TaZ Skrevet 21. desember 2008 Del Skrevet 21. desember 2008 (endret) Er plaget med popup (antivirus360) Anti-Malware Malwarebytes' Anti-Malware 1.31 Databaseversjon: 1528 Windows 5.1.2600 Service Pack 3 21.12.2008 15:29:27 mbam-log-2008-12-21 (15-29-27).txt Skanntype: Rask Skann Objekter skannet: 58484 Tid tilbakelagt: 3 minute(s), 21 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:42:03, on 21.12.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.17184) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\Programfiler\LogMeIn\x86\RaMaint.exe C:\Programfiler\LogMeIn\x86\LogMeIn.exe C:\Programfiler\LogMeIn\x86\LMIGuardian.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Trend Micro\RUBotted\TMRUBotted.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\svchost.exe D:\Garmin\VspStartup.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programfiler\LogMeIn\x86\LogMeInSystray.exe C:\Programfiler\Cobian Backup 9\Cobian.exe C:\Programfiler\LogMeIn\x86\LMIGuardian.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\Trend Micro\RUBotted\TMRUBottedTray.exe C:\Programfiler\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe C:\Programfiler\uTorrent\uTorrent.exe C:\Programfiler\Windows Media Player\WMPNSCFG.exe C:\Programfiler\Cobian Backup 9\cbInterface.exe C:\Programfiler\DAEMON Tools Lite\daemon.exe C:\Garmin\gStart.exe C:\Programfiler\Nokia\Nokia PC Suite 7\PCSync2.exe C:\Programfiler\Nokia\Nokia PC Suite 7\PCSuite.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\PC Connectivity Solution\ServiceLayer.exe C:\Programfiler\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Programfiler\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Programfiler\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Programfiler\Fellesfiler\Nokia\MPAPI\MPAPI3s.exe C:\Programfiler\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\Tom\Skrivebord\Ny mappe (3)\dilldall.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://nvidia.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = powersurfuk.com:80 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programfiler\FlashFXP\IEFlash.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programfiler\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Cobian Backup 9] "C:\Programfiler\Cobian Backup 9\Cobian.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TMRUBottedTray] "C:\Programfiler\Trend Micro\RUBotted\TMRUBottedTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [spyHunter Security Suite] C:\Programfiler\Enigma Software Group\SpyHunter\SpyHunter3.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [uTorrent] "C:\Programfiler\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Programfiler\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Programfiler\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programfiler\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://10.0.0.120/activex/AMC.cab O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} (DVM_IPCam2 Control) - http://www.bsti.com.tw:101/codebase/DVM_IPCam2.ocx O16 - DPF: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} (Pure Networks Security Scan) - http://scan.networkmagic.com/nmscan/downlo...-ship-WD.V1.cab O16 - DPF: {AA0FB75C-C50E-47B6-B7E0-3B9C3FAA8AC4} (CamImage Class) - http://10.0.0.4/Comm/IPCamControl.cab O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O17 - HKLM\System\CCS\Services\Tcpip\..