| Server IP : 134.29.175.74 / Your IP : 216.73.216.160 Web Server : nginx/1.10.2 System : Windows NT CST-WEBSERVER 10.0 build 19045 (Windows 10) i586 User : Administrator ( 0) PHP Version : 7.1.0 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /nginx/html/download/Diagnostic/Software/HijackThis/HijackThisReader_hjred103/ |
Upload File : |
################################################################################
# HijackReader - User file (This file can be used to save your
# own recommendations for files)
# Commented lines are not read. They start with the # symbol and
# can be inserted anywhere in the file (but must be at the beginning of a line).
# Blank lines are OK too.
# Use the format: L|SearchString|Notes
# L means safe. X means unsafe. U means unknown.
# SearchString is the string to match against the HijackThis line
# (SearchString is case-insensitive)
# Notes are added to the report, to help the user determine what to do
# Note: Use one line per entry only!
# Important: The user list overrules any recommendations made when searching the
# BHO and startup lists, so use with care! If an entry could be both malicious
# and benign, a status of U (unknown) is usually recommended.
################################################################################
# This section added by Mikko Olesen, December 2006:
L|Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH|Used by the free antivirus program Avira. Should be called "avguard.exe" and is usually located in the folder "AntiVir PersonalEdition Classic" within Program Files.
L|WINDOWS\SYSTEM32\igfxsrvc.dll|Igfxsrvc.dll is a part of the Intel integrated graphics controller.
L|WgaLogon - WgaLogon.dll|Windows Genuine advantage (WgaLogon.dll)
is safe
L|1.0.720.3640\GoogleToolbarNotifier.exe|Google Toolbar Notifier is usually safe, and should be located within a subfolder of "Program Files".
X|temp\|Files that are located in temporary folders and start up automatically are often malicious.
X|License_Manager\license_manager.exe|"Popcorn License Manager" is a threat and should be fixed.
U|poker|Poker programs should usually be fixed, unless you want them to be there.
L|\Grisoft\AVGFRE~1\avgcc.exe /STARTUP|AVG Antivirus software, Usually safe if located in the Program Files folder (or the like).
L|\Grisoft\AVGFRE~1\avgupsvc.exe|AVG Antivirus software, Usually safe if located in the Program Files folder (or the like).
L|https://netbank.danskebank.dk/|Danske Bank (a Danish bank). This is safe, if you have an account at that bank.
L|:\WINDOWS\system32\NavLogon.dll|Norton Antivirus (safe if Norton Antivirus is installed).
L|:\WINDOWS\system32\ctfmon.exe|Office XP-related.
L|{828030A1-22C1-4009-854F-8E305202313F}|MSN Messenger 7.5. Often incorrectly listed as missing, by HijackThis.
U|[SmoothView]|Toshiba SmoothView is usually safe, especially if you are using a Toshiba computer. It is, however, not required.