Wondering if you could help me. My boyfriend is currently running windows 98. His shortcuts on the desktop are now .lnk files instead of .exe files. This computer came loaded with windows 98 so he does not have the disk. I ran a hijack this and this is what it came up with
Logfile of HijackThis v1.99.1
Scan saved at 9:04:57 AM, on 5/12/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32
.DLL
C:\WINDOWS\SYSTEM\MSGSRV32
.EXE
C:\WINDOWS\SYSTEM\MPREXE.E
XE
C:\WINDOWS\SYSTEM\mmtask.t
sk
C:\WINDOWS\SYSTEM\MSTASK.E
XE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\LXDBOXCP
.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALS
CHED.EXE
C:\PROGRAM FILES\WINDOWS ADTOOLS\WINADTOOLS.EXE
C:\PROGRAM FILES\WINDOWS ADTOOLS\WINRATCHET.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EX
E
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\WINDOWS\SYSTEM\DDHELP.E
XE
C:\WINDOWS\SYSTEM\SPOOL32.
EXE
C:\UNZIPPED\HIJACKTHIS[1]\
HIJACKTHIS
.EXE
R0 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Start Page =
http://my.msn.com/R0 - HKLM\Software\Microsoft\In
ternet Explorer\Search,SearchAssi
stant =
http://files.cc.cometsystems.com/assist/cc/1.0/assist_st.html?src_id=312R0 - HKLM\Software\Microsoft\In
ternet Explorer\Search,CustomizeS
earch =
R1 - HKCU\Software\Microsoft\In
ternet Explorer\SearchURL,(Defaul
t) = =%3D
R3 - URLSearchHook: (no name) - {965A592F-8EFA-4250-8630-7
960230792F
1} - (no file)
F1 - win.ini: run=LXDBOXCP.EXE
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-6
4B5B4FF55D
0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.0001.1004\EN
-US\MSNTB.
DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-4
74BF36AF6E
4} - C:\Program Files\MSN Apps\ST\01.02.0001.1004\en
-xu\stmain
.dll
O2 - BHO: (no name) - {98FA4DB7-F906-4E2E-A848-F
E0A5BE8D50
C} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F
ADC6B08487
2} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
0A0C908246
7} - C:\WINDOWS\SYSTEM\MSDXM.OC
X
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
859DF00B1D
6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals
ched.exe" -osboot
O4 - HKLM\..\Run: [AWMON] "C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PLUS\AD-WATCH.EXE"
O4 - HKLM\..\Run: [Windows AdTools] C:\PROGRAM FILES\WINDOWS ADTOOLS\WINADTOOLS.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.ex
e start
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMO
N.EXE /Consumer
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPw
rScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [NPFMonitor] C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypa
ger.exe -quiet
O4 - HKCU\..\Run: [Spyware Doctor] C:\PROGRAM FILES\SPYWARE DOCTOR\SPYDOCTOR.EXE /Q
O4 - HKCU\..\RunServices: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\RunServices: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypa
ger.exe -quiet
O4 - HKCU\..\RunServices: [Spyware Doctor] C:\PROGRAM FILES\SPYWARE DOCTOR\SPYDOCTOR.EXE /Q
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGI
NS\npqtplu
gin.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugi
ns\NPDocBo
x.dll
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGI
NS\nppdf32
.dll
O16 - DPF: {11311111-1111-1111-1111-1
1111111115
7} - file://C:\Recycled\Q330995
.exe
O16 - DPF: {10003000-1000-0000-1000-0
0000000000
0} - ms-its:mhtml:file://C:\foo
.mht!
http://195.225.177.13/20647/online.chm::/on-line.exeO16 - DPF: {6BEA1C48-1850-486C-8F58-C
7354BA3165
E} (Install Class) -
http://updates.lifescapeinc.com/installers/pinstall/pinstall.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-0
0C04F9A3B6
1} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5
009F29E09E
1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {15AD4789-CDB4-47E1-A9DA-9
92EE8E6BAD
6} -
http://public.windupdates.com/get_file.php?bt=ie&p=cf3d6d5353c60b9c57a954782f56eb0cd9479ee0ea04b6bc0ce90bac83d24136f9dd061a26c7bee673eca0d57a04fbe728c2ef828f08:089f8d69b8a0dd824129ec8711ffcf53O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-2
2031317559
2} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab Hope it helps. My other option is I have my Windows XP disk. Could I just wipe his computer clean with a fresh start? Nothing on there worth saving anyway...tee hee hee...thanks for any help you can be.