\{8BF7CCB8-3918-4F2D-8FD2-D20270D36BE4}: NameServer = 10.0.0.254 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Programfiler\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Programfiler\LogMeIn\x86\LogMeIn.exe O23 - Service: NVIDIA-OMEGA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro RUBotted Service (RUBotted) - Trend Micro Inc. - C:\Programfiler\Trend Micro\RUBotted\TMRUBotted.exe O23 - Service: ServiceLayer - Nokia. - C:\Programfiler\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Virtual Serial Port (VspSer) - Unknown owner - D:\Garmin\VspStartup.exe -- End of file - 11145 bytes ComboFix ComboFix 08-12-20.05 - Tomja 2008-12-21 15:33:44.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.2046.971 [GMT 1:00] Kjører fra: c:\documents and settings\Tom\Skrivebord\ComboFix.exe * Opprettet nytt gjenopprettingspunkt . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Tom\Programdata\inst.exe c:\windows\Downloaded Program Files\setup.inf . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-21 til 2008-12-21 ))))))))))))))))))))))))))))))))) . 2008-12-21 15:23 . 2008-12-21 15:23 <DIR> d-------- c:\programfiler\Malwarebytes' Anti-Malware 2008-12-21 15:23 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-21 15:23 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-21 15:16 . 2008-12-21 15:16 <DIR> d-------- c:\programfiler\Enigma Software Group 2008-12-19 23:43 . 2008-12-19 23:43 <DIR> d-------- c:\programfiler\UTAC 2008-12-18 13:34 . 2008-12-01 07:39 102,664 --a------ c:\windows\system32\drivers\tmcomm.sys 2008-12-18 13:33 . 2008-12-18 13:33 <DIR> d-------- c:\programfiler\Alwil Software 2008-12-17 13:36 . 2008-12-17 13:36 <DIR> d-------- c:\programfiler\7-Zip 2008-12-17 12:56 . 2008-12-17 12:56 <DIR> d-------- c:\programfiler\TeamViewer 2008-12-13 10:34 . 2008-12-13 10:34 31 --a------ c:\documents and settings\Tom\jagex_runescape_preferences.dat 2008-12-13 10:33 . 2008-12-13 10:33 <DIR> d-------- c:\windows\.jagex_cache_32 2008-12-13 00:38 . 2008-12-15 19:22 <DIR> d-------- c:\programfiler\nLite 2008-12-09 16:27 . 2008-12-09 16:27 <DIR> d-------- c:\programfiler\Mozilla Firefox 3.1 Beta 2 2008-12-07 21:02 . 2008-04-13 11:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys 2008-12-07 21:02 . 2008-04-13 11:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys 2008-12-07 21:01 . 2008-12-07 21:02 <DIR> d-------- c:\documents and settings\Tom\Programdata\PC Suite 2008-12-07 21:01 . 2008-12-07 21:08 <DIR> d-------- c:\documents and settings\Tom\Programdata\Nokia 2008-12-07 21:01 . 2008-12-07 21:02 <DIR> d-------- c:\documents and settings\All Users\Programdata\PC Suite 2008-12-07 21:01 . 2008-12-07 21:01 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-12-07 21:01 . 2008-12-07 21:01 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\PC Connectivity Solution 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\Nokia 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\Fellesfiler\PCSuite 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\Fellesfiler\Nokia 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\DIFX 2008-12-07 21:00 . 2008-05-07 07:39 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll 2008-12-07 21:00 . 2008-05-07 07:38 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2008-12-07 21:00 . 2008-05-07 07:38 90,624 --a------ c:\windows\system32\nmwcdcls.dll 2008-12-07 21:00 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys 2008-12-07 21:00 . 2008-05-07 07:38 20,864 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2008-12-07 21:00 . 2008-05-07 07:38 17,536 --a------ c:\windows\system32\drivers\ccdcmb.sys 2008-12-07 21:00 . 2008-05-07 07:38 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2008-12-07 21:00 . 2008-06-06 09:24 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2008-12-07 19:18 . 2008-12-07 19:18 <DIR> d-------- c:\programfiler\Spotify 2008-12-07 19:18 . 2008-12-21 15:34 <DIR> d-------- c:\documents and settings\Tom\Programdata\Spotify 2008-12-07 16:21 . 