what's going on !!

Computing.Net > Forums > Security and Virus > what's going on !!

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

what's going on !!

Name: travipper
Date: January 17, 2004 at 15:10:16 Pacific
OS: 98se
CPU/Ram: celeron 64

Comment:

Am I going mad??!! Just posted a hijack log.
Mark answered. I went to post my thanks and my opiginal post has vanished. Not showing in My Computing.Net either.
Any ideas please?

Sponsored Link

Ads by Google

Response Number 1

Name: MrChalee
Date: January 17, 2004 at 15:15:10 Pacific

Reply:

Post it in this forum, they will be glad to help you. PostItHere

Response Number 2

Name: Kevin The Tech Dude
Date: January 17, 2004 at 15:23:01 Pacific

Reply:

Because you did not follow the rules. That simple.
KTTD

Response Number 3

Name: travipper
Date: January 17, 2004 at 15:23:01 Pacific

Reply:

Thank you Mr C.
Hijack log below. Anything need removal.
Cheers
Logfile of HijackThis v1.97.7
Scan saved at 12:21:04, on 18/01/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.exe
C:\WINDOWS\SYSTEM\MPREXE.exe
E:\AVGSERV9.exe
C:\PROGRAM FILES\SYGATE\SPF\SMC.exe
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RNAAPP.exe
C:\WINDOWS\SYSTEM\TAPISRV.exe
C:\WINDOWS\EXPLORER.exe
C:\WINDOWS\TASKMON.exe
C:\WINDOWS\SYSTEM\SYSTRAY.exe
D:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.exe
E:\AVGCC32.exe
C:\PROGRAM FILES\GENIUS NETSCROLL + SERIES MOUSE\MOUSEELF.exe
C:\WINDOWS\SYSTEM\HPZTSB06.exe
C:\PROGRAM FILES\PHILIPS\LIGHTFRAME\LIGHTFRAME.exe
C:\WINDOWS\SYSTEM\SPOOL32.exe
C:\WINDOWS\SYSTEM\WMIEXE.exe
E:\MAILWASHER\MAILWASHER.exe
C:\WINDOWS\SYSTEM\PSTORES.exe
C:\WINDOWS\SYSTEM\DDHELP.exe
D:\HIJACKTHIS.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xtra.co.nz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = ,
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - E:\PROGRA~1\STARDO~1\SDIEINT.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Pop-Up Stopper] "D:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.exe"
O4 - HKLM\..\Run: [AVG_CC] E:\avgcc32.exe /startup
O4 - HKLM\..\Run: [mouseElf] C:\Program Files\Genius NetScroll + Series Mouse\mouseElf.exe
O4 - HKLM\..\Run: [Deskup] e:\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb06.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.exe -startgui
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Avgserv9.exe] E:\Avgserv9.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.exe
O4 - Startup: LightFrame.lnk = C:\Program Files\Philips\LightFrame\LightFrame.exe
O8 - Extra context menu item: Download with Star Downloader - E:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash2/cabs/swflash.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security1.norton.com/SSC/SharedContent/sc/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security1.norton.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37863.7174189815
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312
O16 - DPF: {774EB36D-C105-40CE-B6F7-8EBC0438B37B} (rcimport.rcemailctl) - http://jobs.realcontacts.com/rcemailctl.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup141.cab

Response Number 4

Name: travipper
Date: January 17, 2004 at 15:24:45 Pacific

Reply:

Hi Kevin. What did I do wrong please?
Thank you.

Response Number 5

Name: Kevin The Tech Dude
Date: January 17, 2004 at 15:33:27 Pacific

Reply:

Now I know why you didn't see the pop up box, you have a pop up blocker running and Justin removed the 2nd warning.
This was a concern of mine when he did that because you didn't see the warning.
We ask that you run Spybot or Ad-Aware before posting a log file. You are a victim of kinks being worked out.
KTTD

see what's going on behind the boot screen windows 7 what's going on with my computer bypass win2k server splash screen to see what's going on	what is going on with hotmail today check what's running on a port whats the command to see what's running on startup
See More

Response Number 6

Name: travipper
Date: January 17, 2004 at 15:35:06 Pacific

Reply:

Anyone tell me what I did that was wrong?
What rule did I mess up? This is a great forum and I don't wish to upset or get it wrong again.
Many thanks.

Response Number 7

Name: Kevin The Tech Dude
Date: January 17, 2004 at 15:38:41 Pacific

Reply:

See above post or e-mail me.
KTTD

Response Number 8

Name: travipper
Date: January 17, 2004 at 15:42:54 Pacific

Reply:

OK thanks for that. So need popblocker off when on here?

