Re: Would you kindly look at this Hijack-this log ?

From: Frank (Frank429_at_nospam.net)
Date: 02/07/04


Date: Sat, 07 Feb 2004 11:20:40 GMT

On 7 Feb 2004 00:55:56 -0800, yosponge@yahoo.com (sponge) wrote:

>>On Fri, 06 Feb 2004 11:11:58 GMT, Frank429@nospam.net (Frank) wrote:
>>
>>>Logfile of HijackThis v1.97.7
>>>
>>>Could some kind person check out the following HijackThis log file
>>and
>>>tell me what to "fix"? Some .exe files there look suspicious.. Many
>>>thanks in advance....
>>>
>>>Scan saved at 11:07:54, on 02/06/04
>>>Platform: Windows 98 SE (Win9x 4.10.2222A)
>>>MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>>>
>>>Running processes:
>>>C:\WINDOWS\SYSTEM\KERNEL32.DLL
>>>C:\WINDOWS\SYSTEM\MSGSRV32.EXE
>>>C:\WINDOWS\SYSTEM\MPREXE.EXE
>>>C:\WINDOWS\SYSTEM\mmtask.tsk
>>>C:\WINDOWS\SYSTEM\MSTASK.EXE
>>>C:\PROGRAM FILES\KERIO FIREWALL\PERSONAL FIREWALL 4\KPF4SS.EXE
>>>C:\PROGRAM FILES\ANTIVIRUS\AVG\AVGSERV9.EXE
>>>C:\WINDOWS\EXPLORER.EXE
>>>C:\PROGRAM FILES\KERIO FIREWALL\PERSONAL FIREWALL 4\KPF4GUI.EXE
>>
>>I see you are running Kerio 4. If you are one of the (very) few who
>>have gotten it to work without issues, good. Otherwise, I strongly
>>suggest going back to Kerio 2.1.5.
>>
>>If you did not purchase the "full" version of KPF4, all you're going
>>to be left with is the packet filter after the trial period expires
>>anyway, and a buggy one at that.
>>
>>>C:\WINDOWS\SYSTEM\SYSTRAY.EXE
>>>C:\WINDOWS\TASKMON.EXE
>>>C:\PROGRAM FILES\ANTIVIRUS\AVG\AVGCC32.EXE
>>>C:\WINDOWS\SYSTEM\RNAAPP.EXE
>>>C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE\OPWARE32.EXE
>>>C:\WINDOWS\SYSTEM\TAPISRV.EXE
>>>C:\WINDOWS\SYSTEM\STIMON.EXE
>>>C:\WINDOWS\TEMP\~VIS0000\FSG_4104.EXE
>>
>>Looks like the installer for the Gator trojan. Definitely remove this
>>and run both Ad-Aware and SpyBot to ensure your system is clean.
>>
>>>F:\SMALLPROGS\12GHOSTSQ\12QUICK.EXE
>>>C:\WINDOWS\SYSTEM\WMIEXE.EXE
>>>C:\WINDOWS\TEMP\HIJACKTHIS.EXE
>>
>>Otherwise, good. And, as long as you don't use Outlook or Internet
>>Explorer (or harden it to the point where it's almost useless), and as
>>long as you don't go clicking attachments to messages or downloading
>>suspect software, you will probably stay clean.
>>
>>Sponge
>>Sponge's Secure Solutions
>>www.geocities.com/yosponge
>>My new email: yosponge2 att yahoo dott com

Many thanks! Yes, indeed, I have had some problems after installing
Kerio 4. I will try to locate the older version and reinstall it.

Thanks again,

Frank



Relevant Pages