My HijackThis Log

[akuMalawi]

Could you please help me with the HijacktThis file attached.
I'm running XP.
I could not open Windows Explorer and Internet Explorer so I went to Internet Options and disabled third party extensions.
Now Windows Explorer is opening but IE still wont get launched.

If I type in a url in Windows Explorer it loads the web page, But I cant launch IE from the desktop icon, run command, or start menu.

Thanks in advance

 

[RealBlackStuff]

Boot in Safe Mode.
Switch System restore OFF.
Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:
scrsvc.exe
bootpd.exe
000StTHK.exe

Next, run HJT on its own and let it 'fix' if there:
C:\WINNT\System32\scrsvc.exe
C:\WINNT\System32\bootpd.exe
C:\WINNT\System32\bootpd.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 196.10.0.2:80

ALL lines starting with: O1 - Hosts:

O2 - BHO: (no name) - {3E438185-C3E0-44E2-AF74-B1FF62C48FD5} - C:\WINNT\System32\agko.dll
O2 - BHO: (no name) - {5483427F-93B8-1470-5A89-E6B56484CDB2} - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winawckebqd.dll
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [scrsvc] C:\WINNT\System32\scrsvc.exe
O4 - HKLM\..\Run: [bootpd.exe] C:\WINNT\System32\bootpd.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.68/4NrsNfdKk-7TM6Uo.chm::/on-line.exe
O18 - Filter: text/html - {E3BC895D-872D-465E-9B8D-D4EB9BF8D0B0} - C:\WINNT\System32\agko.dll
O18 - Filter: text/plain - {E3BC895D-872D-465E-9B8D-D4EB9BF8D0B0} - C:\WINNT\System32\agko.dll

When done, delete the highlighted bold files.
Delete ALL files and/or subdirectories from: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
Boot normal. When all OK, switch System Restore back on.

You should then consider installing XP-SP1, and probably a whole load more web-updates.
Do NOT install SP2 if you don't have any good backup-strategy.

 

[akuMalawi]

It worked

Thanks a lot it worked.
I noticed you use win2k. Any particular reason why (security wise).
I'm wondering if upgrading to XP was a good idea after all.

 

[RealBlackStuff]

I don't like Fisher-Price style programs, and I don't like a program or OS that you have to activate everytime you make a change to your hardware. I also consider XP highly unstable, which is confirmed by the myriads of problems that people have with XP. Just browse around on this forum alone, it is frightening.
My install of W2K actually dates from October 2002. I've done all the Service Packs and all the MS-updates. It just never breaks down, at least with my type of computing. I take regular images, just in case, and in all these years I had to do a restore only twice, and that was due to some lousy software that I installed.
Otherwise W2K is rock-solid. I never had any security issues, what with a router-cum-firewall, an Antivirus program and a software firewall. I have a 1MB wireless broadband connection that cannot be compromised, using Israeli encryption-technique.
Hope this answer satisfies.