Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
2 Posts
Discussion Starter · #1 ·
I'm having the same problemas mister e....keep getting can't import c:/spp.reg file. Error in opening file. I'm running window ME

this is my hijack log...can anyone help

Logfile of HijackThis v1.97.2
Scan saved at 10:23:03 PM, on 9/16/2003
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKUFIND.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\BACKWEB\BACKWEB\PROGRAM\BACKWEB.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\CP2F4T67\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.hotsearchbox.com/ie/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.hotsearchbox.com/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp.my.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {000004CC-E4FF-4F2C-BC30-DBEF0B983BC9} - C:\WINDOWS\IPINSIGT.DLL
O2 - BHO: (no name) - {00000580-C637-11D5-831C-00105AD6ACF0} - C:\WINDOWS\MSVIEW.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\PROGRAM FILES\NAVEXCEL\NAVHELPER\V2.0.4\NHELPER.DLL
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [SENTRY] C:\WINDOWS\SENTRY.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [spp] regedit -s C:\spp.reg
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Yahoo HP Reminder 1.0] C:\PROGRAM FILES\YAHOO!\YIP2\HP\ENCWAR\PROGRAM\YR.EXE
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1) -
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.games.yahoo.com/games/play/client/exentctl_0_0_0_1.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37871.306099537
 

·
Registered
Joined
·
1,344 Posts
Scan with HijackThis, put a checkmark at and "Fix checked" the following entries. Close all windows except HijackThis before fixing.

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.hotsearchbox.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.hotsearchbox.com/ie/
O2 - BHO: (no name) - {000004CC-E4FF-4F2C-BC30-DBEF0B983BC9} - C:\WINDOWS\IPINSIGT.DLL
O2 - BHO: (no name) - {00000580-C637-11D5-831C-00105AD6ACF0} - C:\WINDOWS\MSVIEW.DLL
O2 - BHO: (no name) - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\PROGRAM FILES\NAVEXCEL\NAVHELPER\V2.0.4\NHELPER.DLL
O4 - HKLM\..\Run: [SENTRY] C:\WINDOWS\SENTRY.exe
O4 - HKLM\..\Run: [spp] regedit -s C:\spp.reg

Restart your computer.

Download Spybot S&D. Update SS&D via the "Online" tab. Search for and download all updates. Close all windows except SS&D, hit "Check for problems". After scan hit "Fix selected problems".
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top