TechSpot

Hijack This Analysis

By tan01
Apr 9, 2009
  1. Hello good folks,

    I got a call from my ISP saying I got an IRC.bot on my system. I installed Hijack This and I saw something interesting:

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    I don't know what that was and I removed it.

    The attached file hijackthis_before.txt is the scan result before the removal

    The attached file hijackthis_after.txt is the scan result after the removal.

    Can someone please identify an issues? I'd deeply appreciate it.

    Cheers

    Oh, if it's worth mentioning, I have had AVG 8.0 free version for a while and no infections.
    I got Comodo Firewall now.

    Also, and this is very much a soliloquy now, now that I remember, in the days before I got disconnected by the ISP, I did install SOPCast and Limewire, both of which are now gone from the system.

    AVG ran and gave a clean chit to the system.
     

    Attached Files:

  2. MMDominator88

    MMDominator88 TS Rookie Posts: 119

    If you haven't yet done so, make sure to follow these instructions http://www.techspot.com/vb/topic58138.html
    and when finished post the logs we ask for and we will look at them and can then determine whether or not you have an infection. and make sure to update your AVG and COMODO programs regularly (if they are not on automatic updates)
    The only suspicious files I see that may be of any importance could be these four entries...
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    but DO NOT delete them without confirmation of the admins. we will need you to perform the aforementioned instructions before being able to help you to the fullest
     
  3. tan01

    tan01 TS Rookie Topic Starter

    Thank you for the reply.

    Here's the Malwarebyte's and SuperAntipyware Logs.

    Cheers
     

    Attached Files:

  4. MMDominator88

    MMDominator88 TS Rookie Posts: 119

    It appears that your 2 posted logs are clean and have no infections present, could you run Hijack This one more time for me to look at, please?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...