Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

rdriv installation


  • This topic is locked This topic is locked

#61
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
ya i did so.
while installing, appeared a window saying that it need to access the internet, so in that option i clicked later and then the window appeared saying that it would look for the required stuff when i am online and then i clicked finished

then i rebooted and ther appeared no installation window this time.
but the processes r still running prety slow.
  • 0

Advertisements


#62
g2i2r4

g2i2r4

    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Launch ewido, there should be an icon on your desktop double-click it.
The program will prompt you to update click the OK button

The program will now go to the main screen
You will need to update ewido to the latest definition files.On the left hand side of the main screen click update
Click on Start
The update will start and a progress bar will show the updates being installed.* Click on scanner
* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop
Reboot your machine and post back a new HJT log and the ewido.txt log file you saved by using Add Reply

Edited by g2i2r4, 14 July 2005 - 02:41 AM.

  • 0

#63
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
hello . i have done both the process.
below is the ewido log



---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:05:45 PM, 7/14/2005
+ Report-Checksum: 164F5BF1

+ Scan result:

HKLM\SOFTWARE\Classes\AppID\Hyperbar.DLL -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\HyperbarSS3.DLL -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{047E7D40-FD9B-483A-934B-361C2A581506} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{C4AC1481-6C39-433E-BD39-2A05FBF45BA7} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{03BB57D6-9C96-4B55-9BBF-54060A7CB0EC} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1EDF3CEE-B9DA-4508-B900-44EB34191465} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2925BAA3-CC06-4808-A308-32D5AFB0DDFE} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2F6F5329-6B57-4D2D-B6AB-662793AEB986} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{39CDE95F-7466-463A-81DE-CA0CDD7F6687} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{414162F2-8BEE-44BD-A79F-A5121B3C911F} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{52612A25-88CA-42C8-8337-B9E555BAD6D4} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{60549BE9-A4A5-4a40-94EC-C19EAC88AD99} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6D4C2692-B5CE-4159-9A91-C76AFE24DA70} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{90B3F2FC-413E-4B1A-AD4B-E9130B9A54FD} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{948C9FD5-B95A-41D6-B753-EFA9CFB1912E} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07} -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B91EF050-6DE4-4CD9-8789-93084E6D98F0} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C851F631-0D35-4238-9EA7-D48B6DADAB14} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D361E196-6667-49D0-A34B-779519463540} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D41802BC-9085-4AB7-90F6-084C1DE1A944} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D5C414B7-3ECB-4F31-8668-4DEE30E1D363} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E032016B-D840-4B66-B6A5-25B42BBB8B33} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E1B3CC06-67CB-40A6-B2F5-CD529255DB9F} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E895F3C1-632E-4AFF-8DED-3FFCB2A3D096} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F6886667-986D-4F60-AA0B-9AA54A2D3C26} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FB3A747D-A8BA-45FB-8196-1D442668796C} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FC4D3457-9125-4EA1-9525-E48B1B5E69CE} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.BootstrapService -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.BootstrapService\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.BootstrapService\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ClassObjectManager -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ClassObjectManager\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ClassObjectManager\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.CodeDownloadBindingHelper -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.CodeDownloadBindingHelper\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.CodeDownloadBindingHelper\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ConfigLoader -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ConfigLoader\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ConfigLoader\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBand -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBand\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBand\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandFactory -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandFactory\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandFactory\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandInstaller -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandInstaller\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandInstaller\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandService -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandService\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBandService\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHO -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHO\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHO\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHOFactory -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHOFactory\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHOFactory\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHOInstaller -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHOInstaller\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBHOInstaller\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBServicePP -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBServicePP\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.IEBServicePP\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.InstallManager -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.InstallManager\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.InstallManager\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHelperSearchHook -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHelperSearchHook\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHelperSearchHook\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHelperService -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHelperService\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHelperService\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHlpSHFactory -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHlpSHFactory\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.NavHlpSHFactory\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ProductManager -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ProductManager\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ProductManager\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.PropSheetHandler -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.PropSheetHandler\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.PropSheetHandler\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ResourceManager -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ResourceManager\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ResourceManager\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ServiceManager -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ServiceManager\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ServiceManager\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ServiceSite -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ServiceSite\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Hyperbar.ServiceSite\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HyperToolbar.BindStatusCallbackHelper -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HyperToolbar.BindStatusCallbackHelper\CLSID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HyperToolbar.BindStatusCallbackHelper\CurVer -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{05C3780D-3A0C-485A-B3CF-3AF35061C8C1} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{0CBEE0CC-8F2C-47EF-99A3-ED603EB17E7F} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{10FB9211-83C0-49B3-A780-4B6FBBADE434} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{12D0B72F-E3E1-4031-8C7E-0AE5DD2BF85A} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{2C1B2722-1D57-448D-BB11-D3BF81AFB3B5} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4682934D-BFCE-4647-9E61-3D95BD163B6C} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4978EC50-10E6-4733-BEC0-01C06EB24513} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{5C1DDAAC-B007-40E4-9854-322492AD2B58} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{6E73FDAB-E391-48AF-8646-84921587858A} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{7E10CC6D-FCE6-49BC-A4CB-5B9B2E3E83D0} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{80BE027B-759A-4938-9B1E-E6988654DAC4} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{88D43288-6FEF-4202-8D87-BD992D1F602F} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{89ABAF9E-2C51-47A3-93D3-D563EAF847B0} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{9E37CB08-105A-4B32-A0DE-05FE4F66322E} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{A702688F-E3E0-406A-BB3E-ED2CA4F7F563} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C1419F7E-F0B8-4781-9D62-F307FC010ED6} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C285D18D-43A2-4AEF-83FB-BF280E660A97} -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D639D99D-2377-46B5-81A5-BD91B61C61B0} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D9A25182-7A92-4511-8981-F4414744DA94} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{E299BC64-1C1B-4F91-B3F4-1B8537BF5ECD} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{F3AEEE73-9116-48ED-8212-5E49EABE0050} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{F8C39983-CEFC-4BD4-BD29-659E4E1D31E1} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{F97B6539-DBCE-4751-8B73-5BB6502EC4C8} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{047E7D40-FD9B-483A-934B-361C2A581506} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{C4AC1481-6C39-433E-BD39-2A05FBF45BA7} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Igor V. Gunko -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Igor V. Gunko\Hyperbar -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Igor V. Gunko\Hyperbar\Modules -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Igor V. Gunko\Hyperbar\Modules\{C4AC1481-6C39-433E-BD39-2A05FBF45BA7} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Igor V. Gunko\Hyperbar\Prod -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Igor V. Gunko\Hyperbar\Prod\{4B2F5308-2CB0-40E2-8030-59936ED5D22C} -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Igor V. Gunko\Hyperbar\Prod\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}\Ctx -> Spyware.HyperBar : Cleaned with backup
HKU\S-1-5-21-842925246-1606980848-1957994488-1003\Software\Igor V. Gunko -> Spyware.HyperBar : Cleaned with backup
HKU\S-1-5-21-842925246-1606980848-1957994488-1003\Software\Igor V. Gunko\Hyperbar -> Spyware.HyperBar : Cleaned with backup
HKU\S-1-5-21-842925246-1606980848-1957994488-1003\Software\Igor V. Gunko\Hyperbar\Prod -> Spyware.HyperBar : Cleaned with backup
HKU\S-1-5-21-842925246-1606980848-1957994488-1003\Software\Igor V. Gunko\Hyperbar\Prod\{4B2F5308-2CB0-40E2-8030-59936ED5D22C} -> Spyware.HyperBar : Cleaned with backup
HKU\S-1-5-21-842925246-1606980848-1957994488-1003\Software\Igor V. Gunko\Hyperbar\Prod\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}\Ctx -> Spyware.HyperBar : Cleaned with backup
C:\Documents and Settings\hawk\Cookies\hawk@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.15:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.23:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.27:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.30:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.31:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.32:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.33:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.36:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.37:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.39:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.40:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.41:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.44:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.57:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Findwhat : Cleaned with backup
:mozilla.61:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.62:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.74:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.75:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.82:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.97:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.98:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.99:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.100:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.103:C:\Documents and Settings\hawk\Application Data\Mozilla\Firefox\Profiles\w817b5tl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\hjt\backups\backup-20050619-121649-601.dll -> Spyware.HyperBar : Cleaned with backup
D:\My Downloads\rgl18.exe/of_play_ins_w_2039.exe -> Spyware.OnFlow : Cleaned with backup
D:\My Downloads\rgl18.exe/tsadbot.exe -> Spyware.TimeSink : Cleaned with backup


::Report End




below is the higjack log:


Logfile of HijackThis v1.99.1
Scan saved at 11:12:29 PM, on 7/14/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIRTEL\AIRTEL-Broadband\fts.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [%FP%AIRTEL fts.exe] "C:\Program Files\AIRTEL\AIRTEL-Broadband\fts.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1117646471222
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B5BAB303-5CE4-4DCB-BCCB-591793A1B6D6}: NameServer = 202.56.215.6,202.56.230.6
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  • 0

#64
g2i2r4

g2i2r4

    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Open HijackThis
Go to ‘config’
Go to ‘misc tools’
Press the button ‘open uninstall manager’
In the list find:
Startnow ToolBar (v1.0.1.1)
Press ‘delete this entry’.
Close HijackThis.

***

Open Windows Explorer.
Remove this folder (if it exists):
C:\Program Files\Common Files\Hyperbar\
Close Windows Explorer.

***

Reboot the computer.

***

Please download Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button).
  • Save it to your desktop.
  • Double-click the new icon on your desktop (tmas-web-scan.exe)
  • It will say "Loading TrendMicro definitions".
  • Once the definitions are loaded, the program will appear to close then re-open.
  • Click "Start Scan"
  • After it's done scanning, click "Scan Results"
  • Make sure all items found have a check next to them, then click "Clean Threats Now".
  • Click Exit.
Reboot your computer. In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them here.
  • 0

#65
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
in uninstall manager ther r only two files with s initial

1) skype 1.2
2) startnow navigation helper (v1.0.1.1)

which one shal i delete the 2nd one??
  • 0

#66
g2i2r4

g2i2r4

    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Yes, remove startnow navigation helper (v1.0.1.1).
  • 0

#67
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
first of all i wd like to say it was amazing to c today that my comp. was hackd by so many things.

2nd there didnt existed the file C:\Program Files\Common Files\Hyperbar\ , but as u had mentioned i went on with the process.

here is the log u asked:

Started Scanning
Internet Cookies
Found 'centrport.net' in 'Internet Explorer Cache'
Found 'perf.overture.com' in 'Internet Explorer Cache'
Found 'imrworldwide.com' in 'Internet Explorer Cache'
Found 'atdmt.com' in 'Internet Explorer Cache'
Found 'advertising.com' in 'Internet Explorer Cache'
Found 'servedby.advertising.com' in 'Internet Explorer Cache'
Found 'doubleclick.net' in 'Internet Explorer Cache'
Found 'belnk.com' in 'Internet Explorer Cache'
Found 'dist.belnk.com' in 'Internet Explorer Cache'
Programs in Memory
Windows Registry
Found '' in 'Software\BearShare'
Found '' in 'SOFTWARE\Classes\ed2k'
Found '' in 'SOFTWARE\Classes\ed2k\DefaultIcon'
Found '' in 'SOFTWARE\Classes\ed2k\shell\open\command'
Found '' in 'AppEvents\EventLabels\BearShareChatNotifyMsg'
Found '' in 'AppEvents\Schemes\Apps\BearShare'
Found '' in 'AppEvents\Schemes\Apps\BearShare\BearShareChatNotifyMsg'
Found '' in 'AppEvents\Schemes\Apps\BearShare\BearShareChatNotifyMsg\.Current'
Found '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BearShare'
Found '' in 'SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}\LocalServer32'
Found '' in 'SOFTWARE\Magnet'
Found '' in 'SOFTWARE\Classes\magnet'
Found '' in 'SOFTWARE\Classes\magnet\shell\open\command'
Found 'URL Protocol' in 'SOFTWARE\Classes\magnet'
Found '' in 'SOFTWARE\Classes\Hyperbar.BootstrapService.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.ClassObjectManager.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.CodeDownloadBindingHelper.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.ConfigLoader.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBand.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBandFactory.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBandInstaller.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBandService.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBHO.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBHOFactory.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBHOInstaller.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.IEBServicePP.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.InstallManager.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.NavHelperSearchHook.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.NavHelperService.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.NavHlpSHFactory.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.ProductManager.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.PropSheetHandler.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.ServiceSite.1'
Found 'Local Page' in 'Software\Microsoft\Internet Explorer\Search'
Found '' in 'SOFTWARE\Classes\HyperToolbar.BindStatusCallbackHelper.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.ServiceManager.1'
Found '' in 'SOFTWARE\Classes\Hyperbar.ResourceManager.1'
Found '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run'
Internet URL Shortcuts
Files and Directories
Found '' in 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow'
Found '' in 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper'
Found '' in 'C:\Documents and Settings\hawk\Application Data\Hyperbar'
Found '' in 'C:\Documents and Settings\hawk\Application Data\Hyperbar\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}'
Found '' in 'C:\Program Files\Startnow'
Found '' in 'C:\Program Files\Startnow\Navigation Helper'
Found 'BearShare.exe' in 'C:\Program Files\BearShare'
Found 'BSidle.dll' in 'C:\Program Files\BearShare'
Found '' in 'C:\Program Files\BearShare\sounds'
Found 'Webstats.exe' in 'C:\Program Files\BearShare'
Found '' in 'C:\Program Files\BearShare\Installer'
Found '' in 'C:\Program Files\BearShare\Webstats'
Found '' in 'C:\Program Files\BearShare\Extras'
Found '' in 'C:\Program Files\BearShare\db'
Found '' in 'C:\Program Files\BearShare\Playlists'
Found '' in 'C:\Program Files\BearShare\Logs'
Finished Scanning
Started Backup
Finished Backup
Started Cleaning
Checking for 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow' in shortcut areas.
Checking for 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow' in startup areas.
Cleaning 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow'
Checking for 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper\Uninstall.lnk' in shortcut areas.
Checking for 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper\Uninstall.lnk' in startup areas.
Cleaning 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper\Uninstall.lnk'
