Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.338 [GMT -4:00]
Running from: C:\Users\Patrik\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
C:\resycled
C:\Windows\system32\drivers\npf.sys
C:\Windows\system32\Packet.dll
C:\Windows\system32\pthreadVC.dll
C:\Windows\system32\WanPacket.dll
C:\Windows\system32\wpcap.dll
C:\Windows\system32\x64
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2008-09-17 to 2008-10-17 )))))))))))))))))))))))))))))))
.
2008-10-16 22:23 . 2008-10-16 22:24 161,405,216 --a------ C:\Windows\MEMORY.DMP
2008-10-10 18:50 . 2008-10-10 18:50 <DIR> d-------- C:\Windows\Sun
2008-10-10 18:50 . 2008-10-10 18:50 <DIR> d-------- C:\Windows\.jagex_cache_32
2008-10-10 18:50 . 2008-10-15 20:22 30 --a------ C:\Users\Patrik\jagex_runescape_preferences.dat
2008-10-06 10:05 . 2008-10-06 10:05 691 --a------ C:\Users\Patrik\AppData\Roaming\GetValue.vbs
2008-10-06 10:05 . 2008-10-06 10:05 35 --a------ C:\Users\Patrik\AppData\Roaming\SetValue.bat
2008-10-05 14:15 . 2008-09-19 12:26 82,944 --a------ C:\Windows\System32\o4Patch.exe
2008-10-03 22:47 . 2008-10-03 22:47 <DIR> d-------- C:\Program Files\PHP
2008-10-01 17:54 . 2008-10-01 17:54 <DIR> d-------- C:\_OTMoveIt
2008-10-01 16:51 . 2008-10-01 16:51 <DIR> d-------- C:\Users\All Users\AOL Downloads
2008-10-01 16:51 . 2008-10-01 16:51 <DIR> d-------- C:\ProgramData\AOL Downloads
2008-09-26 21:35 . 2008-09-26 21:35 <DIR> d-------- C:\Users\All Users\Apple Computer
2008-09-26 21:35 . 2008-09-26 21:35 <DIR> d-------- C:\ProgramData\Apple Computer
2008-09-26 21:35 . 2008-09-26 21:37 <DIR> d-------- C:\Program Files\QuickTime
2008-09-26 21:35 . 2008-09-26 21:35 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-09-26 21:33 . 2008-09-26 21:33 <DIR> d-------- C:\Users\All Users\Apple
2008-09-26 21:33 . 2008-09-26 21:33 <DIR> d-------- C:\ProgramData\Apple
2008-09-26 21:33 . 2008-09-26 21:33 <DIR> d-------- C:\Program Files\Apple Software Update
2008-09-26 15:03 . 2008-09-26 15:49 <DIR> d-------- C:\SDL
2008-09-26 11:59 . 2008-09-26 12:10 <DIR> d-------- C:\Users\All Users\Macromedia
2008-09-26 11:58 . 2008-09-26 12:10 <DIR> d-------- C:\Program Files\Macromedia
2008-09-26 11:58 . 2008-09-26 12:13 <DIR> d-------- C:\Program Files\Common Files\Macromedia
2008-09-25 17:54 . 2008-09-25 17:56 <DIR> d-------- C:\Program Files\Java
2008-09-25 17:52 . 2008-09-25 17:52 <DIR> d-------- C:\Program Files\Common Files\Java
2008-09-25 02:25 . 2008-09-25 02:25 305 --a------ C:\Windows\System32\treeinfo.dat
2008-09-25 02:25 . 2008-09-25 02:25 0 --a------ C:\Windows\System32\Infob.dat
2008-09-25 02:25 . 2008-09-25 02:25 0 --a------ C:\Windows\System32\Infoa.dat
2008-09-25 01:37 . 2008-09-25 01:37 <DIR> d-------- C:\Users\All Users\Trymedia
2008-09-25 01:37 . 2008-09-25 01:37 <DIR> d-------- C:\ProgramData\Trymedia
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-17 01:41 --------- d-----w C:\Users\Patrik\AppData\Roaming\LimeWire
2008-10-17 00:10 --------- d-----w C:\ProgramData\Google Updater
2008-10-11 17:22 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-11 14:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-11 14:53 --------- d-----w C:\ProgramData\Napster
2008-10-06 14:05 3,124 ----a-w C:\Windows\System32\tmp.reg
2008-10-05 21:14 --------- d-----w C:\Users\Patrik\AppData\Roaming\uTorrent
2008-10-05 19:01 --------- d-----w C:\Program Files\LimeWire
2008-10-01 21:36 --------- d-----w C:\ProgramData\Viewpoint
2008-10-01 20:53 --------- d-----w C:\Program Files\AIM6
2008-10-01 20:06 --------- d-----w C:\ProgramData\Symantec
2008-09-29 21:30 --------- d-----w C:\Program Files\Picasa2
2008-09-26 10:12 --------- d-----w C:\ProgramData\qnaxyvwj
2008-09-08 21:17 --------- d---a-w C:\ProgramData\TEMP
2008-09-03 03:58 88,576 ----a-w C:\Windows\System32\AntiXPVSTFix.exe
2008-09-02 20:51 86,528 ----a-w C:\Windows\System32\VACFix.exe
2008-08-30 20:37 --------- d-----w C:\Program Files\Trend Micro
2008-08-30 18:35 --------- d-----w C:\ProgramData\Lavasoft
2008-08-30 18:29 --------- d-----w C:\Program Files\Lavasoft
2008-08-30 18:27 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-30 17:22 --------- d-----w C:\ProgramData\AplWinGen
2008-08-30 16:09 --------- d-----w C:\ProgramData\HlpGen
2008-08-30 16:07 --------- d-----w C:\ProgramData\Avira
2008-08-30 16:07 --------- d-----w C:\Program Files\Avira
2008-08-29 02:36 82,432 ----a-w C:\Windows\System32\IEDFix.C.exe
2008-08-18 16:19 82,432 ----a-w C:\Windows\System32\404Fix.exe
2008-07-31 03:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-31 03:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:34 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 03:34 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-07-30 23:47 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-07-30 23:32 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-25 11:22 174 --sha-w C:\Program Files\desktop.ini
2008-07-19 05:10 53,448 ----a-w C:\Windows\System32\wuauclt.exe
2008-07-19 05:10 45,768 ----a-w C:\Windows\System32\wups2.dll
2008-07-19 05:10 36,552 ----a-w C:\Windows\System32\wups.dll
2008-07-19 05:09 563,912 ----a-w C:\Windows\System32\wuapi.dll
2008-07-19 05:09 1,811,656 ----a-w C:\Windows\System32\wuaueng.dll
2008-07-19 03:44 83,456 ----a-w C:\Windows\System32\wudriver.dll
2008-07-19 03:44 1,524,736 ----a-w C:\Windows\System32\wucltux.dll
2008-07-19 02:08 163,904 ----a-w C:\Windows\System32\wuwebv.dll
2008-07-19 00:44 31,232 ----a-w C:\Windows\System32\wuapp.exe
2007-08-27 06:53 1,132,112 ----a-w C:\Users\All Users\pswi_preloaded.exe
2007-08-27 06:53 1,132,112 ----a-w C:\ProgramData\pswi_preloaded.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-13 1232896]
"NSUFloatingUI"="C:\Program Files\Sony\Network Utility\LANUtil.exe" [2007-06-29 258048]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-20 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 C:\Windows\System32\oobefldr.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-06-29 137752]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-06-29 154136]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-06-29 133656]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2007-06-08 118784]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-06-11 317560]
"VAIO Center Access Bar"="c:\program files\sony\VAIO Center Access Bar\VCAB.exe" [2007-06-21 53248]
"VWLASU"="C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe" [2007-07-12 45056]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152]
"VAIOSurvey"="C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2007-07-20 577536]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-24 29744]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-25 C:\Windows\RtHDVCpl.exe]
C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2007-08-27 295606]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-07-24 22:26 98304 C:\Windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7CE051F6-36F3-4C4F-9272-EF58B6EACB67}"= UDP:C:\Program Files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{E5C058E5-DA57-4829-B6B6-1C41C9B2A3D3}"= TCP:C:\Program Files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{40120418-2650-4C63-B97E-867704713266}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{35E92CA2-C81C-4A8C-B43B-30D67A2459A0}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{5231F710-DFEC-411B-B03E-AF3D7E6EFD56}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{F74C16A7-05CF-425A-A2FC-16C9E1798F91}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{A8646243-CDC6-4196-8D5D-4DB3A80665C4}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{B3D80961-666D-4927-AC8A-7F6869FCFDAD}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"TCP Query User{3B248B2B-497D-4EB9-BA0F-2BD34F597D70}C:\\program files\\aim6\\aim6.exe"= UDP:C:\program files\aim6\aim6.exe:AIM
"UDP Query User{DD8D7C72-FAE6-4944-9E34-2C1513D812B4}C:\\program files\\aim6\\aim6.exe"= TCP:C:\program files\aim6\aim6.exe:AIM
"TCP Query User{130FC2F8-DE04-4502-B872-BD737966D544}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{97358E49-FE36-4AAE-92D0-67347EA83EB6}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{6F7C0A05-0C32-449F-96E3-DB9924ABE542}C:\\program files\\battlezone ii\\bzone.exe"= UDP:C:\program files\battlezone ii\bzone.exe:bzone
"UDP Query User{6D67AF6B-51F4-4CC4-80B0-D4DCCB83455A}C:\\program files\\battlezone ii\\bzone.exe"= TCP:C:\program files\battlezone ii\bzone.exe:bzone
"TCP Query User{72048EF1-C203-40E1-9719-E8ED1BBCA2C0}C:\\program files\\firaxis games\\sid meier's alpha centauri\\terran.exe"= UDP:C:\program files\firaxis games\sid meier's alpha centauri\terran.exe:terran
"UDP Query User{F9A4AF2D-080D-4915-A406-FD1F8A96479F}C:\\program files\\firaxis games\\sid meier's alpha centauri\\terran.exe"= TCP:C:\program files\firaxis games\sid meier's alpha centauri\terran.exe:terran
"TCP Query User{EDF9E3E3-4FDC-4DE4-A022-C3D7EF79C1AA}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"UDP Query User{C3F92606-E5EB-4250-8830-C3628662E831}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"TCP Query User{7B55C15C-BF0F-4BDA-8405-0842E6ACAC2F}C:\\program files\\battlezone ii\\bzone.exe"= UDP:C:\program files\battlezone ii\bzone.exe:bzone
"UDP Query User{9E174353-BBCB-45BB-9709-B06C3A0A286D}C:\\program files\\battlezone ii\\bzone.exe"= TCP:C:\program files\battlezone ii\bzone.exe:bzone
"{8A923F1E-826D-406A-A4C0-224C72945BBF}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{37F62F2E-3BF2-45DD-8643-2E3DD1B4CAEA}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E5CE1475-000B-41A7-B6F8-05505CCF7039}"= UDP:C:\Program Files\Acclaim\2Moons\minilauncher.exe:2moons
"{802FD82C-D197-4464-8D46-CB52920F3B6F}"= TCP:C:\Program Files\Acclaim\2Moons\minilauncher.exe:2moons
"{FAED9D92-12ED-4247-B3A6-419B2235650D}"= UDP:C:\Program Files\Acclaim\2Moons\launcher.exe:launcher
"{A9B7C546-B902-4A1A-871F-CA93BAEFA56D}"= TCP:C:\Program Files\Acclaim\2Moons\launcher.exe:launcher
"{6EBEFA25-FA80-4FCE-BBF3-2DD7B499960A}"= UDP:C:\Program Files\Acclaim\2Moons\minilauncher.exe:2moons
"{8FBB8534-3FAA-4392-B1CA-C1396B4CA4DD}"= TCP:C:\Program Files\Acclaim\2Moons\minilauncher.exe:2moons
"{6F5320E4-06F2-4BB7-A487-0F64732FF3B5}"= UDP:9940:limewire
"{1227644A-E9B3-46F7-A6E0-F3E93DCA1F92}"= TCP:9940:limewire
"{FD773D4F-87D8-4026-90CD-B0CF8CD28BEC}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire 4.14.12
"{364DECBA-A3AC-4DF5-A789-75D0F0F616C9}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire 4.14.12
"{20DCB629-1079-4CEF-BCF2-6B8B38FB9FE1}"= UDP:C:\Program Files\LimeWire\.NetworkShare\LimeWireWin4.14.12.exe:LimeWireWin4.14.12
"{80D57749-78E8-4322-8037-A2B1B1549FB2}"= TCP:C:\Program Files\LimeWire\.NetworkShare\LimeWireWin4.14.12.exe:LimeWireWin4.14.12
"{FAF4A506-E0E9-49C5-B7F1-6388408EBE6D}"= UDP:49519:lw
"TCP Query User{8721499B-2FC5-4B39-93D5-E53DFC80F9CF}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{31FC5D09-CAE1-4351-B942-FDE451E1C4CB}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{C8EACCAD-9FB1-4419-B933-1D434E752D9A}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{3AEC4D80-FDCF-4C96-BFE0-1FFB39380956}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{2C1E6495-CBF0-4C53-8B98-50D6687AD24C}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{7D94ABDD-1AFA-4A2B-9121-2E241623C32A}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{0B8495C5-B7BC-4FF6-BA76-6CD4B245E565}"= UDP:C:\Program Files\AIM6\aim6.exe:AIM
"{CCCE630F-B4CC-4463-85BE-48879DF9FEB6}"= TCP:C:\Program Files\AIM6\aim6.exe:AIM
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R2 NSUService;NSUService;C:\Program Files\Sony\Network Utility\NSUService.exe [2007-06-29 200704]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-06-05 812544]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-07-24 246784]
S2 Windows Tribute Service;Windows Tribute Service;C:\Windows\system32\kdtil.exe [2007-12-24 53248]
S3 GameConsoleService;GameConsoleService;C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2008-05-05 165416]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-24 29744]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-07-13 292152]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-07-05 79736]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
- - - - ORPHANS REMOVED - - - -
ShellIconOverlayIdentifiers-{AB0C8BE3-041C-47d6-8195-E089D32B38DD} - (no file)
HKCU-Run-Aim6 - (no file)
HKLM-Run-Corel Photo Downloader - C:\Program Files\Corel\Corel Snapfire\Corel PhotoDownloader.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\86ys8cov.default\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-16 22:27:50
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\Windows\system32\kdtil.exe 53248 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\drivers\XAudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\System32\igfxext.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\System32\igfxext.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\Apoint\ApntEx.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2008-10-16 22:36:02 - machine was rebooted [Patrik]
ComboFix-quarantined-files.txt 2008-10-17 02:35:29
Pre-Run: 57,700,687,872 bytes free
Post-Run: 56,750,792,704 bytes free
262 --- E O F --- 2008-09-25 01:10:54
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:38:29 PM, on 10/16/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIO Center Access Bar] "c:\program files\sony\VAIO Center Access Bar\VCAB.exe" 1
O4 - HKLM\..\Run: [VWLASU] "C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [VAIOSurvey] C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: AOL DDI.lnk = C:\DDI\AOLICON.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9EAF00D-0970-4370-AA7A-9A64373D0148}: NameServer = 85.255.116.60,85.255.112.86
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2BE8A7A-3EA8-48F8-98EF-4C835DD6505D}: NameServer = 85.255.116.60,85.255.112.86
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdtil.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 14757 bytes
that didnt fix my bg... but just setting a new one did. So my bg is fine now.