Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

help needed with hijack scan


jsr27

Recommended Posts

:mrgreen:ogfile of IObit HijackScan v0.2.0.0

Scan saved at 21:25:11, on 2010-8-14

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\aestsrv.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\rpcnet.exe

C:\Windows\system32\STacSV.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Windows\system32\svchost.exe

C:\Program Files\AeroSnap\AeroSnap.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\alg.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}LegitCheckControl.LegitCheck.1 - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7}ClearAdjust.CTAdjust.1 - http://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab

O23 - Service: Andrea ST Filters Service - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: Application Host Helper Service - Unknown - %windir%\system32\svchost.exe

O23 - Service: Windows Media Center Service Launcher - Unknown - %windir%\system32\svchost.exe

O23 - Service: Group Policy Client - Unknown - %windir%\system32\svchost.exe

O23 - Service: Intel® Matrix Storage Event Monitor - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Windows CardSpace - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Panda Cloud Antivirus Service - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

O23 - Service: Net.Tcp Port Sharing Service - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: PuranDefrag - Puran Software - C:\Windows\system32\PuranDefragS.exe

O23 - Service: Quality Windows Audio Video Experience - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) Net - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

O23 - Service: Secondary Logon - Unknown - %windir%\system32\svchost.exe

O23 - Service: SigmaTel Audio Service - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: World Wide Web Publishing Service - Unknown - %windir%\system32\svchost.exe

O23 - Service: Windows Process Activation Service - Unknown - %windir%\system32\svchost.exe

O23 - Service: Dell Wireless WLAN Tray Service - Unknown - C:\Windows\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe

O23 - Service: Windows Media Player Network Sharing Service - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Link to comment
Share on other sites

*big sigh*

 

Hello there.

 

It would be nice if you told us what was wrong with your machine...

 

Hijack scans don't show much, so we need to know what problems you are experiencing, if any. Without this minimal input from you, we can't do anything to help.

 

Thanks..

 

===

Link to comment
Share on other sites

*big sigh*

 

Hello there.

 

It would be nice if you told us what was wrong with your machine...

 

Hijack scans don't show much, so we need to know what problems you are experiencing, if any. Without this minimal input from you, we can't do anything to help.

 

Thanks..

 

===

 

when i run asc pro its says it has suggestions and i dont know what i need to do otherwise no problems.

Link to comment
Share on other sites

  • 1 month later...

please i need help

 

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 20:27:25, on 2010-9-27

 

Running processes:

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Users\kath's\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

C:\Program Files (x86)\iTunes\iTunes.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.3.60.6\facemoods.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100915210939.dll

O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -

O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.3.60.6\facemoodsTlbr.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll

O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [DelayShred] "c:\PROGRA~1\mcafee\mqs\ShrCL.EXE" /P5 /q "C:\PROGRA~1\SUPERA~1"

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\RunOnce\: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe

O23 - Service: AMD External Events Utility (AMD External Events Utility) - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx (Com4QLBEx) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: HP Health Check Service (HP Health Check Service) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

O23 - Service: McAfee Application Installer Cleanup (0181481285537605) (0181481285537605mcinstcleanup) - Unknown - C:\Windows\TEMP\018148~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini

O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

Link to comment
Share on other sites

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 20:27:25, on 2010-9-27

 

Running processes:

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\svchost.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Users\kath's\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

C:\Program Files (x86)\iTunes\iTunes.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.3.60.6\facemoods.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100915210939.dll

O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -

O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.3.60.6\facemoodsTlbr.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll

O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [DelayShred] "c:\PROGRA~1\mcafee\mqs\ShrCL.EXE" /P5 /q "C:\PROGRA~1\SUPERA~1"

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\RunOnce\: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe

O23 - Service: AMD External Events Utility (AMD External Events Utility) - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx (Com4QLBEx) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: HP Health Check Service (HP Health Check Service) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

O23 - Service: McAfee Application Installer Cleanup (0181481285537605) (0181481285537605mcinstcleanup) - Unknown - C:\Windows\TEMP\018148~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini

O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

 

 

i kept noticing system slowing down half icons left on the screen and certin security seettings had been altered or changed

Link to comment
Share on other sites

Hello kathpodclarke :smile:

 

Thank you for providing some info on your problem (some is better than none ;-)).

 

I see a few things :

 

- McAfee Security Suite, which has a firewall, and Zone Alarm. Looking at your log, I think that McAfee is disabled, but if you ever have it running alongside Zone Alarm, that could cause problems. Only one firewall running ; same with an antivirus. Do you still use McAfee ??

 

- Torrent client : that can cause slowdowns, not to mention the risks of infection.

 

- Registry Booster : this is my opinion only, but for whatever it's worth... don't use 'em, because you're just asking for trouble.

 

- You have MBAM there as well (Pro ?) : did it find anything bad ?

 

===

Link to comment
Share on other sites

heeelllppp

 

Hello kathpodclarke :smile:

 

Thank you for providing some info on your problem (some is better than none ;-)).

 

I see a few things :

 

- McAfee Security Suite, which has a firewall, and Zone Alarm. Looking at your log, I think that McAfee is disabled, but if you ever have it running alongside Zone Alarm, that could cause problems. Only one firewall running ; same with an antivirus. Do you still use McAfee ??

 

- Torrent client : that can cause slowdowns, not to mention the risks of infection.

 

- Registry Booster : this is my opinion only, but for whatever it's worth... don't use 'em, because you're just asking for trouble.

 

- You have MBAM there as well (Pro ?) : did it find anything bad ?

 

===

 

hi am doms partnner zone loan alarm instlled and and tried viper on my llatpob, bugged majorly

 

can y see if it what an thinking of on my cpu hers the loog transcri

 

hijact this

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 5:25:3, on 2010-9-30

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\Ati2evxx.exe

C:\Program Files\Acer\VitaKey MC3000\CompPtcVUI.exe

C:\Windows\system32\vfsFPService.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\IObit\IObit Security 360\is360srv.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Acer\Mobility Center\MobilityService.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Acer\Acer VCM\RS_Service.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\alg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Users\dominic\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\McAfee\VirusScan\mcods.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\explorer.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\dominic\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100916004625.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\VitaKey MC3000\PwdBank.exe

O9 - Extra button: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Acer\VitaKey MC3000\PwdBank.exe

O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Acer\VitaKey MC3000\PwdBank.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility (Ati External Event Utility) - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: eDataSecurity Service (eDataSecurity Service) - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

 

also ehat eidence left behind

14.2.2813.05191653459309689185/16/2009 6:39:10 PM626281608438941002009-05-16T18:39:10Zpublisher519165345930968918KellyStatusis sooooo bored!!Live.RecentActivity.EnvironmentSupportUrlhttp://cid-07347221a7e87f56.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-07347221a7e87f56.profile.live.com/notes/49409349316673536345/15/2009 8:29:57 PM626281608438941002009-05-15T20:29:57Zpublisher4940934931667353634WesleyStatusBoo Hiss lol :)Live.RecentActivity.EnvironmentSupportUrlhttp://cid-4491ba24645a0022.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-4491ba24645a0022.profile.live.com/notes/4940934931667353634!!ba8791a6632973a3!4491ba24645a0022626281608438940402009-05-15T20:29:28Zpublisher4940934931667353634WesleyFriend-5005872316984757341sarahuser64957904107660269715/15/2009 7:34:31 PM626281608438941002009-05-15T19:34:31Zpublisher6495790410766026971StatusIntolerance Recordings - http://www.myspace.com/intolrecLive.RecentActivity.EnvironmentSupportUrlhttp://cid-5a25aef6611908db.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-5a25aef6611908db.profile.live.com/notes/64957904107660269715/13/2009 6:51:24 PM626281608438941002009-05-13T18:51:24Zpublisher6495790410766026971StatusIntolerance Recordings - http://www.myspace.com/intolrecLive.RecentActivity.EnvironmentSupportUrlhttp://cid-5a25aef6611908db.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-5a25aef6611908db.profile.live.com/notes/64957904107660269715/12/2009 10:53:23 PM626281608438941002009-05-12T22:53:23Zpublisher6495790410766026971StatusHas anybody got a copy of Sony Soundforge??Live.RecentActivity.EnvironmentSupportUrlhttp://cid-5a25aef6611908db.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-5a25aef6611908db.profile.live.com/notes/34241892889436891905/7/2009 3:40:22 PM626281608438941002009-05-07T15:40:22Zpublisher3424189288943689190djchucke2001StatusCORE ISSUE 5 OUT NOW........NOSTALGIA out NOW.. On Intolerance Recordings....Live.RecentActivity.EnvironmentSupportUrlhttp://cid-2f852a04232f9de6.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-2f852a04232f9de6.profile.live.com/notes/34241892889436891905/7/2009 12:29:37 PM626281608438941002009-05-07T12:29:37Zpublisher3424189288943689190djchucke2001StatusNOSTALGIA out NOW.. On Intolerance Recordings....Live.RecentActivity.EnvironmentSupportUrlhttp://cid-2f852a04232f9de6.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-2f852a04232f9de6.profile.live.com/notes/90187496612965676865/6/2009 4:44:18 PM626281608438941002009-05-06T16:44:18Zpublisher9018749661296567686Swankie DJStatusS&KDGL010 Swankie DJ & Kashi - Chill Tip Inc Yofridiz Remix out on 15th May!!! AVIT!!!Live.RecentActivity.EnvironmentSupportUrlhttp://cid-7d29090897c1a586.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-7d29090897c1a586.profile.live.com/notes/90187496612965676865/5/2009 11:49:44 AM626281608438941002009-05-05T11:49:44Zpublisher9018749661296567686Swankie DJStatusS&KDGL010 Swankie DJ & Kashi - Chill Tip Inc Yofridiz Remix OUT SOON!!!Live.RecentActivity.EnvironmentSupportUrlhttp://cid-7d29090897c1a586.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-7d29090897c1a586.profile.live.com/notes/49409349316673536344/29/2009 8:04:26 PM626281608438941002009-04-29T20:04:26Zpublisher4940934931667353634WesleyStatusNearlly there lolLive.RecentActivity.EnvironmentSupportUrlhttp://cid-4491ba24645a0022.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-4491ba24645a0022.profile.live.com/notes/-61649433813652613544/27/2009 6:34:14 PM626281608438941002009-04-27T18:34:14Zpublisher-6164943381365261354RichardStatusTECHNO Coming soonLive.RecentActivity.EnvironmentSupportUrlhttp://cid-aa71b8a86d53fbd6.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-aa71b8a86d53fbd6.profile.live.com/notes/-61649433813652613544/27/2009 6:28:09 PM626281608438941002009-04-27T18:28:09Zpublisher-6164943381365261354RichardStatusREVIVE 10 @ THE EXCHANGE DEVIZES 24/04/09Live.RecentActivity.EnvironmentSupportUrlhttp://cid-aa71b8a86d53fbd6.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-aa71b8a86d53fbd6.profile.live.com/notes/519165345930968918GeneralProfile.Photo633318053359349782009-04-23T09:52:32Zpublisher519165345930968918KellyLive.RecentActivity.EnvironmentSupportUrlhttp://cid-07347221a7e87f56.profile{env1}.live.com/Live.RecentActivity.AuthPolicyMBIProfilePichttp://byfiles.storage.msn.com/y1pEUnKAtxF7tEHMOoQH9-W2x8CeJOmN4bID2ii2dKkhx9KD2bKHvk51V_G4UDJvqX4lKeFaUsbc-8http://cid-07347221a7e87f56.profile.live.com/Live.RecentActivity.EnvironmentSupportUrlhttp://cid-07347221a7e87f56.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-07347221a7e87f56.profile.live.com/notes/34241892889436891904/20/2009 10:58:11 AM626281608438941002009-04-20T10:58:11Zpublisher3424189288943689190djchucke2001Status....JTB & Chuck-E present 'Pride of Wales' @ PULSE, 4th July, Builth Wells...Live.RecentActivity.EnvironmentSupportUrlhttp://cid-2f852a04232f9de6.