Ga naar inhoud

tobiasrapati

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    3

  • Registratiedatum

  • Laatst bezocht

Over tobiasrapati

  • Verjaardag 15-07-1982

tobiasrapati's prestaties

Nieuweling

Nieuweling (1/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. tobiasrapati
    Hoi Kape, dank voor je hulp! Ik heb alles weer gedaan wat je zegt. Die twee mappen waar je naar vraagt: de ene zitten wat filmpjes in die ik met mijn camera heb gemaakt, het andere is de map die de belastingdienst vanzelf aanmaakt als je aangifte gaat doen. Hier de logjes: ComboFix 08-04-13.3 - Tob 2008-04-16 16:29:42.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1550 [GMT 2:00] Running from: C:\Documents and Settings\Tob\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Tob\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\divxfactory-clmt-sample.avi C:\divxfactory-cwp11-sample.avi C:\hitmanpro26.exe C:\lost.s4d2.nfo C:\nympho-worklat.sample.avi C:\pl-oubb2-sample.avi C:\WINDOWS\BM5796bdc3.xml C:\WINDOWS\system32\bvsuyofc.dll C:\WINDOWS\system32\fthlqgdw.dll C:\WINDOWS\system32\hxejrdpk.ini C:\WINDOWS\system32\jjsxjrth.dll C:\WINDOWS\system32\mqxamvbs.dll C:\WINDOWS\system32\obffruxe.dll C:\WINDOWS\system32\tsykluky.dll C:\WINDOWS\system32\upinbnbo.dll C:\WINDOWS\system32\vbdbjfqk.dll C:\wta-dses-sample.avi C:\wta-ffan-sample.avi C:\wta-gbmsilkemaiden-sample.avi C:\wta-zf11-sample.avi . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\hitmanpro26.exe C:\lost.s4d2.nfo C:\Program Files\Hitman Pro C:\Program Files\Hitman Pro\alkep.dat C:\Program Files\Hitman Pro\alrem.dat C:\Program Files\Hitman Pro\downloads\aawsepersonal.exe C:\Program Files\Hitman Pro\downloads\cwshredder.exe C:\Program Files\Hitman Pro\downloads\defs.ref C:\Program Files\Hitman Pro\downloads\downloads.bin C:\Program Files\Hitman Pro\downloads\ewido_micro.exe C:\Program Files\Hitman Pro\downloads\hitmanpro2.pak C:\Program Files\Hitman Pro\downloads\PrevxcsiPP3642.EXE C:\Program Files\Hitman Pro\downloads\sdsetup.exe C:\Program Files\Hitman Pro\downloads\spybotsd14.exe C:\Program Files\Hitman Pro\downloads\SpySweeperTrialSetup_NL.exe C:\Program Files\Hitman Pro\downloads\spywareblastersetup351.exe C:\Program Files\Hitman Pro\downloads\srhelper.exe C:\Program Files\Hitman Pro\downloads\ssfsetup45.exe C:\Program Files\Hitman Pro\hitmanpro2.exe C:\Program Files\Hitman Pro\icons\ff-s.ico C:\Program Files\Hitman Pro\icons\ff.ico C:\Program Files\Hitman Pro\icons\ie-s.ico C:\Program Files\Hitman Pro\icons\ie.ico C:\Program Files\Hitman Pro\icons\msnmsgr.ico C:\Program Files\Hitman Pro\icons\oe-s.ico C:\Program Files\Hitman Pro\icons\oe.ico C:\Program Files\Hitman Pro\icons\ol-s.ico C:\Program Files\Hitman Pro\icons\ol.ico C:\Program Files\Hitman Pro\logs\buynow.gif C:\Program Files\Hitman Pro\logs\Hitman_Pro_2008-04-09_21-14-29.htm C:\Program Files\Hitman Pro\logs\Hitman_Pro_2008-04-09_21-16-39.htm C:\Program Files\Hitman Pro\logs\Hitman_Pro_2008-04-09_21-18-32.htm C:\Program Files\Hitman Pro\logs\hitmanpro.jpg C:\Program Files\Hitman Pro\pacomp.exe C:\Program Files\Hitman Pro\pacrypt.exe C:\Program Files\Hitman Pro\paext.exe C:\Program Files\Hitman Pro\Registry.pol C:\Program Files\Hitman Pro\sigcheck.exe C:\Program Files\Hitman Pro\srhelper.exe C:\Program Files\Hitman Pro\strider.bin C:\Program Files\Hitman Pro\StriderCache.ini C:\Program Files\Hitman Pro\surfright.exe C:\Program Files\Hitman Pro\timeout.exe C:\Program Files\Hitman Pro\unins000.dat C:\Program Files\Hitman Pro\unins000.exe C:\Program Files\Hitman Pro\uninstall.exe C:\Program Files\Hitman Pro\unrar3.dll C:\Program Files\Hitman Pro\update.exe C:\Program Files\Hitman Pro\updates\Registry.pol C:\Program Files\Hitman Pro\updates\uninstall.exe C:\Program Files\Hitman Pro\updates\updates.pae C:\Program Files\Hitman Pro\wget.exe C:\Program Files\Hitman Pro\xphelper.exe C:\WINDOWS\BM5796bdc3.xml C:\WINDOWS\system32\bvsuyofc.dll C:\WINDOWS\system32\fthlqgdw.dll C:\WINDOWS\system32\hxejrdpk.ini C:\WINDOWS\system32\jjsxjrth.dll C:\WINDOWS\system32\mqxamvbs.dll C:\WINDOWS\system32\obffruxe.dll C:\WINDOWS\system32\rqRLefCu.dll__DELETE_ON_REBOOT\ C:\WINDOWS\system32\tsykluky.dll C:\WINDOWS\system32\upinbnbo.dll C:\WINDOWS\system32\vbdbjfqk.dll . ((((((((((((((((((((((((( Files Created from 2008-03-16 to 2008-04-16 ))))))))))))))))))))))))))))))) . 2008-04-15 22:15 . 2008-04-15 22:15 <DIR> d-------- C:\Program Files\Panda Security 2008-04-14 19:37 . 2008-04-16 16:25 <DIR> d-------- C:\HTJ 2008-04-13 15:42 . 2008-04-13 15:42 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-04-13 15:42 . 2008-04-13 15:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-13 15:41 . 2008-04-13 15:41 19,871,600 --a------ C:\aaw2007.exe 2008-04-09 21:40 . 2008-04-09 21:40 <DIR> d-------- C:\Documents and Settings\Tob\Application Data\Lavasoft 2008-04-09 21:31 . 2008-04-09 21:31 164 --a------ C:\install.dat 2008-04-09 21:29 . 2008-04-11 13:59 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-04-09 21:29 . 2008-04-11 12:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-04-09 21:28 . 2008-04-13 15:42 <DIR> d-------- C:\Program Files\Lavasoft 2008-04-09 21:27 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX 2008-04-09 21:26 . 2008-04-09 21:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx 2008-04-09 21:25 . 2008-04-09 21:27 <DIR> d-------- C:\Temp 2008-04-09 21:12 . 2008-04-09 21:12 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy 2008-04-08 21:35 . 2008-04-08 21:35 36,864 --a------ C:\WINDOWS\system32\rqRLefCu.dll__DELETE_ON_REBOOT 2008-04-07 17:46 . 2008-04-13 15:19 <DIR> d-------- C:\pos 2008-03-30 12:59 . 2008-03-31 14:13 16,854 --a------ C:\earth.pal.nfo 2008-03-25 19:02 . 2008-03-25 19:19 381 --a------ C:\WINDOWS\cdplayer.ini 2008-03-25 19:01 . 2008-03-25 19:01 <DIR> d-------- C:\Program Files\FreeRIP3 2008-03-25 19:01 . 2008-03-25 19:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FreeRIP 2008-03-24 15:03 . 2008-04-15 20:40 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-24 15:03 . 2008-03-28 12:09 1,478,656 --a------ C:\WINDOWS\system32\WinSpooler.exe 2008-03-24 15:03 . 2008-03-28 12:26 37,888 --a------ C:\WINDOWS\system32\rar.exe 2008-03-22 20:05 . 2008-03-22 20:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-03-22 19:44 . 2008-03-22 19:44 <DIR> d-------- C:\Program Files\Bonjour 2008-03-22 19:32 . 2008-03-22 19:32 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-03-22 02:12 . 2008-03-27 17:57 5,752 --a------ C:\zwtiso.nfo . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-16 14:21 --------- d-----w C:\Program Files\FlashFXP 2008-04-13 21:07 --------- d-----w C:\Documents and Settings\Tob\Application Data\LimeWire 2008-04-13 18:43 34,816 ----a-w C:\WINDOWS\system32\WinUpdating.exe 2008-04-11 12:04 --------- d-----w C:\Program Files\GreenBox 2008-04-09 16:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-09 16:57 --------- d-----w C:\Program Files\Sony 2008-04-09 16:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation 2008-04-04 21:17 --------- d-----w C:\Documents and Settings\Tob\Application Data\Sony Corporation 2008-03-24 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip 2008-03-22 17:44 --------- d-----w C:\Program Files\Common Files\Adobe 2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-04 20:56 899,414 ----a-w C:\SetupDVDDecrypter_3.5.4.0.exe 2008-03-03 16:32 --------- d-----w C:\Program Files\Winamp 2008-02-27 22:41 --------- d-----w C:\Documents and Settings\Tob\Application Data\sony 2008-02-27 22:34 --------- d-----w C:\Documents and Settings\Tob\Application Data\Publish Providers 2008-02-27 22:34 --------- d-----w C:\Documents and Settings\Tob\Application Data\NetMedia Providers 2008-02-27 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony 2008-02-27 22:28 --------- d-----w C:\Program Files\VstPlugins 2008-02-22 09:53 --------- d-----w C:\Program Files\Belastingdienst 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-16 09:32 666,112 ----a-w C:\WINDOWS\system32\wininet.dll 2007-04-27 20:15 518 ----a-w C:\Documents and Settings\Madelief\Application Data\wklnhst.dat . ((((((((((((((((((((((((((((( snapshot@2008-04-16_ 0.05.13.60 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-15 22:00:18 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-04-16 04:20:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat - 2007-12-07 00:44:30 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll + 2008-02-16 09:32:03 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll - 2007-12-07 00:44:30 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll + 2008-02-16 09:32:03 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll - 2008-04-10 14:46:59 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-04-16 01:17:51 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-04-10 14:46:59 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-04-16 01:17:51 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-04-10 14:46:59 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-04-16 01:17:51 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2006-03-04 03:58:44 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll + 2008-02-16 09:32:03 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll - 2007-12-07 00:44:30 1,024,000 -c----w C:\WINDOWS\system32\dllcache\browseui.dll + 2008-02-16 09:32:03 1,024,000 -c----w C:\WINDOWS\system32\dllcache\browseui.dll - 2007-12-07 00:44:30 151,040 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll + 2008-02-16 09:32:03 151,040 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll - 2006-03-04 03:58:44 1,054,208 -c----w C:\WINDOWS\system32\dllcache\danim.dll + 2008-02-16 09:32:03 1,054,208 -c----w C:\WINDOWS\system32\dllcache\danim.dll + 2008-02-20 05:32:43 148,992 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll + 2008-02-20 05:32:43 45,568 -c----w C:\WINDOWS\system32\dllcache\dnsrslvr.dll - 2007-12-07 00:44:33 357,888 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll + 2008-02-16 09:32:04 357,888 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll - 2007-12-07 00:44:33 205,824 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2008-02-16 09:32:04 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll - 2007-12-07 00:44:33 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll + 2008-02-16 09:32:04 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll - 2007-06-19 13:31:19 282,112 -c----w C:\WINDOWS\system32\dllcache\gdi32.dll + 2008-02-20 06:51:05 282,624 -c----w C:\WINDOWS\system32\dllcache\gdi32.dll - 2007-12-06 10:05:52 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe + 2008-02-15 09:07:53 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe - 2007-12-07 00:44:33 251,904 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll + 2008-02-16 09:32:04 251,904 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll - 2007-12-07 00:44:33 96,256 -c----w C:\WINDOWS\system32\dllcache\inseng.dll + 2008-02-16 09:32:04 96,256 -c----w C:\WINDOWS\system32\dllcache\inseng.dll - 2007-11-14 07:26:56 450,560 -c----w C:\WINDOWS\system32\dllcache\jscript.dll + 2007-12-18 14:40:58 450,560 -c----w C:\WINDOWS\system32\dllcache\jscript.dll - 2007-12-07 00:44:33 16,384 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2008-02-16 09:32:04 16,384 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll - 2007-12-07 00:44:35 3,066,368 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll + 2008-02-16 09:32:06 3,066,880 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll - 2007-12-07 00:44:36 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2008-02-16 09:32:06 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll - 2007-12-07 00:44:36 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll + 2008-02-16 09:32:06 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll - 2007-12-07 00:44:36 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll + 2008-02-16 09:32:07 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll - 2007-12-07 00:44:36 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll + 2008-02-16 09:32:07 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll - 2007-12-07 00:44:37 1,499,136 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll + 2008-02-16 09:32:08 1,499,136 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll - 2007-12-07 00:44:38 474,112 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll + 2008-02-16 09:32:08 474,112 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll - 2007-12-07 00:44:39 617,984 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll + 2008-02-16 09:32:08 618,496 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll + 2007-12-18 14:40:58 417,792 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll - 2007-03-08 13:47:48 1,843,584 -c----w C:\WINDOWS\system32\dllcache\win32k.sys + 2008-03-19 09:47:00 1,845,248 -c----w C:\WINDOWS\system32\dllcache\win32k.sys - 2007-12-07 00:44:39 666,112 -c----w C:\WINDOWS\system32\dllcache\wininet.dll + 2008-02-16 09:32:09 666,112 -c----w C:\WINDOWS\system32\dllcache\wininet.dll - 2006-06-26 17:37:10 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll + 2008-02-20 05:32:43 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll - 2007-12-07 00:44:33 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll + 2008-02-16 09:32:04 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll - 2007-12-07 00:44:33 205,824 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2008-02-16 09:32:04 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll - 2007-12-07 00:44:33 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll + 2008-02-16 09:32:04 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll - 2008-03-22 18:29:24 1,474,656 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT + 2008-04-16 01:08:21 1,474,656 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT - 2007-12-07 00:44:33 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll + 2008-02-16 09:32:04 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll - 2007-12-07 00:44:33 96,256 ----a-w C:\WINDOWS\system32\inseng.dll + 2008-02-16 09:32:04 96,256 ----a-w C:\WINDOWS\system32\inseng.dll - 2007-11-14 07:26:56 450,560 ----a-w C:\WINDOWS\system32\jscript.dll + 2007-12-18 14:40:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll - 2007-12-07 00:44:33 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2008-02-16 09:32:04 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2008-04-05 20:56:22 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe - 2007-12-07 00:44:35 3,066,368 ----a-w C:\WINDOWS\system32\mshtml.dll + 2008-02-16 09:32:06 3,066,880 ----a-w C:\WINDOWS\system32\mshtml.dll - 2007-12-07 00:44:36 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll + 2008-02-16 09:32:06 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll - 2007-12-07 00:44:36 146,432 ----a-w C:\WINDOWS\system32\msrating.dll + 2008-02-16 09:32:06 146,432 ----a-w C:\WINDOWS\system32\msrating.dll - 2007-12-07 00:44:36 532,480 ----a-w C:\WINDOWS\system32\mstime.dll + 2008-02-16 09:32:07 532,480 ----a-w C:\WINDOWS\system32\mstime.dll - 2007-12-07 00:44:36 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll + 2008-02-16 09:32:07 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll - 2007-12-07 00:44:37 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll + 2008-02-16 09:32:08 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll - 2007-12-07 00:44:38 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll + 2008-02-16 09:32:08 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll - 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\system32\spmsg.dll + 2007-03-06 01:22:33 14,048 ------w C:\WINDOWS\system32\spmsg.dll - 2007-12-07 00:44:39 617,984 ----a-w C:\WINDOWS\system32\urlmon.dll + 2008-02-16 09:32:08 618,496 ----a-w C:\WINDOWS\system32\urlmon.dll - 2004-08-10 12:00:00 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll + 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll - 2007-12-06 09:38:31 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll + 2008-02-15 09:06:21 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll + 2008-04-16 04:20:40 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_3b4.dat . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00 15360] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352] "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-05-08 06:17 81920] "ServUTrayIcon"="C:\Program Files\RhinoSoft.com\Serv-U\ServUTray.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-08 03:50 7561216] "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-17 13:47 118784] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 14:56 64512] "Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 17:46 45056 C:\WINDOWS\system32\ico.exe] "VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 14:58 69632] "SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2006-06-27 19:24 217088] "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 15:12 32768] "Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 13:11 176128] "VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-11 22:36 151552] "Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 22:47 483328] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "LClock"="C:\Program Files\LClock\LClock.exe" [ ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgHBsQ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqRLefCu] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] VESWinlogon.dll 2006-03-09 15:51 73728 C:\WINDOWS\system32\VESWinlogon.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\FlashFXP\\FlashFXP.exe"= "D:\\eMuleDownloads\\emule.exe"= "C:\\Program Files\\Internet Explorer\\iexplore.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 18:26] R3 SonyImgF;Sony Image Conversion Filter Driver;C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2006-03-06 11:39] R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-21 11:32] S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 18:23] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \Shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea6c2b16-d358-11dc-a4ab-0002c7dda282}] \Shell\AutoRun\command - G:\LaunchU3.exe -a . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-16 16:32:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-04-16 16:33:16 ComboFix-quarantined-files.txt 2008-04-16 14:33:00 ComboFix2.txt 2008-04-15 22:05:29 Pre-Run: 2,063,499,264 bytes free Post-Run: 1,981,173,760 bytes free . 2008-04-16 01:23:10 --- E O F --- En de andere: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:38:32, on 16-4-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\HTJ\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKCU\..\Run: [servUTrayIcon] C:\Program Files\RhinoSoft.com\Serv-U\ServUTray.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O20 - Winlogon Notify: iifgHBsQ - C:\WINDOWS\ O20 - Winlogon Notify: rqRLefCu - C:\WINDOWS\ O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- End of file - 8571 bytes
  2. tobiasrapati
    Bedankt Kape!! Ik heb gedaan wat je zei... Onderstaand de logs waar je om vraagt! MvG, Tobias ComboFix 08-04-13.3 - Tob 2008-04-15 23:52:14.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1320 [GMT 2:00] Running from: C:\Documents and Settings\Tob\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\awtqpqRI.dll C:\WINDOWS\system32\awtrRIBU.dll C:\WINDOWS\system32\bfkghapt.ini C:\WINDOWS\system32\bsuqqvll.dll C:\WINDOWS\system32\byXOhIaW.dll C:\WINDOWS\system32\cbXqOgGx.dll C:\WINDOWS\system32\cudfgrae.dll C:\WINDOWS\system32\daogvaxa.ini C:\WINDOWS\system32\ddcaXPGv.dll C:\WINDOWS\system32\eggrauxw.dll C:\WINDOWS\system32\fmkamasv.ini C:\WINDOWS\system32\gushfysi.dll C:\WINDOWS\system32\ieuurwlo.dll C:\WINDOWS\system32\iibqmcpp.dll C:\WINDOWS\system32\iifgHBsQ.dll C:\WINDOWS\system32\jiptoakb.dll C:\WINDOWS\system32\jkkHXNed.dll C:\WINDOWS\system32\jxmbkypp.dll C:\WINDOWS\system32\kddhfgcw.dll C:\WINDOWS\system32\khfCvSKd.dll C:\WINDOWS\system32\llvqqusb.ini C:\WINDOWS\system32\lmougvhm.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mLeBsqoO.dll C:\WINDOWS\system32\nhfypany.dll C:\WINDOWS\system32\olwruuei.ini C:\WINDOWS\system32\onyhwasy.dll C:\WINDOWS\system32\opnOGaAq.dll C:\WINDOWS\system32\opnomkIA.dll C:\WINDOWS\system32\pmnlihgH.dll C:\WINDOWS\system32\pmnnOHXR.dll C:\WINDOWS\system32\qomliGaw.dll C:\WINDOWS\system32\qwbxtihq.dll C:\WINDOWS\system32\rmnmgglx.dll C:\WINDOWS\system32\rqRJYqrS.dll C:\WINDOWS\system32\sfhnbwan.dll C:\WINDOWS\system32\ssqOHbYs.dll C:\WINDOWS\system32\ssqQgDsQ.dll C:\WINDOWS\system32\sxrusdnk.dll C:\WINDOWS\system32\tkrlrlgb.dll C:\WINDOWS\system32\ttiqykle.ini C:\WINDOWS\system32\tuvTkllK.dll C:\WINDOWS\system32\UBIRrtwa.ini C:\WINDOWS\system32\UBIRrtwa.ini2 C:\WINDOWS\system32\ulwwynrv.ini C:\WINDOWS\system32\uxxqgnrk.dll C:\WINDOWS\system32\vtUmNecC.dll C:\WINDOWS\system32\vtUomlkJ.dll C:\WINDOWS\system32\wqsvxmsg.dll C:\WINDOWS\system32\wsblawsb.dll C:\WINDOWS\system32\yayyVmlM.dll C:\WINDOWS\system32\yqsucskn.ini . ((((((((((((((((((((((((( Files Created from 2008-03-15 to 2008-04-15 ))))))))))))))))))))))))))))))) . 2008-04-15 22:15 . 2008-04-15 22:15 <DIR> d-------- C:\Program Files\Panda Security 2008-04-15 15:09 . 2008-04-15 15:09 3,648 --a------ C:\WINDOWS\system32\obffruxe.dll 2008-04-14 20:46 . 2008-04-14 21:57 8,839,168 --a------ C:\wta-ffan-sample.avi 2008-04-14 20:41 . 2008-04-14 21:57 10,373,120 --a------ C:\wta-gbmsilkemaiden-sample.avi 2008-04-14 20:36 . 2008-04-14 21:58 8,742,912 --a------ C:\wta-dses-sample.avi 2008-04-14 20:32 . 2008-04-14 21:58 13,039,616 --a------ C:\wta-zf11-sample.avi 2008-04-14 19:37 . 2008-04-15 23:47 <DIR> d-------- C:\HTJ 2008-04-14 15:09 . 2008-04-14 15:09 3,648 --a------ C:\WINDOWS\system32\tsykluky.dll 2008-04-13 16:25 . 2008-04-14 22:04 10,690,560 --a------ C:\divxfactory-clmt-sample.avi 2008-04-13 15:42 . 2008-04-13 15:42 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-04-13 15:42 . 2008-04-13 15:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-13 15:41 . 2008-04-13 15:41 19,871,600 --a------ C:\aaw2007.exe 2008-04-13 15:10 . 2008-04-13 15:10 3,648 --a------ C:\WINDOWS\system32\bvsuyofc.dll 2008-04-13 15:04 . 2008-04-13 15:04 3,648 --a------ C:\WINDOWS\system32\jjsxjrth.dll 2008-04-13 14:40 . 2008-04-14 22:02 13,848,576 --a------ C:\nympho-worklat.sample.avi 2008-04-13 09:25 . 2008-04-14 22:03 6,969,344 --a------ C:\divxfactory-cwp11-sample.avi 2008-04-13 02:31 . 2008-04-14 22:03 13,586,432 --a------ C:\pl-oubb2-sample.avi 2008-04-12 14:12 . 2008-04-12 14:12 3,648 --a------ C:\WINDOWS\system32\vbdbjfqk.dll 2008-04-11 14:12 . 2008-04-11 14:12 3,648 --a------ C:\WINDOWS\system32\fthlqgdw.dll 2008-04-11 12:05 . 2008-04-11 12:05 3,648 --a------ C:\WINDOWS\system32\upinbnbo.dll 2008-04-09 21:40 . 2008-04-09 21:40 <DIR> d-------- C:\Documents and Settings\Tob\Application Data\Lavasoft 2008-04-09 21:31 . 2008-04-09 21:31 164 --a------ C:\install.dat 2008-04-09 21:29 . 2008-04-11 13:59 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-04-09 21:29 . 2008-04-11 12:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-04-09 21:28 . 