Jump to content


My Log File - Question about entry

Started by Ivegottheskill, Jun 18 2006 01:35 PM

  • You cannot reply to this topic
3 replies to this topic

#1 OFFLINE   Ivegottheskill

    Member

  • Members
  • PipPip
  • 10 posts

Posted 18 June 2006 - 01:35 PM

This is the first log I've posted here, and I have a question about this particular entry:

Quote

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Is this "missing file" of concern? I haven't noticed any problems with MSN Messenger so far :unsure:

Quote

Logfile of HijackThis v1.99.1
Scan saved at 11:25:24 PM, on 18/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\U.S.R.TurboGWLAN\USRWLANG.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
E:\Internet 4\zwco.exe
C:\Program Files\CCleaner\ccleaner.exe
E:\Internet 4\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://oca.microsoft.com/resredir.aspx?sid....2.00010100.2.0
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - Startup: Check For Updates.lnk = C:\Program Files\Edonkey Lite 1.4.3.2\WiseUpdt.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: U.S. Robotics 802.11g Wireless Network Utility.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150033496218
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C1F73E6-52B1-4D84-BD84-D4B0B0B078FC}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

#2 OFFLINE   TonyKlein

    Power Member

  • Spyware Moderators
  • 606 posts
  • Gender:Male
  • Location:Netherlands

Posted 18 June 2006 - 07:33 PM

It is of no concern. Sometimes HijackThis has trouble retrieving the file implementing a Protocol filter, or for that matter a service, a toolbar button and so on, and will therefore declare it's an orphaned registry entry.

Not so here, by the looks of it.

Otherwise your log looks fine; BTW, is that indeed Zilla Win Cleaner N' Optimizer I see running from your E:\Internet4 folder?
Tony CLSID List - A Collection of Autostart Locations

#3 OFFLINE   Ivegottheskill

    Member

  • Members
  • PipPip
  • 10 posts

Posted 19 June 2006 - 02:33 AM

View PostTonyKlein, on Jun 19 2006, 05:33 AM, said:

It is of no concern. Sometimes HijackThis has trouble retrieving the file implementing a Protocol filter, or for that matter a service, a toolbar button and so on, and will therefore declare it's an orphaned registry entry.

Not so here, by the looks of it.

Otherwise your log looks fine; BTW, is that indeed Zilla Win Cleaner N' Optimizer I see running from your E:\Internet4 folder?

Yeah, I was looking around on the internet for other "registry fixing" software to try out.

I found Zilla Win Cleaner N' Optimizer was free, but I also found it came bundled with Zango, so I didn't install it, and deleted the installer file.

I previously used Norton Systemworks one-button checkup, which found some missing files and registry problems that ccleaner sometimes missed.

But I switched anti-virus when the subscription ran out, and now just stick to ccleaner. Its not a major concern, just curiosity.

I dont really trust a lot of those other "registry cleaning" programs

Thanks for your review of the log :)

#4 OFFLINE   TonyKlein

    Power Member

  • Spyware Moderators
  • 606 posts
  • Gender:Male
  • Location:Netherlands

Posted 19 June 2006 - 06:27 AM

View PostIvegottheskill, on Jun 19 2006, 04:33 AM, said:

I dont really trust a lot of those other "registry cleaning" programs

Well, I don't really run them myself these days. I did have a look at CC's "Issues" option when I first installed it, and it really is very benign.

You really shouldn't expect miracles from any registry cleaner, though.
First of all, many of them have a mile long Ignore list containing stuff they'd rather not touch, and they're not always particularly good at telling what truly belongs on your computer, and what does not.

They will also occasionally remove something they shouldn't have, but fortunately almost all reg cleaners do back up what they remove.

But they do usually err on the safe side, and hence tend to leave a lot behind.

The value of removing all those "unneccesary" and "orphaned" registry keys and values found is also somewhat open to debate anyway.
When I used to run JV 16's RegCleaner, it would present me with a impressive list of "orphaned and unneccessary" registry entries, but about 80% of these are MRU tracks, subkeys in HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu and elswhere, many of which will be recreated as soon as you restart your computer and start using it.

It won't therefore really contribute to a true reduction in "Registry Bloat", something that is incidentally no longer so much of an issue at it used to be on Win 9x.

Anyway, in my experience most uninstallers really do leave an enormous amount of junk behind, and even after running a variety of Registry cleaners, lots of stuff still remains...
But really, in the large majority of cases these orphaned registry keys and values will usually cause no trouble at all.
Nor will in most cases removing the orphaned reg enties really "fix" or repair" much. It does give the user a nice, rosy feeling though... LOL!

The best thing to do really is to try and avoid accumulating all that junk in the first place. To that end I warmly recommend an unistall monitor like Ashampoo Uninstaller or Total Uninstall (I use Ashampoo myself, and I like it a lot, as its very configurable)

It take snapshots before and after you install a program, so that you know exactly what files and reg keys and values have been added, removed, or altered.


Quote

Thanks for your review of the log :)

np - my pleasure :)
Tony CLSID List - A Collection of Autostart Locations
Back to Spyware Hell


  1. Piriform Community Forums
  2. Computer Help and Discussion
  3. Spyware Hell