Yet another dork with a Hijackthis logfile
- Thread starter meDoc
- Start date
- Status
RealBlackStuff
Posts: 6,450 +3
Boot in Safe Mode
Switch off System Restore
Press ctrl/alt/del and in taskmanager try to STOP:
msnmsgr.exe
kmatcvkf.exe
msupd6.exe
SRCHostSvc.exe
Next, try to UNinstall anything to do with:
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\SafeIP\SRCHostSvc.exe
Next, run Hijackthis on its own and let it 'fix' (if still there):
C:\Programmer\MSN Messenger\msnmsgr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...aults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.politiken.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {2356C850-53A3-8D51-7BE8-BFF22708F974} - C:\WINDOWS\system32\qqapyhso.dll
O2 - BHO: (no name) - {A270EB7F-418A-4556-1135-2404666D67B4} - C:\WINDOWS\system32\fvzqlvpi.dll
O4 - HKLM\..\Run: [kmatcvkf] C:\WINDOWS\system32\kmatcvkf.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = ?
ALL lines with O16 - DPF:
O23 - Service: xwphnxzxmqgo - Unknown - C:\WINDOWS\system32\msupd6.exe
O23 - Service: SafeIP remote control - ProSafe A/S - C:\Programmer\SafeIP\SRCHostSvc.exe
When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.
Boot in normal mode. When all OK, turn System Restore back on.
Switch off System Restore
Press ctrl/alt/del and in taskmanager try to STOP:
msnmsgr.exe
kmatcvkf.exe
msupd6.exe
SRCHostSvc.exe
Next, try to UNinstall anything to do with:
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\SafeIP\SRCHostSvc.exe
Next, run Hijackthis on its own and let it 'fix' (if still there):
C:\Programmer\MSN Messenger\msnmsgr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...aults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.politiken.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {2356C850-53A3-8D51-7BE8-BFF22708F974} - C:\WINDOWS\system32\qqapyhso.dll
O2 - BHO: (no name) - {A270EB7F-418A-4556-1135-2404666D67B4} - C:\WINDOWS\system32\fvzqlvpi.dll
O4 - HKLM\..\Run: [kmatcvkf] C:\WINDOWS\system32\kmatcvkf.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = ?
ALL lines with O16 - DPF:
O23 - Service: xwphnxzxmqgo - Unknown - C:\WINDOWS\system32\msupd6.exe
O23 - Service: SafeIP remote control - ProSafe A/S - C:\Programmer\SafeIP\SRCHostSvc.exe
When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.
Boot in normal mode. When all OK, turn System Restore back on.
- Status
Latest posts
-
4K QD-OLED vs. 4K WOLED: What You Need to Know- Burty117 replied
-
10 Things We Hate About Nvidia- Beerfloat replied
-
Apple cans knockoff Game Boy app as emulators suffer first App Store casualty- Squid Surprise replied