Tech Support Forum - View Single Post - Please help this poor soul!!!!!! HijackThis log for about:blank problem

~~Lobos~~ · 07-01-2004, 03:02 PM

I dont see what im looking for so do this and see if this works

Click here to down load CWShredder by Merijn Bellekom, the creator of Hijack This
If you have it already then make sure it is v1.59.1

Run it, press 'Fix', and allow it to fix all it finds.
And remember to click "Fix" (Not "Scan only")

--------------------------------------------------------------------------

Run hijack this put a check next to these close all browsers and hit fix

Make sure not to miss one
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\M.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\M.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\M.DLL/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\M.DLL/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\M.DLL/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\M.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.search-1.net/search.html

O2 - BHO: (no name) - {1E744131-FC8E-4C66-ABC4-D90BBB55C378} - C:\WINDOWS\M.DLL

O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/250d35fd1e5ed2...ip/RdxIE601.cab
O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\gcyrrufc.exe

-----------------------------------------------------------------------------------------------------------------------------------
To enable the viewing of Hidden files follow these steps:

How to see Hidden files and Folders

reboot into safe mode

How to boot into safe mode

delete

this file

C:\WINDOWS\M.DLL
---------------------------------------------------------------------------
Cwshredder
Run it, press 'Fix', and allow it to fix all it finds.
And remember to click "Fix" (Not "Scan only")

empty your recyle bin
reboot to normal

----------------------------------------------------------------
Set your homepage the way you want it

Click here to download AdAware 6 181

Run AdAware
Before you scan with AdAware, check for updates of the reference file 01R325 27.06.2004
by clicking Check for updates now, and following the prompts.

Now to set it up for optimum performance...

Make sure the following settings are configured. Remember that ON=GREEN.

From main window click Start | Activate in-depth scan.

Then click Use custom scanning options | Customize and have these options switched ON...

Scan within archives
Scan active processes
Scan registryDeep scan registry
Scan my IE Favourites for banned URLs
Scan my host-files

Then click the Settings button.. (the gear icon on the top row) then Tweak | Scanning engine and check..

Unload recognised processes during scanning.
Cleaning engine.
Let windows remove files in use at next reboot.

and uncheck..

Automatically try to unregister objects prior to deletion.

Then click Proceed, to save your settings.

Now click the Scan button.

When scan is finished, check the little box to the left of each entry to select them for removal, and get rid of them

Restart your computer

come back and post a fresh log and tell me how you computers running

Lobos

07-01-2004, 03:02 PM	#4 (permalink)
~~Lobos~~ Troubled Join Date: Apr 2004 Location: California Posts: 943 OS: Windows XP	I dont see what im looking for so do this and see if this works Click here to down load CWShredder by Merijn Bellekom, the creator of Hijack This If you have it already then make sure it is v1.59.1 Run it, press 'Fix', and allow it to fix all it finds. And remember to click "Fix" (Not "Scan only") -------------------------------------------------------------------------- Run hijack this put a check next to these close all browsers and hit fix Make sure not to miss one R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\M.DLL/sp.html (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\M.DLL/sp.html (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\M.DLL/sp.html (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\M.DLL/sp.html (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\M.DLL/sp.html (obfuscated) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\M.DLL/sp.html (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about :blank R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.search-1.net/search.html O2 - BHO: (no name) - {1E744131-FC8E-4C66-ABC4-D90BBB55C378} - C:\WINDOWS\M.DLL O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/250d35fd1e5ed2...ip/RdxIE601.cab O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\gcyrrufc.exe ----------------------------------------------------------------------------------------------------------------------------------- To enable the viewing of Hidden files follow these steps: How to see Hidden files and Folders reboot into safe mode How to boot into safe mode delete this file C:\WINDOWS\M.DLL --------------------------------------------------------------------------- Cwshredder Run it, press 'Fix', and allow it to fix all it finds. And remember to click "Fix" (Not "Scan only") empty your recyle bin reboot to normal ---------------------------------------------------------------- Set your homepage the way you want it Click here to download AdAware 6 181 Run AdAware Before you scan with AdAware, check for updates of the reference file 01R325 27.06.2004 by clicking Check for updates now, and following the prompts. Now to set it up for optimum performance... Make sure the following settings are configured. Remember that ON=GREEN. From main window click Start \| Activate in-depth scan. Then click Use custom scanning options \| Customize and have these options switched ON... Scan within archives Scan active processes Scan registryDeep scan registry Scan my IE Favourites for banned URLs Scan my host-files Then click the Settings button.. (the gear icon on the top row) then Tweak \| Scanning engine and check.. Unload recognised processes during scanning. Cleaning engine. Let windows remove files in use at next reboot. and uncheck.. Automatically try to unregister objects prior to deletion. Then click Proceed, to save your settings. Now click the Scan button. When scan is finished, check the little box to the left of each entry to select them for removal, and get rid of them Restart your computer come back and post a fresh log and tell me how you computers running Lobos