Unable to use javascript on the web?

[guestolo]

I'll keep away from Chinese Keywords as you appear to want the program installed
It is considered adware however
These entries are related
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\cnshook.dll
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O11 - Options group: [!CNS] 網絡實名

Can you do the following please
Save the rest of these instructions to a Notepad file saved to your desktop or Print them out for use in safe mode

Make sure that you have
Set Windows To Show Hidden Files and Folders
    * Click Start.
    * Open My Computer.
    * Select the Tools menu and click Folder Options.
    * Select the View Tab.
    * Under the Hidden files and folders heading select Show hidden files and folders.
    * Uncheck the Hide protected operating system files (recommended) option.
    * Uncheck the Hide Extensions for known file types
    * Click Yes to confirm.
    * Click OK.

Go to START>>Run>>Type the following or copy and paste
sc delete SDAgentService
Hit ENTER
Then type the following
sc delete Universal Disk Manager
Hit ENTER
Type Exit and hit Enter

RESTART your Computer in SAFE MODE
You can do this by tapping the F8 key as the system is restarting, just before Windows loads
Choose Safe mode from the startup menu

In safe mode
Delete this file if found
Look again, make sure it doesn't exist, but don't delete something because it looks similiar
C:\WINDOWS\system32\supdate2.dll <-this file

and these folders if found
C:\Documents and Settings\Roland\Local Settings\Temp\RarSFX0 <-this folder
C:\Program Files\Common Files\UPDAT <-this folder
C:\Program Files\Common Files\Sand <-this folder

Do a "System scan only" with Hijackthis and put a check next to these entries:

O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start
O4 - HKLM\..\Run: [supdate2.dll] RUNDLL32.EXE C:\WINDOWS\system32\supdate2.dll,Run
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O4 - HKLM\..\RunOnce: [supdate2.dll] REGSVR32.EXE /s C:\WINDOWS\system32\supdate2.dll

O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start


After you have ticked the above entry, close All other open windows
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Remain in safe mode
Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

* Empty Recycle Bins
* Delete Cookies
* Delete Prefetch files
* Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.
When it's done click Close

Reboot back to Normal mode

 1. Open Microsoft Internet Explorer.
   2. Click Tools > Internet Options.
   3. Click the Security tab.
   4. Click the Internet Icon.
   5. Click Default Level.
   6. Click the Local Intranet Icon.
   7. Click Default Level.
   8. Click the Trusted sites Icon.
   9. Click Default Level.
  10. Click the Restricted sites Icon.
  12. Click Default Level on lower right corner of the window.
  13. Click OK on lower right corner of the window.
  14. Click on the Programs tab
  15. Select Reset Web Settings

Download F-Secure Blacklight(blbeta.exe)
  and save it to your desktop

   Run blbeta.exe
    * Accept the user agreement.
    * Click Scan.
    * After the scan finishes, click on Next, then Exit.
Do not rename any files if found by blacklight, I need to see the log

BlackLight will create a log on your desktop with the name "fsbl-xxxxxxx.log". I'll need to see it later

Use Internet Explorer and Run the online Panda ActiveScan
    * Once you are on the Panda site click the Scan your PC button.
    * A new window will open...click the big Check Now button.
    * Enter your Country.
    * Enter your State/Province.
    * Enter your e-mail address.
    * Select either "Home User or Company."
    * Click the big Scan Now button.
    * Allow the ActiveX component to install and download the files required for the scan. This may take a couple of minutes.
    * Click on MyComputer to start the scan.

When the scan is complete
 click See Report, then click Save Report and save it to your Desktop.

I need to see the following please
1. Post the report from Panda's
2. Post a fresh hijackthis log
3. Post the log from blbeta.exe please