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-2f852a04232f9de6.profile.live.com/notes/-25293443574687070094/14/2009 9:32:24 PM626281608438941002009-04-14T21:32:24Zpublisher-2529344357468707009damianStatusyour my world princess tanith xxxxxxLive.RecentActivity.EnvironmentSupportUrlhttp://cid-dce5f6b53a70673f.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-dce5f6b53a70673f.profile.live.com/notes/5997668384918596939!!d1c904e2f65bc309!533bff9e7ba9ed4b626281608438940402009-04-14T08:09:52Zpublisher5997668384918596939JoFriend-3330125076621442295stephenuser59976683849185969394/14/2009 8:08:34 AM626281608438941002009-04-14T08:08:34Zpublisher5997668384918596939JoStatusCongratulations Jay and Jeanette :)Live.RecentActivity.EnvironmentSupportUrlhttp://cid-533bff9e7ba9ed4b.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-533bff9e7ba9ed4b.profile.live.com/notes/4940934931667353634!!c0fe997dfc4e3a9d!4491ba24645a0022626281608438940402009-04-13T19:33:00Zpublisher4940934931667353634WesleyFriend-4540022607959934307Smyrkyuser4940934931667353634!!d1c904e2f65bc309!4491ba24645a0022626281608438940402009-04-13T19:32:58Zpublisher4940934931667353634WesleyFriend-3330125076621442295stephenuser90187496612965676864/9/2009 4:26:12 PM626281608438941002009-04-09T16:26:12Zpublisher9018749661296567686Swankie DJStatusS&KDGL010 Swankie DJ & Kashi - Chill Tip ... Feat Remix from Yofridiz!! OUT SOON!!!Live.RecentActivity.EnvironmentSupportUrlhttp://cid-7d29090897c1a586.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-7d29090897c1a586.profile.live.com/notes/59976683849185969394/9/2009 8:35:24 AM626281608438941002009-04-09T08:35:24Zpublisher5997668384918596939JoStatusFeeling a bit better, but have no voice :(Live.RecentActivity.EnvironmentSupportUrlhttp://cid-533bff9e7ba9ed4b.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-533bff9e7ba9ed4b.profile.live.com/notes/5997668384918596939!!dae22bd9048b9712!533bff9e7ba9ed4b626281608438940402009-04-09T08:33:46Zpublisher5997668384918596939JoFriend-2674527017620498670Sean A.K.A Werewolfuser5997668384918596939!!ed7eec8fa06cc3eb!533bff9e7ba9ed4b626281608438940402009-04-09T08:33:29Zpublisher5997668384918596939JoFriend-1333368338039127061Harduser7036202352134255559!!891aaf4e03b6bd3a!61a59cc286baf3c7626281608438940402009-04-06T00:52:07Zpublisher7036202352134255559LauraFriend-8567342591514329798Danuser519165345930968918!!9ee65c2dde77b258!07347221a7e87f56626281608438940402009-04-05T11:21:31Zpublisher519165345930968918KellyFriend-6996803618997816744leeuser-25293443574687070094/2/2009 9:43:32 PM626281608438941002009-04-02T21:43:32Zpublisher-2529344357468707009damianStatusim goin2 marry u xxxxxxLive.RecentActivity.EnvironmentSupportUrlhttp://cid-dce5f6b53a70673f.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-dce5f6b53a70673f.profile.live.com/notes/519165345930968918!!ff88c11c483abbdd!07347221a7e87f56626281608438940402009-04-01T18:31:19Zpublisher519165345930968918KellyFriend-33564669990224931christopheruser-25293443574687070093/31/2009 9:53:19 PM626281608438941002009-03-31T21:53:19Zpublisher-2529344357468707009damianStatus"Bear loves princess 4eva and eva" xxxxxLive.RecentActivity.EnvironmentSupportUrlhttp://cid-dce5f6b53a70673f.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-dce5f6b53a70673f.profile.live.com/notes/49409349316673536344491BA24645A0022!140633318053360418302009-03-26T09:39:58Zpublisher-6164943381365261354RichardOwner4940934931667353634WesleyuserLive.RecentActivity.EnvironmentSupportUrlhttp://cid-4491BA24645A0022.profile{env1}.live.com/notesNoteshttp://cid-4491BA24645A0022.profile.live.com/notesSummaryNice one bruvaaaaaaaaaaaaa! Looking forward to it!!! Hardcore Vibes54143846319102054013/7/2009 12:14:39 PM626281608438941002009-03-07T12:14:39Zpublisher5414384631910205401BethStatusBy the power of Greyskull!Live.RecentActivity.EnvironmentSupportUrlhttp://cid-4b23c222d65787d9.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-4b23c222d65787d9.profile.live.com/notes/-786806429474427673/4/2009 7:42:36 AM626281608438941002009-03-04T07:42:36Zpublisher-78680642947442767 Statusinfo@trancewarez.co.uk | +44 08455 279 748Live.RecentActivity.EnvironmentSupportUrlhttp://cid-fee8785f426b17b1.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-fee8785f426b17b1.profile.live.com/notes/54143846319102054012/27/2009 11:19:02 AM626281608438941002009-02-27T11:19:02Zpublisher5414384631910205401BethStatus...wooohoooohahahaha!!!Live.RecentActivity.EnvironmentSupportUrlhttp://cid-4b23c222d65787d9.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-4b23c222d65787d9.profile.live.com/notes/-61649433813652613542/21/2009 8:41:36 AM626281608438941002009-02-21T08:41:36Zpublisher-6164943381365261354RichardStatusMANUFACTURED DIZTORTION II @ THE EXCHANGE DEVIZES 27/02/09 9-2.30AMLive.RecentActivity.EnvironmentSupportUrlhttp://cid-aa71b8a86d53fbd6.profile{env1}.live.com/notes/Live.RecentActivity.AuthPolicyMBICommentURLhttp://cid-

