Eddy
4
Note to RedSector:
This is a part of a pm I got from Vee
there is no replie button on the bottom of the page
i have no norton programs on my machine
no network and here is the hijack logLogfile of HijackThis v1.98.0
Ok, Vee
although I do know much (at least that is what people tell), I don’t know everything, so please respond in the forum instead of pvt next time. That way other people can have a look also and may see things I overlook.
This is the result of the HJT log file analyzer. To avoid confusion: I used the latest version which is not yet available to the public, since I am still working on it. So don’t get confused about the version nummer of it. I will look at all items in your log the analyzer doesn’t have info on and will implement it in the next version.
I will come back if I find anything interesting after manually checking your log file. In the mean time, please follow the instructions on my page (signature link) and after doing so tell us here if you still have problems and what they are (if there are any)
Analyzer version : 3
bad.dat version : 8
good.dat version : 8
rec.dat version : 1
================================================================================
You are using a old version of Internet Explorer, please update.
All items in the log file which are not shown here
as to be deleted or safe to keep need to be investigated.
This website has a link to a tutorial on the hijackthislog:
http://members.home.nl/acred/cleaning.htm
Also use www.google.com to find out more on items not listed here.
================================================================================
THESE ITEMS SHOULD BE REMOVED:
\program files\common files\dell\eusw\support.exe
o16 - dpf: {56336bcb-3d8a-11d6-a00b-0050da18de71} (rdxie class) - http://software-dl.real.com/056f4317b970e9cb3d05/netzip/rdxie601.cab
o16 - dpf: {e9ae575a-fa4a-11d3-90f7-00c0ca1618ff} (buzmesetup class) - http://www.buzme.com/activex/bmaxsetup.cab
================================================================================
THESE ITEMS ARE SAFE TO KEEP:
\windows\system32\smss.exe
\windows\system32\winlogon.exe
\windows\system32\services.exe
\windows\system32\lsass.exe
\windows\system32\svchost.exe
\windows\system32\svchost.exe
\windows\explorer.exe
\windows\system32\spoolsv.exe
\program files\common files\real\update_ob\realsched.exe
\program files\dell\media experience\pcmservice.exe
\windows\system32\hkcmd.exe
\windows\system32\dsentry.exe
\windows\system32\dla\tfswctrl.exe
\program files\palm\hotsync.exe
\windows\system32\drivers\dcfssvc.exe
\windows\system32\svchost.exe
\windows\system32\mspmspsv.exe
o2 - bho: (no name) - {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\sdhelper.dll
o3 - toolbar: &radio - {8e718888-423f-11d2-876e-00a0c9082467} - c:\windows\system32\msdxm.ocx
o4 - hklm..\run: [dwlclient] c:\program files\common files\dell\eusw\support.exe
o4 - hklm..\run: [quicktime task] “c:\program files\quicktime\qttask.exe” -atboottime
o4 - hklm..\run: [pcmservice] “c:\program files\dell\media experience\pcmservice.exe”
o4 - hklm..\run: [kavpersonal50] c:\program files\kaspersky lab\kaspersky anti-virus personal\kav.exe /minimize
o4 - hklm..\run: [igfxtray] c:\windows\system32\igfxtray.exe
o4 - hklm..\run: [hotkeyscmds] c:\windows\system32\hkcmd.exe
o6 - hkcu\software\policies\microsoft\internet explorer\control panel present
================================================================================
THESE ITEMS ARE NOT NEEDED TO LOAD AT BOOTTIME FOR
THE SYSTEM TO WORK, IT IS RECOMMENDED TO REMOVE THEM: