I can't access pages on the internet like i used to. This is windows 95. I know, I know, I know, I'll take this (updated) broken computer on the floor to the shop. Thanks in advance.


Logfile of HijackThis v1.99.1
Scan saved at 01:46:50 AM, on 7/2/06
Platform: Windows 95 B (Win9x 4.00.1212)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\MSWHEEL.EXE
C:\PROGRAM FILES\MS HARDWARE\POINT32.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NETSHOW SERVICES\TOOLS\REXPROXY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.usatoday.com/
F1 - win.ini: run=c:\DELL\WINBATCH.EXE
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [Disknag] C:\DELL\DISKNAG.EXE
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [MSWHEEL] C:\WINDOWS\SYSTEM\mswheel.exe
O4 - HKLM\..\Run: [POINTER] C:\PROGRA~1\MSHARD~1\point32.exe
O4 - HKLM\..\Run: [TIPS] C:\PROGRA~1\MSHARD~1\tips\mouse\tips.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVComs] c:\windows\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\RunServices: [McAfeeWebScanX] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\WebScanX.Exe /RUNSERVICES
O4 - Startup: Microsoft Office.lnk = c:\WINDOWS\Application Data\Microsoft\Installer\{00010409-78E1-11D2-B60F-006097C998E7}\misc.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NetShow PowerPoint Helper.lnk = C:\Program Files\NetShow Services\Tools\nsppthlp.exe
O12 - Plugin for .dcr: C:\Program Files\Netscape\Navigator\Program\PLUGINS\NP32DSW.DLL
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O13 - WWW. Prefix: http://
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab

Hello and welcome to the forum. I will say I have seen a log from one other W95 machine and I am making no promises. I do see junk that should not be there, if it works it works. I want to say I can understand your passion for these older operating systems having a Windows 98SE box, but with Microsoft not providing any support and the critical updates long since unavailable, it is cyber-suicide to even take the computer online.

Can you validate that this is a safe program?
O4 - HKLM\..\Run: [TIPS] C:\PROGRA~1\MSHARD~1\tips\mouse\tips.exe

Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

O13 - WWW. Prefix: http://
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) -http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab
MediaGatewayX

Close all programs but HJT and all browser windows, then click on "Fix Checked"

Restart the computer and post a new HJT log, let me know if that helps, that 016 is a real nasty adware item, kind of junk you will pick up if you go online.

Thanks...pskelley
Safer Networking Forums

I deleted
Can you validate that this is a safe program?
O4 - HKLM\..\Run: [TIPS] C:\PROGRA~1\MSHARD~1\tips\mouse\tips.exe
This anyway

So you saying I'm cutting my throat going online with this system?

Logfile of HijackThis v1.99.1
Scan saved at 12:43:37 AM, on 7/3/06
Platform: Windows 95 B (Win9x 4.00.1212)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\MSWHEEL.EXE
C:\PROGRAM FILES\MS HARDWARE\POINT32.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NETSHOW SERVICES\TOOLS\REXPROXY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.usatoday.com/
F1 - win.ini: run=c:\DELL\WINBATCH.EXE
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [Disknag] C:\DELL\DISKNAG.EXE
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [MSWHEEL] C:\WINDOWS\SYSTEM\mswheel.exe
O4 - HKLM\..\Run: [POINTER] C:\PROGRA~1\MSHARD~1\point32.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVComs] c:\windows\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\RunServices: [McAfeeWebScanX] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\WebScanX.Exe /RUNSERVICES
O4 - Startup: Microsoft Office.lnk = c:\WINDOWS\Application Data\Microsoft\Installer\{00010409-78E1-11D2-B60F-006097C998E7}\misc.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NetShow PowerPoint Helper.lnk = C:\Program Files\NetShow Services\Tools\nsppthlp.exe
O12 - Plugin for .dcr: C:\Program Files\Netscape\Navigator\Program\PLUGINS\NP32DSW.DLL
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll

Let me rephrase that, icrosoft is phasing out updating old systems, I would correspond with them if you have specific questions. I understand they are done updating W98/ME and WinXpSP1 will not long receive updates after I believe 10/6/2006. As far as I know Win95 was discontinued sometime in the past. I can't really say how secure your ystem is, having no knowledge of it myself. I do see you are using an old version of Internet Exployer and I understand it is less secure than 6.0 and a new version is in the Beta stage but I do not know if it will run on Win95.
Here is a link: http://support.microsoft.com/

This information may or may not apply to your Operating System:
Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://boards.cexx.org/viewtopic.php?t=957
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

http://forums.spybot.info/showthread.php?t=5528 7/2 strategy101

Safe surfing...tashi:) will close your topic within a few days.

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.

Let me add to the information pskelley has already given.

As he mentioned, Windows 95 hasn't had any support from Microsoft for a few years. The Internet Explorer v5.51 SP2 version was the last that would work with Win 95 and also hasn't been supported for a couple years. The following article in the Spybot forum mentions that even Spybot can't guarantee anything with an unsupported OS.
http://forums.spybot.info/showthread.php?p=25958#post25958

Basically, you are operating with the computer equivalent of cloth while the bad guys are shooting armor pentrating bullets at you. I'd have to agree with your 'cutting my throat' analogy. If you even click once on a spyware infested web site, you'll have everything it can offer in seconds.

Since at this point Windows 98/ME are also ending MS support next week (July 11th), I'd recommend skipping right to Windows XP on a current PC. Then, if you wish, you will have the option to upgrade to Windows Vista when that finally releases.

Bitman

Im Glad we could help
Since the problems are solved Im going to close the topic now, this keeps others with similar problems from posting there logs/question here, they should start a new topic.