2008-04-13 15:42 <DIR> d-------- C:\Program Files\Lavasoft 2008-04-09 21:27 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX 2008-04-09 21:26 . 2008-04-09 21:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx 2008-04-09 21:25 . 2008-04-09 21:27 <DIR> d-------- C:\Temp 2008-04-09 21:12 . 2008-04-09 21:12 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy 2008-04-09 21:12 . 2008-04-10 00:42 <DIR> d-------- C:\Program Files\Hitman Pro 2008-04-09 21:10 . 2008-04-09 21:10 4,011,208 --a------ C:\hitmanpro26.exe 2008-04-09 09:43 . 2008-04-11 12:03 1,413,763 --ahs---- C:\WINDOWS\system32\hxejrdpk.ini 2008-04-09 09:43 . 2008-04-15 21:22 101,120 --a------ C:\WINDOWS\BM5796bdc3.xml 2008-04-09 09:43 . 2008-04-09 09:43 3,648 --a------ C:\WINDOWS\system32\mqxamvbs.dll 2008-04-08 21:35 . 2008-04-08 21:35 36,864 --a------ C:\WINDOWS\system32\rqRLefCu.dll__DELETE_ON_REBOOT 2008-04-07 17:46 . 2008-04-13 15:19 <DIR> d-------- C:\pos 2008-04-05 03:37 . 2008-04-05 11:39 5,206 --a------ C:\lost.s4d2.nfo 2008-03-30 12:59 . 2008-03-31 14:13 16,854 --a------ C:\earth.pal.nfo 2008-03-25 19:02 . 2008-03-25 19:19 381 --a------ C:\WINDOWS\cdplayer.ini 2008-03-25 19:01 . 2008-03-25 19:01 <DIR> d-------- C:\Program Files\FreeRIP3 2008-03-25 19:01 . 2008-03-25 19:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FreeRIP 2008-03-24 15:03 . 2008-04-15 20:40 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-24 15:03 . 2008-03-28 12:09 1,478,656 --a------ C:\WINDOWS\system32\WinSpooler.exe 2008-03-24 15:03 . 2008-03-28 12:26 37,888 --a------ C:\WINDOWS\system32\rar.exe 2008-03-22 20:05 . 2008-03-22 20:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-03-22 19:44 . 2008-03-22 19:44 <DIR> d-------- C:\Program Files\Bonjour 2008-03-22 19:32 . 2008-03-22 19:32 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-03-22 02:12 . 2008-03-27 17:57 5,752 --a------ C:\zwtiso.nfo . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-15 19:34 --------- d-----w C:\Program Files\FlashFXP 2008-04-13 21:07 --------- d-----w C:\Documents and Settings\Tob\Application Data\LimeWire 2008-04-11 12:04 --------- d-----w C:\Program Files\GreenBox 2008-04-09 16:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-09 16:57 --------- d-----w C:\Program Files\Sony 2008-04-09 16:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation 2008-04-04 21:17 --------- d-----w C:\Documents and Settings\Tob\Application Data\Sony Corporation 2008-03-24 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip 2008-03-22 17:44 --------- d-----w C:\Program Files\Common Files\Adobe 2008-03-04 20:56 899,414 ----a-w C:\SetupDVDDecrypter_3.5.4.0.exe 2008-03-03 16:32 --------- d-----w C:\Program Files\Winamp 2008-02-27 22:41 --------- d-----w C:\Documents and Settings\Tob\Application Data\sony 2008-02-27 22:34 --------- d-----w C:\Documents and Settings\Tob\Application Data\Publish Providers 2008-02-27 22:34 --------- d-----w C:\Documents and Settings\Tob\Application Data\NetMedia Providers 2008-02-27 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony 2008-02-27 22:28 --------- d-----w C:\Program Files\VstPlugins 2008-02-22 09:53 --------- d-----w C:\Program Files\Belastingdienst 2007-04-27 20:15 518 ----a-w C:\Documents and Settings\Madelief\Application Data\wklnhst.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00 15360] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352] "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-05-08 06:17 81920] "ServUTrayIcon"="C:\Program Files\RhinoSoft.com\Serv-U\ServUTray.