Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

hijack this please


jsr27

Recommended Posts

Posted

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 1:41:38 AM, on 11/26/2009

Platform: Windows Vista (WinNT 6.0)

MSIE: Internet Explorer v8.0 (8.0.6001.18828)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\OEM02Mon.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\AVG\AVG9\avgtray.exe

C:\Program Files\Yahoo!\Common\YMailAdvisor.exe

C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Browser Address Error Redirector - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Browser Address Error Redirector - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKCU\..\Run: [DellAutomatedPCTuneUp] "C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe" /startup

O4 - HKCU\..\Run: [search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [EarthLink Installer] " /C

O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"

O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O9 - Extra button: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: DellAMBrokerService - Unknown owner - C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

O23 - Service: Remote Procedure Call (RPC) Net (RpcSs) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

O23 - Service: SessionLauncher - Unknown - C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe

O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown - C:\Windows\System32\WLTRYSVC.EXE

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

Posted

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

 

These two can be fixed, as they are non-existent anymore.

Other than that, it looks clean.

Posted

Hello enoskype ;

 

I'm not supposed to be here, so let's just keep this between you and I ;-)

 

Good observation on Adobe Reader, dude. It would also be important to mention the lack of SP2 on Vista as well ; not even SP1 present (that's bad).

 

Anyhoots, my comments are meant to help. This is a help forum after all.

 

One more thing : do you guys do malware removal here on the forums ? If so, I think you should have a section (sub-forum) and people dedicated to that and trained, of course. It helps a lot, I assure you. If you don't do malware removal, you should perhaps put up a sticky, advising members not to post HijackThis logs altogether.

 

One last thing : when someone starts a thread and drops a HijackThis log and nothing else, you have to wonder why they posted it in the first place. HijackThis can't show much with the newer infections out there, so the first thing to do is ask : "What seems to be the problem with your machine ?"

Symptoms will help you help them. HJT can't see rootkits and many other nasties.

 

HTH

Posted

Hi So sad,

 

I give my word that I will keep it between you and me. ;-)

 

Thank you for your input , and I really mean it.

 

You are absolutely right on the service packs for Vista, but I am not sure if the report gives that correctly.

 

I can't say that % 100 malware removal is done properly in this forum, but there are some well versed security minded members, but they are not available all the time. We had a thread for the HijackThis reports to be submitted, but it didn't work as it should.

 

I do agree with you on HijackThis evaluation and the lack of rootkit and some other nasties detection, but some of the members are not aware if there is any malware in their PCs, and that's why they are posting them to be controlled.

They want it to be controlled so that, even if there is something odd that they have not noticed, and can be detected in the HijackThis scan.

 

Btw, I prefer to look to the HijackThis report from IS360 rather than ASC.

 

Most of the time, if there is a serious treat in the report, they are channeled to other expert forums and online scanners.

 

The problem with some posters is that, they don't give any information about the hardware, OS, softwares and specificly security softwares, and even the version of the software they have an issue with regardless of the software they are using, be it security software or other software.

 

How true it is to be informed about symptoms before hand to be helpful. http://forums.iobit.com/images/icons/icon14.gif

 

Cheers.

Posted

Thank you for the feedback, enoskype :smile:

 

Darn, you're right. I thought this was a HijackThis log, but it's from ASC. They look awfully similar though, but since I don't know ASC, I can't tell you what it can and can't do. HJT will show the correct Service Pack for Win2K, XP and Vista (even 64-bit), but it's not yet updated for Windows 7 I think.

 

There are better diagnostics tools out there, that will give you much more info on the system than HJT, but that's another story.

 

Some experienced members having a look at such logs is Ok, as long as both parties are aware that stuff may slip by and that other resources are available for further diagnosis and help.

 

Wishing that jsr27 would give you a little more to go on. Some are just a little paranoid by nature and want their logs checked out. Others post logs simply because their machine is "slow". Yikes 8-)

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...