1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Removing Bearshare Toolbar-Help!

Discussion in 'Virus & Other Malware Removal' started by NCGirlUSA, Mar 9, 2009.

Thread Status:
Not open for further replies.
Advertisement
  1. NCGirlUSA

    NCGirlUSA Thread Starter

    Joined:
    Apr 7, 2007
    Messages:
    67
    Hello, I am trying to remove Bearshare toolbar. It keeps changing my default page to Bearshare, and causes my computer to be really slow. I need help removing it. Below is my hjt log.

    Thanks


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:18:00 AM, on 3/9/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\Ati2evxx.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\Ati2evxx.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\WINDOWS\system32\CTsvcCDA.EXE
    F:\Program Files\Java\jre6\bin\jqs.exe
    F:\Program Files\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
    F:\WINDOWS\system32\svchost.exe
    F:\Program Files\Canon\CAL\CALMAIN.exe
    F:\Program Files\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
    F:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
    F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    F:\WINDOWS\CTHELPER.EXE
    F:\Program Files\Java\jre6\bin\jusched.exe
    F:\Program Files\Winamp\winampa.exe
    F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    F:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
    F:\WINDOWS\system32\ctfmon.exe
    F:\Program Files\Messenger\msmsgs.exe
    F:\Program Files\Winamp Remote\bin\OrbTray.exe
    F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\WINDOWS\system32\notepad.exe
    F:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Paint Shop Pro 9.exe
    F:\Program Files\Outlook Express\msimn.exe
    F:\Program Files\Internet Explorer\iexplore.exe
    F:\WINDOWS\system32\NOTEPAD.EXE
    F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - F:\Program Files\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [CTDVDDET] "F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [CTSysVol] F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [RCSystem] "F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
    O4 - HKLM\..\Run: [AudioDrvEmulator] "F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "F:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [UpdReg] F:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "F:\Program Files\Winamp\winampa.exe"
    O4 - HKCU\..\Run: [Creative Detector] F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - HKCU\..\Run: [Creative MediaSource Go] "F:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
    O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Orb] "F:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JS...9/&filename=jinstall-6u12-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - F:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Norton AntiVirus - Symantec Corporation - F:\Program Files\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe

    --
    End of file - 6268 bytes
     
  2. NCGirlUSA

    NCGirlUSA Thread Starter

    Joined:
    Apr 7, 2007
    Messages:
    67
    Never mind I got it.
    Thanks anyway.
    NCGirlUSA
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/807702