TechSpot

Need help analyzing HJT log. cleaning winfixer + IE crashes

By face_plain
Oct 30, 2005
  1. hello all.
    this is my first post here. im a n00b at hjt logs and i need your help.

    ive been cleaning up a friend's pc for about 2 days. (XP/sp2) i've done roughly 10 scans with various anti-walware/spyware and trojan detectors... and they have done a decent job of cleaning up the mess.
    I have records of almost every scan if you would like to view them. After 2 days, and a lot of headaches, i think everything is ok now.

    winfixer2005 was the initial problem... but the more i looked, and the more scans i made, the worse it got lol. (Registry errors, spyware/malware, IE crashes and booting problems.)

    anyway, any help/advice would be appreciated. *hugs*
    i hope the attachment made it.
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    If that were my PC, I'd get rid of:
    - Symantec/Norton
    - AOL (especially the toolbar!)
    - Max PC Secure
    - Yahoo!
    - Spyware Doctor
    - Eyeball
    - SpywareGuard
    - NoAdware
    and I'm sure there are quite a few more junkprograms!

    C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe
    put HijackThis in e.g C:\Program Files\HJT and NOT in Temp or on the Desktop!.

    First Read: Only use these HJT-instructions when asked!
    /R/ unRegister the xxx.DLL in that line
    The text between the dotted lines underneath goes between the dotted lines of that post.
    Make sure to follow ALL instructions, and in HJT tick/fix ALL lines!
    ...................................................................................................
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us10.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: MSEvents Object - {8DBF02DA-4360-4A7E-BEA1-347B87816327} - C:\WINDOWS\system32\mljge.dll (file missing)
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    /R/ O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
    O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
    O20 - Winlogon Notify: mljge - C:\WINDOWS\system32\mljge.dll (file missing)
    O23 - Service: ewido security suite control - Unknown owner - C:\Documents and Settings\Owner\Desktop\security suite\ewidoctrl.exe (file missing)
    ...................................................................................................
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...