PPRuNe Forums - View Single Post - "HighJack This" Report
Thread: "HighJack This" Report
View Single Post
Old 19th Dec 2004, 08:12
  #4 (permalink)  
E-Liam
 
Join Date: Jan 2004
Location: Bracknell UK
Posts: 357
Likes: 0
Received 0 Likes on 0 Posts
Hi SC,

As you may have read, I've suffered a crashed hard disc and am now using a brand new machine. This means that until I send back my file of C&Ps from work tommorrow, you won't get any of the pretty formatted text I usually do.. although I'm digging it out from previous posts. No great problems that I can see, although you do have a couple of baddies in there.

Please run a new HJT! Scan, and check to fix the following entries, being sure to double check that you haven't missed any. Next, close all browser windows and click the Fix checked button…

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?T...ilion&pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?T...ilion&pf=laptop

O2 - BHO: STIEbarBHO Class - {D797AD6C-6447-4DB4-91D0-090344408E72} - C:\Program Files\0CAT YellowPages\STIEbar.dll

O3 - Toolbar: 0CAT Yellow Pages - {679695BC-A811-4A9D-8CDF-BA8C795F261A} - C:\Program Files\0CAT YellowPages\STIEbar.dll

O9 - Extra button: My button - {47FE5D70-9AA2-40F1-9C6B-12A255F085EA} - C:\Program Files\0CAT YellowPages\STIEbar.dll

O9 - Extra 'Tools' menuitem: My menu - {47FE5D70-9AA2-40F1-9C6B-12A255F085EA} - C:\Program Files\0CAT YellowPages\STIEbar.dll

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=lapt op

Then please delete the following folder..

C:\Program Files\0CAT YellowPages

and empty the recycle bin.

Please download AdAware SE from http://www.lavasoftusa.com/software/adaware/
First, in the main window, look in the bottom right corner and click on Check for updates now and download the latest reference files.

Next, we need to configure Ad-aware for a full scan.

Click on the Gear icon (second from the left) to access the preferences/settings window

1. In the General window make sure the following are selected:
· Automatically save log-file
· Automatically quarantine objects prior to removal
· Safe Mode (always request confirmation)

2. Click on the Scanning button on the left and select :
· Scan Within Archives
· Scan Active Processes
· Scan Registry
· Deep Scan Registry
· Scan my IE favorites for banned URL’s
· Scan my Hosts file

· Under Click here to select drives + folders, choose:
· All of your hard drives | Proceed

3. Click on the Advanced button on the left and select:
· Include additional process information
· Include additional file information
· Include environment information

4. Click the Tweak button and select:
· Under the Scanning Engine:
· Unload recognized processes & modules during scan
· Include additional Ad-aware settings in logfile
· Under the Cleaning Engine:
· Let Windows remove files in use at next reboot

5. Click on Proceed to save the settings.

6. Click Start and on the next screen choose:
· Use Custom Scanning Options

7. Click Next and Ad-aware will scan your hard drive(s) with the options you have selected.

When finished, mark everything for removal and get rid of it. (Right-click the window and choose Select All from the drop down menu and click Next).

Next, please reboot again and download Spybot - Search & Destroy 1.3 from http://security.kolla.de/
Click on Updates | Download Updates, and follow the prompts.

Next, close all Internet Explorer windows, and click Check for Problems. Once the scan is complete, have SpyBot remove all it finds marked in RED.

Next reboot and go http://housecall.trendmicro.com/, and run the online virus scan; choosing the Autoclean option just before clicking the Scan button.

Then please post a new log from each machine for a final once over.

Cheers

Liam
E-Liam is offline