1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

'HijackThis' Scan. Can anyone help?

Discussion in 'Virus & Other Malware Removal' started by Skin1301, Apr 20, 2004.

Thread Status:
Not open for further replies.
  1. Skin1301

    Skin1301 Thread Starter

    Joined:
    Mar 10, 2004
    Messages:
    94
    Can anyone see anything wrong with this?

    Logfile of HijackThis v1.97.7
    Scan saved at 22:57:53, on 20/04/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\System32\Ati2evxx.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\WINDOWS\system32\Ati2evxx.exe
    E:\WINDOWS\Explorer.exe
    E:\WINDOWS\System32\System32.exe
    E:\WINDOWS\System32\sstray.exe
    E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    E:\Program Files\Common Files\Real\Update_OB\realsched.exe
    E:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    E:\Program Files\Bargain Buddy\bin\bargains.exe
    E:\Program Files\DownloadWare\dw.exe
    E:\WINDOWS\System32\ctfmon.exe
    E:\Program Files\LiveUpdate\LiveUpdate.exe
    C:\Program Files\E-Color\Common\IconMgr.exe
    C:\Program Files\E-Color\E-Color Indicator\TICIcon.exe
    E:\WINDOWS\System32\wuauclt.exe
    E:\Program Files\Internet Explorer\IEXPLORE.EXE
    E:\Documents and Settings\Skin\Desktop\hijackthis\HijackThis.exe

    F0 - system.ini: Shell=Explorer.exe E:\WINDOWS\System32\System32.exe
    F2 - REG:system.ini: Shell=Explorer.exe E:\WINDOWS\System32\System32.exe
    O2 - BHO: (no name) - {00000762-3965-4A1A-98CE-3D4BF457D4C8} - E:\Program Files\Lycos\Sidesearch\sidesearch13218.dll
    O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - E:\WINDOWS\bxxs5.dll
    O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - E:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
    O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - E:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
    O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - E:\Program Files\Bargain Buddy\bin\apuc.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - E:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
    O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
    O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE E:\WINDOWS\bxxs5.dll,DllRun
    O4 - HKLM\..\Run: [Bargains] E:\Program Files\Bargain Buddy\bin\bargains.exe
    O4 - HKLM\..\Run: [DownloadWare] "E:\Program Files\DownloadWare\dw.exe" /H
    O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BTCLiveUpdate] "E:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: E-Color.lnk = C:\Program Files\E-Color\Common\IconMgr.exe
    O4 - Global Startup: PC Alert 4.lnk = E:\Program Files\MSI\PC Alert 4\PCAlert4.exe
    O8 - Extra context menu item: &Google Search - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://E:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://E:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://E:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Sidesearch (HKLM)
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {7CA3D0A3-7E2E-4AAB-A75E-FAB8ECA8BD95} (Skilljam Game Player Object) - http://skill.skilljam.com/ssp/SSP.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    Cheers.
     
  2. Skin1301

    Skin1301 Thread Starter

    Joined:
    Mar 10, 2004
    Messages:
    94
    I am trying the 'hijackthis' report because i have a problem with my hurcules g-force 7500 128mb agp graphics card. can anyone see anything on this report that might affect the card? Any help would be much appricated.
     
  3. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Scanlogs are always best posted in the Security forum.

    Yes there are numerous problems with that one, whether they are affecting graphics will remain to be seen.

    For now, check the following entries in the HijackThis Scan, close the browser, and click Fix Checked.

    F0 - system.ini: Shell=Explorer.exe E:\WINDOWS\System32\System32.exe
    F2 - REG:system.ini: Shell=Explorer.exe E:\WINDOWS\System32\System32.exe
    O2 - BHO: (no name) - {00000762-3965-4A1A-98CE-3D4BF457D4C8} - E:\Program Files\Lycos\Sidesearch\sidesearch13218.dll
    O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - E:\WINDOWS\bxxs5.dll
    O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - E:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
    O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - E:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL

    O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - E:\Program Files\Bargain Buddy\bin\apuc.dll

    O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - E:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL

    O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE E:\WINDOWS\bxxs5.dll,DllRun
    O4 - HKLM\..\Run: [Bargains] E:\Program Files\Bargain Buddy\bin\bargains.exe
    O4 - HKLM\..\Run: [DownloadWare] "E:\Program Files\DownloadWare\dw.exe" /H

    >> Reboot and find and delete the bolded files or folders above.

    >> Important: to complete this cleaning you should install, UPDATE, and run a full Ad-Aware scan following Winchester's directions below. Then return here (I'll move this to Security) and post a new Scanlog.

    Ad-Aware Home Page and Ad-Aware 6: Reference Guide by Winchester73
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - 'HijackThis' Scan anyone
  1. dogluver
    Replies:
    29
    Views:
    2,674
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/222393

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice