Yet another dork with a Hijackthis logfile

By meDoc
Feb 14, 2005
  1. Hi guys, your patience must be infinite :)
    My main problems are slowness, and a browser hijack which redirects all urls containing the word 'poker' to a certain poker site.
    Thank you in advance for your help, logfile is attached.

  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Boot in Safe Mode
    Switch off System Restore
    Press ctrl/alt/del and in taskmanager try to STOP:

    Next, try to UNinstall anything to do with:
    C:\Programmer\MSN Messenger\msnmsgr.exe

    Next, run Hijackthis on its own and let it 'fix' (if still there):
    C:\Programmer\MSN Messenger\msnmsgr.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =*
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =*
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =*
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {2356C850-53A3-8D51-7BE8-BFF22708F974} - C:\WINDOWS\system32\qqapyhso.dll
    O2 - BHO: (no name) - {A270EB7F-418A-4556-1135-2404666D67B4} - C:\WINDOWS\system32\fvzqlvpi.dll
    O4 - HKLM\..\Run: [kmatcvkf] C:\WINDOWS\system32\kmatcvkf.exe
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = ?

    ALL lines with O16 - DPF:

    O23 - Service: xwphnxzxmqgo - Unknown - C:\WINDOWS\system32\msupd6.exe
    O23 - Service: SafeIP remote control - ProSafe A/S - C:\Programmer\SafeIP\SRCHostSvc.exe

    When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.

    Boot in normal mode. When all OK, turn System Restore back on.
  3. meDoc

    meDoc TS Rookie Topic Starter

    Thanks man, everything works fine now :)

Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...