Hi everyone! Just buoght a used Dell Ispiron 3700 laptop(cheap!) and have been trying to clean it up for the last couple of days. Please take a look at hijacker results and see what else needs to go. Some stuff definitly looks like it needs to go, but need expert advice. Thanks for any input.

Logfile of HijackThis v1.97.7
Scan saved at 9:50:24 AM, on 1/11/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINNT\system32\ati2evxx.exe
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\FASTDE~1\FAST2.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\Desktop\hijackthis\HijackTh is.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKCU\..\Run: [FAST Defrag] C:\PROGRA~1\FASTDE~1\FAST2.EXE -tray
O4 - HKCU\..\Run: [Desktop Architect] "C:\Program Files\Desktop Architect\datray.exe" -S
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Instant Wireless Configuration Utility.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1E89F686-B78D-4C85-9EFC-3474516E3FE2} - http://directplugin.com/plugin/109998.exe
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37994.5384027778
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/yiebio5_1_3_0.cab

I don't see anything really malignant, just a few little things like that Office startup that you could prolly do without if your system is getting bogged down quickly.

Wait for a second opinion, though. I've missed some nasty stuff in HJT logs before.

Thanks pentachris. Any suggestions on things to disable at startup to keep things running smooth. I have a pentiumIII 488 MGH and 256 MB ram on this system and don't want anything unnecessary running in the background.Thanks again!

You need to get rid of

O16 - DPF: {1E89F686-B78D-4C85-9EFC-3474516E3FE2} - http://directplugin.com/plugin/109998.exe

a vile dialer,which is likely to inflate your telephone bill way beyond your purchase price. May be that's why you got it cheap. :)

You can get by without:

O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon

N
mobsync
mobsync.exe
MS Syncrhonization Manager - updates the network copy of materials that were edited offline, such as documents, calendars, and e-mail messages

O4 - HKCU\..\Run: [Desktop Architect] "C:\Program Files\Desktop Architect\datray.exe" -S

N
Desktop Architect
DATRAY.EXE
Desktop theme manager available http://download.com.com/3000-2326-5630015.html?tag=list - for managing the desktop appearance, fonts, sounds, etc

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

N
Microsoft Office (1)
or
Microsoft Office Startup
Osa.exe
Osa9.exe
Resource hog that launches common MS Office components to help speed up the launch of Office programs. Some users claim there's no difference with or without it but it isn't required anyway. Different filenames used for different variants

These are considered to be User's choice... If you find them helpful, keep them...

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Instant Wireless Configuration Utility.lnk.disabled

This one is not readily identified and I don't know why it would need to be running at startup. It might be worthwhile to find the actual program and see if that is necessary and why....

O4 - HKCU\..\Run: [FAST Defrag] C:\PROGRA~1\FASTDE~1\FAST2.EXE -tray

and the actual file:

C:\PROGRA~1\FASTDE~1\FAST2.EXE

Thanks everyone! Thats what I wanted to know. Thanks for all your input.

Budfred, just so you know

O4 - HKCU\..\Run: [FAST Defrag] C:\PROGRA~1\FASTDE~1\FAST2.EXE -tray

is a ram defrager - it does seem to help quite a bit.