Tommy-
-
Innlegg
330 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av Tommy-
-
-
kjøp heller dette kabinette https://prisguiden.no/product.php?product_id=55253 eller denne https://prisguiden.no/product.php?product_id=95794 mye mye mye bedre!
en ting til KJØP XP!!!!!! ikke vista. vista bruker mye mye mye mer av pcen din enn xp og overall er xp bedre en vista.
-
takker:D noen andre tips?
-
altså, jeg og en venn skal tjene penger inn til klassetur til Polen. Så i den anledning skal vi lage en tjenste som går ut på å fjerne virus etc. Vi trenger derfor et skjema som folk kan underskrive sånn at ansvare ikke faller på oss vi vi sletter et virus som ligger på en viktig windows fil. Bare sånn i tilfelle. Men har noen ide om hva vi kan skrive på det skjema?
-
Takk for hjelpen!
-
-
E:\System Volume Information\_restore{0FE7D1FB-5C46-4910-A5B0-4FC6F6F90A55}\RP114\A0031632.sys (Trojan.Downloader)
Den kommer opp i Malwarebytes' Anti-Malware. vær gang jeg scanner og så trykker jeg fjern så restarter jeg pc, scanner på nytt vips så dukker den opp igjen:/ hvordan fjerner jeg den?
-
-
Malwarebytes' Anti-Malware 1.30
Database versjon: 1419
Windows 5.1.2600 Service Pack 2
24.11.08 19:10:40
mbam-log-2008-11-24 (19-10-40).txt
Skanntype: Full Skann (E:\|F:\|)
Objekter skannet: 174103
Tid tilbakelagt: 58 minute(s), 42 second(s)
Minneprosesser infisert: 0
Minnemoduler infisert: 3
Registernøkler infisert: 2
Registerverdier infisert: 0
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert: 4
Minneprosesser infisert:
(Ingen mistenkelige filer funnet)
Minnemoduler infisert:
E:\Programfiler\Mozilla Firefox\plugins\NPAskSBr.dll (Trojan.Agent) -> Delete on reboot.
E:\Programfiler\AskSBar\bar\1.bin\A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Delete on reboot.
Registernøkler infisert:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\phge (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\phge (Trojan.Downloader) -> Quarantined and deleted successfully.
Registerverdier infisert:
(Ingen mistenkelige filer funnet)
Registerfiler infisert:
(Ingen mistenkelige filer funnet)
Mapper infisert:
(Ingen mistenkelige filer funnet)
Filer infisert:
E:\Programfiler\Mozilla Firefox\plugins\NPAskSBr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Programfiler\AskSBar\bar\1.bin\A2PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\drivers\poqfkeen.sys (Trojan.Downloader) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:20:31, on 24.11.08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\Ati2evxx.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\Ati2evxx.exe E:\WINDOWS\system32\spoolsv.exe E:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe E:\WINDOWS\Explorer.EXE E:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe E:\WINDOWS\RTHDCPL.EXE E:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe E:\Programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.exe E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe E:\WINDOWS\system32\ctfmon.exe E:\Programfiler\Steam\Steam.exe E:\Programfiler\MSN Messenger\MsnMsgr.Exe E:\Programfiler\Samurize\Client.exe E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\ccc.exe E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe E:\Programfiler\Bonjour\mDNSResponder.exe E:\WINDOWS\system32\CTsvcCDA.exe E:\WINDOWS\system32\svchost.exe E:\Programfiler\MSN Messenger\usnsvc.exe E:\WINDOWS\system32\wuauclt.exe E:\Programfiler\Creative\Video Converter\CtConvU.exe E:\PROGRA~1\Creative\SHARED~1\OpaQManU.exe E:\Programfiler\Mozilla Firefox\firefox.exe E:\WINDOWS\system32\NOTEPAD.EXE E:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.ask.com?o=1607"][url="http://www.ask.com?o=1607"]http://www.ask.com?o=1607[/url][/url] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - E:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - E:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Programfiler\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [NBKeyScan] "E:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "E:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [CTCheck] E:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe O4 - HKLM\..\Run: [LWBMOUSE] E:\Programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE O4 - HKLM\..\Run: [startCCC] "E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "E:\Programfiler\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [avgnt] "E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "E:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [MsnMsgr] "E:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [LightScribe Control Panel] E:\Programfiler\Fellesfiler\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [CTSyncU.exe] "E:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = E:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Client Default.lnk = E:\Programfiler\Samurize\Client.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - [url="http://www.srtest.com/srl_bin/sysreqlab_srl.cab"][url="http://www.srtest.com/srl_bin/sysreqlab_srl.cab"]http://www.srtest.com/srl_bin/sysreqlab_srl.cab[/url][/url] O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Programfiler\Yahoo!\Common\yinsthelper.dll O23 - Service: Adobe LM Service - Adobe Systems - E:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - E:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - E:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - E:\Programfiler\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - E:\Programfiler\Spyware Doctor\pctsSvc.exe -- End of file - 7381 bytesComboFix 08-11-23.02 - Tommy Tommy 2008-11-24 19:14:14.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.1361 [GMT 1:00] Running from: e:\documents and settings\Tommy Tommy\Skrivebord\ComboFix.exe * Created a new restore point [color="RED"][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . e:\windows\system32\mpg4c32.dll . ((((((((((((((((((((((((( Files Created from 2008-10-24 to 2008-11-24 ))))))))))))))))))))))))))))))) . 2008-11-24 17:46 . 2008-11-24 17:46 <DIR> d-------- e:\programfiler\Malwarebytes' Anti-Malware 2008-11-24 17:46 . 2008-11-24 17:46 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Malwarebytes 2008-11-24 17:46 . 2008-11-24 17:46 <DIR> d-------- e:\documents and settings\All Users\Programdata\Malwarebytes 2008-11-24 17:46 . 2008-10-22 16:10 38,496 --a------ e:\windows\system32\drivers\mbamswissarmy.sys 2008-11-24 17:46 . 2008-10-22 16:10 15,504 --a------ e:\windows\system32\drivers\mbam.sys 2008-11-24 16:22 . 2008-11-24 19:10 <DIR> dr-h----- e:\documents and settings\Tommy Tommy\Siste 2008-11-24 16:20 . 2008-11-24 16:20 <DIR> d-------- e:\programfiler\Trend Micro 2008-11-16 16:17 . 2008-11-16 21:58 <DIR> d-------- e:\programfiler\NOS 2008-11-16 16:17 . 2008-11-16 21:58 <DIR> d-------- e:\documents and settings\All Users\Programdata\NOS 2008-11-15 12:02 . 2008-11-15 12:02 268 --ah----- E:\sqmdata03.sqm 2008-11-15 12:02 . 2008-11-15 12:02 244 --ah----- E:\sqmnoopt03.sqm 2008-11-14 23:36 . 2008-11-19 17:30 <DIR> d-------- e:\programfiler\SpeedFan 2008-11-14 22:43 . 2008-11-14 22:43 244 --ah----- E:\sqmnoopt02.sqm 2008-11-14 22:43 . 2008-11-14 22:43 232 --ah----- E:\sqmdata02.sqm 2008-11-12 22:31 . 1997-11-19 15:49 303,616 --a------ e:\windows\IsUninst.exe 2008-11-12 21:03 . 2008-11-12 21:03 <DIR> d-------- e:\programfiler\ZoneAlarmSB 2008-11-12 21:02 . 2008-11-12 21:02 <DIR> d-------- e:\documents and settings\All Users\Programdata\MailFrontier 2008-11-12 21:02 . 2008-11-12 21:03 4,212 ---h----- e:\windows\system32\zllictbl.dat 2008-11-12 21:01 . 2004-04-27 04:40 11,264 --a------ e:\windows\system32\SpOrder.dll 2008-11-12 21:00 . 2008-11-12 21:08 <DIR> d-------- e:\windows\Internet Logs 2008-11-12 19:12 . 2008-11-12 19:12 <DIR> d-------- e:\programfiler\Avira 2008-11-12 19:12 . 2008-11-12 19:12 <DIR> d-------- e:\documents and settings\All Users\Programdata\Avira 2008-11-12 15:25 . 2008-10-24 12:10 453,632 -----c--- e:\windows\system32\dllcache\mrxsmb.sys 2008-11-10 08:08 . 2008-11-10 08:08 <DIR> d-------- e:\programfiler\MSXML 6.0 2008-11-09 22:17 . 2008-11-09 22:17 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Publish Providers 2008-11-09 22:16 . 2008-11-09 22:16 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Sony 2008-11-09 22:03 . 2008-11-09 22:03 <DIR> d-------- e:\programfiler\MSBuild 2008-11-09 22:00 . 2008-11-09 22:00 <DIR> d-------- e:\windows\system32\XPSViewer 2008-11-09 22:00 . 2008-11-09 22:00 <DIR> d-------- e:\programfiler\Reference Assemblies 2008-11-09 21:59 . 2006-06-29 13:07 14,048 --------- e:\windows\system32\spmsg2.dll 2008-11-09 21:55 . 2008-11-09 21:55 <DIR> d-------- e:\programfiler\Sony Setup 2008-11-09 21:55 . 2008-11-09 21:55 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Sony Setup 2008-11-07 19:21 . 2008-11-07 19:21 <DIR> d-------- e:\windows\system32\windows media 2008-11-07 19:21 . 2008-11-07 19:21 <DIR> d--h----- e:\windows\msdownld.tmp 2008-11-07 19:21 . 2008-11-07 19:21 <DIR> d-------- e:\programfiler\Windows Media Components 2008-11-07 07:52 . 2008-11-20 18:46 <DIR> d-------- e:\programfiler\Spyware Doctor 2008-11-07 07:52 . 2008-11-07 07:52 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\PC Tools 2008-11-07 07:52 . 2008-08-25 12:36 81,288 --a------ e:\windows\system32\drivers\iksyssec.sys 2008-11-07 07:52 . 2008-08-25 12:36 66,952 --a------ e:\windows\system32\drivers\iksysflt.sys 2008-11-07 07:52 . 2008-08-25 12:36 40,840 --a------ e:\windows\system32\drivers\ikfilesec.sys 2008-11-07 07:52 . 2008-06-02 16:19 29,576 --a------ e:\windows\system32\drivers\kcom.sys 2008-11-07 07:41 . 2008-11-07 07:41 <DIR> d-------- e:\programfiler\OJOsoft 2008-11-07 07:39 . 2008-11-07 07:43 <DIR> d-------- e:\programfiler\XVideoConverter 2008-11-07 07:33 . 2008-11-07 07:33 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\AVS4YOU 2008-11-07 07:33 . 2008-11-07 07:33 <DIR> d-------- e:\documents and settings\All Users\Programdata\AVS4YOU 2008-11-07 07:31 . 2008-11-07 07:43 <DIR> d-------- e:\programfiler\Fellesfiler\AVSMedia 2008-11-07 07:31 . 2008-11-07 07:45 <DIR> d-------- e:\programfiler\AVS4YOU 2008-11-07 07:31 . 2007-10-15 10:35 1,700,352 --a------ e:\windows\system32\GdiPlus.dll 2008-11-07 07:31 . 2007-10-15 10:35 974,848 --a------ e:\windows\system32\mfc70.dll 2008-11-07 07:31 . 2007-10-15 10:35 638,976 --a------ e:\windows\system32\divx.dll 2008-11-07 07:31 . 2007-10-15 10:35 487,424 --a------ e:\windows\system32\msvcp70.dll 2008-11-07 07:31 . 2007-10-15 10:35 344,064 --a------ e:\windows\system32\msvcr70.dll 2008-11-07 07:31 . 2007-10-15 10:35 261,632 --a------ e:\windows\system32\mcdvd_32.dll 2008-11-07 07:31 . 2007-10-15 10:35 221,215 --a------ e:\windows\system32\divxdec.ax 2008-11-07 07:31 . 2007-10-15 10:35 156,910 --a------ e:\windows\WMSysPr8.prx 2008-11-07 07:31 . 2007-10-15 10:35 82,944 --a------ e:\windows\system32\vct3216.acm 2008-11-07 07:31 . 2007-10-15 10:35 81,920 --a------ e:\windows\system32\AC3ACM.acm 2008-11-07 07:31 . 2007-10-15 10:35 38,912 --a------ e:\windows\system32\alf2cd.acm 2008-11-07 07:31 . 2007-10-15 10:35 13,239 --a------ e:\windows\system32\Scg726.acm 2008-11-06 22:53 . 2008-11-06 22:53 <DIR> d-------- e:\programfiler\VersalSoft 2008-11-06 22:53 . 2008-11-06 22:55 <DIR> d-------- E:\Program Files 2008-11-03 20:11 . 2008-10-27 18:37 192,307 --a------ E:\wubildr 2008-11-03 20:11 . 2008-10-27 18:37 8,192 --a------ E:\wubildr.mbr 2008-11-03 20:02 . 2008-11-03 20:02 <DIR> d-------- E:\ubuntu 2008-11-03 19:16 . 2008-11-03 19:17 <DIR> d-------- E:\ubuntu-backup 2008-11-02 01:51 . 2008-11-02 13:07 <DIR> d-------- e:\programfiler\DC++ 2008-11-02 00:22 . 2008-11-02 00:22 <DIR> d-------- e:\programfiler\Western Digital Technologies 2008-11-02 00:15 . 2008-11-02 00:15 <DIR> d-------- e:\programfiler\Seagate 2008-11-02 00:14 . 2008-11-02 00:14 <DIR> d-------- e:\programfiler\Fellesfiler\Wise Installation Wizard 2008-11-01 15:43 . 2008-11-14 23:36 45 --a------ e:\windows\system32\initdebug.nfo 2008-11-01 14:32 . 2008-11-07 23:19 <DIR> d-------- e:\programfiler\Samurize 2008-10-31 21:44 . 2008-10-31 21:44 268 --ah----- E:\sqmdata01.sqm 2008-10-31 21:44 . 2008-10-31 21:44 244 --ah----- E:\sqmnoopt01.sqm 2008-10-31 20:57 . 2008-10-31 20:57 <DIR> d-------- e:\programfiler\EA GAMES 2008-10-31 20:14 . 2008-10-31 20:14 268 --ah----- E:\sqmdata00.sqm 2008-10-31 20:14 . 2008-10-31 20:14 244 --ah----- E:\sqmnoopt00.sqm 2008-10-31 19:30 . 2008-10-31 19:30 <DIR> d-------- e:\programfiler\VstPlugins 2008-10-31 19:30 . 2008-10-31 19:30 <DIR> d-------- e:\programfiler\ASIO4ALL v2 2008-10-31 19:30 . 2006-06-20 09:56 225,280 --a------ e:\windows\system32\rewire.dll 2008-10-31 19:29 . 2008-10-31 19:29 <DIR> d-------- e:\programfiler\Outsim 2008-10-31 19:29 . 2002-07-07 23:14 1,294,336 --a------ e:\windows\system32\vorbis.acm 2008-10-31 19:28 . 2008-10-31 19:30 <DIR> d-------- e:\programfiler\Image-Line 2008-10-30 16:31 . 2008-11-01 12:22 <DIR> d-------- e:\programfiler\Valve 2008-10-30 13:38 . 2008-10-30 13:38 <DIR> d-------- e:\documents and settings\All Users\Programdata\ATI 2008-10-30 13:35 . 2008-10-30 15:09 <DIR> d-------- e:\programfiler\ATI 2008-10-30 13:15 . 2008-09-23 21:05 593,920 --------- e:\windows\system32\ati2sgag.exe 2008-10-30 13:04 . 2008-03-10 02:37 3,107,788 -ra------ e:\windows\system32\ativvaxx.dat 2008-10-30 13:04 . 2008-03-10 02:37 3,107,788 -ra------ e:\windows\system32\ativva5x.dat 2008-10-30 13:04 . 2008-03-10 02:37 887,724 -ra------ e:\windows\system32\ativva6x.dat 2008-10-30 13:04 . 2008-09-24 03:18 425,984 --a------ e:\windows\system32\ATIDEMGX.dll 2008-10-30 13:04 . 2008-09-24 02:56 307,200 --a------ e:\windows\system32\atiiiexx.dll 2008-10-30 13:04 . 2008-09-17 20:17 176,918 --a------ e:\windows\system32\atiicdxx.dat 2008-10-30 13:04 . 2007-08-31 14:20 7,167 -ra------ e:\windows\system32\atifglpf.xml 2008-10-30 12:36 . 2008-07-31 15:36 14,696 --a------ e:\windows\atiogl.xml 2008-10-30 12:19 . 2008-10-30 12:57 10 --a------ e:\windows\WININIT.INI 2008-10-30 12:12 . 2008-03-12 22:17 372,736 -ra------ e:\windows\system32\SET6B.tmp 2008-10-28 19:33 . 2008-11-20 18:47 <DIR> d-a------ e:\documents and settings\All Users\Programdata\TEMP 2008-10-27 21:27 . 2008-10-27 21:27 <DIR> dr-h----- e:\documents and settings\Tommy Tommy\Programdata\SecuROM 2008-10-27 21:23 . 2008-10-27 21:27 107,888 --a------ e:\windows\system32\CmdLineExt.dll 2008-10-27 21:19 . 2008-10-28 17:26 682,280 --a------ e:\windows\system32\pbsvc.exe 2008-10-27 21:19 . 2008-10-27 21:19 22,328 --a------ e:\documents and settings\Tommy Tommy\Programdata\PnkBstrK.sys 2008-10-27 21:17 . 2008-10-27 21:17 <DIR> d-------- e:\programfiler\Ubisoft 2008-10-26 19:31 . 2004-08-04 01:03 159,232 --a------ e:\windows\system32\ptpusd.dll 2008-10-26 19:31 . 2004-08-03 22:58 15,104 --a------ e:\windows\system32\drivers\usbscan.sys 2008-10-26 19:31 . 2004-08-03 22:58 15,104 --a--c--- e:\windows\system32\dllcache\usbscan.sys 2008-10-26 19:31 . 2001-10-06 14:02 5,632 --a------ e:\windows\system32\ptpusb.dll 2008-10-26 18:33 . 2008-10-26 18:33 <DIR> d-------- E:\ATI 2008-10-25 23:27 . 2008-10-25 23:27 <DIR> d-------- e:\documents and settings\Tommy Tommy\WINDOWS 2008-10-25 16:44 . 2008-10-25 16:44 <DIR> d-------- e:\programfiler\Browser Mouse 2008-10-25 16:44 . 2000-05-10 06:29 6,205 --a------ e:\windows\system32\LWBHMVXD.VXD 2008-10-25 11:22 . 2008-10-25 11:27 <DIR> d-------- e:\windows\system32\CatRoot_bak 2008-10-24 18:36 . 2008-10-24 18:36 36,103 --a------ e:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat 2008-10-24 18:36 . 2008-10-24 18:36 33,846 --a------ e:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.bmp 2008-10-24 15:52 . 2008-10-24 15:52 <DIR> d-------- e:\programfiler\GoldWave 2008-10-24 15:34 . 2008-10-24 15:34 <DIR> d-------- e:\programfiler\Illustrate 2008-10-24 15:34 . 2008-10-24 18:36 131,072 --a------ e:\windows\system32\SpoonUninstall.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-24 18:14 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\uTorrent 2008-11-24 17:33 --------- d-----w e:\programfiler\Steam 2008-11-19 17:34 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\FrostWire 2008-11-19 15:39 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\dvdcss 2008-11-16 16:44 --------- d-----w e:\programfiler\Clue 2008-11-16 15:18 --------- d-----w e:\programfiler\Fellesfiler\Adobe 2008-11-09 21:01 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\Creative 2008-11-07 16:08 --------- d-----w e:\programfiler\Fellesfiler\Apple 2008-11-07 06:43 --------- d-----w e:\programfiler\AviSynth 2.5 2008-10-31 19:56 --------- d--h--w e:\programfiler\InstallShield Installation Information 2008-10-30 12:34 --------- d-----w e:\programfiler\ATI Technologies 2008-10-26 16:50 --------- d-----w e:\programfiler\SystemRequirementsLab 2008-10-24 18:05 --------- d-----w e:\programfiler\Yahoo! 2008-10-24 17:04 --------- d-----w e:\documents and settings\All Users\Programdata\Apple Computer 2008-10-24 11:10 453,632 ----a-w e:\windows\system32\drivers\mrxsmb.sys 2008-10-22 12:11 --------- d-----w e:\programfiler\Lavalys 2008-10-22 05:50 --------- d-----w e:\documents and settings\All Users\Programdata\Adobe Systems 2008-10-22 05:47 20,016 ------w e:\windows\system32\drivers\pxhelp20.sys 2008-10-21 15:51 --------- d--h--w e:\programfiler\Creative Installation Information 2008-10-21 15:51 --------- d-----w e:\programfiler\Creative 2008-10-21 15:51 --------- d-----w e:\documents and settings\All Users\Programdata\Creative 2008-10-21 15:21 --------- d-----w e:\programfiler\Fellesfiler\Creative 2008-10-21 15:05 --------- d-----w e:\programfiler\Rockstar Games 2008-10-19 17:34 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\Apple Computer 2008-10-19 17:32 --------- d-----w e:\programfiler\QuickTime 2008-10-19 17:32 --------- d-----w e:\programfiler\Bonjour 2008-10-19 17:31 --------- d-----w e:\documents and settings\All Users\Programdata\Apple 2008-10-19 12:04 --------- d-----w e:\programfiler\Fellesfiler\Nero 2008-10-19 12:04 --------- d-----w e:\documents and settings\All Users\Programdata\Nero 2008-10-19 10:38 --------- d-----w e:\programfiler\Microsoft.NET 2008-10-19 10:05 --------- d-----w e:\programfiler\Fellesfiler\Macrovision Shared 2008-10-19 10:00 --------- d-----w e:\programfiler\MagicISO 2008-10-18 21:58 --------- d-----w e:\programfiler\Windows Media Connect 2 2008-10-18 12:46 --------- d-----w e:\programfiler\MSXML 4.0 2008-10-18 10:10 --------- d-----w e:\programfiler\Fellesfiler\Adobe Systems Shared 2008-10-18 09:43 34,308 ----a-w e:\windows\system32\Chip.dll 2008-10-18 09:43 --------- d-----w e:\programfiler\MagicDVDRipper 2008-10-17 21:20 --------- d-----w e:\programfiler\FrostWire 2008-10-17 21:19 --------- d-----w e:\programfiler\Sun 2008-10-17 21:18 --------- d-----w e:\programfiler\Java 2008-10-17 21:11 --------- d-----w e:\programfiler\AskSBar 2008-10-17 21:03 --------- d-----w e:\programfiler\Fellesfiler\Java 2008-10-17 17:37 --------- d-----w e:\programfiler\Fellesfiler\Thraex Software 2008-10-17 16:20 --------- d-----w e:\programfiler\DAEMON Tools Lite 2008-10-17 16:18 --------- d-----w e:\programfiler\DAEMON Tools Toolbar 2008-10-17 16:15 717,296 ----a-w e:\windows\system32\drivers\sptd.sys 2008-10-17 16:15 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\DAEMON Tools 2008-10-17 16:07 --------- d-----w e:\programfiler\Opera 2008-10-17 15:57 218,624 ----a-w e:\windows\system32\uxtheme.dll 2008-10-17 15:38 --------- d-----w e:\documents and settings\All Users\Programdata\LightScribe 2008-10-17 15:37 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\Nero 2008-10-17 15:36 --------- d-----w e:\programfiler\CCleaner 2008-10-17 15:36 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\vlc 2008-10-17 15:35 --------- d-----w e:\programfiler\VideoLAN 2008-10-17 15:35 --------- d-----w e:\programfiler\NeroInstall.bak 2008-10-17 15:34 --------- d-----w e:\programfiler\uTorrent 2008-10-17 15:32 --------- d-----w e:\programfiler\Nero 2008-10-17 14:57 --------- d-----w e:\programfiler\Kaspersky Lab 2008-10-17 14:52 --------- d-----w e:\documents and settings\All Users\Programdata\Kaspersky Lab Setup Files 2008-10-17 14:49 --------- d-----w e:\programfiler\MSN Messenger 2008-10-17 14:39 315,392 ----a-w e:\windows\HideWin.exe 2008-10-17 14:39 --------- d-----w e:\programfiler\Realtek 2008-10-17 14:38 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\ATI 2008-10-17 14:33 --------- d-----w e:\programfiler\AMD 2008-10-17 14:32 --------- d-----w e:\programfiler\Fellesfiler\InstallShield 2008-10-17 14:32 --------- d-----w e:\programfiler\Fellesfiler\ATI Technologies 2008-10-17 14:30 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\InstallShield 2008-10-17 13:37 --------- d-----w e:\programfiler\microsoft frontpage 2008-10-17 13:36 --------- d-----w e:\programfiler\Fellesfiler\Tjenester 2008-10-17 13:36 --------- d-----w e:\programfiler\Elektroniske tjenester 2008-10-16 13:13 202,776 ----a-w e:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w e:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w e:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w e:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w e:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w e:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w e:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w e:\windows\system32\wups.dll 2008-10-02 23:46 81,920 ----a-w e:\windows\system32\frapsvid.dll 2008-09-30 15:43 1,286,152 ----a-w e:\windows\system32\msxml4.dll 2008-09-24 03:09 3,331,072 ----a-w e:\windows\system32\drivers\ati2mtag.sys 2008-09-24 02:17 311,296 ----a-w e:\windows\system32\ati2dvag.dll 2008-09-24 02:09 10,772,480 ----a-w e:\windows\system32\atioglxx.dll 2008-09-24 02:07 188,416 ----a-w e:\windows\system32\atipdlxx.dll 2008-09-24 02:06 43,520 ----a-w e:\windows\system32\ati2edxx.dll 2008-09-24 02:06 26,112 ----a-w e:\windows\system32\Ati2mdxx.exe 2008-09-24 02:06 143,360 ----a-w e:\windows\system32\Oemdspif.dll 2008-09-24 02:06 143,360 ----a-w e:\windows\system32\ati2evxx.dll 2008-09-24 02:04 581,632 ----a-w e:\windows\system32\ati2evxx.exe 2008-09-24 02:03 53,248 ----a-w e:\windows\system32\ATIDDC.DLL 2008-09-24 01:54 4,008,864 ----a-w e:\windows\system32\ati3duag.dll 2008-09-24 01:38 2,399,744 ----a-w e:\windows\system32\ativvaxx.dll 2008-09-24 01:24 48,640 ----a-w e:\windows\system32\amdpcom32.dll 2008-09-24 01:20 380,928 ----a-w e:\windows\system32\atikvmag.dll 2008-09-24 01:19 39,424 ----a-w e:\windows\system32\atiadlxx.dll 2008-09-24 01:18 53,248 ----a-w e:\windows\system32\drivers\ati2erec.dll 2008-09-24 01:18 253,952 ----a-w e:\windows\system32\atiok3x2.dll 2008-09-24 01:18 17,408 ----a-w e:\windows\system32\atitvo32.dll 2008-09-24 01:12 573,440 ----a-w e:\windows\system32\ati2cqag.dll 2008-09-15 15:42 1,846,016 ----a-w e:\windows\system32\win32k.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "e:\programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-10-17 66912] [HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}] 2008-10-17 22:11 66912 --a------ e:\programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="e:\windows\system32\ctfmon.exe" [2004-08-04 15360] "Steam"="e:\programfiler\Steam\Steam.exe" [2008-10-17 1410296] "MsnMsgr"="e:\programfiler\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "DAEMON Tools Lite"="e:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "CTSyncU.exe"="e:\programfiler\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="e:\programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "QuickTime Task"="e:\programfiler\QuickTime\QTTask.exe" [2008-09-06 413696] "CTCheck"="e:\programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312] "LWBMOUSE"="e:\programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE" [2001-11-20 356352] "StartCCC"="e:\programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440] "ATICustomerCare"="e:\programfiler\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 307200] "avgnt"="e:\programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "Adobe Reader Speed Launcher"="e:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "Malwarebytes Anti-Malware (reboot)"="e:\programfiler\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-22 1261200] "RTHDCPL"="RTHDCPL.EXE" [2008-01-29 e:\windows\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2004-08-04 15360] e:\documents and settings\Tommy Tommy\Start-meny\Programmer\Oppstart\ Adobe Gamma.lnk - e:\programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] Client Default.lnk - e:\programfiler\Samurize\Client.exe [2007-04-07 2010624] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.I420"= i420vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "e:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "e:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "e:\\Programfiler\\MSN Messenger\\livecall.exe"= "e:\\Programfiler\\uTorrent\\uTorrent.exe"= "e:\\Programfiler\\Steam\\steamapps\\nfkurple\\counter-strike source\\hl2.exe"= "e:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "e:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"= "e:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"= "e:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"= "e:\\Programfiler\\Valve\\hl.exe"= "e:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"= "e:\\Documents and Settings\\Tommy Tommy\\Mine dokumenter\\Instalasjon filer\\Flatout 2\\installert\\FlatOut2.exe"= "e:\\Programfiler\\DC++\\DCPlusPlus.exe"= "e:\\Programfiler\\Steam\\Steam.exe"= "e:\\Programfiler\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"= R3 MBAMSwissArmy;MBAMSwissArmy;\??\e:\windows\system32\drivers\mbamswissarmy.sys [2008-11-24 38496] *Newly Created Service* - MBAMSWISSARMY *Newly Created Service* - PROCEXP90 . - - - - ORPHANS REMOVED - - - - HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - e:\programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe HKCU-Run-LightScribe Control Panel - e:\programfiler\Fellesfiler\LightScribe\LightScribeControlPanel.exe HKLM-Run-NBKeyScan - e:\programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe . ------- Supplementary Scan ------- . FireFox -: Profile - e:\documents and settings\Tommy Tommy\Programdata\Mozilla\Firefox\Profiles\c2t26m88.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - nettavisen.no FF -: plugin - e:\programfiler\Mozilla Firefox\plugins\np_gp.dll FF -: plugin - e:\programfiler\Mozilla Firefox\plugins\NPAskSBr.dll FF -: plugin - e:\programfiler\Opera\program\plugins\np_gp.dll FF -: plugin - e:\programfiler\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"][url="http://www.gmer.net"]http://www.gmer.net[/url][/url] Rootkit scan 2008-11-24 19:16:36 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(732) e:\windows\system32\Ati2evxx.dll e:\windows\system32\rsaenh.dll - - - - - - - > 'lsass.exe'(788) e:\windows\system32\msprivs.dll e:\windows\system32\rsaenh.dll . Completion time: 2008-11-24 19:17:13 ComboFix-quarantined-files.txt 2008-11-24 18:17:03 Pre-Run: 109 396 946 944 byte ledig Post-Run: 109,382,684,672 byte ledig 324 --- E O F --- 2008-11-13 11:54:12Malwarebytes' Anti-Malware 1.30
Database versjon: 1419
Windows 5.1.2600 Service Pack 2
24.11.08 19:10:40
mbam-log-2008-11-24 (19-10-40).txt
Skanntype: Full Skann (E:\|F:\|)
Objekter skannet: 174103
Tid tilbakelagt: 58 minute(s), 42 second(s)
Minneprosesser infisert: 0
Minnemoduler infisert: 3
Registernøkler infisert: 2
Registerverdier infisert: 0
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert: 4
Minneprosesser infisert:
(Ingen mistenkelige filer funnet)
Minnemoduler infisert:
E:\Programfiler\Mozilla Firefox\plugins\NPAskSBr.dll (Trojan.Agent) -> Delete on reboot.
E:\Programfiler\AskSBar\bar\1.bin\A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Delete on reboot.
Registernøkler infisert:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\phge (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\phge (Trojan.Downloader) -> Quarantined and deleted successfully.
Registerverdier infisert:
(Ingen mistenkelige filer funnet)
Registerfiler infisert:
(Ingen mistenkelige filer funnet)
Mapper infisert:
(Ingen mistenkelige filer funnet)
Filer infisert:
E:\Programfiler\Mozilla Firefox\plugins\NPAskSBr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Programfiler\AskSBar\bar\1.bin\A2PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\drivers\poqfkeen.sys (Trojan.Downloader) -> Quarantined and deleted successfully.
ComboFix 08-11-23.02 - Tommy Tommy 2008-11-24 19:14:14.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.1361 [GMT 1:00]
Running from: e:\documents and settings\Tommy Tommy\Skrivebord\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
e:\windows\system32\mpg4c32.dll
.
((((((((((((((((((((((((( Files Created from 2008-10-24 to 2008-11-24 )))))))))))))))))))))))))))))))
.
2008-11-24 17:46 . 2008-11-24 17:46 <DIR> d-------- e:\programfiler\Malwarebytes' Anti-Malware
2008-11-24 17:46 . 2008-11-24 17:46 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Malwarebytes
2008-11-24 17:46 . 2008-11-24 17:46 <DIR> d-------- e:\documents and settings\All Users\Programdata\Malwarebytes
2008-11-24 17:46 . 2008-10-22 16:10 38,496 --a------ e:\windows\system32\drivers\mbamswissarmy.sys
2008-11-24 17:46 . 2008-10-22 16:10 15,504 --a------ e:\windows\system32\drivers\mbam.sys
2008-11-24 16:22 . 2008-11-24 19:10 <DIR> dr-h----- e:\documents and settings\Tommy Tommy\Siste
2008-11-24 16:20 . 2008-11-24 16:20 <DIR> d-------- e:\programfiler\Trend Micro
2008-11-16 16:17 . 2008-11-16 21:58 <DIR> d-------- e:\programfiler\NOS
2008-11-16 16:17 . 2008-11-16 21:58 <DIR> d-------- e:\documents and settings\All Users\Programdata\NOS
2008-11-15 12:02 . 2008-11-15 12:02 268 --ah----- E:\sqmdata03.sqm
2008-11-15 12:02 . 2008-11-15 12:02 244 --ah----- E:\sqmnoopt03.sqm
2008-11-14 23:36 . 2008-11-19 17:30 <DIR> d-------- e:\programfiler\SpeedFan
2008-11-14 22:43 . 2008-11-14 22:43 244 --ah----- E:\sqmnoopt02.sqm
2008-11-14 22:43 . 2008-11-14 22:43 232 --ah----- E:\sqmdata02.sqm
2008-11-12 22:31 . 1997-11-19 15:49 303,616 --a------ e:\windows\IsUninst.exe
2008-11-12 21:03 . 2008-11-12 21:03 <DIR> d-------- e:\programfiler\ZoneAlarmSB
2008-11-12 21:02 . 2008-11-12 21:02 <DIR> d-------- e:\documents and settings\All Users\Programdata\MailFrontier
2008-11-12 21:02 . 2008-11-12 21:03 4,212 ---h----- e:\windows\system32\zllictbl.dat
2008-11-12 21:01 . 2004-04-27 04:40 11,264 --a------ e:\windows\system32\SpOrder.dll
2008-11-12 21:00 . 2008-11-12 21:08 <DIR> d-------- e:\windows\Internet Logs
2008-11-12 19:12 . 2008-11-12 19:12 <DIR> d-------- e:\programfiler\Avira
2008-11-12 19:12 . 2008-11-12 19:12 <DIR> d-------- e:\documents and settings\All Users\Programdata\Avira
2008-11-12 15:25 . 2008-10-24 12:10 453,632 -----c--- e:\windows\system32\dllcache\mrxsmb.sys
2008-11-10 08:08 . 2008-11-10 08:08 <DIR> d-------- e:\programfiler\MSXML 6.0
2008-11-09 22:17 . 2008-11-09 22:17 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Publish Providers
2008-11-09 22:16 . 2008-11-09 22:16 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Sony
2008-11-09 22:03 . 2008-11-09 22:03 <DIR> d-------- e:\programfiler\MSBuild
2008-11-09 22:00 . 2008-11-09 22:00 <DIR> d-------- e:\windows\system32\XPSViewer
2008-11-09 22:00 . 2008-11-09 22:00 <DIR> d-------- e:\programfiler\Reference Assemblies
2008-11-09 21:59 . 2006-06-29 13:07 14,048 --------- e:\windows\system32\spmsg2.dll
2008-11-09 21:55 . 2008-11-09 21:55 <DIR> d-------- e:\programfiler\Sony Setup
2008-11-09 21:55 . 2008-11-09 21:55 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\Sony Setup
2008-11-07 19:21 . 2008-11-07 19:21 <DIR> d-------- e:\windows\system32\windows media
2008-11-07 19:21 . 2008-11-07 19:21 <DIR> d--h----- e:\windows\msdownld.tmp
2008-11-07 19:21 . 2008-11-07 19:21 <DIR> d-------- e:\programfiler\Windows Media Components
2008-11-07 07:52 . 2008-11-20 18:46 <DIR> d-------- e:\programfiler\Spyware Doctor
2008-11-07 07:52 . 2008-11-07 07:52 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\PC Tools
2008-11-07 07:52 . 2008-08-25 12:36 81,288 --a------ e:\windows\system32\drivers\iksyssec.sys
2008-11-07 07:52 . 2008-08-25 12:36 66,952 --a------ e:\windows\system32\drivers\iksysflt.sys
2008-11-07 07:52 . 2008-08-25 12:36 40,840 --a------ e:\windows\system32\drivers\ikfilesec.sys
2008-11-07 07:52 . 2008-06-02 16:19 29,576 --a------ e:\windows\system32\drivers\kcom.sys
2008-11-07 07:41 . 2008-11-07 07:41 <DIR> d-------- e:\programfiler\OJOsoft
2008-11-07 07:39 . 2008-11-07 07:43 <DIR> d-------- e:\programfiler\XVideoConverter
2008-11-07 07:33 . 2008-11-07 07:33 <DIR> d-------- e:\documents and settings\Tommy Tommy\Programdata\AVS4YOU
2008-11-07 07:33 . 2008-11-07 07:33 <DIR> d-------- e:\documents and settings\All Users\Programdata\AVS4YOU
2008-11-07 07:31 . 2008-11-07 07:43 <DIR> d-------- e:\programfiler\Fellesfiler\AVSMedia
2008-11-07 07:31 . 2008-11-07 07:45 <DIR> d-------- e:\programfiler\AVS4YOU
2008-11-07 07:31 . 2007-10-15 10:35 1,700,352 --a------ e:\windows\system32\GdiPlus.dll
2008-11-07 07:31 . 2007-10-15 10:35 974,848 --a------ e:\windows\system32\mfc70.dll
2008-11-07 07:31 . 2007-10-15 10:35 638,976 --a------ e:\windows\system32\divx.dll
2008-11-07 07:31 . 2007-10-15 10:35 487,424 --a------ e:\windows\system32\msvcp70.dll
2008-11-07 07:31 . 2007-10-15 10:35 344,064 --a------ e:\windows\system32\msvcr70.dll
2008-11-07 07:31 . 2007-10-15 10:35 261,632 --a------ e:\windows\system32\mcdvd_32.dll
2008-11-07 07:31 . 2007-10-15 10:35 221,215 --a------ e:\windows\system32\divxdec.ax
2008-11-07 07:31 . 2007-10-15 10:35 156,910 --a------ e:\windows\WMSysPr8.prx
2008-11-07 07:31 . 2007-10-15 10:35 82,944 --a------ e:\windows\system32\vct3216.acm
