englishmen Posted June 4, 2005 Share Posted June 4, 2005 I have been thru it my self and it seems of but there is one entry which i want to get rid of which is "O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe" which i read is part of microsoft office suite but im not quite sure but as i do not have microsoft office suite(Open office all the way :-) im assuming i can delete it, thanks in advanced. Logfile of HijackThis v1.99.1 Scan saved at 17:02:23, on 04/06/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Installed Software\Avast Antivirus\aswUpdSv.exe C:\Program Files\Installed Software\Avast Antivirus\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Installed Software\Avast Antivirus\ashMaiSv.exe C:\Program Files\Installed Software\Avast Antivirus\ashWebSv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\gsicon.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\Installed Software\ZoneAlarm\zlclient.exe C:\PROGRA~1\INSTAL~1\AVASTA~1\ashDisp.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Installed Software\PeerGuardian2\pg2.exe C:\Program Files\Installed Software\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Installed Software\Rainlendar\Rainlendar.exe C:\PROGRA~1\INSTAL~1\MOZILL~1\firefox.exe C:\WINDOWS\Explorer.EXE O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\INSTAL~1\SPYBOT~1\SDHelper.dll O2 - BHO: SafeIE Utility - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - C:\WINDOWS\system32\safeie.dll O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Installed Software\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\INSTAL~1\AVASTA~1\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [awxDTools] rundll32 C:\PROGRA~1\INSTAL~1\DAEMON~1\AWXDTO~1\awxDTools.dll,awxRegisterDll /r /s O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\Installed Software\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Installed Software\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: Rainlendar.lnk = C:\Program Files\Installed Software\Rainlendar\Rainlendar.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{6933693C-A036-4223-B8AA-E2F59C379B51}: NameServer = 62.241.162.200 158.43.240.3 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Installed Software\Avast Antivirus\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Installed Software\Avast Antivirus\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Installed Software\Avast Antivirus\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Installed Software\Avast Antivirus\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Link to comment Share on other sites More sharing options...
oli Posted June 4, 2005 Share Posted June 4, 2005 im not sure which ones but im sure u can get rid of a few of those startup programs. i only have 4 Homer: I never apologise, im sorry Lisa. Thats just the way i am Link to comment Share on other sites More sharing options...
Tarun Posted June 4, 2005 Share Posted June 4, 2005 These are all optional. Generated by Tarun's HijackThis Converter. Enumeration of existing IE's BHO's. Safe to remove: O2 - BHO: SafeIE Utility - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - C:\WINDOWS\system32\safeie.dll Enumeration of suspicious auto-loading registry entries. Safe to remove: O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Rainlendar.lnk = C:\Program Files\Installed Software\Rainlendar\Rainlendar.exe Enumeration of NT Services. Safe to remove: O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Installed Software\Avast Antivirus\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Installed Software\Avast Antivirus\ashWebSv.exe" /service (file missing) Link to comment Share on other sites More sharing options...
englishmen Posted June 5, 2005 Author Share Posted June 5, 2005 Thanks for the help guys, Tarun what do you mean when you say " Generated by Tarun's HijackThis Converter." Link to comment Share on other sites More sharing options...
Tarun Posted June 5, 2005 Share Posted June 5, 2005 Thanks for the help guys, Tarun what do you mean when you say "Generated by Tarun's HijackThis Converter." <{POST_SNAPBACK}> See here. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now