Re: Hijacker
From: Chuck (none_at_example.net)
Date: 06/26/04
- Next message: henry baker: "Re: Is MSIE dead as a browser - if Microsoft does not patch it then it is as far as I am concerned!"
- Previous message: BeamGuy: "Re: Is MSIE dead as a browser - if Microsoft does not patch it then it is as far as I am concerned!"
- In reply to: Cheryl: "Re: Hijacker"
- Next in thread: Cheryl: "Re: Hijacker"
- Reply: Cheryl: "Re: Hijacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 25 Jun 2004 20:00:21 -0500
On Fri, 25 Jun 2004 05:38:29 -0700, "Cheryl"
<anonymous@discussions.microsoft.com> wrote:
>Chuck. Thank you for the advice. Here is the Hijack This
>Log f anyone wants to take a crack at decoding this.
<SNIP HJT log>
Cheryl,
Did you post to one of the spyware expert forums?:
<http://forums.net-integration.net/>
<http://forums.spywareinfo.com/>
<http://spywarewarrior.com/index.php>
<http://forums.tomcoyote.org/>
<http://www.wilderssecurity.com/>
I found several items of interest, probably not CWS components but you'll be
better off letting HijackThis remove:
C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop
Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://207.188.7.150/0740cd2d85f5de4af705/netzip/RdxIE601.cab
BackWeb is well known spyware, though packaged as a legitimate component in
Logitech Desktop Manager. If you don't intentionally need LDM, I'd advise
against running it. I have Logitech QuickCams that work fine with MSN/Windows
Messenger, and Yahoo Messenger, without LDM.
QTTask.exe and RealSched.exe are Quicktime and RealPlayer real time tasks that
are not needed. RP is known for its spyware tactics, if you don't configure it
properly it "phones home" when you use it. Both components waste bandwidth and
cpu. RdxIE601.cab is a RealNetworks component. Both Quicktime and RealPlayer
will work fine without either component running constantly.
Close all open tasks, run HijackThis, check items indicated, have it fix items
checked. Then reboot. Rerun HJT and post your new log.
I also note that you are running the Verizon PPPoE driver. If you have
broadband, you should be behind a NAT router. A properly chosen NAT router will
handle the PPPoE for you, and you can get that and ALL the other Verizon crap
off your computer. You'll be safer, and your computer will run better.
And, as Taff noted, Windows ME is a poor choice for an operating System.
Windows XP is a much better choice.
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
- Next message: henry baker: "Re: Is MSIE dead as a browser - if Microsoft does not patch it then it is as far as I am concerned!"
- Previous message: BeamGuy: "Re: Is MSIE dead as a browser - if Microsoft does not patch it then it is as far as I am concerned!"
- In reply to: Cheryl: "Re: Hijacker"
- Next in thread: Cheryl: "Re: Hijacker"
- Reply: Cheryl: "Re: Hijacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
