makemesearch internet explorer hijack!

Hi. This is my first post on a forum site.

I've been hijacked! I am running Windows 2000. Troubles started 2 weeks ago. First my homepage was hijacked with a "www.makemesearch.com" webpage. Then my Norton SystemWorks 2004 stopped working. It kept on turning off on it's own...including the antivirus! I uninstalled it and re-installed it but it doesn't work, unless in safe mode. I also had a whole bunch of pop-ups and favorites added to my computer. I've tried everything. I have gone through all the steps provided on your website including all the virus checks and spyware checks. Spybot keeps detecting DSOEXploit but can't get rid of it. I have a HJT log and can post it if you want. Is there any hope here?? THanks for your help.

rebellor

 

Hi.

Here's the Hijack Log. I managed to get rid of the makemesearch hijack by deleting it in "Add/Remove Programs". However, I now have a blue pop-up toolbar at the bottom of my computer screen that I had gotten rid of before but it has re-appeared. Here's my HJT lock. Thanks again. Much appreciated.

Rebellor

 

Hi.

I think things are working O.K.. THe blue pop-up bar at the bottom is gone. The pop-ups have stopped (at least for now). The home page is staying at what I've set it at. THings look great!!! Thank you so much. I've attached the HJT log since making the changes you suggested. Any thing else I should do (other than what's posted on the website??)

rebellor

 

Hi.

This line wouldn't go away.

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.qnucmzbaqc.net/LPPy/dnBA...blc_wAike6.html

I tried to fix it with HJT. Everytime I scanned with HJT the web address would change and it when I asked it to fix it and re-scanned a new line would be there

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http:// but witha different www address. I don't know what to do about it.


Also I didn't know what this was:

O4 - HKLM\..\Run: [drivepile] C:\PROGRA~1\BROWSE~1\DeleteFlawLicense.exe

and I told HJT to delete it. I guess it didn't work.

What should I do now?

Also, my main original problem was that my Norton SYstemWorks 2004 stopped working with all this. With all the on-line virus checks and spyware checkers, I did find some worms and deleted them. I tried re-installing Systemworks but it can't do the LiveUpdate. IT says a program is waiting for a virus-scan of some files (HH.prg and alufixit.prg were two of programs it mentioned).

I really apprecaite all your help. THanks again.

rebellor

 

I can only upload 2 attachments at any one time so I guess I'll make a few posts.

Here's what happened:

all 3 runs of Ad-aware (with plug-in) were clear. I can't upload alog1.txt because it is 398 Kb (exceeding the limit allowed on the forum).....what should I do about that??

I ran HJT.....the R0 line was still there. I fixed it. It seems to be gone. The 04 line wasn't there this time (at least I couldn't see it).

I ran ANti-vir XP and no viruses were detected. It did detect Worm/randon.ac.4 and TR/Dldr.Avis.1 on prior scans but was completely clear this time.

I will attach the FindnFix log and HJT log on my next post.

Thanks,

Ryan

 

This is my second post so I can attach the other 2 logs (HJT and findnfix). I've included previous text. I can't send alog1.txt becuase it is too large.

I can only upload 2 attachments at any one time so I guess I'll make a few posts.

Here's what happened:

all 3 runs of Ad-aware (with plug-in) were clear. I can't upload alog1.txt because it is 398 Kb (exceeding the limit allowed on the forum).....what should I do about that??

I ran HJT.....the R0 line was still there. I fixed it. It seems to be gone. The 04 line wasn't there this time (at least I couldn't see it).

I ran ANti-vir XP and no viruses were detected. It did detect Worm/randon.ac.4 and TR/Dldr.Avis.1 on prior scans but was completely clear this time.

I will attach the FindnFix log and HJT log on my next post.

Thanks,

Ryan

 

Things are working great! Thank you so much.

I've given up with Norton Antivirus....after all this spyware and crap, it doesn't seem to be able to liveupdate virus definitions. My last question to you is....is AVpersonal (the free shareware version) good enough antivirus protection and if not which antivirus program do you recommend? AVPersonal doesn't seem to scan incoming/outgoing Outlook Express messages.

Once again....I really appreciate your time and expertise.

rebellor