hijack file please check
pca_tjay - 21 January 2008 - 8:58pm
<p>attached is the current hijack file from my inspiron 1000 notebook.</p>
<p>I'm currently experiencing long start up approx 4 minutes and extended time whilst changing programs, methinks a virus or two could be within the operating system. any help appreciated.</p>
<p>tjay</p>
<p>Logfile of Trend Micro HijackThis v2.0.2<br />
Scan saved at 204240, on 21/01/2008 <br />
Platform Windows XP SP2 (WinNT 5.01.2600)<br />
MSIE Internet Explorer v6.00 SP2 (6.00.2900.2180)<br />
Boot mode Normal</p>
<p>Running processes<br />
C\WINDOWS\System32\smss.exe<br />
C\WINDOWS\system32\winlogon.exe<br />
C\WINDOWS\system32\services.exe<br />
C\WINDOWS\system32\lsass.exe<br />
C\WINDOWS\system32\svchost.exe<br />
C\WINDOWS\System32\svchost.exe<br />
C\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe<br />
C\WINDOWS\Explorer.EXE<br />
C\WINDOWS\system32\spoolsv.exe<br />
C\PROGRA~1\Grisoft\AVG7\avgamsvr.exe<br />
C\WINDOWS\AGRSMMSG.exe<br />
C\Program Files\Apoint\Apoint.exe<br />
C\Program Files\Java\j2re1.4.2_03\bin\jusched.exe<br />
C\WINDOWS\system32\keyhook.exe<br />
C\WINDOWS\system32\dla\tfswctrl.exe<br />
C\PROGRA~1\Grisoft\AVG7\avgupsvc.exe<br />
C\Program Files\Apoint\Apntex.exe<br />
C\Program Files\Dell\Media Experience\PCMService.exe<br />
C\PROGRA~1\Grisoft\AVG7\avgemc.exe<br />
C\Program Files\CyberLink\PowerDVD\DVDLauncher.exe<br />
C\Program Files\TalkTalk\bin\sprtcmd.exe<br />
C\Program Files\Wireless LAN Utility\TIWLANCu.exe<br />
C\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE<br />
C\WINDOWS\system32\svchost.exe<br />
C\PROGRA~1\Grisoft\AVG7\avgcc.exe<br />
C\Program Files\Wireless LAN Utility\tiwlnsvc.exe<br />
C\WINDOWS\system32\svchost.exe<br />
C\WINDOWS\system32\ctfmon.exe<br />
C\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe<br />
C\WINDOWS\SYSTEM32\sistray.exe<br />
C\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe<br />
C\WINDOWS\system32\wuauclt.exe<br />
C\Documents and Settings\Ron\Desktop\HiJackThis.exe<br />
C\Program Files\Internet Explorer\iexplore.exe</p>
<p>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http//www.dell.co.uk/myway<br />
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http//www.google.co.uk/<br />
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http//www.tiscali.co.uk/<br />
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http//www.google.co.uk<br />
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http//www.tiscali.co.uk/products/startup_code.html?PopSelected=0845-08456630221<br />
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Tiscali<br />
O2 - BHO Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll<br />
O2 - BHO (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C\Program Files\Spybot - Search & Destroy\SDHelper.dll<br />
O2 - BHO DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C\WINDOWS\system32\dla\tfswshx.dll<br />
O2 - BHO Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c\program files\google\googletoolbar1.dll<br />
O2 - BHO Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll<br />
O2 - BHO EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll<br />
O3 - Toolbar (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)<br />
O3 - Toolbar EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll<br />
O3 - Toolbar &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c\program files\google\googletoolbar1.dll<br />
O4 - HKLM\..\Run [AGRSMMSG] AGRSMMSG.exe<br />
O4 - HKLM\..\Run [Apoint] C\Program Files\Apoint\Apoint.exe<br />
O4 - HKLM\..\Run [SunJavaUpdateSched] C\Program Files\Java\j2re1.4.2_03\bin\jusched.exe<br />
O4 - HKLM\..\Run [SiS Windows KeyHook] C\WINDOWS\system32\keyhook.exe<br />
O4 - HKLM\..\Run [dla] C\WINDOWS\system32\dla\tfswctrl.exe<br />
O4 - HKLM\..\Run [UpdateManager] "C\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r<br />
O4 - HKLM\..\Run [PCMService] "C\Program Files\Dell\Media Experience\PCMService.exe"<br />
O4 - HKLM\..\Run [DVDLauncher] "C\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"<br />
O4 - HKLM\..\Run [EPSON Stylus Photo RX520 Series] C\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE /F "C\WINDOWS\TEMP\E_S165.tmp" /EF "HKLM"<br />
O4 - HKLM\..\Run [TalkTalk] "C\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk<br />
O4 - HKLM\..\Run [Adobe Reader Speed Launcher] "C\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"<br />
O4 - HKLM\..\Run [TI WLAN] C\Program Files\Wireless LAN Utility\TIWLANCu.exe<br />
O4 - HKLM\..\Run [AVG7_CC] C\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP<br />
O4 - HKCU\..\Run [ctfmon.exe] C\WINDOWS\system32\ctfmon.exe<br />
O4 - HKCU\..\Run [swg] C\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe<br />
O4 - HKCU\..\Run [MSMSGS] "C\Program Files\Messenger\msmsgs.exe" /background<br />
O4 - HKUS\S-1-5-19\..\Run [AVG7_Run] C\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')<br />
O4 - HKUS\S-1-5-20\..\Run [AVG7_Run] C\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')<br />
O4 - HKUS\S-1-5-18\..\Run [CTFMON.EXE] C\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')<br />
O4 - HKUS\S-1-5-18\..\RunOnce [RunNarrator] Narrator.exe (User 'SYSTEM')<br />
O4 - HKUS\.DEFAULT\..\Run [CTFMON.EXE] C\WINDOWS\system32\CTFMON.EXE (User 'Default user')<br />
O4 - HKUS\.DEFAULT\..\RunOnce [RunNarrator] Narrator.exe (User 'Default user')<br />
O4 - Global Startup AOL 8.0 Tray Icon.lnk = C\Program Files\AOL 8.0\aoltray.exe<br />
O4 - Global Startup Utility Tray.lnk = C\WINDOWS\SYSTEM32\sistray.exe<br />
O4 - Global Startup WG111v2 Smart Wizard Wireless Setting.lnk = ?<br />
O8 - Extra context menu item Add to Google Photos Screensa&ver - res//C\WINDOWS\system32\GPhotos.scr/200<br />
O8 - Extra context menu item E&xport to Microsoft Excel - res//C\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000<br />
O9 - Extra button (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll<br />
O9 - Extra 'Tools' menuitem Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll<br />
O9 - Extra button Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL<br />
O9 - Extra button (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)<br />
O9 - Extra button Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C\Program Files\Messenger\msmsgs.exe<br />
O9 - Extra 'Tools' menuitem Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C\Program Files\Messenger\msmsgs.exe<br />
O14 - IERESET.INF START_PAGE_URL=http//www.tiscali.co.uk/<br />
O23 - Service Ad-Aware 2007 Service (aawservice) - Lavasoft - C\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe<br />
O23 - Service AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C\PROGRA~1\Grisoft\AVG7\avgamsvr.exe<br />
O23 - Service AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C\PROGRA~1\Grisoft\AVG7\avgupsvc.exe<br />
O23 - Service AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C\PROGRA~1\Grisoft\AVG7\avgemc.exe<br />
O23 - Service Google Updater Service (gusvc) - Google - C\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe<br />
O23 - Service TI Wlan Service (tiwlnsvc) - Unknown owner - C\Program Files\Wireless LAN Utility\tiwlnsvc.exe</p>
<p>--<br />
End of file - 7212 bytes</p>
Log in to PCAnswers
How to...
Reduce XP startup times
Nick Veitch - 5 September 2008 - 10:58am
Nick Veitch shows you how to reduce startup times in Windows XP using the free startup customisation program, AutoRuns. Remove pointless helper applications and get into Windows faster. ... read more »
Latest PC news from TechRadar
- Exclusive: Virgin & ITV: Internet details not yet finalised
- Ballmer's CES keynote - all the details
- Virgin Media seals on-demand deal with ITV
- AMD rolls out much improved Phenom II CPU
- In Depth: Is 45nm silicon enough to save AMD?
- Windows 7 Beta available worldwide Friday
- Sony launches world's lightest 8-inch netbook
- Skype officially launches standalone videophone
Copyright 2006 - 2008 Future Publishing Limited(company registered number 2008885), a company registered in England and Wales
whose registered office is at Beauford Court, 30 Monmouth Street, Bath, BA1 2BW, UK
hijack file please check
Glamdring - 21 January 2008 - 9:34pm<p>No nasties, just a couple of empty files. That Dell is one of the lowest powered laptops they've produced in the last five years though even it shouldn't take 4 minutes to boot.<br />
What is the TalkTalk file I see there? You have AOL as your ISP, and not the latest version.</p>
hijack file please check
pca_tjay - 24 January 2008 - 7:35pm<p>Hi</p>
<p>Thanks for reply, much appreciated.</p>
<p>Any AOL connection which was bundled with the computer is surplus to requirements and has never been used, so somehow when installing Talk Talk I must have done something wrong?</p>
<p>Not sure where to start to change the above situation!</p>
<p>many thanks again for your interest</p>
<p>tjay</p>
talk talk and aol
pca_ste5 - 17 February 2008 - 10:48pm<p>Hi TJ,</p>
<p>I believe that talk talk have been using aol in some way for their broadband for several months now. I never took too much notice but for a few months I've noticed an aol applet appear from time to time albeit briefly when I have connected. Noticed your post and haven't looked into in detail as yet.</p>