Zophar's Message Domain

Go Back   Zophar's Message Domain > General Chat > Talk of the Town

Reply
 
Thread Tools Display Modes
Old 07-24-2007, 04:11 PM   #1
Cornellius
Senior Member
 
Cornellius's Avatar
 
Join Date: Oct 2001
Location: Québec/Canada
Posts: 2,787
Default HijackThis! help.

O23 - Service: Windows Services Control - FileZilla Project - c:\windows\system32\drivers\services.exe

This entry is not running from the System32 folder, so it is probably nasty. This service (services.exe) seems to be nasty.
This process is not running from the System32 folder as it is supposed to be.


O23 - Service: Session Manager Subsystem (Windows smss) - Unknown owner - C:\WINDOWS\system32\drivers\etc\smss.exe

This entry is not running from the System32 folder, so it is probably nasty. This service (smss.exe) seems to be nasty.
This process is not running from the System32 folder as it is supposed to be.

Hrm, what should I do about these ?

CEpeep, keep your hands off of MY TOPIC!
<P ID="signature"></P>
__________________
My job

Industrial electronic technician
Industrial mechanic (Millwright)
Cornellius is offline   Reply With Quote
Old 07-24-2007, 05:05 PM   #2
Audigy
Senior Member
 
Audigy's Avatar
 
Join Date: Apr 2004
Location: Houston, TX
Posts: 755
Default Re: HijackThis! help.

Delete 'em from the recovery console?

I'd suggest you run a full spyware sweep first though; they're probably deeply rooted in the registry and may respawn from some hidden cache if you delete them.

Congraturation, YOU HAVE SPYWARE!


<P ID="signature">--

http://www.oddigy.com
beadsprites and PSFs, oh my!</P>
__________________
http://www.oddigy.com
Audigy is offline   Reply With Quote
Old 07-24-2007, 05:43 PM   #3
CEpeep
Senior Member
 
Join Date: Feb 2002
Posts: 3,511
Default Re: HijackThis! help.

> CEpeep, keep your hands off of MY TOPIC!

<img src=smilies/laff.gif>
<P ID="signature"><font size="-2">09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0</font></P>
CEpeep is offline   Reply With Quote
Old 07-24-2007, 10:43 PM   #4
Essee
Regular Member
 
Join Date: May 2007
Posts: 45
Default Re: HijackThis! help.

> Hrm, what should I do about these ?

What regular anti-spyware/adware/virus software do you have on your computer? HijackThis isn't exactly something for cleaning stuff off your computer, most of the time-- it's basically for experts, to spot any possible hijacking (no, really?) attempts. My personal setup aside from HijackThis (which I run every couple months), which has yet to fail me in any way and offers me some expert tools as well (startup customization, a list of all ActiveX controls/browser helper objects/home or search pages... and so on-- this from Spybot: S&D) is AVG Free (for antivirus), Spybot: Search & Destroy (for spyware and all those expert tweaks I mentioned, as well as a tool that watches and warns you when any program asks to start with your computer, but that can get really annoying if you're not knowledgable), and Ad-aware (for adware, although most really bad things are caught by the other two I mentioned. AVG's anti-spyware software (is it still Ewido?) MAY actually catch one or two more things than Spybot, but as far as I recall from when I tried it, it's lacking those extras I love about Spybot.

At any rate, I think knowing what you're running to counteract evil stuff like that would be helpful, since some programs aren't terribly good, and some actually actively make things WORSE. Also, it really isn't good enough to just have one or two programs for ad/spyware AND viruses... you pretty much need one for each genre of malware, in my experience. I've been helping the secretary for my allergist's office clean off her computer for the past year or so now (the way I got that job is kinda a funny story, actually), and I can tell you that I need to run ALL THREE programs each time I'm over there to clean it, since I usually get about 50-75 hits each from Spybot and Ad-aware (a lot of cookies, mostly, by the time I get all the way down to running Ad-aware, since Spybot beats it to quite a bit), and maybe 25 hits from AVG. Ouch.

