Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 95 problem

Started by philstone , Oct 13 2004 01:30 PM

  • This topic is locked This topic is locked

#1
philstone
Posted 13 October 2004 - 01:30 PM

philstone

    Member

  • Member
  • PipPipPip
  • 103 posts
my computer is messd up from start up here is my hijack this log can anyone help me
Logfile of HijackThis v1.97.7
Scan saved at 15:20:20, on 04-10-13
Platform: Windows 95 B (Win9x 4.00.1212)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\MSWHEEL.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\TEXTBRIDGE CLASSIC 2.0\BIN\INSTANTACCESS.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\LHJHEM8E\HIJACKTHIS[1].EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.sma...et/7search/?001
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.planetoasis.com/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://prosearching.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://prosearching.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.locators....arch.php?que=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F1 - win.ini: run=hpfsched
O1 - Hosts: 127.127.127.127 elite
O1 - Hosts: www.google.com
O1 - Hosts: google.com
O1 - Hosts: www.altavista.com
O1 - Hosts: altavista.com
O1 - Hosts: search.yahoo.com
O1 - Hosts: uk.search.yahoo.com
O1 - Hosts: ca.search.yahoo.com
O1 - Hosts: jp.search.yahoo.com
O1 - Hosts: au.search.yahoo.com
O1 - Hosts: de.search.yahoo.com
O1 - Hosts: search.yahoo.co.jp
O1 - Hosts: www.lycos.de
O1 - Hosts: www.lycos.ca
O1 - Hosts: www.lycos.jp
O1 - Hosts: www.lycos.co.jp
O1 - Hosts: alltheweb.com
O1 - Hosts: web.ask.com
O1 - Hosts: ask.com
O1 - Hosts: www.ask.com
O1 - Hosts: www.teoma.com
O1 - Hosts: search.aol.com
O1 - Hosts: www.looksmart.com
O1 - Hosts: search.msn.com
O1 - Hosts: ca.search.msn.com
O1 - Hosts: fr.ca.search.msn.com
O1 - Hosts: search.fr.msn.be
O1 - Hosts: search.fr.msn.ch
O1 - Hosts: search.latam.yupimsn.com
O1 - Hosts: search.msn.at
O1 - Hosts: search.msn.be
O1 - Hosts: search.msn.ch
O1 - Hosts: search.msn.co.in
O1 - Hosts: search.msn.co.jp
O1 - Hosts: search.msn.co.kr
O1 - Hosts: search.msn.com.br
O1 - Hosts: search.msn.com.hk
O1 - Hosts: search.msn.com.my
O1 - Hosts: search.msn.com.sg
O1 - Hosts: search.msn.com.tw
O1 - Hosts: search.msn.co.za
O1 - Hosts: search.msn.de
O1 - Hosts: search.msn.dk
O1 - Hosts: search.msn.es
O1 - Hosts: search.msn.fi
O1 - Hosts: search.msn.fr
O1 - Hosts: search.msn.it
O1 - Hosts: search.msn.nl
O1 - Hosts: search.msn.no
O1 - Hosts: search.msn.se
O1 - Hosts: search.ninemsn.com.au
O1 - Hosts: search.t1msn.com.mx
O1 - Hosts: search.xtramsn.co.nz
O1 - Hosts: search.yupimsn.com
O1 - Hosts: uk.search.msn.com
O1 - Hosts: search.lycos.com
O1 - Hosts: www.lycos.com
O1 - Hosts: www.google.ca
O1 - Hosts: google.ca
O1 - Hosts: www.google.uk
O1 - Hosts: www.google.co.uk
O1 - Hosts: www.google.com.au
O1 - Hosts: www.google.co.jp
O1 - Hosts: www.google.jp
O1 - Hosts: www.google.at
O1 - Hosts: www.google.be
O1 - Hosts: www.google.ch
O1 - Hosts: www.google.de
O1 - Hosts: www.google.dk
O1 - Hosts: www.google.fi
O1 - Hosts: www.google.fr
O1 - Hosts: www.google.com.gr
O1 - Hosts: www.google.com.hk
O1 - Hosts: www.google.ie
O1 - Hosts: www.google.co.il
O1 - Hosts: www.google.it
O1 - Hosts: www.google.co.kr
O1 - Hosts: www.google.com.mx
O1 - Hosts: www.google.nl
O1 - Hosts: www.google.co.nz
O1 - Hosts: www.google.pl
O1 - Hosts: www.google.pt
O1 - Hosts: www.google.com.ru
O1 - Hosts: www.google.com.sg
O1 - Hosts: www.google.co.th
O1 - Hosts: www.google.com.tr
O1 - Hosts: www.google.com.tw
O1 - Hosts: google.at
O1 - Hosts: google.be
O1 - Hosts: google.de
O1 - Hosts: google.dk
O1 - Hosts: google.fi
O1 - Hosts: google.fr
O1 - Hosts: google.com.hk
O1 - Hosts: google.ie
O1 - Hosts: google.co.il
O1 - Hosts: google.it
O1 - Hosts: google.co.kr
O1 - Hosts: google.com.mx
O1 - Hosts: google.nl
O1 - Hosts: google.co.nz
O2 - BHO: (no name) - {A0391B11-D7D8-2B12-321C-8D1A830C553C} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [MSWHEEL] C:\WINDOWS\SYSTEM\mswheel.exe
O4 - HKLM\..\Run: [POINTER] C:\MSINPUT\point32.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [WorksFUD] c:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] c:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\BIN\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] C:\Program Files\EbatesMoeMoneyMaker\EbatesMoeMoneyMakerrun.exe /cp:p "C:\Program Files\EbatesMoeMoneyMaker\System\Code" Main lp: "C:\Program Files\EbatesMoeMoneyMaker"
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: EZ Station.lnk = C:\WINDOWS\Twain_32\IBMScanner\SxCenter.exe
O8 - Extra context menu item: &Define - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - c:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: Locators.com Search Bar (HKLM)
O9 - Extra 'Tools' menuitem: Locators.com Search Bar (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O13 - WWW. Prefix: http://
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw12fd.law12....ex/HMAtchmt.ocx
O16 - DPF: {50A28604-52F2-11D6-8F0F-5254AB11D5C2} - http://directplugin....lers/109121.exe
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pu...er/isetupML.cab
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP