Facebook   Twitter   Google+   YouTube Get FREE Online Help Free Download IObit Products  

Go Back   IObit.Com Forums > IObit Security Software > IObit Security Softwares General Discussions > IObit Security 360
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

IObit Security 360 If your computer has been infected, please do not hesitate to post your Hijack Scan Logs, we have malware experts help you be out of infections.

Reply
 
Thread Tools Display Modes
  #1  
Old Jan. 29th, 2011, 00:54
johny30 johny30 is offline
Junior Member
 
Join Date: 29 Jan 2011
Posts: 2
Default believe i have a virus or infection/ hijack log file

when i click on a story in yahoo news it shows up for a second then redirests me to a page not found. i get a web page like this for example
http://ads.bluelithium.com/iframe3?W...0%253b8493%253

here is my hijack log file

Logfile of IObit HijackScan v1.0.2.0
Scan saved at 19:37:23, on 2011-1-28

Running processes:

O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.1\iobitToolbarIE.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWow64\TwcToolbarIe7.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files (x86)\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O3 - Toolbar: Search Toolbar - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.1\iobitToolbarIE.dll
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [IObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} -
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} -
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Babylon web page translation - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F}SysReqLabNVD.Detection.1 - http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034}SysReqLab.Detection_SRLX.1 - http://intel-drv-cdn.systemrequireme...eqlab_srlx.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10}Microsoft.wlsc.WrapperAX.2 - http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}MANAGER.DLMCtrl.1 - http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.7.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB}SMARTLOAD.smartLoadCtrl.1 - http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}ONLINESCANNER.OnlineScannerCtrl.1 - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303}zpa_txhe.ZPA_TexasHoldem.1 - http://zone.msn.com/bingame/zpagames...e.cab79352.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}ZIntro.ZoneIntro.1 - http://cdn2.zone.msn.com/binFramewor....cab102118.cab
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}PCPitstop2.Exam.1 - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater (Application Updater) - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv. exe
O23 - Service: FLEXnet Licensing Service (FLEXnet Licensing Service) - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService .exe
O23 - Service: Google Update Service (gupdate1ca94b36cee2aa9) (gupdate1ca94b36cee2aa9) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Window s Communication Foundation\infocard.exe
O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service (IS360service) - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe
O23 - Service: lxdx_device (lxdx_device) - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Window s Communication Foundation\SMSvcHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA (PnkBstrA) - Unknown - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe
O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe
O23 - Service: Steam Client Service (Steam Client Service) - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TVersityMediaServer (TVersityMediaServer) - Unknown - C:\Users\jon\AppData\Local\TVersity\Media Server\MediaServer.exe
O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe


any help on what i should check to fix this would be appreciated
Reply With Quote
  #2  
Old Jan. 29th, 2011, 02:43
So_sad's Avatar
So_sad So_sad is offline
Expert User
 
Join Date: 19 Nov 2009
Posts: 407
Default

Welcome to the forum, johny30

Please have a look here :
http://answers.yahoo.com/question/in...5183730AAgIOYn

Let me know if that helped.

See you soon.

====
__________________
Is it winter yet ?
Reply With Quote
  #3  
Old Jan. 29th, 2011, 07:29
johny30 johny30 is offline
Junior Member
 
Join Date: 29 Jan 2011
Posts: 2
Default thx it worked

thx alot so sad that worked, also thanks for the welcome and the quick response
Reply With Quote
  #4  
Old Jan. 29th, 2011, 15:22
So_sad's Avatar
So_sad So_sad is offline
Expert User
 
Join Date: 19 Nov 2009
Posts: 407
Default

You bet

Glad it worked for you.

By the way, there's nothing suspicious showing in the Hijack log you've posted. Those scans don't see everything, but as long as you don't have any other weird symptoms, you should be fine.

Please update your Java though. You have version 6 Update 22 and they're at Update 23 now. You can update directly from the application itself (Control Panel > open "Java" > "Update" tab), or download and install the new version, which will remove the older version automatically :
http://www.java.com/getjava/

You have a bunch of toolbars installed. Although they don't pose a direct threat, they do clutter your browser and may slow it down as well. Unless you really need them, I'd uninstall a few of them from Control Panel.

That's it. Stay safe out there

===
__________________
Is it winter yet ?
Reply With Quote
  #5  
Old Jan. 29th, 2011, 16:23
enoskype's Avatar
enoskype enoskype is offline
Mediator®
 
Join Date: 27 Oct 2006
Posts: 10,293
Default

Hi So_sad,

Perhaps, update of Adobe 9.0 to Adobe X and usage of JavaRa 1.16 could be suggested too.
Although I don't know if it is installed, but the usage of most recent Flash Players are advisable also.
IMO, usage of uTorrent is risky because of the unknown security of the downloaded files.

Cheers.
__________________
enoskype

- Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -
Reply With Quote
  #6  
Old Jan. 29th, 2011, 16:53
So_sad's Avatar
So_sad So_sad is offline
Expert User
 
Join Date: 19 Nov 2009
Posts: 407
Default

Yuck ! I missed Adobe Reader 9...

Thanks enoskype. Indeed, version 10 ("X") is needed.

JavaRa isn't really necessary anymore, but I could be wrong. Reader has been removing older versions for a while now, when you update or install over older versions. There may be remnants left behind, but from a security point of view, I don't think they pose a threat.

Flash updater should be set to Auto, because new versions come out all the time.

uTorrent : yeah... I agree. When I start working on an infected computer with P2P or torrent apps onboard, I always advise of the risks. Because our member isn't infected and also because *some* use torrents to get non pirated material, I usually don't mention it unless I can back it up with evidence (infections) present on the machine

===
__________________
Is it winter yet ?
Reply With Quote
  #7  
Old Jan. 29th, 2011, 17:07
enoskype's Avatar
enoskype enoskype is offline
Mediator®
 
Join Date: 27 Oct 2006
Posts: 10,293
Default

Hi again, unfortunately Java updates still leave clutter, and JavaRa 1.16 is updated to a higher build # recently.
You are right about the security of the clutter not posing a threat, but sometimes after update, older add-ons of browsers still stays put and could be risky. (Specifically when an installer includes an older version of Java after an update to a newer version of Java. Example: OpenOffice.org 3.3. One can even not be aware of that.)

Cheers.
__________________
enoskype

- Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -
Reply With Quote
  #8  
Old Jul. 6th, 2011, 20:46
jjohns24 jjohns24 is offline
Banned
 
Join Date: 06 Jul 2011
Posts: 1
Default

Quote:
Originally Posted by So_sad View Post
Yuck ! I missed Adobe Reader 9...

Thanks enoskype. Indeed, version 10 ("X") is needed.

JavaRa isn't really necessary anymore, but I could be wrong. Reader has been removing older versions for a while now, when you update or install over older versions. There may be remnants left behind, but from a security point of view, I don't think they pose a threat.

Flash updater should be set to Auto, because new versions come out all the time.

uTorrent : yeah... I agree. When I start working on an infected computer with P2P or torrent apps onboard, I always advise of the risks of no Mobile Network Security. Because our member isn't infected and also because *some* use torrents to get non pirated material, I usually don't mention it unless I can back it up with evidence (infections) present on the mobility machine

===
Can auto really accomodate for the new versions? why do some use torrents to get non pirated material? im confused THANKS

EDIT: The RED words were added as ad links by the poster and they are red colored and delinked by me.

Last edited by enoskype : Jul. 6th, 2011 at 23:45. Reason: EDIT:
Reply With Quote
  #9  
Old Jul. 6th, 2011, 23:42
enoskype's Avatar
enoskype enoskype is offline
Mediator®
 
Join Date: 27 Oct 2006
Posts: 10,293
Default

You think you are clever jjohns24?

Stay as you are!
__________________
enoskype

- Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Get FREE Online Help



Free Download IObit Products




Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
false positive, this is my bit defender anti virus [SOLVED by db 2401] steve76108 False Positive Reports by IObit Products 1 Jan. 10th, 2011 01:17
Windows Security Alert- infected? PLEASE HELP! Dbq70 Spyware-Malware Removal Help! 1 Dec. 31st, 2010 19:06
Been Hijacked pls help matt49256 IObit Security 360 7 Dec. 18th, 2010 06:44
Hijack this log- Need help!! westham009 IObit Security 360 0 Dec. 5th, 2010 12:53
system32 FP [SOLVED by db 2001] montrealcity False Positive Reports by IObit Products 3 Nov. 23rd, 2010 20:59


All times are GMT +0. The time now is 00:32.


Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.