Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Drive C


  • This topic is locked This topic is locked
2 replies to this topic

#1 BBW Baby Girl

BBW Baby Girl

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Location:Rural Retreat, Virginia
  • Local time:03:14 PM

Posted 23 June 2006 - 10:47 AM

Logfile of HijackThis v1.99.1
Scan saved at 11:38:55 AM, on 6/23/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neopets.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
O2 - BHO: Advanced Searchbar - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - C:\PROGRA~1\ADVANC~2\ADVANC~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL
O3 - Toolbar: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRAM FILES\ADVANCEDSEARCHBAR\ADVANCEDSEARCHBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AOL Instant Messenger (SM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRAM FILES\ADVANCEDSEARCHBAR\ADVANCEDSEARCHBAR.DLL
O9 - Extra 'Tools' menuitem: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRAM FILES\ADVANCEDSEARCHBAR\ADVANCEDSEARCHBAR.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL



The above is my hijackthis log. I am not exactly sure what kind of infection I have. I just know there has to be something. I was prompted the other day that my drive c has became damaged. Partition Table(MBR), boot sector disk c, Kernel32.dll, shell32.dll, wsock32.dll, user32.dll have all became unreadable causing any and all anti-virus programs to not be able to read anything in drive c.

Before this there was a trojan worm alert pop up on my system by avg free edition and the trojan worm was successfully removed by avg. But since then I have ran into more problems with this system. I am unaware of all of the problems that could be occuring in this system because I bought it from someone named Mario on ebay for $70. But I knew there had to be something wrong with the system. The computer was really slow when I first got it. Since the drive c became damaged the computer has been kind of fast I guess that's the only good thing.

Mostly any browser I use has lots of trouble connecting to the servers of sites. I'd just really like to get this fixed as soon as possible.

BC AdBot (Login to Remove)

 


#2 BBW Baby Girl

BBW Baby Girl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Location:Rural Retreat, Virginia
  • Local time:03:14 PM

Posted 29 June 2006 - 07:09 AM

Problem solved!

What happened was not to long ago I had a trojan virus on my system "web.exe". The trojan virus had infected some programs on my laptop. The infection was also the reason that AVG and all other anti-virus scanners were not able to read drive c. I had to reinstall all anti-virus scanners that I had on my laptop in order to fix the problem. AVG had helped me delete the trojan virus from my system just before it went "boom".

Things seem to be doing pretty good now. The only problem with this laptop now is that it is still kind of slow, but not really all that bad. The corruption of the anti-viruses was the reason Partition Table(MBR), and all of the other files were not able to be read. (had reading errors)

#3 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:14 PM

Posted 03 July 2006 - 10:03 PM

Good to hear. Since the issue appears to be resolved I will close this topic.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users