Please Check Hijackthis Log File

By hanaleia
Jan 31, 2005
Topic Status:
Not open for further replies.
  1. Not sure what each entry is, but I dont have spy bouncer and spyware doctor on my computer anymore. What can I allow hijackthis to remove? Thanks
  2. RealBlackStuff

    RealBlackStuff Newcomer, in training Posts: 8,165

    Please do not start a new post for the same subject, that is heavily frowned upon!

    Boot in Safe Mode.
    Try to UNinstall anything to do with this lot:
    C:\Program Files\Error Nuker 2004\bin\ErrorNuker.exe
    C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe

    Next, run HJT on its own and let it 'fix (if still there):
    C:\Program Files\Error Nuker 2004\bin\ErrorNuker.exe
    C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe
    C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe
    C:\WINNT\loadqm.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wachovia.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wachovia.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm
    O4 - HKLM\..\Run: [Error Nuker 2004] C:\Program Files\Error Nuker 2004\bin\ErrorNuker.exe autostart
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe
    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/2267d3b7d842e0e0bc00/netzip/RdxIE601.cab
    O16 - DPF: {5E8FD788-C323-4357-AB76-7CBCEFBA573C} (SpyBouncer.SBDownloader) - http://spybouncer.com/downloader.ocx
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

    When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.