save them separately): HOSFS.SAM SUCHOST.EXE Save the file and post the contents in the forum. Run a new HijackThis scan, save it, post a copy of it along with the above requested information.