Could u take a look at my Hijack This log?

Hi, i'm kinda new to the forums and Detox recomended u guys so here i am

I just installed and ran Hijack This. Could any of you guys take a looksee at my log and root out anything that shouldn't be there please?

Here is my log...

http://files.gotf.net/images/screenies/log.jpg

Whoops

here is my log (attached)....

Also i have just installed Sygate firewall and there are a few apps in the console there that i am not sure what they are....

NT kernel & system
Generic host process for win32 services
Common client CC app
NDIS user mode I/O driver (this wants access to the network every minute or so)
LSA shell (export version)
Application layer gateway service (i have to allow this thru to connect on my FTP proggy SmartFTP)

Thanx for any help

 

Hi B-2-0,

Welcome at Wilders.

You got one nasty in your list:
http://www.symantec.com/avcenter/venc/data/backdoor.sdbot.f.html

Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

O4 - HKLM\..\Run: [RDLL] RunDll16.exe

Then reboot and see if this file is still present:
RunDll16.exe
If so delete it. I don't think it will be there if your NAV is up-to-date and functioning properly.

The apps you listed are all parts of Windows except "Common client CC app" which is a part of Norton.
That does not necessarily mean they all need access and server rights. I hope one of our specialists will jump in on that matter.
You should definitely check out this site if you are new to Sygate:
http://bellsouthpwp.net/i/k/ikpe/

Regards,

Pieter

 

Thnx for helpin' bravo there Pieter ;-) I know you would help anyone but he's a gaming buddy of mine. Not as good as me, of course...

But a nice guy anyway

 

btw feel free to make fun of his log picture

 

Thanx Pieter

I did what u said and the file is no longer there

Still kinda curious about these apps trying to get access to the network....The NDIS user mode I/O driver thing keeps popping up every minute or so.

Thanx again

(btw, Detox seems to think he is a bad-ass gamer but he aint all that. All talk 'n' no walk )

 

Hi B-2-0,

The technical story: http://msdn.microsoft.com/library/en-us/wceddk40/html/cxrefndisuser-modeiodriver.asp

I know it needs to have permission for a lot of applications to work, like ICS, Remote Desktop etc.

But it might be advisable to start a new thread in the other firewalls fourm, so the experts can help you out.
I'm about as good with firewalls, as you think Detox is with gaming.

Regards,

Pieter