Gå til innhold

Klarte å trykke på youtube link, msn virus


Anbefalte innlegg

Videoannonse
Annonse

Filen kom tilbake.

nå tok jeg den ut av karantene. den prøvde med en gang å fucke opp Norman.

lagret en kopi å prøvde å åpne å se hva som stod inni den. men fikk ikke tilgang.

Endret av slippern
Lenke til kommentar

Kjør en gang til med følgend innhold i CFScript-fila:

 

File::

C:\WINDOWS\system32\sysregi.exe

C:\a.bat

 

Registry::

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

"Nod32 Runtime"=-

 

Trenger ingen ny logg.

Fortell hvordan PC-en kjører.

Endret av norbat
Lenke til kommentar

ComboFix 08-06-01.6 - ADMIN 2008-06-02 23:10:32.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.884 [GMT 2:00]

Running from: C:\Documents and Settings\ADMIN\Desktop\ComboFix.exe

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\059573.exe

C:\WINDOWS\images.zip

 

.

((((((((((((((((((((((((( Files Created from 2008-05-02 to 2008-06-02 )))))))))))))))))))))))))))))))

.

 

2008-06-02 22:35 . 2008-06-02 22:34 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys

2008-06-02 22:34 . 2008-06-02 22:34 <DIR> d-------- C:\WINDOWS\Sun

2008-06-02 22:34 . 2008-06-02 22:35 <DIR> d-------- C:\Documents and Settings\ADMIN\.housecall6.6

2008-06-02 22:02 . 2008-06-02 22:02 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy

2008-06-02 22:02 . 2008-06-02 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-06-02 21:36 . 2008-06-02 21:36 <DIR> d--h----- C:\WINDOWS\PIF

2008-06-02 21:30 . 2008-06-02 21:30 53,252 -r-hs---- C:\WINDOWS\ehSched.exe

2008-06-01 13:06 . 2008-06-01 13:06 <DIR> d-------- C:\WINDOWS\LastGood

2008-06-01 01:57 . 2008-06-01 01:57 <DIR> d-------- C:\Logs

2008-06-01 01:34 . 2008-06-01 02:00 <DIR> d-------- C:\Program Files\World of Warcraft

2008-05-31 21:02 . 2008-06-01 01:32 <DIR> d-------- C:\Program Files\WoW-2.3.0.7561-enGB

2008-05-31 21:02 . 2008-06-01 01:45 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment

2008-05-31 03:24 . 2008-05-31 03:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet

2008-05-31 03:09 . 2008-05-31 03:09 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared

2008-05-30 15:01 . 2008-05-30 15:01 <DIR> d-------- C:\Program Files\Red Kawa

2008-05-30 15:01 . 2008-05-30 15:01 <DIR> d-------- C:\Program Files\AviSynth 2.5

2008-05-30 14:39 . 2008-06-01 06:53 54,400 --a------ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:39 . 2008-06-01 06:53 54,400 --a------ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:39 . 2008-06-01 06:53 788 --a------ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:37 . 2007-02-26 15:24 94,208 --a------ C:\WINDOWS\system32\cttele32.dll

2008-05-29 07:48 . 2008-05-29 07:48 <DIR> d-------- C:\Program Files\MSXML 4.0

2008-05-28 19:22 . 2008-05-28 19:22 <DIR> d-------- C:\Program Files\Microsoft Games

2008-05-28 19:22 . 2008-05-29 12:11 <DIR> d-------- C:\Program Files\GameSpy Arcade

2008-05-28 18:26 . 2008-05-28 18:26 <DIR> d-------- C:\Program Files\directx

2008-05-28 18:23 . 2008-05-28 18:26 <DIR> d-------- C:\Program Files\Sudden Strike II

2008-05-26 23:24 . 2008-05-26 23:24 <DIR> d-------- C:\Program Files\BODYGRAMLOUD

2008-05-25 23:51 . 2008-05-25 23:55 720,896 --a------ C:\WINDOWS\iun6002.exe

2008-05-25 23:50 . 2008-05-25 23:56 <DIR> d-------- C:\Program Files\Command And Conquer Red Alert 2 Yuri's Revenge

2008-05-25 20:01 . 2008-05-25 20:01 <DIR> d-------- C:\Program Files\Winamp Now Playing AutoHotkey script

2008-05-25 16:40 . 2008-05-25 19:37 <DIR> d-------- C:\Program Files\SopCast

2008-05-24 21:34 . 2008-05-24 21:54 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak

2008-05-24 21:06 . 2008-04-10 12:08 71,184 -ra------ C:\WINDOWS\system32\drivers\DefragFS.sys

2008-05-24 21:05 . 2008-05-24 21:05 <DIR> d-------- C:\Program Files\Raxco

2008-05-24 21:05 . 2008-05-24 21:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Raxco

2008-05-24 21:04 . 2008-05-24 21:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Protexis

2008-05-24 03:16 . 2008-05-24 03:16 <DIR> d-------- C:\Program Files\GoldWave

2008-05-23 13:57 . 2008-05-23 13:57 <DIR> d-------- C:\Program Files\Apple Software Update

2008-05-22 15:40 . 2008-05-22 15:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania

2008-05-22 09:48 . 2008-05-22 09:48 <DIR> d-------- C:\Program Files\Rockstar Games

2008-05-21 19:05 . 2008-06-01 20:25 <DIR> d-------- C:\Filmer

2008-05-20 23:32 . 2008-05-20 23:32 <DIR> d-------- C:\Program Files\K-Lite Codec Pack

2008-05-20 23:32 . 2008-01-10 13:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll

2008-05-20 23:32 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll

2008-05-20 23:19 . 2008-05-20 23:19 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Media Player Classic

2008-05-19 23:21 . 2008-05-19 23:21 <DIR> d-------- C:\Program Files\ZX-Playback-Pack

2008-05-19 23:20 . 2008-05-19 23:21 <DIR> d-------- C:\Program Files\ffdshow

2008-05-19 20:00 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys

2008-05-19 14:10 . 2008-05-19 14:10 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2008-05-18 23:48 . 2008-06-02 23:11 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\NoNameScript

2008-05-18 20:23 . 2008-05-18 20:23 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\BODYGRAMLOUD

2008-05-18 16:03 . 2008-05-21 19:05 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\BODYGRAMLOUD

2008-05-18 16:00 . 2008-05-18 16:00 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2008-05-18 03:45 . 2008-05-20 14:01 <DIR> d-------- C:\Serier

2008-05-18 02:40 . 2008-05-18 02:40 <DIR> d-------- C:\WINDOWS\system32\Futuremark

2008-05-18 02:40 . 2007-09-07 14:55 27,672 --a------ C:\WINDOWS\system32\drivers\Entech.sys

2008-05-18 02:40 . 2007-09-07 14:55 12,744 --a------ C:\WINDOWS\system32\drivers\Entech64.sys

2008-05-18 02:40 . 2007-09-07 14:55 6,173 --a------ C:\WINDOWS\system32\drivers\Entech.vxd

2008-05-18 02:40 . 2001-11-19 20:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys

2008-05-18 02:38 . 2008-05-18 02:38 <DIR> d-------- C:\Program Files\Futuremark

2008-05-17 23:30 . 2008-05-17 23:30 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire

2008-05-17 23:30 . 2007-10-12 03:56 490,776 --a------ C:\WINDOWS\system32\drivers\LV561AV.SYS

2008-05-17 23:29 . 2008-05-17 23:30 <DIR> d-------- C:\Program Files\Common Files\LogiShrd

2008-05-17 23:29 . 2008-05-17 23:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech

2008-05-17 23:29 . 2008-05-17 23:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd

2008-05-17 19:27 . 2008-05-31 03:15 <DIR> d-------- C:\Program Files\Common Files\Adobe

2008-05-17 18:27 . 2008-05-17 18:28 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Bioshock

2008-05-17 18:27 . 2008-05-17 18:27 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2008-05-17 16:29 . 2008-05-17 16:59 <DIR> d-------- C:\Program Files\Electronic Arts

2008-05-17 16:25 . 2008-05-26 00:19 <DIR> d-------- C:\Spill

2008-05-17 14:09 . 2008-05-17 14:11 <DIR> d-------- C:\Program Files\WhatPulse

2008-05-17 13:53 . 2008-05-16 11:39 211 --ahs---- C:\BOOT.BKK

2008-05-17 13:49 . 2008-05-17 13:49 <DIR> d-------- C:\Program Files\TGTSoft

2008-05-17 13:06 . 2008-05-17 13:06 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire

2008-05-17 13:05 . 2008-05-29 08:09 <DIR> d-------- C:\Program Files\Xfire

2008-05-17 13:05 . 2008-05-20 21:48 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Xfire

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\QuickTime

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\iTunes

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\iPod

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\Common Files\Apple

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\Bonjour

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple

2008-05-17 12:34 . 2008-05-25 14:59 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Apple Computer

2008-05-17 12:34 . 2008-06-01 06:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-05-17 12:34 . 2008-02-18 11:16 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys

2008-05-17 12:34 . 2008-05-17 12:35 1,409 --a------ C:\WINDOWS\QTFont.for

2008-05-17 12:02 . 2008-06-02 22:17 <DIR> d--h----- C:\$AVG8.VAULT$

2008-05-17 11:25 . 2008-05-17 23:29 <DIR> d-------- C:\Program Files\Logitech

2008-05-17 11:25 . 2008-05-17 11:25 <DIR> d-------- C:\Program Files\Common Files\Logitech

2008-05-17 11:22 . 2008-05-17 11:22 <DIR> d-------- C:\1db783fa3f8a2c54ba9e2e838f0f

2008-05-17 11:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-05-17 11:01 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-05-17 11:01 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-05-17 03:01 . 2008-05-30 20:20 <DIR> d-------- C:\Anime

2008-05-17 03:00 . 2008-05-17 03:00 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Program Files\Skype

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Program Files\Common Files\Skype

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype

2008-05-17 02:59 . 2008-06-02 16:06 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\skypePM

2008-05-17 02:59 . 2008-06-02 23:28 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Skype

2008-05-17 02:35 . 2008-05-17 02:35 <DIR> d-------- C:\Program Files\DAEMON Tools Lite

2008-05-17 02:25 . 2008-05-17 02:25 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\DAEMON Tools

2008-05-17 02:25 . 2008-05-17 02:25 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys

2008-05-17 01:52 . 2008-05-17 01:52 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Ubisoft

2008-05-17 01:48 . 2008-05-17 01:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ubisoft

2008-05-17 01:47 . 2008-05-17 01:47 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition

2008-05-17 01:47 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2008-05-17 01:46 . 2008-06-02 22:10 <DIR> d-------- C:\Program Files\Windows Live Toolbar

2008-05-17 01:39 . 2008-05-17 01:39 <DIR> d-------- C:\Program Files\Ubisoft

2008-05-17 01:39 . 2008-05-17 01:43 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller

2008-05-17 01:38 . 2008-06-02 21:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-05-17 01:25 . 2008-05-17 01:25 <DIR> d-------- C:\Program Files\nbs-irc

2008-05-16 14:17 . 2008-06-01 06:55 <DIR> d-------- C:\Program Files\mIRC

2008-05-16 14:17 . 2008-05-18 23:48 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\mIRC

2008-05-16 14:07 . 2008-05-16 14:07 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\vlc

2008-05-16 14:06 . 2008-05-16 14:06 <DIR> d-------- C:\Program Files\VideoLAN

2008-05-16 14:03 . 2008-06-02 19:54 <DIR> d-------- C:\Program Files\SpeedFan

2008-05-16 14:03 . 2008-05-16 14:03 45 --a------ C:\WINDOWS\system32\initdebug.nfo

2008-05-16 14:00 . 2008-06-02 13:54 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg

2008-05-16 14:00 . 2008-05-16 14:00 <DIR> d-------- C:\Program Files\AVG

2008-05-16 14:00 . 2008-05-16 14:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8

2008-05-16 14:00 . 2008-05-16 14:00 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys

2008-05-16 14:00 . 2008-05-16 14:00 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys

2008-05-16 14:00 . 2008-05-16 14:00 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll

2008-05-16 13:58 . 2008-05-16 13:58 <DIR> d-------- C:\Program Files\Lavasoft

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-30 12:37 413,696 ----a-w C:\WINDOWS\system32\wrap_oal.dll

2008-05-30 12:37 110,592 ----a-w C:\WINDOWS\system32\OpenAL32.dll

2008-05-16 09:51 --------- d-----w C:\Program Files\Intel

2008-05-16 09:43 --------- d-----w C:\Program Files\microsoft frontpage

2008-04-16 11:00 230,664 ----a-w C:\WINDOWS\system32\PDBoot.exe

2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" [2008-05-16 13:12 267592]

 

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-05-16 13:12 267592]

 

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]

"Creative MediaSource Go"="C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" [2005-12-12 09:36 143360]

"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]

"Steam"="C:\Program Files\Steam\Steam.exe" [2008-05-16 13:14 1271032]

"grimplatform"="C:\DOCUME~1\ADMIN\APPLIC~1\BODYGR~1\OptionBike.exe" [2008-05-26 23:23 440320]

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:45 22058792]

"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 20:31 1372160]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 11:19 1426432]

"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 11:35 626176]

"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 10:32 880640]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-02-28 07:34 13516800]

"nwiz"="nwiz.exe" [2008-02-28 07:34 1626112 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-02-28 07:34 86016]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]

"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-01-09 04:43 53340]

"Lachesis"="C:\Program Files\Razer\Lachesis\razerhid.exe" [2007-09-12 11:52 172032]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-16 14:00 1177368]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]

"Long Internet Team Stupid"="C:\Documents and Settings\All Users\Application Data\comp two long internet\bold glue.exe" [2008-06-02 20:18 781824]

"CTHelper"="CTHELPER.EXE" [2008-02-20 20:58 19456 C:\WINDOWS\system32\CtHelper.exe]

"CTxfiHlp"="CTXFIHLP.EXE" [2008-02-20 20:58 19968 C:\WINDOWS\system32\Ctxfihlp.exe]

