Please help hijack this log

By undead4110
Jan 31, 2005
Topic Status:
Not open for further replies.
  1. see if u can please today i downloaded dap when exactly i installed it programs begun to install by themself my internet and my computer slowed down i ren adaware and spybots found some stuff but they all reapperar after restart please help im begining to scrath my head thanks in advance heres my log

    Attached Files:

  2. RealBlackStuff

    RealBlackStuff Newcomer, in training Posts: 8,165

    Stop downloading and installing all these crap-programs!

    Boot in Safe Mode.

    SWITCH OFF Restore Points

    If you can, UNinstall (not yet delete) anything to do with:
    C:\Documents and Settings\Private User\Application Data\DownloadPlus.exe
    C:\PROGRA~1\HiDownload\HDGetAll.htm
    C:\Program Files\GetRight\GRdownload.htm
    C:\Program Files\NetPumper\AddUrl.htm
    C:\Program Files\WinPcap\rpcapd.exe
    PowerReg Scheduler V3.exe

    Next, press Ctrl/Alt/Del and in Taskmanager try to STOP the processes:
    Xhrmy.exe
    DownloadPlus.exe
    PowerReg Scheduler V3.exe

    Next, run HJT on its own and let it 'fix':
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 164.124.191.28 :80
    R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
    F2 - REG:system.ini: Shell=
    O2 - BHO: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINDOWS\DOWNLO~1\megasear.dll
    O3 - Toolbar: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINDOWS\DOWNLO~1\megasear.dll
    O4 - HKLM\..\Run: [xhrmy] C:\WINDOWS\Xhrmy.exe
    O4 - Startup: Download Plus.lnk = C:\Documents and Settings\Private User\Application Data\DownloadPlus.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O8 - Extra context menu item: Download All Files by HiDownload - C:\PROGRA~1\HiDownload\HDGetAll.htm
    O8 - Extra context menu item: Download by HiDownload - C:\PROGRA~1\HiDownload\HDGet.htm
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\PROGRA~1\HiDownload\hidownload.exe
    ALL lines with O16 - DPF:
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)

    When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.

    If you want a decent, free and ad-free downloader, go to www.stardownloader.com
    In future, please check places like this forum BEFORE you install any pretty-looking or terrific-sounding piece of software-crap, you PC will be grateful.
  3. undead4110

    undead4110 Newcomer, in training Topic Starter

    thx

    thx my internet seams back to normal now even my computer :)
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.