Hi-Jack this log query

  CurlyWhirly 23:52 03 Dec 2004
Locked

Hi. I have NEVER run the 'Hi-Jack This log' in the (nearly) 3 years of using a PC.
Is it okay to delete the following two entries which I think relate to Windows Messenger Service which I *never* use?


O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -


Finally, does my log APPEAR to be free of Malware?
Thanks for your time!


PART ONE


Logfile of HijackThis v1.98.2
Scan saved at 23:27:48, on 03/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe


C:\WINDOWS\system32\csrss.exe


C:\WINDOWS\system32\winlogon.exe


C:\WINDOWS\system32\services.exe


C:\WINDOWS\system32\lsass.exe


C:\WINDOWS\system32\svchost.exe


C:\WINDOWS\system32\svchost.exe


C:\WINDOWS\System32\svchost.exe


C:\WINDOWS\System32\svchost.exe


C:\WINDOWS\system32\spoolsv.exe


C:\WINDOWS\System32\alg.exe


C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe


C:\Program Files\Executive Software\Diskeeper\DkService.exe


C:\Program Files\Helexis\Drive Health\dhcore.exe


C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe


C:\WINDOWS\System32\GEARSec.exe


c:\PROGRA~1\mcafee.com\vso\mcshield.exe


C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe


C:\WINDOWS\system32\wdfmgr.exe


C:\WINDOWS\System32\ups.exe


C:\WINDOWS\Explorer.EXE


C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe


c:\program files\mcafee.com\agent\mcagent.exe


C:\WINDOWS\system32\gsicon.exe


C:\WINDOWS\system32\dslagent.exe


c:\progra~1\mcafee.com\vso\mcvsescn.exe


C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe


C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe


C:\PROGRA~1\MICROS~2\GAMECO~1\common\swtrayv4.exe


C:\WINDOWS\SOUNDMAN.EXE

  CurlyWhirly 23:56 03 Dec 2004

PART TWO

C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe


C:\Program Files\a2\a2guard.exe


C:\Program Files\Registry Clean Pro\Monitor.exe


C:\Program Files\Registry Clean Pro\Scheduler.exe


C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE


c:\program files\mcafee.com\vso\mcvsshld.exe


c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe


C:\Program Files\AOL 9.0\waol.exe


C:\Program Files\AOL 9.0\shellmon.exe


C:\Program Files\Common Files\AOL\aoltpspd.exe


C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\ET4.EXE


C:\Program Files\Helexis\Drive Health\dhreport.exe


C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = click here


O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll


O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll


O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe


O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB


O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask


O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" /disabled


O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe


O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe


O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe


O4 - HKLM\..\Run: [EasyTuneIV] C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe


O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\common\swtrayv4.exe


O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe


O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"


O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE


O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe


O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun


O4 - HKCU\..\Run: [a²] "C:\Program Files\a2\a2guard.exe"


O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe"

  CurlyWhirly 23:58 03 Dec 2004

FINAL PART

O4 - Startup: Monitor.lnk = C:\Program Files\Registry Clean Pro\Monitor.exe


O4 - Startup: Scheduler.lnk = C:\Program Files\Registry Clean Pro\Scheduler.exe


O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe


O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE


O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll


O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll


O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll


O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - click here


O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - click here


O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - click here


O17 - HKLM\System\CCS\Services\Tcpip\..\{C742DDBD-1BBA-4C96-9854-05A4F6944A63}: NameServer = 195.93.49.134


O17 - HKLM\System\CCS\Services\Tcpip\..\{FD90E3B5-0CD0-4629-80C8-4F403C2F2A0E}: NameServer = 152.163.0.26 205.188.64.153

  CurlyWhirly 00:00 04 Dec 2004

Finally - This is just an experiment to see whether I *could* post a 'Hi-Jack This log' as I have NEVER attempted it before.
Bit of a pain with the 800 word limit but never mind!

  Dan the Confused 02:23 04 Dec 2004

Your log looks clean to me. To disable Windows Messenger click here You can remove both those 09 entries safely.

  CurlyWhirly 14:31 04 Dec 2004

Thanks for your advice on disabling Windows Messenger!
I am pleased that my log is clean.
I only posted because I just wanted to see if I COULD do it as I have NEVER attempted it before!


Also sometimes when I am online, AOL's own software (WAOL.exe) SOMETIMES uses nearly 90% of my CPU time and I know when this happens as when I try and scroll web pages they slow right down!
This made me suspect that I had Spyware on my PC with the pesky programs running in the background!

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

AMD Radeon Adrenalin release date, new features, compatible graphics cards

Inside the iMac Pro - Apple's most powerful Mac yet

iMac Pro release date, UK price & specs

Football : comment regarder la Ligue 1 en direct ?