Home > Windows 98 > Windows 98 Browser Hijacked! Need Help With Reading HijackThis Log.

Windows 98 Browser Hijacked! Need Help With Reading HijackThis Log.

Thank you! Browser Hijacked Started by cwwllc , Jun 15 2006 04:34 AM Prev Page 2 of 4 1 2 3 4 Next Please log in to reply 78 replies to this topic Their support team told me that it must be started using the command prompt, which was confusing (see instructions link: http://kb.bitdefende...nd_Prompt.html). I decided to re-run MWAV in safe mode. have a peek at this web-site

Back to top #26 LS CalamityJane LS CalamityJane Former Lavasoft Staff Members 8814 posts Posted 18 June 2006 - 07:56 PM Ok, I figured it was the Qoo infection. Join & Ask a Question Advertise Here Enjoyed your answer? Keep in touch with Experts ExchangeTech news and trends delivered to your inbox every month Live Consultants Membership How it Works Gigs Live Careers Plans and Pricing For Business Become an How can I make it available? 0 OPDiscussion Starter Perrom 12 Years Ago I tried another way. http://www.bleepingcomputer.com/forums/t/21637/web-browser-freezing-up-hijack-this-log/

That makes it easy to refer back to it later, compare the results of multiple scans, and also to get help and advice from other users on forums when you're trying I can almost never close it by normal means. Thank you for your understanding and cooperation!Plus and Pro Ad-Aware users (only) may use the Support Center for personal assistance:Support CenterMicrosoft MVP/Windows - Security 2003-2009 Back to top #30 cwwllc cwwllc Looking around my C:\windows I found more of these files.

  1. Here are the names of all weird files I found in C:\windows : ajebxyw.exe < the one that substituted tcplddh.exe bsmjwyl.exe ejumeup.exe fknngxc.exe jgrmlfs.exe < the one you pointed out jlksgyv.exe
  2. Have something to contribute to this discussion?
  3. All have random names of 7 letters, size of 46,592 bytes and were last modified on 01/20/05....
  4. support component PDVDSERV.EXE - Power DVD remote control support INCD.EXE - Nero CD writing support fileJGRMLFS.EXE - WTF??
  5. If you had trouble deleting a file, reboot into Safe Mode and follow this step again.

If so, see if there's any helpful information within the found key. The email signature template has been downloaded from: www.mail-signatures… Exchange CodeTwo Binomial Distribution Video by: Ed Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Thank you for your understanding and cooperation!Plus and Pro Ad-Aware users (only) may use the Support Center for personal assistance:Support CenterMicrosoft MVP/Windows - Security 2003-2009 Back to top #27 cwwllc cwwllc Reply to this review Read reply (1) Was this review helpful? (0) (0) Report this post Email this post Permalink to this post Reply by TrainerPokeUltimate on October 21,

In your Start menu, choose the "Run..." option and type the following in the "Open:" box to run the Registry Editor: regedit 2. Open the QooFix9x folder on your desktop and run RunThis.bat. I rebooted in Safe Mode my Win 98 system and deleted the strange files from C:\windows. C:\WINDOWS\JGRMLFS.EXE <-- Find this file in Explorer, right-click on it, and choose "Properties" from the pop-up menu.

Back to top #28 cwwllc cwwllc Advanced Member Members 42 posts Posted 18 June 2006 - 08:11 PM So far, with all the logs that I've posted do you think any Please do NOT send Private Messages to Staff or helpers to request assistance! I think this should work on that one anyway1, Please download QooFix9x and save it to your desktop. Report this post 1 stars "Fraudulently listed as FREE!?" June 26, 2015 | By ganerd 2015-06-26 13:49:30 | By ganerd | Version: Trend Micro HijackThis 2.0.5 beta ProsCant think of any

When it is done, your Temporary Internet Files will now be deleted.Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:Simple and easy Source While it gets the job done, there is not much guidance built in for novice users. Hopefully this time I can open the log file. We do not give a personal support via PM The way to request help is to post a NEW TOPIC in the appropriate forum.

We do not give a personal support via PM The way to request help is to post a NEW TOPIC in the appropriate forum. Check This Out I don't like the looks of that one! Here is my hijackthis log. (THis is on a win98 box): ========================================================== Logfile of HijackThis v1.99.1 Scan saved at 4:02:22 PM, on 3/14/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet We do not give a personal support via PM The way to request help is to post a NEW TOPIC in the appropriate forum.

For reasons I have detailed elsewhere on Daniweb, there is no way in hell we will consider a Dell system. ... We do not give a personal support via PM The way to request help is to post a NEW TOPIC in the appropriate forum. Reply to this review Read reply (1) Was this review helpful? (0) (0) Report this post Email this post Permalink to this post Reply by TrainerPokeUltimate on October 21, Source If not, there may be other listing for the CLSID elsewhere in the Registry; Pressing the F3 key will continue your search. 3.

We do not give a personal support via PM The way to request help is to post a NEW TOPIC in the appropriate forum. Go to delete a file on reboot and enter c:\windows\tcplddh.exe; when prompted to reboot choose yes. Thank You for Submitting an Update to Your Review, !

Though, I have another question.

No version, no company name. Then I rebooted in Normal Mode, checked all the malicious entries in HJT log,hit fix and then did a third reboot. And the negotiating phase takes more than usual,but I don't get redirected to any strange pages. All Rights Reserved Windows iOS Android Mac Enter to Search Popular Apps Popular Windows Apps Avast Free Antivirus CCleaner Advanced SystemCare Free Driver Booster Malwarebytes VirtualDJ 8 Driver Easy YTD Video

Backing up files: Done! Here in the forums, replies are posted to topics only. The strange thing is that the date of generation differs from one to another. have a peek here windows-virus This topic has been dead for over six months.

This may take quite a while, so do not be alarmed with how long it takes. Back to top #8 Grinler Grinler Lawrence Abrams Admin 42,854 posts ONLINE Gender:Male Location:USA Local time:12:34 AM Posted 18 June 2005 - 12:56 PM Your log is clean! Several functions may not work. Privacy Policy Support Terms of Use Forums DaniWeb IT Discussion Community Forums Join Log In Read Respond Contribute Hardware and Software Programming Digital Media Community Center Home Forums Hardware and Software

All are 0 bytes and I haven't a clue why BitDefender put them on your desktop, but they don't look like anything you need to keep, so I would just delete Thank You for Submitting Your Review, ! Look for the *New Topic* Button near the top right when viewing the forums. Privacy Policy Ad Choice Patents Terms of Use Mobile User Agreement Download.com Powered by CNET download Windows Mac Android iOS more About Download.com Get Download.com Newsletters Download Help Center Advertise on

Look for the *New Topic* Button near the top right when viewing the forums. Here in the forums, replies are posted to topics only. Here is a copy of my Hijack this log:Logfile of HijackThis v1.99.1Scan saved at 5:10:46 PM, on 06/15/2005Platform: Windows 98 SE (Win9x 4.10.2222A)MSIE: Internet Explorer v5.50 (5.50.4134.0600)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\EXPLORER.EXEC:\TEMP\HIJACKTH.EXEF1 - win.ini: run=hpfschedO3