Latest highjack this log (just to be sure)

Pyotr · 05-29-2005, 04:52 PM

I THINK I got rid of nail, but you guys might as well have a look and see if there's anything weird here.

After all, you know more than me.

**Buzz1927** · 05-29-2005, 05:11 PM

Looks clean. Is it running ok?

Pyotr · 05-29-2005, 07:40 PM

It's running great, just wanted to make sure. Should clean some adware and stuff, but other than that, I'm ok. Thanks.

**Buzz1927** · 05-29-2005, 07:52 PM

Quote:

It's running great

Good to hear it. A regular scan should (hopefully) keep you clean.

percy · 06-16-2005, 02:19 AM

I am a new member. I am sorry if I have done anything wrong putting this message here but I am frustrated in not being able to do anything. I want to put a log file on to see if someone can help me but am lost. Could you please point me in the right direction
Thanks
Laurie

**Byteman** · 06-16-2005, 02:28 AM

Yup, first, follow the instructions in this sticky, then post a log (keep in mind the tips for doing so in this sticky).

percy · 06-16-2005, 03:12 AM

Thank you very much for your help and your speed of reply. I will try what you have told me.
Laurie

**Praetor** · 06-16-2005, 07:09 AM

Some little stuff that can prolly go
C:\Program\Java\jre1.5.0_02\bin\jusched.exe
C:\Program\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\ATI Technologies\ATI.ACE\CLI.exe
C:\Program\Java\jre1.5.0_02\bin\javaw.exe

percy · 06-16-2005, 10:16 AM

I'm new so please accept my apologies if I am doing anything wrong.
This is my computer
Operating System System Model
Windows Millennium Edition (build 4.90.3000) No details available
Processor a Main Circuit Board b
1.80 gigahertz AMD Athlon XP
128 kilobyte primary memory cache
256 kilobyte secondary memory cache Board: Gigabyte Technology Co.,
Ltd. 7VKMLS 1.x
Bus Clock: 133 megahertz
BIOS: American Megatrends Inc. 07.00T 11/25/2002
Drives Memory Modules c,d
120.01 Gigabytes Usable Hard Drive Capacity
112.18 Gigabytes Hard Drive Free Space

LITE-ON LTR-52246S [CD-ROM drive]
PIONEER DVD-RW DVR-106D [CD-ROM drive]
Generic floppy disk drive (3.5")

USB BAR [Hard drive] (130 MB) -- drive 2, rev 1.89
WDC WD400BB-00DEA0 [Hard drive] (40.02 GB) -- drive 1, s/n
WD-WMAD1D113225, rev 05.03E05, SMART Status: Healthy
WDC WD800BB-00FRA0 [Hard drive] (80.03 GB) -- drive 0, s/n
WD-WCAJD1934457, rev 77.07W77, SMART Status: Healthy 352 Megabytes
Installed Memory

Slot '0' has 256 MB
Slot '1' has 128 MB
Local Drive Volumes

c: (on drive 0)40.01 GB34.39 GB free
d: (on drive 1)8 MB8 MB free
e: (on drive 0)40.00 GB38.26 GB free
f: (on drive 1)40.00 GB39.51 GB free

Network Drives
None detected
Users Printers
No details available Canon Bubble-Jet BJ-10eon LPT1:
Canon i865on LPT1:
Canon i865on USBPRN01

Controllers Display
Standard Floppy Disk Controller
Primary IDE controller (dual fifo)
Secondary IDE controller (dual fifo)
VIA Bus Master PCI IDE Controller S3 Graphics ProSavageDDR [Display
adapter]
LGE 700S [Monitor] (16.3"vis, May 2003)
Bus Adapters Multimedia
OPTi 82C861 PCI to USB Open Host Controller
VIA Tech 3038 PCI to USB Universal Host Controller
VIA Tech 3038 PCI to USB Universal Host Controller Avance AC'97
Audio for VIA (R) Audio Controller
Gameport Joystick (no joystick connected)
MPU-401 Compatible MIDI Device
Communications Other Devices
Realtek RTL8139(A) PCI Fast Ethernet Adapter
USB To Ethernet/ Long Distance Phone Line Adapter
Network Card MAC Address: 00:08:54

