i would apreciate any help on my problem

Hi people

first of all i would like to say that i try everything you write on this page http://forums.majorgeeks.com/showthread.php?t=35407 and the problem still exists.

i have pop ups and my home page is hijacked.

here is my hijack log :

Unrequested, inline, out dated HJT log removed!


i would like to thank you in advance

regards

 

Good Morning feelindeep,

You need to read this thread also. It will give you the current version of HJT and will also advise where to save it to. Always attach your log do not post it inline. After you attach your new log BJ or Chas will be glad to help you.
Good Luck
T.Blue


http://forums.majorgeeks.com/showthread.php?t=38752

 

thank you very much for the tips, i can't find the edid button to delete me previous post, very educational info on the link you gave

 

Your Welcome

 

Hi i do everything this page said and i delete some entries.My problem still exist, my home page is hijacked looks like websearch but there is no info on the link cause says blank and i have pop ups all the time.

My correct hijack log is in the attachment hope that helps and sorry for the previous problem.So sorry for the trouble once again.

regards

 

^^bump^^

 

feelindeep,

Download this file: SpSeHjfix109

Unzip it to your desktop or to a folder.

Boot into Safe Mode

Start SpSeHjfix, click on " Desinfecton starten" (the other button means close) then it will reboot and finish the cleaning.

Run SpSeHjfix one more time.

Reboot in Normal mode.

Run HijackThis again and post a new log. Also post the log from SpSeHjfix, the log should be on your desktop or the same folder as SpSeHjfix.

 

Thanks bjgarrick

In the meantime waiting for your answer i try several things to solve my problem and finally worked.The only bad thing is that my desktop properties don't work now.Maybe i delete something wrong.Forgot to mention that my desktop was hijaked too.After running the program you suggested in safe mode i reboot into normal mode but my internet explorer doesn't work now.

logs posted as you request

thanks for your time and for the help.

 

Let me start out by pointing out that your Operating System is WAY out dated. This is a critical security thread and should be updated ASAP. After we get your system clean I recommend your going to windows updates and getting updated. Be sure you install Service Pack 2 for security purposes.


Your HJT log is clean!

Copy the contents of the Quote Box below to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file desktopfix.reg and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.)

Double-click on the desktopfix.reg file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop) and when it prompts to merge, click YES!


Click Start > Run > type regedit

Navigate to the following key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Look for a DWORD value called "NoViewContextMenu"

When located right click and delete it!


Navigate to the following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Look for a DWORD value called "NoViewContextMenu"

When located right click and delete it!


Navigate to the following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop

Look for a DWORD value called "NoChangingWallPaper"

When located right click and delete it!



Navigate to the following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Only Should have "NoDriveTypeAutoRun"

Remove This Value "NoActiveDesktop"
Remove This Value "ForceActiveDesktopOn"

Navigate to the following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop

There should on be the (default) string here

Remove This Value NoComponents
Remove This Value NoAddingComponents
Remove This Value NoDeletingComponents
Remove This Value NoEditingComponents
Remove This Value NoHTMLWallpaper


Now, Navigate to and delete the following file:

C:\WINDOWS\Web\wallpaper.html


Final Step:

Right Click on your desktop, click properties, click the Desktop Tab, click Customize Desktop, click the Web Tab. Now, uncheck everything in this tab.

After you have completed ALL of the above, reboot and see if problem remains!

 

bjgarrick THANK YOU! very very very much for your help and taking care of my problem.

i have to mention to you that on 5 steps you say the situation goes like this:
step 1 ok
step 2 ok
step 3 no (no ActiveDesktop folder)
step 5 ok
step 6 no (no ActiveDesktop folder)

as you see i have no active desktop folder this is wrong?

I thing my pc is clean now. To avoid any mistakes i have upload a new hjt log, just see it if you can and tell my if everything is ok.

Thanks for the tip i am going to update my windows.

 

Your HJT log is now clean!

Are you having any further problems?

 

No everything working fine,

Thank you once again for taking care of my problem here.

deeply apreciatted

 

Your Welcome!

You should see this article on How to Protect yourself from malware!

 

The Best

 

http://forums.majorgeeks.com/images/icons/icon14.gif