TechSpot

HJT log, PLZ HELP!

By Pc Noob4life
Jun 16, 2006
  1. Can you please have a look at my log and let me know what to get rid of. thanx
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Go HERE and follow the instructions exactly.

    Post a fresh HJT log into this thread, only after doing the above.

    Regards Howard :)
     
  3. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    HJT log

    Ok, done what u asked. i have a few RUNDLL.EXE but i dont know if they are the ones to delete . thanks
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    PowerReg Scheduler.exe

    Close task manager.

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).


    O4 - Startup: PowerReg Scheduler.exe

    Fix all 016-DPF entries.

    O17 - HKLM\System\CCS\Services\Tcpip\..\{49D381AC-883F-42F7-BE8E-40554505CD80}: NameServer = 80.225.252.58 80.225.252.50<Only fix this, if it doesn`t belong to your ISP.

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    PowerReg Scheduler.exe

    Reboot into normal mode and turn system restore back on.

    Other than the above, your HJT log is clean.


    Regards Howard :)
     
  5. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    Hi, thanks for that. i guess my comp is in the all clear now. Can you check my HJT log (after doing what you said) just to check i aint got infected after the first HJT log. thanks again.
     
  6. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    HJT log 2 from after scan
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You seem to have picked up an infection since your last HJT log.

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html





    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    autoclk.exe

    Close task manager.

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O4 - HKLM\..\Run: [autoclk] autoclk.exe

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    autoclk.exe

    Reboot into normal mode and turn system restore back on.

    Post a fresh HJT log.


    Regards Howard :)
     
  8. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    Ok, deleted: O4 - HKLM\..\Run: [autoclk] autoclk.exe
    Thanks for the help
     
  9. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    HJT log

    Can someone have a look at this log and let me know what to delete plz
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I have merged your new thread into this one.

    I did ask you to post a fresh HJT log, the last time I posted, but you didn`t.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    VideoEggPublisher.exe

    Close task manager.


    Have HJT fix these entries.

    O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe

    O17 - HKLM\System\CCS\Services\Tcpip\..\{991FBDA8-8D77-4D36-931C-10E975C6F1FB}: NameServer = 80.225.252.58 80.225.252.50<Only fix this, if it doesn`t belong to your ISP.

    Other than the above, your HJT log is clean.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of Pc Noob4life only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  11. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    did i not send u a fresh log? sorry. is that the only prob i have? i got video egg publisher from a legit website www.bebo.com to upload videos for your profile? is this a form of virus?
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    If you know it`s a legit website, then don`t fix it. I wasn`t sure of it`s origins and that`s why I suggested it be fixed.

    As I said, your HJT log is clean.

    Regards Howard :)
     
  13. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    thank you :eek:)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...