Logfile of IObit HijackScan v1.0.0.0
Scan saved at 10:8:29, on 2010-8-13
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\LEXBCES.EXE
C:\Windows\System32\LEXPPS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxczcoms.exe
C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe
C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrvx86.exe
C:\Program Files\Panda Security\Panda Global Protection 2009\AVENGINE.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\WUDFHost.exe
c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\IObit\IObit Security 360\is360tray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Panda Security\Panda Global Protection 2009\SRVLOAD.EXE
C:\Program Files\Panda Security\Panda Global Protection 2009\PavBckPT.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\sdclt.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\IObit Security 360\is360.exe
C:\Users\Monica Cash\AppData\Local\qrgeenkpv\pevbexgshdw.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [hpqSRMon]
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" /s
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2009\Inicio.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: []
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [Conime] %windir%\system32\conime.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_13 - http://java.sun.com/...indows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}Java Plug-in 1.6.0_02 - http://java.sun.com/...indows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}Java Plug-in 1.6.0_05 - http://java.sun.com/...indows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}Java Plug-in 1.6.0_07 - http://java.sun.com/...indows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}Java Plug-in 1.6.0_13 - http://java.sun.com/...indows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_13 - http://java.sun.com/...indows-i586.cab
O23 - Service: Adobe Version Cue CS4 (Adobe Version Cue CS4) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb (Com4Qlb) - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown - %windir%\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service (FLEXnet Licensing Service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService (GameConsoleService) - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Group Policy Client (gpsvc) - Unknown - %windir%\system32\svchost.exe
O23 - Service: HP Health Check Service (HP Health Check Service) - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex (hpqwmiex) - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Kodak AiO Network Discovery Service (Kodak AiO Network Discovery Service) - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
O23 - Service: LeapFrog Connect Device Service (LeapFrog Connect Device Service) - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdate) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: lxcz_device (lxcz_device) - - C:\Windows\system32\lxczcoms.exe
O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Software Controller (Panda Software Controller) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda global protection 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\PskSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe
O23 - Service: Symantec Core LC (Symantec Core LC) - Unknown - C:\Program Files\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2009\TPSrv.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe
O23 - Service: XAudioService (XAudioService) - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe