HJT log - Is my computer ok?

[abbyv3]

Hello folks,
I posted a few days ago that my son had downloaded MP3Rocket the other day, and later I found out it was a file-sharing program. Howard (thank you, Howard) guided me to a post about downloading HijackThis and posting the log here. Well, here it is. I'm not too technical, but this was simple to do.

So, here it is. I hope I've done everything correctly. Looking forward to what you all have to tell me. I also want you to know I'm grateful for this site. I know you all don't have to do this, and I appreciate it alot.

Thanks again,
Abby

 

[fastco]

Everything looks pretty clean to me except for O16 - DPF: DigiChat Applet - http://host3.digichat.com/DigiChat/DigiClasses/Client_IE.cab

If this is something you installed then it's all clean.

 

[Peddant]

Hello folks,
I posted a few days ago that my son had downloaded MP3Rocket the other day, and later I found out it was a file-sharing program.

MP3Rocket is not in itself a spyware program,but I understand your concerns.

In your last thread you mentioned .jar files that could not be deleted.
I suggest you go into HijackThis Config/Misc Tools/Delete on boot and see if that can get rid of them.

There are also programs such as Killbox and MoveOnBoot that might help.

 

[howard_hopkinso]

You were supposed to post your HJT log into your other thread, as I asked.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.


Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

PowerReg Scheduler.exe
Scheduler.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - Startup: PowerReg Scheduler.exe

Fix all 016-DPF entries.

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

PowerReg Scheduler.exe
Scheduler.exe

You will need to search your system for the above files. Delete all instances found.

Reboot into normal mode and turn system restore back on.


Regards Howard