"Windows UDP Control Center"="ehSched.exe" [2008-06-02 21:30 53252 C:\WINDOWS\ehSched.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

 

C:\Documents and Settings\ADMIN\Start Menu\Programs\Startup\

Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-05-14 03:29:28 3007824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="C:\\Program Files\\TGTSoft\\StyleXP\\Logon\\CurrentLogon.EXE"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.XFR1"= xfcodec.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\FrostWire\\FrostWire.exe"=

"C:\\Program Files\\uTorrent\\uTorrent.exe"=

"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\mIRC\\mirc.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=

"C:\\Program Files\\Steam\\steamapps\\moal_1993\\counter-strike\\hl.exe"=

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Program Files\\Xfire\\xfire.exe"=

"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=

"C:\\Program Files\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=

"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=

"C:\\Program Files\\SopCast\\SopCast.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

 

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-16 14:00]

R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-16 14:00]

R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2008-02-25 09:44]

R3 LachesisFltr;Lachesis Mouse Driver;C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 11:04]

S3 uisp;Freescale USB JW32 driver;C:\WINDOWS\system32\Drivers\usbicp.sys [2005-12-21 11:23]

S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys [2008-02-18 11:16]

 

*Newly Created Service* - APPMGMT

*Newly Created Service* - CATCHME

*Newly Created Service* - DEFRAGFS

*Newly Created Service* - TMCOMM

.

Contents of the 'Scheduled Tasks' folder

"2008-05-29 08:33:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-06-02 21:00:07 C:\WINDOWS\Tasks\E0E420248353F150.job"

- c:\docume~1\admin\applic~1\bodygr~1\debugupsite.exe

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-02 23:27:43

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-06-02 23:39:03

ComboFix-quarantined-files.txt 2008-06-02 21:38:27

 

Pre-Run: 569,818,845,184 bytes free

Post-Run: 570,175,045,632 bytes free

 

255 --- E O F --- 2008-06-01 12:30:32

 

 

 

 

 

Det får jeg opp, kan noen hjelpe meg med å få bort youtube viruset?

Lenke til kommentar

Loggen etter siste kjøring.

 

ComboFix 08-06-01.6 - tord.kristensen 2008-06-03 14:55:32.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.1249 [GMT 2:00]

Running from: C:\Documents and Settings\tord.kristensen\Skrivebord\ComboFix.exe

Command switches used :: C:\Documents and Settings\tord.kristensen\Skrivebord\CFScript.txt

* Created a new restore point

* Resident AV is active

 

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

 

FILE ::

C:\a.bat

C:\WINDOWS\system32\sysregi.exe

.

 

((((((((((((((((((((((((( Files Created from 2008-05-03 to 2008-06-03 )))))))))))))))))))))))))))))))

.

 

2008-06-03 14:23 . 2008-06-03 14:50 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy

2008-06-03 13:49 . 2008-06-03 13:49 214 --a------ C:\home.reg

2008-06-03 12:07 . 2008-06-03 12:07 <DIR> d-------- C:\Documents and Settings\Administrator.FK15-12

2008-06-02 15:49 . 2008-06-02 15:49 <DIR> d-------- C:\Programfiler\Trend Micro

2008-06-02 15:48 . 2008-06-02 15:48 <DIR> d-------- C:\Documents and Settings\LocalService\Start-meny

2008-06-02 15:48 . 2008-02-11 14:56 19,512 --a------ C:\WINDOWS\system32\drivers\nvcw32mf.sys

2008-06-02 15:44 . 2008-06-02 15:44 <DIR> d-------- C:\WINDOWS\PushWiz

2008-06-02 15:44 . 2008-06-03 14:29 <DIR> d-------- C:\NORMAN

2008-06-02 15:39 . 2008-06-02 15:39 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab

2008-06-02 15:39 . 2008-06-02 15:39 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Kaspersky Lab

2008-06-02 15:38 . 2008-06-02 15:38 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com

2008-06-02 15:37 . 2008-06-02 15:37 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware

2008-06-02 15:37 . 2008-06-02 15:37 <DIR> d-------- C:\Documents and Settings\tord.kristensen\Programdata\SUPERAntiSpyware.com

2008-06-02 14:24 . 2008-06-02 14:55 <DIR> d-------- C:\Programfiler\BDD 2007

2008-06-02 11:32 . 2008-06-02 11:32 <DIR> d-------- C:\Programfiler\MSXML 6.0

2008-05-29 16:29 . 2008-05-29 16:31 <DIR> d-------- C:\Documents and Settings\tord.kristensen\Programdata\VMware

2008-05-29 16:29 . 2008-05-29 16:29 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\VMware

2008-05-27 11:53 . 2008-05-27 11:53 73 --a------ C:\WINDOWS\EurekaLog.ini

2008-05-27 09:39 . 2008-05-27 09:39 <DIR> d-------- C:\Programfiler\Runtime Software

