Hijackthis problem

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

angielynn

Thread Starter
Joined
Apr 2, 2004
Messages
483
A friend of mine is having probs......not sure what though lol The first problem is ... when she tries to run hijackthis she gets an error message saying
"invalid picture". Anyone know how to fix this?

We tried deleting it and downloading it again and still have the same problem.

Thank You
Angie
 
Joined
Jan 9, 2004
Messages
313
Download "Spybot S&D" Close all running programs, install then reboot.
Start it and go online and press 'search for updates' tab. (NOTE: if you have problems,
select the US or Australian mirror site to download updates from). Download all updates
that aren't optional. Close all browser windows and run the scan. When it's finished,
'Check All', and fix everything SpybotSD labels in RED. Reboot.

If you can get HKT running ,post the log here
 

angielynn

Thread Starter
Joined
Apr 2, 2004
Messages
483
thank you pancake

we are running adaware right now . as soon as it is done we will run spybot and see if hijack will work.

thank you

Ang
 
Joined
Oct 9, 2001
Messages
9,396
Right-click on HijackThis and choose "open with".......make sure its associated with notepad.
;)
 

angielynn

Thread Starter
Joined
Apr 2, 2004
Messages
483
Steve

When she right clicks on hjt it only says "open" it doesn't give her "open as" as an option.
 

angielynn

Thread Starter
Joined
Apr 2, 2004
Messages
483
we ran spybot s&d and now hijackthis is working ..... she's rebooting right now and when she gets back I will post a new hijackthis file. Thank you all for your help!!!
 

angielynn

Thread Starter
Joined
Apr 2, 2004
Messages
483
new hijackthis log

Logfile of HijackThis v1.97.7
Scan saved at 5:19:00 AM, on 4/24/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\MESSENGER PLUS! 2\MSGPLUS.EXE
C:\PROGRAM FILES\GRISOFT\AVG7\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\FSI\F-PROT\F-STOPW.EXE
C:\PROGRAM FILES\FSI\F-PROT\F-SCHED.EXE
C:\PROGRAM FILES\GRISOFT\AVG7\AVGEMC.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>;127.0.0.1
N1 - Netscape 4: user_pref("browser.startup.homepage", "allaboutsearching.com");\nuser_pref("browser.startup.page", 1);user_pref("network.max_connections", 4); (C:\Program Files\Netscape\Users\glimm\prefs.js)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [SpyStopper] C:\PROGRAM FILES\SPYSTOPPER\spystopper.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [F-STOPW.EXE] "C:\Program Files\FSI\F-Prot\F-STOPW.EXE"
O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Program Files\FSI\F-Prot\F-Sched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVG7\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVG7\AVGEMC.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRAM FILES\GRISOFT\AVG6\avgcc32.exe /startup
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\RunServices: [MSNIA] C:\PROGRA~1\MSN\MSNIA\MSNIASVC.EXE
O4 - HKLM\..\RunServices: [avgamsvr.exe] C:\PROGRA~1\GRISOFT\AVG7\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O12 - Plugin for .swf: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npswf32.dll
O15 - Trusted Zone: http://groups.msn.com
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/128985-NZIL/PhPSetup.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://mx253.sb03.com/apps/softsearch/247_ax1.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
 
Joined
Oct 9, 2001
Messages
9,396
Spybot must have got whatever it was,the log is clean......but you should remove one of the A/V programs....not wise to run two.
I would have HijackThis fix this entry:
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://mx253.sb03.com/apps/softsearch/247_ax1.cab

Consider installing the following:

SpywareBlaster v 3.0 and SpywareGuard v2.2, to prevent Active-X drive-by installations, as well as provide real-time browser hijacking protection: http://www.wilderssecurity.net/index.html

IE-SPYAD, a registry file that adds a long list of known "sites" to the Restricted Sites of your Internet Explorer: http://www.staff.uiuc.edu/~ehowes/resource.htm
;)
 

angielynn

Thread Starter
Joined
Apr 2, 2004
Messages
483
Thank you Steve

One question ...... should she have spybot and spywareblaster or do they do different things?
 
Joined
Jan 9, 2004
Messages
313
SpywareBlaster is good to keep as it stops the nasties from being installed.I use it.You can keep SpyBot just to do the odd scan but remember to update it.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top