Windows 95

I'm having multiple problems with browser hijacks on a machine running windows 95. I downloaded Ad-aware and Hijack this. However Ad-aware will not open and HijackThis returns a missing MSVBVM6.DLL file. Is this because of 95? Are there any other options?
thanks
Jay

 

Hijkassabian

I asked around and one of the very knowledgable Mods here(snap)

gave me this link,

http://www.spywareinfoforum.com/~merijn/downloads.html

look in the downloads paragraph.

She also suggested u might need this,

http://download.microsoft.com/downl.../vbrun60sp5.exe

if the experts ask u to run an app. called CWShredder after viewing your HJT log.

If u have any more concerns just post back.


snowbound

 

I'd appreciate your review of the following HijackThis log.
I have already run Spybot and deleted the problem files. Thank you in advance.
Jay

Logfile of HijackThis v1.97.7
Scan saved at 11:19:26 PM, on 6/17/04
Platform: Windows 95 a (Win9x 4.00.1212)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\PROGRAM FILES\NCASE\MSBB.EXE
C:\WINDOWS\RunDLL.EXE
C:\PROGRAM FILES\OUTLOOK\OFFICE\OSA.EXE
C:\PROGRAM FILES\OUTLOOK\OFFICE\FINDFAST.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\KBDTRAY.EXE
C:\WINDOWS\DESKTOP\SPYWARE\HIJACK\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_16_0.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_16_0.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [XupiterStartup] C:\Program Files\Xupiter\XupiterStartup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [stcloader] C:\WINDOWS\SYSTEM\stcloader.exe
O4 - HKLM\..\Run: [msbb] C:\PROGRAM FILES\NCASE\MSBB.EXE
O4 - HKLM\..\Run: [cjuzonef] C:\WINDOWS\cjuzonef.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - Startup: Office Startup.lnk = C:\Program Files\outlook\Office\OSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\outlook\Office\FINDFAST.EXE
O4 - Startup: GapSDR.lnk = C:\Gap Kids\Gap Snow Day\GapSDR.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npswf32.dll
O13 - WWW. Prefix: http://
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {B10031B2-F184-4803-9A88-D239C0641D70} - http://ax.180solutions.com/Installer/180SAInstaller.cab

 

Please review this Log

Please review the previously submitted log.
thank you

 

Hi jkassabian,

Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

O4 - HKLM\..\Run: [XupiterStartup] C:\Program Files\Xupiter\XupiterStartup.exe

O4 - HKLM\..\Run: [stcloader] C:\WINDOWS\SYSTEM\stcloader.exe
O4 - HKLM\..\Run: [msbb] C:\PROGRAM FILES\NCASE\MSBB.EXE
O4 - HKLM\..\Run: [cjuzonef] C:\WINDOWS\cjuzonef.exe

O16 - DPF: {B10031B2-F184-4803-9A88-D239C0641D70} - http://ax.180solutions.com/Installer/180SAInstaller.cab

Then reboot and delete:
C:\WINDOWS\SYSTEM\stcloader.exe
C:\PROGRAM FILES\NCASE <= entire folder
C:\WINDOWS\cjuzonef.exe

Too bad all the cr@pware runs on 95 and most of the good protection doesn't.
Try safe surfing:
Why did I get infected in the first place

Regards,

Pieter

 

Pieter-
As usual, thanks for your help.

Jay