Trevor Posted September 19, 2008 Share Posted September 19, 2008 Please expand the attachment in order to advise me what junk I can safely delete. Many thanks. Link to comment Share on other sites More sharing options...
Trevor Posted September 19, 2008 Author Share Posted September 19, 2008 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:34:01, on 19/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Common Files\SureThing Shared\stllssvr.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\System32\dmadmin.exe C:\WINDOWS\system32\TPSBattM.exe C:\Documents and Settings\T\Desktop\PC UTILITIES\diskscanner12.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\mmc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-4048959269-2500585390-2325301517-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Link to comment Share on other sites More sharing options...
onethailand Posted September 20, 2008 Share Posted September 20, 2008 There's nothing there you need to delete, if that's what you mean. If you want to remove unnecessary files, however, one would have to know your usage habits. Link to comment Share on other sites More sharing options...
Tywais Posted September 20, 2008 Share Posted September 20, 2008 I also don't know what you are trying to do. HiJackThis logs are normally used to look for problems and yours look normal. Link to comment Share on other sites More sharing options...
Trevor Posted September 20, 2008 Author Share Posted September 20, 2008 Thanks. But wouldn't boot time and hard drive space be saved if I removed -- Hijackthis calls it 'Fix' -- stuff I don't use? What is the purpose of Hijackthis anyway? Link to comment Share on other sites More sharing options...
NanLaew Posted September 20, 2008 Share Posted September 20, 2008 (edited) So you installed and executed a program and you haven't a clue what it's supposed to do? It's users like you that compelled Microsoft to make that dumbed-down, hold-my-hand I think I have a virus, piece of rubbish called Vista! Your machine is squeaky clean btw. Edited September 20, 2008 by NanLaew Link to comment Share on other sites More sharing options...
Trevor Posted September 20, 2008 Author Share Posted September 20, 2008 (edited) So you installed and executed a program and you haven't a clue what it's supposed to do?It's users like you that compelled Microsoft to make that dumbed-down, hold-my-hand I think I have a virus, piece of rubbish called Vista! Your machine is squeaky clean btw. Actually one of you nerds here recommended Hijack This to help me improve boot speed (it didn't). It's one of those pieces of software written by computerheads which admits users have to seek 'expert advice' to analyse. If you're so smart, why don't you invent and sell us all a good, simple yet stable operating system instead of Bill Gates' 1980s DOS-based garbage? I'll be the first in line. Edited September 20, 2008 by Trevor Link to comment Share on other sites More sharing options...
Tywais Posted September 20, 2008 Share Posted September 20, 2008 What is the purpose of Hijackthis anyway? HijackThis is used primarily for diagnosis of spyware, as blind use of its removal facilities can cause significant software damage to a computer. "HijackThis can generate a plain text logfile detailing all entries it finds, and most entries can be removed or disabled by HijackThis. Inexperienced users are often advised to exercise caution, or to seek help when using the latter option[1], as HijackThis does not discriminate between legitimate and unwanted items, with the exception of a small whitelist of legitimate entries — thus allowing a user to unintentionally prevent important programs from running, which may cause their system or its peripherals to stop working. A common approach is to post the logfile to a forum where more experienced users will help decipher which entries need to be removed." There are many forums, usually under the various spyware software houses, that these logs are put up for evaluation and feedback of problems or symptoms a computer user may be experiencing. It is not normally meant as a means to streamline the operating system or services, though it does give details of many of them. Link to comment Share on other sites More sharing options...
NanLaew Posted September 20, 2008 Share Posted September 20, 2008 Alright Trev, I have had my rant. If you read a thread with a HijackThis referral, it would be in response to someone with some serious speed, internet browser hijacking, pop-ups and the like; probably a machine with malware or spyware running rampant. How serious is your boot slowdown? Maybe you can look at your running processes (using Task Manager, the analysis program built-in to Windows) and see if there's any processes hogging your memory or 'memory bleed' in nerdspeak. For example, I installed an update to WebRoot Spysweeper that recommended I also install a new free add-on called WebRoot Desktop Firewall. After that my bootup was marginally longer but my RAM usage was almost doubled when up and running (I use a freebie called FreeRAM XP Pro to monitor that). A quick look at the processes running using Windows Task Manager showed that this new program was eating up well over half a Gb of RAM. Using another freebie called Startup Control Panel, I disabled this program from autoloading at boot and my laptop is back to it's former quickness. I opted to disable rather than uninstall as they may sort out the memory problem in a later update since my experience with WebRoot products has been all good so far. You have not lost anything by installing and running HijackThis; it has shown normal processes running and deleting what that program determines as unused isn't recommended. It's like the annoying Windows pop-up offering to clean up your unused desktop icons. Just because you haven't looked at it today doesn't mean it's garbage like the desktop cleanup utility is. Ignore it. We aren't all total experts here but collectively there's a fair knowledge base. However, I also back up my problem solving with a google search as that will show you some PC specific forums which may help you decide whether you need to install a program or not. Quite often I find the exact same problem I have and the fix works first time without resorting to pot-luck with program installations. DOS by the way was and still is awesome. It's what has succeeded it that sucks. We feel your pain. Pity Microsoft doesn't! Link to comment Share on other sites More sharing options...
Indi Posted September 21, 2008 Share Posted September 21, 2008 Please expand the attachment in order to advise me what junk I can safely delete. Many thanks. -- You could copy your HJT log here: httpp://www.hijackthis.de They run scripts to tell you what maybe wrong. Dont take it as 100% sure(as nothing is 100% sure). Indi Link to comment Share on other sites More sharing options...
Trevor Posted September 24, 2008 Author Share Posted September 24, 2008 Please expand the attachment in order to advise me what junk I can safely delete. Many thanks. -- You could copy your HJT log here: httpp://www.hijackthis.de They run scripts to tell you what maybe wrong. Dont take it as 100% sure(as nothing is 100% sure). Indi Thanks. I had one 'Nasty' which was PalTalk, and I deleted it. Still can't download Java though because I can't fix my Windows Installer: only works successfully for certain downloads like Media Player 11. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now