Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Im NEW here and Need Help Please


MissNiss

Recommended Posts

I dont know if this is good or bad.

Also when i did a smart scan from IObit it found 7 threats.

5 are unwanted programs and 2 are trojans it says. Should i remove and delete them?

 

Thanks so much for any help i can get. Im Lost.

 

 

Logfile of IObit HijackScan v0.2.0.0

Scan saved at 17:27:30, on 2009-12-18

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\IObit\Advanced SystemCare 3\Awc.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MSTBCoreContainer.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MySpaceToolbar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: Unknown - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MySpaceToolbar.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}Java Plug-in 1.5.0_12 - http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O23 - Service: avast! iAVS4 Control Service - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: DCOM Server Process Launcher - Unknown -

O23 - Service: Diagnostic Policy Service - Unknown -

O23 - Service: Windows Media Center Service Launcher - Unknown - %windir%\system32\svchost.exe

O23 - Service: Group Policy Client - Unknown -

O23 - Service: Windows CardSpace - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: Net.Tcp Port Sharing Service - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Quality Windows Audio Video Experience - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) - Unknown -

O23 - Service: Security Accounts Manager - Unknown -

O23 - Service: Secondary Logon - Unknown - %windir%\system32\svchost.exe

O23 - Service: Distributed Link Tracking Client - Unknown -

O23 - Service: Windows Modules Installer - Unknown -

O23 - Service: Block Level Backup Engine Service - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host - Unknown -

O23 - Service: Diagnostic System Host - Unknown -

O23 - Service: Windows Media Player Network Sharing Service - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

O23 - Service: Yahoo! Updater - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

Link to comment
Share on other sites

  • Replies 54
  • Created
  • Last Reply

Hi MissNiss,

 

Use the quarantine of IS360 and remove those 7 treats to quarantine in IS 360. Please let us know what they are.

 

Download JavaRa, run it and get rid of the old Java clutter.

 

Which exact version is your Adobe Reader?

 

After all this, post again the new HijackThis report in this thread please.

 

Cheers.

Link to comment
Share on other sites

Still need help....

 

The link for the JavaRa that you left for me doesnt take me to a download for it.

 

 

 

 

 

 

Hi MissNiss,

 

Use the quarantine of IS360 and remove those 7 treats to quarantine in IS 360. Please let us know what they are.

 

Download JavaRa, run it and get rid of the old Java clutter.

 

Which exact version is your Adobe Reader?

 

After all this, post again the new HijackThis report in this thread please.

 

Cheers.

Link to comment
Share on other sites

JavaRA download and use

 

At the JavaRA website:

• Click on Products (on the bar)

• Under the info about JavaRA click on Download Windows Binary (.zip file)

You will be taken to the SourceForge website where your download should start automatically

 

On your computer:

• Un-zip the JavaRA zip file by a right click on the file and choose Extract All

• A JavaRA folder will be created, put this somewhere handy on your computer (maybe My Documents ?)

• Open the JavaRA folder (not the zip file) and double click the JavaRA icon. JavaRA will appear on screen, it is not installed on your computer in the usual way but runs directly from the folder.

• Select what you want to check for and delete (tick all is ok)

JavaRA is well respected and safe software, do not be afraid of it :smile:

 

All the best, woz of oz

Link to comment
Share on other sites

Thank you this is the new HiJackthis Log

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:29:48 AM, on 12/19/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MSTBCoreContainer.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MySpaceToolbar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MySpaceToolbar.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Users\blondie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)

O13 - Gopher Prefix:

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} - http://rms2.invokesolutions.com/events/bin/6.2.0.1452/MILive.cab

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab

O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

 

--

End of file - 7103 bytes

 

 

 

 

 

 

 

 

 

Hi again MissNiss,

 

OK, here is an alternative direct download link .

Please follow the suggestions of wozofoz.

 

Cheers.

Link to comment
Share on other sites

Hi thank you for the help

 

The Smart Scan from Iobit 360 detected nothing this time.

Here is the HijackThis Report from 360.

Also i use Adobe Reader 9.2

 

 

 

Logfile of IObit HijackScan v1.0.0.0

Scan saved at 12:46:57, on 2009-12-19

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MSTBCoreContainer.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MySpaceToolbar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: Unknown - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.56.0_1\MySpaceToolbar.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}Java Plug-in 1.5.0_12 - http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility (Ati External Event Utility) - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus (avast! Antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner (avast! Mail Scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner (avast! Web Scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

 

 

 

 

 

 

Hi MissNiss,

 

Can you please post the HijackThis report from same program, ei. IS 360 to direct comparison what is corrected?

