Another HJT log seeking advice, thanks

By wortgames
Feb 18, 2005
Topic Status:
Not open for further replies.
  1. Hi everyone, and hats off to those of you who scrutinise other people's logs!

    I'm no PC expert but I keep everything up to date, run Norton Internet Security, Ad-Aware, Spybot S&D and Spyware Blaster. My only 'indiscretion' is continuing to use IE, but I have tried other browsers and I genuinely prefer IE for a number of reasons.

    Lately the computer seems a bit 'gluggy' and I found some adware (strangely enough Norton found some, where Ad-Aware & Spybot didn't). I have managed to delete everything that all those apps have found, so they all return a clean result, but I ran HJT and I reckon my log could afford to lose a few pounds.

    The entries on the log I've spotted and am considering removing are:

    O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [searchbar] C:\WINDOWS\system32\vnmispoisn_downloader.exe

    Just some background about this machine and its software - it is my main working machine, and I can't afford to start removing software or services if it is going to lead to problems - I'd rather leave them alone and stay up. Its a reasonably well-specced Compaq laptop that connects wirelessly to a router that has a broadband connection (I have 1 other machine on the 'network'). I don't use bluetooth or itunes but they came bundled. The Synaptics stuff is touchpad control. The Sun Java stuff gives me the irits, sometimes there are 2 or even 3 icons in the system tray. I no longer use messenger and thought I'd uninstalled it. I hate the way quicktime does what it does ;-).

    So any sensible suggestions, tips or advice would be gratefully considered!
  2. RealBlackStuff

    RealBlackStuff Newcomer, in training Posts: 8,165

    Your PC could really do with a good de-clutter.

    Boot in Safe Mode
    Switch off System Restore

    Move HJT
    from C:\DOCUME~1\z\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
    to its OWN, permanent directory. It needs that for eventual UNdoing of fixes.

    UNinstall anything to do with:
    C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp
    C:\Program Files\FreshDevices\FreshDownload\fdiectx.htm
    C:\WINDOWS\system32\vnmispoisn_downloader.exe
    The above are adware-/malware- stuff.

    Next, UNinstall, if you can and/or want, anything to do with:
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe (if you don't have one)
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    C:\Program Files\Messenger\msmsgs.exe
    Use this uninstaller for Messenger: http://www.majorgeeks.com/download4301.html

    All the above just waste resources.

    Next, assuming you want to get rid of them all, run HJT on its own and let it 'fix' if still there:
    C:\WINDOWS\System32\gearsec.exe (part of iTunes)
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp
    C:\Program Files\iPod\bin\iPodService.exe (if you don't have one)
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\Messenger\msmsgs.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://k2b-bulk.ebay.com.au/ws/eBayISAPI.dll?MyEbaySellingSummary&ssPageName=STRK:ME:LNLK
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_AU&c=Q304&bd=presario&pf=laptop
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
    O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

    The following two are only automatic updaters. Either check the program-settings or 'fix' with HJT.
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

    O4 - HKLM\..\Run: [searchbar] C:\WINDOWS\system32\vnmispoisn_downloader.exe
    O4 - HKLM\..\Run: [KAZAA] "C:\Program Files\Kazaa Lite Resurrection\kpp.exe" "C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp" /SYSTRAY

    Do you really do such fancy graphics stuff? if not, stop from loading and 'fix' it:
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Download &All by FD - C:\Program Files\FreshDevices\FreshDownload\fdiectx2.htm
    O8 - Extra context menu item: Download with &FD - C:\Program Files\FreshDevices\FreshDownload\fdiectx.htm
    O8 - Extra context menu item: Save with Download Manager... - C:\Program Files\J River\Media Jukebox\DMDownload.htm
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

    When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.

    Boot in Normal mode. When OK, switch System Restore back on.

    Get a good, free downloader from: www.stardownloader.com
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.