also @ TechSpot: Toshiba abandons netbook market in US, focuses on Ultrabooks instead

TechSpot
Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

Hijckthis log anyone help please

Discussion in 'Software Apps' started by docks, Jan 7, 2005.

Thread Status:
Not open for further replies.

  1. docks Newcomer, in training

    hi Im a new member here and I need some help. PC is freezing up. Not sure what to do. thanks

    Attached Files:

    docks, Jan 7, 2005
    #1

  2. iamevl Newcomer, in training

    get rid of these in hijack this and it will help


    O1 - Hosts: 203.161.127.141 xxx.dcsresearch.xxx (spyware)
    O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL

    C:\Program Files\DeskAd Service\DeskAdServ.exe
    C:\Program Files\DeskAd Service\DeskAdKeep.exe (these are part of windows update but a spyware supported )

    find out about these unknown items they might be a hinderance

    O9 - Extra button: (no name) - {578FC4E3-151E-456c-AF8E-B63061EFE228}} - (no file)

    O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - //xxx.eingang69.de/EroticAccess/Cabs/1843023.cab

    run ad-aware with the latest update, fix all probs then re hijack and repost that




    :giddy:
    iamevl, Jan 7, 2005
    #2

  3. RealBlackStuff Newcomer, in training

    iamevl

    I don't claim to have a monopoly on HJT-logs, but you would be better advised, to send any new people with a Hijackthis log to my post here: How to remove Begin2Search / Coolwebsearch
    And giving only SOME advise is just as dangerous as giving WRONG advise.


    docks

    Go to my above mentioned post first and follow the instructions EXACTLY.

    Then reboot in Safe Mode

    Uninstall anything to do with:
    C:\Program Files\DeskAd Service\DeskAdServ.exe
    Delete C:\Program Files\DeskAd Service\ with everything that might still be in it

    Run HJT on its own and let it "fix" (if still there):

    C:\Program Files\DeskAd Service\DeskAdServ.exe
    C:\Program Files\DeskAd Service\DeskAdKeep.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.ntlworld.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 62.254.128.5:8080
    O1 - Hosts: 203.161.127.141 www.dcsresearch.com
    O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
    O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - (no file)
    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
    O4 - HKLM\..\Run: [DeskAd Service] C:\Program Files\DeskAd Service\DeskAdServ.exe
    O4 - Global Startup: Startup.exe
    O4 - Global Startup: Startup.lnk = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Startup.exe
    O9 - Extra button: (no name) - {578FC4E3-151E-456c-AF8E-B63061EFE228}} - (no file)
    O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
    O15 - Trusted Zone: http://download.windowsupdate.com
    --->>> You do NOT trust ANYbody EVER <<<---
    O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
    O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.eingang69.de/EroticAccess/Cabs/1843023.cab
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadsUnlimited/ie/bridge-c336.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1100900742051
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O20 - AppInit_DLLs: apihookdll.dll <<-- wherever it sits on your HD

    Delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.
    RealBlackStuff, Jan 8, 2005
    #3

  4. iamevl Newcomer, in training

    roger that rbs

    i only posted coz no one else had yet and i know how frustrating it is waiting!!! :grinthumb

    dont suppose you got any clue on my prob with firebird??
    iamevl, Jan 8, 2005
    #4

  5. RealBlackStuff Newcomer, in training

    iamevl (or should this be iamevil?)

    that's OK. In my timezone (GMT/UTC), docks posted while I was having my dinner, and in the evening I (and a lot of other people) have other things to do.
    Check your other Firefox post.
    RealBlackStuff, Jan 8, 2005
    #5

  6. docks Newcomer, in training

    heres new log

    thanks realblackstuff, followed you guide and here id new log. anything else
    cheers.
    docks, Jan 8, 2005
    #6

  7. RealBlackStuff Newcomer, in training

    RealBlackStuff, Jan 9, 2005
    #7
Thread Status:
Not open for further replies.