Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Hijack Report Log Help


rsssmoore

Recommended Posts

I have been cleaning up my old Inspiron E1705 (2-12-2006) and feel pretty good about it so far. Removed several viruses repaired Registry and optimized Windows settings. But most of this has been done with freeware and automated scans and I feel there is still a bit more to do but it is just outside of my comfort zone. Would anyone be willing to take a look at my log? Win XP Pro(Media Center) Svc Pak 3. If you need any more Sys Info let me know Thanks!

 

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 5:39:9, on 2011-1-27

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\ThreatFire\TFService.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ThreatFire\TFTray.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Brother\ControlCenter2\brctrcen.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\NetWaiting\netWaiting.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files\Internet Explorer\iexplore.exe

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [nwiz] nwiz.exe /installquiet

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [setDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: []

O9 - Extra button: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Research - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}SysProWmi.1 - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}Microsoft.wlsc.wlscInstall.1 - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD}ScanProcesses.SABScanProcesses.1 - http://www.superadblocker.com/activex/sabspx.cab

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}DellSystemLite.Scanner - http://support.dell.com/systemprofiler/DellSystemLite.CAB

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}GpcContainer.GpcContainer.1 - https://trendmicro.webex.com/client/T27L10NSP11EP5/support/ieatgpc.cab

O23 - Service: avast! Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bluetooth Hid Switch Service (Bluetooth Hid Switch Service) - Cambridge Silicon Radio - C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Indexing Service (CiSvc) - Unknown - .dll

O23 - Service: DSBrokerService (DSBrokerService) - Unknown - .dll

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Fax (Fax) - Unknown - .dll

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NICCONFIGSVC (NICCONFIGSVC) - Unknown - .dll

O23 - Service: Norton Internet Security (NIS) - Unknown - .dll

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown - .dll

O23 - Service: SupportSoft RemoteAssist (SupportSoft RemoteAssist) - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe

O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown - .dll

O23 - Service: ThreatFire (ThreatFire) - Unknown - C:\Program Files\ThreatFire\TFService.exe service

O23 - Service: Volume Shadow Copy (VSS) - Unknown - .dll

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Application Updater (Application Updater) - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

2Report.doc

Link to comment
Share on other sites

Cleaning up my old Inspiron E1705 need some help with Hijack log Running Win XP Pro (Media Ctr Edition) Service Pack 3. If more Sys info is needed let me know, Thanks

 

A newer version of service pack is available. Service packs increase the safety of your system. Visit Microsoft's windowsupdate site to download the newest version of the service pack.

We couldn't detect any active process of a firewall on your system. Possible reasons:

(1.) You are using the windows firewall or a hardware firewall.

(2.) You are using a firewall of an unknown vendor.

(3.) You are using a firewall, but for unknown reasons it is disabled

(4.) You don't use any firewall at all.

We recommend you to use a firewall. Download and install one or activate windows xp´s own one

 

the registry on this page: copiar-pegar

 

http://www.hijackthis.de/

 

saludos ;)

Link to comment
Share on other sites

Hi Security360 (sorry if I don't use CAPS like you do for your nickname, as it feels like shouting to me..., but that's just me).

 

You mention that a new Service Pack is needed. Is there a SP4 for XP out ? Maybe I missed it.

 

The Hijackthis.de log analyzer is a terrible idea. Results from those automated scan analyzers cannot be trusted. They throw false positives, often don't identify real threats and may lead to fixing legitimate entries. Bad, bad... and not just that one. Log analysis should be done by people who know what they're doing, not by any software.

 

Security is serious business and knowledge is key.

 

===

Link to comment
Share on other sites

Hi Security360 (sorry if I don't use CAPS like you do for your nickname, as it feels like shouting to me..., but that's just me).

 

You mention that a new Service Pack is needed. Is there a SP4 for XP out ? Maybe I missed it.

 

The Hijackthis.de log analyzer is a terrible idea. Results from those automated scan analyzers cannot be trusted. They throw false positives, often don't identify real threats and may lead to fixing legitimate entries. Bad, bad... and not just that one. Log analysis should be done by people who know what they're doing, not by any software.

 

Security is serious business and knowledge is key.

 

===

 

I just wanted to help, a moderator said the site was safe

Link to comment
Share on other sites

Wanting to help is good, and I think you mean it.

 

"Safe" ? Maybe, most of the time. "Good" ? No... (see reasons above).

 

You should also realize that today's malware elude HijackThis/HijackScan altogether. So when you tell folks to have their logs analysed, they'll trust your judgement and think they can rely on the results. They'll also think they can rely on the Hijack tools, which isn't true anymore.

 

Look at all the big security boards : no more HijackThis.

 

===

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...