Nopnoob Posted May 16, 2009 Share Posted May 16, 2009 [hide=Big Log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:48:05, on 16-5-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss[Caution: Executable File] C:\WINDOWS\system32\winlogon[Caution: Executable File] C:\WINDOWS\system32\services[Caution: Executable File] C:\WINDOWS\system32\lsass[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\System32\svchost[Caution: Executable File] C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File] C:\WINDOWS\system32\spoolsv[Caution: Executable File] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File] C:\PROGRA~1\AVG\AVG8\avgwdsvc[Caution: Executable File] C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File] C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File] C:\PROGRA~1\AVG\AVG8\avgrsx[Caution: Executable File] C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File] C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File] C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File] C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File] C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File] c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File] c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File] C:\WINDOWS\system32\nvsvc32[Caution: Executable File] C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File] C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\UPHClean\uphclean[Caution: Executable File] C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File] C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File] C:\WINDOWS\Explorer[Caution: Executable File] C:\Program Files\Wireless-N PCI Adapter\WMP300N[Caution: Executable File] c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File] C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File] C:\Program Files\DAEMON Tools\daemon[Caution: Executable File] C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File] C:\WINDOWS\system32\RUNDLL32[Caution: Executable File] C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File] C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File] C:\WINDOWS\system32\rundll32[Caution: Executable File] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File] C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File] C:\Program Files\QuickTime\QTTask[Caution: Executable File] C:\Program Files\iTunes\iTunesHelper[Caution: Executable File] C:\PROGRA~1\AVG\AVG8\avgtray[Caution: Executable File] C:\WINDOWS\system32\LVCOMSX[Caution: Executable File] C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File] C:\Program Files\Logitech\SetPoint\LBTWiz[Caution: Executable File] C:\WINDOWS\system32\ctfmon[Caution: Executable File] C:\Program Files\Steam\Steam[Caution: Executable File] C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File] C:\Program Files\iPod\bin\iPodService[Caution: Executable File] C:\Program Files\Logitech\Video\FxSvr2[Caution: Executable File] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray[Caution: Executable File] C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File] C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR[Caution: Executable File] C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File] C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv[Caution: Executable File] C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv[Caution: Executable File] C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv[Caution: Executable File] C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File] C:\Program Files\Windows Live\Contacts\wlcomm[Caution: Executable File] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard[Caution: Executable File] C:\Program Files\Spybot - Search & Destroy\SpybotSD[Caution: Executable File] C:\Program Files\AVG\AVG8\avgui[Caution: Executable File] C:\Program Files\AVG\AVG8\avgscanx[Caution: Executable File] C:\Program Files\AVG\AVG8\avgcsrvx[Caution: Executable File] C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware[Caution: Executable File] C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: (no name) - {E8A8B218-14F2-45F4-9DEB-340F8D21C8A0} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File] O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]" -lang 1033 O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File]" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: Executable File] O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR[Caution: Executable File] O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File]" O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File]" /tray O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32[Caution: Executable File] bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File] O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File]" /enum:on /alerts:on /systrayIcon:on O4 - HKLM\..\Run: [ssAAD[Caution: Executable File]] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File] O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR[Caution: Executable File] O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent[Caution: Executable File]" /runkey O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File]" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask[Caution: Executable File]" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier[Caution: Executable File] O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray[Caution: Executable File] O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX[Caution: Executable File] O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart[Caution: Executable File] O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File] O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ[Caution: Executable File] -silent O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File] O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File] O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam[Caution: Executable File]" -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File]" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File]" /c O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine[Caution: Executable File]" boot O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File] O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File] O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File]" -onlytray O4 - HKUS\S-1-5-19\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File] O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File] O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: Executable File]/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File] O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File] O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7984905956 O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://terrascam.heerenvanbeijerland.nl/activex/AMC.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{243284D1-EE00-4872-9336-8A05A63642DE}: NameServer = 192.168.0.1,192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{71821921-0DD8-4CCC-8325-AB17B3C31575}: NameServer = 192.168.0.1,192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{F7C9BBB4-2D89-43E9-9CDC-DCB342536149}: NameServer = 192.168.0.1,192.168.0.254 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File] O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File] O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc[Caution: Executable File] O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File] O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File] O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService[Caution: Executable File] O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService[Caution: Executable File] O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT[Caution: Executable File] O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File] O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File] O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File] O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File] O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File] O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File] O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File] O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File] O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File] O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods[Caution: Executable File] O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File] O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield[Caution: Executable File] (file missing) O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon[Caution: Executable File] O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: Executable File] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File] O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: Executable File] O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File] O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File] O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File] O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: Executable File] O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: Executable File] O23 - Service: WMP300NSvc - GEMTEKS - C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File] -- End of file - 18773 bytes[/hide] [hide=SECOND LOG]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:37:53, on 17-5-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss[Caution: Executable File] C:\WINDOWS\system32\winlogon[Caution: Executable File] C:\WINDOWS\system32\services[Caution: Executable File] C:\WINDOWS\system32\lsass[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\System32\svchost[Caution: Executable File] C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File] C:\WINDOWS\system32\spoolsv[Caution: Executable File] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File] C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File] C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File] C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File] C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File] C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File] C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File] C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File] c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File] c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File] C:\WINDOWS\system32\nvsvc32[Caution: Executable File] C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File] C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\UPHClean\uphclean[Caution: Executable File] C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File] C:\Program Files\Wireless-N PCI Adapter\WMP300N[Caution: Executable File] C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File] C:\WINDOWS\Explorer[Caution: Executable File] c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File] C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File] C:\Program Files\DAEMON Tools\daemon[Caution: Executable File] C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File] C:\WINDOWS\system32\RUNDLL32[Caution: Executable File] C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File] C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File] C:\WINDOWS\system32\rundll32[Caution: Executable File] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File] C:\Program Files\QuickTime\QTTask[Caution: Executable File] C:\Program Files\iTunes\iTunesHelper[Caution: Executable File] C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File] C:\WINDOWS\system32\LVCOMSX[Caution: Executable File] C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File] C:\Program Files\Logitech\SetPoint\LBTWiz[Caution: Executable File] C:\WINDOWS\system32\ctfmon[Caution: Executable File] C:\Program Files\Steam\Steam[Caution: Executable File] C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File] C:\Program Files\iPod\bin\iPodService[Caution: Executable File] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray[Caution: Executable File] C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File] C:\Program Files\Logitech\Video\FxSvr2[Caution: Executable File] C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR[Caution: Executable File] C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File] C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv[Caution: Executable File] C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv[Caution: Executable File] C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv[Caution: Executable File] C:\WINDOWS\system32\wuauclt[Caution: Executable File] C:\Program Files\Avira\AntiVir Desktop\avguard[Caution: Executable File] C:\Program Files\Avira\AntiVir Desktop\sched[Caution: Executable File] C:\Program Files\Avira\AntiVir Desktop\avgnt[Caution: Executable File] c:\program files\avira\antivir desktop\avcenter[Caution: Executable File] C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File] C:\Program Files\Avira\AntiVir Desktop\avscan[Caution: Executable File] C:\Program Files\Java\jre6\bin\java[Caution: Executable File] C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: (no name) - {E8A8B218-14F2-45F4-9DEB-340F8D21C8A0} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File] O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]" -lang 1033 O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File]" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: Executable File] O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR[Caution: Executable File] O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File]" O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File]" /tray O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32[Caution: Executable File] bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File] O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File]" /enum:on /alerts:on /systrayIcon:on O4 - HKLM\..\Run: [ssAAD[Caution: Executable File]] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File] O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR[Caution: Executable File] O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent[Caution: Executable File]" /runkey O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File]" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask[Caution: Executable File]" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier[Caution: Executable File] O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX[Caution: Executable File] O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart[Caution: Executable File] O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File] O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ[Caution: Executable File] -silent O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File] O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt[Caution: Executable File]" /min O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File] O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam[Caution: Executable File]" -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File]" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File]" /c O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine[Caution: Executable File]" boot O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File] O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File] O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File]" -onlytray O4 - HKUS\S-1-5-19\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File] O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File] O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: Executable File]/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File] O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File] O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7984905956 O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://terrascam.heerenvanbeijerland.nl/activex/AMC.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{243284D1-EE00-4872-9336-8A05A63642DE}: NameServer = 192.168.0.1,192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{71821921-0DD8-4CCC-8325-AB17B3C31575}: NameServer = 192.168.0.1,192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{F7C9BBB4-2D89-43E9-9CDC-DCB342536149}: NameServer = 192.168.0.1,192.168.0.254 O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File] O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched[Caution: Executable File] O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard[Caution: Executable File] O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File] O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File] O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File] O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService[Caution: Executable File] O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService[Caution: Executable File] O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT[Caution: Executable File] O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File] O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File] O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File] O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File] O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File] O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File] O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File] O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File] O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File] O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods[Caution: Executable File] O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File] O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield[Caution: Executable File] (file missing) O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon[Caution: Executable File] O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: Executable File] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File] O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: Executable File] O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File] O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File] O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File] O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: Executable File] O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: Executable File] O23 - Service: WMP300NSvc - GEMTEKS - C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File] -- End of file - 18877 bytes[/hide] A mod told me to do this because I suspected I had a keylogger, can anyone tell me if I have one? Thanks. P.S: If you want some more info, please post here what you need to know! Dutchy Link to comment Share on other sites More sharing options...
