believe i have a virus or infection/ hijack log file

[johny30]

when i click on a story in yahoo news it shows up for a second then redirests me to a page not found. i get a web page like this for example
http://ads.bluelithium.com/iframe3?W...0%253b8493%253

here is my hijack log file

Logfile of IObit HijackScan v1.0.2.0
Scan saved at 19:37:23, on 2011-1-28

Running processes:

O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.1\iobitToolbarIE.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWow64\TwcToolbarIe7.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files (x86)\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O3 - Toolbar: Search Toolbar - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.1\iobitToolbarIE.dll
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [IObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} -
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} -
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Babylon web page translation - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F}SysReqLabNVD.Detection.1 - http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034}SysReqLab.Detection_SRLX.1 - http://intel-drv-cdn.systemrequireme...eqlab_srlx.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10}Microsoft.wlsc.WrapperAX.2 - http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}MANAGER.DLMCtrl.1 - http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.7.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB}SMARTLOAD.smartLoadCtrl.1 - http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}ONLINESCANNER.OnlineScannerCtrl.1 - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303}zpa_txhe.ZPA_TexasHoldem.1 - http://zone.msn.com/bingame/zpagames...e.cab79352.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}ZIntro.ZoneIntro.1 - http://cdn2.zone.msn.com/binFramewor....cab102118.cab
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}PCPitstop2.Exam.1 - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater (Application Updater) - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv. exe
O23 - Service: FLEXnet Licensing Service (FLEXnet Licensing Service) - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService .exe
O23 - Service: Google Update Service (gupdate1ca94b36cee2aa9) (gupdate1ca94b36cee2aa9) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Window s Communication Foundation\infocard.exe
O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service (IS360service) - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe
O23 - Service: lxdx_device (lxdx_device) - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Window s Communication Foundation\SMSvcHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA (PnkBstrA) - Unknown - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe
O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe
O23 - Service: Steam Client Service (Steam Client Service) - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TVersityMediaServer (TVersityMediaServer) - Unknown - C:\Users\jon\AppData\Local\TVersity\Media Server\MediaServer.exe
O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe


any help on what i should check to fix this would be appreciated

[So_sad]

Welcome to the forum, johny30

Please have a look here :
http://answers.yahoo.com/question/in...5183730AAgIOYn

Let me know if that helped.

See you soon.

====

[johny30]

thx alot so sad that worked, also thanks for the welcome and the quick response

[So_sad]

You bet

Glad it worked for you.

By the way, there's nothing suspicious showing in the Hijack log you've posted. Those scans don't see everything, but as long as you don't have any other weird symptoms, you should be fine.

Please update your Java though. You have version 6 Update 22 and they're at Update 23 now. You can update directly from the application itself (Control Panel > open "Java" > "Update" tab), or download and install the new version, which will remove the older version automatically :
http://www.java.com/getjava/

You have a bunch of toolbars installed. Although they don't pose a direct threat, they do clutter your browser and may slow it down as well. Unless you really need them, I'd uninstall a few of them from Control Panel.

That's it. Stay safe out there

===

[enoskype]

Hi So_sad,

Perhaps, update of Adobe 9.0 to Adobe X and usage of JavaRa 1.16 could be suggested too.
Although I don't know if it is installed, but the usage of most recent Flash Players are advisable also.
IMO, usage of uTorrent is risky because of the unknown security of the downloaded files.

Cheers.

[So_sad]

Yuck ! I missed Adobe Reader 9...

Thanks enoskype. Indeed, version 10 ("X") is needed.

JavaRa isn't really necessary anymore, but I could be wrong. Reader has been removing older versions for a while now, when you update or install over older versions. There may be remnants left behind, but from a security point of view, I don't think they pose a threat.

Flash updater should be set to Auto, because new versions come out all the time.

uTorrent : yeah... I agree. When I start working on an infected computer with P2P or torrent apps onboard, I always advise of the risks. Because our member isn't infected and also because *some* use torrents to get non pirated material, I usually don't mention it unless I can back it up with evidence (infections) present on the machine

===

[enoskype]

Hi again, unfortunately Java updates still leave clutter, and JavaRa 1.16 is updated to a higher build # recently.
You are right about the security of the clutter not posing a threat, but sometimes after update, older add-ons of browsers still stays put and could be risky. (Specifically when an installer includes an older version of Java after an update to a newer version of Java. Example: OpenOffice.org 3.3. One can even not be aware of that.)

Cheers.

[jjohns24]

Quote:

Originally Posted by So_sad

Yuck ! I missed Adobe Reader 9...

Thanks enoskype. Indeed, version 10 ("X") is needed.

JavaRa isn't really necessary anymore, but I could be wrong. Reader has been removing older versions for a while now, when you update or install over older versions. There may be remnants left behind, but from a security point of view, I don't think they pose a threat.

Flash updater should be set to Auto, because new versions come out all the time.

uTorrent : yeah... I agree. When I start working on an infected computer with P2P or torrent apps onboard, I always advise of the risks of no Mobile Network Security. Because our member isn't infected and also because *some* use torrents to get non pirated material, I usually don't mention it unless I can back it up with evidence (infections) present on the mobility machine

===

Can auto really accomodate for the new versions? why do some use torrents to get non pirated material? im confused THANKS

EDIT: The RED words were added as ad links by the poster and they are red colored and delinked by me.

[enoskype]

You think you are clever jjohns24?

Stay as you are!