0

Hi, here's a HJT log from my good ol' mom. How I ever got her to run this while talking over the phone line is an amazing feat. :?:

Thanks - pepe99pepe

Logfile of HijackThis v1.98.2
Scan saved at 2:26:14 PM, on 10/28/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\PELMICED.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\DESKTOP\ANTIVIRUS\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ezn.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ezn.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.ezn.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Everyones Internet
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] PELMICED.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab


Thanx again :(

4
Contributors
4
Replies
5
Views
12 Years
Discussion Span
Last Post by DaveSW
0

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ezn.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ezn.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.ezn.com/search

are you sure that was all in the log file because that looks ridiculously short.

EZN could be her ISP.

Pepe99pepe, you didn't specify what type of problem your mother was having, but she needs to go to Windows Update to get all the Critical Updates for her system.

0

Thanks for the help :lol:

Her computer was displaying serious viraul and spyware activity...
Had her load AA, SBS&D, & CWS. Updated and ran all 3. The only appearent thing that is happening is that MS Word 2000 will not open and DUN was broken. So, that's when I had her run HiJackThis and re-installed DUN.

Her PC and Internet is working now, except for B Gates' good ol' word processor. I had her uninstall it reboot then reinstall it o no luck.

And Oh yes...her isp was not ezn and yes I'll have her update it.

Any suggestions on the Word not opening? :o

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.