Help with HJT Log, Thanks.

Status
Not open for further replies.
B

bay

Would someone be so kind to help me with my HJT log. I have run Adware, NoAdware, Norton, CWShredder and finally Hijack This. However I still have problems with IE, whenever I open my homepage another page opens aswell. This also happens whenever I click on a link or 'back'. I am not sure which logs I should delete from my HJT report (and not sure if all I have to do is get HJT to fix them?)
As you may be able to tell I am not really computer literate!

ps BIG Thanks to realblackstuff he obviously knows what he is doing.
 

Attachments

  • hijackthis1.txt
    7.7 KB · Views: 5
Boot in Safe Mode
Switch off System Restore
Use ctrl/alt/del and in Taskmanager try to stop:
MsnMsgr.Exe
emptemp2.exe
PowerReg Scheduler V3.exe

Next, UNinstall anything to do with this FAKE:
C:\Program Files\MSN Messenger\MsnMsgr.Exe

Next, run HJT on its own and let it 'fix' if still there:
C:\Program Files\MSN Messenger\MsnMsgr.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: emptemp2.lnk = C:\Program Files\Empty Temp Folders 2.8.3\emptemp2.exe
O4 - Startup: PowerReg Scheduler V3.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1105964427656
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C20EB175-0DD0-4979-A994-1F0DBA69F627} (EGEGAUTH Class) - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1032_EN_XP.cab

If these are NOT from YOUR ISP, 'fix' with HJT
O17 - HKLM\System\CCS\Services\Tcpip\..\{98EE1F25-E5F2-4CB3-9E11-0DBA7D058FDF}: NameServer = 203.12.160.35 203.12.160.36

When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.
Empty all contents from your \Temp directory.
Boot normal. If all OK, turn System Restore back on.

And stop using IE except for Windows updates!
go to www.getfirefox.com
 
Status
Not open for further replies.

Similar threads

A
Unexpected problem with a new Asus RT-AX58U V2
Replies
2
Views
100
ajay11
A
AGenericFool
Help - Valid Windows 10 Licenses deactivate after two days?!
Replies
1
Views
275
Nelson28
N
B
Help with "special permissions" please
Replies
1
Views
513
Nelson28
N

Latest posts

Back