magictv Posted August 21, 2006 Share Posted August 21, 2006 Nothing in particular has gone wrong with my computer but I thought I'd post a HJT log if someone on here could check it over and tell me if there is anything that needs doing I would be very grateful. Thanks. Logfile of HijackThis v1.99.1 Scan saved at 08:57:14, on 21/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss[Caution: Executable File] C:\WINDOWS\system32\winlogon[Caution: Executable File] C:\WINDOWS\system32\services[Caution: Executable File] C:\WINDOWS\system32\lsass[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\System32\svchost[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\EvtEng[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\S24EvMon[Caution: Executable File] C:\WINDOWS\Explorer[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\WLKeeper[Caution: Executable File] C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File] C:\WINDOWS\system32\spoolsv[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: Executable File] C:\Program Files\Dell\QuickSet\NICCONFIGSVC[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\RegSrvc[Caution: Executable File] C:\WINDOWS\system32\hkcmd[Caution: Executable File] C:\WINDOWS\system32\igfxpers[Caution: Executable File] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: Executable File] C:\WINDOWS\stsystra[Caution: Executable File] C:\Program Files\Synaptics\SynTP\SynTPEnh[Caution: Executable File] C:\Program Files\Dell\QuickSet\quickset[Caution: Executable File] C:\Program Files\Intel\Wireless\bin\ZCfgSvc[Caution: Executable File] C:\WINDOWS\system32\igfxsrvc[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\ifrmewrk[Caution: Executable File] C:\Program Files\CyberLink\PowerDVD\DVDLauncher[Caution: Executable File] C:\WINDOWS\system32\dla\tfswctrl[Caution: Executable File] C:\Program Files\Common Files\InstallShield\UpdateService\issch[Caution: Executable File] C:\Program Files\Real\RealPlayer\RealPlay[Caution: Executable File] C:\Program Files\QuickTime\qttask[Caution: Executable File] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect[Caution: Executable File] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag[Caution: Executable File] C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File] C:\Program Files\Dell Support\DSAgnt[Caution: Executable File] C:\Program Files\Messenger\msmsgs[Caution: Executable File] C:\PROGRA~1\WHATPU~1\WHATPU~1[Caution: Executable File] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Digital Line Detect\DLG[Caution: Executable File] C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg[Caution: Executable File] C:\PROGRA~1\MOZILL~1\FIREFOX[Caution: Executable File] C:\Program Files\MSN Messenger\msnmsgr[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: Executable File] C:\Documents and Settings\Tom\Desktop\hijackthis\HijackThis[Caution: Executable File] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... channel=uk R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk/hws/sb/dell-usu ... channel=uk R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk/hws/sb/dell-usu ... channel=uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=en&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/defau ... l=en&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.uk/hws/sb/dell-usu ... channel=uk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... channel=uk R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.homecallbroadband.com/customer/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray[Caution: Executable File] O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd[Caution: Executable File] O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers[Caution: Executable File] O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: Executable File] O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra[Caution: Executable File] O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh[Caution: Executable File] O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset[Caution: Executable File] O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc[Caution: Executable File]" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk[Caution: Executable File]" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher[Caution: Executable File]" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl[Caution: Executable File] O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm[Caution: Executable File]" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch[Caution: Executable File]" -start O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay[Caution: Executable File] SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect[Caution: Executable File] O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag[Caution: Executable File]" /icon O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct[Caution: Executable File] /uninstall O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: Executable File] /STARTUP O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt[Caution: Executable File]" /startup O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: Executable File]" /background O4 - HKCU\..\Run: [WhatPulse] C:\PROGRA~1\WHATPU~1\WHATPU~1[Caution: Executable File] O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen[Caution: Executable File] /nosplash O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File] O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/share ... insctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2779309546 O17 - HKLM\System\CCS\Services\Tcpip\..\{CD8AD8C4-80C2-49F6-A339-9B089B6E58F9}: NameServer = 80.225.254.178 80.225.254.186 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File] O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: Executable File] O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: Executable File] O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: Executable File] O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng[Caution: Executable File] O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC[Caution: Executable File] O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc[Caution: Executable File] O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon[Caution: Executable File] O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File] O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper[Caution: Executable File] [/bads] Link to comment Share on other sites More sharing options...
Albosky Posted August 21, 2006 Share Posted August 21, 2006 Nothing really raised a "red flag" in your log. Not sure why you would want WhatPulse installed, unless you actually care how many keys you pressed and how many times you clicked your mouse :P I guess the google entries in your IE start and search page dont really NEED the dell references , but it wouldnt matter regardless This is the only entry that i would be worried about O17 - HKLM\System\CCS\Services\Tcpip\..\{CD8AD8C4-80C2-49F6-A339-9B089B6E58F9}: NameServer = 80.225.254.178 80.225.254.186 Custom NameServer entries are usually not a good sign unless you are on some sort of a business network that requires them , or a specific application needs to resolve to those domains/ip's. I like to fart silently but deadly in movie theatersArd Choille says (11:41 PM):I wouldn't dare tell you what to do m'dear Link to comment Share on other sites More sharing options...
magictv Posted August 21, 2006 Author Share Posted August 21, 2006 Thanks, I'm not on a business network or anything like that so do you reckon I should get rid of it or just leave it? [/bads] Link to comment Share on other sites More sharing options...
tunaboy692004 Posted August 21, 2006 Share Posted August 21, 2006 i wouldent get rid of that without consulting your ISP first, allthough i belive you will be fine either with or without that entry it may have been set when you suscribed to your Internet service provider Current Goals80/80 Fletching60/75 Woodcutting97/100 Combat Link to comment Share on other sites More sharing options...
n65uk Posted August 21, 2006 Share Posted August 21, 2006 It resolves to Tiscali, so I am assuming it's their ISP -> so leave it. Link to comment Share on other sites More sharing options...
magictv Posted August 21, 2006 Author Share Posted August 21, 2006 It resolves to Tiscali, so I am assuming it's their ISP -> so leave it. Correctomundo mon ami. :) Thanks [/bads] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now