Skip to content
View in the app

A better way to browse. Learn more.

Tip.It Forum

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

coltm4carbine

Members
  • Joined

  • Last visited

Everything posted by coltm4carbine

  1. yup..you have vundo. try this first. It should work: Please download VundoFix[Caution: Executable File] to your desktop. [*:pm4nnopz]Double-click VundoFix[Caution: Executable File] to run it. [*:pm4nnopz]Put a check next to Run VundoFix as a task. [*:pm4nnopz]You will receive a message saying vundofix will close and re-open in a minute or less. Click OK [*:pm4nnopz]When VundoFix re-opens, click the Scan for Vundo button. [*:pm4nnopz]Once it's done scanning, click the Remove Vundo button. [*:pm4nnopz]You will receive a prompt asking if you want to remove the files, click YES [*:pm4nnopz]Once you click yes, your desktop will go blank as it starts removing Vundo. [*:pm4nnopz]When completed, it will prompt that it will shutdown your computer, click OK. [*:pm4nnopz]Turn your computer back on. [*:pm4nnopz]Please post the contents of C:\vundofix.txt and a new HiJackThis log.
  2. If you have downloaded winantivirus that means you have vundo. Don't download it. Rename Hijackthis[Caution: Executable File] to something like Scan[Caution: Executable File]. Then post another HJT log.
  3. svchost is usually legit. in windows operating systems...but it does depend on it's location. On here you have to change the ".e3e (CAUTION - executable file)" to "[Caution: Executable File]"... Update and run your antivirus and see if it picks anything up to be sure. Edit: damn someone got there before me..
  4. about the plug ins.. which browser are you using?
  5. err..a sidenote: I think you got the latest version of vundo.[no BHOs and very few o20s...] not smitfraud. [lol lucky you..i've been trying to find this latest version since i knew about it] edit: Do this for vundo first, to make sure it aint that.. Please download VundoFix[Caution: Executable File] to your desktop. [*:2ji55t5o]Double-click VundoFix[Caution: Executable File] to run it. [*:2ji55t5o]Put a check next to Run VundoFix as a task. [*:2ji55t5o]You will receive a message saying vundofix will close and re-open in a minute or less. Click OK [*:2ji55t5o]When VundoFix re-opens, click the Scan for Vundo button. [*:2ji55t5o]Once it's done scanning, click the Remove Vundo button. [*:2ji55t5o]You will receive a prompt asking if you want to remove the files, click YES [*:2ji55t5o]Once you click yes, your desktop will go blank as it starts removing Vundo. [*:2ji55t5o]When completed, it will prompt that it will shutdown your computer, click OK. [*:2ji55t5o]Turn your computer back on. [*:2ji55t5o]Please post the contents of C:\vundofix.txt and a new HiJackThis log.
  6. So am I...infact I am using Vista 5472 to post this reply right now... Yes my 5472 is legit and yes i can post a SS of my connect account to show all the other betas i am in
  7. erm are those pop-ups from winantivirus pro 2006 or something like that? if it is it's the new smitfraud varient. I don't know why it appears randomly but you usually get pop-ups like those when you visit rapidshare without a pop-up blocker.. Just a few weeks ago, before i secured my laptop, i intentially got myself with as much junk as my laptop can handle... If you want a ready made set of hosts files you can find a pretty good one here: http://www.mvps.org/winhelp2002/hosts.htm That one blocked out all the Ads plus all the other things on my desktop.
  8. Sorry I misunderstood you, I thought you was talking about the overall rating [The part where it says: Your computer has an overall Windows System Preformance Rating of ....]
  9. Who said the performance rating was out of 10? I am not 100% sure about BETA 2 CTP but on my builds of Vista [5365 and 5456 both interim] the best you can get was 5. 1 is the worst and 5 is the best.
  10. hint for anyone: Spyfalcon= spysheriff,spywarequake, virtual maid, antivirus gold etc... [a variant smitfraud in other words] nvm you tried spybot. Do an online antivirus scan with panda activescan...that should help a bit. If that doesn't kill it then there is always the original way...
  11. you might want to read about it from microsoft's website here:http://www.microsoft.com/technet/security/advisory/904420.mspx link to ms virus info library. http://www.microsoft.com/security/encyclopedia/details.aspx?Name=Win32/Mywife.E@mm quotes from M$ library. (the info might change over time) IMHO quite destructive if you have any important files (homeworks, reports, financial reports whatever). If you update your antivirus then i think you'll be fine for the time being. Also seriously be careful with dodgy attachments and emails. Just a little warning for those of you who have important things inside your pc. edit: typo and added link.
  12. personally i don't think it's junk and i deffinitely don't think it's spyware itself. yes most free things are junk but some are clean. If people actually stopped using limewire, kazaa and the other infected p2p programs to get cracked versions of programs (i have seen someone get a cracked version of spysweeper before so it is possible). Trend micro anti-virus= good Spyware=bad. The reason? it gave me a lot f/p the last time i scanned it (as soon as i saw this thread like an hour ago). something that supprised me was that Norton, ad-aware, MSAS,spybot, ewido, panda online scan all didn't detect it. They detected nothing...either it's another one of trend's f/p (again? last time it said i had CWS and deleted my search bar) or is it because all those programs are rubbish? I think it's a f/p but thats my opinion- you make your choice (maybe I am infected...) edit: F/P= false positive. The thing it detected was 2 keyloggers.
  13. well, you can download a free anti virus like avg or do a online scan an see ehat they find. the antivirus should pick up a keylogger(if u have one). Make sure u update ur definition files before scannning.
  14. but don't forget to read the replies from the experts...yes it is legit and it is also a reputable scanner.
  15. ok, as for the about blank it is the sp.html variant. i did post a fix for it but most of the links got censored out. I think of something else...
  16. edit: don't do this fix yet- most of the links don't work...there is only one exe (cws shredder) so i donno about the others. thanks mercifull for reminding me. edit: ok do this for now. search for microsoft antispyware, ad-aware and spybot search and destroy. download and install them update them scan and remove everything they find.
  17. I just want to give someone else a chance with logs thats all. I mean loads of other people know what they are doing with hjt (like you for a start). good point, i think i change me sig now. well i wait for a while to see if anyone will take this log. if noone takes it then i finish it off.
  18. ok least it's gone now. yes please post a new hjt log and then someone should take over it. if noone does after 2 days then i do it myself.
  19. oh i forgot to add on my last post print it off. well after i fix this up i got another canned to use (sp.html) you can fix these if you want (if your that desperate, but it won't solve your desktop hijack problem)(also i will need to see a new log later so it will show up new entries): R3 - Default URLSearchHook is missing most of the other bad entries require special removal tools - your computer has been quite badly affected... have you been visiting dodgy websites?
  20. i start you off by giving you smitrem Download smitRem[Caution: ExecutableFile] and save the file to your desktop. (if the link doesn't work then google up smirem) Double click on the file to extract it to it's own folder on the desktop. Place a shortcut to Panda ActiveScan on your desktop. Please download the trial version of Ewido Security Suite here: http://www.ewido.net/en/download/ Install it, and update the definitions to the newest files. Do NOT run a scan yet. Next, please reboot your computer in SafeMode by doing the following: [*:25y4aaf7]Restart your computer [*:25y4aaf7]After hearing your computer beep once during startup, but before the Windows icon appears, press F8. [*:25y4aaf7]Instead of Windows loading as normal, a menu should appear [*:25y4aaf7]Select the first option, to run Windows in Safe Mode.Now scan with HJT and place a checkmark next to each of the following items and click FIX CHECKED: Close HiJackThis. Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen. Wait for the tool to complete and disk cleanup to finish. The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply. Open Ad-aware and do a full scan. Remove all it finds. Run Ewido: [*:25y4aaf7]Click on scanner [*:25y4aaf7]Click on Complete System Scan and the scan will begin. [*:25y4aaf7]NOTE: During some scans with ewido it is finding cases of false positives. [*:25y4aaf7]You will need to step through the process of cleaning files one-by-one. [*:25y4aaf7]If ewido detects a file you KNOW to be legitimate, select none as the action. [*:25y4aaf7]DO NOT select "Perform action on all infections" [*:25y4aaf7]If you are unsure of any entry found select none for now. [*:25y4aaf7]When the scan is finished, click the Save report button at the bottom of the screen. [*:25y4aaf7]Save the report to your desktopClose Ewido Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck "Security Info" if present. Reboot back into Windows and click the Panda ActiveScan shortcut. - Once you are on the Panda site click the Scan your PC button - A new window will open...click the Check Now button - Enter your Country - Enter your State/Province - Enter your e-mail address and click send - Select either Home User or Company - Click the big Scan Now button - If it wants to install an ActiveX component allow it - It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) - When download is complete, click on Local Disks to start the scan - When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the Panda scan report, along with a new HijackThis Log, the contents of smitfiles.txt and the Ewido Log by using Add Reply. that should get rid of smitfraud and it's variants.
  21. yeh i can tell just needed to confirm; your desktop has been hijacked. google up a toold called Smitrem made by noahdfear. download and save it to your desktop. Close all other programs and windows. Double click smitrem[Caution: ExecutableFile], then click Start to extract the tool to it's own folder. Open the Smitrem folder and double click the runthis.bat to start the tool. At one point when the tool runs, your taskbar will dissappear, and your computer will restart when the tool completes. A text file will be created in the Smitrem folder. Post the contents of that log please. have you moved HJT out of the temp?
  22. no need to be ashamed, hardly anyone knows what it is (even adults). It's basically a program made by a dutch person named merjin (merlin in english). Please move HJT into somewhere else. ============================================= Create a folder on the C: drive called C:\HJT. You can do this by going to My Computer (Windows key+e) then double click on C: then right click and select New then Folder and name it hjt Move HJT into this new folder please, This is important so please do this prior to anything else please ok before you fix the o2 line, has your desktop wallpaper been changed? are you getting fake windowsupdate messages (telling you to download spyaxe,spyware sticker, pcgaurd etc? if you have post back, and if you don't still post back.
  23. has your friend ran the basic stuff (ad-aware, spybot etc)? as for the 2 entries they are part of the ZenoSearch adware.
  24. if u mean the patch then run windows update. if you want the virus then it's not hard to get it.

Important Information

By using this site, you agree to our Terms of Use.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.