hijack This Log File - Help Please

By SadEyes ยท 6 replies
May 24, 2005
  1. Attached is the file of my work Hijack this log,
    Can anyone tell me what I need to fix?
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Boot in Safe Mode.
    Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:


    Next, run a HJT scan and place a tick-mark in the little square before (if still there):
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
    O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/ct/pm3/iwonpm_12_1,0,2,5.cab
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = end
    Unless the IP-address are from your ISP, fix this second O17 line as well
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer =,

    Now click on the Fix Checked button in HJT.
    When done, delete the highlighted bold file.
    Delete all files and directories from: C:\Documents and Settings\[username]\Local Settings\Temp
    Repeat this for ALL [usernames].

    Boot normal.
  3. SadEyes

    SadEyes TS Rookie Topic Starter

    Hijack this log 2

    I did everything you suggested in the last reply, I did not see a "highlighted bold file." to delete though.
    Attached is my new HJT log, it is fresh from the restart of the computer after doing the fixes you suggested.
    Is there anything else I need to do?
    This computer keeps saying there isn't a connection to the internet everytime I try to delete a file in windows explorer, and tries to log on alot on it's own.
    Thanks in advance for the help.
  4. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503


    Your new log is fine.
    You sure this is a WORK-computer?

    You appear to have a rogue dialler.
    Get the 30-day trialversion Trojan Horse remover from http://www.simplysup.com/tremover/
  5. SadEyes

    SadEyes TS Rookie Topic Starter

    Thanks for the help.
    It is the computer we have at the leather store that I take classes and help out at.
    The store computer, my home computer, a friends work and home computers, and another friends 2 home computers all have some crazy virus or adware stuff going on with them and I am trying to figure out what to do with it.

    As far as using trojan remover...the trial period on the work - store computer has expired. Is it a program we should purchase? Can the software be used on more than one computer?

    My home computer is doing that...trying to connect without my wanting it to.

    is there any other way of getting rid of a rouge virus?

    Thanks for all of your help
  6. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    On that WORK-PC I notice you run 2 AV programs, NAV and AVG.
    Get rid of that NAV-junk and stick with AVG.

    Between you and your friends, you must have passed around a CD or floppy with the same infection. Or you all went to the same LAN-party and picked it up there.
    Look at the different versions available for Trojan Remover. By all means buy it, it's one of the best!

    Read this about rogue diallers:
  7. SadEyes

    SadEyes TS Rookie Topic Starter

    hijack This Log File - Help Please - Thank you

    I think I have the work/store computer figured out...have to do some rouge dialler research and see what we can do to see if we have one and if so, what we can do with it. but overall it is running faster and acting better.

    Thank you for your help.
    I hope that you don't grow annoyed with my many current computers that are having problems.
    I appreciate your help
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...