Please Help with a Hijack-This Log

By Rocketwizard
Jan 6, 2005
  1. Deleted, problem solved, thanks for all the help.
  2. Rocketwizard

    Rocketwizard TS Rookie Topic Starter

    Can anyone help? My computer is getting very sluggish and I'm getting spyware pop ups like crazy even after running Spybot. Probably that Diet Patch pop up the most. Who's idea was it to add sound a pop up? :suspiciou
  3. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Go to my post here first and follow EXACTLY.
    How to remove Begin2Search / Coolwebsearch

    Uninstall Viewpoint, it is adware;
    C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
    Then delete the directory with everythin in it.

    After that, reboot in safe mode and let HJT "fix" (if still there):
    C:\documents and settings\antonio asaro\local settings\temp\OUJT5gLJ9.exe
    C:\Documents and Settings\Antonio Asaro\Application Data\lswa.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {43207D8E-961C-72C1-D349-8D4FCADBE0A5} - C:\WINDOWS\system32\atlue.dll
    O4 - HKLM\..\Run: [kkblxfqy] C:\WINDOWS\System32\nlqzjdk.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [OUJT5gLJ9] C:\documents and settings\antonio asaro\local settings\temp\OUJT5gLJ9.exe
    O4 - HKLM\..\Run: [5BCSZTY5FYE94W] C:\WINDOWS\System32\Upwt.exe
    O4 - HKCU\..\Run: [itircl] C:\WINDOWS\System32\itircl.exe
    O4 - HKCU\..\Run: [JavaUpdate0.07] C:\WINDOWS\System32\euawfoy.exe
    O4 - HKCU\..\Run: [Abts] C:\Documents and Settings\Antonio Asaro\Application Data\lswa.exe
    O4 - HKCU\..\Run: [Qqdu] C:\WINDOWS\System32\d?dplay.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
    O15 - Trusted Zone: *
    O15 - Trusted Zone: * (HKLM)
    O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\
    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} -
    O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) -
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -
    O16 - DPF: {94837F90-A2CA-4A8A-9DA0-B5438EC563EA} -
    O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} -
    O16 - DPF: {B3872502-F9FD-4E96-93FF-0D37298F0689} (SOESysInfo Control) -
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -

    Afterwards, delete all the bold files
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...