RQXer
rmaingi@comcast.net
08/01/04
|
Hi, I have read over some of thre threads. My computer is very slow, downloaded with, I believe, many spyware programs. I run the anit-spyware programs almost every day, and the next day I have 50-100 new entries. I am not getting the culprits, obviously. Please help if you can! Below is my HijackThis log, run after Spybot and Adaware. Thanks.
*** log ***
Logfile of HijackThis v1.97.7
Scan saved at 10:30:23 PM, on 12/2/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TIMBUKTU PRO\TB2START.EXE
C:\PROGRAM FILES\TIMBUKTU PRO\TB2PRO.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\TIMBUKTU PRO\TNOTIFY.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WARNER\WARNER.EXE
C:\PROGRAM FILES\MEDIASCAPE\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\Program Files\Mediascape\OnScreen Display\OSD.exe
C:\WINDOWS\DLINK.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\REAL\PLAYER\REALPLAY.EXE
C:\WINDOWS\SYSTEM\PKECMP.EXE
C:\WINDOWS\TEMP\JQ.EXE
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
C:\WINDOWS\TEMP\FWNAS.EXE
C:\WINDOWS\DHBRWSR.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\RNATHCHK.EXE
C:\PROGRAM FILES\NAVISEARCH\BIN\NLS.EXE
C:\WINDOWS\SYSTEM\ODDCHECK.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\WINDOWS\SYSTEM\ODPNAME.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\ESM2\STMS.EXE
C:\ESM2\EBRR.EXE
C:\WINDOWS\SYSTEM\GZB25W.EXE
C:\WINDOWS\SYSTEM\GZB25W.EXE
C:\WINDOWS\DESKTOP\HijackTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\SYSTEM\SearchBar.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://wwws.ameritrade.com/cgi-bin/apps/LogIn
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?new-hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.comcast.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\TV MEDIA\TvmBho.dll
N1 - Netscape 4: user_pref("browser.startup.homepage", "https://investment.datek.com"); (C:\Program Files\Netscape\Users\rmaingi\prefs.js)
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD0.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\PROGRAM FILES\SEP\SEP.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {0982868C-47F0-4EFB-A664-C7B0B1015808} - C:\WINDOWS\SYSTEM\MSKHHE.DLL
O2 - BHO: (no name) - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - C:\WINDOWS\DEALHLPR.DLL
O2 - BHO: WinPage Affiliate - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\PROGRAM FILES\COMMON FILES\MIDADDLE\MIDADDLE.DLL
O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\SYSTEM\MSNKMI.DLL
O2 - BHO: (no name) - {94927A13-4AAA-476A-989D-392456427688} - C:\WINDOWS\SYSTEM\MSJFBL.DLL
O2 - BHO: (no name) - {CC916B4B-BE44-4026-A19D-8C74BBD23361} - C:\WINDOWS\SYSTEM\MSFAOL.DLL
O2 - BHO: (no name) - {25F7FA20-3FC3-11D7-B487-00D05990014C} - C:\WINDOWS\SYSTEM\MSEGGO.GIF
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\TWAINTEC.DLL
O2 - BHO: (no name) - {0BA1C6EB-D062-4E37-9DB5-B07743276324} - C:\WINDOWS\SYSTEM\MSGLJI.GIF
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\PROGRAM FILES\SEP\SEP.DLL
O3 - Toolbar: Band Class - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - C:\WINDOWS\DEALHLPR.DLL
O3 - Toolbar: zSearch Bar - {5886A6DC-AAF4-45E9-979A-8E5E6DEE30E7} - C:\ZSEARCH\zSearch.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [FontFix] c:\windows\options\systools\fntfix.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Warner] C:\Warner\Warner.exe
O4 - HKLM\..\Run: [Multimedia Keyboard] C:\Program Files\Mediascape\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [OnScreen Display] C:\Program Files\Mediascape\OnScreen Display\OSD.exe
O4 - HKLM\..\Run: [NetworkSetup] c:\windows\DLink.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\PROGRAM FILES\REAL\PLAYER\REALPLAY.EXE SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [fruhtwnzfamjv] C:\WINDOWS\SYSTEM\pkecmp.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [Jq] C:\WINDOWS\TEMP\JQ.EXE
O4 - HKLM\..\Run: [2GL#ESD2C2RJ3N] C:\WINDOWS\SYSTEM\TafqW5mn.exe
O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Fwnas] C:\WINDOWS\TEMP\FWNAS.EXE
O4 - HKLM\..\Run: [DealHelperUpdate] C:\WINDOWS\DHUpdt.exe
O4 - HKLM\..\Run: [DealHelperBrwsr] C:\WINDOWS\dhbrwsr.exe
O4 - HKLM\..\Run: [zSearch] C:\ZSEARCH\ZSTB.EXE
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKLM\..\Run: [STEXT35M] C:\WINDOWS\SYSTEM\STEXT35M.exe
O4 - HKLM\..\Run: [IXMAPIF] C:\WINDOWS\SYSTEM\IXMAPIF.exe
O4 - HKLM\..\Run: [r45Q37l] ODDCHECK.EXE
O4 - HKLM\..\RunServices: [TB2PROEXE] "c:\program files\timbuktu pro\tb2start.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [a3u4RXJ7Q] ODPNAME.EXE
O4 - HKCU\..\Run: [msmc] C:\WINDOWS\SYSTEM\msgked.exe
O4 - HKCU\..\Run: [zSearch] C:\ZSEARCH\ZSTB.EXE
O4 - HKLM\..\RunOnce: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - HKCU\..\RunOnce: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Mount Safe & Sound Volumes.lnk = C:\Program Files\McAfee\McAfee Shared Components\Safe & Sound\fbmount.exe
O4 - Startup: EPSON Background Monitor.lnk = C:\ESM2\Stms.exe
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra button: ComcastHSI (HKCU)
O9 - Extra button: Help (HKCU)
O9 - Extra button: Support (HKCU)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {A0777FF1-23AC-11D5-BA9B-00C04F753F09} (BridgeBC24) - http://channel.bridge.com/bc/java/install.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
Anti-SpyWare: Adaware 6.0, Spybot
Anti-Virus: McAfee
Browser: IE
Firewall: Linksys Router
OS: Win98
|
|
