Results 1 to 3 of 3

Thread: Hijack this log analysis

  1. #1
    Junior Member
    Join Date
    Feb 2006
    Posts
    3

    Question Hijack this log analysis

    Hi. Appreciate if anyone could check the log analysis.

    Logfile of HijackThis v1.99.1
    Scan saved at 12:56:13 PM, on 2/19/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINDOWS\System32\DRIVERS\WtSrv.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE
    C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe
    C:\WINDOWS\System32\WService.EXE
    C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
    C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\windows\winsysban9.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    C:\Program Files\FinePixViewer\QuickDCF.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Documents and Settings\Lee\Local Settings\Temp\Temporary Directory 3 for hijackthis.zip\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE
    O4 - HKLM\..\Run: [WService] WService.EXE
    O4 - HKLM\..\Run: [AnnotateCheck] C:\UC-LOGIC\AnnCheck.exe
    O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
    O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd9.exe
    O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban9.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O20 - Winlogon Notify: H323TSP - C:\WINDOWS\system32\h8l20i3oe8.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O21 - SSODL: Dnscache - {FF931B4C-943B-C140-0CC3-54C7C93D350A} - C:\WINDOWS\help\sendcmsg.hlp
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: WinTab Service (WinTabService) - Unknown owner - C:\WINDOWS\System32\DRIVERS\WtSrv.exe

  2. #2
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    Prior to doing anything XP users MUST disable System Restore!!! You can re enable it after you are clean.

    1. Download, install and run CrapCleaner to remove any temporary and junk files.

    2. Download Ad-Aware SE 1.06 and set it up as shown HERE.

    3. Download SpyBot Search & Destroy 1.4 and set it up as shown HERE.

    4. Download and run CWShredder 2.19.

    5. Download, update and scan with Spy Sweeper 4.5, there is a FREE 14-day trial and it is an EXCELLENT product. There is no need to use it's real-time protection, so uncheck all of those options.

    6. Download Ewido Anti-Malware 3.5 and set it up as shown HERE.

    7. Unless you are already using Kaspersky Antivirus do a FREE online virus scan from Kaspersky Online Scanner, make sure to check the option to use the EXTENDED DATABASE option listed under "Scanning Options".

    8. It it also a good idea to run the Winsock Fix to repair your TCP/IP stack. (you will have to redo any tweaks for your connection if this is used)

    9. If after doing ALL of the above and you are still having problems please scan with HijackThis 1.99.1 as shown HERE and post a log here in this forum for us to look at.

    10. Download SpywareBlaster 3.5.1 and set it up as shown HERE to help stay spyware free.

    11. Make sure you have ALL of the latest Windows Updates.

    :2cool:
    Help & Tips broadbandnuts.com - CableNut Tcp/Ip Analyzer TCPOptimizer drtweak.com - Dr Tweak

  3. #3
    Xelot
    Guest
    8. It it also a good idea to run the Winsock Fix to repair your TCP/IP stack. (you will have to redo any tweaks for your connection if this is used)
    I would suggest getting this downloaded prior to running any of the tools listed (with the possible exception of Spybot)
    Last edited by Xelot; 02-21-06 at 03:00 PM. Reason: I guess ezcodes don't work here...

Similar Threads

  1. SpeedStream 4200 Firewall Log
    By Frobozz in forum Wireless Networks & Routers
    Replies: 0
    Last Post: 02-08-06, 08:15 AM
  2. HijackThis log file analysis
    By goosebalance in forum Network Security
    Replies: 0
    Last Post: 01-30-06, 12:20 PM
  3. Hijack This Log?
    By eightisone in forum Network Security
    Replies: 2
    Last Post: 11-22-05, 10:09 AM
  4. AT&T RoadRunner Atlanta Congestion Problems.
    By megabit in forum General Broadband Forum
    Replies: 27
    Last Post: 03-21-01, 10:56 AM
  5. Systems Analysis or Programming? Advice needed.
    By Humboldt in forum General Discussion Board
    Replies: 5
    Last Post: 01-23-01, 07:07 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •