Security issue, and request from readers

Toshiba / m305
May 27, 2009 at 17:06:54
Specs: Windows Vista, Intel Core 2 duo 2.0 ghz/ 4GB
Hi all,

Just a quick question...I have several really good spyware programs and one of them (that I like the most) is called "Advanced System Care." It really does a great job, but it keeps finding something in my security section and keeps popping up a log that it says is the same as the HIJackThis logs and should be given to experts to read and see. So, here I am...

I know that one should never post a log file till told to do so here on this site, I have been a long time member here and read A LOT here daily.

So, if anyone reads this and allows me to post my log file I will...

Thanks all.

Viv

Never enter a battle of wits with an unarmed person...


See More: Security issue, and request from readers

Report •


#1
May 27, 2009 at 17:13:14
Sure post it.

--------------------------------------------
To Private Message me Click Here


Report •

#2
May 28, 2009 at 19:38:59
Thank you so much...after the log file, I went to the HiJackThis Analyzer and below the log file is what it said... I just don't know why it keeps popping up after the scan and says to post the log file for experts to check out...so there must be something there...thanks again.

Advanced SystemCare 3 Security Analyzer
Scan saved at 10:05:53 PM, on 5/28/2009
Platform: Windows Vista (WinNT 6.0)
MSIE: Internet Explorer v8.0 (8.0.6001.18762)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Groove GFS Browser Helper - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Groove GFS Browser Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Google Dictionary Compression sdch - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitS...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/ji...
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.6.0_06) - http://java.sun.com/update/1.6.0/ji...
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/ji...
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/ji...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9d3c94bfb3ed9) (gupdate1c9d3c94bfb3ed9) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe


The Analyzer:

Actions Entry Kind Visitor's assessment Information
Platform: Windows Vista (WinNT 6.0)

MSIE: Internet Explorer v8.0 (8.0.6001.18762)
This should be the newest version.
Boot mode: Normal
Very safe This entry was classified from our visitors as good.
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

Associated with GoogleToolbarNotifier from Google Inc.
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
Very safe Safe (4.71 / 5.00)
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
Safe
Java Runtime
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Very safe
Internet Explorer - Wir empfehlen einen sichereren alternativen Browser zu verwenden. (z.B. Firefox)
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Very safe
Internet Explorer - Wir empfehlen einen sichereren alternativen Browser zu verwenden. (z.B. Firefox)
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser.exe
Neutral (3.44 / 5.00)
C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
Safe
Possibly nasty! According to our database this process runs normally in c:\programme\awc\! Check if you know this process and arrange a viruscheck where required. Automatic Wallpaper Changer
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
Very safe LinkScannerIE.dll - LinkScanner, http://linkscanner.explabs.com/link... er/default.asp
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Safe GrooveShellExtensions.dll Groove Virtual Office
O2 - BHO: Groove GFS Browser Helper - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
Neutral (3.09 / 5.00)
O2 - BHO: Groove GFS Browser Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
googletoolbar.dll, googletoolbar*.dll (* = number), googletoolbar_en_*.**-big.dll, Googletoolbar_en_*.*.**-deleon.dll. - Google toolbar, http://toolbar.google.com/
O2 - BHO: Groove GFS Browser Helper - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
swg.dll - Google Toolbar Notifier, http://googlesystem.blogspot.com/20... /google-is-your-default-search.html
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
Safe (3.79 / 5.00)
O2 - BHO: Google Dictionary Compression sdch - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
jp2ssv.dll - Sun_Java, http://java.sun.com/javase/download... ex.jsp browser plugin
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
googletoolbar.dll, googletoolbar*.dll (* = digit), googlenav.dll, googlenav*.dll, googletoolbar_en_*.**-big.dll, googletoolbar_en_*.*.**-deleon.dll - Google Toolbar
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Associated with GoogleToolbarNotifier from Google Inc.
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Safe This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
Safe Safe (4.71 / 5.00)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
Very safe Java von Sun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
The entry E&xport to Microsoft Excel has been identified as safe.
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
The entry Send to OneNote has been identified as safe.
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
The entry Research has been identified as safe.
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitS...
Safe Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/ji...
This entry has been identified as safe.
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...
Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.6.0_06) - http://java.sun.com/update/1.6.0/ji...
Safe (3.53 / 5.00)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/ji...
Safe (3.53 / 5.00)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/ji...
This entry has been identified as safe.
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
Very safe This service (aawservice.exe) was identified as a good one.
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
Safe Safe (4.68 / 5.00)
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
Safe (3.93 / 5.00)
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
This service (CFSvcs.exe) was identified as a good one.
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
Safe This service (EvtEng.exe) was identified as a good one.
O23 - Service: Google Update Service (gupdate1c9d3c94bfb3ed9) (gupdate1c9d3c94bfb3ed9) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Safe (3.82 / 5.00)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
This service (GoogleUpdaterService.exe) was identified as a good one.
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
This service (IDriverT.exe) was identified as a good one.
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
This service (o2flash.exe) was identified as a good one.
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
Neutral Neutral (3.09 / 5.00)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
This service (RegSrvc.exe) was identified as a good one.
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
Neutral Unknown service. (SmartFaceVWatchSrv.exe)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
Unknown service. (TMachInfo.exe)
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
Very safe Unknown service. (TNaviSrv.exe)
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
Very safe This service (TODDSrv.exe) was identified as a good one.
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
Safe Safe (4.5 / 5.00)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
This service (TosBtSrv.exe) was identified as a good one.
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
Safe Unknown service. (TosIPCSrv.exe)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
This service (ULCDRSvr.exe) was identified as a good one.
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
This service (ViewpointService.exe) was identified as a good one.
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe
Very safe Safe (4.16 / 5.00)
Short analysis



Never enter a battle of wits with an unarmed person...


Report •

#3
May 28, 2009 at 19:55:51
Interesting piece of software nothing stands out. Plus they have also ranked each entry for you if you look closely. Does it say it detected anything?

-------------------------------------------------


Report •

Related Solutions

#4
May 30, 2009 at 00:18:05
No it does not...actually the spyware scanner on it shows up clean and so do all the other sections of this program,. I even then ran my Adaware, and Trojan Remover and nothing. My AVG anti virus shows nothing wrong. Firewall is intact, all is good.

Yes, I saw that it ranked it all. That was the HJThis Analyzer though, not my Advanced System Care program. BUT, the Advanced System Care program does keep appearing after the scan to make me look at the log file I posted above, above the Analyzer log file.
Strange...
My laptop is only about 3 weeks old, and clean as a whistle, so is my desktop, it is way older but runs well and is clean.
So, you saw nothing huh?? Strange.
Viv

Never enter a battle of wits with an unarmed person...


Report •


Ask Question