May 3, 200521 yr Im posting this for a friend who got hacked\keylogged\whatever. Anyone see something wrong in this? Logfile of HijackThis v1.99.1 Scan saved at 13:59:24, on 03/05/2005 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v5.50 (5.50.4134.0100) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\SPOOL32[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\MPREXE[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\MSTASK[Caution: ExecutableFile] C:\PROGRAM FILES\ESCAN\AVKWCTL9X[Caution: ExecutableFile] C:\PROGRAM FILES\ESCAN\TRAYICOS[Caution: ExecutableFile] C:\PROGRAM FILES\ESCAN\AVKSERV[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\RESTORE\STMGR[Caution: ExecutableFile] C:\WINDOWS\EXPLORER[Caution: ExecutableFile] C:\WINDOWS\TASKMON[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\SYSTRAY[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\WMIEXE[Caution: ExecutableFile] C:\WINDOWS\LOADQM[Caution: ExecutableFile] C:\PROGRAM FILES\ESCAN\MAILDISP[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\WINOA386.MOD C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR[Caution: ExecutableFile] C:\PROGRAM FILES\ESCAN\SPOOLER[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\DDHELP[Caution: ExecutableFile] C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\STIMON[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\PSTORES[Caution: ExecutableFile] C:\MY DOCUMENTS\MY RECEIVED FILES\HIJACKTHIS(1)[Caution: Executable File] O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw[Caution: ExecutableFile] /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon[Caution: ExecutableFile] O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd[Caution: ExecutableFile] -s O4 - HKLM\..\Run: [systemTray] SysTray[Caution: ExecutableFile] O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32[Caution: ExecutableFile] powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [MailScan Dispatcher] "C:\Program Files\eScan\LAUNCH[Caution: ExecutableFile]" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LoadQM] loadqm[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32[Caution: ExecutableFile] powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [eScan Monitor] C:\PROGRA~1\ESCAN\AVKWCT~1[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [eScan Updater] C:\PROGRA~1\ESCAN\TRAYICOS[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [eScan Scheduler] C:\PROGRA~1\ESCAN\avkserv[Caution: ExecutableFile] /systemstart O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O10 - Broken Internet access because of LSP provider 'mwnsp.dll' missing O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/c ... /wt1_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/c ... pote_x.cab O21 - SSODL: OLE Module - {0BC9BC01-54D4-4CCE-2B7D-955164314CD4} - C:\WINDOWS\SYSTEM\trf32.dll [Ellhound JR][Combat [bleep]][138][200M Attack XP][134/200M Hitpoints XP][250+ jad kills][ <!-- m -->http://www.ellhound.com<!-- m -->]
May 3, 200521 yr firstly have your friend go to windows update You have no service packs or the latest version of internet explorer. windowsupdate.microsoft.com and install all ctrical updates even if your friend does not use internet explorer, you still need to have the latest version.
Create an account or sign in to comment