Re: Hijacker
From: Cheryl (anonymous_at_discussions.microsoft.com)
Date: 06/26/04
- Next message: Sandi - Microsoft MVP: "Re: Hijacker"
- Previous message: Cheryl: "Re: Hijacker"
- In reply to: Chuck: "Re: Hijacker"
- Next in thread: Chuck: "Re: Hijacker"
- Reply: Chuck: "Re: Hijacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 26 Jun 2004 02:46:04 -0700
I did try one of the forums but I had to sign up and am
still waiting for the system admin to "approve" my account
before it will let me post anything.
Same question as for Taff, why does my OS appear to be
ME? My computer came pre-loaded with Windows XP pro and
that is what my computer tells me I am running. Could it
be wrong?
>-----Original Message-----
>On Fri, 25 Jun 2004 05:38:29 -0700, "Cheryl"
><anonymous@discussions.microsoft.com> wrote:
>
>>Chuck. Thank you for the advice. Here is the Hijack
This
>>Log f anyone wants to take a crack at decoding this.
>
><SNIP HJT log>
>
>Cheryl,
>
>Did you post to one of the spyware expert forums?:
><http://forums.net-integration.net/>
><http://forums.spywareinfo.com/>
><http://spywarewarrior.com/index.php>
><http://forums.tomcoyote.org/>
><http://www.wilderssecurity.com/>
>
>I found several items of interest, probably not CWS
components but you'll be
>better off letting HijackThis remove:
>
>C:\Program Files\Desktop Messenger\8876480
\Program\BackWeb-8876480.exe
>O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop
>Messenger\8876480\Program\BackWeb-8876480.exe
>
>C:\Program Files\Common Files\Real\Update_OB\realsched.exe
>C:\Program Files\QuickTime\qttask.exe
>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe"
>-atboottime
>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
>Files\Real\Update_OB\realsched.exe" -osboot
>O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE
Class) -
>http://207.188.7.150/0740cd2d85f5de4af705/netzip/RdxIE601.
cab
>
>BackWeb is well known spyware, though packaged as a
legitimate component in
>Logitech Desktop Manager. If you don't intentionally
need LDM, I'd advise
>against running it. I have Logitech QuickCams that work
fine with MSN/Windows
>Messenger, and Yahoo Messenger, without LDM.
>
>QTTask.exe and RealSched.exe are Quicktime and RealPlayer
real time tasks that
>are not needed. RP is known for its spyware tactics, if
you don't configure it
>properly it "phones home" when you use it. Both
components waste bandwidth and
>cpu. RdxIE601.cab is a RealNetworks component. Both
Quicktime and RealPlayer
>will work fine without either component running
constantly.
>
>Close all open tasks, run HijackThis, check items
indicated, have it fix items
>checked. Then reboot. Rerun HJT and post your new log.
>
>I also note that you are running the Verizon PPPoE
driver. If you have
>broadband, you should be behind a NAT router. A properly
chosen NAT router will
>handle the PPPoE for you, and you can get that and ALL
the other Verizon crap
>off your computer. You'll be safer, and your computer
will run better.
>
>And, as Taff noted, Windows ME is a poor choice for an
operating System.
>Windows XP is a much better choice.
>
>Cheers,
>
>Chuck
>Paranoia comes from experience - and is not necessarily a
bad thing.
>.
>
- Next message: Sandi - Microsoft MVP: "Re: Hijacker"
- Previous message: Cheryl: "Re: Hijacker"
- In reply to: Chuck: "Re: Hijacker"
- Next in thread: Chuck: "Re: Hijacker"
- Reply: Chuck: "Re: Hijacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
