PingWin.comBlack belts on Computer Repairs |
Call 818 262 5621 |
Home
Services
ContactFirst Aid
Password Recover
Remote Support |
|
Remove Popups goes to Registry FixerPage1: Please download ComboFix from Here or Here to your Desktop. **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop** Please, never rename Combofix unless instructed. Close any open browsers. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask. Close any open browsers. WARNING: Combofix will disconnect your machine from the Internet as soon as it starts Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished. If there is no internet connection after running Combofix, then restart your computer to restore back your connection. Double click on combofix.exe & follow the prompts. When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review. **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall** Page 2: Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions. It's IMPORTANT to carry out the instructions in the sequence listed below. 1. Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Open *notepad* and copy/paste the text in the quotebox below into it: Quote: Killall:: File:: C:\WINDOWS\SYSTEM32\nwmonpxi.dll C:\WINDOWS\SYSTEM32\ncbbpj.dll C:\WINDOWS\SYSTEM32\byXPjjJb.dll C:\WINDOWS\SYSTEM32\opnmMdAR.dll C:\WINDOWS\SYSTEM32\awtsTJaa.dll C:\WINDOWS\SYSTEM32\beep.sys Registry:: [-HKEY_LOCAL_MACHINE\~\BrowserHelperObjects\{4e1b8848-9f29-4ffa-a280-b762a6c86bc8}] "ncbbpj.dll"=- [-HKEY_LOCAL_MACHINE\~\BrowserHelperObjects\{73984FE0-9702-4C55-9C7B-9BA3C5861F25}] "opnmMdAR.dll"=- [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8822EB28-24D3-4433-BECC-E7CE3E3B3134}] "byXPjjJb.dll"=- [hkey_local_machine\software\microsoft\windows\currentversion \explorer\ShellExecuteHooks] "{73984FE0-9702-4C55-9C7B-9BA3C5861F25}"=- [-HKEY_LOCAL_MACHINE\software\microsoft \windowsnt\currentversion\winlogon\notify\opnmMdAR] Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop. Referring to the picture above, drag CFScript.txt into ComboFix.exe. This will start ComboFix again.(it may ask you to reboot your computer) When finished, it shall produce a log for you at C:\ComboFix.txt then :- Open a blank notepad. Copy the BOLD text below to the blank NOTEPAD. call it FIX.REG --- (where it says FILE NAME) save it to your desktop.----(at the top where it says SAVE IN, click the drop down menu and select DESKTOP) save as "all files" ---- (where it says SAVE AS TYPE click the drop down menu and choose ALL FILES) on your desktop double click on FIX.REG and allow it to merge with the registry when it asks. REGEDIT4 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"="msv1_0" Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please and let me know how it is running.
|
Our Scope
Windows Tweaks
Remove Pop-upsWinMOFireFox |
|
Privacy About Us Contact Us Work Order Make a payment Links Website Hosting Prices Computer Repair Links Will make your computer behave! Copyright (C) Tal Bahir, Inc 2008 |
|
