Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Dll compare


  • Please log in to reply

#1
dustin

dustin

    Member

  • Member
  • PipPip
  • 11 posts
hi,

I understand the use of this soft,but not very much the meaning.After scanning,in the bottom section I find these two files:




------------------End log---------------------
DLLCompare Log version(1.0.0.125)
Files Found that Windows does not See or cannot Access
*Not everything listed here means you are infected!
________________________________________________

C:\WINDOWS\SYSTEM32\archlib.dll Mon 3 Feb 2003 13.11.14 A.S.. 200.704 196,00 K
C:\WINDOWS\SYSTEM32\msstkprp.dll Thu 5 Apr 2001 13.43.20 A.S.R 94.208 92,00 K
________________________________________________

1.318 items found: 1.318 files (2 H/S), 0 directories.
Total of file sizes: 259.688.241 bytes 247,66 M

Administrator Account = True

--------------------End log--------------------

I rescan(following softw.instructions) and they disappear.And now? Have I to delete them in Win\system32 or what?
If someone can explain to me,thanks in advance.

dustin
  • 0

Advertisements


#2
mpfeif101

mpfeif101

    Member 1K

  • Retired Staff
  • 1,411 posts
Can you post a HJT log?
  • 0

#3
dustin

dustin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Can you post a HJT log?

View Post




Logfile of HijackThis v1.98.2
Scan saved at 21.15.30, on 30/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Norton AntiVirus\navapw32.exe
C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programmi\BillP Studios\WinPatrol\WinPatrol.exe
C:\WINDOWS\StartupMonitor.exe
C:\WINDOWS\System32\GSICON.EXE
C:\Programmi\The Cleaner\tcm.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmi\SpywareGuard\sgmain.exe
C:\Programmi\SpywareGuard\sgbhp.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - C:\Programmi\Popup Manager\PopupMgr_1.0.2.1P.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Programmi\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\Norton AntiVirus\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SymNetDrv\SNDMon.exe
O4 - HKLM\..\Run: [StartupDelayer] "C:\Programmi\r2 studios\Startup Delayer\Startup Launcher GUI.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Search Dictionary - file://\program files\powershell-xp2\search4.htm
O8 - Extra context menu item: Search for Images - file://\program files\powershell-xp2\search3.htm
O8 - Extra context menu item: Search Newsgroups - file://\program files\powershell-xp2\search2.htm
O8 - Extra context menu item: Search the Web - file://\program files\powershell-xp2\search.htm
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Programmi\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Programmi\VisualRoute\vrie.dll
O9 - Extra button: SmartWhois - {FD9DE2B4-C926-4460-81C4-FC58C6F1062E} - C:\PROGRA~1\SmartWhois\swmsiehlp.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.virgilio.it/alice01.home
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7071B090-EF25-4E4D-BE47-F48BFAF15006}: NameServer = 217.141.252.203 151.99.125.1
  • 0

#4
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
O14 - IERESET.INF: START_PAGE_URL=http://gw.virgilio.it/alice01.home

If the URL is not the provider of your computer or your ISP, have HijackThis fix it.

Everything else looks fine.
  • 0

#5
dustin

dustin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
ok,is my isp,thanks.

dustin

PS-please,can you explain to me what is the meaning of the two files in dllcompare log?

by,dustin
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP