Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hjt Log Analysis From Http://www.hijackthis.de/#anl


  • This topic is locked This topic is locked
2 replies to this topic

#1 brillo

brillo

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Location:Terrebonne, Oregon
  • Local time:06:38 PM

Posted 24 April 2006 - 09:09 PM

First, I appreciate this service, but you guys are busy and I've done this long enough now that I recognise most of what doesn't look right in my log, so I use http://www.hijackthis.de to point me in the right direction and only come here for the big questions.

First, the analyzer at http://www.hijackthis.de says a newer version of service pack is available. The HjT log shows that I have installed:

Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Is there another service pack since sp2?

Second, I click "fix" to get rid of 3 entries, e.g., "O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)", and "O17 - HKLM\System\CCS\Services\Tcpip\..\{DFB55CC9-BC92-465E-B536-00FA3906A6F2}: NameServer = 205.171.3.65 205.171.2.65", and
one more that isn't back yet, however, it will be. (I really don't like the sound of "Name Server" one.) I "fix" them and they are gone when I run HjT immediately after. But an hour later, they're back, or certainly the next day.

How do I get rid of this stuff permanently?

Thanks,

Rob

Edited by brillo, 24 April 2006 - 09:21 PM.


BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:03:38 AM

Posted 01 May 2006 - 11:42 AM

Hi brillo,

It is a bad idea to use the hijackthis.de analyser.
You may not fix the O17's and I am glad they are getting restored automatically.

If you want help with your log, please post it in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:03:38 AM

Posted 07 May 2006 - 03:18 AM

Since there is no feedback anymore, I assume this issue is resolved ... so, this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users