I think I've been Hijacked

Status
Not open for further replies.
D

drmajcher

Solid State Member
Messages
19
Programs are running funny. Webpages are delayed in coming in. I've got a good suspision that I've been Hijacked. Below is my Hijack This ! Log file -- any help would be much appreciated

Thanks,

drmajcher


Logfile of HijackThis v1.99.0
Scan saved at 3:14:39 PM, on 3/12/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TWAIN_32\PAPRPORT\3100BUSB\FLATBED.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\HIJACK\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69:136.241.91:05
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SZMsgSvc.exe] C:\STOPzilla!\SZMsgSvc.exe
O4 - HKLM\..\Run: [PP3100B] C:\WINDOWS\twain_32\paprport\3100bUSB\flatbed.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\REAL\REALJUKEBOX\tsystray.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O16 - DPF: Java AS400 Display (ASD) - http://www.co.kent.de.us/w2hlegacy/java/wdasd.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
 
Your log is clean. The only questionable items are dealing with this file KB891711.EXE but it's legit as it's part of the MS891711 update. If you install that patch manually..it won't run as a startup item. Nothing to worry about though.
 
Well, maybe that Security Update to IE6 is what's making things run funny. I got that Security Update on 3/9/05 and since then things have run slow and I'm not able to use DeepBurner properly.

Another thing I should mention is that I have IE6 set to check for Critical Updates and for about a month now, it keeps finding and installing the same update (823559) on a daily basis. Which must mean the update isnt getting properly installed onto IE6.

I wish I knew how to perform a manual installation but I'm clueless.

Any help would be most appreciated.

drmajcher
 
And with support to Windows 98 set to expire soon, (soon being a year from now) Windows 98, Windows 98 Second Edition, and Windows Millennium Support Extended

Updated Clarification on the Windows 98, Windows 98 Second Edition, and Windows Millennium Support Extended Announcement
Microsoft is pleased to announce a clarification in our extended security update support for Windows 98, Windows 98 Second Edition, and Windows Millennium (Me) Editions forcritical security issues
Click to expand...

Key Dates:


Paid incident support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition (Me) is available through June 30, 2006.
Critical security updates will be provided on the Windows Update site through June 30, 2006.
Customers may request non-critical security fixes for Windows 98, Windows 98 Second Edition, Windows Me, and the most current version of their components until June 30, 2006 through typical assisted-support channels.
Windows 98, Windows 98 Second Edition, and Windows Me downloads for existing security issues will continue to be available through regular assisted-support channels at no charge until June 30, 2006.
No-charge incident support and extended hotfix support for Windows 98 and Windows 98 Second Edition ended on June 30, 2003.
No-charge incident support and extended hotfix support for Windows Me ended on December 31, 2003.
Online self-help support will be available until at least June 30, 2007.
Click to expand...

Details:
Windows 98 and Windows 98 Second Edition support was scheduled to end on January 16, 2004.
Click to expand...

Plus, how long have you had your computer? And can you download this program: EVEREST Home Edition Then click on Reports at the top and click Report Wizard...I need a FULL report, plain test sent to me at the address in my profile, do NOT post it here. Once you see what it says, you will understand why I say do NOT post it here. Liz
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
Back
Top Bottom