Don't use this phrase (HIJACK) on an airplane!!!

geef · #1 March 5th, 2005, 04:17 AM

Here's a logfile of "Hijack This" that I just generated on my other system (which has been infected with JS.Trojan.Downloader.1stBar.A and Trojan.Downloader.Agent.Z)...can anybody please help me...aside from suggesting that I use a little stick of C-4!!

Logfile of HijackThis v1.99.1
Scan saved at 7:18:12 PM, on 04/03/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SOFTWIN\BITDEFENDER SCAN SERVER\BDSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\BITDEFENDER FREE EDITION\BDMCON.EXE
C:\WINDOWS\MIXER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\SYSTEM UTILITIES\TASKILL.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\lnvke.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http:\\www.google.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\lnvke.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\lnvke.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http:\\www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\lnvke.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\lnvke.dll/sp.html#28129
R3 - Default URLSearchHook is missing
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Class - {F10F8EB6-B1E9-98BF-CE41-ABBFCC10B30C} - C:\WINDOWS\SYSTEM\ADDYB.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [BDMCon] C:\BITDEF~1\BDMCON.EXE
O4 - HKLM\..\Run: [BDNewsAgent] C:\BITDEFENDER FREE EDITION\bdnagent.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\RunOnce: [washindex] C:\washer\washidx.exe "$ñ@®¹÷¿|ä~"
O4 - HKCU\..\Run: [Washer] C:\washer\washer.exe /0
O4 - HKCU\..\RunOnce: [washindex] C:\washer\washidx.exe "$ñ@®¹÷¿|ä~"
O4 - HKCU\..\RunServicesOnce: [washindex] C:\washer\washidx.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) - http://www.streamingfaith.com/common...INIBrowser.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com...ll/xscan60.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab

ANY help anybody can provide will be greatly appreciated..thanks.

**degsy** · #2 March 5th, 2005, 04:45 AM

Quote:

Don't use this phrase (HIJACK) on an airplane!!!

or in the Windows 98 Forum

geef · #3 March 5th, 2005, 05:03 AM

Obviously, somebody can't see through a facetious remark, and I've wasted my time as a result. I thought this was a place where I might receive some advice...but obviously not. I'll kindly post no more threads...especially those of the type that could be seen as a search for help...GEEF

**degsy** · #4 March 5th, 2005, 05:07 AM

If you notice your thread was moved to the Cyber Safety forum where HijackThis logs are analyzed.

Similar Topics
Topic	Topic Starter	Forum	Replies	Last Post
Airplane Mode	kuzzz	Networking	16	August 29th, 2020 04:31 PM
Auto Place a a phrase in Access 2003	Harleyitekaty	Applications	0	June 2nd, 2008 02:57 PM
Windows Airplane	warken	Jokes Forum	3	December 11th, 2006 10:53 PM
If OS's were airplane companies...	MainFrame	Jokes Forum	0	March 12th, 2004 02:29 PM
Take The Test , And Find The Phrase.	bullybeef	Open Discussion	51	November 16th, 2000 08:27 PM