Computer Forums - View Single Post - please take a look a my hijack log,thank you

techpro5238 · 10-16-2007, 12:06 AM

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

*---------------------------------------------------------------------------*

Go to Computer > Tools > Folder Options > View tab and make sure that Show hidden files and folders is enabled. Uncheck the "Hide protected operating system files" option. Also make sure there is no checkmark beside “Hide file extensions for known file types”.

*---------------------------------------------------------------------------*

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.

*---------------------------------------------------------------------------*

SPYBOT 1.4

Download Spybot 1.4 from this site Spybot 1.4. Install the program, update the definitions file and run a scan. Fix all the entries, which are indicated in RED.

AD-AWARE 2007

Please download Ad-aware and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Also make sure to Customize the settings in Adaware for better scan results. Run the scan and fix everything that it finds.

*-------------------------------------------------------------------------*

Uninstall the following via the Add/Remove Panel (Start > (Settings) > Control Panel > Add/Remove Programs) if they exist:-

MyWebSearch
Viewpoint
(Anything with Poker in it) Poker

Run a scan in HijackThis. Check and fix the following if they still exist (make sure not to miss any):

C:\Users\Brolick\Desktop\alternativ.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {BE1BDC4F-2AAC-494E-88B1-86B2EE4F2D6D} (CopySafe3 Control) - http://download.copysafe.net/Plugin/...d/Copysafe.cab
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.

C:\Program Files\PokerStars
C:\Program Files\Viewpoint

*------------------------------------------------------------------------*

CLEANUP! version 4.52 – TEMP FILE CLEANING

Please download Cleanup! and install it. You will use this later.

*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does not make backups.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:

Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

Empty Recycle Bins
Delete Cookies
Delete Prefetch files (if present)
Cleanup! All Users
Click on the Temporary Files tab and uncheck the box for Scan drives for files matching if it’s checked.

Click OK
Press the CleanUp! button to start the program and reboot when prompted.

*------------------------------------------------------------------------*

Reboot into Normal Mode and post a new HijackThis log file so we can make sure it's clean.

Logs Needed for Next Post: New Hijackthis Log

10-16-2007, 12:06 AM	#2 (permalink)
techpro5238 Super Techie Join Date: Aug 2007 Posts: 451	Re: please take a look a my hijack log,thank you Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions. --------------------------------------------------------------------------- Go to Computer > Tools > Folder Options > View tab and make sure that Show hidden files and folders is enabled. Uncheck the "Hide protected operating system files" option. Also make sure there is no checkmark beside “Hide file extensions for known file types”. --------------------------------------------------------------------------- Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers. --------------------------------------------------------------------------- SPYBOT 1.4 Download Spybot 1.4 from this site Spybot 1.4. Install the program, update the definitions file and run a scan. Fix all the entries, which are indicated in RED. AD-AWARE 2007 Please download Ad-aware and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Also make sure to Customize the settings in Adaware for better scan results. Run the scan and fix everything that it finds. ------------------------------------------------------------------------- Uninstall the following via the Add/Remove Panel (Start > (Settings) > Control Panel > Add/Remove Programs) if they exist:- MyWebSearch Viewpoint (Anything with Poker in it) Poker Run a scan in HijackThis. Check and fix the following if they still exist (make sure not to miss any): C:\Users\Brolick\Desktop\alternativ.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O13 - Gopher Prefix: O16 - DPF: {BE1BDC4F-2AAC-494E-88B1-86B2EE4F2D6D} (CopySafe3 Control) - http://download.copysafe.net/Plugin/...d/Copysafe.cab O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist. C:\Program Files\PokerStars C:\Program Files\Viewpoint ------------------------------------------------------------------------ CLEANUP! version 4.52 – TEMP FILE CLEANING Please download Cleanup! and install it. You will use this later. NOTE Cleanup deletes EVERYTHING out of temporary folders and does not make backups. Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows: Click "Options..." Move the arrow down to "Custom CleanUp!" Put a check next to the following (Make sure nothing else is checked!): Empty Recycle Bins Delete Cookies Delete Prefetch files (if present) Cleanup! All Users Click on the Temporary Files tab and uncheck the box for Scan drives for files matching if it’s checked. Click OK Press the CleanUp! button to start the program and reboot when prompted. ------------------------------------------------------------------------ Reboot into Normal Mode and post a new HijackThis log file so we can make sure it's clean. Logs Needed for Next Post: New Hijackthis Log