Hijack this log help

[rastaman]

Hi iam currently cleanning out a laptop...I have gone thru the prerequsites listed b/4 posting this log file .....I will appreciate any help...there are quite a few thing in the log which iam not sure wheater to fit or not.... thankx

 

[gmuser2006]

Boot into safe mode.

Turn off system restore. (XP/ME only)

In Windows Explorer, turn on "Show all files and folders, including hidden and system".


Open up Add/Remove Programs and uninstall anything having to do with:

WinTools
HuntBar


Press Control+Alt+Delete to open the task manager.
Go to the Processes tab and close the following processes if found:

ntmeter.exe
tools.exe


Go to Start-->Run and type cmd and press OK.

In the command windows that opens type and then press Enter after each line:

regsvr32 /u C:\WINDOWS\enhtb.dll
regsvr32 /u C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll


After that run HJT and have it fix (mark the box next to the entry) the following if found:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Band Class - {0007522A-2297-43C1-8EB1-C90B0FF20DA5} - C:\WINDOWS\enhtb.dll (file missing)
O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll (file missing)

O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)

O4 - HKLM\..\Run: [AutoLoaderrttl1NbgWLWJ] "C:\WINDOWS\System32\ntmeter.exe"
O4 - HKLM\..\RunServices: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe

O18 - Filter: text/html - (no CLSID) - (no file)

After marking the above entries press the Fix Checked button.


Delete these files and/or folders:

C:\WINDOWS\enhtb.dll
C:\PROGRA~1\COMMON~1\WinTools\
C:\WINDOWS\System32\ntmeter.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\


Reboot into Normal mode and turn System Restore back on.

Run HJT and post a new log as an attachment.

Thanks!

 

[howard_hopkinso]

Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

netsync.exe
P2P Networking.exe
ntmeter.exe
tools.exe

Close task manager.

Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Band Class - {0007522A-2297-43C1-8EB1-C90B0FF20DA5} - C:\WINDOWS\enhtb.dll (file missing)

O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll (file missing)

O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL

O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)

O4 - HKLM\..\Run: [RSync] C:\WINDOWS\System32\netsync.exe

O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe

O4 - HKLM\..\Run: [AutoLoaderrttl1NbgWLWJ] "C:\WINDOWS\System32\ntmeter.exe"

O4 - HKLM\..\RunServices: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe

O18 - Filter: text/html - (no CLSID) - (no file)

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files(if there).

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
C:\WINDOWS\System32\ntmeter.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\WINDOWS\System32\netsync.exe

Reboot into normal mode and turn system restore back on.


Regards Howard

 

[rastaman]

thanks for the reply here is the new hjt log

 

[howard_hopkinso]

Your HJT log is now clean.

Regards Howard