ROOTKIT REVEALER LOG

WHAT DO YOU THINK ?

HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp\DPNHUPnP\ActiveNATMappings\svchost (192.168.0.101:1162) 18372 UDP      3/13/2006 6:26 PM      32 bytes      Hidden from Windows API.


HKLM\SYSTEM\ControlSet001\Services\Vax347s\Config\jdgg40      8/14/2005 6:44 AM      0 bytes      Hidden from Windows API.
LVL 6
onsitezAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rpggamergirlCommented:
There is nothing there to be concerned about.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
war1Commented:
Greetings, onsitez !

Svchost is a window process.
http://www.liutilities.com/products/wintaskspro/processlibrary/svchost/

jdgg40 is part of Alcohol 120%.  If you did not install this program, you can uninstall it from Add/Remove Programs
http://www.sysinternals.com/forum/forum_posts.asp?TID=378&PN=1&get=last

Here is more info on Alcohol 120%.
http://www.sysinternals.com/blog/2006_02_01_archive.html

Best wishes!
masnrockCommented:
Everything looks legit. Alcohol 120% is a CD/DVD emulating and burning program.
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

rpggamergirlCommented:
sorry, looked like I was too lazy! no explanation, no links! :)
onsitezAuthor Commented:
yes everyone tells ne the second one is alcohol 120, what about the first one, yes i know the svchost starts programs from dll, I think directplatnathelper is MS messengeror something like that ?  what about it rferencing my ip address and the udp port ?
onsitezAuthor Commented:
sysinternals forum , they told me too the second was alcohol 120 also
war1Commented:
onsitez,

192.168.0.101:1162 belongs to IANA

http://www.dnsstuff.com/tools/whois.ch?ip=192.168.0.101%3A1162
nepostojeci_emailCommented:
LOL war1 :)
are you joking about private ip range or what? :))

onsitez, try scanning your system with HijacKThis, and upload your
log at www.hijackthis.de, and post the link to the uploaded log here,
for further assistance, to make sure your system is clear.
war1Commented:
onsitez, any update?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.