2008-05-26 08:58 . 2008-05-26 08:58 <DIR> d-------- C:\Programfiler\QuickTime

2008-05-26 08:09 . 2008-05-29 12:48 <DIR> d-------- C:\WINDOWS\AutoLogin

2008-05-26 08:08 . 2008-05-26 08:08 <DIR> d-------- C:\WINDOWS\FPSoftware

2008-05-23 12:14 . 2008-05-23 12:14 <DIR> d-------- C:\Programfiler\JGsoft

2008-05-23 12:14 . 2008-05-23 12:14 <DIR> d-------- C:\Documents and Settings\tord.kristensen\Programdata\JGsoft

2008-05-23 12:14 . 2008-01-17 03:00 67,208 --a------ C:\WINDOWS\UnDeploy.exe

2008-05-21 11:13 . 2008-05-21 11:13 <DIR> d-------- C:\WINDOWS\Sun

2008-05-21 08:39 . 2008-05-21 08:39 <DIR> d-------- C:\Programfiler\Windows Media Connect 2

2008-05-21 08:39 . 2008-04-14 18:22 221,184 --a------ C:\WINDOWS\system32\wmpns.dll

2008-05-21 08:38 . 2008-05-21 08:38 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2008-05-21 08:38 . 2008-05-21 08:38 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

2008-05-21 08:13 . 2008-04-25 19:41 218,624 --a--c--- C:\WINDOWS\system32\dllcache\uxtheme.dll

2008-05-20 13:52 . 1995-03-03 06:00 92,576 --a------ C:\WINDOWS\system\ODBCINST.DLL

2008-05-20 13:52 . 1995-03-03 06:00 56,240 --a------ C:\WINDOWS\system\ODBC.DLL

2008-05-20 13:52 . 2008-05-20 13:54 105 --a------ C:\WINDOWS\odbc.ini

2008-05-20 13:06 . 2008-06-02 12:21 9,906 --a------ C:\WINDOWS\IST.INI

2008-05-16 10:35 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-05-16 10:34 . 2008-05-16 10:35 <DIR> d-------- C:\Programfiler\Java

2008-05-16 10:34 . 2008-05-16 10:34 <DIR> d-------- C:\Programfiler\Fellesfiler\Java

2008-05-16 10:25 . 2008-05-16 10:25 62 --a------ C:\WINDOWS\ericsson.ini

2008-05-08 14:06 . 2008-05-08 14:06 51,300 --ah----- C:\WINDOWS\system32\mlfcache.dat

2008-05-08 10:11 . 2008-05-08 10:11 <DIR> d-------- C:\WINDOWS\system32\no

2008-05-08 10:11 . 2008-05-08 10:11 <DIR> d-------- C:\WINDOWS\system32\bits

2008-05-08 10:11 . 2008-05-08 10:11 <DIR> d-------- C:\WINDOWS\l2schemas

2008-05-08 10:10 . 2008-05-08 10:10 <DIR> d-------- C:\WINDOWS\ServicePackFiles

2008-05-08 10:02 . 2004-08-03 22:29 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys

2008-05-07 16:30 . 2008-05-22 15:14 69 --a------ C:\WINDOWS\NeroDigital.ini

2008-05-07 12:31 . 2008-05-22 14:32 <DIR> d-------- C:\temp

2008-05-07 12:31 . 2008-05-22 14:32 652 --a------ C:\WINDOWS\concept.ini

2008-05-07 12:31 . 2008-05-07 12:33 351 --a------ C:\WINDOWS\UqAnsatt.ini

2008-05-06 03:00 . 2008-05-06 03:00 <DIR> d-------- C:\Programfiler\MSXML 4.0

2008-05-05 12:57 . 2008-05-05 12:57 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe Systems Shared

2008-05-05 12:57 . 2008-05-05 12:57 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Adobe Systems

2008-05-05 11:32 . 2008-05-05 11:32 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\FLEXnet

2008-05-05 11:25 . 2008-05-16 09:06 <DIR> d-------- C:\Documents and Settings\tord.kristensen\Programdata\Ahead

2008-05-05 11:25 . 2008-05-05 11:25 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Ahead

2008-05-05 11:23 . 2008-05-05 11:24 <DIR> d-------- C:\Programfiler\Fellesfiler\Ahead

2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Nero

2008-05-05 11:23 . 1998-03-10 01:00 42,496 --a------ C:\WINDOWS\ttuninst.exe

2008-05-05 11:01 . 2008-05-05 11:01 <DIR> d-------- C:\Programfiler\Bonjour

2008-05-05 10:58 . 2008-05-05 10:58 <DIR> d-------- C:\Programfiler\Fellesfiler\Macrovision Shared

2008-05-05 10:55 . 2008-06-02 09:33 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe

2008-05-05 10:39 . 2008-05-05 10:39 <DIR> d-------- C:\Documents and Settings\tord.kristensen\Programdata\DAEMON Tools

2008-05-05 10:39 . 2008-05-05 10:39 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-03 10:04 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\mIRC

2008-06-03 06:25 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\uTorrent

2008-06-02 13:37 --------- d-----w C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-05-27 07:39 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-05-21 06:27 --------- d-----w C:\Documents and Settings\All Users\Programdata\Microsoft Help

2008-05-20 10:03 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\DameWare Development

2008-05-16 15:34 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\MySQL

2008-05-08 08:18 --------- d-----w C:\Programfiler\MSN Messenger

2008-04-30 13:10 --------- d-----w C:\Programfiler\Intel

2008-04-30 13:10 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\InstallShield

2008-04-25 17:41 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll

2008-04-25 10:00 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\Alt-N

2008-04-25 09:59 --------- d-----w C:\Programfiler\Alt-N Technologies

2008-04-25 08:22 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\Subversion

2008-04-25 08:01 --------- d--h--w C:\Programfiler\Zero G Registry

2008-04-25 07:15 --------- d-----w C:\Programfiler\uTorrent

2008-04-25 07:08 454,656 ----a-w C:\WINDOWS\system32\putty.exe

2008-04-23 14:51 --------- d-----w C:\Programfiler\MSBuild

2008-04-23 14:51 --------- d-----w C:\Programfiler\Microsoft Works

2008-04-23 14:45 --------- d-----w C:\Documents and Settings\All Users\Programdata\TechSmith

2008-04-23 14:28 --------- d-----w C:\Documents and Settings\tord.kristensen\Programdata\ComAgent

2008-04-23 13:33 --------- d-----w C:\Documents and Settings\administrator\Programdata\ComAgent

2008-04-23 11:30 --------- d-----w C:\Programfiler\Realtek

2008-04-23 11:30 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield

2008-04-23 11:21 --------- d-----w C:\Programfiler\ATI Technologies

2008-04-23 11:21 --------- d-----w C:\Programfiler\ATI

2008-04-23 10:20 --------- d-----w C:\Programfiler\microsoft frontpage

2008-04-23 10:19 --------- d-----w C:\Programfiler\Elektroniske tjenester

2008-04-23 10:18 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester

2008-04-14 16:39 1,804 ----a-w C:\WINDOWS\system32\dcache.bin

2008-04-14 16:26 330,752 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 16:22 996,352 ----a-w C:\WINDOWS\system32\msgina.dll

2008-04-14 16:21 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll

2008-04-14 16:20 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll

2008-04-14 16:19 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll

2008-04-14 16:19 568,320 ----a-w C:\WINDOWS\system32\gpedit.dll

2008-04-14 16:19 3,584 ----a-w C:\WINDOWS\system32\icmp.dll

2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll

2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll

2008-04-14 16:19 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll

2008-04-14 16:19 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll

2008-04-14 16:19 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll

2008-04-14 15:56 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys

2008-04-14 15:56 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys

2008-04-14 15:55 80,000 ----a-w C:\WINDOWS\system32\drivers\parport.sys

2008-04-14 15:55 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys

2008-04-14 15:55 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys

2008-04-14 15:53 2,146,816 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-04-14 15:53 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 15:52 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 15:50 799,872 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys

2008-04-14 15:50 24,448 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys

2008-04-14 15:50 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys

2008-04-14 15:50 14,592 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys

2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 15:49 37,376 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys

2008-04-14 15:48 77,312 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 15:48 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys

2008-04-14 15:48 40,192 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys

2008-04-14 15:47 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 15:47 47,616 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 15:46 64,640 ----a-w C:\WINDOWS\system32\drivers\serial.sys

2008-04-14 15:45 51,840 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys

2008-04-14 15:44 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys

2008-04-14 15:43 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 15:43 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys

2008-04-14 15:43 273,152 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-04-14 15:43 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys

2008-04-14 15:42 65,024 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-14 15:41 52,480 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys

2008-04-14 15:41 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys

2008-04-14 15:41 39,680 ----a-w C:\WINDOWS\system32\drivers\processr.sys

2008-04-14 15:39 41,600 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys

2008-04-14 15:39 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys

2008-04-14 15:38 22,912 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys

2008-04-14 15:37 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys

2008-04-14 15:37 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys

2008-04-14 07:23 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe

2008-04-14 07:22 987,136 ----a-w C:\WINDOWS\system32\setupapi.dll

2008-04-14 07:22 423,936 ----a-w C:\WINDOWS\system32\licdll.dll

2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys

2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys

2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys

2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys

2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys

2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys

2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys

2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys

2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys

2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys

2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys

2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys

2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys

2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys

2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys

2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys

2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys

2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys

.

 

((((((((((((((((((((((((((((( snapshot@2008-06-03_ 8.15.01,31 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-05-26 07:04:20 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-06-03 11:42:46 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-01-15 20:12:38 312,680 ----a-w C:\WINDOWS\Downloaded Program Files\avsniff.dll

+ 2008-01-15 20:12:40 255,336 ----a-w C:\WINDOWS\Downloaded Program Files\avsniffdlgs.dll

+ 2008-05-27 23:00:00 2,504 ----a-w C:\WINDOWS\Downloaded Program Files\catalog.dat

+ 2008-01-15 20:02:44 42,112 ----a-w C:\WINDOWS\Downloaded Program Files\ecmldr32.dll

+ 2008-05-27 23:00:00 284,016 ----a-w C:\WINDOWS\Downloaded Program Files\ecmsvr32.dll

+ 2008-01-15 20:02:58 201,896 ----a-w C:\WINDOWS\Downloaded Program Files\navapi32.dll

+ 2008-05-27 23:00:00 128,368 ----a-w C:\WINDOWS\Downloaded Program Files\naveng32.dll

+ 2008-05-27 23:00:00 943,472 ----a-w C:\WINDOWS\Downloaded Program Files\navex32a.dll

+ 2008-01-15 20:12:48 296,336 ----a-w C:\WINDOWS\Downloaded Program Files\rufsi.dll

+ 2008-05-27 23:00:00 97,776 ----a-w C:\WINDOWS\Downloaded Program Files\scrauth.dat

+ 2008-05-27 23:00:00 411,555 ----a-w C:\WINDOWS\Downloaded Program Files\tcdefs.dat

+ 2008-05-27 23:00:00 3,772,330 ----a-w C:\WINDOWS\Downloaded Program Files\tcscan7.dat

+ 2008-05-27 23:00:00 482,537 ----a-w C:\WINDOWS\Downloaded Program Files\tcscan8.dat

+ 2008-05-27 23:00:00 1,161,183 ----a-w C:\WINDOWS\Downloaded Program Files\tcscan9.dat

+ 2008-05-27 23:00:00 1,957 ----a-w C:\WINDOWS\Downloaded Program Files\tinfl.dat

+ 2008-05-27 23:00:00 71,435 ----a-w C:\WINDOWS\Downloaded Program Files\tscan1.dat

+ 2008-05-27 23:00:00 3,760 ----a-w C:\WINDOWS\Downloaded Program Files\tscan1hd.dat

+ 2008-05-27 23:00:00 1,007,646 ----a-w C:\WINDOWS\Downloaded Program Files\virscan1.dat

+ 2008-05-27 23:00:00 571,362 ----a-w C:\WINDOWS\Downloaded Program Files\virscan2.dat

+ 2008-05-27 23:00:00 151,832 ----a-w C:\WINDOWS\Downloaded Program Files\virscan3.dat

+ 2008-05-27 23:00:00 320,253 ----a-w C:\WINDOWS\Downloaded Program Files\virscan4.dat

+ 2008-05-27 23:00:00 7,708,633 ----a-w C:\WINDOWS\Downloaded Program Files\virscan5.dat

+ 2008-05-27 23:00:00 393,782 ----a-w C:\WINDOWS\Downloaded Program Files\virscan6.dat

+ 2008-05-27 23:00:00 27,357,239 ----a-w C:\WINDOWS\Downloaded Program Files\virscan7.dat

+ 2008-05-27 23:00:00 2,040,460 ----a-w C:\WINDOWS\Downloaded Program Files\virscan8.dat

+ 2008-05-27 23:00:00 6,266,048 ----a-w C:\WINDOWS\Downloaded Program Files\virscan9.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:22 15360]

"MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]

"DAEMON Tools Lite"="D:\Programfiler\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 09:27 153136]

"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-13 12:43 1510640]

"SpybotSD TeaTimer"="D:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 14:27 16207872 C:\WINDOWS\RTHDCPL.exe]

"SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-02-15 12:46 135168]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-02-15 12:46 159744]

"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2008-02-15 12:46 131072]

"NeroFilterCheck"="C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]

"Norman ZANDA"="C:\NORMAN\Npm\bin\ZLH.exe" [2007-08-09 14:40 183352]

"DameWare MRC Agent"="C:\WINDOWS\system32\DWRCST.exe" [2008-02-19 15:40 78848]

"Nod32 Runtime"="sysregi.exe" []

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 18:22 15360]

 

C:\Documents and Settings\tord.kristensen\Start-meny\Programmer\Oppstart\

Adobe Gamma.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

 

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

ComAgent.lnk - D:\Programfiler\ComAgent\ComAgent.exe [2008-04-23 15:33:10 1236992]

SnagIt 8.lnk - D:\Programfiler\TechSmith\SnagIt 8\SnagIt32.exe [2007-02-16 18:40:52 6379080]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoSimpleStartMenu"= 1 (0x1)

"NoSMBalloonTip"= 1 (0x1)

"NoWelcomeScreen"= 1 (0x1)

"ForceStartMenuLogOff"= 1 (0x1)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1177238915-630328440-1801674531-3369\Scripts\Logon\0\0]

"Script"=\\fauske.lokalt\SysVol\fauske.lokalt\scripts\logon.cmd

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\MSN Messenger\\livecall.exe"=

"D:\\Programfiler\\mIRC\\mirc.exe"=

"D:\\Programfiler\\Zend Studio\\ZendStudio.exe"=

"C:\\Programfiler\\uTorrent\\uTorrent.exe"=

"DEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ӟ"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

 

R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;C:\WINDOWS\system32\DRIVERS\dwvkbd.sys [2007-02-15 20:00]

R2 Ndiskio;Ndiskio;C:\NORMAN\Nse\bin\NDISKIO.SYS [2007-01-02 10:55]

R3 DwMirror;DwMirror;C:\WINDOWS\system32\DRIVERS\DamewareMini.sys [2007-02-07 20:00]

R3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2008-02-11 14:56]

R3 nvcoas;Norman Virus Control on-access component;C:\NORMAN\Nvc\bin\nvcoas.exe [2007-12-12 11:45]

R3 NVCScheduler;Norman Virus Control Scheduler;C:\NORMAN\Nvc\BIN\NVCSCHED.EXE [2007-05-23 13:23]

 

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-03 14:56:31

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-06-03 14:57:12

ComboFix-quarantined-files.txt 2008-06-03 12:56:59

ComboFix2.txt 2008-06-03 12:52:33

ComboFix3.txt 2008-06-03 12:16:03

ComboFix4.txt 2008-06-03 06:15:14

 

Pre-Run: 5,710,680,064 byte ledig

Post-Run: 5,698,998,272 byte ledig

 

291 --- E O F --- 2008-05-22 01:00:40

Lenke til kommentar

Her er hjt-loggen.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:24, on 2008-06-03

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\NORMAN\Npm\bin\ELOGSVC.EXE

C:\NORMAN\Npm\bin\ZANDA.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\WINDOWS\SYSTEM32\DWRCS.EXE

C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\mdm.exe

C:\NORMAN\Npm\bin\NJEEVES.EXE

C:\NORMAN\Nvc\bin\nvcoas.exe

C:\NORMAN\Nvc\BIN\NVCSCHED.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\SYSTEM32\DWRCST.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe

C:\NORMAN\Npm\bin\ZLH.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\NORMAN\Nvc\BIN\NIP.EXE

C:\NORMAN\Nvc\bin\cclaw.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

D:\Programfiler\DAEMON Tools Lite\daemon.exe

C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

D:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe

D:\Programfiler\ComAgent\ComAgent.exe

C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe

C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexStoreSvr.exe

D:\Programfiler\TechSmith\SnagIt 8\SnagIt32.exe

D:\Programfiler\TechSmith\SnagIt 8\TSCHelp.exe

D:\Programfiler\TechSmith\SnagIt 8\SnagPriv.exe

C:\Programfiler\MSN Messenger\usnsvc.exe

D:\Programfiler\Opera\opera.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = fk003:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = e-torg.no.ihost.com;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Programfiler\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: AL2Spy Class - {DC200356-0864-4F66-8964-5D43A19300F5} - C:\WINDOWS\AUTOLO~1\AL2DLL.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Programfiler\TechSmith\SnagIt 8\SnagItIEAddin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Npm\bin\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [Nod32 Runtime] sysregi.exe

O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: ComAgent.lnk = D:\Programfiler\ComAgent\ComAgent.exe

O4 - Global Startup: SnagIt 8.lnk = D:\Programfiler\TechSmith\SnagIt 8\SnagIt32.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra button: Helpdesk - {71F62ED1-59FC-471A-84B0-F6E754C172D1} - http://fk008/MRcgi/MRentrancePage.pl (file missing) (HKCU)

O15 - Trusted Zone: http://security.symantec.com

O16 - DPF: iLO 2 Remote Console Applet - https://82.148.144.132/dvc.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = fauske.lokalt

O17 - HKLM\Software\..\Telephony: DomainName = fauske.lokalt

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = fauske.lokalt

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = fauske.lokalt

O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = fauske.lokalt

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE

O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\NORMAN\Npm\bin\ELOGSVC.EXE

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: NBService - Nero AG - D:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\Npm\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Norman ASA - C:\NORMAN\Npm\bin\ZANDA.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE

 

--

End of file - 9428 bytes

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
×
×
  • Opprett ny...