???
Results 1 to 2 of 2

Thread: ???

  1. January 6th, 2005, 09:03 AM #1
    riddellcomp
    riddellcomp is offline
    Registered User
    Join Date
    Oct 2003
    Location
    Western Australia
    Posts
    737

    ???

    I looked at a pc tonight running Win98 which seemed to not be able to connect to any websites that contained search engines. The owner told me that he has problems trying to get to certain websites. I connected to the net, and msn.com.au loaded as his home page no worries. We then clicked on a travel link and then a few other links but they wouldnt work. I tired to load google.com.au and then yahoo.com but they wouldnt open and I simply got page not found errors.
    I could load some pages no probs such as bigpond.com, tpg.com. iinet.com. But as you cans ee there was no real pattern to the type of sites that it would connect to versus those that it wouldnt. (Except perhaps that it would connect to ISP sites but not search engine sites but I dont know if that was related or not.)
    I phoned my house and had my daughter confirm these sites were available (Been there before.) and they were.

    I ran spybot which found about 20 entries or so bu needed to run on start up to remove them. After attempting to do this and with about 1000 spybug checks to go Spybot went all haywire, started showing german error messages and then I got a Windows full screen white window with black writing saying that windows needs to be re-installed because exlorer.exe could not be loaded.

    I rebooted and windows started no probs but Ididnt bother running spybot again as it took to long the first time and I dont know if it finished properly anyway. I noticed that I can open Google in netscape so the problem is only limited to IE. I ran Hijack this but didnt find anything to worry about.

    Here is the log.

    Logfile of HijackThis v1.97.7
    Scan saved at 7:46:49, on 6/01/05
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
    C:\WINDOWS\SYSTEM\SISTRAY.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\SYSTEM\HPZTSB08.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP SOFTWARE UPDATE\HPWUSCHD.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    D:\UTILITIES DISC\SECURITY TOOLS\HIJACKTHIS.EXE
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.apcstart.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\system32\blank.htm
    N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.wethere.com"); (C:\Program Files\Netscape\Users\mangobme\prefs.js)
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\SYSTEM\SISTRAY.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb08.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
    O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...?37991.9121875
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab


    We are going to re-format the drive anyway but I am curious to know what could have caused this.
    Reply With Quote Reply With Quote
  2. January 6th, 2005, 10:17 AM #2
    hudsonsmith
    hudsonsmith is offline
    Registered User hudsonsmith's Avatar
    Join Date
    Feb 2003
    Location
    New York
    Posts
    2,276
    Check hosts file. Also, your version of hijack is out of date - current is 1.99. Reports some additional info relating to this issue.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules