jazzIIIlove
asked on
Could you check my hijackthis log file?
Hi there;
Could you check this hijackthis log file?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:30:46 PM, on 7/18/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStor eSvr.exe
C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
C:\Users\Baran\AppData\Roa ming\Dropb ox\bin\Dro pbox.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VC DDaemon.ex e
C:\Program Files (x86)\CyberLink\PowerDVD\P DVDServ.ex e
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.e xe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EX E
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.ex e
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\ Babylon.ex e
C:\Program Files\iTunes\iTunesHelper. exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThi s.exe
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Page _URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Sear ch_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\In ternet Explorer\Search,SearchAssi stant =
R0 - HKLM\Software\Microsoft\In ternet Explorer\Search,CustomizeS earch =
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank. htm
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\In ternet Explorer\Toolbar,LinksFold erName =
R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5 f4750d8d7b 7} - C:\Program Files (x86)\myBabylon_English\tb myBa.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-F CE54AD9C20 8} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C 042949C621 6} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-4 5784EBEBBB 7} - C:\Program Files (x86)\StumbleUpon\StumbleU ponIEBar.d ll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-F A578C2EBDC 3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEHe lperShim.d ll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-9 0988571CEC B} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5 164760863C 6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0 D2B72D384C 1} - C:\Program Files (x86)\Babylon\Babylon-Pro\ Utils\Baby lonIEPI.dl l
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C F10577473F 7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.d ll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0 445EE16191 0} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEFa vClient.dl l
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-C E66B5AD205 D} - C:\Program Files (x86)\Google\GoogleToolbar Notifier\5 .5.5126.18 36\swg.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5 f4750d8d7b 7} - C:\Program Files (x86)\myBabylon_English\tb myBa.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8 377850BF20 5} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9 C25C1C588A 9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv .dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-6 65D8EE6A07 7} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEFa vClient.dl l
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-E AB3BD02731 4} - C:\PROGRA~2\Zend\ZENDST~1. 0\toolbars \ZENDIE~1. DLL
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D 2AAB95CABE 3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0 819E2EAAC9 3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEFa vClient.dl l
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2 B52B6139FC 7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B 607BA87BDC 8} - C:\Program Files (x86)\StumbleUpon\StumbleU ponIEBar.d ll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5 f4750d8d7b 7} - C:\Program Files (x86)\myBabylon_English\tb myBa.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-0 09027A5CD4 F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.d ll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VC DDaemon.ex e" /s
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\P DVDServ.ex e"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\L anguage\La nguage.exe "
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.e xe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core- Static\CLI Start.exe" MSRun
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EX E
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.ex e"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceMana ger\CS4Ser viceManage r.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe "
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe \ADOBEV~1\ Server\bin \VERSIO~2. EXE
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\ Babylon.ex e -AutoStart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe " -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper. exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Baran\AppData\Lo cal\Google \Update\Go ogleUpdate .exe" /c
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C 6C-4d9f-84 C7-88D8A56 B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStor eSvr.exe" ASO-616B5711-6DAE-4795-A05 F-39A1E510 4020
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [WallpaperSwitcher.NET] C:\Program Files (x86)\Wallpaper Switcher .NET\Wallpaper Switcher .NET.exe
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadm in.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadm in.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2581353565-2 358245840- 1317995546 -1008\..\R un: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-2581353565-2 358245840- 1317995546 -1008\..\R un: [WallpaperSwitcher.NET] C:\Program Files (x86)\Wallpaper Switcher .NET\Wallpaper Switcher .NET.exe (User 'postgres')
O4 - HKUS\S-1-5-21-2581353565-2 358245840- 1317995546 -1008\..\R unOnce: [mctadmin] C:\Windows\System32\mctadm in.exe (User 'postgres')
O4 - Startup: Creative Element Power Tools Startup.lnk = C:\Program Files (x86)\Creative Element Power Tools\Startup.exe
O4 - Startup: Dropbox.lnk = Baran\AppData\Roaming\Drop box\bin\Dr opbox.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEFa vClient.dl l/AcroIEAp pendSelLin ks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEFa vClient.dl l/AcroIEAp pend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEFa vClient.dl l/AcroIECa ptureSelLi nks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active X\AcroIEFa vClient.dl l/AcroIECa pture.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3 \Office12\ EXCEL.EXE/ 3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleTo olbarDynam ic_mui_en_ 89D8574934 B26AC4.dll /cmsidewik i.html
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll /blogimage
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\ Utils\Baby lonIEPI.dl l/ActionTU .htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\ Utils\Baby lonIEPI.dl l/Action.h tm
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files (x86)\Zend\Zend Studio - 7.0.0\toolbars\ZendIEToolb ar.dll/Deb ugCurrent. html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files (x86)\Zend\Zend Studio - 7.0.0\toolbars\ZendIEToolb ar.dll/Deb ugNext.htm l
