I think I may have a trojan virus on my computer (Maybe polall1l.exe and others). All I know is that I've scanned my comp with at least five anti-virus programs and parasites aren't totally gone. My start up is still kinda slow AND I can't check my e-mail from home. I got Highjack This and recorded a log. Can someone PLEASE!!! help me fix this problem. This is what's on my log: Logfile of HijackThis v1.97.7 Scan saved at 8:37:43 PM, on 10/26/04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\EXPLORER.EXE C:\HJT\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O2 - BHO: (no name) - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL O2 - BHO: (no name) - {CF021F40-3E14-23A5-CBA2-716D74632608} - C:\WINDOWS\SYSTEM\MTC2608.DLL O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file) O2 - BHO: (no name) - {49FF3509-B212-749B-8753-60550DF2724C} - C:\WINDOWS\SYSTEM\UEJ.DLL O2 - BHO: (no name) - {98A59521-2683-11D9-AE62-0080D2A8D311} - (no file) O2 - BHO: (no name) - {9EAC0102-5E61-2312-BC2D-444C4C4F5552} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Search Toolbar - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O9 - Extra button: SideFind (HKLM) O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O15 - Trusted Zone: *.windupdates.com O15 - Trusted Zone: *.searchmiracle.com O15 - Trusted Zone: *.searchbarcash.com O15 - Trusted Zone: *.skoobidoo.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.clickspring.net O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/2719a93360e3715bdf05/netzip/RdxIE601.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {197AB1D7-A7DD-4C86-A938-1FCC0DB21B85} - http://dm.cometsystems.com/dm/dm2_inst.cab O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/release/PlaxoInstall.cab O16 - DPF: {CDCC6BE5-720B-488D-A953-047E0598D996} (UpMan Class) - https://www.plaxo.com/activex/plx_upldr.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nosuch.mht!http://www.foxik.com/5/files.chm::/file.exe O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
Hey! Go to this site and get CCLEANER. It's a great utility! http://www.ccleaner.com/ You need to protect your machine. Do you have the latest updates for O/S and a reliable antivirus utility? If you don't your on borrowed time! Thanks To DDP for the cleaner!
also get adaware6 from lavasoft.com free, also free avg6 free version not pay version, is anti virus program i install in over 100 computers & you welcome ianski7
Hijack this is an amazing utiltiy, I also see you have Spybot search and destroy. Version 1.3 is really good. I don`t see any ovious issues, have you run Norton antivirus or other virus utility.
AdAware is great, but the free version does not let you enable the spyware/adware blocker. It still gets on your computer, and you use AdAware to get it off the hard drive, after it is already on the hard drive. I finally forked out the money to get the full version, and now, I do not get the spyware/adware on my computer. AdAware blocks it from getting into my system. I would recommend it to everyone. _X_X_X_X_X_[small]Bruce Wallace Vietnam Vet - 1970 - 1971 3.06 Ghz Intel P4 CPU Asus P4C800-E Deluxe Motherboard 1Gig Corsair 3200 LLPro DDR Ram Plextor PX 708A DVD Burner Sony CRX320E DVD 16x + CD-RW 52x24x52 Combo ATI Radeon 9700 Pro Video Card Audigy2 Platinum[/small]
