please check

Dorian · #1 11-05-2004, 09:01 PM

Hello,

I've run a trojan scan twice now, and it keeps hanging up in the same spot. Could you check my hj log please, and let me know if there is something going on. Thanks.

Dorian

Logfile of HijackThis v1.98.2
Scan saved at 6:57:18 PM, on 11/5/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSHWIN32.EXE
C:WINDOWSSYSTEMWINMODEM.101wmexe.exe
C:WINDOWSSYSTEMMSTASK.EXE
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANWEBSCANX.EXE
C:WINDOWSSYSTEMZONELABSVSMON.EXE
C:WINDOW***PLORER.EXE
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSSTAT.EXE
C:OPLIMITOCRAWARE.EXE
C:WINDOWSSTARTER.EXE
C:OPLIMITOCRAWR32.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMATICWD32.EXE
C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANAVCONSOL.EXE
C:WINDOWSLOADQM.EXE
C:PROGRAM FILESZONE LABSZONEALARMZLCLIENT.EXE
C:PROGRAM FILESMICROSOFT HARDWAREMOUSEPOINT32.EXE
C:WINDOWSSYSTEMQTTASK.EXE
C:PROGRAM FILESMSWORKSCALENDARWKCALREM.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESBINARYBIZHABICHAT MESSENGERHABICHAT.EXE
C:WINDOWSNETDDE.EXE
C:PROGRAM FILESMOZILLA FIREFOXFIREFOX.EXE
C:WINDOWSSYSTEMWINOA386.MOD
C:UTILSWINZIPWINZIP32.EXE
C:WINDOWSTEMPHIJACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.newsmax.com/
F1 - win.ini: load=C:OPLIMITocraware.exe
O4 - HKLM..Run: [EnsoniqMixer] starter.exe
O4 - HKLM..Run: [Vshwin32EXE] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSHWIN32.EXE
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWStaskmon.exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM..Run: [AvconsoleEXE] C:Program FilesNetwork AssociatesMcAfee VirusScanavconsol.exe /minimize
O4 - HKLM..Run: [VsStatEXE] C:Program FilesNetwork AssociatesMcAfee VirusScanVSSTAT.EXE
O4 - HKLM..Run: [LoadQM] loadqm.exe
O4 - HKLM..Run: [McAfeeWebScanX] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANWebScanX.Exe
O4 - HKLM..Run: [Zone Labs Client] "C:Program FilesZone LabsZoneAlarmzlclient.exe"
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" -atboottime
O4 - HKLM..RunServices: [Vshwin32EXE] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANVSHWIN32.EXE
O4 - HKLM..RunServices: [winmodem] WINMODEM.101wmexe.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM..RunServices: [McAfeeWebScanX] C:PROGRAM FILESNETWORK ASSOCIATESMCAFEE VIRUSSCANWebScanX.Exe
O4 - HKLM..RunServices: [TrueVector] C:WINDOWSSYSTEMZONELABSVSMON.EXE -service
O4 - HKCU..Run: [Reminder] C:Program FilesMicrosoft MoneySystemreminder.exe
O4 - HKCU..Run: [Yahoo! Pager] C:Program FilesYahoo!Messengerypager.exe -quiet
O4 - HKCU..Run: [MSMSGS] "C:PROGRAM FILESMESSENGERMSMSGS.EXE" /background
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft OfficeFINDFAST.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:Program FilesMSWorksCalendarWKCALREM.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:PROGRAM FILESAIMAIM.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL
O12 - Plugin for .spop: C:PROGRA~1INTERN~1PluginsNPDocBox.dll
O16 - DPF: Yahoo! Chat - http://cs5.chat.sc5.yahoo.com/c381/chat.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

*Mobo* · #2 11-05-2004, 09:06 PM

Hi & welcome dorian:
Thats as clean as they come dorian so what you can do it clear all temp files . This is a simple batch file that will do alll that for you:

<span style="color:#CC0000">Open notepad and paste in the following lines:

del c: *.tmp
del %temp%*.tmp /f
del %windir%prefetch*.*
del %windir%temp*.* /f
del C:documents and settings*local settingstemp*.*

Save to desktop as 'clean.bat' , file types as 'all-files'.

DoubleClick on the icon, and say yes when prompted. </span>

then defrag the drive followed by rebooting then retry the scan..

Dorian · #3 11-05-2004, 09:22 PM

Great, thanks Scratz,I'll go do that.

I have a question about Mozilla, something that happend. Where can I ask about that?

Dorian

*Mobo* · #4 11-05-2004, 09:23 PM

Just start another thread here http://www.spyware911.net/forum/forumdispl...p?s=&forumid=13

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
periodic check up	ibrbrt	Spyware / Virus Removal	3	09-29-2005 06:27 PM
Hijack This Check	der	Spyware / Virus Removal	8	05-28-2005 08:27 PM
HiJack check up	der	Spyware / Virus Removal	9	03-19-2005 09:13 PM
HiJack this log check	Raistlfiren	Spyware / Virus Removal	2	12-16-2004 03:19 PM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)