1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijack Log, Please evaluate

Discussion in 'Virus & Other Malware Removal' started by Dan Mc, Sep 16, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. Dan Mc

    Dan Mc Thread Starter

    Joined:
    Nov 8, 1999
    Messages:
    665
    I occasionally get some hangups and error screens, but, overall do scan disk and defreg fairly regularly and try to keep my system clean and uncluttered. Still...can one of the gurus please evaluate this hijack log?

    Logfile of HijackThis v1.98.2
    Scan saved at 8:00:17 AM, on 9/16/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\MCAFEE 4.51\AVSYNMGR.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\MS PROJECT 98\OFFICE\OSA.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\MSOFFICE.EXE
    C:\MCAFEE 4.51\VSSTAT.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\MCAFEE 4.51\VSHWIN32.EXE
    C:\MCAFEE 4.51\AVCONSOL.EXE
    C:\MCAFEE 4.51\WEBSCANX.EXE
    C:\NETSCAPE 7\NETSCP.EXE
    C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
    C:\WINDOWS\TEMP\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.yahoo.com/"); (C:\Program Files\Netscape\Users\danielmccarthy\prefs.js)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [McAfeeVirusScanService] C:\McAfee 4.51\Avsynmgr.exe
    O4 - HKCU\..\Run: [TClockEx] C:\UTILITIES\TCLOCKEX\TCLOCKEX.EXE
    O4 - Startup: Office Startup.lnk = C:\MS Project 98\Office\OSA.EXE
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
     
    Dan Mc, Sep 16, 2004
    #1
  2. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    The scanlog is clean.
     
    Rollin' Rog, Sep 16, 2004
    #2
  3. Dan Mc

    Dan Mc Thread Starter

    Joined:
    Nov 8, 1999
    Messages:
    665
    Thanks, Rog...appreciate your expertise (as always!)
     
    Dan Mc, Sep 16, 2004
    #3
  4. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    (y)
     
    Rollin' Rog, Sep 16, 2004
    #4
  5. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,415
    First Name:
    Frank
    Go into the MSCONFIG "Startup" tab and uncheck the following:

    REALSCHED.EXE

    OSA.EXE

    MSOFFICE.EXE

    WINZIP32.EXE

    None of these programs need to be loading during startup and running in the background. Click the link below and read the article about MSCONFIG.

    I see that you're using McAfee VirusScan for your antivirus program. Besides being a memory hog and bogging down older computers, it's common for it to generate error messages.
     
    flavallee, Sep 16, 2004
    #5
  6. Dan Mc

    Dan Mc Thread Starter

    Joined:
    Nov 8, 1999
    Messages:
    665
    None of those are checked in MSCONFIG Start Up.
     
    Dan Mc, Sep 16, 2004
    #6
  7. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,415
    First Name:
    Frank
    Look in the MSCONFIG "Startup" tab. They should be checked there because they're showing in your list of running processes. Uncheck them, apply the change, then reboot.
     
    flavallee, Sep 17, 2004
    #7

  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Hijack Please evaluate
  1. genubi

    New Hijacked

    genubi, Nov 24, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    278
    genubi
    Nov 24, 2019
  2. bj nick

    New Laptop plagued by browser hijacker....help!

    bj nick, Nov 2, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    586
    bj nick
    Nov 2, 2019
  3. ptheo

    In Progress BocaMonitor how can i delete this Please and thank you

    ptheo, Jun 26, 2019, in forum: Virus & Other Malware Removal
    Replies:
    1
    Views:
    437
    iMacg3
    Jun 26, 2019
  4. ebaile7494

    New Help Please

    ebaile7494, Jun 4, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    764
    ebaile7494
    Jun 4, 2019
  5. josephw3090

    New Hacked - computer, phone. please advise on protection.

    josephw3090, Mar 19, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    910
    josephw3090
    Mar 19, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/274627

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice