Please Help with a Hijack-This Log

Status
Not open for further replies.
Can anyone help? My computer is getting very sluggish and I'm getting spyware pop ups like crazy even after running Spybot. Probably that Diet Patch pop up the most. Who's idea was it to add sound a pop up? :suspiciou
 
Go to my post here first and follow EXACTLY.
How to remove Begin2Search / Coolwebsearch

Uninstall Viewpoint, it is adware;
C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
Then delete the directory with everythin in it.

After that, reboot in safe mode and let HJT "fix" (if still there):
C:\WINDOWS\System32\nlqzjdk.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\documents and settings\antonio asaro\local settings\temp\OUJT5gLJ9.exe
C:\WINDOWS\System32\euawfoy.exe
C:\Documents and Settings\Antonio Asaro\Application Data\lswa.exe
C:\WINDOWS\System32\d?dplay.exe
C:\WINDOWS\System32\Lvs22C.exe
C:\WINDOWS\System32\Vryu.exe
C:\WINDOWS\System32\itircl.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {43207D8E-961C-72C1-D349-8D4FCADBE0A5} - C:\WINDOWS\system32\atlue.dll
O4 - HKLM\..\Run: [kkblxfqy] C:\WINDOWS\System32\nlqzjdk.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OUJT5gLJ9] C:\documents and settings\antonio asaro\local settings\temp\OUJT5gLJ9.exe
O4 - HKLM\..\Run: [5BCSZTY5FYE94W] C:\WINDOWS\System32\Upwt.exe
O4 - HKCU\..\Run: [itircl] C:\WINDOWS\System32\itircl.exe
O4 - HKCU\..\Run: [JavaUpdate0.07] C:\WINDOWS\System32\euawfoy.exe
O4 - HKCU\..\Run: [Abts] C:\Documents and Settings\Antonio Asaro\Application Data\lswa.exe
O4 - HKCU\..\Run: [Qqdu] C:\WINDOWS\System32\d?dplay.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {94837F90-A2CA-4A8A-9DA0-B5438EC563EA} - http://install.wildtangent.com/cda/islandrally/ActiveLauncher/ActiveLauncherSetup.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/partners/daimlerchrysler/rrtstreetwise/install.cab
O16 - DPF: {B3872502-F9FD-4E96-93FF-0D37298F0689} (SOESysInfo Control) - http://everquest2.station.sony.com/systemscan/soesysinfo.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab

Afterwards, delete all the bold files
 
Status
Not open for further replies.

Similar threads

B
Help with PUBG Mobile Pc
Replies
0
Views
420
basitdogar
B
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
467
eriksnyman1
E
carlosartur
  • Locked
Inactive-A Please analyze my FRST64 logs
Replies
24
Views
1K
Broni
Broni

Latest posts

Back