Home > Windows 98 > Windows 98 SE HijackThis Log

Windows 98 SE HijackThis Log

Ask a Question See Latest Posts TechSpot is dedicated to computer enthusiasts and power users. See Below... After reviewing your log I see a few items that require out attention.Please perform the following steps:Download Cwshredder.exe and save it to a folder of its own. How can I make it available? 0 OPDiscussion Starter Perrom 12 Years Ago I tried another way. Source

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. If an update is available then download and install it. windows-virus This topic has been dead for over six months. Register now to gain access to all of our features, it's FREE and only takes one minute. you could try here

Then boot into Safe Mode by tapping the F8 button at startup and delete the following: C:\PROGRAM FILES\VIEWPOINT<-folder C:\PROGRAM FILES\AWS<-folder C:\WINDOWS\DOWNLOADED PROGRAM FILES\SBCIE028.DLL<-file Now reboot normally and post a new log Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, and install it. Login now.

  1. Boot normal.
  2. SimpleToolbar is still in the add/remove software part of the control panel and I have no idea where it's coming from.
  3. That's what the forums are here for.
  4. Is it safe to delete them?
  5. Below is the 'HijackThis' log taken after the fix.
  6. Hijackthis Log Started by krayz , Nov 01 2004 04:24 PM This topic is locked #1 krayz Posted 01 November 2004 - 04:24 PM krayz Member Member 12 posts Would some
  7. RichieUK 36762 posts ModeratorsPosted 11 years, 353 days ago Welcome First of all uninstall VIEWPOINT and AWS through Add Remove Programs,then reboot.
  8. WIndows Sharing Problem, Please help Translate © 2017 Advanced PC Media LLC, all rights reserved.

Apr 1, 2005 #11 RealBlackStuff TS Rookie Posts: 6,503 Boot in Safe Mode. It seems like my computer is always busy doing his things and when I try to do mine it blocks and have to use the ctrl+alt+del to turn off some backgroud Boot in Safe Mode. Messenger - {REGISTRY_IDENTIFIER} - {DRIVE}\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE UnnecessaryDangerousUnknownSafe O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = jaring O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = jaring UnknownSafeDangerousUnnecessary O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.188.1.5,202.188.0.133 O17 - HKLM\System\CCS\Services\VxD\MSTCP:

When you've done,reboot and post a new log. ___________________________________________________________ http://www.getfirefox.net naft11 2 posts Forum MembersPosted 11 years, 353 days ago I did all those steps before posting the log. this file has only the General tab in Properties. Windows 7 and Windows 10 dual boot SNAFU Last Post 2 Weeks Ago I recently bought a new Dell XPS 8900 with a 1TB drive and only 8GB of RAM. https://forums.spybot.info/showthread.php?56442-Help-with-HijackThis-Log-windows-98 Sign Up All Content All Content Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Search More Malwarebytes.com Malwarebytes

If you have an Explorer window open, do the following Click in the address bar to the right of the ... What about the original Simple Toolbar and WexTech AnswerWorks? Please re-enable javascript to access full functionality. Here's the new log file you wanted.

Looking around my C:\windows I found more of these files. http://www.techspot.com/community/topics/need-help-reviewing-hijackthis-log.21459/ It worked! I don't recall going to any random websites so I don't know how all of that crap got on my computer in the first place before the switch. Feb 18, 2005 #4 Laurno2 TS Rookie Topic Starter thanks Thank you for your help.

Also, does anyone know what Simple Toolbar and WexTech AnswerWorks are? Start CleanUp! Once the program opens, choose the "Find..." option under the Edit menu to bring up the search window, paste one of CLSIDs from the suspect filenames into the search box, perform TechSpot Account Sign up for free, it takes 30 seconds.

For reasons I have detailed elsewhere on Daniweb, there is no way in hell we will consider a Dell system. ... Could someone go over what I have and tell me what can/should be deleted? Are they still there? Error code: 2S136/C Contact Us Existing user?

Though, I have another question. I don't know what file it's linked to. No version, no company name.

It may take a few minutes depending on the size of your hard drive so be patient.Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is

Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_18_0.DLLO2 - BHO: Web Search Bar - {4E7BD74F-2B8D-469E-D0EA-F97FF4D5FA7D} - C:\WINDOWS\DOWNLO~1\SFTB.DLLO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCXO3 - Toolbar: Web Search Bar - {4E7BD74F-2B8D-469E-D0EA-F97FF4D5FA7D} - on the Task Bar STIMON.EXE - Windows' Still Image Monitor; camera, scanner, etc. I connect to Internet with a 56 k Conexant modem. They have only the General tab in properties.

Z-Demon (Ungultiger Datetyp fur ") and now also have a giant warning that I'm in Danger as my background....awesome. When it's finished it will reboot your machine to finish the cleaning process. WFXCTL32.EXE - Displays WinFax icon in the System Tray SPOOL32.EXE - Windows file; handles print spooling services TAPISRV.EXE - Windows file; provides telephony support WFXMOD32.EXE - Provides Symantec WinFax modem support In my IE browser 4 new pages pointing to http://dr-search4u.com/sp.htm keep coming back and the home page gets changed too.

Yes, my password is: Forgot your password? I can't get Simple Toolbar to uninstall and I have no idea what the WexTech thing is. Start the program and click on the Check for Update button. Ask a question and give support.

I rebooted in Safe Mode my Win 98 system and deleted the strange files from C:\windows. It seems to clean alot of the stuff up, but still have the browser hijacker. Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules. I have scanned my Win 98 computer with Ad-ware SE and Spybot S&D.

Windows 10 Tips Last Post 2 Weeks Ago Here's a handy tip I haven't seen documented anywhere. I got WexTech to go away but the Simple Toolbar is still in the install/remove software part of the control panel. If one is compromised, are all of them? - 10 replies Why does Google offer free fonts to use online? - 16 replies Couple questions about Assembly - 6 replies PDF thanks for the great help! 0 DMR 152 12 Years Ago good idea finding out what jgrmlfs.exe is up to!

No version, no company name. Start a new discussion instead. Repeat the above for each of the 32-digit strings in the other suspect files. CLSIDs are unique identifiers for Windows COM (component Object Model) entities installed on your system, and those entities should have entries to their related CLSIDs hiding in your Registry.

I also did several Windows Updates that were long overdo. Krayz 0 #3 ditto Posted 01 November 2004 - 08:41 PM ditto - i pwn n00bs - Member 1,260 posts thats ok krayz,continued here-> http://www.geekstogo...?showtopic=4652 0 Back to Windows 98, 95, MahJong Solitaire - http://download.game...s/y/mjst3_x.cabO16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://mirror.worldw...apit/swapit.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://mirror.worldw...ed/wwlaunch.cabO16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldw...ared/dephlp.cabO16 - DPF: {4E7BD74F-2B8D-469E-D0EA-F97FF4D5FA7D} (Web Search Bar) The log now looks like this: Logfile of HijackThis v1.99.0 Scan saved at 4.35.14, on 25/01/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE

Now have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked.