MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: HiJackThis Freezes my comp
October 15, 2019, 01:49:20 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
October 15, 2019, 01:49:20 AM

Login with username, password and session length
 
News
New  Got pics of your modded PC or want to show off your cool desktop, visit our new Show & Tell forum!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: HiJackThis Freezes my comp  (Read 2118 times)
Soran
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« on: October 26, 2004, 09:45:15 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version: Windows 98
Problem Application Name & Version: HiJack This, latest version
Problem Hardware Make & Model:?
Error Messages: None, just freezes



Whenever I open HiJack This, I click check or whatever, and it checks, it gets mostly done, and then freezes. Can anyone help me?

Logged

..I have to many problems with computers.
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: October 27, 2004, 09:22:39 AM »

Start by running "SpyBot S&D'and fix all it finds.Do the same with Adaware and then see if that helps...
Logged

An Australian Member of

EDDY
Soran
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« Reply #2 on: October 27, 2004, 02:38:17 PM »

I have already ran Spybot Search and Destroy, I will work on Adaware.
Logged

..I have to many problems with computers.
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #3 on: October 27, 2004, 02:43:45 PM »

Do you have IE Spyad installed.I did and it froze my hijack this scan.As soon as I uninstalled it it worked.Now I just uninstall when I need to do a scan
Logged

John Vickers
Soran
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« Reply #4 on: October 27, 2004, 02:49:19 PM »

I do have IE Spypad installed. Thank you.
Logged

..I have to many problems with computers.
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #5 on: October 27, 2004, 03:11:02 PM »

Let me know if that works for you
Logged

John Vickers
Soran
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« Reply #6 on: October 27, 2004, 03:25:22 PM »

It was a success. Heres my log..

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\WINDOWS\DHBRWSR.EXE
C:\WINDOWS\PGTAFF.EXE
C:\WINDOWS\SYSTEM\BLA_HOOK.EXE
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\DR_S\DR_S.EXE
C:\WINDOWS\SYSTEM\C2ARES.EXE
C:\PROGRAM FILES\WEB OFFER\WO.EXE
C:\WINDOWS\APPLICATION DATA\SEOR.EXE
C:\WINDOWS\SYSTEM\FLZRIJB.EXE
C:\PROGRAM FILES\CLOCKSYNC\SYNC.EXE
C:\WINDOWS\SYSSFITB.EXE
D:\PROGRAMS\UTILITIES\WIN KILLER\WINKILL.EXE
D:\PROGRAMS\TWEAKS\T CLOCK\TCLOCK.EXE
D:\PROGRAMS\UTILITIES\SYSTEM TRAY\TRAY IT\TRAYIT!.EXE
D:\PROGRAMS\TWEAKS\TRANSPARENT41\TRANSPARENTD.EXE
D:\PROGRAMS\UTILITIES\QUICKCLEAR\QCLITE.EXE
D:\PROGRAMS\DIRECTORY STUFF\WINGO\WINGO.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
D:\PROGRAMS\INTERNET\ONLINE TOOLS\ADKILLER\KILLAD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\WEB_REBATES\WEBREBATES1.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WEB_REBATES\WEBREBATES0.EXE
C:\WINDOWS\DESKTOP\ALEXANDER'S FOLDER\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchforit.com/searchbar
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchforit.com/searchbar
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchforit.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchforit.com/searchbar
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchforit.com/searchbar
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchforit.com/searchbar
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchforit.com/searchbar
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\OOBE\BLANK.HTM
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = file:///D:/Programs/Internet/Logins/Log-ins.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\PROGRAM FILES\TV MEDIA\TVMBHO.DLL
O2 - BHO: Band Class - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - C:\WINDOWS\DEALHLPR.DLL
O2 - BHO: SDWin32 Class - {16E09720-254C-11D9-88A4-00A0CC336672} - C:\WINDOWS\SYSTEM\BQXCG.DLL
O2 - BHO: (no name) - {3CF7460B-B040-04BD-8753-60550DF22A49} - C:\WINDOWS\SYSTEM\XUGCHAB.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\WINDOWS\DESKTOP\ALEXAN~1\SPYBOT\SDHELPER.DLL
O2 - BHO: Replace Search Ctl - {832BEBED-C3DA-4534-A2C2-B2FFF220C820} - C:\WINDOWS\SYSTEM\REPLACESEARCH.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: searchforit - {C109664B-CEB1-420b-B353-D55A561536DD} - C:\WINDOWS\SYSTEM\SYSSFITB.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [DealHelperUpdate] C:\WINDOWS\DHUpdt.exe
O4 - HKLM\..\Run: [DealHelperBrwsr] C:\WINDOWS\dhbrwsr.exe
O4 - HKLM\..\Run: [VBundleOuterDL] C:\Program Files\VBouncer\BundleOuter.EXE
O4 - HKLM\..\Run: [WebRebates0] C:\Program Files\Web_Rebates\WebRebates0.exe
O4 - HKLM\..\Run: [TV Media] C:\PROGRAM FILES\TV MEDIA\Tvm.exe
O4 - HKLM\..\Run: [bqxcgc] C:\WINDOWS\SYSTEM\bqxcgc.exe
O4 - HKLM\..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKLM\..\Run: [CONSCORR] C:\WINDOWS\CONSCORR.exe
O4 - HKLM\..\Run: [qtEQ38Q] BLA_HOOK.EXE
O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakLogon
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKCU\..\Run: [Quick Folders] rundll32 qfolders.cpl,Load
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKCU\..\Run: [TV Media] C:\PROGRAM FILES\TV MEDIA\Tvm.exe
O4 - HKCU\..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKCU\..\Run: [bAx4RUcqe] C2ARES.EXE
O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - HKCU\..\Run: [Rouc] C:\WINDOWS\Application Data\seor.exe
O4 - HKCU\..\Run: [Pikfh] C:\WINDOWS\SYSTEM\flzrijb.exe
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe
O4 - HKCU\..\Run: [SYSsfitb] C:\WINDOWS\SYSsfitb.exe
O4 - HKCU\..\RunServices: [Quick Folders] rundll32 qfolders.cpl,Load
O4 - HKCU\..\RunServices: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\RunServices: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKCU\..\RunServices: [TV Media] C:\PROGRAM FILES\TV MEDIA\Tvm.exe
O4 - HKCU\..\RunServices: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKCU\..\RunServices: [bAx4RUcqe] C2ARES.EXE
O4 - HKCU\..\RunServices: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - HKCU\..\RunServices: [Rouc] C:\WINDOWS\Application Data\seor.exe
O4 - HKCU\..\RunServices: [Pikfh] C:\WINDOWS\SYSTEM\flzrijb.exe
O4 - HKCU\..\RunServices: [ClockSync] C:\Program Files\ClockSync\Sync.exe
O4 - HKCU\..\RunServices: [SYSsfitb] C:\WINDOWS\SYSsfitb.exe
O4 - Startup: WinKill.lnk = D:\Programs\Utilities\Win Killer\WinKill.exe
O4 - Startup: TClock.lnk = D:\Programs\Tweaks\T Clock\TClock.exe
O4 - Startup: TrayIt.lnk = D:\Programs\Utilities\System tray\Tray it\TrayIt!.exe
O4 - Startup: TransIcons.lnk = D:\Programs\Tweaks\Transparent41\TransparentD.exe
O4 - Startup: Quick Clear.lnk = D:\Programs\Utilities\QuickClear\qclite.exe
O4 - Startup: WinGO.lnk = D:\Programs\Directory Stuff\WinGO\WinGO.exe
O4 - Startup: Iomega Spindown.lnk = D:\Programs\CDRW\CD ROM Tool\cdromtool.exe
O4 - Startup: Pop-Up Killer.lnk = D:\Programs\Internet\Online Tools\AdKiller\killad.exe
O8 - Extra context menu item: Validate &HTML - C:\WINDOWS\Web\valid.htm
O8 - Extra context menu item: &Disable Style Sheets - C:\WINDOWS\Web\nostyle.htm
O8 - Extra context menu item: &Document Tree - C:\WINDOWS\web\tree.htm
O8 - Extra context menu item: View Partial So&urce - C:\WINDOWS\web\source.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: &Define - file://C:\WINDOWS\WEBster.htm
O8 - Extra context menu item: Encyclopedia &Lookup - file://C:\WINDOWS\WEBEncyc.htm
O8 - Extra context menu item: IMDb &Title Search - C:\WINDOWS\WEB\imdbtitlesearch.htm
O8 - Extra context menu item: IMDb &Name Search - C:\WINDOWS\WEB\imdbnamesearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &NeoTrace It! - C:\Program Files\NeoWatch\NTXcontext.htm
O8 - Extra context menu item: Archive Selected Text - C:\WINDOWS\web\ArchiveSelTxt.htm
O8 - Extra context menu item: Count Te&xt - C:\Program Files\IE Count Text\iect.html
O8 - Extra context menu item: Count &Keywords - C:\Program Files\IE Count Keywords\ieck.html
O8 - Extra context menu item: Linked Ima&ges - C:\Program Files\IEimage\IEimage.htm
O8 - Extra context menu item: Link Popularity - http://route.mouseclickapplication.com/cgi-bin/partner/router.cgi?partner=main&version=1&set=1&tool=1
O8 - Extra context menu item: Keyword Density - http://route.mouseclickapplication.com/cgi-bin/partner/router.cgi?partner=main&version=1&set=1&tool=2
O8 - Extra context menu item: Position Reporter - http://route.mouseclickapplication.com/cgi-bin/partner/router.cgi?partner=main&version=1&set=1&tool=3
O8 - Extra context menu item: SE Submission - http://route.mouseclickapplication.com/cgi-bin/partner/router.cgi?partner=main&version=1&set=1&tool=4
O8 - Extra context menu item: SE Optimizer - http://route.mouseclickapplication.com/cgi-bin/partner/router.cgi?partner=main&version=1&set=1&tool=5
O8 - Extra context menu item: Advanced Properties - http://www.advancedpropertiesie.com/advprops/advprop.php?rd=1015936236850
O8 - Extra context menu item: Download Links As... - file://C:\WINDOWS\SYSTEM\page.htm
O8 - Extra context menu item: Download Target(s) As... - file://C:\WINDOWS\SYSTEM\link.htm
O8 - Extra context menu item: &5 Fill from Identity - res://C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORM.DLL/ComFillIdent.html
O8 - Extra context menu item: &6 Fill from Passcard - res://C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORM.DLL/ComFillPass.html
O8 - Extra context menu item: &7 Fill Forms - res://C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORM.DLL/ComFillForms.html
O8 - Extra context menu item: &8 Save Forms - res://C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORM.DLL/ComSavePass.html
O8 - Extra context menu item: IEB: Frame: Open in &New Window - C:\Program Files\IE Booster\frame-open-in-new-window.html
O8 - Extra context menu item: IEB: Frame: Open in &This Window - C:\Program Files\IE Booster\frame-open-in-this-window.html
O8 - Extra context menu item: IEB: Image: Copy Path to Clipboard - C:\Program Files\IE Booster\image-copy-path-to-clipboard.html
O8 - Extra context menu item: IEB: Image: Show Image Data - C:\Program Files\IE Booster\image-view-image-data.html
O8 - Extra context menu item: IEB: Link: Copy as <A href="URL">caption</A> - C:\Program Files\IE Booster\link-copy.html
O8 - Extra context menu item: IEB: Page: Copy Title as <A href="URL">Title</a> - C:\Program Files\IE Booster\page-copy-title.html
O8 - Extra context menu item: IEB: Page: Show Forms and Applets - C:\Program Files\IE Booster\page-show-forms.html
O8 - Extra context menu item: IEB: Page: Show Hyperlinks - C:\Program Files\IE Booster\page-view-hyperlinks.html
O8 - Extra context menu item: IEB: Page: Show Source - C:\Program Files\IE Booster\page-view-source.html
O8 - Extra context menu item: IEB: Page: Show Stylesheets - C:\Program Files\IE Booster\page-view-stylesheets.html
O8 - Extra context menu item: IEB: Selection: Open in Browser - C:\Program Files\IE Booster\selection-open-in-browser.html
O8 - Extra context menu item: IEB: Page: Show Images - C:\Program Files\IE Booster\page-show-images.html
O8 - Extra context menu item: IEB: Selection: Show Partial Source - C:\Program Files\IE Booster\selection-show-source.html
O8 - Extra context menu item: IEB: Browser: Resize Window - C:\Program Files\IE Booster\window-size.html
O8 - Extra context menu item: IEB: Selection: Copy as plain text - C:\Program Files\IE Booster\selection-copy-plaintext.html
O8 - Extra context menu item: IEB: Link: Open in New Minimized Window - C:\Program Files\IE Booster\link-open-minimized.html
O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: AddaButton - {D0281F6F-F450-4baa-A932-16EDDFD9F219} - C:\Program Files\AddaButton\aab.exe (HKCU)
O9 - Extra 'Tools' menuitem: AddaButton - {D0281F6F-F450-4baa-A932-16EDDFD9F219} - C:\Program Files\AddaButton\aab.exe (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\Program Files\NeoWatch\NTXtoolbar.htm (HKCU)
O9 - Extra button: Download Mage - {3037FC09-62A6-4446-AA30-BB9DB0CD9B65} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Download Mage - {3037FC09-62A6-4446-AA30-BB9DB0CD9B65} - (no file) (HKCU)
O9 - Extra button: GrabIt - {D7C9BA79-A8C8-442e-B239-6C571815DBD4} - D:\Programs\Internet\GrabIt\GrabIt.exe (HKCU)
O9 - Extra 'Tools' menuitem: GrabIt - {D7C9BA79-A8C8-442e-B239-6C571815DBD4} - D:\Programs\Internet\GrabIt\GrabIt.exe (HKCU)
O9 - Extra button: Pop-up Killer - {49A4746B-488B-4843-9C66-F8C97464CF19} - D:\Programs\Internet\Online Tools\AdKiller\killad.exe (HKCU)
O9 - Extra 'Tools' menuitem: Pop-up Killer - {49A4746B-488B-4843-9C66-F8C97464CF19} - D:\Programs\Internet\Online Tools\AdKiller\killad.exe (HKCU)
O9 - Extra button: Max Windows - {46FBD990-906E-4cd1-83EB-0523EE60006B} - C:\Program Files\IE New Window Maximizer\IE New Window Maximizer.exe (HKCU)
O9 - Extra 'Tools' menuitem: Max Windows - {46FBD990-906E-4cd1-83EB-0523EE60006B} - C:\Program Files\IE New Window Maximizer\IE New Window Maximizer.exe (HKCU)
O9 - Extra button: Arachno - {C5D305B0-431B-45d3-8E07-707D1F36AF0D} - D:\Programs\HTML\Arachnophilia\arach.exe (HKCU)
O9 - Extra 'Tools' menuitem: Arachno - {C5D305B0-431B-45d3-8E07-707D1F36AF0D} - D:\Programs\HTML\Arachnophilia\arach.exe (HKCU)
O9 - Extra button: Dreamweaver - {36C2D576-631E-44c6-90B4-4EBE9646DA53} - D:\Programs\HTML\Macromedia\Dreamweaver 4\Dreamweaver.exe (HKCU)
O9 - Extra 'Tools' menuitem: Dreamweaver - {36C2D576-631E-44c6-90B4-4EBE9646DA53} - D:\Programs\HTML\Macromedia\Dreamweaver 4\Dreamweaver.exe (HKCU)
O9 - Extra button: PSP 6 - {9AC215C7-785A-4120-9DDA-07947660B96E} - D:\Programs\Graphics\Paint Shop Pro 6\Psp.exe (HKCU)
O9 - Extra 'Tools' menuitem: PSP 6 - {9AC215C7-785A-4120-9DDA-07947660B96E} - D:\Programs\Graphics\Paint Shop Pro 6\Psp.exe (HKCU)
O9 - Extra button: Eudora - {E9C2CFFF-F604-4b31-B2F5-A199A6802A21} - D:\Programs\Internet\Eudora Pro\Eudora.exe (HKCU)
O9 - Extra 'Tools' menuitem: Eudora - {E9C2CFFF-F604-4b31-B2F5-A199A6802A21} - D:\Programs\Internet\Eudora Pro\Eudora.exe (HKCU)
O9 - Extra button: GS Notes - {3FC82BF6-B94C-4429-966D-E571851920E4} - D:\Programs\Text\GoldenSection Notes\GSNotes.exe (HKCU)
O9 - Extra 'Tools' menuitem: GS Notes - {3FC82BF6-B94C-4429-966D-E571851920E4} - D:\Programs\Text\GoldenSection Notes\GSNotes.exe (HKCU)
O9 - Extra button: SpamBuster - {52D114BB-CA74-4543-94F1-096A4796F328} - D:\Programs\Internet\SpamBuster\spamBuster.exe (HKCU)
O9 - Extra 'Tools' menuitem: SpamBuster - {52D114BB-CA74-4543-94F1-096A4796F328} - D:\Programs\Internet\SpamBuster\spamBuster.exe (HKCU)
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.net/DM0/cab/nce9rck.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {FE4BBEA8-1EFD-4B8A-BD1B-341CCDBEEAA6} (Dhsigned Control) - http://ads.dealhelper.com/updates/DealHelperNew.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab

« Last Edit: October 27, 2004, 03:26:18 PM by Soran » Logged

..I have to many problems with computers.
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #7 on: October 27, 2004, 03:29:42 PM »

Or give hijackthis time to do it's job
IE-Spyad put over 5000 entries in the restricted sites settings
Hijackthis is checking those domains to see if any are following the Trusted zones settings

If it definitely won't finish the scan
Navigate to C:\ie-spyad
Open the folder and double click on ie-ads-uninst
Ok the prompt

After the hijackthis scan is done you should be able to go back and double click on the ie-ads reg. file to return those domains back to the
Restricted zones settings or wait till after you have completed the fixes, if any

Edit--Hee hee, I guess you figured it out
« Last Edit: October 27, 2004, 03:30:38 PM by benditup » Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #8 on: October 27, 2004, 03:43:54 PM »

You have a fairly long log and I have to leave for work shortly.If no one has looked at it I will check it this evening when I get home
Logged

John Vickers
Soran
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« Reply #9 on: October 27, 2004, 03:46:13 PM »

OK.
Logged

..I have to many problems with computers.
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #10 on: October 28, 2004, 12:53:30 PM »

Ok first go to start>settings>control Panel>add and remove programs and if any of these are there uninstall:

websearch
sidesearch
TV MEDIA
Viewpoint
Web_Rebates

Next Run Hijack This and place a check next to the following:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\PROGRAM FILES\TV MEDIA\TVMBHO.DLL
O2 - BHO: Band Class - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - C:\WINDOWS\DEALHLPR.DLL
O2 - BHO: SDWin32 Class - {16E09720-254C-11D9-88A4-00A0CC336672} - C:\WINDOWS\SYSTEM\BQXCG.DLL
O2 - BHO: (no name) - {3CF7460B-B040-04BD-8753-60550DF22A49} - C:\WINDOWS\SYSTEM\XUGCHAB.DLL
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [DealHelperUpdate] C:\WINDOWS\DHUpdt.exe
O4 - HKLM\..\Run: [DealHelperBrwsr] C:\WINDOWS\dhbrwsr.exe
O4 - HKLM\..\Run: [VBundleOuterDL] C:\Program Files\VBouncer\BundleOuter.EXE
O4 - HKLM\..\Run: [WebRebates0] C:\Program Files\Web_Rebates\WebRebates0.exe
O4 - HKLM\..\Run: [TV Media] C:\PROGRAM FILES\TV MEDIA\Tvm.exe
O4 - HKLM\..\Run: [bqxcgc] C:\WINDOWS\SYSTEM\bqxcgc.exe
O4 - HKLM\..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKLM\..\Run: [CONSCORR] C:\WINDOWS\CONSCORR.exe
O4 - HKLM\..\Run: [qtEQ38Q] BLA_HOOK.EXE
O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKCU\..\Run: [TV Media] C:\PROGRAM FILES\TV MEDIA\Tvm.exe
O4 - HKCU\..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKCU\..\Run: [bAx4RUcqe] C2ARES.EXE
O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - HKCU\..\Run: [Rouc] C:\WINDOWS\Application Data\seor.exe
O4 - HKCU\..\Run: [Pikfh] C:\WINDOWS\SYSTEM\flzrijb.exe
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe
O4 - HKCU\..\Run: [SYSsfitb] C:\WINDOWS\SYSsfitb.exe
O4 - HKCU\..\RunServices: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKCU\..\RunServices: [TV Media] C:\PROGRAM FILES\TV MEDIA\Tvm.exe
O4 - HKCU\..\RunServices: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKCU\..\RunServices: [bAx4RUcqe] C2ARES.EXE
O4 - HKCU\..\RunServices: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - HKCU\..\RunServices: [Rouc] C:\WINDOWS\Application Data\seor.exe
O4 - HKCU\..\RunServices: [Pikfh] C:\WINDOWS\SYSTEM\flzrijb.exe
O4 - HKCU\..\RunServices: [ClockSync] C:\Program Files\ClockSync\Sync.exe
O4 - HKCU\..\RunServices: [SYSsfitb] C:\WINDOWS\SYSsfitb.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Download Mage - {3037FC09-62A6-4446-AA30-BB9DB0CD9B65} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Download Mage - {3037FC09-62A6-4446-AA30-BB9DB0CD9B65} - (no file) (HKCU)
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.net/DM0/cab/nce9rck.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab

Close all windows except hijack this and click fix

Boot into safe mode making sure you can see hidden files and folders:


How To Boot Into SafeMode

How To Show Hidden Files And Folders


Delete The Following:

C:\PROGRAM FILES\VIEWPOINT<folder
C:\WINDOWS\DHBRWSR.EXE<file
C:\WINDOWS\PGTAFF.EXE<file
C:\WINDOWS\SYSTEM\BLA_HOOK.EXE<file
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE<file
C:\PROGRAM FILES\DR_S\DR_S.EXE<file
C:\WINDOWS\SYSTEM\C2ARES.EXE<file
C:\PROGRAM FILES\WEB OFFER<folder
C:\WINDOWS\APPLICATION DATA\SEOR.EXE<file
C:\WINDOWS\SYSTEM\FLZRIJB.EXE<file
C:\WINDOWS\SYSSFITB.EXE<file
C:\PROGRAM FILES\WEB_REBATES<folder

Reboot and post a new hijack this log but this time please include the header of the log containing operating system,hjt version etc.
As your log was so long I'm sure there will be some things I missed but we'll get you all cleaned up.







« Last Edit: October 28, 2004, 01:25:12 PM by jvic » Logged

John Vickers
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page June 15, 2018, 12:07:52 PM