aa71b8a86d53fbd6.profile.live.com/notes/519165345930968918!!8d32123074071d28!07347221a7e87f56626281608438940402009-02-07T18:01:34Zpublisher519165345930968918kelFriend-8272529566211826392arasuser1181298034443751538!!1064d04db4e31072!2825b2688cee2056626281608438940402009-02-04T16:36:51Zpublisher1181298034443751538StacyFriend2892914497766170710jaimeuser400218661887179792ExpressionProfile.Photo626281608438941012009-01-30T03:44:33Zpublisher400218661887179792Sleeping BeautyLive.RecentActivity.EnvironmentSupportUrlhttp://cid-

 

thanks dominic

Link to comment
Share on other sites

Hi there Dominic ;

 

I'm sorry but I'm having a very hard time reading your post and understanding what the problem is, or might be. If you could type slower and perhaps make full sentences, that would help greatly.

 

When you say "Viper", do you mean "Vipre" antivirus ? What was the problem there ?

I see McAfee installed and running, so if you tried another antivirus while McAfee was running... that could explain it.

 

If you can answer my above question and then be more specific and clear about any problems you are having with the laptop, I might be able to help.

 

If you could also tell me what that second "log" is (below the Hijack scan), that would be great because I have no idea what it is or what it means.

 

Thanks.

 

===

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...