 

Still waiting for which version of Adobe you are using!!!

 

Cheers.

Link to comment
Share on other sites

Hi

 

What is a private server? Im not sure what that is.

 

Im on my Laptop. I have a Desktop also but i use my Laptop primarily. I have a router and my laptop works through that with no wires.

 

 

 

This is a networked computer? Is it networked into a private server???
Link to comment
Share on other sites

Private Server.

 

Some businesses own their own server. My inquiry was along that line as sometimes the "private server" also maintains the health of its clients (individual users PC's). Was only exploring that as an option for explaining the disappearance of the threats. This is not the case here, it would seem.

 

Is it possible that you have run another software that may have removed the threats in the meantime? Maybe set to automatic if you didn't initiate the action??

 

Just eliminating possibilities... thats all!

Link to comment
Share on other sites

The software i ran was Advance System Care Free and i did a Smart Scan with IObit Security 360.

 

 

 

 

 

Some businesses own their own server. My inquiry was along that line as sometimes the "private server" also maintains the health of its clients (individual users PC's). Was only exploring that as an option for explaining the disappearance of the threats. This is not the case here, it would seem.

 

Is it possible that you have run another software that may have removed the threats in the meantime? Maybe set to automatic if you didn't initiate the action??

 

Just eliminating possibilities... thats all!

Link to comment
Share on other sites

Did you run ASC after IS360?

 

Its possible that ASC removed the problems. As it operates, it Scans, identifies, and corrects problems/issues. After it scans, issues in each area will be identified for a short time in red (only the number of problems/issues will be stated), then it will repair/remove and say problems fixed in green. This could be the case if you ran ASC after Is360... it could have taken care of things without showing you each individual issue

 

Which did you run first?

Link to comment
Share on other sites

Yes i ran ASC first. If those issues are taken care of then great! :razz: But im still having the problem with Internet Explorer crashing and freezing all of the time and also the laptop being sluggish.

 

 

 

Its possible that ASC removed the problems. As it operates, it Scans, identifies, and corrects problems/issues. After it scans, issues in each area will be identified for a short time in red (only the number of problems/issues will be stated), then it will repair/remove and say problems fixed in green. This could be the case if you ran ASC after Is360... it could have taken care of things without showing you each individual issue

 

Which did you run first?

Link to comment
Share on other sites

Still trying to eliminate possibilities.

 

If you ran ASC first, and 360 identified the problems... ASC could not possibly have repaired them.

 

In the meantime have you run your Avast? Also have you downloaded any update files for any softwares?

 

What is your system configuraton, What version of Windows, and how much RAM memory does your system have in particular?

 

The IE problem and slowness could be an entirely different issue.

 

Have you set your windows to automatically update? If so when was the last update? If not, when did you last update? And which version of IE are you running. I have seen IE issues after updates previously

 

Was the freezing/slowness the reason for running the scans?

 

Sorry!! Lots of questions!

 

Also one idea. Open ASC, goto utilities, open it and run the thing called smart ram at the bottom. Do a deep clean and post here how much memory is released.

Link to comment
Share on other sites

HI

 

Hi MissNiss. I have only one question. How many Add-ons to you have on IE8??? You might try the screen prints suggestion of resetting , but please read the warning because you will lose your Add- ons. Imho you can have to many Add-ons and it will slow your PC down.--garybear

Link to comment
Share on other sites

Hi garybear

 

Yes thank you. :smile:

I do know that having too many add-ons will slow a computer down quite a bit. Im always checking my add-ons to make sure there are no new ones that i havent allowed.

Since i have added one program though, i have alot more add-ons. Im not sure what to do about that since i use that program everyday all day. I dont know if there is anything that can be done.

 

 

 

Hi MissNiss. I have only one question. How many Add-ons to you have on IE8??? You might try the screen prints suggestion of resetting , but please read the warning because you will lose your Add- ons. Imho you can have to many Add-ons and it will slow your PC down.--garybear
Link to comment
Share on other sites

Hi Melvin

 

I ran ASC smart ram and did a deep clean.

145 MB memory released

Version of Windows is Vista 6.0 32-bit

Ram memory 2.00GB and i havent used much

Avast found nothing.

I update Windows Auto/daily and also at times manually.

I run IE8

And yes i ran the scans because of freezing/slowness.

 

 

 

If you ran ASC first, and 360 identified the problems... ASC could not possibly have repaired them.

 

In the meantime have you run your Avast? Also have you downloaded any update files for any softwares?

 

What is your system configuraton, What version of Windows, and how much RAM memory does your system have in particular?

