Hikack-this log - 7 questionable entries

  NickyK 19:21 12 Nov 04
Locked

I recently ran an automated analysis of my most recent hijack-this log. Are any of the following worth fixing?

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

click here

ult.htm ?

(I think the above is my Dell's homepage setting)


O8 - Extra context menu item: &AOL Toolbar

search - res://C:\Program Files\AOL

Toolbar\toolbar.dll/SEARCH.HTML ?


O9 - Extra button: Bromas y chistes - {068C36CF-

483E-4CA8-A7F2-10EFFDA49C45} -

click here?

l=games_fastclick&ver=1&t=new (file missing) ?



O9 - Extra button: Antivirus - {4358161B-A4B8-

498E-8019-3DAB50DFD578} -

click here?

l=games_fastclick&ver=1&t=new (file missing) ?


O9 - Extra button: Games - {C8950078-94A4-4C32-

BB9C-4666357965AF} - C:\games_fastclick\index.htm

?


O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389}

(DwnldGroupMgr Class) -

click here

mgr/en-us/1,0,0,21/mcgdmgr.cab


R1 - HKCU\Software\Microsoft\Internet

Explorer\SearchURL,(Default) =

click here

ve/defaults/su/*click here oo.com ?

(This one keeps messing with my IE searchbar/searchpage/local machine default and no matter how many times I fixit, it returns).

  NickyK 19:26 12 Nov 04

PS. The "click heres" above link to the providers of the entries as follows:

R1 Dell

09 Bromas i chistas

09 descragar antivirus

016 not found

R1 Yahoo (not found) and Not found, but was Yahoo.

  VoG II 19:28 12 Nov 04

Please wait for a response from Nellie2.

  Nellie2 19:45 12 Nov 04

Hi

I can't advise on bits of a hijack log. I would need to see the whole thing. So I can get the whole picture.

  NickyK 20:15 12 Nov 04

I'm posting this in two chunks:

1.
Logfile of HijackThis v1.98.2
Scan saved at 19:57:04, on 12/11/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\svchost.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\DSentry.exe

C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe

c:\program files\mcafee.com\agent\mcagent.exe

c:\progra~1\mcafee.com\vso\mcvsescn.exe

C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\Program Files\Perfect Process\ppshield.exe

C:\Program Files\VoyagerTest\fts.exe

C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe

C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe

C:\Program Files\blcorp\UWCSuite\WinMem\WinMem.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

C:\Program Files\AOL 9.0\aoltray.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\AOL 9.0\waol.exe

C:\Program Files\AOL 9.0\shellmon.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Documents and Settings\Nicholas Wermuth\My Documents\Unused Desktop Shortcuts\hijackthis\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = click here

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = click here*click here

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = click here*click here

  NickyK 20:16 12 Nov 04

Chunk 2:


O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [VirusScan] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon

O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Anti-keylogger 5.2] C:\Program Files\Anti-keylogger\ak5_load.exe

O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"

O4 - HKCU\..\Run: [WinMem] C:\Program Files\blcorp\UWCSuite\WinMem\WinMem.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

O4 - Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe

O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

O9 - Extra button: Bromas y chistes - {068C36CF-483E-4CA8-A7F2-10EFFDA49C45} - click here (file missing)

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra button: Antivirus - {4358161B-A4B8-498E-8019-3DAB50DFD578} - click here (file missing)

O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra button: Games - {C8950078-94A4-4C32-BB9C-4666357965AF} - C:\games_fastclick\index.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll

O16 - DPF: ppctlcab - click here

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - click here

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - click here

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - click here

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - click here

O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - click here

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - click here

O17 - HKLM\System\CCS\Services\Tcpip\..\{64D2354C-C664-4EF3-BAD0-F037CBDCA3AB}: NameServer = 195.93.49.134

  Nellie2 21:05 12 Nov 04

Sorry for the delay... been busy elsewhere!

The only lines I would fix in that log are the following

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/ *hxxp://xxx.yahoo.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/ *hxxp://xxx.yahoo.com/

O9 - Extra button: Bromas y chistes - {068C36CF-483E-4CA8-A7F2-10EFFDA49C45} - hxxp: //xxx.accesoplugin.com/prom/a_bromas2/?l=games_fastclick&ver=1&t=new (file missing)

  NickyK 22:16 12 Nov 04

Thanks very much. Appreciated.

This thread is now locked and can not be replied to.

Best phone camera 2016/2017: Galaxy S7 vs iPhone 7 vs Google Pixel vs HTC 10 Evo vs OnePlus 3T vs…

1995-2015: How technology has changed the world in 20 years

These are the Best Christmas Ads and Studio Projects of 2016

Super Mario Run preview | Hands-on first impressions of Super Mario Run: Mario's iPhone & iPad…