Hijackthis Log :)

[Forceape]

Not really a problem, just not had it checked for a long time.. so whenever u guys got a spare moment if you could check my log it be great! :)

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 23:10:43, on 18/05/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\AOL\ACS\AOLDial[Caution: ExecutableFile]

 

 

 

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\Program Files\AOL 9.0\waol[Caution: ExecutableFile]

 

 

 

C:\Program Files\AOL 9.0\shellmon[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\AOL\aoltpspd[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Windows Media Player\wmplayer[Caution: ExecutableFile]

 

 

 

C:\DOCUME~1\Dave\LOCALS~1\Temp\Temporary Directory 28 for hijackthis.zip\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://music.yahoo.com/

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.co.uk

 

 

 

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.msn.co.uk/

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

 

 

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

 

 

 

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] /STARTUP

 

 

 

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background

 

 

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

 

 

 

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll

 

 

 

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab

 

 

 

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/[garden tool] ... scan60.cab

 

 

 

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab

 

 

 

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab

 

 

 

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computerc ... diagcc.cab

 

 

 

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab

 

 

 

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab

 

 

 

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab

 

 

 

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab

 

 

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{932BB0A0-DD69-4C1D-9943-7476CC6FEEB7}: NameServer = 205.188.146.145

 

 

 

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd[Caution: ExecutableFile]

 

 

 

O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv[Caution: ExecutableFile]

 

 

 

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile]

 

 

 

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

[zonda]

Okay, seems clean accept for a few uneededs, however there are a few things in there that I am NOT 100% sure on, so your best bet is to wait for merc or someone come and check it for you :wink:

[Vape]

Looks good enough to me. AOL's your ISP right?

[Forceape]

Cheers Zonda! what were the uneeds? :? if i deleted them would it make my computer faster? :?

 

 

 

 

 

 

 

Cameron, Yah AOL is my ISP :)

[zonda]

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

 

 

 

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

 

 

 

 

 

 

 

 

 

 

 

I believe those two are unessesary (the first one deals with MS Office I guess?), and I think there are a few others, but like I said you might want to double check with cameron 1st.

 

 

 

 

 

 

 

Well it would free up a very small ammount of space, but wouldn't make any noticable speed changes accept maybe at start up. I just mentioned them because I myself like to have as little as possible running \ installed at once if I possibly can :wink:

[Vape]

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

 

 

 

Do you use export to excel in IE? If not, delete it.

 

 

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

 

 

 

Don't really know what this is :-? Better leave it mesays

 

 

 

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

 

 

 

Got a button pointing at real.com in IE? Never use it? Get rid of the bugger!

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

and

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

Why would you need to have buttons in IE pointing at messenger? What's wrong with your start menu? I says delete these two.

 

 

 

 

 

 

 

Yeah deleting these is hardly going to make your pc faster, but if you don't use them, they're just taking up valuble pixels in your menus.

[Forceape]

All done :) Thanks guys!