| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 65127 | 2006-01-08 19:27:00 | Who's That? | B.M. (505) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 419238 | 2006-01-10 04:11:00 | OK i-gordon, here's the file for your amusement. Hope you can pinpoint the problem. :thumbs: Logfile of HijackThis v1.99.1 Scan saved at 17:02:59, on 10/01/2006 Platform: Windows ME (Win9x 4.90.3000A) MSIE: Internet Explorer v5.50 SP1 (5.50.4134.0100) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE C:\WINDOWS\MIXER.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\WORDWEB\WWEB32.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\HIJACKTHIS\HIJACKTHIS.EXE O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\ACROBAT\ACTIVEX\ACROIEHELPER.OCX O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm O8 - Extra context menu item: &NeoTrace It! - C:\Program Files\NeoTrace Express\NTXcontext.htm O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\Program Files\NeoTrace Express\NTXtoolbar.htm (HKCU) O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - by20fd.bay20.hotmail.msn.com |
B.M. (505) | ||
| 419239 | 2006-01-10 05:22:00 | Grisoft ! Spybot S&D ! I thought you didnt need any protection. But you do need some updates. IE is about 2 years old. Otherwise no laughs, but get a firewall and do the www. a favour. Ian |
i-gordon (962) | ||
| 419240 | 2006-01-10 06:14:00 | BM. just had another look at your log. Do this! Type FLASHGET.exe into Google and look at the first few entrys. Maybe a wake up call. www.securitystronghold.com Ian |
i-gordon (962) | ||
| 419241 | 2006-01-10 07:24:00 | Grisoft ! Spybot S&D ! I thought you didnt need any protection . But you do need some updates . IE is about 2 years old . Otherwise no laughs, but get a firewall and do the www . a favour . Ian Hmmm, now I’m really confused . Starting at the top, Ian I never said I didn’t need, or use, Spybot – AdAware – AVG . In fact in my initial post I said I quote: “My immediate thoughts were spyware or one of my many programmes looking for updates . Ad-Aware and Spybot give a clean bill of heath as does AVG . ” Ok, I did as you suggested and Googled Flashget, however, that turned up more glowing reports than criticisms . Having said that, the most scathing report came from a crowd marketing a product called “True Sword”, a product I’ve never heard of . Anybody got any comments on this programme? Quite interesting really because I don’t have any problems with spyware or virus’s, just a flashing computer icon which has ceased since I’ve downloaded TCPview and are waiting to see who’s knocking . :) In the meantime it aint broke so I wont try to fix it . Thanks everyone . |
B.M. (505) | ||
| 419242 | 2006-01-10 07:42:00 | BM Im not saying that FlashGet is a Trojan in fact it is a good download manager. If you clicked on the link I gave you it is also the filename of a trojan added by the RBOT-AGZ WORM. Worth checking out at least. After all you were concerned about what was coming and going in your comp. Last word from me. Get a Firewall. Ian |
i-gordon (962) | ||
| 1 2 3 | |||||