Attn: Phillie Phan or BJGarrick - Need Help

I ran all suggested scans. Still having problem at shut down - get error msg that program hpcmpmgr.exe not responding. Attached is hijack log. Thanks

Katie

 

The hpcmpmgr.exe is the main process belonging to the HP Component Manager, and is important to the running of their range of multimedia products. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems.


NOW:


Do another scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.


R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://dell.mmguide.musicmatch.com/aod/aodPromo.cgi?reference=1&name=OutKast - %20Artist%20ON%20DEMAND¶ms=stationid%3Dartist%26artistid%3D357887%26aod%3DAO D%26xml%3Dstrict&sname=OutKast%20-%20Artist%20ON%20DEMAND

R3 - URLSearchHook: URL Search Hook - {AA460422-2CEF-400f-AA05-F63368E04706} - C:\WINDOWS\System32\sh.dll

O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: IE Toolbar - {54BEDD5E-CDF7-4e97-8481-AE381AF7F110} - C:\PROGRA~1\BETTER~1\BHGTBU~1.DLL
O3 - Toolbar: (no name) - {D6223CBC-A263-4CB1-B35E-1AE40FEF3B3B} - (no file)

O4 - HKLM\..\Run: [pqzuhcn] C:\WINDOWS\pqzuhcn.exe
O4 - HKLM\..\Run: [pezmbqp] C:\WINDOWS\pezmbqp.exe
O4 - HKLM\..\Run: [hkqvjpkgafq] C:\WINDOWS\System32\fpyurk.exe

O9 - Extra button: Support - {08581DFC-54D2-4E6D-8A61-76670578F576} - http://www.comcastsupport.com (file missing) (HKCU)
O9 - Extra button: Help - {147CC2D9-F311-45FA-8921-029E86EBDA24} - http://www.comcast.net/memberservices/ (file missing) (HKCU)
O9 - Extra button: ComcastHSI - {D18FAE7B-7ED7-484C-A00E-9D74E00E709E} - http://www.comcast.net (file missing) (HKCU)

O19 - User stylesheet: (file missing)

O23 - Service: Windows System Uninstaller (HackerDefender100) - Unknown owner - C:\WINDOWS\winunins.exe (file missing


Again, make sure All Browser Windows are Closed when you Click FIX.


NOW:
Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled and navigate to and DELETE the following if they should remain:

C:\Program Files\BETTER~1 ←–– Delete this whole folder if it exist!

C:\WINDOWS\pqzuhcn.exe

C:\WINDOWS\pezmbqp.exe

C:\WINDOWS\System32\fpyurk.exe

C:\WINDOWS\System32\sh.dll


NEXT:
Run CCleaner



Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Reboot to Normal Windows , Scan with HijackThis and attach the new log.
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

Good Luck!

 

Could you please look at 2 other posts I have in Hardware and Software. I'm attempting to fix a few problems with my Mother-in-Law's PC. Thanks

 

Sure, can you post me some links to the threads?

 

Here is the lates hijackthis log. Thanks

 

Log is clean except for this one entry. Lets try this, reboot into safe mode.

Scan with HJT and fix the entry below with ALL browsers closed.

O3 - Toolbar: (no name) - {D6223CBC-A263-4CB1-B35E-1AE40FEF3B3B} - (no file)


Reboot into normal mode and post a new HJT log. Lets see if it comes back.

Let me know!


Are you still getting the error on shutdown? If so, not a big deal as I get some of these sometimes. Its just windows closing the running program so it can shutdown/restart.

 

Here is latest. Thanks

 

Log is clean!

Are you currently having any further problems?

 

No other than that program not responding, and not being able to print to the HP all is good. The in-law is in better shape. Thanks for all your help.

 

Your Welcome! About the printer, post that in the Software Forum and you can get that problem resolved. Good Luck!

To prevent re-infection you should see this article on How to Protect yourself from malware!