ROOTKIT REVEALER LOG

WHAT DO YOU THINK ?

HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp\DPNHUPnP\ActiveNATMappings\svchost (192.168.0.101:1162) 18372 UDP      3/13/2006 6:26 PM      32 bytes      Hidden from Windows API.


HKLM\SYSTEM\ControlSet001\Services\Vax347s\Config\jdgg40      8/14/2005 6:44 AM      0 bytes      Hidden from Windows API.
LVL 6
onsitezAsked:
Who is Participating?
 
rpggamergirlCommented:
There is nothing there to be concerned about.
0
 
war1Commented:
Greetings, onsitez !

Svchost is a window process.
http://www.liutilities.com/products/wintaskspro/processlibrary/svchost/

jdgg40 is part of Alcohol 120%.  If you did not install this program, you can uninstall it from Add/Remove Programs
http://www.sysinternals.com/forum/forum_posts.asp?TID=378&PN=1&get=last

Here is more info on Alcohol 120%.
http://www.sysinternals.com/blog/2006_02_01_archive.html

Best wishes!
0
 
masnrockCommented:
Everything looks legit. Alcohol 120% is a CD/DVD emulating and burning program.
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
rpggamergirlCommented:
sorry, looked like I was too lazy! no explanation, no links! :)
0
 
onsitezAuthor Commented:
yes everyone tells ne the second one is alcohol 120, what about the first one, yes i know the svchost starts programs from dll, I think directplatnathelper is MS messengeror something like that ?  what about it rferencing my ip address and the udp port ?
0
 
onsitezAuthor Commented:
sysinternals forum , they told me too the second was alcohol 120 also
0
 
war1Commented:
onsitez,

192.168.0.101:1162 belongs to IANA

http://www.dnsstuff.com/tools/whois.ch?ip=192.168.0.101%3A1162
0
 
nepostojeci_emailCommented:
LOL war1 :)
are you joking about private ip range or what? :))

onsitez, try scanning your system with HijacKThis, and upload your
log at www.hijackthis.de, and post the link to the uploaded log here,
for further assistance, to make sure your system is clear.
0
 
war1Commented:
onsitez, any update?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.