See if u can please today I downloaded dap when exactly I installed it programs begun to install by themself my internet and my computer slowed down I ren adaware and spybots found some stuff but they all reapperar after restart please help im begining to scrath my head thanks in advance heres my log
Please help hijack this log
- Thread starter undead4110
- Start date
- Status
RealBlackStuff
Posts: 6,450 +3
Stop downloading and installing all these crap-programs!
Boot in Safe Mode.
SWITCH OFF Restore Points
If you can, UNinstall (not yet delete) anything to do with:
C:\Documents and Settings\Private User\Application Data\DownloadPlus.exe
C:\PROGRA~1\HiDownload\HDGetAll.htm
C:\Program Files\GetRight\GRdownload.htm
C:\Program Files\NetPumper\AddUrl.htm
C:\Program Files\WinPcap\rpcapd.exe
PowerReg Scheduler V3.exe
Next, press Ctrl/Alt/Del and in Taskmanager try to STOP the processes:
Xhrmy.exe
DownloadPlus.exe
PowerReg Scheduler V3.exe
Next, run HJT on its own and let it 'fix':
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 164.124.191.28 :80
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
F2 - REG:system.ini: Shell=
O2 - BHO: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINDOWS\DOWNLO~1\megasear.dll
O3 - Toolbar: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINDOWS\DOWNLO~1\megasear.dll
O4 - HKLM\..\Run: [xhrmy] C:\WINDOWS\Xhrmy.exe
O4 - Startup: Download Plus.lnk = C:\Documents and Settings\Private User\Application Data\DownloadPlus.exe
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: Download All Files by HiDownload - C:\PROGRA~1\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\PROGRA~1\HiDownload\HDGet.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\PROGRA~1\HiDownload\hidownload.exe
ALL lines with O16 - DPF:
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.
If you want a decent, free and ad-free downloader, go to www.stardownloader.com
In future, please check places like this forum BEFORE you install any pretty-looking or terrific-sounding piece of software-crap, you PC will be grateful.
Boot in Safe Mode.
SWITCH OFF Restore Points
If you can, UNinstall (not yet delete) anything to do with:
C:\Documents and Settings\Private User\Application Data\DownloadPlus.exe
C:\PROGRA~1\HiDownload\HDGetAll.htm
C:\Program Files\GetRight\GRdownload.htm
C:\Program Files\NetPumper\AddUrl.htm
C:\Program Files\WinPcap\rpcapd.exe
PowerReg Scheduler V3.exe
Next, press Ctrl/Alt/Del and in Taskmanager try to STOP the processes:
Xhrmy.exe
DownloadPlus.exe
PowerReg Scheduler V3.exe
Next, run HJT on its own and let it 'fix':
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 164.124.191.28 :80
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
F2 - REG:system.ini: Shell=
O2 - BHO: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINDOWS\DOWNLO~1\megasear.dll
O3 - Toolbar: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINDOWS\DOWNLO~1\megasear.dll
O4 - HKLM\..\Run: [xhrmy] C:\WINDOWS\Xhrmy.exe
O4 - Startup: Download Plus.lnk = C:\Documents and Settings\Private User\Application Data\DownloadPlus.exe
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: Download All Files by HiDownload - C:\PROGRA~1\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\PROGRA~1\HiDownload\HDGet.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\PROGRA~1\HiDownload\hidownload.exe
ALL lines with O16 - DPF:
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.
If you want a decent, free and ad-free downloader, go to www.stardownloader.com
In future, please check places like this forum BEFORE you install any pretty-looking or terrific-sounding piece of software-crap, you PC will be grateful.
thx
thx my internet seams back to normal now even my computer
thx my internet seams back to normal now even my computer
- Status
