Still not real solved.
can anyone have a look at my hijackthislog?
thanks.
Attached Files
-
hijackthis1.txt 3.83K
30 downloads
1
Some is slowing down my connection / hijackthislog included
Started by Heidelberg, Apr 07 2006 10:43 AM
1 reply to this topic
#1 OFFLINE
-
- Members
-
- 8 posts
Newbie
Posted 07 April 2006 - 10:43 AM
I have problems with my internet connection and ran the Adware, etc tools.
Still not real solved.
can anyone have a look at my hijackthislog?
thanks.
Still not real solved.
can anyone have a look at my hijackthislog?
thanks.
#2 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 07 April 2006 - 10:13 PM
Hi Heidelberg, Welcome 
You need to consider upgrading Windows as that will improve performance and security, visit http://windowsupdate.microsoft.com and download all the "critical updates" for Windows, This patches many of the security holes through which attackers gain access to your computer.
Hijack This is in a temporary directory so it needs moving or reinstalling before fixing the entries, Hijack This creates backups of everything thats fixed incase you need to restore it at a later stage and if its in the temp folder you will lose the backups if you clear your temp folders anytime. Its probably easier to remove it using the Add/Remove screen and download it again from Here then save it to your C:\Drive first before running it.
Run Hijack This and choose Do A System Scan then place a check next to these entries
O2 - BHO: (no name) - {EEF7D6D9-AE0B-3AFC-7584-7255A0EF1220} - (no file)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http:// software-dl.real.com/23ef3c38647b23...ip/RdxIE601.cab
Close all open browser and other windows except for Hijack This and press the Fix Checked button
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
WinPcap is a packet capture and network analysis tool and is fine if you have installed it yourself, with it capturing network traffic I thought its best to make sure you put it on the pc.
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
this can be used by some malware to prevent you from changing your homepage. It can also be set by you (using programs like Spybot:S&D) to prevent malware changing your settings or by System Administrators to prevent their users changing settings. If you or a system administrator didn't impose the restriction then you can fix the entry. If in doubt then leave it as Hijack This isnt showing any problems with your IE settings.
Next download Ewido Anti-Malware from HERE
When the scan finishes, click on Save Report. This will create a text file that you can save to the desktop and post back
Finally run Panda Activescan from Here.
Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan
(Note: It may take a couple of minutes)
- When the download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location so you can post it back.
please post back the Ewido log and the Activescan log.
Cheers
Andy
You need to consider upgrading Windows as that will improve performance and security, visit http://windowsupdate.microsoft.com and download all the "critical updates" for Windows, This patches many of the security holes through which attackers gain access to your computer.
Hijack This is in a temporary directory so it needs moving or reinstalling before fixing the entries, Hijack This creates backups of everything thats fixed incase you need to restore it at a later stage and if its in the temp folder you will lose the backups if you clear your temp folders anytime. Its probably easier to remove it using the Add/Remove screen and download it again from Here then save it to your C:\Drive first before running it.
Run Hijack This and choose Do A System Scan then place a check next to these entries
O2 - BHO: (no name) - {EEF7D6D9-AE0B-3AFC-7584-7255A0EF1220} - (no file)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http:// software-dl.real.com/23ef3c38647b23...ip/RdxIE601.cab
Close all open browser and other windows except for Hijack This and press the Fix Checked button
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
WinPcap is a packet capture and network analysis tool and is fine if you have installed it yourself, with it capturing network traffic I thought its best to make sure you put it on the pc.
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
this can be used by some malware to prevent you from changing your homepage. It can also be set by you (using programs like Spybot:S&D) to prevent malware changing your settings or by System Administrators to prevent their users changing settings. If you or a system administrator didn't impose the restriction then you can fix the entry. If in doubt then leave it as Hijack This isnt showing any problems with your IE settings.
Next download Ewido Anti-Malware from HERE
- When installing, under "Additional Options" uncheck "Install background guard"
- From the main ewido screen, click on update in the left menu, then click the Start update button.
- After the update finishes (the status bar at the bottom will display "Update successful"),
- Click on the Scanner button in the left menu, then click Complete System Scan.
When the scan finishes, click on Save Report. This will create a text file that you can save to the desktop and post back
Finally run Panda Activescan from Here.
Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan
(Note: It may take a couple of minutes)
- When the download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location so you can post it back.
please post back the Ewido log and the Activescan log.
Cheers
Andy