P.S. Sorry my response was so freaking long, I tend to do that a lot lately without realizing it. <<

<P ID="signature">--
Yes, I'm female, gaming is my hobby, and I'm going into programming. Not taken, either, but seeing as how the law for girls on the internet is "Single, attractive, sane: choose two"... so...</P>
Essee is offline   Reply With Quote
Old 07-25-2007, 02:20 AM   #5
Cornellius
Senior Member
 
Cornellius's Avatar
 
Join Date: Oct 2001
Location: Québec/Canada
Posts: 2,787
Default Re: HijackThis! help.

No no, I know a lot about computers. I just wasn't sure if services could be in another directories than /system32/

I too use Spybot as a resident.

I like the fact that AVG Anti Spyware can delete tracking cookie automatically.

I tried Ad Aware 2007. It's a nice upgrade from the SE, but Ad Aware never gave me any good results, plus it always detected things that are not treats, like the MRU.

I also have Windows Defender, but it's real web browser "protections" only works with IE.

As for the Anti-Virus, I love NOD32.

<P ID="signature"></P>
__________________
My job

Industrial electronic technician
Industrial mechanic (Millwright)
Cornellius is offline   Reply With Quote
Old 07-25-2007, 08:10 AM   #6
Essee
Regular Member
 
Join Date: May 2007
Posts: 45
Default Re: HijackThis! help.

> No no, I know a lot about computers. I just wasn't sure if
> services could be in another directories than /system32/

Oops, yeah, it's hard to tell where someone is in a conversation about computers a lot of the time... especially since there are so many areas one can be weak or strong in. I hope I didn't come off like I thought you weren't at least REASONABLY knowledgable, though, since sometimes it's hard to tell your tone if you don't reread your post a bunch before actually posting it. <img src=smilies/retard.gif>

As for the services... well, I don't have FileZilla, so I'm not sure about whether that's valid, but I'm betting that the smss.exe in your \system32\drivers directory is a hoax, since running a quick search for it on my computer only yielded one in \system32\ and another in \system32\dllcache\ . The other one seems a bit odd since the filename is just "services.exe", too... You can try getting rid of that one, but if you do indeed have FileZilla on your machine and that IS a valid file, you might have to reinstall it.

> I tried Ad Aware 2007. It's a nice upgrade from the SE, but
> Ad Aware never gave me any good results, plus it always
> detected things that are not threats, like the MRU.

Isn't there a way to turn off the detection of the minor threats? I always have usage track scanning turned on, but I think there are ways to turn it off if you don't want to deal with it in pretty much every program... Nope, you're right, upon closer inspection. Weird. But at least it does separate them from regular results... somewhat... At any rate, it hasn't found anything "important" on my computer for a couple years... and only one or two results have popped up in that time through either Spybot or AVG (and even those were minor); I try to run a pretty tight ship. Yeah, Ad-Aware is usually fairly useless on machines that are closely watched, I think. =)

> I also have Windows Defender, but it's real web browser
> "protections" only works with IE.

Hahaha, which is so very useful when you're trying to make sure you keep threats away! I know I use IE whenever I'm trying to access sites where I could have something come after my computer. All the time. <img src=smilies/upeyes.gif>

> As for the Anti-Virus, I love NOD32.

Yeah, I've heard rave reviews about it... Do they have a regular free version, then? As far as my (short) memory goes, I never looked into it enough because I thought it was basically a "free trial-or-pay for it" kind of thing. I've been too busy the last year or two to test it when, as I said, I haven't found much on my computer in a long time... but since I keep hearing great things, if it's got more than a free trial I'll probably try checking it out for a little while, since I've got a little time. =)
<P ID="signature">--
Yes, I'm female, gaming is my hobby, and I'm going into programming. Not taken, either, but seeing as how the law for girls on the internet is "Single, attractive, sane: choose two"... well...</P>
Essee is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:09 AM.

Contact Us - Zophar's Domain - Archive - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.