hijack report

[brandijackson50]

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 11:14:27, on 2011-2-5

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVANQU~1\Fix-It\mxtask.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\lxczcoms.exe

C:\Program Files\Common Files\AntiVirus\SBAMSvc.exe

C:\Program Files\AVANQU~1\Fix-It\mxtask2.exe

C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Documents and Settings\Brandi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Brandi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Brandi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Documents and Settings\Brandi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Brandi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\rundll32.exe

 

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [Google Update] "C:\Documents and Settings\Brandi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s

O9 - Extra button: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - %windir%\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9}SpinTopDRM.SpinTopDRMClass.1 - file:///C:/Program%20Files/Little%20Shop%20-%20Memories/Images/stg_drm.ocx

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}LegitCheckControl.LegitCheck.1 - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}Java Plug-in 1.6.0_04 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}Java Plug-in 1.6.0_20 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54}ArmHelper.ArmClass.1 - file:///C:/Program%20Files/Little%20Shop%20-%20Memories/Images/armhelper.ocx

O23 - Service: BlueBird Service (BlueBirdservice) - Unknown - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: Fix-It Task Manager (Fix-It Task Manager) - Avanquest Software - C:\Program Files\AVANQU~1\Fix-It\mxtask.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: lxcz_device (lxcz_device) - - C:\WINDOWS\system32\lxczcoms.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown - .dll

O23 - Service: Norton Internet Security (NIS) - Unknown - .dll

O23 - Service: ForceWare IP service (nSvcIp) - Unknown - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Office Source Engine (ose) - Unknown - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - Unknown - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\RpcAgentSrv.exe

O23 - Service: Fix-It (SBAMSvc) - Sunbelt Software - C:\Program Files\Common Files\AntiVirus\SBAMSvc.exe

O23 - Service: SeaPort (SeaPort) - Unknown - .dll

[So_sad]

Welcome to the forums, Brandi :-)

 

All I see here is a Hijack log and I'll need a little bit more than that...

Is there anything wrong with your machine ?

And finally : you have two competing antivirus programs on there (Microsoft Security Essentials and Avanquest Fix-It). First time I see the Avanquest one, so I don't know if it's any good or not. You'll need to remove one of them though, and I trust the Microsoft one..

 

So let me know what's wrong (if anything) with the machine and we'll take it from there. We'll also need to update a few programs and clear away some old stuff ; Norton and McAfee for example.

 

See you soon.

 

===