Hopefully someone can help me, this is the second time ive been hijacked in the last few months, its just a pain overall. I ran the usual - adaware, spybot, avg, hijackthis, blah blah. Adaware is the only thing that really picks up everything, coolwebsearch, tracking cookies, etc and my homepage is set to res://emxbn.dll/index.html#96676 with millions of popups like "only the best". Everytime i run adaware it pulls up the same objects everytime. Also, when i search on google, an alternative window search results page opens up. Any ideas? i'll post a hijack this log if necessary, i ran it and saw the usual browser hijack attempts, i just wanna get rid of this asap bc its more annoying than anything else - slowing down ie, etc. Any suggestionswould be greatly appreciated. Thanks! Jason

Jason: I've posted this link numerous times--because the information in the tutorial covers just about every facet of recovering from a hijacking. Look it over and see if there's something you haven't tried. LINK Solarian

Hi Solarian... The link you provided is a good one and well worth reading. The only thought I have is in the using of HiJack This as they explain it: "The program will produce a list of items it considers suspicious. You can use the 'info on selected item' button to see more details on specific lines. The checkbox at the beginning of each line marks that item for fixing or deletion" Later they modify the thought, but just to mention that HiJack This does not pick out only bad entrys. It is written to report certain parts of the Register and Operating System regardless of what is in there, and the majority of it is good. A person can damage their operating system severly by clicking and "fixing" a good entry. A very large part of using HT is learning to spot the signatures of the hundreds of spyware/malware out there, and then knowing the appropriate steps to take depending on what the infection is. Just a thought... Case in point: I just helped a lady who had four LSP malware entrys in her Winsock file. Those cannot be fixed by HiJack This, because that would destroy her internet connection permanently and the Winsock file would have to be reinstalled, a complicated job. There is a special small utility that will go in and do it without damage. And those kind of situations are almost the norm now as this malware becomes more sophisticated. Just a thought...

ranchhand: Your thoughts about HijackThis--its potential harm to the operating system if used indiscriminately--are well worth noting and bear repeating. It's true that, after a scan, the utility warns: Be careful what you delete, HijackThis cannot determine what is bad and what is merely customized by you. However, the warning is in small type above an impressive list of scanned items; the only thing on the user interface in bold type is Fix Checked. I can imagine new and frustrated users, in a hurry to repair their PC, checking all the items and clicking Fix Checked. Whereupon a part of the operating system bites dust. 8-) This would be especially true for those who normally check and fix all the entries found by Spybot and Ad-Aware in the mistaken belief that HijackThis works the same way. Thanks for posting. Sincerely, Solarian

I believe the hijackthis file should be posted on a site such as: http://forum.gladiator-antivirus.com/index.php? where they have experts to analyse the data and tell the person which selections to tick. It's fairly easy to determine the bad entries once you do it a few times. JMO. Cheers.

Yes, I agree Warren; the problem is that these posts age quickly in this forum, and trying to follow them down the thread gets to be a pain. Plus HT posts aren't really encouraged in this forum, which I can understand. There are so many thousands of posts a week here that if everyone started posting logs the bandwidth usage would stretch to the moon and back. :0) Give a man a fish and you feed him for a day; Teach a man to fish and you feed him for a lifetime; Then industry pollutes the water and kills all the fish....