Jump to content

'HiJack This' Log, can someone check?

Nopnoob

By Nopnoob
in Tech and Computers

 Share

Recommended Posts

Nopnoob

Nopnoob

Posted
Posted

[hide=Big Log]Logfile of Trend Micro HijackThis v2.0.2

 

Scan saved at 19:48:05, on 16-5-2009

 

Platform: Windows XP SP3 (WinNT 5.01.2600)

 

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

 

Boot mode: Normal

 

 

 

Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

C:\PROGRA~1\AVG\AVG8\avgwdsvc[Caution: Executable File]

 

C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File]

 

C:\PROGRA~1\AVG\AVG8\avgrsx[Caution: Executable File]

 

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File]

 

C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File]

 

C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File]

 

C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File]

 

C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File]

 

c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File]

 

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File]

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File]

 

C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File]

 

C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\UPHClean\uphclean[Caution: Executable File]

 

C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File]

 

C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File]

 

C:\WINDOWS\Explorer[Caution: Executable File]

 

C:\Program Files\Wireless-N PCI Adapter\WMP300N[Caution: Executable File]

 

c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File]

 

C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File]

 

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File]

 

C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File]

 

C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]

 

C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File]

 

C:\WINDOWS\system32\RUNDLL32[Caution: Executable File]

 

C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File]

 

C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File]

 

C:\WINDOWS\system32\rundll32[Caution: Executable File]

 

C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File]

 

C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File]

 

C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File]

 

C:\Program Files\QuickTime\QTTask[Caution: Executable File]

 

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

 

C:\PROGRA~1\AVG\AVG8\avgtray[Caution: Executable File]

 

C:\WINDOWS\system32\LVCOMSX[Caution: Executable File]

 

C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File]

 

C:\Program Files\Logitech\SetPoint\LBTWiz[Caution: Executable File]

 

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

C:\Program Files\Steam\Steam[Caution: Executable File]

 

C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File]

 

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File]

 

C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File]

 

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File]

 

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File]

 

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

C:\Program Files\Logitech\Video\FxSvr2[Caution: Executable File]

 

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray[Caution: Executable File]

 

C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File]

 

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv[Caution: Executable File]

 

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]

 

C:\Program Files\Windows Live\Contacts\wlcomm[Caution: Executable File]

 

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard[Caution: Executable File]

 

C:\Program Files\Spybot - Search & Destroy\SpybotSD[Caution: Executable File]

 

C:\Program Files\AVG\AVG8\avgui[Caution: Executable File]

 

C:\Program Files\AVG\AVG8\avgscanx[Caution: Executable File]

 

C:\Program Files\AVG\AVG8\avgcsrvx[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware[Caution: Executable File]

 

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

 

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

 

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

 

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

 

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

 

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

 

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

 

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

 

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

 

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

 

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

O2 - BHO: (no name) - {E8A8B218-14F2-45F4-9DEB-340F8D21C8A0} - (no file)

 

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

 

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

 

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

 

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File]

 

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File]

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install

 

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]" -lang 1033

 

O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File]"

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: Executable File]

 

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR[Caution: Executable File]

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File]"

 

O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File]" /tray

 

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32[Caution: Executable File] bthprops.cpl,,BluetoothAuthenticationAgent

 

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File]

 

O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File]" /enum:on /alerts:on /systrayIcon:on

 

O4 - HKLM\..\Run: [ssAAD[Caution: Executable File]] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File]

 

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR[Caution: Executable File]

 

O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent[Caution: Executable File]" /runkey

 

O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File]"

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]" -osboot

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask[Caution: Executable File]" -atboottime

 

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier[Caution: Executable File]

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

 

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray[Caution: Executable File]

 

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX[Caution: Executable File]

 

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart[Caution: Executable File]

 

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File]

 

O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ[Caution: Executable File] -silent

 

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File]

 

O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam[Caution: Executable File]" -silent

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File]" /background

 

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File]" /c

 

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine[Caution: Executable File]" boot

 

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File]

 

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File]

 

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File]" -onlytray

 

O4 - HKUS\S-1-5-19\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Lokale service')

 

O4 - HKUS\S-1-5-20\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Netwerkservice')

 

O4 - HKUS\S-1-5-18\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'SYSTEM')

 

O4 - HKUS\.DEFAULT\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Default user')

 

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File]

 

O4 - Global Startup: BTTray.lnk = ?