 

The IE problem and slowness could be an entirely different issue.

 

Have you set your windows to automatically update? If so when was the last update? If not, when did you last update? And which version of IE are you running. I have seen IE issues after updates previously

 

Was the freezing/slowness the reason for running the scans?

 

Sorry!! Lots of questions!

 

Also one idea. Open ASC, goto utilities, open it and run the thing called smart ram at the bottom. Do a deep clean and post here how much memory is released.

Link to comment
Share on other sites

Hi again

 

Hi again. I don't use IE8, but keep it for default browser,and besides that Uncle Bill doesn't like you messing with his browser,so I just use it as a default. You could disable one Add- on at at time and see if that helps. You can always go back and enable it. If you get real drastic I would recommend a new reinstall of IE8. That's what I do when programs stop responding the way I want and have tried every thing else, Good luck and let the members know it things get better for you.---garybear

Link to comment
Share on other sites

Thank you Melvin

 

Thanks for the help that you have given me thus far. I appreciate it.:razz:

 

 

 

Running out of possibilities here. Look at your system live via task manager, see if there is any resource consumption greater than 5 percent. Please make note of it. A screenshot might help. I'm about out of ideas... but others here aren't!
Link to comment
Share on other sites

Trying to get the picture

 

But im still having the problem with Internet Explorer crashing and freezing all of the time and also the laptop being sluggish.

 

I agree that screenshots of Task Manager and Startup Manager would be good at this stage.

If you are unsure how to do a screenshot and post it here, go to Usage of IObit Products - Screenshots and Attachments in the Forum

To capture the screenshot, you can also use FastStone Capture. you can get the free version HERE It's a very handy tool to have :smile:

Note: Un-zip and launch FastStone Capture from the FastStone Capture folder (like you did with JavaRA), it does not install itself on your computer either.

 

I use XP not Vista so hopefully the procedure is the same.

 

Task Manager

Get your LapTop to a 'normal' state, that is, running the applications you would normally have running at any given time (when it's sluggish)

• Launch Task Manager (Ctrl + Alt + Del)

• Select Processes (Highest CPU on the top of the column)

• Take a ScreenShot

Hint: Save the ScreenShots as JPEG then you won't have to reduce the size.

 

Startup Manager

• Launch Advanced System Care

• Select Utilities

• Select Admin Tools

• Select Startup Manager

• Take a ScreenShot

 

Attatch the ScreenShots to your reply as explained in the Screenshots and Attachments section I linked above.

 

Yes thank you. :smile:

I do know that having too many add-ons will slow a computer down quite a bit. Im always checking my add-ons to make sure there are no new ones that i havent allowed.

Since i have added one program though, i have alot more add-ons. Im not sure what to do about that since i use that program everyday all day. I dont know if there is anything that can be done.

What is the name of this program and what does it do ?

 

All the best, woz of oz

Link to comment
Share on other sites

Hi

 

Well i dont know what im doing wrong but i cant take a screen shot. I try to and all that is saved is a blank picture in my pictures folder. Ive tried several times and its still not working for me. I used to take screen shots but forgot how to.

 

 

 

I agree that screenshots of Task Manager and Startup Manager would be good at this stage.

If you are unsure how to do a screenshot and post it here, go to Usage of IObit Products - Screenshots and Attachments in the Forum

To capture the screenshot, you can also use FastStone Capture. you can get the free version HERE It's a very handy tool to have :smile:

Note: Un-zip and launch FastStone Capture from the FastStone Capture folder (like you did with JavaRA), it does not install itself on your computer either.

 

I use XP not Vista so hopefully the procedure is the same.

 

Task Manager

Get your LapTop to a 'normal' state, that is, running the applications you would normally have running at any given time (when it's sluggish)

• Launch Task Manager (Ctrl + Alt + Del)

• Select Processes (Highest CPU on the top of the column)

• Take a ScreenShot

Hint: Save the ScreenShots as JPEG then you won't have to reduce the size.

 

Startup Manager

• Launch Advanced System Care

• Select Utilities

• Select Admin Tools

• Select Startup Manager

• Take a ScreenShot

 

Attatch the ScreenShots to your reply as explained in the Screenshots and Attachments section I linked above.

 

 

What is the name of this program and what does it do ?

 

All the best, woz of oz

Link to comment
Share on other sites

Hi

 

OMGosh these are so small. I was sure that i had made them bigger so that you could see them. Wow... well i dont know what the heck im doing. lol...

 

 

Ok here are the screen shots.

Also the program im talking about that has alot of Add-Ons is called RoboForm. Its so that i can fill out forms quickly.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...