Dracion1 Posted May 16, 2009 Share Posted May 16, 2009 You must have a lot of RAM to run all those processes :o I can't see anything on there suspicious myself, though it's a large log and I could have easily have missed something. Is your computer slow to start up? You've got loads running, a lot of it most likely unnecessary. I don't think you need all of those antiviral applications running at once, you can probably ditch AVG since you've got McAffee (There are better things out there though than both of those, though that's a separate issue), and I doubt you need Ad-Aware, Spybot S&D and Spyware doctor, just one should do. "In the beginning, the universe was created. This has made a lot of people very angry and been widely regarded as a bad move." Link to comment Share on other sites More sharing options...
Nopnoob Posted May 16, 2009 Author Share Posted May 16, 2009 Haha, I know. But I got hacked so I keep running scans. That's why there's so many processes. I would GREATLY appreciate it if you can take a closer look at it, I will also run a second log once the scans are finished (They almost are). My McAffee subscription ran out, and my dad downloaded AVG but AVG is [cabbage]. Ad-Aware detected 2 worms which AVG didnt last time I scanned. Dutchy Link to comment Share on other sites More sharing options...
Salad Posted May 16, 2009 Share Posted May 16, 2009 Kill AVG and McAfee, get Avast! or Avira and kill spybot S&D and spyware doctor or w/e and get ad-aware anniversary edition if you don't already have. I don't really understand HiJack This logs but if you think you got a keylogger you should use FireFox with KeyScrambler. Good luck. Link to comment Share on other sites More sharing options...
Sbrideau Posted May 17, 2009 Share Posted May 17, 2009 Actually, not only did AVG fall to become one of the worst antiviruses, but so did Avast. Even my biased friend that was saying avast was the best recently decided to change antivirus because he said it sucked too much. I would say kill both McAfee and AVG and get Avira Antivir. If the ads bug you, then disable them. If you want to pay for an antivirus though, Kaspersky or NOD32 is the way to go. Also, for antispyware, no need to run a few at a time. Running more than one antivirus and one antispyware at a time is quite the same as having no protection at all. Anyway, I'll give a quick look at that log: I have seen nothing that is major, just those 2 lines that are not dangerous at all, but useless in fact: O2 - BHO: (no name) - {E8A8B218-14F2-45F4-9DEB-340F8D21C8A0} - (no file) O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing) Link to comment Share on other sites More sharing options...
Nopnoob Posted May 17, 2009 Author Share Posted May 17, 2009 Alright, thanks. I have no clue what those two lines mean, but I understand I don't have a virus anymore? :D Dutchy Link to comment Share on other sites More sharing options...
Sbrideau Posted May 17, 2009 Share Posted May 17, 2009 Hijackthis does not catch all viruses anymore, so there's a chance there still is a virus somewhere, but for the most part, you're safe. Link to comment Share on other sites More sharing options...
Nopnoob Posted May 17, 2009 Author Share Posted May 17, 2009 Hmm k, I bought keyscrambler premium, which is great and even encrypts stuff you type in RuneScape. Also downloaded Avira, I ran a scan and removed all threats \ Dutchy Link to comment Share on other sites More sharing options...
acenator Posted May 23, 2009 Share Posted May 23, 2009 Kill AVG and McAfee, get Avast! or Avira and kill spybot S&D and spyware doctor or w/e and get ad-aware anniversary edition if you don't already have If you do the Avira and Ad-Aware combo, watch out when you run Ad-Aware. It took some of my Avira files as malware and I had to reinstall it (I was too lazy to look through the list of items ad-aware had detected and just hit the delete button :wall: ). Also, I highly suggest that, if you use Internet Explorer, you block the sites that put the cookies Ad-Aware detects from putting any more cookies on your computer again. You can do this by going Tools > Internet Options > Privacy > Sites, typing in (or copying and pasting) the name of the sites listed in the Ad-Aware report(s) and pressing the "block" button. I did this after each Ad-Aware scan I did a few years ago (I currently have about 55 sites blocked) and haven't gotten any spyware since (I use FireFox for certain things like downloading and working with my router, but, for some reason, I just like IE better for general browsing :-k). > SELECT * FROM users WHERE clue > 0;0 rows returnedThere's no place like 127.0.0.1There are only 10 types of peoplein this world: those who understandbinary and those who don't.This statement is false.$DO || ! $DO ; trytry: command not found Link to comment Share on other sites More sharing options...
Guest Posted June 1, 2009 Share Posted June 1, 2009 Nothing wrong there at all. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now