TechSpot

Help With Hijack This Log....

By rastaman
May 28, 2006
  1. hi there iam trying to clean out my system here is my hjt log.....the only thing i have done so far is run mcafee and spybot.....i plan on running ewido later.......



    --verbose hjt removed--
     
  2. Spike

    Spike TS Evangelist Posts: 2,168

  3. rastaman

    rastaman TS Rookie Topic Starter Posts: 21

    i have gone thru the recommended steps here is my new hjt log and ewido log files
     
  4. Spike

    Spike TS Evangelist Posts: 2,168

    First, reboot into safe mode, disable system restore, and show all hidden files and folders in explorer.

    1, Open add/remove programs in control panel and uninstall if present...

    RXtoolbar
    Bearshare

    2, Open Task manager, and end any process listed in these instructions that's running

    3, run HJT, and let it fix...

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    /* Fix between these lines only if not recognised/wanted */
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.iastate.edu/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.r21
    /* Fix between these lines only if not recognised/wanted */
    O2 - BHO: (no name) - {019B28EC-CC2B-98DC-7B15-ECDC3A68B1B8} - C:\WINDOWS\System32\lmjkeqot.dll (file missing)
    O2 - BHO: (no name) - {B8F55D3A-E8F3-B500-A4DC-90CB589F0DBB} - C:\WINDOWS\System32\ilwqwkaq.dll (file missing)
    O4 - HKLM\..\Run: [cP] C:\documents and settings\kalipopo\local settings\temp\cP.exe
    O4 - HKLM\..\Run: [DoWrmjOf] C:\documents and settings\kalipopo\local settings\temp\DoWrmjOf.exe
    O4 - HKLM\..\Run: [8Qr] C:\documents and settings\kalipopo\local settings\temp\8Qr.exe
    O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
    O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
    O4 - HKCU\..\Run: [dBvERSfnT] qasnt91.exe
    O4 - HKCU\..\Run: [Tihe] C:\Documents and Settings\kalipopo\Application Data\uatr.exe
    O4 - HKCU\..\Run: [Cgbubmrf] C:\Documents and Settings\kalipopo\Application Data\??mbols\n?pdb.exe
    O4 - HKCU\..\Run: [Jkvpoz] C:\WINDOWS\System32\n?tepad.exe
    O4 - HKCU\..\Run: [Scae] C:\Documents and Settings\kalipopo\Application Data\cesa.exe

    4, Open Explorer/My Computer and delete the following files/directories in bold...
    C:\documents and settings\kalipopo\local settings\temp\{every file in this folder}
    C:\Program Files\BearShare\
    C:\Program Files\RXToolBar\
    C:\Documents and Settings\kalipopo\Application Data\uatr.exe
    C:\Documents and Settings\kalipopo\Application Data\??mbols\
    C:\WINDOWS\System32\n?tepad.exe
    C:\Documents and Settings\kalipopo\Application Data\cesa.exe

    5, Re-enable system restore, and reboot to windows normally. Run HJT, and post a fresh log :)
     
  5. rastaman

    rastaman TS Rookie Topic Starter Posts: 21

    new hjt log

    thanks for the help let me know if everything looks ok....
     
  6. Spike

    Spike TS Evangelist Posts: 2,168

    Your HJT is clean :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...