3:2D:4B
Network IP Address: 192.168.1.17 / 24 Standard 101/102-Key or
Microsoft Natural Keyboard
Microsoft PS/2 Port Mouse
USB Disk
Canon i865
Generic USB Hub
USB Mass Storage Device
USB Root Hub
USB Root Hub
USB Root Hub
Virus Protection
Norton AntiVirus Version 11.00
Virus Definitions Version 8/06/2005 Rev 23
Last Disk Scan on Monday, 13 June 2005 2:53:43 PM

Installed Microsoft Hotfixes [Back to Top]
DataAccess
Q329414-25 on 24/04/2005 (details...)
KB870669 (details...)
Internet Explorer
SP1 (SP1)
Q833989 (details...)
Q837009 (details...)
Q887797 (details...)
Q890923 (details...)
Q891781 (details...)
Windows Media Player
WM308567 (details...)
WM828026 (details...)
WinME
UPD273017 (details...)
UPD273991 (details...)
WinME (continued)
UPD290700 (details...)
UPD311311 (details...)
UPD323172 (details...)
UPD323255 (details...)
UPD329048 (details...)
UPD329115 (details...)
UPD811630 (details...)
UPD812709 (details...)
UPDQ823559 (details...)
UPD825119 (details...)
UPD840315 (details...)
UPD888113 (details...)
UPD890175 (details...)
UPD891711 (details...)

This is my Hijack This log file
Logfile of HijackThis v1.99.1
Scan saved at 7:58:35 PM, on 16/06/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HELPCTR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.1.1:3128
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [NBJ] "C:\PROGRAM FILES\AHEAD\NERO BACKITUP\NBJ.EXE"
O4 - HKCU\..\Run: [AntiSpyware7] "C:\Program Files\Steganos AntiSpyware 7\ASPY7.EXE" /0
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab

Could anyone tell me if I have any problems
Thank you
Percy

**apj101** · 06-16-2005, 10:32 AM

clean, your good to go.

06-16-2005, 02:28 AM	#6 (permalink)
Byteman Malware Destroyer Join Date: Apr 2005 Location: Hurricane Heaven... still Posts: 1,093	Yup, first, follow the instructions in this sticky, then post a log (keep in mind the tips for doing so in this sticky). __________________ Don't byte off more than you can chew...

06-16-2005, 07:09 AM	#8 (permalink)
Praetor Administrator Join Date: Jul 2004 Location: Canada Age: 24 Posts: 19,900	Some little stuff that can prolly go C:\Program\Java\jre1.5.0_02\bin\jusched.exe C:\Program\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\ATI Technologies\ATI.ACE\CLI.exe C:\Program\Java\jre1.5.0_02\bin\javaw.exe __________________ ASUS P5K Premium WiFi-AP, Q6600@3.7 / ASUS P5ND, E6400@3.8 4GB OCz Platinum XTC 8500 / 4GB CorsairXMS2 6400 5x500GB Seagate 7200.10 / 2x500 Seagate 7200.10 OCz 8800GTX 768MB @ 630/800 / 2x Galaxy 8800GT SLI

06-16-2005, 10:16 AM	#9 (permalink)
percy New Member Join Date: Jun 2005 Location: Australia Posts: 4	I'm new so please accept my apologies if I am doing anything wrong. This is my computer Operating System System Model Windows Millennium Edition (build 4.90.3000) No details available Processor a Main Circuit Board b 1.80 gigahertz AMD Athlon XP 128 kilobyte primary memory cache 256 kilobyte secondary memory cache Board: Gigabyte Technology Co., Ltd. 7VKMLS 1.x Bus Clock: 133 megahertz BIOS: American Megatrends Inc. 07.00T 11/25/2002 Drives Memory Modules c,d 120.01 Gigabytes Usable Hard Drive Capacity 112.18 Gigabytes Hard Drive Free Space LITE-ON LTR-52246S [CD-ROM drive] PIONEER DVD-RW DVR-106D [CD-ROM drive] Generic floppy disk drive (3.5") USB BAR [Hard drive] (130 MB) -- drive 2, rev 1.89 WDC WD400BB-00DEA0 [Hard drive] (40.02 GB) -- drive 1, s/n WD-WMAD1D113225, rev 05.03E05, SMART Status: Healthy WDC WD800BB-00FRA0 [Hard drive] (80.03 GB) -- drive 0, s/n WD-WCAJD1934457, rev 77.07W77, SMART Status: Healthy 352 Megabytes Installed Memory Slot '0' has 256 MB Slot '1' has 128 MB Local Drive Volumes c: (on drive 0)40.01 GB34.39 GB free d: (on drive 1)8 MB8 MB free e: (on drive 0)40.00 GB38.26 GB free f: (on drive 1)40.00 GB39.51 GB free Network Drives None detected Users Printers No details available Canon Bubble-Jet BJ-10eon LPT1: Canon i865on LPT1: Canon i865on USBPRN01 Controllers Display Standard Floppy Disk Controller Primary IDE controller (dual fifo) Secondary IDE controller (dual fifo) VIA Bus Master PCI IDE Controller S3 Graphics ProSavageDDR [Display adapter] LGE 700S [Monitor] (16.3"vis, May 2003) Bus Adapters Multimedia OPTi 82C861 PCI to USB Open Host Controller VIA Tech 3038 PCI to USB Universal Host Controller VIA Tech 3038 PCI to USB Universal Host Controller Avance AC'97 Audio for VIA (R) Audio Controller Gameport Joystick (no joystick connected) MPU-401 Compatible MIDI Device Communications Other Devices Realtek RTL8139(A) PCI Fast Ethernet Adapter USB To Ethernet/ Long Distance Phone Line Adapter Network Card MAC Address: 00:08:543:2D:4B Network IP Address: 192.168.1.17 / 24 Standard 101/102-Key or Microsoft Natural Keyboard Microsoft PS/2 Port Mouse USB Disk Canon i865 Generic USB Hub USB Mass Storage Device USB Root Hub USB Root Hub USB Root Hub Virus Protection Norton AntiVirus Version 11.00 Virus Definitions Version 8/06/2005 Rev 23 Last Disk Scan on Monday, 13 June 2005 2:53:43 PM Installed Microsoft Hotfixes [Back to Top] DataAccess Q329414-25 on 24/04/2005 (details...) KB870669 (details...) Internet Explorer SP1 (SP1) Q833989 (details...) Q837009 (details...) Q887797 (details...) Q890923 (details...) Q891781 (details...) Windows Media Player WM308567 (details...) WM828026 (details...) WinME UPD273017 (details...) UPD273991 (details...) WinME (continued) UPD290700 (details...) UPD311311 (details...) UPD323172 (details...) UPD323255 (details...) UPD329048 (details...) UPD329115 (details...) UPD811630 (details...) UPD812709 (details...) UPDQ823559 (details...) UPD825119 (details...) UPD840315 (details...) UPD888113 (details...) UPD890175 (details...) UPD891711 (details...) This is my Hijack This log file Logfile of HijackThis v1.99.1 Scan saved at 7:58:35 PM, on 16/06/2005 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HELPCTR.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.1.1:3128 O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe" O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKCU\..\Run: [NBJ] "C:\PROGRAM FILES\AHEAD\NERO BACKITUP\NBJ.EXE" O4 - HKCU\..\Run: [AntiSpyware7] "C:\Program Files\Steganos AntiSpyware 7\ASPY7.EXE" /0 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab Could anyone tell me if I have any problems Thank you Percy

06-16-2005, 10:32 AM	#10 (permalink)
apj101 Administrator Join Date: Apr 2005 Location: London Age: 26 Posts: 8,876	clean, your good to go. __________________ What did one snow man say to the other? can you smell carrot? The fight is won or lost far away from witnesses - behind the lines, in the gym, and out there on the road, long before I dance under those lights. How you do anything, is how you do everything!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

05-29-2005, 05:11 PM	#2 (permalink)
Buzz1927 Slyware Assassin Join Date: May 2005 Location: Melbourne AU Posts: 5,808	Looks clean. Is it running ok?

05-29-2005, 07:40 PM	#3 (permalink)
Pyotr Gold Member Join Date: Sep 2004 Posts: 376	It's running great, just wanted to make sure. Should clean some adware and stuff, but other than that, I'm ok. Thanks.

06-16-2005, 02:19 AM	#5 (permalink)
percy New Member Join Date: Jun 2005 Location: Australia Posts: 4	I am a new member. I am sorry if I have done anything wrong putting this message here but I am frustrated in not being able to do anything. I want to put a log file on to see if someone can help me but am lost. Could you please point me in the right direction Thanks Laurie

06-16-2005, 03:12 AM	#7 (permalink)
percy New Member Join Date: Jun 2005 Location: Australia Posts: 4	Thank you very much for your help and your speed of reply. I will try what you have told me. Laurie