2008-11-07 07:31 . 2007-10-15 10:35 81,920 --a------ e:\windows\system32\AC3ACM.acm
2008-11-07 07:31 . 2007-10-15 10:35 38,912 --a------ e:\windows\system32\alf2cd.acm
2008-11-07 07:31 . 2007-10-15 10:35 13,239 --a------ e:\windows\system32\Scg726.acm
2008-11-06 22:53 . 2008-11-06 22:53 <DIR> d-------- e:\programfiler\VersalSoft
2008-11-06 22:53 . 2008-11-06 22:55 <DIR> d-------- E:\Program Files
2008-11-03 20:11 . 2008-10-27 18:37 192,307 --a------ E:\wubildr
2008-11-03 20:11 . 2008-10-27 18:37 8,192 --a------ E:\wubildr.mbr
2008-11-03 20:02 . 2008-11-03 20:02 <DIR> d-------- E:\ubuntu
2008-11-03 19:16 . 2008-11-03 19:17 <DIR> d-------- E:\ubuntu-backup
2008-11-02 01:51 . 2008-11-02 13:07 <DIR> d-------- e:\programfiler\DC++
2008-11-02 00:22 . 2008-11-02 00:22 <DIR> d-------- e:\programfiler\Western Digital Technologies
2008-11-02 00:15 . 2008-11-02 00:15 <DIR> d-------- e:\programfiler\Seagate
2008-11-02 00:14 . 2008-11-02 00:14 <DIR> d-------- e:\programfiler\Fellesfiler\Wise Installation Wizard
2008-11-01 15:43 . 2008-11-14 23:36 45 --a------ e:\windows\system32\initdebug.nfo
2008-11-01 14:32 . 2008-11-07 23:19 <DIR> d-------- e:\programfiler\Samurize
2008-10-31 21:44 . 2008-10-31 21:44 268 --ah----- E:\sqmdata01.sqm
2008-10-31 21:44 . 2008-10-31 21:44 244 --ah----- E:\sqmnoopt01.sqm
2008-10-31 20:57 . 2008-10-31 20:57 <DIR> d-------- e:\programfiler\EA GAMES
2008-10-31 20:14 . 2008-10-31 20:14 268 --ah----- E:\sqmdata00.sqm
2008-10-31 20:14 . 2008-10-31 20:14 244 --ah----- E:\sqmnoopt00.sqm
2008-10-31 19:30 . 2008-10-31 19:30 <DIR> d-------- e:\programfiler\VstPlugins
2008-10-31 19:30 . 2008-10-31 19:30 <DIR> d-------- e:\programfiler\ASIO4ALL v2
2008-10-31 19:30 . 2006-06-20 09:56 225,280 --a------ e:\windows\system32\rewire.dll
2008-10-31 19:29 . 2008-10-31 19:29 <DIR> d-------- e:\programfiler\Outsim
2008-10-31 19:29 . 2002-07-07 23:14 1,294,336 --a------ e:\windows\system32\vorbis.acm
2008-10-31 19:28 . 2008-10-31 19:30 <DIR> d-------- e:\programfiler\Image-Line
2008-10-30 16:31 . 2008-11-01 12:22 <DIR> d-------- e:\programfiler\Valve
2008-10-30 13:38 . 2008-10-30 13:38 <DIR> d-------- e:\documents and settings\All Users\Programdata\ATI
2008-10-30 13:35 . 2008-10-30 15:09 <DIR> d-------- e:\programfiler\ATI
2008-10-30 13:15 . 2008-09-23 21:05 593,920 --------- e:\windows\system32\ati2sgag.exe
2008-10-30 13:04 . 2008-03-10 02:37 3,107,788 -ra------ e:\windows\system32\ativvaxx.dat
2008-10-30 13:04 . 2008-03-10 02:37 3,107,788 -ra------ e:\windows\system32\ativva5x.dat
2008-10-30 13:04 . 2008-03-10 02:37 887,724 -ra------ e:\windows\system32\ativva6x.dat
2008-10-30 13:04 . 2008-09-24 03:18 425,984 --a------ e:\windows\system32\ATIDEMGX.dll
2008-10-30 13:04 . 2008-09-24 02:56 307,200 --a------ e:\windows\system32\atiiiexx.dll
2008-10-30 13:04 . 2008-09-17 20:17 176,918 --a------ e:\windows\system32\atiicdxx.dat
2008-10-30 13:04 . 2007-08-31 14:20 7,167 -ra------ e:\windows\system32\atifglpf.xml
2008-10-30 12:36 . 2008-07-31 15:36 14,696 --a------ e:\windows\atiogl.xml
2008-10-30 12:19 . 2008-10-30 12:57 10 --a------ e:\windows\WININIT.INI
2008-10-30 12:12 . 2008-03-12 22:17 372,736 -ra------ e:\windows\system32\SET6B.tmp
2008-10-28 19:33 . 2008-11-20 18:47 <DIR> d-a------ e:\documents and settings\All Users\Programdata\TEMP
2008-10-27 21:27 . 2008-10-27 21:27 <DIR> dr-h----- e:\documents and settings\Tommy Tommy\Programdata\SecuROM
2008-10-27 21:23 . 2008-10-27 21:27 107,888 --a------ e:\windows\system32\CmdLineExt.dll
2008-10-27 21:19 . 2008-10-28 17:26 682,280 --a------ e:\windows\system32\pbsvc.exe
2008-10-27 21:19 . 2008-10-27 21:19 22,328 --a------ e:\documents and settings\Tommy Tommy\Programdata\PnkBstrK.sys
2008-10-27 21:17 . 2008-10-27 21:17 <DIR> d-------- e:\programfiler\Ubisoft
2008-10-26 19:31 . 2004-08-04 01:03 159,232 --a------ e:\windows\system32\ptpusd.dll
2008-10-26 19:31 . 2004-08-03 22:58 15,104 --a------ e:\windows\system32\drivers\usbscan.sys
2008-10-26 19:31 . 2004-08-03 22:58 15,104 --a--c--- e:\windows\system32\dllcache\usbscan.sys
2008-10-26 19:31 . 2001-10-06 14:02 5,632 --a------ e:\windows\system32\ptpusb.dll
2008-10-26 18:33 . 2008-10-26 18:33 <DIR> d-------- E:\ATI
2008-10-25 23:27 . 2008-10-25 23:27 <DIR> d-------- e:\documents and settings\Tommy Tommy\WINDOWS
2008-10-25 16:44 . 2008-10-25 16:44 <DIR> d-------- e:\programfiler\Browser Mouse
2008-10-25 16:44 . 2000-05-10 06:29 6,205 --a------ e:\windows\system32\LWBHMVXD.VXD
2008-10-25 11:22 . 2008-10-25 11:27 <DIR> d-------- e:\windows\system32\CatRoot_bak
2008-10-24 18:36 . 2008-10-24 18:36 36,103 --a------ e:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
2008-10-24 18:36 . 2008-10-24 18:36 33,846 --a------ e:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.bmp
2008-10-24 15:52 . 2008-10-24 15:52 <DIR> d-------- e:\programfiler\GoldWave
2008-10-24 15:34 . 2008-10-24 15:34 <DIR> d-------- e:\programfiler\Illustrate
2008-10-24 15:34 . 2008-10-24 18:36 131,072 --a------ e:\windows\system32\SpoonUninstall.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-24 18:14 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\uTorrent
2008-11-24 17:33 --------- d-----w e:\programfiler\Steam
2008-11-19 17:34 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\FrostWire
2008-11-19 15:39 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\dvdcss
2008-11-16 16:44 --------- d-----w e:\programfiler\Clue
2008-11-16 15:18 --------- d-----w e:\programfiler\Fellesfiler\Adobe
2008-11-09 21:01 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\Creative
2008-11-07 16:08 --------- d-----w e:\programfiler\Fellesfiler\Apple
2008-11-07 06:43 --------- d-----w e:\programfiler\AviSynth 2.5
2008-10-31 19:56 --------- d--h--w e:\programfiler\InstallShield Installation Information
2008-10-30 12:34 --------- d-----w e:\programfiler\ATI Technologies
2008-10-26 16:50 --------- d-----w e:\programfiler\SystemRequirementsLab
2008-10-24 18:05 --------- d-----w e:\programfiler\Yahoo!
2008-10-24 17:04 --------- d-----w e:\documents and settings\All Users\Programdata\Apple Computer
2008-10-24 11:10 453,632 ----a-w e:\windows\system32\drivers\mrxsmb.sys
2008-10-22 12:11 --------- d-----w e:\programfiler\Lavalys
2008-10-22 05:50 --------- d-----w e:\documents and settings\All Users\Programdata\Adobe Systems
2008-10-22 05:47 20,016 ------w e:\windows\system32\drivers\pxhelp20.sys
2008-10-21 15:51 --------- d--h--w e:\programfiler\Creative Installation Information
2008-10-21 15:51 --------- d-----w e:\programfiler\Creative
2008-10-21 15:51 --------- d-----w e:\documents and settings\All Users\Programdata\Creative
2008-10-21 15:21 --------- d-----w e:\programfiler\Fellesfiler\Creative
2008-10-21 15:05 --------- d-----w e:\programfiler\Rockstar Games
2008-10-19 17:34 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\Apple Computer
2008-10-19 17:32 --------- d-----w e:\programfiler\QuickTime
2008-10-19 17:32 --------- d-----w e:\programfiler\Bonjour
2008-10-19 17:31 --------- d-----w e:\documents and settings\All Users\Programdata\Apple
2008-10-19 12:04 --------- d-----w e:\programfiler\Fellesfiler\Nero
2008-10-19 12:04 --------- d-----w e:\documents and settings\All Users\Programdata\Nero
2008-10-19 10:38 --------- d-----w e:\programfiler\Microsoft.NET
2008-10-19 10:05 --------- d-----w e:\programfiler\Fellesfiler\Macrovision Shared
2008-10-19 10:00 --------- d-----w e:\programfiler\MagicISO
2008-10-18 21:58 --------- d-----w e:\programfiler\Windows Media Connect 2
2008-10-18 12:46 --------- d-----w e:\programfiler\MSXML 4.0
2008-10-18 10:10 --------- d-----w e:\programfiler\Fellesfiler\Adobe Systems Shared
2008-10-18 09:43 34,308 ----a-w e:\windows\system32\Chip.dll
2008-10-18 09:43 --------- d-----w e:\programfiler\MagicDVDRipper
2008-10-17 21:20 --------- d-----w e:\programfiler\FrostWire
2008-10-17 21:19 --------- d-----w e:\programfiler\Sun
2008-10-17 21:18 --------- d-----w e:\programfiler\Java
2008-10-17 21:11 --------- d-----w e:\programfiler\AskSBar
2008-10-17 21:03 --------- d-----w e:\programfiler\Fellesfiler\Java
2008-10-17 17:37 --------- d-----w e:\programfiler\Fellesfiler\Thraex Software
2008-10-17 16:20 --------- d-----w e:\programfiler\DAEMON Tools Lite
2008-10-17 16:18 --------- d-----w e:\programfiler\DAEMON Tools Toolbar
2008-10-17 16:15 717,296 ----a-w e:\windows\system32\drivers\sptd.sys
2008-10-17 16:15 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\DAEMON Tools
2008-10-17 16:07 --------- d-----w e:\programfiler\Opera
2008-10-17 15:57 218,624 ----a-w e:\windows\system32\uxtheme.dll
2008-10-17 15:38 --------- d-----w e:\documents and settings\All Users\Programdata\LightScribe
2008-10-17 15:37 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\Nero
2008-10-17 15:36 --------- d-----w e:\programfiler\CCleaner
2008-10-17 15:36 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\vlc
2008-10-17 15:35 --------- d-----w e:\programfiler\VideoLAN
2008-10-17 15:35 --------- d-----w e:\programfiler\NeroInstall.bak
2008-10-17 15:34 --------- d-----w e:\programfiler\uTorrent
2008-10-17 15:32 --------- d-----w e:\programfiler\Nero
2008-10-17 14:57 --------- d-----w e:\programfiler\Kaspersky Lab
2008-10-17 14:52 --------- d-----w e:\documents and settings\All Users\Programdata\Kaspersky Lab Setup Files
2008-10-17 14:49 --------- d-----w e:\programfiler\MSN Messenger
2008-10-17 14:39 315,392 ----a-w e:\windows\HideWin.exe
2008-10-17 14:39 --------- d-----w e:\programfiler\Realtek
2008-10-17 14:38 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\ATI
2008-10-17 14:33 --------- d-----w e:\programfiler\AMD
2008-10-17 14:32 --------- d-----w e:\programfiler\Fellesfiler\InstallShield
2008-10-17 14:32 --------- d-----w e:\programfiler\Fellesfiler\ATI Technologies
2008-10-17 14:30 --------- d-----w e:\documents and settings\Tommy Tommy\Programdata\InstallShield
2008-10-17 13:37 --------- d-----w e:\programfiler\microsoft frontpage
2008-10-17 13:36 --------- d-----w e:\programfiler\Fellesfiler\Tjenester
2008-10-17 13:36 --------- d-----w e:\programfiler\Elektroniske tjenester
2008-10-16 13:13 202,776 ----a-w e:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w e:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w e:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w e:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w e:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w e:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w e:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w e:\windows\system32\wups.dll
2008-10-02 23:46 81,920 ----a-w e:\windows\system32\frapsvid.dll
2008-09-30 15:43 1,286,152 ----a-w e:\windows\system32\msxml4.dll
2008-09-24 03:09 3,331,072 ----a-w e:\windows\system32\drivers\ati2mtag.sys
2008-09-24 02:17 311,296 ----a-w e:\windows\system32\ati2dvag.dll
2008-09-24 02:09 10,772,480 ----a-w e:\windows\system32\atioglxx.dll
2008-09-24 02:07 188,416 ----a-w e:\windows\system32\atipdlxx.dll
2008-09-24 02:06 43,520 ----a-w e:\windows\system32\ati2edxx.dll
2008-09-24 02:06 26,112 ----a-w e:\windows\system32\Ati2mdxx.exe
2008-09-24 02:06 143,360 ----a-w e:\windows\system32\Oemdspif.dll
2008-09-24 02:06 143,360 ----a-w e:\windows\system32\ati2evxx.dll
2008-09-24 02:04 581,632 ----a-w e:\windows\system32\ati2evxx.exe
2008-09-24 02:03 53,248 ----a-w e:\windows\system32\ATIDDC.DLL
2008-09-24 01:54 4,008,864 ----a-w e:\windows\system32\ati3duag.dll
2008-09-24 01:38 2,399,744 ----a-w e:\windows\system32\ativvaxx.dll
2008-09-24 01:24 48,640 ----a-w e:\windows\system32\amdpcom32.dll
2008-09-24 01:20 380,928 ----a-w e:\windows\system32\atikvmag.dll
2008-09-24 01:19 39,424 ----a-w e:\windows\system32\atiadlxx.dll
2008-09-24 01:18 53,248 ----a-w e:\windows\system32\drivers\ati2erec.dll
2008-09-24 01:18 253,952 ----a-w e:\windows\system32\atiok3x2.dll
2008-09-24 01:18 17,408 ----a-w e:\windows\system32\atitvo32.dll
2008-09-24 01:12 573,440 ----a-w e:\windows\system32\ati2cqag.dll
2008-09-15 15:42 1,846,016 ----a-w e:\windows\system32\win32k.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "e:\programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-10-17 66912]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-10-17 22:11 66912 --a------ e:\programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Steam"="e:\programfiler\Steam\Steam.exe" [2008-10-17 1410296]
"MsnMsgr"="e:\programfiler\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"DAEMON Tools Lite"="e:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"CTSyncU.exe"="e:\programfiler\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="e:\programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="e:\programfiler\QuickTime\QTTask.exe" [2008-09-06 413696]
"CTCheck"="e:\programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"LWBMOUSE"="e:\programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE" [2001-11-20 356352]
"StartCCC"="e:\programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"ATICustomerCare"="e:\programfiler\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 307200]
"avgnt"="e:\programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Adobe Reader Speed Launcher"="e:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Malwarebytes Anti-Malware (reboot)"="e:\programfiler\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-22 1261200]
"RTHDCPL"="RTHDCPL.EXE" [2008-01-29 e:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
e:\documents and settings\Tommy Tommy\Start-meny\Programmer\Oppstart\
Adobe Gamma.lnk - e:\programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Client Default.lnk - e:\programfiler\Samurize\Client.exe [2007-04-07 2010624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"e:\\Programfiler\\MSN Messenger\\msnmsgr.exe"=
"e:\\Programfiler\\MSN Messenger\\livecall.exe"=
"e:\\Programfiler\\uTorrent\\uTorrent.exe"=
"e:\\Programfiler\\Steam\\steamapps\\nfkurple\\counter-strike source\\hl2.exe"=
"e:\\Programfiler\\Bonjour\\mDNSResponder.exe"=
"e:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"e:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"e:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"e:\\Programfiler\\Valve\\hl.exe"=
"e:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"=
"e:\\Documents and Settings\\Tommy Tommy\\Mine dokumenter\\Instalasjon filer\\Flatout 2\\installert\\FlatOut2.exe"=
"e:\\Programfiler\\DC++\\DCPlusPlus.exe"=
"e:\\Programfiler\\Steam\\Steam.exe"=
"e:\\Programfiler\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
R3 MBAMSwissArmy;MBAMSwissArmy;\??\e:\windows\system32\drivers\mbamswissarmy.sys [2008-11-24 38496]
*Newly Created Service* - MBAMSWISSARMY
*Newly Created Service* - PROCEXP90
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - e:\programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe
HKCU-Run-LightScribe Control Panel - e:\programfiler\Fellesfiler\LightScribe\LightScribeControlPanel.exe
HKLM-Run-NBKeyScan - e:\programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - e:\documents and settings\Tommy Tommy\Programdata\Mozilla\Firefox\Profiles\c2t26m88.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - nettavisen.no
FF -: plugin - e:\programfiler\Mozilla Firefox\plugins\np_gp.dll
FF -: plugin - e:\programfiler\Mozilla Firefox\plugins\NPAskSBr.dll
FF -: plugin - e:\programfiler\Opera\program\plugins\np_gp.dll
FF -: plugin - e:\programfiler\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-24 19:16:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(732)
e:\windows\system32\Ati2evxx.dll
e:\windows\system32\rsaenh.dll
- - - - - - - > 'lsass.exe'(788)
e:\windows\system32\msprivs.dll
e:\windows\system32\rsaenh.dll
.
Completion time: 2008-11-24 19:17:13
ComboFix-quarantined-files.txt 2008-11-24 18:17:03
Pre-Run: 109 396 946 944 byte ledig
Post-Run: 109,382,684,672 byte ledig
324 --- E O F --- 2008-11-13 11:54:12
Bruker
Gruppe: Medlemmer
Innlegg: 104
Ble medlem: 05/07-2008
Medlem nr.: 165725
Advarselsnivå: (0%) -----
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:31, on 24.11.08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe
E:\WINDOWS\Explorer.EXE
E:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
E:\Programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Programfiler\Steam\Steam.exe
E:\Programfiler\MSN Messenger\MsnMsgr.Exe
E:\Programfiler\Samurize\Client.exe
E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe
E:\Programfiler\Bonjour\mDNSResponder.exe
E:\WINDOWS\system32\CTsvcCDA.exe
E:\WINDOWS\system32\svchost.exe
E:\Programfiler\MSN Messenger\usnsvc.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Programfiler\Creative\Video Converter\CtConvU.exe
E:\PROGRA~1\Creative\SHARED~1\OpaQManU.exe
E:\Programfiler\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=1607
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - E:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - E:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Programfiler\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NBKeyScan] "E:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programfiler\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [CTCheck] E:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [LWBMOUSE] E:\Programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [startCCC] "E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "E:\Programfiler\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [steam] "E:\Programfiler\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "E:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] E:\Programfiler\Fellesfiler\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CTSyncU.exe] "E:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = E:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Client Default.lnk = E:\Programfiler\Samurize\Client.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Programfiler\Yahoo!\Common\yinsthelper.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - E:\Programfiler\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - E:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - E:\Programfiler\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - E:\Programfiler\Spyware Doctor\pctsSvc.exe
--
End of file - 7381 bytes
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:31, on 24.11.08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe
E:\WINDOWS\Explorer.EXE
E:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
E:\Programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Programfiler\Steam\Steam.exe
E:\Programfiler\MSN Messenger\MsnMsgr.Exe
E:\Programfiler\Samurize\Client.exe
E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe
E:\Programfiler\Bonjour\mDNSResponder.exe
E:\WINDOWS\system32\CTsvcCDA.exe
E:\WINDOWS\system32\svchost.exe
E:\Programfiler\MSN Messenger\usnsvc.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Programfiler\Creative\Video Converter\CtConvU.exe
E:\PROGRA~1\Creative\SHARED~1\OpaQManU.exe
E:\Programfiler\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=1607
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - E:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - E:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Programfiler\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - E:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NBKeyScan] "E:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programfiler\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [CTCheck] E:\Programfiler\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [LWBMOUSE] E:\Programfiler\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [startCCC] "E:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "E:\Programfiler\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [steam] "E:\Programfiler\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "E:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] E:\Programfiler\Fellesfiler\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CTSyncU.exe] "E:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = E:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Client Default.lnk = E:\Programfiler\Samurize\Client.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Programfiler\Yahoo!\Common\yinsthelper.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - E:\Programfiler\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - E:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - E:\Programfiler\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - E:\Programfiler\Spyware Doctor\pctsSvc.exe
--
End of file - 7381 bytes
Og hvor kan jeg laste ned combofix?
-
ban han over så vi blir ferdig med denne tråden!
-
hei, lurte på om noen viste om noe bra sted å lære selvforsvar. Har svart belte i teakwondo så, lurte på om et sted der de ikke har sånn belte opplegg?
-
politiet bør få doblet lønna si! og det fort!!
-
Noen som vet om en billig kontorstol, med nakkestøtte?
-
Hei, leste at man kunne bruke denne for å få amerikans ip adresse, sånn at man kan se filmer på hulu, men jeg lurte på om det bytter ipen min for altid? eller om det er bare og avisntallere programmet?
-
http://iris.idg.no/konkurranser/bilder/creative_zen.jpg
jeg har fått et støvkorn innen for skjermen, hvordan fjerner jeg den? er det mulig å sende den inn. Det er jævla irriterene å se på film med det støvkorne.
-
Hei, er 15 år og har mye jobberfaring og leter etter deltidsjobb, noen som har noe å tilby? kan sende cv og attester.
-
dere som har bestilt, si i fra så for som mulig, om dere får skjermen for 250 kr
-
hm.. da er det en feil da, men det kan jo ikke ta tilbake eller kreve penger. Betalt er betalt.!
-
betalt er betalt
-
hvis prisen er 250 kr i morra bestiller jeg
-
hm... du har jo betalt så... de kan jo ikke akuratt kreve mere penger
-
-
-
betyr det at man kan kjøpe den for 250 kr?
hvordan innstallere harddisk
i Lagringsmedier
Skrevet
jeg lurte på hvordan man installere en harddisk og hvordan man finner ut om harddisken passer til pcen?