ads1.revenue and yazifind popups

HijackThis is not the first step and we have guidelines that must be followed about how to use HJT and how to post logs. Please read and follow our sticky threads.

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

What is your expected home page?
Is it C:\WINDOWS\about.htm

After doing ALL of the above if you still have a problem:

Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

After getting HJT installed in the proper folder do the following:

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).
Please bring up Task Manager by hitting CTRL-ALT-DEL and click the Processes tab. Look for the below process(es) and if found, End them:
C:\WINDOWS\system32\gtowqo.exe

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [gtowqo] C:\WINDOWS\system32\gtowqo.exe
O15 - Trusted Zone: http://www.neededware.com
O16 - DPF: NDWCab - http://www.neededware.com/NDWCab.CAB

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\system32\gtowqo.exe

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again.

Reset your home/start page to what you want.

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

I don't think that's the problem PP. Some locations cannot access the main page or file systems. I have had problems myself most of the day. Others have no problems. I know from NJ and CA. We had no access but NY State has no problem.

 

Go to the below and get Ad-Aware SE and begin your scan with that (make sure you update after installing):

http://www.net-security.org/software.php?id=135


Get the VX2 cleaner plug-in here:
http://download.lavasoft.de.edgesuite.net/public/plvx2cleaner.exe

 

Go here to get Spybot S&D: http://spybot.dalnet.com.fr/spybotsd13.exe

Co here to get CCleaner: http://www.ccleaner.com/ccdownload.php

 

Seems to be theplanet.com. A trace route times out there. We are working on it.

 

I gave you some links below. Try them!

 

SpywareBlaster can be found here: http://www.javacoolsoftware.com/spywareblaster.html

 

I think we were one of the very few that had it available. If I find a link I'll post it. We are working on fixing the problem with the main board and file archives.

 

Okay! Here is a link to Spybot DSO Exploit fix

http://news.swzone.it/link.php?action=d&id=12932