HijackThis Log Help

[Waud]

Can someone have a look at the following log and let me know if there is anything that shouldn't be there.

Also where can I find what these entries mean.

Logfile of HijackThis v1.97.7
Scan saved at 22:16:32, on 09/02/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
G:\Program Files\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
G:\Program Files\Norton Personal Firewall\NISSERV.EXE
G:\Program Files\Norton Personal Firewall\SymProxySvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Philips\PSA2\skin\QveCplSk.EXE
G:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
G:\PROGRA~1\NORTON~1\navapw32.exe
G:\Program Files\Norton Personal Firewall\IAMAPP.EXE
G:\MSSQL7\Binn\sqlmangr.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
G:\Program Files\Firebird\MozillaFirebird.exe
C:\WINDOWS\sllights.exe
H:\Programs\HijackThis.exe

N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://G%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src" (C:\Documents and Settings\Chris\Application Data\Mozilla\Profiles\default\8ccmafo0.slt\prefs.js)
O2 - BHO: (no name) - {1F2E844B-8211-46ff-8262-772F03295CF4} - G:\Program Files\Aladdin Systems\Internet Cleanup\PopFiltr.dll
O2 - BHO: (no name) - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - G:\Program Files\Mass Downloader\MDHELPER.DLL
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QveCtl2Tray] C:\Program Files\Philips\PSA2\skin\QveCplSk.EXE C:\Program Files\Philips\PSA2\skin
O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [NAV Agent] G:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [iamapp] G:\Program Files\Norton Personal Firewall\IAMAPP.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MoneyAgent] "G:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = G:\MSSQL7\Binn\sqlmangr.exe
O8 - Extra context menu item: Download &All using Mass Downloader - G:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Download using &Mass Downloader - G:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Mass Downloader (HKLM)
O9 - Extra 'Tools' menuitem: &Mass Downloader (HKLM)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -

http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38019.495

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) -

http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{8225A1B5-BE75-4B78-B607-7F0BDB1600C9}: NameServer = 194.168.4.100 194.168.8.100

Thanks

Waud

 

[carrr]

You've nothing in your log that raises any concern, as far as I can see.
When in doubt, simply use Google. Copy and paste in an entry or filename and 99% of the time, you will find an explanation or warning. A good place to study up is here:

http://www.spywareinfo.com/

"'Tis an ill wind that blows no minds." - Malaclypse the Younger