Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log


  • Please log in to reply
4 replies to this topic

#1 TrickTrash

TrickTrash

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 18 June 2005 - 02:24 AM

These are the log entries i'm uncertain about:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:81

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O17 - HKLM\System\CCS\Services\Tcpip\..\{560CE362-D9B5-48B1-BCE2-EF9D899CF50D}: NameServer = 213.1.119.97 213.1.119.98

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
____________________________________________________________________

I recognised all the other entries but i don't know what these mean; 'tho if i'm reading the Other Stuff|Info details correctly, 017 is a domain hijack?

Any help appreciated

Edited by TrickTrash, 18 June 2005 - 02:30 AM.

TrickTrash

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,660 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:22 PM

Posted 18 June 2005 - 01:33 PM

Do you use BT for your internet service? If so those O17 entries are legit. If you are not using a proxy the R1 can be fixed. The R0 is harmless but can be fixed.

The O2 is from spyware doctor. and the O18 is legit.

#3 TrickTrash

TrickTrash
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 18 June 2005 - 07:13 PM

Grinler

Yes, I do use BT, & the 02 & 18 make sense & no i don't use a proxy. So that's that.

By "fix" the R1 & R2 i suppose you mean remove as they're not relevant.

Thank's a lot for your help

TrickTrash

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,660 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:22 PM

Posted 19 June 2005 - 06:26 PM

You the fix means that their is no harm in fixing them

#5 TrickTrash

TrickTrash
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 19 June 2005 - 09:34 PM

Thank's Grinler; appreciate it
TrickTrash




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users