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3 C9C571A826 3} - C:\PROGRA~2\MICROS~3\Offic e12\REFIEB AR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0 489DC21B9C C} - C:\PROGRA~2\Zend\ZENDST~1. 0\toolbars \ZENDIE~1. DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0 489DC21B9C C} - C:\PROGRA~2\Zend\ZENDST~1. 0\toolbars \ZENDIE~1. DLL
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B 3AC8ACF547 8} - C:\Program Files (x86)\Babylon\Babylon-Pro\ Utils\Baby lonIEPI.dl l
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B 3AC8ACF547 8} - C:\Program Files (x86)\Babylon\Babylon-Pro\ Utils\Baby lonIEPI.dl l
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O16 - DPF: {76850F2A-FCAA-454F-82D3-B D46CB186EF 5} (IEGCtrl Class) - http://ggw.graphon.com/ggw-activex.cab
O16 - DPF: {82774781-8F4E-11D1-AB1C-0 000F8773BF 0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3 EE46475B07 2} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4 4455354000 0} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DBDC1CDA-B64B-49F7-9535-6 317AA416E5 1} (VMware_VDM_Client Class) - https://192.168.17.145/downloads/VMware-viewclient.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-A C9BF37916A 7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueC S4.exe
O23 - Service: @%SystemRoot%\system32\Alg .exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.ex e (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesr xx.exe (file missing)
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files (x86)\xampp\apache\bin\Apa che.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceS ervice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponde r.exe
O23 - Service: @%SystemRoot%\system32\efs svc.dll,-1 00 (EFS) - Unknown owner - C:\Windows\System32\lsass. exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EnterpriseDB ApachePHP (EnterpriseDBApachePHP) - Apache Software Foundation - C:\Program Files (x86)\PostgreSQL\Enterpris eDB-Apache Php\apache \bin\httpd .exe
O23 - Service: @%systemroot%\system32\fxs resm.dll,- 118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc .exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files (x86)\xampp\FileZillaFTP\F ileZillaSe rver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingServ ice.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingServ ice64.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\Google Update.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterServi ce.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplm s.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService .exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass. exe (file missing)
O23 - Service: Mediafour M4LIC service (M4LIC) - Mediafour Corporation - C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc. exe (file missing)
O23 - Service: mysql - Unknown owner - C:\Program Files (x86)\xampp\mysql\bin\mysq ld-nt.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\net logon.dll, -102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass. exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingS ervice.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlS vc.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/p g_ctl.exe
O23 - Service: @%systemroot%\system32\psb ase.dll,-3 00 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass. exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Loc ator.exe,- 2 (RpcLocator) - Unknown owner - C:\Windows\system32\locato r.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sam srv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass. exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftwar e Sandra Professional Business 2009.SP2\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snm ptrap.exe, -3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptr ap.exe (file missing)
O23 - Service: @%systemroot%\system32\spo olsv.exe,- 1 (Spooler) - Unknown owner - C:\Windows\System32\spools v.exe (file missing)
O23 - Service: @%SystemRoot%\system32\spp svc.exe,-1 01 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc .exe (file missing)
O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files (x86)\StumbleUpon\StumbleU ponUpdateS ervice.exe
O23 - Service: SolarWinds Information Service (SWInfoServiceSvc) - SolarWinds - C:\Program Files (x86)\Common Files\SolarWinds\Informati onService\ SolarWinds .Informati onService. Service.ex e
O23 - Service: SolarWinds Job Engine (SWJobEngineSvc) - SolarWinds.net, Inc. - C:\Program Files (x86)\Common Files\SolarWinds\JobEngine \SWJobEngi neSvc.exe
O23 - Service: SolarWinds Job Scheduler (SWJobSchedulerSvc) - SolarWinds.net, Inc. - C:\Program Files (x86)\Common Files\SolarWinds\JobEngine \SWJobSche dulerSvc.e xe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.ex e
O23 - Service: @%SystemRoot%\system32\ui0 detect.exe ,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Det ect.exe (file missing)
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vau ltsvc.dll, -1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass. exe (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: @%SystemRoot%\system32\vds .exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.ex e (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.e xe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetd hcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-us barbitrato r.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat. exe
O23 - Service: VMware vCenter Converter Agent (vmware-converter-agent) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converte r-a.exe
O23 - Service: VMware vCenter Converter Server (vmware-converter-server) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converte r.exe
O23 - Service: @%systemroot%\system32\vss vc.exe,-10 2 (VSS) - Unknown owner - C:\Windows\system32\vssvc. exe (file missing)
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.ex e
O23 - Service: @%SystemRoot%\system32\Wat \WatUX.exe ,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\Wa tAdminSvc. exe (file missing)
O23 - Service: @%systemroot%\system32\wbe ngine.exe, -104 (wbengine) - Unknown owner - C:\Windows\system32\wbengi ne.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbe m\wmiapsrv .exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\W miApSrv.ex e (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: VMware View Client Service (wsnm) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware View\Client\bin\wsnm.exe
--
End of file - 21382 bytes
Could you check this hijackthis log file?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:30:46 PM, on 7/18/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStor
C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
C:\Users\Baran\AppData\Roa
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VC
C:\Program Files (x86)\CyberLink\PowerDVD\P
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.e
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EX
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.ex
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\
C:\Program Files\iTunes\iTunesHelper.
C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThi
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\Wi
R0 - HKCU\Software\Microsoft\In
R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-F
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-4
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-F
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-9
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-C
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-6
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-E
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-0
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VC
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\P
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\L
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.e
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EX
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.ex
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceMana
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Baran\AppData\Lo
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [WallpaperSwitcher.NET] C:\Program Files (x86)\Wallpaper Switcher .NET\Wallpaper Switcher .NET.exe
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadm
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadm
O4 - HKUS\S-1-5-21-2581353565-2
O4 - HKUS\S-1-5-21-2581353565-2
O4 - HKUS\S-1-5-21-2581353565-2
O4 - Startup: Creative Element Power Tools Startup.lnk = C:\Program Files (x86)\Creative Element Power Tools\Startup.exe
O4 - Startup: Dropbox.lnk = Baran\AppData\Roaming\Drop
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\Active
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleTo
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files (x86)\Zend\Zend Studio - 7.0.0\toolbars\ZendIEToolb
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files (x86)\Zend\Zend Studio - 7.0.0\toolbars\ZendIEToolb
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O16 - DPF: {76850F2A-FCAA-454F-82D3-B
O16 - DPF: {82774781-8F4E-11D1-AB1C-0
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {DBDC1CDA-B64B-49F7-9535-6
O16 - DPF: {E2883E8F-472F-4FB0-9522-A
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueC
O23 - Service: @%SystemRoot%\system32\Alg
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesr
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files (x86)\xampp\apache\bin\Apa
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceS
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponde
O23 - Service: @%SystemRoot%\system32\efs
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EnterpriseDB ApachePHP (EnterpriseDBApachePHP) - Apache Software Foundation - C:\Program Files (x86)\PostgreSQL\Enterpris
O23 - Service: @%systemroot%\system32\fxs
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files (x86)\xampp\FileZillaFTP\F
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingServ
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingServ
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\Google
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplm
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.
O23 - Service: Mediafour M4LIC service (M4LIC) - Mediafour Corporation - C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.
O23 - Service: mysql - Unknown owner - C:\Program Files (x86)\xampp\mysql\bin\mysq
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\net
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingS
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlS
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/p
O23 - Service: @%systemroot%\system32\psb
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Loc
O23 - Service: @%SystemRoot%\system32\sam
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftwar
O23 - Service: @%SystemRoot%\system32\snm
O23 - Service: @%systemroot%\system32\spo
O23 - Service: @%SystemRoot%\system32\spp
O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files (x86)\StumbleUpon\StumbleU
O23 - Service: SolarWinds Information Service (SWInfoServiceSvc) - SolarWinds - C:\Program Files (x86)\Common Files\SolarWinds\Informati
O23 - Service: SolarWinds Job Engine (SWJobEngineSvc) - SolarWinds.net, Inc. - C:\Program Files (x86)\Common Files\SolarWinds\JobEngine
O23 - Service: SolarWinds Job Scheduler (SWJobSchedulerSvc) - SolarWinds.net, Inc. - C:\Program Files (x86)\Common Files\SolarWinds\JobEngine
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.ex
O23 - Service: @%SystemRoot%\system32\ui0
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vau
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: @%SystemRoot%\system32\vds
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.e
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetd
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-us
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.
O23 - Service: VMware vCenter Converter Agent (vmware-converter-agent) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converte
O23 - Service: VMware vCenter Converter Server (vmware-converter-server) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converte
O23 - Service: @%systemroot%\system32\vss
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.ex
O23 - Service: @%SystemRoot%\system32\Wat
O23 - Service: @%systemroot%\system32\wbe
O23 - Service: @%Systemroot%\system32\wbe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: VMware View Client Service (wsnm) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware View\Client\bin\wsnm.exe
--
End of file - 21382 bytes
ASKER
The system is not infected, I just want to be sure.
and yes, the system is up and fast with 8 G Ram. This SONY-VAIO FW4ZTJH
Does MalwareBytes, HitmanPro compatible with 7-64 bit?
Is HitmanPro free?
Most importantly, are they deleting the suspicous files instantly or let me delete the files?
Note that, the system has NOD32 and it seems working pretty well but I asked this question to be on the safe side.
Best regards.
and yes, the system is up and fast with 8 G Ram. This SONY-VAIO FW4ZTJH
Does MalwareBytes, HitmanPro compatible with 7-64 bit?
Is HitmanPro free?
Most importantly, are they deleting the suspicous files instantly or let me delete the files?
Note that, the system has NOD32 and it seems working pretty well but I asked this question to be on the safe side.
Best regards.
Both MalwareBytes and HitmanPro are compatible with Windows 7-64bit.
MalwareBytes is FREE as an on-demand scanner to remove infection, but only the paid version has real-time protection.
With MalwareBytes, when the scan is complete, you can click OK, then "Show Results" to view the results, which you can then checkmark which ones you want to remove, then you can click on "Removed Selected" and quarantine those threats.
If you accidentally delete something, you can take it out of quarantine.
HitmanPro is not free but it has 30-day free trial period.
With HitmanPro, if the "Automatically remove threats" box checked, they will be automatically removed. If not, you will be asked which actions to take.
You have NOD32 which is also a good AV, I wouldn't worry about Hitmanpro.
Since the system is not infected, I wouldn't worry about downloading any tools.
MalwareBytes is FREE as an on-demand scanner to remove infection, but only the paid version has real-time protection.
With MalwareBytes, when the scan is complete, you can click OK, then "Show Results" to view the results, which you can then checkmark which ones you want to remove, then you can click on "Removed Selected" and quarantine those threats.
If you accidentally delete something, you can take it out of quarantine.
HitmanPro is not free but it has 30-day free trial period.
With HitmanPro, if the "Automatically remove threats" box checked, they will be automatically removed. If not, you will be asked which actions to take.
You have NOD32 which is also a good AV, I wouldn't worry about Hitmanpro.
Since the system is not infected, I wouldn't worry about downloading any tools.
ASKER
Thank you.
So, what about hijackthis log, any possible threats or suspicious entries?
Regards.
So, what about hijackthis log, any possible threats or suspicious entries?
Regards.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, I had used a HASP device before, I also get attracted to that HASP entry and scan it in totalvirus. The issue is that the file is not visible when I want to upload to totalvirus but in explorer, I can see it and I copy it to desktop and no threats caught.
>>The log header will not state whether it's from a 64bit or 32bit OS, but you can easily recognize it >>from the entries in the log.
>>64-bit and 32-bit applications have their own Program Files folders.
I was thinking where you get the idea of my architecture in your first comment.
So, I will go for OTL too and come back here tomorrow.
Regards.
>>The log header will not state whether it's from a 64bit or 32bit OS, but you can easily recognize it >>from the entries in the log.
>>64-bit and 32-bit applications have their own Program Files folders.
I was thinking where you get the idea of my architecture in your first comment.
So, I will go for OTL too and come back here tomorrow.
Regards.
ASKER
I wonder why hijackthis doesn't introduce a 64-bit solution.
ASKER
and I really love if you join another of my questions regarding the revealing timestamp forgery in files while burning a DVD.
https://www.experts-exchange.com/questions/26330006/How-can-I-be-sure-of-the-date-that-those-files-are-created-and-burnt-into-DVD.html
https://www.experts-exchange.com/questions/26330006/How-can-I-be-sure-of-the-date-that-those-files-are-created-and-burnt-into-DVD.html
>>>"I wonder why hijackthis doesn't introduce a 64-bit solution."
Maybe one day, I hope so.
Hijackthis hasn't really had that much improvement since it was acquired by TrendMicro. I hope it will not end up like what happened to CWShredder(which is now an obsolete tool).
Regarding your other thread, the Experts commenting there seem to know about the subject. Sorry I can't think of anything to add that might help.
Maybe one day, I hope so.
Hijackthis hasn't really had that much improvement since it was acquired by TrendMicro. I hope it will not end up like what happened to CWShredder(which is now an obsolete tool).
Regarding your other thread, the Experts commenting there seem to know about the subject. Sorry I can't think of anything to add that might help.
The log shows a lot of startup entries/services, and toolbars, but I don't see any obvious malicious entries, but then a lot of nasties can now hide from the Hijackthis scan.
There are diagnostic tools better than hijackthis like OTL which if totally compatible with 64bit systems.
If you think the system is infected, we can run other tools like OTL, MalwareBytes, HitmanPro.
MalwareBytes:
http://www.malwarebytes.org/mbam-download.php
HitmanPro:
http://download.cnet.com/Hitman-Pro-3-64-bit/3000-2239_4-75110395.html