you guys are awesome! will you analyze this hijack scan please!!!

[jsr27]

Logfile of IObit HijackScan v1.0.0.0

Scan saved at 22:8:51, on 2009-12-7

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Windows\system32\services.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\OEM02Mon.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\AVG\AVG9\avgtray.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\system32\svchost.exe

C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Windows\system32\aestsrv.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\rpcnet.exe

C:\Windows\system32\STacSV.exe

C:\Program Files\AVG\AVG9\avgam.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\AVG\AVG9\avgscanx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} -

O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [DellAutomatedPCTuneUp] "C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe" /startup

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O9 - Extra button: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

O9 - Extra button: FreshDownload - {5533D395-EEE4-4C86-AAE6-EE1E6348F988} -

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_07 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}Java Plug-in 1.6.0_07 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_07 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe

O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: DellAMBrokerService (DellAMBrokerService) - Unknown - C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe

O23 - Service: RoxMediaDB10 (RoxMediaDB10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: SessionLauncher (SessionLauncher) - Unknown - C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe

O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: stllssvr (stllssvr) - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown - C:\Windows\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

O23 - Service: XAudioService (XAudioService) - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

:lol:

[blacksea]

Dear jsr27,

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

 

O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown - %windir%\system32\svchost.exe

 

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

 

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

 

are probably nasty, you should have them been analysed at http://www.virustotal.com.

[Melvin_Deal]

Welcome here jsr27!

 

Are you having a specific problem? Slowness maybe?? Maybe not... please explain.

 

You have lots of stuff running that doesn't need to be. All the media player/related services, etc. can be changed to manual instead of automatic as they will respond on demand when you open the application.

 

You may want to consider each service running, as to wether it needs to run continuously or not. (such as Dell support center... do you continuously consult with Dell support? If not, this would be one you want to disable)

 

Toolbars are notorious for cluttering up your system and spying on you. You should consider removing them... even the Iobit one... especially if its the Iobit toolbar by Conduit.

 

You may want to Consider your start-up programs as well... whats important to have running immediately in your system tray at the bottom right of your screen when you boot up. Paring this down will improve your boot-up time, and eliminate so much clutter in your system.

 

Many things for you to do here, depending on your objective!

 

 

Please elaborate on your objective!

 

Thanks!

[R3XNebular]

hijackthis.de can scan for you

[Melvin_Deal]

Jsr27

 

You haven't returned. You should trim some fat from your system, no matter how good you think it is.

 

We here can help you do that.

 

The entry Blacksea referred to: O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe is very questionable.

 

The windar entries belong to some of the fat on your system.

 

If you wanna... I'm just saying, thats all...

 

Mel

[danburrito]

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Ru n\: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

 

It's webcam settings tool running at startup.

[Melvin_Deal]

Ty Db

 

Tis a fat system, only looked briefly. You did the work, we'll see if he/she wants to trim or not if he/she comes back!

[R3XNebular]

Why was my post delinked, HIJACKTHIS can read the log file. Here I have checked for you via HIJACKTHIS.de

 

O9 - Extra button: FreshDownload - {5533D395-EEE4-4C86-AAE6-EE1E6348F988} -

[wozofoz]

What's the problem ?

 

Why was my post delinked, HIJACKTHIS can read the log file. Here I have checked for you via HIJACKTHIS.de

 

O9 - Extra button: FreshDownload - {5533D395-EEE4-4C86-AAE6-EE1E6348F988} -

 

The address is still there, just not linked. What's the problem with that ?

 

I also deleted some of your post above as you had 'expressed' your outrage in a way that some members may find offensive.

Please remember that this is a public forum with members and visitors from a wide range of cultures and beliefs and post accordingly.

What you may consider 'harmless' or just 'slang' may cause offense to others.

 

Edit: I also delinked your other post but left the address.

Do not test me on this !

 

All the best, woz of oz

[strydersInAnacortes]

Fyi

 

my computer was running very slow. Smart Defrag was crawling with a 24 hour task completion time. Task master showed avgnsx.exe taking up excessive cpu time. Check it out, I noticed you had avgnsx.exe listed. I disabled mine after I read up about it and decided I didn't need it.