Followed directions to a tee....

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by suzyq55, Jan 25, 2007.

  1. suzyq55

    suzyq55 Private E-2

    OK, I have used all the removal programs and saved the logs. I am computer savvy enough to be able to do the removal but not to read some of the logs which are generated ~ particularly the last one from HiJackThis. I do see some things (especially after reading the "info" about them) that I am not sure about. Are they harmful, do they need to be taken out and how? I have attached the logs that are requested ~ that may take a few posts ~ please take a look with your ":cool very techy eyes" and let me know if I need to do some further cleaning. Thanks much!
     

    Attached Files:

    suzyq55, Jan 25, 2007
    #1
  2. suzyq55

    suzyq55 Private E-2

    Re: Followed directions to a tee....continued

    here is a continuation of the logs....

    suzyq...
     

    Attached Files:

    suzyq55, Jan 25, 2007
    #2
  3. suzyq55

    suzyq55 Private E-2

    Re: Followed directions to a tee....#3HJT

    Here's the last one! Hijackthis-renamed

    Thanks for all your help. If there is anything else I should do I would appreciate some direction.
     

    Attached Files:

    suzyq55, Jan 25, 2007
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Actually you look rather clean.

    You might want to dump IE7 thru add/remove in control panel (unless you are satisfied with the way it is working).


    Run CCleaner so that you flush your cookies and then dump the norton protected trash.


    Then please click Scan and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

    After clicking Fix, exit HJT.


    I'd also remove these unless you cannot get to the sites normally.
    O15 - Trusted Zone: http://www.dailygraphs.com
    O15 - Trusted Zone: http://www.investors.com
    O15 - Trusted Zone: http://local.live.com.


    Turn off system restore, restart, turn it back on.

    Let me know how you are running.
     
    TimW, Jan 25, 2007
    #4
  5. suzyq55

    suzyq55 Private E-2

    [​IMG]


    As beautiful as a sunset!

    TimW - thanks for checking over my logs. I have deleted the few things you highlighted in the HJT Scan. So far so good! Believe me before I ran all this stuff it was a mess! I'm glad forums like this exist with directions to lead one through the process of cleaning out computers ~~ saves one a bundle from calling in the GeekSquad! As they charge $$$$$$ mucho $$$$$ for what I can see I can do myself with a little direction.

    Now what would be the best programs to keep it running this way??

    And what do you think of RegCure which I just purchased, probably a stinker!

    I still have to go back to my first POST (OK, that was in MSFN Forums, where one of the members sent me here for a good cleaning of my PC)

    and the programs that I listed which I have NO idea what they are??? I could delete them through Windows Install Clean Up ~~ but it would be nice to know what they are and if they are important to the functioning of some program. When I posted that first POST I was told to go through the other process which I did ~~ so NOW back to my first POST and LIST of programs:

    1. Bufferchm
    2. 3100_3200_3300_Help
    3. 3100_3200_3300_trb
    4. 3200
    5. Aio_Scan_CDA
    6. Canon G.7.26 WMP Decoder
    7. Instant Share Devices
    8. Market Research
    9. Scanner Copy
    10. Solution Center

    OK, I was only able to upload one of the jpg because it was a "hair" to big! Maybe you will see one of these programs on the add/remove programs list. What do I do about them??

    Or you can go over to the other Forum and see them all here:

    http://www.msfn.org/board/index.php?showtopic=91276&st=0&gopid=617849&#entry617849

    Thanks for all your time and I really appreciate your advise!
     
    suzyq55, Jan 26, 2007
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I think you were given good advice on the other forum. You might want to follow it as to keeping yourself safe.
    How to Protect Yourself...

    These two are okay:
    solution center ---HP Solution Center & Imaging Support Tools 5.3
    Canon g.7---Canon G.726 WMP-Decoder(Windows Media Player)



    Aio_Scan_CDA - should be deleted
    C:\temp\HP_WebRelease\Setup\BufferChm\BufferChm.cab - should be deleted
    C:\temp\HP_WebRelease\Setup\BufferChm\BufferChm.msi - should be deleted
    C:\temp\HP_WebRelease\Setup\BufferChm\ - should be deleted
    Market Research - should be deleted

    I have no idea of what the others are or where you are finding them.

    You need to toggle system restore.....turn it off, restart your computer and then turn it back on.

    Are you having any other problems?
     
    TimW, Jan 26, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds