DDs logje;
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27
Run by Ikke at 19:15:03 on 2011-10-16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3071.2509 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\SINOSUN\TPM Secure Tools\TSS\SinoTCS.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SINOSUN\TPM Secure Tools\Common\PrivateDisk.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Remote\AiRc.exe
C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe
C:\Program Files\ASUS\AI Remote\AiRemote.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: PwdBoxIE Class: {c08e2185-9608-4d02-b101-07df51cbccd6} - c:\progra~1\sinosun\tpmsec~1\pwdbox\PwdBoxIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} -
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [JMB36X IDE Setup] c:\windows\jm\JMInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\JMRaidSetup.exe boot
mRun: [Ai Remote Help] "c:\program files\asus\ai remote\AiRc.exe"
mRun: [AsusServiceProvider] c:\program files\asus\aasp\1.00.23\aaCenter.exe
mRun: [AsusStartupHelp] c:\program files\asus\aasp\1.00.23\AsRunHelp.exe
mRun: [Ai Nap] "c:\program files\asus\ai suite\ainap\AiNap.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\ikke\menust~1\progra~1\opstar~1\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
IE: Download with &Shareaza - c:\program files\shareaza\plugins\RazaWebHook.dll/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Search Using Copernic Agent - c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084}
IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: DirectAnimation Java Classes - file://c" onclick="window.open(this.href);return false;:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c" onclick="window.open(this.href);return false;:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab" onclick="window.open(this.href);return false;
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab" onclick="window.open(this.href);return false;
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221751953734" onclick="window.open(this.href);return false;
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37897.3758796296" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab" onclick="window.open(this.href);return false;
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{0B252EA8-FB14-43E8-8D1D-1E484A3E3C52} : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{D8432BC6-7F0F-4BB3-BACE-941712860F57} : DhcpNameServer = 62.179.104.196 213.46.228.196
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ikke\application data\mozilla\firefox\profiles\ygt4py6z.default\
FF - prefs.js: browser.search.selectedEngine - Google (Language: nl)
FF - prefs.js: browser.startup.homepage - hxxp://
www.onenessuniversity.org/|http://www.o ... #058;blank" onclick="window.open(this.href);return false;
FF - prefs.js: keyword.URL - hxxp://search.searchcompletion.com/?bs=1&si=10182&q=" onclick="window.open(this.href);return false;
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\ikke\application data\mozilla\firefox\profiles\ygt4py6z.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\documents and settings\ikke\application data\mozilla\firefox\profiles\ygt4py6z.default\extensions\
devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-15 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-7-15 320856]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-7-15 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-7-15 44768]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-9-15 54752]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-2-20 12184]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-9-16 2255464]
R2 PrivateDiskDriver;Private Encrypted Virtual Disk Driver;c:\windows\system32\drivers\PrivateDisk.sys [2009-4-4 42579]
R2 PrivateDiskService;Private Encrypted Virtual Disk;c:\program files\sinosun\tpm secure tools\common\PrivateDisk.exe [2009-4-4 6656]
R2 SinoTCS;Trusted Platform Core Service (SINOSUN);c:\program files\sinosun\tpm secure tools\tss\SinoTCS.exe [2009-4-4 720960]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [2003-7-31 24704]
R3 SinoTPM;Driver For SINOSUN Trusted Platform Module;c:\windows\system32\drivers\SinoTpm.sys [2009-4-4 34048]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-21 136176]
S2 LogWatch;Event Log Watch;c:\program files\ca\sharedcomponents\ca_lic\logwatnt.exe --> c:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe [?]
S3 ADM851X;ADM851X USB To Fast Ethernet Adapter;c:\windows\system32\drivers\ADM851X.sys [2010-7-29 26190]
S3 Amps2prt;Trust Ami PS/2 Port Mouse Driver (6);c:\windows\system32\drivers\Amps2prt.sys [2001-10-19 9056]
S3 CA_LIC_CLNT;CA License Client;c:\program files\ca\sharedcomponents\ca_lic\lic98rmt.exe --> c:\program files\ca\sharedcomponents\ca_lic\lic98rmt.exe [?]
S3 CA_LIC_SRVR;CA License Server;c:\program files\ca\sharedcomponents\ca_lic\lic98rmtd.exe --> c:\program files\ca\sharedcomponents\ca_lic\lic98rmtd.exe [?]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-21 136176]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys --> c:\windows\system32\drivers\vaxscsi.sys [?]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
.
=============== Created Last 30 ================
.
2011-10-16 17:13:24 -------- d--h--w- c:\windows\PIF
2011-09-28 17:47:59 -------- d-----w- c:\program files\uTorrent Turbo Booster
2011-09-28 17:45:05 -------- d-----w- c:\program files\uTorrent
2011-09-28 17:44:20 -------- d-----w- c:\documents and settings\ikke\local settings\application data\uTorrent
2011-09-28 15:09:07 -------- d-----w- c:\documents and settings\all users\application data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-28 15:03:27 -------- d-----w- c:\program files\Uniblue
2011-09-28 15:03:16 -------- d-----w- c:\documents and settings\ikke\local settings\application data\PackageAware
2011-09-24 10:34:33 -------- d-----w- c:\documents and settings\ikke\application data\SUPERAntiSpyware.com
2011-09-24 10:33:59 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-24 10:33:59 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-09-21 16:25:44 -------- d-----w- c:\program files\DScaler
2011-09-21 16:25:44 -------- d-----w- c:\documents and settings\ikke\application data\DScaler4
2011-09-18 17:22:02 -------- d-----w- c:\program files\Complitly
2011-09-18 17:21:48 -------- d-----w- c:\program files\ChrisTV Lite
.
==================== Find3M ====================
.
2011-10-13 16:05:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41:44 614912 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41:44 23040 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-16 16:55:35 280276 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-09-16 16:55:35 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-09-16 16:55:33 280276 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-09-09 09:12:05 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45:29 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:38:05 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 14:09:57 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 15:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-26 13:37:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-26 13:37:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-22 23:41:22 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41:20 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41:20 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:58:28 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-09 18:10:30 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
.
============= FINISH: 19:16:16,59 ===============