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-08 03:50 7561216] "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-17 13:47 118784] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 14:56 64512] "Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 17:46 45056 C:\WINDOWS\system32\ico.exe] "VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 14:58 69632] "SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2006-06-27 19:24 217088] "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 15:12 32768] "Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 13:11 176128] "VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-11 22:36 151552] "Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 22:47 483328] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "LClock"="C:\Program Files\LClock\LClock.exe" [ ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgHBsQ] iifgHBsQ.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqRLefCu] rqRLefCu.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] VESWinlogon.dll 2006-03-09 15:51 73728 C:\WINDOWS\system32\VESWinlogon.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\FlashFXP\\FlashFXP.exe"= "D:\\eMuleDownloads\\emule.exe"= "C:\\Program Files\\Internet Explorer\\iexplore.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 18:26] R3 SonyImgF;Sony Image Conversion Filter Driver;C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2006-03-06 11:39] R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-21 11:32] S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 18:23] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \Shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea6c2b16-d358-11dc-a4ab-0002c7dda282}] \Shell\AutoRun\command - G:\LaunchU3.exe -a . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-16 00:01:28 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\ehome\ehrecvr.exe C:\WINDOWS\ehome\ehSched.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\ehome\ehmsas.exe C:\Program Files\Apoint\ApntEx.exe . ************************************************************************** . Completion time: 2008-04-16 0:05:29 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-15 22:05:26 Pre-Run: 2,215,305,216 bytes free Post-Run: 2,495,242,240 bytes free . 2008-03-12 14:30:00 --- E O F --- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:06:32, on 16-4-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\ICO.EXE C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\HTJ\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKCU\..\Run: [servUTrayIcon] C:\Program Files\RhinoSoft.com\Serv-U\ServUTray.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O20 - Winlogon Notify: iifgHBsQ - iifgHBsQ.dll (file missing) O20 - Winlogon Notify: rqRLefCu - rqRLefCu.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- End of file - 8626 bytes
  3. tobiasrapati
    Hallo, ik heb eerst heel het forum afgezocht en het daarmee proberen te verhelpen, maar ik begrijp dat de procedure per pc/log verschillend is, dus bij deze toch mijn eigen topic. Ik heb last van veiligheidsagent/schijfbewaker/kuikenje (::::: Celldorado.com :::::) popups en een melding: Microsoft visual C++ detector. Ik kan nog wel internette, maar de pop ups zijn zeer irritant en soms loopt de boel vast.. Ik internet al jarennn zonder problemen dus dit is een taaie lijkt mij.. Ik heb een log gemaakt en hoop dat iemand me kan helpen! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:48:34, on 14-4-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\explorer.exe C:\HTJ\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\WINDOWS\TEMP\E_S83.tmp" /EF "HKLM" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [bM5796bdc3] Rundll32.exe "C:\WINDOWS\system32\uxxqgnrk.dll",s O4 - HKLM\..\Run: [54a58e5f] rundll32.exe "C:\WINDOWS\system32\tpahgkfb.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKCU\..\Run: [servUTrayIcon] C:\Program Files\RhinoSoft.com\Serv-U\ServUTray.exe O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe O4 - HKCU\..\Policies\Explorer\Run: [WinUpdating] WinUpdating.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- End of file - 9133 bytes MvG, Tobias en vast bedankt voor de moeite!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.