Thread: Help with my Windows 98 PC Please!
View Single Post
Old 03-17-2005, 05:49 PM   #1 (permalink)
ljgwtg
I helped the forums.
 
Join Date: Mar 2005
Posts: 16
OS: XP


Help with my Windows 98 PC Please!
Hi.
I'm having problems with my Win98 PC. It locks up on a regular basis and trys to connect to the internet. When I tried to access this website, it took me to arrow.com first.

I've downloaded adaware se and cleanup.exe and ran them both. I ran Hijack this and Hijack this analyzer. The log is at the end of this post. I have Norton antivirus 2002 running on this PC. Thanks in advance for your help.

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 3/2/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [VsEcomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\vsecomr.exe
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\RunServices: [McAfeeWebScanX] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\WebScanX.Exe /RUNSERVICES
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 7:38:58 PM, on 3/17/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRAM FILES\SYMANTEC\PCANYWHERE\PCAMGT.EXE
C:\LOGITECH\MOUSE\SYSTEM\EM_EXEC.EXE
C:\REAL\PLAYER\REALPLAY.EXE
C:\WINDOWS\SYSTEM\HPZTSB07.EXE
C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\AIM\AIM.EXE
C:\PROGRAM FILES\SCANSOFT\PAPERPORT\PPWEBCAP.EXE
C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE
C:\PROGRAM FILES\LOGITECH\WINGMAN SOFTWARE\LWEMON.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F1 - win.ini: run=hpfsched
O1 - Hosts: 172.18.3.31 DL2500O DL2500O-1
O1 - Hosts: 172.18.4.31 DL2500O-2
O1 - Hosts: 172.18.3.32 DL2500P DL2500P-1
O1 - Hosts: 172.18.4.32 DL2500P-2
O1 - Hosts: 172.18.3.38 DL2500Q DL2500Q-1
O1 - Hosts: 172.18.4.38 DL2500Q-2
O1 - Hosts: 172.18.3.231 GDSCON1 GDSCON1-1
O1 - Hosts: 172.18.4.231 GDSCON1-2
O1 - Hosts: 172.18.3.232 GDSCON2 GDSCON2-1
O1 - Hosts: 172.18.4.232 GDSCON2-2
O1 - Hosts: 172.18.3.171 HRF3 N2B-GDS-PRT-A
O1 - Hosts: 172.18.1.50 GMS-PI-Server gms-pi-server-1 #GMS PI HOME NODE (Virtual IP Address)
O1 - Hosts: 172.18.2.50 gms-pi-server-2 #Alt IP address for GMS PI Home Node (Virtual IP Address)
O1 - Hosts: 172.18.1.51 DL2550V DL2550V-1 AppGmsPiA AppGmsPiA-1 #AppGmsPiA
O1 - Hosts: 172.18.2.51 DL2550V-2 AppGmsPiA-2
O1 - Hosts: 172.18.1.52 DL2550W DL2550W-1 AppGmsPiB AppGmsPiB-1 #AppGmsPiB
O1 - Hosts: 172.18.2.52 DL2550W-2 AppGmsPiB-2
O1 - Hosts: 172.18.1.55 DL2550X DL2550X-1 AppGmsIpiA AppGmsIpiA-1 #AppGmsIpiA
O1 - Hosts: 172.18.2.55 DL2550X-2 AppGmsIpiA-2
O1 - Hosts: 172.18.1.56 DL25504U DL25504U-1 AppGmsIpiB AppGmsIpiB-1 #AppGmsIpiB
O1 - Hosts: 172.18.2.56 DL25504U-2 AppGmsIpiB-2
O1 - Hosts: 172.18.1.57 gms-pi-int gms-pi-int-1 #GMS PI Interface NODE (Virtual IP Address)
O1 - Hosts: 172.18.2.57 gms-pi-int-2 #Alternate IP address for GMS Pi Interface Node (Virtual)
O1 - Hosts: 172.18.1.53 AppGmsApiA AppGmsApiA-1 DL25501A DL25501A-1 #DL25501A
O1 - Hosts: 172.18.2.53 AppGmsApiA-2 DL25501A-2
O1 - Hosts: 172.18.1.54 AppGmsApiB AppGmsApiB-1 DL25501B DL25501B-1 #DL25501B
O1 - Hosts: 172.18.2.54 AppGmsApiB-2 DL25501B-2
O2 - BHO: AIM Helper - {D70E6A20-7060-4829-B3D7-B6624A1DE7C6} - C:\PROGRAM FILES\AIM TOOLBAR\AIMHELPER.DLL
O4 - HKLM\..\Run: [EM_EXEC] c:\logitech\mouse\system\em_exec.exe
O4 - HKLM\..\Run: [startIE] C:\WINDOWS\NOTEPAD.EXE qazwsx.hsq
O4 - HKLM\..\Run: [AttuneClientEngine] C:\PROGRA~1\AVEO\ATTUNE\bin\AttnEngn.exe
O4 - HKLM\..\Run: [RealTray] C:\REAL\PLAYER\REALPLAY.EXE SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb07.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain
O4 - HKLM\..\RunServices: [MSDTC] msdtcw -start
O4 - HKLM\..\RunServices: [pcAnywhere Agent] C:\Program Files\Symantec\pcAnywhere\pcamgt.exe
O4 - HKCU\..\Run: [AOL Instant Messenger (TM)] C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRAM FILES\SCANSOFT\PAPERPORT\PPWebCap.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "c:\Program Files\Logitech\WingMan Software\lwtest.exe" /detect /quiet /launch "c:\Program Files\Logitech\WingMan Software\lwemon.exe /noui"
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE 1
O9 - Extra button: Dell Home - {3B810760-C28F-11D3-A235-F0445AC10000} - http://www.dell.com/ (file missing) (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .SWF: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPSWF32.dll
O15 - Trusted Zone: http://www.wwforum.com
O15 - Trusted Zone: http://hrpr.papl.com
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {D0CCA5F4-6A25-422F-BB4D-9A632C24F2F8} (IIDActiveXCP.ucTest) - file://G:\Information Solutions\Pynchon\IIDActiveXCP.CAB
O16 - DPF: {1FB464C8-09BB-4017-A2F5-EB742F04392F} (Microsoft Terminal Services Control (redist)) - http://app-admin-1/tsweb/mstscax.cab
O16 - DPF: {433C8F9A-1BBC-434E-B9E0-F0CCA04F3E27} (IID.uscLogin) - file://E:\iid\Iid Application\IID.CAB
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://app-admin-1/tsweb/msrdp.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/151076db280f739...p/RdxIE601.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.dell.com/us/en/system...SysProfLCD.CAB
O16 - DPF: {5e2a3510-4371-11d6-b64c-00c04faedb18} (Oracle JInitiator 1.1.8.18) -


End of KRC HijackThis Analyzer Log.
====================================================================
ljgwtg is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here