Can I be sure? - Page 2 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 01-13-2006, 11:20 AM   #11 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

the program deletes the entries that are NOT being used.
__________________

__________________
Osiris is offline  
Old 01-13-2006, 11:24 AM   #12 (permalink)
Junior Techie
 
Join Date: Nov 2005
Posts: 44
Default

Logfile of HijackThis v1.99.1
Scan saved at 2:23:10 AM, on 1/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\stafy\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qld.chariot.net.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ie/...arch.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ie/...arch.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1130359442484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1130359404968
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{271671EF-FC23-4A81-BC54-1D8F12EE179B}: NameServer = 203.87.88.1 203.87.88.2
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
__________________

dugal_loop is offline  
Old 01-13-2006, 11:25 AM   #13 (permalink)
Junior Techie
 
Join Date: Nov 2005
Posts: 44
Default

oh ok , ithought so. anyway here is my hijack this log file. have i got the right one?
dugal_loop is offline  
Old 01-13-2006, 11:27 AM   #14 (permalink)
Junior Techie
 
Join Date: Nov 2005
Posts: 44
Default

BTW i really appreciate you helping me, thanks alot!
dugal_loop is offline  
Old 01-13-2006, 11:30 AM   #15 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Remove this one file and you look good

O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
__________________
Osiris is offline  
Old 01-15-2006, 09:37 AM   #16 (permalink)
True Techie
 
Sevenor's Avatar
 
Join Date: Apr 2005
Posts: 243
Default

Quote:
Originally posted by Warez Monster
Remove this one file and you look good

O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
So is dugal_loop's pc attacked by virus/spyware?
What is that file that you asked him/her to remove?
Thx
Sevenor is offline  
Old 01-15-2006, 10:19 AM   #17 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu
__________________
Osiris is offline  
Old 01-16-2006, 01:50 PM   #18 (permalink)
True Techie
 
Sevenor's Avatar
 
Join Date: Apr 2005
Posts: 243
Default

Thx for the reply Warez Monster
Sevenor is offline  
Old 01-16-2006, 01:52 PM   #19 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Welcome....
__________________

__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 01:58 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.