hijackthis log

[Guest]

[uhohkimee]

I never really used this program so I guess now is the time. This is my desktop and some people are using it and sometimes they are a bit stubborn when it comes to not going to some sites or downloading stuff. So I hope you guys could check out my log and see if theres some issues. Thanks!

[panic]

G'day,

The only entry that's out of the ordinary is

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

You can safely delete this entry using Hijack This.

Cheers,
Ewen :-)

[aXes]

Hi uhohkimee,

02 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
(Description: File is missing. Fix it.)

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
(Description: Nvidia system tray applet. Not necessary. Removing this entry will free up a small amount of system resources.)

O4 - HKLM\..\Run: [traySantaCruz] C:\WINDOWS\system32\tbctray.exe
(Description: Provides quick access via a System Tray icon to the control panel for Turtle Beach's Santa Cruz or VideoLogic's SonicFury soundcards. Available via Start -> Settings -> Control Panel. Removing this entry will free up a small amount of system resources.)

04 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
(Description: ctfmon.exe is a process belonging to Microsoft Office Suite. If I could not see Antivir and Spyware Doctor in your log, I could say it may be infected by Cool Web Search.)

aXes

[Ragwing]

Since cftmon.exe is located in \WINDOWS\system32\, there's nothing to worry about. Anyways, if you want to disable it, go to Control Panel -> Regional and Language Options -> Languages -> Details -> Advanced,
and check the box that says "Turn off advanced text services."


If you don't do this, and just remove the startup entry, it'll respawn.

Cheers,
Ragwing

[aXes]

Since cftmon.exe is located in \WINDOWS\system32\, there's nothing to worry about. Anyways, if you want to disable it, go to Control Panel -> Regional and Language Options -> Languages -> Details -> Advanced,
and check the box that says "Turn off advanced text services."
If you don't do this, and just remove the startup entry, it'll respawn.

Useful info, thanks Ragwing.

aXes

[uhohkimee]

Hi uhohkimee,

02 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
(Description: File is missing. Fix it.)

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
(Description: Nvidia system tray applet. Not necessary. Removing this entry will free up a small amount of system resources.)

O4 - HKLM\..\Run: [traySantaCruz] C:\WINDOWS\system32\tbctray.exe
(Description: Provides quick access via a System Tray icon to the control panel for Turtle Beach's Santa Cruz or VideoLogic's SonicFury soundcards. Available via Start -> Settings -> Control Panel. Removing this entry will free up a small amount of system resources.)

04 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
(Description: ctfmon.exe is a process belonging to Microsoft Office Suite. If I could not see Antivir and Spyware Doctor in your log, I could say it may be infected by Cool Web Search.)

aXes

Heres an update

I deleted the BHO and I'm just making sure is deleting the nvidia thing really safe? What do you mean that you could not see spyware doctor or antivir in my log? I checked the log and it's there.

Heres an update version of the log... Sorry for the late reply I've been busy with some stuff. Thanks for taking the time to check out my log 

[aXes]

1st: I checked out new log. The only difference is BHO!

2nd: There is a misunderstanding. I can see Antivir and Spyware Doctor in your log. Otherwise, I can say that your ctfmon.exe might be a spyware variant. So, no need to worry.

3rd: If you have doubt about Nvidia entry, try to fix. You can backup later if you want.

aXes

[3xist]

Topic Locked.

Reason: Out-Dated post.

Josh

[Tags:]