Response Number 9

Name: Kevin The Tech Dude
Date: January 17, 2004 at 15:49:24 Pacific

Reply:

No, you do not need it turned off. We have a lot of problems with people just dropping log files when a lot of times Spybot and Ad-Aware can resolve the issue. So we ask that you run them first. If you are still having problems then post a log file.
So please take those steps first. Then if you are still having issues, feel free to repost but state that you tried those programs first.
KTTD

Response Number 10

Name: travipper
Date: January 17, 2004 at 16:24:00 Pacific

Reply:

Hello all. Try again. Have run Adaware and Spybot so here is the log.
Do you see anything that needs to be removed?
Many thanks.
Logfile of HijackThis v1.97.7
Scan saved at 13:21:08, on 18/01/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.exe
C:\WINDOWS\SYSTEM\MPREXE.exe
E:\AVGSERV9.exe
C:\PROGRAM FILES\SYGATE\SPF\SMC.exe
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RNAAPP.exe
C:\WINDOWS\SYSTEM\TAPISRV.exe
C:\WINDOWS\EXPLORER.exe
C:\WINDOWS\TASKMON.exe
C:\WINDOWS\SYSTEM\SYSTRAY.exe
D:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.exe
E:\AVGCC32.exe
C:\PROGRAM FILES\GENIUS NETSCROLL + SERIES MOUSE\MOUSEELF.exe
C:\WINDOWS\SYSTEM\HPZTSB06.exe
C:\PROGRAM FILES\PHILIPS\LIGHTFRAME\LIGHTFRAME.exe
C:\WINDOWS\SYSTEM\SPOOL32.exe
C:\WINDOWS\SYSTEM\WMIEXE.exe
E:\MAILWASHER\MAILWASHER.exe
C:\WINDOWS\SYSTEM\PSTORES.exe
C:\WINDOWS\SYSTEM\DDHELP.exe
D:\HIJACKTHIS.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.msn.com/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xtra.co.nz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = ,
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - E:\PROGRA~1\STARDO~1\SDIEINT.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Pop-Up Stopper] "D:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.exe"
O4 - HKLM\..\Run: [AVG_CC] E:\avgcc32.exe /startup
O4 - HKLM\..\Run: [mouseElf] C:\Program Files\Genius NetScroll + Series Mouse\mouseElf.exe
O4 - HKLM\..\Run: [Deskup] e:\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb06.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.exe -startgui
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Avgserv9.exe] E:\Avgserv9.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.exe
O4 - Startup: LightFrame.lnk = C:\Program Files\Philips\LightFrame\LightFrame.exe
O8 - Extra context menu item: Download with Star Downloader - E:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash2/cabs/swflash.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security1.norton.com/SSC/SharedContent/sc/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security1.norton.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37863.7174189815
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312
O16 - DPF: {774EB36D-C105-40CE-B6F7-8EBC0438B37B} (rcimport.rcemailctl) - http://jobs.realcontacts.com/rcemailctl.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup141.cab

Response Number 11

Name: wawadave
Date: January 17, 2004 at 21:34:58 Pacific

Reply:

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - E:\PROGRA~1\STARDO~1\SDIEINT.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup141.cab

these are the only ones i see there may or may not be more.

Response Number 12

Name: travipper
Date: January 17, 2004 at 22:14:40 Pacific

Reply:

Thank you Dave. A response at last.
Most grateful.
Kindness to you.

Response Number 13

Name: Abnormal
Date: January 17, 2004 at 22:26:44 Pacific

Reply:

Ripper, did not answer because I did not
see anything, not sure what mark had you
remove.

Response Number 14

Name: blender
Date: January 18, 2004 at 20:50:50 Pacific

Reply:

This is the browser helper object that allows you to read pdf files online (acrobat reader)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0
If you use acrobat reader and have problems viewing pdf files online after fixing that with hijackthis...
Close internet explorer if running,
Start hijackthis again> click "config"> click "backups" > hilight this entry in the list:
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0
click "restore"
Close hijackthis.

Sponsored Link

Ads by Google

yellow flashing box

Spyware Horror

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: what's going on !!

What is going on with my PC?

Summary

www.computing.net/answers/security/what-is-going-on-with-my-pc/15457.html

What's happening to my posts?

Summary

www.computing.net/answers/security/whats-happening-to-my-posts/8013.html

What's wrong with the computer?

Summary

www.computing.net/answers/security/whats-wrong-with-the-computer/2209.html

From the Geek Dictionary
1d10t - A farsical error provided by IT support personnel(especially over the phone...

Ask a Question!

Weekly Poll
What do you think of the new preview of Chrome OS?

Poll Finishes In 5 Days.
Discuss in The Lounge
Poll History

Recent Posts
F-Secure Internet Security 2009

Can a few people test this please?

d3d overrrider

Runnig Batch files.

Windows 7 Network share issue

All Awaiting Reply

Tom's News
Woman Tracks Down Club Attacker on Facebook

Geolocation Functions Come to Twitter

New Craigslist Trend: Trade Sex for Rent?

Law Firm Investigates MS Over Xbox Live Bans

Amazon Charges $25 for Palm Pixi and $80 for Pre

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE