llle0zill
-
Items
8 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door llle0zill
-
-
ik kan niet verwijderen....
windows cannot find 'C:\windows\System32\winsetup63\'.make sure you typed the name correctly, and try again.
-
Ja, die is nog steed verschijnen ... hoe ik moet deze oplossen
alvast bedankt Kape
-
ComboFix 09-04-04.01 - le0zi 2009-04-06 13:30:16.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2938.1875 [GMT 2:00]
Running from: c:\users\le0zi\Desktop\ComboFix.exe
Command switches used :: c:\users\le0zi\Desktop\CFScript.txt
FILE ::
c:\windows\System32\winsetup63.exe
.
((((((((((((((((((((((((( Files Created from 2009-03-06 to 2009-04-06 )))))))))))))))))))))))))))))))
.
2009-04-06 09:14 . 2009-04-06 09:14 <DIR> d-------- c:\users\le0zi\AppData\Roaming\InterVideo
2009-04-06 01:37 . 2009-04-06 01:38 291,914,889 --a------ c:\windows\MEMORY.DMP
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Malwarebytes
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\programdata\Malwarebytes
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-05 09:54 . 2009-03-26 16:49 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-04-05 09:54 . 2009-03-26 16:49 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-04-05 09:53 . 2009-04-05 09:53 <DIR> d-------- c:\program files\Trend Micro
2009-04-05 01:00 . 2009-04-05 15:57 <DIR> d-------- c:\program files\TagRename
2009-04-03 00:57 . 2009-04-03 00:57 <DIR> d----c--- c:\windows\System32\DRVSTORE
2009-04-03 00:57 . 2009-04-03 00:57 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-04-03 00:57 . 2009-04-03 00:57 <DIR> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-04-03 00:57 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2009-04-03 00:57 . 2008-04-17 13:12 15,464 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2009-04-03 00:36 . 2009-04-03 08:45 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Symantec
2009-04-03 00:33 . 2009-04-03 08:37 <DIR> d-------- c:\program files\Norton 360
2009-04-03 00:31 . 2009-04-03 00:59 <DIR> d-------- c:\program files\Symantec
2009-04-03 00:31 . 2009-04-03 00:58 124,464 --a------ c:\windows\System32\drivers\SYMEVENT.SYS
2009-04-03 00:31 . 2009-04-03 00:58 10,635 --a------ c:\windows\System32\drivers\SYMEVENT.CAT
2009-04-03 00:31 . 2009-04-03 00:58 806 --a------ c:\windows\System32\drivers\SYMEVENT.INF
2009-04-03 00:29 . 2009-04-03 00:59 <DIR> d-------- c:\users\All Users\Symantec
2009-04-03 00:29 . 2009-04-03 00:59 <DIR> d-------- c:\programdata\Symantec
2009-04-03 00:29 . 2009-04-03 01:01 <DIR> d-------- c:\program files\Common Files\Symantec Shared
2009-04-02 02:15 . 2009-04-02 02:15 <DIR> d-------- c:\users\le0zi\Tracing
2009-04-02 02:14 . 2009-04-02 02:20 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-04-02 02:13 . 2009-04-02 02:13 <DIR> d-------- c:\program files\Microsoft Sync Framework
2009-04-02 02:12 . 2009-04-02 02:12 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition
2009-04-02 02:11 . 2009-04-02 11:26 <DIR> d-------- c:\program files\Microsoft
2009-04-02 02:10 . 2009-04-02 02:13 <DIR> d-------- c:\program files\Windows Live
2009-04-02 02:03 . 2009-04-02 02:03 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-04-02 00:17 . 2009-04-02 00:17 <DIR> d-------- c:\program files\TweakNow RegCleaner Professional
2009-04-01 23:59 . 2009-04-01 23:59 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2009-04-01 23:58 . 2009-04-02 00:04 <DIR> d-------- c:\program files\Microsoft Office(118)
2009-03-30 01:01 . 2009-04-02 11:52 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Winamp
2009-03-30 00:59 . 2009-03-30 00:59 3,702 --a------ c:\windows\poppers.exe
2009-03-29 20:09 . 2009-03-29 20:09 <DIR> d-------- c:\users\All Users\WebcamMax
2009-03-29 20:09 . 2009-03-29 20:09 <DIR> d-------- c:\programdata\WebcamMax
2009-03-29 01:55 . 2009-03-29 20:09 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Webcammax
2009-03-29 01:54 . 2009-03-29 02:01 <DIR> d-------- c:\program files\WebcamMax
2009-03-29 01:54 . 2008-03-11 15:14 941,784 --a------ c:\windows\System32\drivers\CAMTHWDM.sys
2009-03-29 01:49 . 2009-03-29 01:49 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Camfrog
2009-03-29 01:47 . 2009-03-29 01:47 <DIR> d-------- c:\program files\Camfrog
2009-03-28 02:43 . 2009-03-28 02:43 <DIR> dr------- c:\windows\System32\config\systemprofile\Searches
2009-03-28 02:43 . 2009-03-28 02:43 <DIR> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-03-28 02:43 . 2009-03-28 02:43 <DIR> dr------- c:\windows\System32\config\systemprofile\Links
2009-03-28 02:32 . 2009-03-28 02:32 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Digital Asphyxia
2009-03-28 02:32 . 2009-03-28 02:32 <DIR> d-------- c:\users\All Users\Digital Asphyxia
2009-03-28 02:32 . 2009-03-28 02:32 <DIR> d-------- c:\programdata\Digital Asphyxia
2009-03-28 02:31 . 2009-03-28 02:31 <DIR> d-------- c:\users\All Users\Tarma Installer
2009-03-28 02:31 . 2009-03-28 02:31 <DIR> d-------- c:\programdata\Tarma Installer
2009-03-28 02:31 . 2009-03-30 01:07 <DIR> d-------- c:\program files\WinAmp
2009-03-28 02:31 . 2009-03-28 02:31 <DIR> d-------- c:\program files\Digital Asphyxia
2009-03-28 02:24 . 2009-03-28 02:30 <DIR> d-------- c:\users\le0zi\AppData\Roaming\YTK Enhanced
2009-03-28 02:18 . 2009-03-28 02:23 <DIR> d-------- c:\program files\YTK Enhanced
2009-03-28 02:08 . 2009-03-28 02:14 <DIR> d-------- c:\users\le0zi\AppData\Roaming\YTK Pro
2009-03-28 01:59 . 2009-03-28 01:59 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Yahoo!
2009-03-28 01:59 . 2009-03-28 01:59 360,448 --a------ c:\windows\System32\kdu_v32r.dll
2009-03-28 01:59 . 2009-03-28 01:59 274,432 --a------ c:\windows\System32\ywcvwr.dll
2009-03-28 01:59 . 2009-03-28 01:59 274,432 --a------ c:\windows\System32\yacscom.dll
2009-03-28 01:59 . 2009-03-28 01:59 253,952 --a------ c:\windows\System32\ywcupl.dll
2009-03-28 01:59 . 2009-03-28 01:59 204,800 --a------ c:\windows\System32\yuplapp.dll
2009-03-28 01:59 . 2009-03-28 01:59 200,704 --a------ c:\windows\System32\yacsui.dll
2009-03-28 01:59 . 2009-03-28 01:59 192,512 --a------ c:\windows\System32\yvwrctl.dll
2009-03-28 01:59 . 2009-03-28 01:59 137,184 --a------ c:\windows\System32\YCabby2.Form1.resources
2009-03-28 01:59 . 2009-03-28 01:59 15,360 --a------ c:\windows\System32\tsd32.dll
2009-03-28 01:59 . 2009-03-28 01:59 8,192 --a------ c:\windows\System32\tssoft32.acm
2009-03-28 01:59 . 2009-03-28 01:59 1,978 --a------ c:\windows\System32\YCabby2.Properties.Resources.resources
2009-03-28 01:54 . 2009-03-28 01:54 <DIR> d-------- c:\users\All Users\Yahoo!
2009-03-28 01:54 . 2009-03-28 01:54 <DIR> d-------- c:\programdata\Yahoo!
2009-03-28 01:54 . 2009-03-28 01:54 <DIR> d-------- c:\program files\Yahoo!
2009-03-28 00:34 . 2009-03-28 00:34 <DIR> d-------- c:\users\le0zi\AppData\Roaming\TuneUp Software
2009-03-28 00:34 . 2009-03-28 00:34 603,904 --a------ c:\windows\System32\TUProgSt.exe
2009-03-28 00:34 . 2009-03-28 00:34 362,240 --a------ c:\windows\System32\TuneUpDefragService.exe
2009-03-28 00:34 . 2008-11-12 17:44 27,904 --a------ c:\windows\System32\uxtuneup.dll
2009-03-28 00:34 . 2008-11-12 17:44 17,152 --a------ c:\windows\System32\authuitu.dll
2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\users\All Users\TuneUp Software
2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\programdata\TuneUp Software
2009-03-28 00:33 . 2009-03-28 00:34 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-28 00:04 . 2009-03-28 00:04 <DIR> d-------- c:\program files\BitLord
2009-03-27 23:54 . 2009-03-28 00:33 <DIR> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-27 23:54 . 2009-03-28 00:33 <DIR> d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-27 20:43 . 2009-03-27 20:43 <DIR> d-------- c:\program files\CCleaner
2009-03-27 06:00 . 2009-03-27 06:00 40 --ah----- c:\windows\System32\ivireg.ivr
2009-03-27 05:55 . 2009-03-27 05:55 <DIR> d-------- c:\program files\Common Files\InterVideo
2009-03-27 05:52 . 2009-03-27 05:55 <DIR> d-------- c:\program files\InterVideo
2009-03-27 05:50 . 2009-03-27 05:50 <DIR> d-------- C:\Documentation
2009-03-27 05:50 . 2009-03-27 05:50 0 --a------ c:\windows\VAIOUpdt.INI
2009-03-27 05:47 . 2008-10-21 19:52 3,727,720 --a------ c:\windows\System32\d3dx9_35.dll
2009-03-27 05:46 . 2008-11-06 03:32 98,304 --a------ c:\windows\System32\VESWinlogon.dll
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\users\All Users\Uninstall
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\users\All Users\Sonic
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\users\All Users\Skype
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\programdata\Uninstall
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\programdata\Sonic
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\programdata\Skype
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Skype
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Roxio
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Common Files\Skype
2009-03-27 05:41 . 2009-03-27 05:41 <DIR> d-------- c:\program files\Common Files\Sonic Shared
2009-03-27 05:41 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Common Files\Roxio Shared
2009-03-27 05:41 . 2008-08-30 01:23 129,520 --------- c:\windows\System32\pxafs.dll
2009-03-27 05:36 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft Office Suite Activation Assistant
2009-03-27 05:35 . 2009-03-27 05:36 422 --a------ c:\windows\System32\mapisvc.inf
2009-03-27 05:34 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft Small Business
2009-03-27 05:32 . 2009-04-02 12:04 <DIR> d-------- c:\program files\Microsoft SQL Server
2009-03-27 05:28 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft Works
2009-03-27 05:27 . 2009-03-27 05:27 <DIR> d-------- c:\windows\PCHEALTH
2009-03-27 05:27 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft.NET
2009-03-27 05:26 . 2009-04-05 18:23 <DIR> d-------- c:\users\All Users\Microsoft Help
2009-03-27 05:26 . 2009-04-05 18:23 <DIR> d-------- c:\programdata\Microsoft Help
2009-03-27 05:25 . 2009-04-02 11:52 <DIR> dr-h----- C:\MSOCache
2009-03-27 05:19 . 2009-04-02 16:47 <DIR> d-------- c:\users\All Users\McAfee
2009-03-27 05:19 . 2009-04-02 16:47 <DIR> d-------- c:\programdata\McAfee
2009-03-27 05:18 . 2009-03-27 05:51 <DIR> d-------- c:\program files\Common Files\ArcSoft
2009-03-27 05:18 . 2009-03-27 05:51 <DIR> d-------- c:\program files\ArcSoft
2009-03-27 05:18 . 2005-04-28 01:36 245,408 --a------ c:\windows\System32\unicows.dll
2009-03-27 05:18 . 1995-07-31 22:44 212,480 --a------ c:\windows\System32\PCDLIB32.DLL
2009-03-27 05:18 . 2008-09-05 02:06 55,808 --a------ c:\windows\System32\ArcSoftKsUFilter.dll
2009-03-27 05:18 . 2008-04-24 23:06 17,920 --a------ c:\windows\System32\drivers\ArcSoftKsUFilter.sys
2009-03-27 05:17 . 2009-03-27 05:17 <DIR> d-------- c:\windows\System32\Macromed
2009-03-27 05:12 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Common Files\PX Storage Engine
2009-03-27 05:11 . 2009-03-27 05:11 <DIR> d-------- c:\windows\Sonysys
2009-03-27 05:11 . 2009-03-27 05:11 <DIR> d-------- c:\program files\Picasa2
2009-03-27 05:11 . 2009-03-27 05:11 <DIR> d-------- c:\program files\Big Fish Games Game Suite
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-01 22:05 --------- d-----w c:\program files\MSBuild
2009-03-28 09:53 --------- d-----w c:\programdata\Sony Corporation
2009-03-28 06:40 --------- d-----w c:\program files\Google
2009-03-28 00:43 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-27 03:55 --------- d-----w c:\program files\sony
2009-03-27 03:46 --------- d-----w c:\program files\Common Files\Sony Shared
2009-03-27 03:18 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-26 22:22 --------- d-----w c:\program files\Windows Mail
2009-02-19 11:31 96,560 ----a-w c:\windows\system32\drivers\symfw.sys
2009-02-19 11:31 9,844 ----a-w c:\windows\system32\drivers\SymRedir.cat
2009-02-19 11:31 41,008 ----a-w c:\windows\system32\drivers\symndisv.sys
2009-02-19 11:31 38,576 ----a-w c:\windows\system32\drivers\symids.sys
2009-02-19 11:31 24,112 ----a-w c:\windows\system32\drivers\SymIMV.sys
2009-02-19 11:31 22,320 ----a-w c:\windows\system32\drivers\symredrv.sys
2009-02-19 11:31 184,496 ----a-w c:\windows\system32\drivers\symtdi.sys
2009-02-19 11:31 13,616 ----a-w c:\windows\system32\drivers\symdns.sys
2009-02-19 11:31 1,611 ----a-w c:\windows\system32\drivers\SymRedir.inf
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
2006-07-21 11:44 244,224 --sha-r c:\users\le0zi\AppData\Roaming\plugin.dat
2005-05-21 20:09 0 --sh--r c:\users\le0zi\AppData\Roaming\logs.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-04-06_ 1.16.49.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-04-05 23:07:45 1,751,960 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-04-05 23:58:11 222,560 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-04-05 23:08:47 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-04-06 05:18:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-04-05 23:08:47 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-04-06 05:18:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-04-05 23:10:21 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-04-06 05:19:24 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-04-06 05:19:24 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-04-05 23:16:27 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-04-06 05:20:01 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-04-06 05:20:01 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-04-05 23:08:47 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-04-06 11:26:12 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-04-05 23:08:47 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-06 11:26:12 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-04-05 23:08:47 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-04-06 11:26:12 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-04-05 22:52:06 123,374 ----a-w c:\windows\System32\perfc009.dat
+ 2009-04-06 05:26:13 123,374 ----a-w c:\windows\System32\perfc009.dat
- 2009-04-05 22:52:06 647,086 ----a-w c:\windows\System32\perfh009.dat
+ 2009-04-06 05:26:13 647,086 ----a-w c:\windows\System32\perfh009.dat
- 2009-04-05 23:10:41 8,000 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3337915833-3909974501-4074879784-1003_UserData.bin
+ 2009-04-06 05:20:55 8,284 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3337915833-3909974501-4074879784-1003_UserData.bin
- 2009-04-05 23:10:41 77,420 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-04-06 05:20:55 77,722 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-04-05 23:10:40 42,200 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-04-06 05:20:54 42,200 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-22 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-22 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-22 145944]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-10-22 30192]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"RtHDVCpl"="RtHDVCpl.exe" [2008-10-17 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-06 03:32 98304 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"MarketingTools"=c:\program files\Sony\Marketing Tools\MarketingTools.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1C1BB25C-926A-4DD7-82B0-7F2373A5F7AC}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{A7D48CF0-1E56-4201-8F2D-FEC30F16F526}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{F41E5DCD-4A80-4E31-91E9-E9E08D2D9F22}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{A24B4733-BA29-42E9-9E41-BC470169230C}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{446A1642-40FE-49F9-966E-7A071E38CB72}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{72D68F33-D58C-464B-A2D4-C473A3A740C0}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{40E6F7DE-A303-454E-B025-8FE57821F1D1}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{F84D401C-7E0A-43DE-AD08-5895C0220C87}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{52FF4FC1-9204-4D70-B191-C7E67739CAFA}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"TCP Query User{8084222D-7CDE-4743-B371-E8E2D96BB458}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= UDP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"UDP Query User{C3E2AAFD-EB18-46CE-BDB7-FD1675774657}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= TCP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"TCP Query User{B60CB346-222E-4B5E-8BBA-B6B3A8F25056}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{74E91D6A-C746-4176-934E-AF24EF4207D5}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090331.004\IDSvix86.sys [2009-04-03 272432]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CAMTHWDM.sys [2009-03-29 941784]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-02-18 149352]
R2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2009-03-27 303104]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [2007-04-18 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-10-22 104992]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-03-28 603904]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-03-27 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\VAIO Power Management\SPMService.exe [2008-10-22 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-12 446464]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-03-27 337184]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilter.sys [2009-03-27 17920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-04-03 101936]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [2008-10-22 9344]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2009-02-19 41008]
S3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [2008-01-13 23888]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-22 30192]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\VAIO Media plus\SOHCImp.exe [2009-03-27 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\VAIO Media plus\SOHDms.exe [2009-03-27 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\VAIO Media plus\SOHDs.exe [2009-03-27 62752]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-03-27 83232]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - COMHOST
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-04-06 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 17:28]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.nl/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-06 13:33:08
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
Completion time: 2009-04-06 13:35:41
ComboFix-quarantined-files.txt 2009-04-06 11:35:35
ComboFix2.txt 2009-04-06 09:39:15
ComboFix3.txt 2009-04-06 09:30:29
ComboFix4.txt 2009-04-05 23:18:05
Pre-Run: 176,241,496,064 bytes free
Post-Run: 176,210,624,512 bytes free
295 --- E O F --- 2009-04-02 10:11:08
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:52:59, on 4/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8084 bytes
-
ComboFix 09-04-04.01 - le0zi 2009-04-06 1:14:29.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2938.1931 [GMT 2:00]
Running from: c:\users\le0zi\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\x64
.
((((((((((((((((((((((((( Files Created from 2009-03-05 to 2009-04-05 )))))))))))))))))))))))))))))))
.
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Malwarebytes
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\programdata\Malwarebytes
2009-04-05 09:54 . 2009-04-05 09:54 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-05 09:54 . 2009-03-26 16:49 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-04-05 09:54 . 2009-03-26 16:49 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-04-05 09:53 . 2009-04-05 09:53 <DIR> d-------- c:\program files\Trend Micro
2009-04-05 03:16 . 2009-04-05 03:17 128,000 --a------ c:\windows\System32\winsetup63.exe
2009-04-05 01:00 . 2009-04-05 15:57 <DIR> d-------- c:\program files\TagRename
2009-04-03 00:57 . 2009-04-03 00:57 <DIR> d----c--- c:\windows\System32\DRVSTORE
2009-04-03 00:57 . 2009-04-03 00:57 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-04-03 00:57 . 2009-04-03 00:57 <DIR> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-04-03 00:57 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2009-04-03 00:57 . 2008-04-17 13:12 15,464 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2009-04-03 00:36 . 2009-04-03 08:45 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Symantec
2009-04-03 00:33 . 2009-04-03 08:37 <DIR> d-------- c:\program files\Norton 360
2009-04-03 00:31 . 2009-04-03 00:59 <DIR> d-------- c:\program files\Symantec
2009-04-03 00:31 . 2009-04-03 00:58 124,464 --a------ c:\windows\System32\drivers\SYMEVENT.SYS
2009-04-03 00:31 . 2009-04-03 00:58 10,635 --a------ c:\windows\System32\drivers\SYMEVENT.CAT
2009-04-03 00:31 . 2009-04-03 00:58 806 --a------ c:\windows\System32\drivers\SYMEVENT.INF
2009-04-03 00:29 . 2009-04-03 00:59 <DIR> d-------- c:\users\All Users\Symantec
2009-04-03 00:29 . 2009-04-03 00:59 <DIR> d-------- c:\programdata\Symantec
2009-04-03 00:29 . 2009-04-03 01:01 <DIR> d-------- c:\program files\Common Files\Symantec Shared
2009-04-02 02:15 . 2009-04-02 02:15 <DIR> d-------- c:\users\le0zi\Tracing
2009-04-02 02:14 . 2009-04-02 02:20 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-04-02 02:13 . 2009-04-02 02:13 <DIR> d-------- c:\program files\Microsoft Sync Framework
2009-04-02 02:12 . 2009-04-02 02:12 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition
2009-04-02 02:11 . 2009-04-02 11:26 <DIR> d-------- c:\program files\Microsoft
2009-04-02 02:10 . 2009-04-02 02:13 <DIR> d-------- c:\program files\Windows Live
2009-04-02 02:03 . 2009-04-02 02:03 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-04-02 00:17 . 2009-04-02 00:17 <DIR> d-------- c:\program files\TweakNow RegCleaner Professional
2009-04-01 23:59 . 2009-04-01 23:59 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2009-04-01 23:58 . 2009-04-02 00:04 <DIR> d-------- c:\program files\Microsoft Office(118)
2009-03-30 01:01 . 2009-04-02 11:52 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Winamp
2009-03-30 00:59 . 2009-03-30 00:59 3,702 --a------ c:\windows\poppers.exe
2009-03-29 20:09 . 2009-03-29 20:09 <DIR> d-------- c:\users\All Users\WebcamMax
2009-03-29 20:09 . 2009-03-29 20:09 <DIR> d-------- c:\programdata\WebcamMax
2009-03-29 01:55 . 2009-03-29 20:09 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Webcammax
2009-03-29 01:54 . 2009-03-29 02:01 <DIR> d-------- c:\program files\WebcamMax
2009-03-29 01:54 . 2008-03-11 15:14 941,784 --a------ c:\windows\System32\drivers\CAMTHWDM.sys
2009-03-29 01:49 . 2009-03-29 01:49 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Camfrog
2009-03-29 01:47 . 2009-03-29 01:47 <DIR> d-------- c:\program files\Camfrog
2009-03-28 02:43 . 2009-03-28 02:43 <DIR> dr------- c:\windows\System32\config\systemprofile\Searches
2009-03-28 02:43 . 2009-03-28 02:43 <DIR> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-03-28 02:43 . 2009-03-28 02:43 <DIR> dr------- c:\windows\System32\config\systemprofile\Links
2009-03-28 02:32 . 2009-03-28 02:32 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Digital Asphyxia
2009-03-28 02:32 . 2009-03-28 02:32 <DIR> d-------- c:\users\All Users\Digital Asphyxia
2009-03-28 02:32 . 2009-03-28 02:32 <DIR> d-------- c:\programdata\Digital Asphyxia
2009-03-28 02:31 . 2009-03-28 02:31 <DIR> d-------- c:\users\All Users\Tarma Installer
2009-03-28 02:31 . 2009-03-28 02:31 <DIR> d-------- c:\programdata\Tarma Installer
2009-03-28 02:31 . 2009-03-30 01:07 <DIR> d-------- c:\program files\WinAmp
2009-03-28 02:31 . 2009-03-28 02:31 <DIR> d-------- c:\program files\Digital Asphyxia
2009-03-28 02:24 . 2009-03-28 02:30 <DIR> d-------- c:\users\le0zi\AppData\Roaming\YTK Enhanced
2009-03-28 02:18 . 2009-03-28 02:23 <DIR> d-------- c:\program files\YTK Enhanced
2009-03-28 02:08 . 2009-03-28 02:14 <DIR> d-------- c:\users\le0zi\AppData\Roaming\YTK Pro
2009-03-28 01:59 . 2009-03-28 01:59 <DIR> d-------- c:\users\le0zi\AppData\Roaming\Yahoo!
2009-03-28 01:59 . 2009-03-28 01:59 360,448 --a------ c:\windows\System32\kdu_v32r.dll
2009-03-28 01:59 . 2009-03-28 01:59 274,432 --a------ c:\windows\System32\ywcvwr.dll
2009-03-28 01:59 . 2009-03-28 01:59 274,432 --a------ c:\windows\System32\yacscom.dll
2009-03-28 01:59 . 2009-03-28 01:59 253,952 --a------ c:\windows\System32\ywcupl.dll
2009-03-28 01:59 . 2009-03-28 01:59 204,800 --a------ c:\windows\System32\yuplapp.dll
2009-03-28 01:59 . 2009-03-28 01:59 200,704 --a------ c:\windows\System32\yacsui.dll
2009-03-28 01:59 . 2009-03-28 01:59 192,512 --a------ c:\windows\System32\yvwrctl.dll
2009-03-28 01:59 . 2009-03-28 01:59 137,184 --a------ c:\windows\System32\YCabby2.Form1.resources
2009-03-28 01:59 . 2009-03-28 01:59 15,360 --a------ c:\windows\System32\tsd32.dll
2009-03-28 01:59 . 2009-03-28 01:59 8,192 --a------ c:\windows\System32\tssoft32.acm
2009-03-28 01:59 . 2009-03-28 01:59 1,978 --a------ c:\windows\System32\YCabby2.Properties.Resources.resources
2009-03-28 01:54 . 2009-03-28 01:54 <DIR> d-------- c:\users\All Users\Yahoo!
2009-03-28 01:54 . 2009-03-28 01:54 <DIR> d-------- c:\programdata\Yahoo!
2009-03-28 01:54 . 2009-03-28 01:54 <DIR> d-------- c:\program files\Yahoo!
2009-03-28 00:34 . 2009-03-28 00:34 <DIR> d-------- c:\users\le0zi\AppData\Roaming\TuneUp Software
2009-03-28 00:34 . 2009-03-28 00:34 603,904 --a------ c:\windows\System32\TUProgSt.exe
2009-03-28 00:34 . 2009-03-28 00:34 362,240 --a------ c:\windows\System32\TuneUpDefragService.exe
2009-03-28 00:34 . 2008-11-12 17:44 27,904 --a------ c:\windows\System32\uxtuneup.dll
2009-03-28 00:34 . 2008-11-12 17:44 17,152 --a------ c:\windows\System32\authuitu.dll
2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\users\All Users\TuneUp Software
2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\programdata\TuneUp Software
2009-03-28 00:33 . 2009-03-28 00:34 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-28 00:04 . 2009-03-28 00:04 <DIR> d-------- c:\program files\BitLord
2009-03-27 23:54 . 2009-03-28 00:33 <DIR> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-27 23:54 . 2009-03-28 00:33 <DIR> d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-27 20:43 . 2009-03-27 20:43 <DIR> d-------- c:\program files\CCleaner
2009-03-27 06:00 . 2009-03-27 06:00 40 --ah----- c:\windows\System32\ivireg.ivr
2009-03-27 05:55 . 2009-03-27 05:55 <DIR> d-------- c:\program files\Common Files\InterVideo
2009-03-27 05:52 . 2009-03-27 05:55 <DIR> d-------- c:\program files\InterVideo
2009-03-27 05:50 . 2009-03-27 05:50 <DIR> d-------- C:\Documentation
2009-03-27 05:50 . 2009-03-27 05:50 0 --a------ c:\windows\VAIOUpdt.INI
2009-03-27 05:47 . 2008-10-21 19:52 3,727,720 --a------ c:\windows\System32\d3dx9_35.dll
2009-03-27 05:46 . 2008-11-06 03:32 98,304 --a------ c:\windows\System32\VESWinlogon.dll
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\users\All Users\Uninstall
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\users\All Users\Sonic
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\users\All Users\Skype
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\programdata\Uninstall
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\programdata\Sonic
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\programdata\Skype
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Skype
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Roxio
2009-03-27 05:42 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Common Files\Skype
2009-03-27 05:41 . 2009-03-27 05:41 <DIR> d-------- c:\program files\Common Files\Sonic Shared
2009-03-27 05:41 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Common Files\Roxio Shared
2009-03-27 05:41 . 2008-08-30 01:23 129,520 --------- c:\windows\System32\pxafs.dll
2009-03-27 05:36 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft Office Suite Activation Assistant
2009-03-27 05:35 . 2009-03-27 05:36 422 --a------ c:\windows\System32\mapisvc.inf
2009-03-27 05:34 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft Small Business
2009-03-27 05:32 . 2009-04-02 12:04 <DIR> d-------- c:\program files\Microsoft SQL Server
2009-03-27 05:28 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft Works
2009-03-27 05:27 . 2009-03-27 05:27 <DIR> d-------- c:\windows\PCHEALTH
2009-03-27 05:27 . 2009-04-02 11:52 <DIR> d-------- c:\program files\Microsoft.NET
2009-03-27 05:26 . 2009-04-05 18:23 <DIR> d-------- c:\users\All Users\Microsoft Help
2009-03-27 05:26 . 2009-04-05 18:23 <DIR> d-------- c:\programdata\Microsoft Help
2009-03-27 05:25 . 2009-04-02 11:52 <DIR> dr-h----- C:\MSOCache
2009-03-27 05:19 . 2009-04-02 16:47 <DIR> d-------- c:\users\All Users\McAfee
2009-03-27 05:19 . 2009-04-02 16:47 <DIR> d-------- c:\programdata\McAfee
2009-03-27 05:18 . 2009-03-27 05:51 <DIR> d-------- c:\program files\Common Files\ArcSoft
2009-03-27 05:18 . 2009-03-27 05:51 <DIR> d-------- c:\program files\ArcSoft
2009-03-27 05:18 . 2005-04-28 01:36 245,408 --a------ c:\windows\System32\unicows.dll
2009-03-27 05:18 . 1995-07-31 22:44 212,480 --a------ c:\windows\System32\PCDLIB32.DLL
2009-03-27 05:18 . 2008-09-05 02:06 55,808 --a------ c:\windows\System32\ArcSoftKsUFilter.dll
2009-03-27 05:18 . 2008-04-24 23:06 17,920 --a------ c:\windows\System32\drivers\ArcSoftKsUFilter.sys
2009-03-27 05:17 . 2009-03-27 05:17 <DIR> d-------- c:\windows\System32\Macromed
2009-03-27 05:12 . 2009-03-27 05:42 <DIR> d-------- c:\program files\Common Files\PX Storage Engine
2009-03-27 05:11 . 2009-03-27 05:11 <DIR> d-------- c:\windows\Sonysys
2009-03-27 05:11 . 2009-03-27 05:11 <DIR> d-------- c:\program files\Picasa2
2009-03-27 05:11 . 2009-03-27 05:11 <DIR> d-------- c:\program files\Big Fish Games Game Suite
2009-03-27 05:04 . 2008-01-21 03:43 <DIR> dr------- c:\users\Default\Searches
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-01 22:05 --------- d-----w c:\program files\MSBuild
2009-03-28 09:53 --------- d-----w c:\programdata\Sony Corporation
2009-03-28 06:40 --------- d-----w c:\program files\Google
2009-03-28 00:43 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-27 03:55 --------- d-----w c:\program files\sony
2009-03-27 03:46 --------- d-----w c:\program files\Common Files\Sony Shared
2009-03-27 03:18 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-26 22:22 --------- d-----w c:\program files\Windows Mail
2009-02-19 11:31 96,560 ----a-w c:\windows\system32\drivers\symfw.sys
2009-02-19 11:31 9,844 ----a-w c:\windows\system32\drivers\SymRedir.cat
2009-02-19 11:31 41,008 ----a-w c:\windows\system32\drivers\symndisv.sys
2009-02-19 11:31 38,576 ----a-w c:\windows\system32\drivers\symids.sys
2009-02-19 11:31 24,112 ----a-w c:\windows\system32\drivers\SymIMV.sys
2009-02-19 11:31 22,320 ----a-w c:\windows\system32\drivers\symredrv.sys
2009-02-19 11:31 184,496 ----a-w c:\windows\system32\drivers\symtdi.sys
2009-02-19 11:31 13,616 ----a-w c:\windows\system32\drivers\symdns.sys
2009-02-19 11:31 1,611 ----a-w c:\windows\system32\drivers\SymRedir.inf
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
2006-07-21 11:44 244,224 --sha-r c:\users\le0zi\AppData\Roaming\plugin.dat
2005-05-21 20:09 0 --sh--r c:\users\le0zi\AppData\Roaming\logs.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-22 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-22 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-22 145944]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-10-22 30192]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"RtHDVCpl"="RtHDVCpl.exe" [2008-10-17 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-06 03:32 98304 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"MarketingTools"=c:\program files\Sony\Marketing Tools\MarketingTools.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1C1BB25C-926A-4DD7-82B0-7F2373A5F7AC}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{A7D48CF0-1E56-4201-8F2D-FEC30F16F526}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{F41E5DCD-4A80-4E31-91E9-E9E08D2D9F22}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{A24B4733-BA29-42E9-9E41-BC470169230C}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{446A1642-40FE-49F9-966E-7A071E38CB72}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{72D68F33-D58C-464B-A2D4-C473A3A740C0}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{40E6F7DE-A303-454E-B025-8FE57821F1D1}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{F84D401C-7E0A-43DE-AD08-5895C0220C87}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{52FF4FC1-9204-4D70-B191-C7E67739CAFA}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"TCP Query User{8084222D-7CDE-4743-B371-E8E2D96BB458}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= UDP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"UDP Query User{C3E2AAFD-EB18-46CE-BDB7-FD1675774657}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= TCP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"TCP Query User{B60CB346-222E-4B5E-8BBA-B6B3A8F25056}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{74E91D6A-C746-4176-934E-AF24EF4207D5}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090331.004\IDSvix86.sys [2009-04-03 272432]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CAMTHWDM.sys [2009-03-29 941784]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-02-18 149352]
R2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2009-03-27 303104]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [2007-04-18 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-10-22 104992]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-03-28 603904]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-03-27 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\VAIO Power Management\SPMService.exe [2008-10-22 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-12 446464]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-03-27 337184]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilter.sys [2009-03-27 17920]
R3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [2008-01-13 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-04-03 101936]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [2008-10-22 9344]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2009-02-19 41008]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-22 30192]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\VAIO Media plus\SOHCImp.exe [2009-03-27 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\VAIO Media plus\SOHDms.exe [2009-03-27 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\VAIO Media plus\SOHDs.exe [2009-03-27 62752]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-03-27 83232]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - COMHOST
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - g:\autorun\Autorun.exe
.
Contents of the 'Scheduled Tasks' folder
2009-04-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 17:28]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.nl/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-06 01:16:27
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
Completion time: 2009-04-06 1:18:04
ComboFix-quarantined-files.txt 2009-04-05 23:18:00
Pre-Run: 176,665,280,512 bytes free
Post-Run: 176,633,729,024 bytes free
264 --- E O F --- 2009-04-02 10:11:08
-
Malwarebytes' Anti-Malware 1.35
Database version: 1940
Windows 6.0.6001 Service Pack 1
4/6/2009 00:51:54
mbam-log-2009-04-06 (00-51-54).txt
Scan type: Quick Scan
Objects scanned: 64671
Time elapsed: 2 minute(s), 46 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
=======================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:58:50, on 4/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Home
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8929 bytes
-
Hai iedereen, ik heb een problem help mij ....
Mijn HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:21:34, on 4/5/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Home
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\le0zi\AppData\Local\Temp\tuvSmnoo.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\le0zi\AppData\Local\Temp\qoMcbbXq.dll,c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O13 - Gopher Prefix:
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9605 bytes
[OPGELOST] Windows Securty Alerts
in Archief Bestrijding malware & virussen
Geplaatst:
OK,voor nog een keer ... hartelijk bedankt voor de moeite, Kape
misschien ik ga eens proberen met recovery CD dat hoop ik is gelukt ...