Thread: please check
View Single Post
  #1  
Old 11-05-2004, 10:01 PM
Dorian Dorian is offline
Junior Member
  
Join Date: Nov 2004
Posts: 25
please check
Hello,

I've run a trojan scan twice now, and it keeps hanging up in the same spot. Could you check my hj log please, and let me know if there is something going on. Thanks.

Dorian

Logfile of HijackThis v1.98.2
Scan saved at 6:57:18 PM, on 11/5/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSHWIN32.EXE
C:WINDOWSSYSTEMWINMODEM.101wmexe.exe
C:WINDOWSSYSTEMMSTASK.EXE
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANWEBSCANX.EXE
C:WINDOWSSYSTEMZONELABSVSMON.EXE
C:WINDOW***PLORER.EXE
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSSTAT.EXE
C:OPLIMITOCRAWARE.EXE
C:WINDOWSSTARTER.EXE
C:OPLIMITOCRAWR32.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMATICWD32.EXE
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANAVCONSOL.EXE
C:WINDOWSLOADQM.EXE
C:PROGRAM FILESZONE LABSZONEALARMZLCLIENT.EXE
C:PROGRAM FILESMICROSOFT HARDWAREMOUSEPOINT32.EXE
C:WINDOWSSYSTEMQTTASK.EXE
C:PROGRAM FILESMSWORKSCALENDARWKCALREM.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESBINARYBIZHABICHAT MESSENGERHABICHAT.EXE
C:WINDOWSNETDDE.EXE
C:PROGRAM FILESMOZILLA FIREFOXFIREFOX.EXE
C:WINDOWSSYSTEMWINOA386.MOD
C:UTILSWINZIPWINZIP32.EXE
C:WINDOWSTEMPHIJACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.newsmax.com/
F1 - win.ini: load=C:OPLIMITocraware.exe
O4 - HKLM..Run: [EnsoniqMixer] starter.exe
O4 - HKLM..Run: [Vshwin32EXE] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSHWIN32.EXE
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWStaskmon.exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM..Run: [AvconsoleEXE] C:Program FilesNetwork AssociatesMcAfee VirusScanavconsol.exe /minimize
O4 - HKLM..Run: [VsStatEXE] C:Program FilesNetwork AssociatesMcAfee VirusScanVSSTAT.EXE
O4 - HKLM..Run: [LoadQM] loadqm.exe
O4 - HKLM..Run: [McAfeeWebScanX] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANWebScanX.Exe
O4 - HKLM..Run: [Zone Labs Client] "C:Program FilesZone LabsZoneAlarmzlclient.exe"
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" -atboottime
O4 - HKLM..RunServices: [Vshwin32EXE] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSHWIN32.EXE
O4 - HKLM..RunServices: [winmodem] WINMODEM.101wmexe.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM..RunServices: [McAfeeWebScanX] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANWebScanX.Exe
O4 - HKLM..RunServices: [TrueVector] C:WINDOWSSYSTEMZONELABSVSMON.EXE -service
O4 - HKCU..Run: [Reminder] C:Program FilesMicrosoft MoneySystemreminder.exe
O4 - HKCU..Run: [Yahoo! Pager] C:Program FilesYahoo!Messengerypager.exe -quiet
O4 - HKCU..Run: [MSMSGS] "C:PROGRAM FILESMESSENGERMSMSGS.EXE" /background
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft OfficeFINDFAST.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:Program FilesMSWorksCalendarWKCALREM.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:PROGRAM FILESAIMAIM.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL
O12 - Plugin for .spop: C:PROGRA~1INTERN~1PluginsNPDocBox.dll
O16 - DPF: Yahoo! Chat - http://cs5.chat.sc5.yahoo.com/c381/chat.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
Reply With Quote