Another computer with HSA

Well, after successfully removing HSA from my computer, I decided to finally move on to repairing my mom's computer - a project that is at least a year overdue. Her IE hasn't worked for most of the past year, and Firefox refuses to connect as well. I was unable to reinstall either IE or install Netscape as an alternate browser.

While going through the "READ ME FIRST" checklist, I noticed many instances of CWS and HSA turning up in the scans. After completing the checklist, IE will now open without killing the processor, but I have not yet reconnected the computer to the Internet.

I will attach my notes concerning the "READ ME FIRST" checklist to this post, and wait for further instructions.

 

Copy the contents of the below Quote Box to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file fixhsa.reg and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.) Then double-click on the fixhsa.reg file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop) and when it prompts to Add in to the registry, say yes.

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

Ran the registry patch, here's the HJT log.

 

Scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.zipwarez.com/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing)

O15 - Trusted Zone: http://www.onlinegamescompany.com

Again, make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.
Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


After you have completed ALL of the above REBOOT, Scan with HijackThis and attach the new log.

 

Followed the above steps. I fixed all the HJT entries you listed and the SpyBot scan came up clean. Here's the new log.

 

Your HJT log is clean, are you having any further problems?

 

Not sure, I haven't really tested the computer yet, but I will do this next (probably in the morning though).

Thanks for all the help so far!

 

Your Welcome!

Will be awaiting final resutls!

 

HSA seems to have been removed from the system, but neither IE nor Firefox seems to be able to get a connection to the Internet from the AOL software. Not only that, but it seems that NO programs can get access to the Internet.

At this point, I have not tried to troubleshoot this problem yet, but I'm fairly sure that this is no longer a adware/spyware problem.

 

If you dont think this is Malware related then I would post in the Software Forum.

Also, be sure you update your IE version before posting. You need to install Internet Explorer 6.0 Service Pack 1.

 

I've already tried to do this, but I cannot as I am unable to reach the Internet outside of the AOL program. If you have an alternative that does not involve using the Internet on THAT computer, then I can try that.

 

You recently stated you could NOT access the internet using the AOL software, can you access it with IE?

 

No, her ISP is AOL, so you must connect through AOL. The browser within AOL works, mostly, but is unreliable. All other programs for some reason cannot find Internet access through AOL like they should be doing.

 

Have you tried to create a dialup account and do without the AOL software all together?

 

No, I have not. Care to elaborate?

 

Start > Control Panel > Network Connections

Under Network Task in the top left column select "Create a new connection".

Click NEXT to continue, select the option "Connect to the Internet" and then click NEXT to procede. Now check the option "Set up my connection manually" and click NEXT to procede. Now check the option "Connect using a dial-up modem" and click NEXT to procede. Now type in your ISP Name "AOL" and click NEXT to procede. Now type in the dialup access number you use to connect to the internet and click NEXT to procede. Now type in your account information (User name & Password) and click NEXT to procede. Click FINISH to complete your new connection. Once this connection is complete, try to connect using this connection.

Let me know how this works!

 

It's been a while since I had access to that computer, but now that I've looked at it, I need to point out some things. It has Windows ME, so "Network Connections" does not exist. Also, it is currently on an AOL DSL connection, not on dialup. This connection runs from the DSL modem to a USB 2.0 port on the computer.

So, based on these circumstances, what should I do?

 

Okay you had me under the impression you were on AOL dialup not broadband. This sounds like a ISP problem but for sure its malware related.

I would first post this in the Software Forum and see what those guys say.