Zoals gezegd zo gedaan hier komen de logjes.
ik hoop dat er wat uit komt.
groetjes Erik
ComboFix 09-05-06.08 - Eigenaar 07-05-2009 17:36.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.606
Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe
AV: PC Veilig 8.00 *On-access scanning disabled* (Updated)
FW: PC Veilig 8.00 *disabled*
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-04-07 to 2009-05-07 ))))))))))))))))))))))))))))))
.
2009-05-06 16:49 . 2009-05-06 16:49 ——– d–h–r c:\documents and settings\Eigenaar\Onlangs geopend
2009-05-06 16:39 . 2009-05-06 16:39 ——– d—–w c:\documents and settings\Eigenaar\Application Data\Yahoo!
2009-05-06 16:39 . 2009-05-06 16:46 ——– d—–w c:\program files\Yahoo!
2009-05-06 16:39 . 2009-05-06 16:40 ——– d—–w c:\program files\CCleaner
2009-05-05 18:13 . 2009-04-06 13:32 15504 —-a-w c:\windows\system32\drivers\mbam.sys
2009-05-05 18:13 . 2009-04-06 13:32 38496 —-a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-05 18:13 . 2009-05-05 18:13 ——– d—–w c:\program files\Malwarebytes' Anti-Malware
2009-05-05 04:24 . 2009-05-04 19:41 15688 —-a-w c:\windows\system32\lsdelete.exe
2009-05-04 19:41 . 2009-05-04 19:38 64160 —-a-w c:\windows\system32\drivers\Lbd.sys
2009-05-04 19:34 . 2009-05-04 19:34 ——– dc-h–w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-05-04 19:34 . 2009-05-04 19:34 ——– d—–w c:\program files\Lavasoft
2009-05-04 19:34 . 2009-05-04 19:41 ——– d—–w c:\documents and settings\All Users\Application Data\Lavasoft
2009-05-04 17:23 . 2009-05-04 17:27 ——– d—–w c:\program files\Spybot - Search & Destroy
2009-05-04 17:23 . 2009-05-06 16:43 ——– d—–w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-15 04:41 . 2009-02-06 10:10 227840 -c—-w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 04:41 . 2009-03-06 14:23 285696 -c—-w c:\windows\system32\dllcache\pdh.dll
2009-04-15 04:41 . 2009-02-09 11:27 111104 -c—-w c:\windows\system32\dllcache\services.exe
2009-04-15 04:41 . 2009-02-09 10:56 401408 -c—-w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 04:41 . 2009-02-09 10:56 473600 -c—-w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 04:41 . 2009-02-09 10:56 684544 -c—-w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 04:41 . 2009-02-09 10:56 734208 -c—-w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 04:41 . 2009-02-09 10:56 453120 -c—-w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 04:41 . 2009-02-09 10:56 735744 -c—-w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 04:39 . 2008-04-21 21:16 218624 -c—-w c:\windows\system32\dllcache\wordpad.exe
2009-04-12 20:34 . 2002-11-21 08:57 204800 —-a-w c:\windows\system32\IVIresizeW7.dll
2009-04-12 20:34 . 2002-11-21 08:57 188416 —-a-w c:\windows\system32\IVIresizePX.dll
2009-04-12 20:34 . 2002-11-21 08:57 192512 —-a-w c:\windows\system32\IVIresizeP6.dll
2009-04-12 20:34 . 2002-11-21 08:57 192512 —-a-w c:\windows\system32\IVIresizeM6.dll
2009-04-12 20:34 . 2002-11-21 08:57 200704 —-a-w c:\windows\system32\IVIresizeA6.dll
2009-04-12 20:34 . 2002-11-21 08:57 20480 —-a-w c:\windows\system32\IVIresize.dll
2009-04-12 20:34 . 2009-04-12 20:34 ——– d—–w c:\program files\InterVideo
2009-04-12 20:33 . 2009-04-12 20:33 ——– d—–w c:\documents and settings\Eigenaar\Application Data\Ulead Systems
2009-04-12 20:26 . 2009-04-12 20:26 ——– d—–w c:\program files\Ulead Systems
2009-04-12 20:26 . 2009-04-12 20:33 ——– d—–w c:\program files\Common Files\Ulead Systems
2009-04-12 20:26 . 2009-04-12 20:32 ——– d—–w c:\documents and settings\All Users\Application Data\Ulead Systems
2009-04-12 20:06 . 2009-04-12 20:06 ——– d—–w c:\documents and settings\Eigenaar\Application Data\Publish Providers
2009-04-12 20:05 . 2009-04-12 20:05 ——– d—–w c:\documents and settings\Eigenaar\Local Settings\Application Data\Sony
2009-04-12 19:46 . 2009-04-12 20:05 ——– d—–w c:\documents and settings\Eigenaar\Application Data\Sony
2009-04-12 19:44 . 2009-04-12 19:44 ——– d—–w c:\program files\Vstplugins
2009-04-12 19:43 . 2009-04-12 19:46 ——– d—–w c:\documents and settings\All Users\Application Data\Sony
2009-04-12 19:43 . 2009-04-12 19:43 ——– d—–w c:\program files\Sony
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-07 15:19 . 2009-03-17 19:44 ——– d—–w c:\program files\PC Veilig
2009-04-22 19:31 . 2008-09-28 11:10 0 —-a-w c:\windows\system32\drivers\lvuvc.hs
2009-04-15 04:56 . 2005-12-12 08:05 551698 —-a-w c:\windows\system32\perfh013.dat
2009-04-15 04:56 . 2005-12-12 08:05 108858 —-a-w c:\windows\system32\perfc013.dat
2009-04-14 19:16 . 2007-10-10 17:31 ——– d—–w c:\program files\EPSON Print CD
2009-04-12 20:50 . 2005-12-27 10:42 60848 —-a-w c:\documents and settings\Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-12 20:34 . 2005-12-12 07:43 ——– d–h–w c:\program files\InstallShield Installation Information
2009-04-12 19:11 . 2006-03-14 17:03 ——– d—–w c:\program files\Winamp
2009-04-12 19:09 . 2006-10-25 10:13 ——– d—–w c:\program files\Windows Live Toolbar
2009-04-12 18:08 . 2005-12-29 14:56 ——– d—–w c:\program files\proDAD
2009-04-12 18:06 . 2006-10-23 11:18 ——– d—–w c:\program files\Real
2009-04-12 18:06 . 2006-10-23 11:18 ——– d—–w c:\program files\Common Files\Real
2009-04-12 17:19 . 2008-11-12 19:26 ——– d—–w c:\program files\Boris FX, Inc
2009-04-12 17:19 . 2005-12-30 12:59 ——– d—–w c:\program files\Pinnacle
2009-04-11 11:35 . 2006-12-08 22:02 ——– d—–w c:\program files\DivX
2009-04-11 11:21 . 2005-12-27 14:47 ——– d—–w c:\program files\Common Files\Symantec Shared
2009-04-05 19:09 . 2007-12-18 19:05 ——– d—–w c:\program files\LimeWire Plus
2009-04-03 15:37 . 2007-09-06 15:01 ——– d—–w c:\program files\Java
2009-04-02 18:11 . 2009-04-02 18:11 ——– d—–w c:\program files\Fotoservice
2009-04-01 18:54 . 2008-09-28 11:06 ——– d—–w c:\program files\Common Files\LogiShrd
2009-04-01 18:54 . 2009-04-01 18:54 ——– d—–w c:\program files\Logitech
2009-04-01 18:09 . 2008-09-28 11:10 0 ——w c:\windows\system32\drivers\logiflt.iad
2009-04-01 06:49 . 2009-04-01 06:49 ——– d—–w c:\program files\Common Files\Windows Live
2009-03-28 14:47 . 2005-12-29 15:04 ——– d—–w c:\program files\QuickTime
2009-03-28 14:41 . 2006-10-05 16:58 ——– d—–w c:\program files\Google
2009-03-28 09:28 . 2009-03-28 09:28 56 ——w c:\windows\system32\ezsidmv.dat
2009-03-28 09:27 . 2009-03-28 09:27 ——– d—–w c:\program files\Common Files\Skype
2009-03-28 09:27 . 2009-03-28 09:27 ——– d—–r c:\program files\Skype
2009-03-19 18:44 . 2009-03-19 18:44 ——– d—–w c:\program files\MSBuild
2009-03-19 18:43 . 2009-03-19 18:43 ——– d—–w c:\program files\Reference Assemblies
2009-03-18 20:28 . 2005-12-12 08:13 ——– d—–w c:\program files\Common Files\Adobe
2009-03-18 17:06 . 2009-03-18 17:06 ——– d—–w c:\program files\Trend Micro
2009-03-17 19:55 . 2009-03-17 19:55 33408 ——w c:\windows\system32\drivers\fsbts.sys
2009-03-17 19:25 . 2007-08-04 12:16 ——– d—–w c:\program files\Eset
2009-03-09 03:19 . 2008-12-16 18:03 410984 ——w c:\windows\system32\deploytk.dll
2009-03-06 14:23 . 2005-12-12 08:05 285696 —-a-w c:\windows\system32\pdh.dll
2009-03-03 00:16 . 2005-12-12 08:05 826368 —-a-w c:\windows\system32\wininet.dll
2009-02-20 17:18 . 2005-12-12 08:05 78336 ——w c:\windows\system32\ieencode.dll
2009-02-10 17:10 . 2004-08-04 00:58 2070400 ——w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:08 . 2005-12-12 08:05 1846912 ——w c:\windows\system32\win32k.sys
2009-02-09 11:27 . 2005-12-12 08:05 2193408 ——w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:27 . 2005-12-12 08:05 111104 ——w c:\windows\system32\services.exe
2009-02-09 10:56 . 2005-12-12 08:05 401408 —-a-w c:\windows\system32\rpcss.dll
2009-02-09 10:56 . 2005-12-12 08:05 734208 ——w c:\windows\system32\lsasrv.dll
2009-02-09 10:56 . 2005-12-12 08:05 684544 ——w c:\windows\system32\advapi32.dll
2009-02-09 10:56 . 2005-12-12 08:05 735744 ——w c:\windows\system32\ntdll.dll
2007-05-14 17:58 . 2007-08-05 11:43 342 —-a-w c:\program files\LEES MIJ!.txt
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
“MsnMsgr”=“c:\program files\Windows Live\Messenger\MsnMsgr.Exe”
“EPSON Stylus Photo R265 Series”=“c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIBNE.EXE”
“ctfmon.exe”=“c:\windows\system32\ctfmon.exe”
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe”
“Skype”=“c:\program files\Skype\Phone\Skype.exe”
“FlashIcon”=“c:\program files\Generic\USB Card Reader Driver v2.3\FlashIcon.exe”
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll”
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll”
“F-Secure Manager”=“c:\program files\PC Veilig\Common\FSM32.EXE”
“F-Secure TNB”=“c:\program files\PC Veilig\FSGUI\TNBUtil.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“LogitechCommunicationsManager”=“c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
“LogitechQuickCamRibbon”=“c:\program files\Logitech\QuickCam\Quickcam.exe”
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe”
“Ad-Watch”=“c:\program files\Lavasoft\Ad-Aware\AAWTray.exe”
“nwiz”=“nwiz.exe” - c:\windows\system32\nwiz.exe
“BluetoothAuthenticationAgent”=“bthprops.cpl” - c:\windows\system32\bthprops.cpl
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE”
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe
PCSuiteForNokia6600 Detect.lnk - c:\program files\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
PCSuiteForNokia6600 TS.lnk - c:\program files\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
@=“Service”
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Snelstart HP Image Zone.lnk
backup=c:\windows\pss\Snelstart HP Image Zone.lnkCommon Startup
“EnableFirewall”= 0 (0x0)
“%windir%\\system32\\sessmgr.exe”=
“c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe”=
“c:\\Program Files\\Messenger\\msmsgs.exe”=
“c:\\Program Files\\LimeWire Plus\\LimeWire.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“c:\\Program Files\\Intuwave\\Shared\\mRouterRunTime\\mRouterRuntime.exe”=
“c:\\Program Files\\Winamp Remote\\bin\\Orb.exe”=
“c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe”=
“c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\livecall.exe”=
“c:\\Program Files\\Skype\\Phone\\Skype.exe”=
“7:TCP”= 7:TCP:nokia 6600
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Veilig\HIPS\drivers\fshs.sys
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Veilig\Anti-Virus\minifilter\fsgk.sys
S3 AX88172;ASIX AX88172 USB2 to Fast Ethernet Adapter;c:\windows\system32\drivers\ax88172.sys
S3 cmuda2;C-Media USB Audio Interface;c:\windows\system32\drivers\cmuda2.sys –> c:\windows\system32\drivers\cmuda2.sys
S3 filter;filter;c:\windows\system32\drivers\filter.sys
S3 PciCon;PciCon;\??\d:\pcicon.sys –> d:\PciCon.sys
S3 UXDCMN;UXDCMN;\??\d:\uxdcmn.sys –> d:\UXDCMN.SYS
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\PC Veilig\Anti-Virus\win2k\fsfilter.sys
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\PC Veilig\Anti-Virus\win2k\fsrec.sys
— Andere Services/Drivers In Geheugen —
*Deregistered* - 6to4
*Deregistered* - ALG
*Deregistered* - AudioSrv
*Deregistered* - Browser
*Deregistered* - BthServ
*Deregistered* - btwdins
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - F-Secure Gatekeeper Handler Starter
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - FSAUA
*Deregistered* - FSDFWD
*Deregistered* - FSMA
*Deregistered* - FSORSPClient
*Deregistered* - helpsvc
*Deregistered* - HTTPFilter
*Deregistered* - ImapiService
*Deregistered* - Irmon
*Deregistered* - JavaQuickStarterService
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - Lavasoft Ad-Aware Service
*Deregistered* - LightScribeService
*Deregistered* - LmHosts
*Deregistered* - LVCOMSer
*Deregistered* - LVPrcSrv
*Deregistered* - MSSQLSERVER
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NVSvc
*Deregistered* - Pml Driver HPZ12
*Deregistered* - PolicyAgent
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - Symantec Core LC
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - UleadBurningHelper
*Deregistered* - upnphost
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WMPNetworkSvc
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
\Shell\AutoRun\command - L:\InstallTomTomHOME.exe
.
Inhoud van de ‘Gedeelde Taken’ map
2009-05-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
2009-05-05 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
2009-05-07 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\PCVEIL~1\ANTI-V~1\fsav.exe
.
- - - - ORPHANS VERWIJDERD - - - -
HKLM-Run-Cmaudio - cmicnfg.cpl
.
——- Bijkomende Scan ——-
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.startpagina.nl/
uInternet Connection Wizard,ShellNext = hxxp://www.qmotion.nl/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
LSP: c:\program files\PC Veilig\FSPS\program\FSLSP.DLL
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab
DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} - hxxp://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-07 17:41
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“cd042efbbd7f7af1647644e76e06692b”=hex:e2,63,26,f1,3f,c8,ff,68,68,7d,a1,e1,c9,
1d,4d,84,c8,28,51,af,b0,29,a3,98,ed,bf,fe,43,73,ce,7f,c4,e2,63,26,f1,3f,c8,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“bca643cdc5c2726b20d2ecedcc62c59b”=hex:6a,9c,d6,61,af,45,84,18,75,b6,a9,a1,94,
d2,5d,c0,71,3b,04,66,8b,46,0d,96,db,0c,3e,a2,ad,95,7a,8c,6a,9c,d6,61,af,45,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“2c81e34222e8052573023a60d06dd016”=hex:7a,45,05,fd,91,e8,6f,31,6b,cb,d8,7b,b5,
df,43,2f,25,da,ec,7e,55,20,c9,26,71,21,c9,50,5f,e2,2e,f6,ff,7c,85,e0,43,d4,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“2582ae41fb52324423be06337561aa48”=hex:6b,65,49,6a,7e,99,74,f7,66,7f,30,f1,0e,
ad,bc,3f,3e,1e,9e,e0,57,5a,93,61,c2,9e,7d,64,2c,e3,39,0e,86,8c,21,01,be,91,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“caaeda5fd7a9ed7697d9686d4b818472”=hex:cd,44,cd,b9,a6,33,6c,cd,14,8b,5a,d3,a4,
ee,8c,ec,cd,44,cd,b9,a6,33,6c,cd,38,0c,06,42,a4,a0,92,9d,f5,1d,4d,73,a8,13,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“a4a1bcf2cc2b8bc3716b74b2b4522f5d”=hex:df,20,58,62,78,6b,cf,c8,99,53,ec,7e,e8,
46,e3,75,b0,18,ed,a7,3f,8d,37,a4,09,23,66,4c,a4,37,b9,4e,df,20,58,62,78,6b,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“4d370831d2c43cd13623e232fed27b7b”=hex:97,20,4e,9a,c7,f1,35,ee,72,ca,37,3b,d6,
9c,a3,ea,31,77,e1,ba,b1,f8,68,02,86,cd,c2,7d,61,a7,f2,ef,fb,a7,78,e6,12,2f,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“1d68fe701cdea33e477eb204b76f993d”=hex:aa,52,c6,00,84,3c,26,64,3a,db,70,97,55,
5c,32,96,83,6c,56,8b,a0,85,96,ab,e4,fa,0f,f1,1f,06,76,91,01,3a,48,fc,e8,04,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“1fac81b91d8e3c5aa4b0a51804d844a3”=hex:51,fa,6e,91,28,9e,14,cc,4b,0d,b8,9a,b1,
79,e2,51,51,fa,6e,91,28,9e,14,cc,5a,9e,f7,3b,9d,4c,53,16,f6,0f,4e,58,98,5b,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“f5f62a6129303efb32fbe080bb27835b”=hex:b1,cd,45,5a,a8,c4,f8,b9,f2,3b,45,d6,5a,
02,80,9e,b1,cd,45,5a,a8,c4,f8,b9,9f,3d,4b,49,06,b6,a3,20,3d,ce,ea,26,2d,45,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“fd4e2e1a3940b94dceb5a6a021f2e3c6”=hex:f8,31,0f,a9,5f,a0,ec,fb,8e,37,f2,2f,0b,
91,e6,86,e3,0e,66,d5,eb,bc,2f,6b,65,ce,22,a4,97,61,32,b2,2a,b7,cc,b5,b9,7f,\
“ThreadingModel”=“Apartment”
@=“c:\\WINDOWS\\system32\\OLE32.DLL”
“8a8aec57dd6508a385616fbc86791ec2”=hex:05,73,21,dd,54,d8,4a,c5,57,81,83,cf,27,
6f,c4,a8,fa,ea,66,7f,d4,3b,6b,70,75,21,4a,20,6b,fd,90,cc,6c,43,2d,1e,aa,22,\
.
——————— DLLs Geladen Onder Lopende Processen ———————
- - - - - - - > ‘winlogon.exe’(824)
c:\program files\PC Veilig\FWES\Program\fsdc32.dll
- - - - - - - > ‘lsass.exe’(880)
c:\program files\PC Veilig\FSPS\program\FSLSP.DLL
c:\program files\PC Veilig\FWES\Program\fsdc32.dll
- - - - - - - > ‘explorer.exe’(7992)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\program files\PC Veilig\Spam Control\fsscoepl.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSNL.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\PC Suite for Nokia 6600\eccopyhook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
- - - - - - - > ‘csrss.exe’(800)
c:\program files\PC Veilig\FWES\Program\fsdc32.dll
.
———————— Andere Aktieve Processen ————————
.
c:\program files\Lavasoft\Ad-Aware\AAWService.exe
c:\windows\system32\rundll32.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\rundll32.exe
c:\program files\PC Veilig\Anti-Virus\fsgk32st.exe
c:\program files\PC Veilig\Common\FSMA32.EXE
c:\program files\PC Veilig\Anti-Virus\fsgk32.exe
c:\program files\PC Veilig\Common\FSMB32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\progra~1\Nokia\PCSUIT~1\Elogerr.exe
c:\progra~1\Nokia\PCSUIT~1\BROADC~1.EXE
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\PC Veilig\Common\FCH32.EXE
c:\progra~1\Nokia\PCSUIT~1\SCRFS.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
c:\program files\PC Veilig\Common\FAMEH32.EXE
c:\program files\PC Veilig\Anti-Virus\fsqh.exe
c:\program files\PC Veilig\FSPC\fspc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\PC Veilig\FSGUI\fsguidll.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\PC Veilig\FSAUA\program\fsaua.exe
c:\program files\PC Veilig\Anti-Virus\fssm32.exe
c:\program files\PC Veilig\ORSP Client\fsorsp.exe
c:\program files\PC Veilig\FWES\program\fsdfwd.exe
c:\program files\PC Veilig\FSAUA\program\fsus.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\PC Veilig\Anti-Virus\fsav32.exe
.
**************************************************************************
.
Voltooingstijd: 2009-05-07 17:53 - machine werd herstart
ComboFix-quarantined-files.txt 2009-05-07 15:53
Pre-Run: 49.906.327.552 bytes beschikbaar
Post-Run: 51.472.924.672 bytes beschikbaar
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Home Edition” /noexecute=optin /fastdetect
408 — E O F — 2009-04-15 04:49
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:03, on 7-5-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PC Veilig\Common\FSM32.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\PC Veilig\Common\FSMA32.EXE
C:\Program Files\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\Program Files\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\PC Veilig\Anti-Virus\FSGK32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Veilig\Common\FSMB32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\PC Veilig\Common\FCH32.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\PC Veilig\Common\FAMEH32.EXE
C:\Program Files\PC Veilig\Anti-Virus\fsqh.exe
C:\Program Files\PC Veilig\FSPC\fspc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\PC Veilig\FSGUI\fsguidll.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\PC Veilig\FSAUA\program\fsaua.exe
C:\Program Files\PC Veilig\Anti-Virus\fssm32.exe
C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe
C:\Program Files\PC Veilig\FSAUA\program\fsus.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\PC Veilig\Anti-Virus\fsav32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\PC Veilig\FSGUI\scanwizard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.qmotion.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: C:\Program Files\Generic\USB Card Reader Driver v2.3\FlashIcon.exe
O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: nwiz.exe /install
O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: “C:\Program Files\PC Veilig\Common\FSM32.EXE” /splash
O4 - HKLM\..\Run: “C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe” /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM\..\Run: “C:\Program Files\Logitech\QuickCam\Quickcam.exe” /hide
O4 - HKLM\..\Run: “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM\..\Run: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU\..\Run: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBNE.EXE /FU “C:\WINDOWS\TEMP\E_S341.tmp” /EF “HKCU”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: PCSuiteForNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteForNokia6600 TS.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\PC Veilig\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\PC Veilig\FSPC\fspcmsie.dll
O9 - Extra ‘Tools’ menuitem: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\PC Veilig\FSPC\fspcmsie.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hetnet.nl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134374670147
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135681075687
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://download.sp.f-secure.com/hc/hetnet/PCHC_customization_HetNet/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/SITE/xupload/XUpload.ocx
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5555/mcfscan.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\PC Veilig\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\PC Veilig\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
–
End of file - 13146 bytes
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
