Re: Hijack this log

Forums » Up and Running » Security » Security » Hijack this log


Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:	Post a:	Post a:

Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal

more port 1243 »
« AVG Site Problem?

Boston7

join:2002-04-22

Ok thanks all,

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipAlbum Pro\FpLaunch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {D97A579C-7811-46D5-84A3-6262A02CA46F} - (no file)
O3 - Toolbar: (no name) - {362a256f-b243-4d93-95e4-e696626a5e59} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Internet\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [TClockEx] C:\tclock\TCLOCKEX.EXE
O4 - HKCU\..\Run: [Microsoft Works Update Detection] ???????\WkDetect.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: Update InstaCode.lnk = C:\Program Files\InstaCode\WiseUpdt.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\MICROS~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - »www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - »www.flipside.com/cab/WONWebLaunc···trol.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - »download.macromedia.com/pub/shoc···lash.cab

permalink · 2003-10-08 15:52:39 · Print ·

dp Premium,MVM join:2000-12-08 Greensburg, PA ·Verizon Online DSL	Re: Hijack this log You can tick off and fix: O3 - Toolbar: (no name) - {D97A579C-7811-46D5-84A3-6262A02CA46F} - (no file) O3 - Toolbar: (no name) - {362a256f-b243-4d93-95e4-e696626a5e59} - (no file) I don't see anything else, maybe someone else will take another look at it. -- Write your questions down on the back of a $20 dollar bill and send them to me
	permalink · 2003-10-08 16:11:03 ·

John2g Qui Tacet Consentit Premium join:2001-08-10 England	Re: Hijack this log said by dp : You can tick off and fix: O3 - Toolbar: (no name) - {D97A579C-7811-46D5-84A3-6262A02CA46F} - (no file) O3 - Toolbar: (no name) - {362a256f-b243-4d93-95e4-e696626a5e59} - (no file) I don't see anything else, maybe someone else will take another look at it. [text was edited by author 2003-10-08 16:26:55]
	permalink · 2003-10-08 16:16:14 · Print ·

dp
Premium,MVM
join:2000-12-08
Greensburg, PA

·Verizon Online DSL

Re: Hijack this log

said by John2g :

said by dp :
You can tick off and fix:

O3 - Toolbar: (no name) - {D97A579C-7811-46D5-84A3-6262A02CA46F} - (no file)
O3 - Toolbar: (no name) - {362a256f-b243-4d93-95e4-e696626a5e59} - (no file)

I don't see anything else, maybe someone else will take another look at it.

And this entry

O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

John, I'm not sure about tfswshx.dll as being WurldMedia. I believe it's for the HP CD-Writer backup software.
--
Write your questions down on the back of a $20 dollar bill and send them to me

permalink · 2003-10-08 16:19:25 · Print ·

John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England

Re: Hijack this log

said by dp :

said by John2g :

said by dp :
You can tick off and fix:

O3 - Toolbar: (no name) - {D97A579C-7811-46D5-84A3-6262A02CA46F} - (no file)
O3 - Toolbar: (no name) - {362a256f-b243-4d93-95e4-e696626a5e59} - (no file)

I don't see anything else, maybe someone else will take another look at it.

And this entry

O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

John, I'm not sure about tfswshx.dll as being WurldMedia. I believe it's for the HP CD-Writer backup software.

You are correct. I read the line above, instead of the line below, on the .dll info
--
Better to remain silent and be thought a fool, than to speak and remove all doubt.

permalink · 2003-10-08 16:34:20 · Print ·

your comment..

Forums » Up and Running » Security » Security	more port 1243 » « AVG Site Problem?


Thursday, 10-Dec 06:28:03	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF