Eddy
13
This is the result of my HijackThis Log Analyzer (with the latest beta databases):
CHECKING HIJACKTHIS, INTERNET EXPLORER, WINDOWS AND SOFTWARE FIREWALL:
You are using a old version of Hijackthis, please update.
You are using the latest version of Internet Explorer.
Your Operating System is not up-to-date. (Latest service pack not installed)
No software firewall detected. If you are not using a
hardware firewall, it is highly recommended to install one.
THESE ITEMS ARE HARMFULL AND SHOULD BE FIXED/REMOVED :
\windows\inetsrv\services.exe
\windows\system32\imapi.exe
r1 - hklm\software\microsoft\internet explorer\main,search bar = res://c:\windows\system32\vwubx.dll/sp.html#29126
r0 - hklm\software\microsoft\internet explorer\search,searchassistant = http://abosearch.com/sp.html
f1 - win.ini: run=c:\windows\inetsrv\services.exe
o2 - bho: (no name) - {34445616-9eee-fcbc-1f9e-ca0c63b82ddd} - (no file)
o2 - bho: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)
o2 - bho: (no name) - {dc710d77-5a09-2fbf-a797-dcae7e649fa3} - (no file)
o4 - hklm..\run: [xp_system] c:\windows\inetsrv\services.exe
o4 - hkcu..\run: [xp_system] c:\windows\inetsrv\services.exe
o16 - dpf: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} (quicktime object) - http://www.apple.com/qtactivex/qtplugin.cab
o16 - dpf: {166b1bca-3f9c-11cf-8075-444553540000} (shockwave activex control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
o16 - dpf: {19e28afc-eae3-4ce5-ac83-2407b42f57c9} (mssecurityadvisor class) - http://protect.microsoft.com/security/protect/wsa/shared/cab/x86/mssecadv.cab?1096432297265
o16 - dpf: {3334504d-9980-0010-8000-00aa00389b71} - http://download.microsoft.com/download/0/c/8/0c8edfab-30bc-4792-898e-2dabe27b2c4d/mp43dmo.cab
o16 - dpf: {33564d57-0000-0010-8000-00aa00389b71} - http://download.microsoft.com/download/f/6/e/f6e491a6-77e1-4e20-9f5f-94901338c922/wmv9vcm.cab
o16 - dpf: {597c45c2-2d39-11d5-8d53-0050048383fe} (opucatalog class) - http://office.microsoft.com/productupdates/content/opuc.cab
o16 - dpf: {9f1c11aa-197b-4942-ba54-47a8489bb47f} - http://v4.windowsupdate.microsoft.com/cab/x86/unicode/iuctl.cab?37609.4224074074
o16 - dpf: {9fc5238f-12c4-454f-b1b5-74599a21de47} (webshots photo uploader) - http://community.webshots.com/html/wsphotouploader.cab
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
THE FOLLOWING ITEMS ARE NOT NEEDED TO LOAD
AT BOOTIME FOR THE SYSTEM TO WORK PROPERLY:
o4 - hkcu..\run: [msmsgs] “c:\program files\messenger\msmsgs.exe” /background
o4 - hkcu..\run: [aim] c:\aim95\aim.exe -cnetwait.odl