 

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File]

 

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

 

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

 

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

 

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

 

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

 

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

 

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

 

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

 

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

 

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: Executable File]/3000

 

O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll

 

O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll

 

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

 

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

 

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

 

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

 

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

 

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

 

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204

 

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7984905956

 

O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://terrascam.heerenvanbeijerland.nl/activex/AMC.cab

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{243284D1-EE00-4872-9336-8A05A63642DE}: NameServer = 192.168.0.1,192.168.0.254

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{71821921-0DD8-4CCC-8325-AB17B3C31575}: NameServer = 192.168.0.1,192.168.0.254

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{F7C9BBB4-2D89-43E9-9CDC-DCB342536149}: NameServer = 192.168.0.1,192.168.0.254

 

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

 

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

 

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

 

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

 

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File]

 

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc[Caution: Executable File]

 

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File]

 

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService[Caution: Executable File]

 

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService[Caution: Executable File]

 

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File]

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT[Caution: Executable File]

 

O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File]

 

O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File]

 

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File]

 

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File]

 

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File]

 

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File]

 

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File]

 

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File]

 

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods[Caution: Executable File]

 

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File]

 

O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield[Caution: Executable File] (file missing)

 

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon[Caution: Executable File]

 

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: Executable File]

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: Executable File]

 

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File]

 

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File]

 

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File]

 

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: Executable File]

 

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: Executable File]

 

O23 - Service: WMP300NSvc - GEMTEKS - C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File]

 

 

 

--

 

End of file - 18773 bytes[/hide]

 

[hide=SECOND LOG]Logfile of Trend Micro HijackThis v2.0.2

 

Scan saved at 8:37:53, on 17-5-2009

 

Platform: Windows XP SP3 (WinNT 5.01.2600)

 

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

 

Boot mode: Normal

 

 

 

Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File]

 

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File]

 

C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File]

 

C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File]

 

C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File]

 

C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File]

 

c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File]

 

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File]

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File]

 

C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File]

 

C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\UPHClean\uphclean[Caution: Executable File]

 

C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File]

 

C:\Program Files\Wireless-N PCI Adapter\WMP300N[Caution: Executable File]

 

C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File]

 

C:\WINDOWS\Explorer[Caution: Executable File]

 

c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File]

 

C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File]

 

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File]

 

C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File]

 

C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]

 

C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File]

 

C:\WINDOWS\system32\RUNDLL32[Caution: Executable File]

 

C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File]

 

C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File]

 

C:\WINDOWS\system32\rundll32[Caution: Executable File]

 

C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File]

 

C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File]

 

C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File]

 

C:\Program Files\QuickTime\QTTask[Caution: Executable File]

 

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

 

C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File]

 

C:\WINDOWS\system32\LVCOMSX[Caution: Executable File]

 

C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File]

 

C:\Program Files\Logitech\SetPoint\LBTWiz[Caution: Executable File]

 

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

C:\Program Files\Steam\Steam[Caution: Executable File]

 

C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File]

 

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File]

 

C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File]

 

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File]

 

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File]

 

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray[Caution: Executable File]

 

C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File]

 

C:\Program Files\Logitech\Video\FxSvr2[Caution: Executable File]

 

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv[Caution: Executable File]

 

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv[Caution: Executable File]

 

C:\WINDOWS\system32\wuauclt[Caution: Executable File]

 

C:\Program Files\Avira\AntiVir Desktop\avguard[Caution: Executable File]

 

C:\Program Files\Avira\AntiVir Desktop\sched[Caution: Executable File]

 

C:\Program Files\Avira\AntiVir Desktop\avgnt[Caution: Executable File]

 

c:\program files\avira\antivir desktop\avcenter[Caution: Executable File]

 

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]

 

C:\Program Files\Avira\AntiVir Desktop\avscan[Caution: Executable File]

 

C:\Program Files\Java\jre6\bin\java[Caution: Executable File]

 

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

 

O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll

 

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

 

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

 

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

 

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

 

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

 

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

 

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

 

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

 

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

O2 - BHO: (no name) - {E8A8B218-14F2-45F4-9DEB-340F8D21C8A0} - (no file)

 

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

 

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

 

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

 

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif[Caution: Executable File]

 

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File]

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install

 

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]" -lang 1033

 

O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\Ai Gear\GearHelp[Caution: Executable File]"

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: Executable File]

 

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR[Caution: Executable File]

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched[Caution: Executable File]"

 

O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4[Caution: Executable File]" /tray

 

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32[Caution: Executable File] bthprops.cpl,,BluetoothAuthenticationAgent

 

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File]

 

O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX[Caution: Executable File]" /enum:on /alerts:on /systrayIcon:on

 

O4 - HKLM\..\Run: [ssAAD[Caution: Executable File]] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: Executable File]

 

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR[Caution: Executable File]

 

O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent[Caution: Executable File]" /runkey

 

O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray[Caution: Executable File]"

 

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: Executable File]" -osboot

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask[Caution: Executable File]" -atboottime

 

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier[Caution: Executable File]

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

 

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX[Caution: Executable File]

 

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart[Caution: Executable File]

 

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File]

 

O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ[Caution: Executable File] -silent

 

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray[Caution: Executable File]

 

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt[Caution: Executable File]" /min

 

O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam[Caution: Executable File]" -silent

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr[Caution: Executable File]" /background

 

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate[Caution: Executable File]" /c

 

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine[Caution: Executable File]" boot

 

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: Executable File]

 

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier[Caution: Executable File]

 

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite[Caution: Executable File]" -onlytray

 

O4 - HKUS\S-1-5-19\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Lokale service')

 

O4 - HKUS\S-1-5-20\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Netwerkservice')

 

O4 - HKUS\S-1-5-18\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'SYSTEM')

 

O4 - HKUS\.DEFAULT\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\CTFMON[Caution: Executable File] (User 'Default user')

 

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File]

 

O4 - Global Startup: BTTray.lnk = ?

 

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File]

 

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

 

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

 

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

 

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

 

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

 

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

 

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

 

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

 

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

 

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: Executable File]/3000

 

O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll

 

O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll

 

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

 

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

 

O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll

 

O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll

 

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

 

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

 

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

 

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

 

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204

 

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7984905956

 

O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://terrascam.heerenvanbeijerland.nl/activex/AMC.cab

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{243284D1-EE00-4872-9336-8A05A63642DE}: NameServer = 192.168.0.1,192.168.0.254

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{71821921-0DD8-4CCC-8325-AB17B3C31575}: NameServer = 192.168.0.1,192.168.0.254

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{F7C9BBB4-2D89-43E9-9CDC-DCB342536149}: NameServer = 192.168.0.1,192.168.0.254

 

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

 

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

 

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File]

 

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched[Caution: Executable File]

 

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard[Caution: Executable File]

 

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

 

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder[Caution: Executable File]

 

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins[Caution: Executable File]

 

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService[Caution: Executable File]

 

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService[Caution: Executable File]

 

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon[Caution: Executable File]

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT[Caution: Executable File]

 

O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibguard[Caution: Executable File]

 

O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files\Borland\Interbase\bin\ibserver[Caution: Executable File]

 

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs[Caution: Executable File]

 

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService[Caution: Executable File]

 

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ[Caution: Executable File]

 

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore[Caution: Executable File]

 

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc[Caution: Executable File]

 

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc[Caution: Executable File]

 

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods[Caution: Executable File]

 

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy[Caution: Executable File]

 

O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield[Caution: Executable File] (file missing)

 

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon[Caution: Executable File]

 

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: Executable File]

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: Executable File]

 

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs[Caution: Executable File]

 

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc[Caution: Executable File]

 

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer[Caution: Executable File]

 

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: Executable File]

 

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: Executable File]

 

O23 - Service: WMP300NSvc - GEMTEKS - C:\Program Files\Wireless-N PCI Adapter\WLService[Caution: Executable File]

 

 

 

--

 

End of file - 18877 bytes[/hide]

 

 

 

A mod told me to do this because I suspected I had a keylogger, can anyone tell me if I have one?

 

 

 

Thanks.

 

 

 

 

 

P.S: If you want some more info, please post here what you need to know!

5efw5y.png

 

Dutchy angel2w.gif

Link to comment
Share on other sites
Dracion1

Dracion1

Posted
Posted

You must have a lot of RAM to run all those processes :o

 

 

 

I can't see anything on there suspicious myself, though it's a large log and I could have easily have missed something. Is your computer slow to start up? You've got loads running, a lot of it most likely unnecessary. I don't think you need all of those antiviral applications running at once, you can probably ditch AVG since you've got McAffee (There are better things out there though than both of those, though that's a separate issue), and I doubt you need Ad-Aware, Spybot S&D and Spyware doctor, just one should do.

draciontheman.png

 

"In the beginning, the universe was created. This has made a lot of people very angry and been widely regarded as a bad move."
Link to comment
Share on other sites
Nopnoob

Nopnoob

Posted
  • Author
Posted

Haha, I know. But I got hacked so I keep running scans. That's why there's so many processes. I would GREATLY appreciate it if you can take a closer look at it, I will also run a second log once the scans are finished (They almost are).

 

 

 

My McAffee subscription ran out, and my dad downloaded AVG but AVG is [cabbage]. Ad-Aware detected 2 worms which AVG didnt last time I scanned.

5efw5y.png

 

Dutchy angel2w.gif

Link to comment
Share on other sites
Salad

Salad

Posted
Posted

Kill AVG and McAfee, get Avast! or Avira and kill spybot S&D and spyware doctor or w/e and get ad-aware anniversary edition if you don't already have. I don't really understand HiJack This logs but if you think you got a keylogger you should use FireFox with KeyScrambler.

 

 

 

Good luck.

ib7rVm.png
Link to comment
Share on other sites
Sbrideau

Sbrideau

Posted
Posted

Actually, not only did AVG fall to become one of the worst antiviruses, but so did Avast. Even my biased friend that was saying avast was the best recently decided to change antivirus because he said it sucked too much. I would say kill both McAfee and AVG and get Avira Antivir. If the ads bug you, then disable them. If you want to pay for an antivirus though, Kaspersky or NOD32 is the way to go.

 

 

 

Also, for antispyware, no need to run a few at a time. Running more than one antivirus and one antispyware at a time is quite the same as having no protection at all.

 

 

 

Anyway, I'll give a quick look at that log:

 

 

 

I have seen nothing that is major, just those 2 lines that are not dangerous at all, but useless in fact:

 

 

 

O2 - BHO: (no name) - {E8A8B218-14F2-45F4-9DEB-340F8D21C8A0} - (no file)

 

 

 

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

Link to comment
Share on other sites
Sbrideau

Sbrideau

Posted
Posted

Hijackthis does not catch all viruses anymore, so there's a chance there still is a virus somewhere, but for the most part, you're safe.

Link to comment
Share on other sites
acenator

acenator

Posted
Posted
Kill AVG and McAfee, get Avast! or Avira and kill spybot S&D and spyware doctor or w/e and get ad-aware anniversary edition if you don't already have

 

If you do the Avira and Ad-Aware combo, watch out when you run Ad-Aware. It took some of my Avira files as malware and I had to reinstall it (I was too lazy to look through the list of items ad-aware had detected and just hit the delete button :wall: ).

 

 

 

Also, I highly suggest that, if you use Internet Explorer, you block the sites that put the cookies Ad-Aware detects from putting any more cookies on your computer again. You can do this by going Tools > Internet Options > Privacy > Sites, typing in (or copying and pasting) the name of the sites listed in the Ad-Aware report(s) and pressing the "block" button. I did this after each Ad-Aware scan I did a few years ago (I currently have about 55 sites blocked) and haven't gotten any spyware since (I use FireFox for certain things like downloading and working with my router, but, for some reason, I just like IE better for general browsing :-k).

> SELECT * FROM users WHERE clue > 0;

0 rows returned

There's no place like 127.0.0.1

There are only 10 types of people

in this world: those who understand

binary and those who don't.

This statement is false.

$DO || ! $DO ; try

try: command not found

Link to comment
Share on other sites
  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept