Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Updates Don't Work [RESOLVED]


  • This topic is locked This topic is locked

#16
David_H

David_H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
No, no more signs of an infection. Computer runs, distinctly, quicker now.

No problem with other downloads, slowdowns (that I can detect) or pop-ups (that I can detect). Should I be looking for anything in particular?

I have a couple of questions that I would like to ask that came up in may review of the things you suggested.

1. Can I delete the folder C:\program files\mysearch and attendant folders and files under it?

2. Can I delete the following things that hijackthis finds:

* 04 - HKCU\..\Run: [Timezone]... [Add/remove didn't remove this.]

* 08 - Extra Content Menu &Add animation to Incredimail Style Box. (I tried Incredimail two or more years ago and didn't like it. Add/remove didn't remove this.]

* 09 - Extra Button (no name) ... (no name)

In addition, my father has WeatherBug on his computer. He's 94 and does not do this kind of thing. Are there instructions somewhere as to how to remove all of it without a trace? I'd like to get it off when I'm next up where he lives.

Finally, I'd like to thank you for your work on this. Reasonably clearly, I'd never have gotten this far.

To help answer the questions in #2, the highjackthis log follows:

-----

Logfile of HijackThis v1.99.1
Scan saved at 8:01:31 AM, on 9/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Preferred User\Desktop\HijackThis.exe

-----

Thanks again.

David
  • 0

Advertisements


#17
Matt.F

Matt.F

    Visiting Staff

  • Visiting Consultant
  • 512 posts
First, the TimeZone entry is a Microsoft utility that keeps your computer up-to-date with daylight savings time, etc. If you don't want it, you can feel free to fix it with HJT and delete it. The other two you can certainly delete.

Second, WeatherBug is not necessarily a malicious program, but if you want to remove it, the best way is to fix any entries you see of it in HijackThis and the files they correspond to. That is after you have tried removing it via Add/Remove Programs of course.

Before I let you go, let's rehide your system files and set a new Windows Restore Point.

We need to re-hide system files so that you don't accidentally delete something :whistling::
  • Open My Computer from the start menu.
  • Click the Tools menu, then select Folder options.
  • Open the View tab at the top.
  • Select the option Do not show hidden files and folders.
  • Check the box labeled Hide protected operating system files (Recommended).
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

Turn off System Restore.
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply, and then click OK.
Reboot.

Turn ON System Restore.
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • UN-Check *Turn off System Restore*.
  • Click Apply, and then click OK.
How to Turn On and Turn Off System Restore in Windows XP

That's it! Here are some tips for safer surfing in the future

Anti-Virus: Anti-virus software is absolutely critical to keeping your computer safe. If you do not have any, please download either AVG Free or avast! but not both. Running more than one anti-virus program causes conflicts and can actually reduce protection.

Firewall: A firewall is highly recommended in order to keep your computer safe from all kinds of nasties. A free version of ZoneLab's firewall ZoneAlarm is available here.

Anti-Spyware: Anti-spyware programs can be instrumental in preventing malware from infecting your computer in the first place. Periodic scans will keep your computer clean, and a few programs offer real-time malware protection.
  • Spybot Search&Destroy - Offers real-time protection with its Tea-timer software as well as an immunization feature and system scanner
  • Ad-aware SE Personal Edition 1.06 - Scans your system for numerous types of malware. Real-time protection is available via Ad-watch, available in the Professional Edition. Visit Lavasoft for more information.
  • SpywareBlaster - excellent program to prevent spyware from being installed on your computer.
  • SpywareGuard - real-time spyware protection against Browser Helper Objects (BHOs), dialers, etc.
Internet Browsers: the internet browser you use plays a large role in keeping you safe and secure. Check out these two suggestions for an alternative to Internet Explorer:
  • Mozilla Firefox - sleek and secure, Firefox is the fastest browser on the web with a built-in pop-up blocker as well as multiple available extensions.
  • Opera - a powerful, secure browser with a built-in pop-up blocker, E-mail program, RSS support, and IRC chat support.
Other Information: here are a couple of other things to keep in mind.
  • Windows Updates - It's very important to keep your computer updated with the latest security patches and software from Microsoft.
  • Also click here to read Tony Klein's article, "How Did I Get Infected in the First Place?"
Thanks for your patience during the clean-up process! Safe surfing!

Regards,
Matt
  • 0

#18
Matt.F

Matt.F

    Visiting Staff

  • Visiting Consultant
  • 512 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :whistling:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP