Jump to content
Sign in to follow this  
Ultimate Predator

Ultimate Predator - Log 03

Recommended Posts

Please tell me if it needs cleaning, for performance, or whether there is malware. Cheers.

Logfile of HijackThis v1.99.1

Scan saved at 13:36:59, on 18/06/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Agnitum\Outpost Security Suite\outpost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\UPHClean\uphclean.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O4 - HKLM\..\Run: [Outpost Security Suite] C:\Program Files\Agnitum\Outpost Security Suite\outpost.exe /waitservice

O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Security Suite\feedback.exe /dump:os_startup

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Outpost Security Suite Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Security Suite\Plugins\BrowserBar\ie_bar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

O11 - Options group: [iNTERNATIONAL] International*

O15 - Trusted Zone: http://www.betfair.com

O15 - Trusted Zone: *.betfair.com

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{4FB8B3AF-9031-4192-882F-DD1096C4171D}: NameServer = 194.168.4.100 194.168.8.100

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Outpost Security Suite Service (OutpostSecuritySuite) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Security Suite\outpost.exe

Share this post


Link to post
Share on other sites

All clean. You may want to run LSPFix.

These can go safely if you wish:

O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Security Suite\feedback.exe /dump:os_startup

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

Share this post


Link to post
Share on other sites

O10 - Unknown file in Winsock LSP: c:\program files\agnitum\outpost security suite\lspfilt.dll

I know that it's Agnitum and it may very well be safe; though I see no reason for it to be that intrusive. LSPFix may see a possible error with it, so you may want to check.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×