A Check Up Please

hayc59 · January 09, 2006, 02:14:20 AM

Want to know about two items
if needed and can be killed off?
they are highlighted in blue
thank you
G.

Logfile of HijackThis v1.99.1
Scan saved at 6:15:01 PM, on 1/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Gordon&Nancy\Desktop\Junk\HiJack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Corrine · January 09, 2006, 02:56:30 AM

Did you edit the log?

O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

isuspm.exe is a process that belongs InstallShield from Macrovision. The process automatically checks for the latest updates online. By removing this process you will not get informed about the latest updates for InstallShield.

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
Services are programs that are loaded automatically by Windows on startup. These services are loaded regardless of whether or not a user logs on to the the computer and tend to be used to handle system wide tasks such as Windows operating system features, antivirus software, or application servers.

hayc59 · January 09, 2006, 03:19:14 AM

Quote from: Corrine on January 09, 2006, 02:56:30 AM
Did you edit the log?

Nope that's it
can i remove those two that you looked at?

winchester73 · January 09, 2006, 03:31:59 PM

... and to think I thought my HJT log was lean and mean ... :)

The InstallShield Update Service Scheduler is certainly not required to run when you boot up. It's easy enough to start manually should you wish to. Fixing it with "HJT" won't eliminate it from your computer, only prevent it from loading when you boot up.

The O23 item is legitimate: http://castlecops.com/o23list-495.html

The IDriverT.exe process belongs to the InstallShield product installation service, and appears when you are installing a new piece of software. It is not necessary, but most references indicate it should only be terminated if it is malfunctioning or causing problems.

Personally, I'd fix the O4 but leave the O23.

hayc59 · January 09, 2006, 05:31:30 PM

winchester73
thank you and done!! :thumbsup:

winchester73 · January 10, 2006, 12:41:04 AM

8)

A Check Up Please

hayc59

Corrine

hayc59

winchester73

hayc59

winchester73