Checking for 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper' in shortcut areas.
Checking for 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper' in startup areas.
Cleaning 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper'
[SCANMODS] The file 'C:\Documents and Settings\hawk\Start Menu\Programs\Startnow\Navigation Helper' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\Documents and Settings\hawk\Application Data\Hyperbar' in shortcut areas.
Checking for 'C:\Documents and Settings\hawk\Application Data\Hyperbar' in startup areas.
Cleaning 'C:\Documents and Settings\hawk\Application Data\Hyperbar'
Checking for 'C:\Documents and Settings\hawk\Application Data\Hyperbar\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}' in shortcut areas.
Checking for 'C:\Documents and Settings\hawk\Application Data\Hyperbar\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}' in startup areas.
Cleaning 'C:\Documents and Settings\hawk\Application Data\Hyperbar\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}'
[SCANMODS] The file 'C:\Documents and Settings\hawk\Application Data\Hyperbar\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\Program Files\Startnow' in shortcut areas.
Checking for 'C:\Program Files\Startnow' in startup areas.
Cleaning 'C:\Program Files\Startnow'
Checking for 'C:\Program Files\Startnow\Navigation Helper' in shortcut areas.
Checking for 'C:\Program Files\Startnow\Navigation Helper' in startup areas.
Cleaning 'C:\Program Files\Startnow\Navigation Helper'
[SCANMODS] The file 'C:\Program Files\Startnow\Navigation Helper' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\Program Files\BearShare\BearShare.exe' in shortcut areas.
Found 'BearShare.lnk' in 'C:\Documents and Settings\All Users\Start Menu\Programs\'
Checking for 'C:\Program Files\BearShare\BearShare.exe' in startup areas.
Cleaning 'C:\Program Files\BearShare\BearShare.exe'
Checking for 'C:\Program Files\BearShare\BSidle.dll' in shortcut areas.
Checking for 'C:\Program Files\BearShare\BSidle.dll' in startup areas.
Cleaning 'C:\Program Files\BearShare\BSidle.dll'
Checking for 'C:\Program Files\BearShare\sounds' in shortcut areas.
Checking for 'C:\Program Files\BearShare\sounds' in startup areas.
Cleaning 'C:\Program Files\BearShare\sounds'
Checking for 'C:\Program Files\BearShare\sounds\notify.wav' in shortcut areas.
Checking for 'C:\Program Files\BearShare\sounds\notify.wav' in startup areas.
Cleaning 'C:\Program Files\BearShare\sounds\notify.wav'
Checking for 'C:\Program Files\BearShare\Webstats.exe' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Webstats.exe' in startup areas.
Cleaning 'C:\Program Files\BearShare\Webstats.exe'
Checking for 'C:\Program Files\BearShare\Installer' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Installer' in startup areas.
Cleaning 'C:\Program Files\BearShare\Installer'
Checking for 'C:\Program Files\BearShare\Webstats' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Webstats' in startup areas.
Cleaning 'C:\Program Files\BearShare\Webstats'
Checking for 'C:\Program Files\BearShare\Extras' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Extras' in startup areas.
Cleaning 'C:\Program Files\BearShare\Extras'
Checking for 'C:\Program Files\BearShare\db' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db' in startup areas.
Cleaning 'C:\Program Files\BearShare\db'
Checking for 'C:\Program Files\BearShare\db\hbcache.dat' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\hbcache.dat' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\hbcache.dat'
Checking for 'C:\Program Files\BearShare\db\gnucache.dat' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\gnucache.dat' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\gnucache.dat'
Checking for 'C:\Program Files\BearShare\db\gwebcache.dat' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\gwebcache.dat' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\gwebcache.dat'
Checking for 'C:\Program Files\BearShare\db\TMP3A9.tmp' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\TMP3A9.tmp' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\TMP3A9.tmp'
Checking for 'C:\Program Files\BearShare\db\Hostiles.txt' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\Hostiles.txt' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\Hostiles.txt'
Checking for 'C:\Program Files\BearShare\db\library.dat' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\library.dat' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\library.dat'
Checking for 'C:\Program Files\BearShare\db\config.bin' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\config.bin' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\config.bin'
Checking for 'C:\Program Files\BearShare\db\TMP59D.tmp' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\TMP59D.tmp' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\TMP59D.tmp'
Checking for 'C:\Program Files\BearShare\db\connect.txt' in shortcut areas.
Checking for 'C:\Program Files\BearShare\db\connect.txt' in startup areas.
Cleaning 'C:\Program Files\BearShare\db\connect.txt'
Checking for 'C:\Program Files\BearShare\Playlists' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Playlists' in startup areas.
Cleaning 'C:\Program Files\BearShare\Playlists'
Checking for 'C:\Program Files\BearShare\Logs' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Logs' in startup areas.
Cleaning 'C:\Program Files\BearShare\Logs'
Checking for 'C:\Program Files\BearShare\Logs\memory.txt' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Logs\memory.txt' in startup areas.
Cleaning 'C:\Program Files\BearShare\Logs\memory.txt'
Checking for 'C:\Program Files\BearShare\Logs\ordinal.txt' in shortcut areas.
Checking for 'C:\Program Files\BearShare\Logs\ordinal.txt' in startup areas.
Cleaning 'C:\Program Files\BearShare\Logs\ordinal.txt'
Finished Cleaning
  • 0

#68
g2i2r4

g2i2r4

    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Now I see bearshare appearing. No wonder this computer was infested with spyware :tazz:

Read here what filesharing programs can be used without getting unwanted extra's.

I don't think you have the paid version of bearshare, so I recommend you remove that one too.

Reboot when you did that.

Remove these folders (if present):
C:\Documents and Settings\hawk\Application Data\Hyperbar
C:\Documents and Settings\hawk\Start Menu\Programs\Startnow
C:\Program Files\Startnow\
C:\Program Files\BearShare\


Reboot and run TrendMicro's scanner again to see if it's all gone.

How is your computer running now?
  • 0

#69
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
i did what u asked i only found the file named
C:\Program Files\BearShare\

i deleted it i also ran the trendmicro scanner, and there was no infection of any kind found. but my startup is still running very slow. also the comp. is getting hanged now a then. and also once i saw a system error window. this all problems have started recently.
is it due to improper installation of spxp1 or something else?
  • 0

#70
g2i2r4

g2i2r4

    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
We need to make sure all hidden files are showing so please:* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Now check to see if the other folders are visible.

***

Please download and install AdAware SE 1.06.
Check Here on how setup and use it - please make sure you update it first.

***

Download Spybot S&D 1.4.
At the first screen uncheck teatimer.
Let it scan and remove items found in red.

***

Analyze and defragment your disk.

To check for fragmented files and folders on a volume:1. Click Start, point to All Programs, point to Accessories, point to System Tools, and then click Disk Defragmenter.
2. Click the volume that you want to analyze.
3. Click Analyze to begin the analysis.
4. Review the results of the analysis after it is complete by clicking View Report.
If the analysis tool recommends that the volume be defragmented, follow the steps in the next section.

***

Defragment the disk: 1. Click Start, point to All Programs, point to Accessories, point to System Tools, and then click Disk Defragmenter.
2. Click the volume that you want to defragment.
3. Click Defragment to begin the operation.

This may take a few hours!!!


After all that, let me know how things are.

If you still see an error message, write it down word by word and let me know.
  • 0

Advertisements


#71
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
i did the process for unhiding i didnt found any of the folder. u told to delete this folder

C:\Documents and Settings\hawk\Start Menu\Programs\Startnow

but insted of this i have a folder named
C:\Documents and Settings\hawk\Start Menu\Programs\Startup

so shalli delete this or shall i go on with the rest of the process
  • 0

#72
g2i2r4

g2i2r4

    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Oh no, please don't delete that one. You need it badly.
  • 0

#73
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
;) :tazz: i havent deleted that file.

well i had downloaded both the prog. and have also run them. then i analysed all my drives for defragmentation but anlysis tool said that there is no need for defragmentation 4 any of the drive.
but if u think we should then i will defragment all of them.
tell me what to do next?
  • 0

#74
g2i2r4

g2i2r4

    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Did you remove items found in red in both Spybot and AdAware?
  • 0

#75
kanishka

kanishka

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
yes i did so. in both of them there were infected files that were detected and i deleted them.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP