this is my brother's computer and he has some nasty problems that won't even allow him to install antivirus programs.
i tried to do the items on the before you post list, but the computer kept freezing up. i did a hijack this log, hoping for some insight as to what could be going on.
any advice is welcome.
Logfile of HijackThis v1.99.1
Scan saved at 10:51:09 AM, on 9/2/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\SDKZK32.EXE
C:\WINDOWS\SYSTEM\MSNE32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\APIFQ.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOHMR08.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ABYVIVCX\HIJACKTHIS[1].EXE
C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://homepage.com...nder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://homepage.com...nder.cc/search/ (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://homepage.com...nder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cox.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Cox High Speed Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL (disabled by BHODemon)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {595B90B9-38BB-C2F8-70C3-46043FC5DD9D} - C:\WINDOWS\SYSTEM\D3GI.DLL
O2 - BHO: Class - {E5C5DA82-402A-1241-57E8-5AF52A729FEC} - C:\WINDOWS\SYSTEM\D3DR.DLL
O2 - BHO: Class - {EFEBB260-C21E-967D-CA15-0C1770C3C5C5} - C:\WINDOWS\ATLKH32.DLL
O2 - BHO: Class - {AEB90959-0093-AADA-C479-6B1F6B9B24D6} - C:\WINDOWS\WINOB.DLL
O2 - BHO: Class - {627F1F6D-12EC-627B-EB1C-13DD30B5432C} - C:\WINDOWS\SYSTEM\SYSXU32.DLL
O2 - BHO: Class - {21F544A8-869C-E661-F43F-4B58A9DA7A27} - C:\WINDOWS\WINZX32.DLL
O2 - BHO: Class - {B89CB79F-55FE-2C93-770E-299BEDA12117} - C:\WINDOWS\SYSTEM\NETPD.DLL
O2 - BHO: Class - {8C773956-6F83-D1E0-9AC4-EFF449FEFF4B} - C:\WINDOWS\SYSTEM\WINXJ32.DLL
O2 - BHO: Class - {26F824B1-3210-2E17-0339-3763F421ECEA} - C:\WINDOWS\D3QP.DLL
O2 - BHO: Class - {C517274B-EAF0-9359-4983-966F788D172B} - C:\WINDOWS\IPWH32.DLL
O2 - BHO: Class - {AB9FA8F5-6BFA-A465-AC13-2BF9ADC97E65} - C:\WINDOWS\ATLXQ32.DLL
O2 - BHO: Class - {A5FF8485-7410-8006-3E97-05C369AB07B3} - C:\WINDOWS\JAVAFQ32.DLL
O2 - BHO: Class - {C0815FF7-6991-1BCE-7F3F-9410C92B2AD0} - C:\WINDOWS\SYSTEM\SYSQY32.DLL
O2 - BHO: Class - {46BCC53C-16A6-B232-32BE-A6A734001028} - C:\WINDOWS\SYSTEM\SDKNO.DLL
O2 - BHO: Class - {9AD05C3A-CC73-B83C-9965-1A6BED5208BB} - C:\WINDOWS\APPYT32.DLL
O2 - BHO: Class - {B6EE36B3-955D-C400-BD4A-895722D75AF0} - C:\WINDOWS\SYSTEM\WINAY32.DLL
O2 - BHO: Class - {BB6F388D-DCC6-C89B-AA43-4FA80F73987A} - C:\WINDOWS\APIZL32.DLL
O2 - BHO: Class - {49C4484A-E8A4-EFC7-8F1A-571F446C97C3} - C:\WINDOWS\SYSTEM\IETB.DLL
O2 - BHO: Class - {789E6ACA-7D9C-0143-CDA9-054F4543DB2C} - C:\WINDOWS\JAVABX.DLL
O2 - BHO: Class - {646E2E0B-4014-CADD-B572-242AA038B2F1} - C:\WINDOWS\SYSTEM\IEWA.DLL
O2 - BHO: Class - {366B2B49-46A5-CC46-2F98-6DD344CC10DF} - C:\WINDOWS\IEYH.DLL
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain
O4 - HKLM\..\Run: [APIFQ.EXE] C:\WINDOWS\SYSTEM\APIFQ.EXE
O4 - HKLM\..\Run: [SpySweeper] "C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE" /startintray
O4 - HKLM\..\Run: [THGuard] "C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [CRCX32.EXE] C:\WINDOWS\SYSTEM\CRCX32.EXE /s
O4 - HKLM\..\RunServices: [SDKZK32.EXE] C:\WINDOWS\SYSTEM\SDKZK32.EXE /s
O4 - HKLM\..\RunServices: [MSNE32.EXE] C:\WINDOWS\SYSTEM\MSNE32.EXE /s
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\RunServices: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...aploader_v5.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} (PopCapLoaderCtrl Class) - http://zone.msn.com/...pcaploader1.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c.../ymmapi_416.dll
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - http://www.wildtange...soft/wtinst.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: Yahoo! Pyramids - http://download.game...ts/y/pyt1_x.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab33902.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/...outLauncher.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://i.grab.com/me...les/222/222.cab
O16 - DPF: Toki Toki Boom - http://download.game...nts/y/vto_x.cab
O16 - DPF: Yahoo! Towers 2.0 - http://download.game...ts/y/ywt0_x.cab
O16 - DPF: JT's Blocks - http://download.game...ts/y/blt1_x.cab
O16 - DPF: Yahoo! Backgammon - http://download.game...nts/y/at1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.game...nts/y/xt0_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/...fault/shapo.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.game...s/y/mjst4_x.cab
O16 - DPF: Video Poker - http://download.game...ts/y/vpt0_x.cab
O16 - DPF: {6FDB0065-2787-11D6-B1D8-0001023916FC} (CLOActiveXInstaller Control) - http://www.igl.net/c...tallerProj1.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toon...5.36/ttinst.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://i.grab.com/me...mjolauncher.cab
O16 - DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} (LREGameLoaderCtrl Class) - http://media.grab.co...gameloader6.cab