Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hjt


  • This topic is locked This topic is locked
3 replies to this topic

#1 Persephone

Persephone

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 13 August 2005 - 11:07 PM

I am having major iexplorer problems and cant figure out whats going on when I click the icon on desktop I get the msg can not find blank.exe..I cannot uninstall ie6 to reinstall it..its messed up every which away...


Logfile of HijackThis v1.99.1
Scan saved at 12:00:21, on 8/13/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\3dmoused.exe
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\AMERICA ONLINE 7.0B\WAOL.EXE
C:\WINDOWS\WSCRIPT.EXE
C:\PROGRAM FILES\ACCESSORIES\WORDPAD.EXE
C:\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: PosHelp - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - C:\PROGRA~1\ADVANC~1\ADVANC~1.DLL
O3 - Toolbar: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRAM FILES\ADVANCED SEARCHBAR\ADVANCEDSEARCHBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [Primax 3-D Mouse] 3dmoused.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0b\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O9 - Extra button: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRAM FILES\ADVANCED SEARCHBAR\ADVANCEDSEARCHBAR.DLL
O9 - Extra 'Tools' menuitem: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRAM FILES\ADVANCED SEARCHBAR\ADVANCEDSEARCHBAR.DLL
O12 - Plugin for .ply: C:\PROGRA~1\INTERN~1\PLUGINS\npPetz.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Netscape Browser\PLUGINS\NPSWF32.dll
O16 - DPF: Yahoo! Chat 1.2 - http://cs2.chat.yahoo.com/c121/chat.cab
O16 - DPF: Yahoo! Chat 1.3 - http://cs3.chat.yahoo.com/c126/chat.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2002082...all/xscan53.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab
O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_01) -
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/...ymmapi_0727.dll
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://ecampus.wintu.edu/secure/PhxStudent15.CAB
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.2.5.28/mahj...g-ob-assets.cab

I also ran regsrch for blank.exe and it found nothing. I ran a search on just blank and a bunch of things came up..but I doubt that matters..but just incase,thought id tell ya :thumbsup:

Edited by Persephone, 13 August 2005 - 11:10 PM.


BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:07:00 PM

Posted 15 August 2005 - 11:01 PM

Hello Persephone and welcome to the BC HijackThis forum. I do not see any problems with infections or malware at this time. The log is clean.

I see that there is currently a topic open in the Web Browser forum. Since this is not a malware issue I would suggest following the advice of the people in that forum and see what they have to say.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 Persephone

Persephone
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 16 August 2005 - 10:33 PM

Thanks OT :thumbsup: I ended up having to have my windows reinstalled..to many problems and not enough time to try and sort it out myself. You guys have been most helpful..Im sure this wont be the last time im begging for your help..but maybe it wil be awhile :flowers: Thanks OT and take it easy :trumpet:

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:07:00 PM

Posted 16 August 2005 - 10:35 PM

You are welcome Persephone. I will close this topic.

OT :thumbsup:
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users