Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Registered
Joined
·
8 Posts
Discussion Starter · #1 ·
I am having a few minor problems & could use a little help with this hijack log. I thank all in advance for any replies.

> Logfile of HijackThis v1.99.0
> Scan saved at 7:58:44 PM, on 1/12/05
> Platform: Windows 98 SE (Win9x 4.10.2222A)
> MSIE: Internet Explorer v5.00 (5.00.2614.3500)
>
> Running processes:
> C:\WINDOWS\SYSTEM\KERNEL32.DLL
> C:\WINDOWS\SYSTEM\MSGSRV32.EXE
> C:\WINDOWS\SYSTEM\MPREXE.EXE
> C:\WINDOWS\SYSTEM\MSTASK.EXE
> C:\COMPAQ\INTERNET\ISDBDC.EXE
> C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
> C:\WINDOWS\SYSTEM\mmtask.tsk
> C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\MCTOOL.EXE
> C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSSTAT.EXE
> C:\WINDOWS\EXPLORER.EXE
> C:\WINDOWS\TASKMON.EXE
> C:\WINDOWS\SYSTEM\SYSTRAY.EXE
> C:\WINDOWS\ptsnoop.exe
> C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
> C:\COMPAQ\CPQINET\CPQINET.EXE
> C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
> C:\CPQS\BWTOOLS\SCCENTER.EXE
> C:\PROGRAM FILES\MOTIVE\MOTIVEASSISTANT\MOTMON.EXE
> C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
> C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
> C:\WINDOWS\SYSTEM\WMIEXE.EXE
> C:\PROGRAM FILES\COMPAQ\ON-SCREEN DISPLAY\OSD.EXE
> C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
> C:\WINDOWS\SYSTEM\PSTORES.EXE
> C:\MY DOCUMENTS\HIJACKTHIS.EXE
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
>
http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?s=con
sumer&LC=0409&c=1c00
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
>
http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?s=con
sumer&LC=0409&c=1c00
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=1c00
&s=searchbar&LC=0409
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=1c00
&s=search&LC=0409
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
>
http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=1c0
0&s=consumer&LC=0409
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=1c00
&s=searchbar&LC=0409
> O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
> C:\WINDOWS\SYSTEM\MSDXM.OCX
> O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
> O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
> O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
> powrprof.dll,LoadCurrentPwrScheme
> O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
> O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
> O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
> O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button
> Support\cpqeadm.exe
> O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button
> Support\eaclean.exe
> O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
> O4 - HKLM\..\Run: [cpqns] c:\compaq\cpqinet\cpqnpcss.exe
> O4 - HKLM\..\Run: [Service Connection] c:\cpqs\bwtools\sccenter.exe
> O4 - HKLM\..\Run: [MotiveMonitor] C:\Program
> Files\Motive\MotiveAssistant\motmon.exe
> O4 - HKLM\..\Run: [VsecomrEXE] C:\Program Files\Network Associates\McAfee
> VirusScan\VSEcomR.EXE
> O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE
> VIRUSSCAN\VSHWIN32.EXE
> O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\Network Associates\McAfee
> VirusScan\VSSTAT.EXE /SHOWWARNING
> O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
> powrprof.dll,LoadCurrentPwrScheme
> O4 - HKLM\..\RunServices: [SchedulingAgent] c:\windows\SYSTEM\mstask.exe
> O4 - HKLM\..\RunServices: [isdbdc] c:\compaq\internet\isdbdc.exe
> O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK
> ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
> O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft
> Money\System\Money Express.exe"
> O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program
> Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
> O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
> O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
> C:\WINDOWS\web\related.htm
> O9 - Extra 'Tools' menuitem: Show &Related Links -
> {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
> O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} -
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avba
belfish&c=1c00&lc=0409
> (file missing)
> O9 - Extra 'Tools' menuitem: AV &Translate -
> {06FE5D05-8F11-11d2-804F-00105A133818} -
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avba
belfish&c=1c00&lc=0409
> (file missing)
> O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} -
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avli
nksearch&c=1c00&lc=0409
> (file missing)
> O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL -
> {06FE5D02-8F11-11d2-804F-00105A133818} -
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avli
nksearch&c=1c00&lc=0409
> (file missing)
> O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} -
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avho
stsearch&c=1c00&lc=0409
> (file missing)
> O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host -
> {06FE5D03-8F11-11d2-804F-00105A133818} -
>
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avho
stsearch&c=1c00&lc=0409
> (file missing)
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
 
1 - 1 of 1 Posts
Status
Not open for further replies.
Top