Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Hijack Log, Please help?

musicseawateryahoo.com

By musicseawateryahoo.com
in IObit Security 360

Recommended Posts

musicseawateryahoo.com Newbie

musicseawateryahoo.com

Posted
Posted

Logfile of IObit HijackScan v0.2.0.0

Scan saved at 21:31:13, on 2009-12-11

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\CyberDefender\cdinstx.exe

C:\WINDOWS\system32\cmd.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O8 - Extra context menu item: Add to AMV Convert Tool... -

O8 - Extra context menu item: Add to Media Manager... -

O8 - Extra context menu item: E&xport to Microsoft Excel -

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}SdcUser.TgConfCtl.2 - https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}LegitCheckControl.LegitCheck.1 - http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab

O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5}ConnectorLauncher.ConnectorLauncherCtrl.2 - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}Microsoft.wlsc.wlscInstall.1 - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}RuFSI.SymUtility.1 - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}SoftwareDistribution.MicrosoftUpdateWebControl.1 - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1169430877375

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737}WLXPhotoUpload.PhotoUploadCtl.1 - http://capecod183.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_13 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463}zpa_hrtz.ZPA_HRTZ.1 - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}ZIntro.ZoneIntro.1 - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}Java Plug-in 1.6.0_03 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}Java Plug-in 1.6.0_13 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_13 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23

 

 

 

This is my first time trying to figure this out, but I need to get on top of it.

 

Any help will be greatly appreciated, I'm astute and a fast learner, so you won't be wasting your time. Thanks in advance...:???: I'm running Windows-XP, SP-3, IE-7 I know IE-8 is out, but I'm fine with 7 and haven't had any problems to speak of.

Link to comment
Share on other sites
Melvin_Deal Newbie

Melvin_Deal

Posted
Posted

Welcome here musicseawater@yahoo.com

 

We will be glad to help. Is there a specific concern with your PC that you wish to address?

 

Your paste of your logfile appears to be incomplete...

The last entry 023 has nothing following it.

 

Please make sure the entire log is pasted... most helpful!

Along with description of problem/concern... Thanks!

 

Mel

Link to comment
Share on other sites
Melvin_Deal Newbie

Melvin_Deal

Posted
Posted

This is part of a rogue anti spyware software infection.

 

C:\Program Files\CyberDefender\cdinstx.exe Is Known Rogue Anti-Spyware!

 

All traces of CyberDefender must be removed.

 

Please tell what steps you have taken and what problems you are expeiencing!

 

I see that you have left the forum... first do this (if CyberDefender has not had a previous uninstall attempt):

 

1)Install a program called revo uninstaller here: http://www.revouninstaller.com/revo_uninstaller_free_download.html

2)Run Revo on CyberDefender and choose the Advanced option when given the choice.

3)Click next when prompted and CAREFULLYtick only the entries pertaining to CyberDefender.

4)Continue... next, careful choice of ticks... until revo is finished.

5)Download and run Advanced SystemCare 3 here: http://download.cnet.com/Advanced-SystemCare-Free/3000-2086_4-10407614.html

6)restart your computer

7)Run a new hijack scan and copy/paste here

 

If you have already attempted to remove this software, please advise exactly what you did and the results. This could be an embedded remnant, in which case a different approach is required.

 

Good luck, waiting for your reply,

 

Mel

Link to comment
Share on other sites
R3XNebular Newbie

R3XNebular

Posted
Posted
Logfile of IObit HijackScan v0.2.0.0

Scan saved at 21:31:13, on 2009-12-11

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\CyberDefender\cdinstx.exe

C:\WINDOWS\system32\cmd.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O8 - Extra context menu item: Add to AMV Convert Tool... -

O8 - Extra context menu item: Add to Media Manager... -

O8 - Extra context menu item: E&xport to Microsoft Excel -

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}SdcUser.TgConfCtl.2 - https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}LegitCheckControl.LegitCheck.1 - http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab

O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5}ConnectorLauncher.ConnectorLauncherCtrl.2 - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}Microsoft.wlsc.wlscInstall.1 - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}RuFSI.SymUtility.1 - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}SoftwareDistribution.MicrosoftUpdateWebControl.1 - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1169430877375

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737}WLXPhotoUpload.PhotoUploadCtl.1 - http://capecod183.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_13 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463}zpa_hrtz.ZPA_HRTZ.1 - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}ZIntro.ZoneIntro.1 - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}Java Plug-in 1.6.0_03 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}Java Plug-in 1.6.0_13 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_13 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23

 

 

 

This is my first time trying to figure this out, but I need to get on top of it.

 

Any help will be greatly appreciated, I'm astute and a fast learner, so you won't be wasting your time. Thanks in advance...:???: I'm running Windows-XP, SP-3, IE-7 I know IE-8 is out, but I'm fine with 7 and haven't had any problems to speak of.

Use [noparse]www.hijackthis.de[/noparse] great at reading logfiles and rating them

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...