Hello kel913.
Open HijackThis and select
Do a system scan onlyPlace a check mark next to the following entries: (if there)
- R3 - Default URLSearchHook is missing
- F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
- O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
- O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
- O4 - HKLM\..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
- O4 - HKLM\..\Run: [FBSearch] C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
.
Important: Close all open windows except for HijackThis and then click
Fix checked.
Once completed, exit HijackThis.
----------
Go to Add or Remove Programs and uninstall:
- Yontoo Layers Client for Internet Explorer
- Search Guard Plus
.
----------
A malicious .DLL file is disrupting the LSP chain on your computer. We need to get rid of it.
* Please download
LSPFix* Run the LSPFix.exe that you have just finished downloading.
* Check the
I know what I'm doing box.
* In the
Keep box you should see one or more instances of
winhelper86.dll* Select every instance of
winhelper86.dll and move each one to the
Remove box by clicking the
>> button.
* If the winhelper86.dll file only appears on the right side then just click fix checked and close the program.
* When you are done click
Finish>>Is the connection back? If not continue to the next step.
----------
Download and run
WinSockFixThis is a two step process that will
Back up the Registry and
Reset the Winsock Stack.
- Double click on WinsockXPFix.exe to open.
- On the Winsock and TCP Repair Utility screen, click "ReG-Backup"
- On the ERDNT Welcome screen, click "OK".
- On the Backup to: screen, click "OK".
- On the Folder does not exist question screen click "Yes".
- You will see a status screen as your registry is being backed up.
- On the Registry backup is complete! screen, click "OK" and you will go back to the main window.
- On the Winsock and TCP Repair Utility screen, click "Fix".
- On the Apply the VB_Winsock fix? screen click "Yes".
- The screen will display a status message "repair completed please reboot."
- On the Repair Completed screen click "OK" to reboot your computer.
- If your computer was not using DHCP, you will need to reconfigure TCP/IP.
- Hopefully you should have connectivity restored.
.
Note: Resetting the Winsock in SP2 might remove third-party LSPs and restores Winsock to factory default setting. Existing programs that uses their own LSPs may need to be reinstalled. Example:
Google Desktop Search.Is the connection back? If not continue to the next step.
----------
Go Start > Run and type in:
cmd then click OK
In the
Command Prompt window type in following commands, and press
Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
Note the space before the forward slash /Restart the computer.
Is the connection back?
Continue to the next step if it is or isn't and let me know in the next post.
----------
If you already have ComboFix be sure to delete it and download a new copy.Download ComboFix© by sUBs from one of the below links. Be sure top save it to the
Desktop.
Link #1Link #2**Note: It is important that it is saved directly to your DesktopClose any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.
Temporarily
disable your
antivirus and any
antispyware real time protection
before performing a scan. Click
this link to see a list of security programs that should be disabled and how to disable them.
Double click combofix.exe & follow the prompts.
Vista users Right-Click on
ComboFix.exe and select
Run as administrator (you will receive a UAC prompt, please allow it)
When finished ComboFix will produce a log for you.
Post the
ComboFix log in your next reply.
Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.
If you have problems with ComboFix usage, see
How to use ComboFix