Hally
01-06-2005, 11:18 AM
Hi can anyone tell me if these two entries are ok from my HijackThis Log... I put the main lines no.17 in Bold /images/forums/icons/smile.gif Thanks Heaps!
--------------------------------------------------
Logfile of HijackThis v1.98.2
Scan saved at 6:11:31 AM, on 7/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\AGNITUM\OUTPOS~1\outpost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ihug.com.au/popup/sydney.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\jccatch.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Maintain Block List... - C:\PROGRA~1\AdShield\maintain.htm
O8 - Extra context menu item: Add to &Block List... - C:\PROGRA~1\AdShield\suppress.htm
O8 - Extra context menu item: AdShield Option &Settings... - C:\PROGRA~1\AdShield\settings.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\AGNITUM\OUTPOS~1\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\AGNITUM\OUTPOS~1\TRASH.EXE (HKCU)
O9 - Extra button: AdShield - {4FB6C25E-7B37-4c93-B592-16ECD8D18361} - C:\PROGRA~1\AdShield\AdShield.dll (HKCU)
O16 - DPF: St.George Internet Banking - https://ibank.stgeorge.com.au/html/bbb11s.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102106504018
O17 - HKLM\System\CCS\Services\Tcpip\..\{40EF225B-3364-4103-A8E4-4ACA26D39B4B}: NameServer = 203.0.178.191
O17 - HKLM\System\CS2\Services\Tcpip\..\{40EF225B-3364-4103-A8E4-4ACA26D39B4B}: NameServer = 203.0.178.191
------------------------------------------------------------
<font color=blue>>>Hally<<
>>>/images/forums/icons/laugh.gif<<<</font color=blue>
--------------------------------------------------
Logfile of HijackThis v1.98.2
Scan saved at 6:11:31 AM, on 7/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\AGNITUM\OUTPOS~1\outpost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ihug.com.au/popup/sydney.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\jccatch.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Maintain Block List... - C:\PROGRA~1\AdShield\maintain.htm
O8 - Extra context menu item: Add to &Block List... - C:\PROGRA~1\AdShield\suppress.htm
O8 - Extra context menu item: AdShield Option &Settings... - C:\PROGRA~1\AdShield\settings.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\AGNITUM\OUTPOS~1\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\AGNITUM\OUTPOS~1\TRASH.EXE (HKCU)
O9 - Extra button: AdShield - {4FB6C25E-7B37-4c93-B592-16ECD8D18361} - C:\PROGRA~1\AdShield\AdShield.dll (HKCU)
O16 - DPF: St.George Internet Banking - https://ibank.stgeorge.com.au/html/bbb11s.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102106504018
O17 - HKLM\System\CCS\Services\Tcpip\..\{40EF225B-3364-4103-A8E4-4ACA26D39B4B}: NameServer = 203.0.178.191
O17 - HKLM\System\CS2\Services\Tcpip\..\{40EF225B-3364-4103-A8E4-4ACA26D39B4B}: NameServer = 203.0.178.191
------------------------------------------------------------
<font color=blue>>>Hally<<
>>>/images/forums/icons/laugh.gif<<<</font color=blue>