Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

hijack scan...

elame87

By elame87
in IObit Security 360

Recommended Posts

elame87 Newbie

elame87

Posted
Posted

does anything look weird? thanks for your help!

 

 

 

Logfile of IObit HijackScan v1.0.0.0

Scan saved at 5:43:40, on 2010-1-2

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\csrss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\ibmpmsvc.exe

C:\Program Files\Sygate\SPF\smc.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\WINNT\system32\cisvc.exe

C:\WINNT\system32\hidserv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\tp4mon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINNT\system32\cidaemon.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [TrackPointSrv] tp4mon.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [synchronization Manager] mobsync.exe /logon

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O9 - Extra button: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9}SpinTopDRM.SpinTopDRMClass.1 - file://C:\Program Files\Text Twist\Images\stg_drm.ocx

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}SoftwareDistribution.WebControl.1 - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1254698586310

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}SoftwareDistribution.MicrosoftUpdateWebControl.1 - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257191694227

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54}ArmHelper.ArmClass.1 - file://C:\Program Files\Text Twist\Images\armhelper.ocx

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown - C:\WINNT\system32\ibmpmsvc.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

Link to comment
Share on other sites
elame87 Newbie

elame87

Posted
  • Author
Posted

ok i did another hijack scan ...i just feel like somethings wrong or not working right on my comp. if anyone notices something, please let me know.thanks...

 

i think the issues have to do with bitdefender. i installed and uninstalled it but didnt seem to get rid of it all.

 

 

 

 

Logfile of IObit HijackScan v1.0.0.0

Scan saved at 12:45:53, on 2010-1-2

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\csrss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\ibmpmsvc.exe

C:\Program Files\Sygate\SPF\smc.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINNT\system32\cisvc.exe

C:\WINNT\system32\hidserv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\tp4mon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\WINNT\system32\cidaemon.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\WINNT\system32\taskmgr.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\WINNT\system32\NOTEPAD.EXE

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [synchronization Manager] mobsync.exe /logon

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [TrackPointSrv] tp4mon.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O9 - Extra button: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9}SpinTopDRM.SpinTopDRMClass.1 - file://C:\Program Files\Text Twist\Images\stg_drm.ocx

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}YInstHelper.YInstStarter.1 - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}SoftwareDistribution.WebControl.1 - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1254698586310

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}SoftwareDistribution.MicrosoftUpdateWebControl.1 - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257191694227

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_17 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54}ArmHelper.ArmClass.1 - file://C:\Program Files\Text Twist\Images\armhelper.ocx

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus (avast! Antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner (avast! Mail Scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner (avast! Web Scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown - C:\WINNT\system32\ibmpmsvc.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

Link to comment
Share on other sites
elame87 Newbie

elame87

Posted
  • Author
Posted

i just got a fun warning...

 

8E718888-423F-11D2-876E-00A0C9082467 Sys_06.ocx - Unidentified malware, using an identical class ID to the legitimate Internet Explorer Radio_Bar, //www.castlecops.com/tk846-msdxm_ocx.html - should you have a copy of the file, [xs4

 

 

 

is this a false positive?

Link to comment
Share on other sites
Melvin_Deal Newbie

Melvin_Deal

Posted
Posted

Try wrexe's suggestion.

 

If that doesn't remove all the pieces. (make sure and reboot afterward). Then try this: Reinstall bitdefender, then reboot... Then uninstall Bitdefender Using Revo Uninstaller. Make sure to use the "advanced" option when uninstalling so you can remove leftover traces. You can find Revo here: http://www.revouninstaller.com/revo_uninstaller_free_download.html

 

 

The free version will do.

 

If you post another scanlog... please run the scan right after the system completely starts up. Don't close anything running in the system tray.

 

Hope this helps!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...