Logs for Removing Malware

By Ftowngang916
Nov 3, 2008
  1. After following the steps on the techspot forums to clean up my computer, I am having significant improvements. It still seems I may be running a bit slow though. Along with that, ever since I acquired my virus my itunes songs crackle when they play through my speakers. Full cd's on my itunes play normally, but single songs dont. Im not sure if this is related but help is appreciated anyway.

  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Remove bad HijackThis entries
    • Run HijackThis
    • Click on the System Scan Only button
    • Put a check beside all of the items listed below (if present):

      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      R3 - URLSearchHook: (no name) - - (no file)
      R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
      O2 - BHO: (no name) - {01D19E8C-3647-4FBD-AD6A-540825A2D615} - C:\WINDOWS\system32\gtfonmgu.dll (file missing)
      O2 - BHO: (no name) - {8406721E-9BF4-40AA-9920-7424FC570375} - C:\WINDOWS\system32\yayxYopn.dll (file missing)
      O4 - HKLM\..\Run: [xhbxrlfs] C:\tq^pwkrl.bat
      O4 - HKCU\..\Run: [Wxv] "C:\Program Files\Common Files\??pPatch\e?plorer.exe"
      O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Poker\Noble Poker\casino.exe (file missing)
      O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Poker\Noble Poker\casino.exe (file missing)
    • Close all open windows and browsers/email, etc...
    • Click on the "Fix Checked" button
    • When completed, close the application.


    OTMoveit2 by OldTimer
    Please download the OTMoveIt2 by OldTimer.
    • Save it to your desktop.
    • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

      [b][kill explorer]
      C:\Program Files\AskSearch
      [start explorer][/b]
    • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
    • Click the red Moveit! button.
    • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
    • Close OTMoveIt2
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


    [​IMG]Update your Java Runtime Environment

    • First try going to Start -> Control Panel -> double click Java
    • Select the Update Tab at the top of the Java console
    • Click the Check for Updates button at the bottom
    • If it finds the newer version (Java 6 Update 7) Follow the on screen instructions (uncheck the yahoo toolbar option)
    • After it installs the newest version Go back to Control Panel -> Add/remove programs (programs and features in vista)
    • Uninstall any older versions of Java

    If for some reason you couldn't update through the above instructions.
    Update your Java Runtime Environment
    • Click the following link
      Java Runtime Environment 6 Update 10
    • The 1st option down is the one you want (click Download)
    • Check the box to agree to terms of service
    • Check the box for your operating system and click 'Download selected'at the bottom
    • After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
    • Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_10 folder


    Run a fresh scan with hijackthis and attach the log here along with the OTMoveit2 log
  3. Ftowngang916

    Ftowngang916 TS Rookie Topic Starter Posts: 32

    Follow the first instructions through Hijack This, but when I try to download OTmoveit, it says the 404 file not found. I searched through google to find other ways, but with no luck.
  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...