Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

What exactly does the Hijack Scan do?


jckinnick

Recommended Posts

I did a scan but when i put a check by things to fix it says to be careful that it could permanently delete something?

 

Hi jckinnick,

 

Please read the posts in the USAGE of IOBIT PRODUCTS thread, you should only check the checkbox of malware-virus-spyware containing item.

To decide which to delete, get help in this forum posting your HijackThis report.

 

http://forums.iobit.com/images/icons/icon4.gif Do not delete any item without beeing sure that the item is malicious.:!:

 

Cheers.

Link to comment
Share on other sites

Hi jckinnick,

 

Please read the posts in the USAGE of IOBIT PRODUCTS thread, you should only check the checkbox of malware-virus-spyware containing item.

To decide which to delete, get help in this forum posting your HijackThis report.

 

http://forums.iobit.com/images/icons/icon4.gif Do not delete any item without beeing sure that the item is malicious.:!:

 

Cheers.

 

 

I didnt see any thing about Hi Jack Scan in that thread plus it was closed. What exactly does it do besides delete programs? Whats the difference in between it and an uninstaller?

Link to comment
Share on other sites

Hi jckinnick,

 

Hijack Scan will scan critical settings of your system, which are also common targets of malware. So the listed items there are not all problems or malware. Before you remove any item, make sure it is malware.

 

You can submit your report to any qualified online HijackThis log analyzer and HijackThis forums as the log file of Hijack Scan is 100% compatible with HijackThis log. Here is the link:

 

http://www.hijackthis.de/en

 

Or you can post here.

 

So Hijack Scan is quite different from uninstaller. You should be cautious while you removing items listed in hijack scan result.

Link to comment
Share on other sites

Hi

 

What you see in the scan is a list of all the processes running in your system. Every application (program) runs its own processes. By looking at everything that is running through your system via Hijack, you may be able to see if you have an infection... and other things. Many programs run seemingly redundant processes, but they're not.

 

If you don't know for sure what you are deleting... then stop. The previously mentioned auto analyzer mentioned by Cicely will help only if you know how to use it.

 

If you could only copy and paste the whole report here, better guidance could be given

 

Peace and good luck!

 

-Mel

Link to comment
Share on other sites

Running processes are shown in the top part of the log. Below that, it's all registry keys or values, showing different things : browser settings, browser helper objects, toolbars, Run values (for running processes), buttons and menu items, downloaded program files (ActiveX), DNS settings, Services running, and a few more.

 

Not sure about Hijack Scan, but with HijackThis, you can't fix anything from the top part (running processes), but you can for all the registry keys/values below. So you "Fix" registry entries, also known as loading points. Backups are made when fixing, so you can revert if necessary (with HijackThis, not sure about Hijack Scan).

 

One last thing : sorry folks, but online automated log analyzers are a bad idea all around. The ones I've seen are outdated and they never were effective/reliable. Ever. Stay away from them, and have someone knowledgeable look at your log, when in doubt.

 

===

Link to comment
Share on other sites

What you see in the scan is a list of all the processes running in your system. Every application (program) runs its own processes. By looking at everything that is running through your system via Hijack, you may be able to see if you have an infection... and other things. Many programs run seemingly redundant processes, but they're not.

 

If you don't know for sure what you are deleting... then stop. The previously mentioned auto analyzer mentioned by Cicely will help only if you know how to use it.

 

If you could only copy and paste the whole report here, better guidance could be given

 

Peace and good luck!

 

-Mel

 

 

 

Logfile of IObit HijackScan v1.0.0.0

Scan saved at 3:55:11, on 2010-7-31

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\WINDOWS\System32\snmp.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Webroot\Washer\WasherSvc.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Webroot\Security\current\plugins\sync\WRSyncManager.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Webroot\Security\Current\Plugins\cleanup\WRCLEA~1.EXE

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Pale Moon project\palemoon.exe

C:\Program Files\Flock\flock.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\iTunes\iTunes.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Flock\Application\flock.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Flock\Application\flock.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Flock\Application\flock.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Flock\Application\flock.exe

C:\Program Files\Pale Moon project\plugin-container.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Flock\Application\flock.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Flock\Application\flock.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Flock\Application\flock.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Webroot\Washer\wwDisp.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Documents and Settings\Owner\Desktop\FlashCookiesView.exe

C:\Program Files\Webroot\Security\Current\Framework\WRFrame.exe

C:\Program Files\Flock\Desktop\JavaRa.exe

C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\WINDOWS\system32\mmc.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Documents and Settings\Owner\Desktop\PureRa.exe

C:\Program Files\IObit\IObit Security 360\e_privacysweeper.exe

C:\Program Files\Webroot\Security\current\plugins\antimalware\SSU.EXE

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_DiskCleaner.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_DiskDoctor.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_InternetBooster.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_RegistryDefrag.exe

 

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll

O2 - BHO: WebrootBHO Class - {D93EC24D-8741-4D41-B83D-A5793B998416} - C:\Program Files\Webroot\Security\current\plugins\browserextension\WebrootBHO.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Webroot Browser Helper Object - {e08861fe-8847-4b2a-8ec2-08edb20e4020} - C:\Program Files\Webroot\Security\current\products\WISE\toolbar\LPBar.dll

O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Webroot Toolbar - {d84a64a0-f2b2-4975-b264-3a3bce8d57d6} - C:\Program Files\Webroot\Security\current\products\WISE\toolbar\LPBar.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [HotKeysCmds] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [synTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [igfxTray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [WebrootTrayApp] "C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe"

O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM

O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Owner\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Owner\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: - CmdMapping -

O9 - Extra button: - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - %windir%\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}LegitCheckControl.LegitCheck.1 - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}SoftwareDistribution.MicrosoftUpdateWebControl.1 - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126988575109

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Update Service (gupdate1c98e2f90d4ebd0) (gupdate1c98e2f90d4ebd0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: McciCMService (McciCMService) - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: Secunia Update Agent (Secunia Update Agent) - Secunia - C:\Program Files\Secunia\PSI\sua.exe

O23 - Service: Viewpoint Service (Viewpoint Service) - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (http://www.webroot.com) - C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe

O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

 

 

 

What do i need to look for to see if i have anything hijacked?

Link to comment
Share on other sites

Nothing bad in that log.

 

How can you tell ? You have two choices : Google every line, every file name, or... spend a few hundred hours learning how to decipher these logs.

 

You also need to remember that Hijack logs don't reveal all infections ; as a matter of fact, most recent infections won't show up in Hijack scans.

 

So there you have it :)

 

 

===

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...