2008-12-07 16:21 <DIR> d-------- c:\documents and settings\All Users\Programdata\Installations 2008-12-07 14:06 . 2008-10-02 12:48 4,042,752 --a------ C:\SeaToolsforWindows.exe 2008-12-07 12:43 . 2008-12-07 12:44 <DIR> d-------- c:\documents and settings\Tom\Programdata\ImgBurn 2008-12-07 12:27 . 2008-12-07 12:27 <DIR> d-------- c:\programfiler\ImgBurn 2008-12-01 18:27 . 2008-12-01 18:27 <DIR> d-------- c:\programfiler\Seagate 2008-12-01 18:26 . 2008-12-01 18:26 <DIR> d-------- c:\programfiler\Fellesfiler\Wise Installation Wizard 2008-11-30 21:13 . 2008-12-18 13:34 <DIR> d-------- c:\documents and settings\Tom\.housecall6.6 2008-11-28 21:35 . 2008-11-10 05:43 410,984 --a------ c:\windows\system32\deploytk.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-21 14:38 --------- d-----w c:\documents and settings\Tom\Programdata\uTorrent 2008-12-20 23:16 --------- d-----w c:\programfiler\LogMeIn 2008-12-17 11:56 --------- d-----w c:\documents and settings\Tom\Programdata\TeamViewer 2008-12-16 23:16 --------- d-----w c:\programfiler\FlashFXP 2008-12-10 20:11 --------- d-----w c:\documents and settings\Tom\Programdata\Vso 2008-12-10 19:19 --------- d-----w c:\programfiler\Java 2008-11-12 15:43 --------- d-----w c:\programfiler\Trend Micro 2008-11-12 15:34 --------- d--h--w c:\programfiler\InstallShield Installation Information 2008-11-10 23:44 --------- d---a-w c:\documents and settings\All Users\Programdata\TEMP 2008-11-10 20:49 --------- d-----w c:\programfiler\iTunes 2008-11-10 20:49 --------- d-----w c:\programfiler\iPod 2008-11-10 20:49 --------- d-----w c:\programfiler\Bonjour 2008-11-10 20:49 --------- d-----w c:\documents and settings\All Users\Programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-11-10 20:48 --------- d-----w c:\programfiler\QuickTime 2008-11-10 20:48 --------- d-----w c:\programfiler\Fellesfiler\Apple 2008-11-10 20:48 --------- d-----w c:\programfiler\Apple Software Update 2008-11-09 21:36 --------- d-----w c:\documents and settings\LocalService\Programdata\TeamViewer 2008-11-08 23:08 --------- d-----w c:\programfiler\SeaClear 2008-11-08 16:01 --------- d-----w c:\programfiler\Google 2008-11-05 17:43 --------- d-----w c:\documents and settings\Tom\Programdata\AdobeUM 2008-11-03 16:13 159,857 ----a-w c:\windows\IPCam Setup Uninstaller.exe 2008-11-03 16:13 --------- d-----w c:\programfiler\IPCam Setup 2008-11-03 15:48 --------- d-----w c:\documents and settings\All Users\Programdata\NCH Software 2008-11-03 15:47 --------- d-----w c:\programfiler\NCH Software 2008-11-03 15:47 --------- d-----w c:\documents and settings\Tom\Programdata\NCH Software 2008-11-02 16:54 --------- d-----w c:\documents and settings\Tom\Programdata\Red Alert 3 2008-11-02 16:38 --------- d--h--r c:\documents and settings\Tom\Programdata\SecuROM 2008-11-02 16:36 --------- d-----w c:\programfiler\COMODO 2008-11-02 16:36 --------- d-----w c:\documents and settings\Tom\Programdata\Comodo 2008-11-02 16:29 --------- d-----w c:\programfiler\Electronic Arts 2008-11-02 16:27 --------- d-----w c:\programfiler\DAEMON Tools Lite 2008-11-02 16:23 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-02 16:23 --------- d-----w c:\documents and settings\Tom\Programdata\DAEMON Tools 2008-11-02 16:18 --------- d-----w c:\programfiler\DAMN NFO Viewer 2008-10-29 15:17 --------- d-----w c:\programfiler\Smart Projects 2008-10-28 23:31 --------- d-----w c:\documents and settings\Tom\Programdata\GARMIN 2008-10-28 19:59 --------- d-----w c:\documents and settings\All Users\Programdata\GARMIN 2008-10-27 20:34 16,608 ----a-w c:\windows\gdrv.sys 2008-10-26 19:03 --------- d-----w c:\programfiler\Cobian Backup 9 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-15 20:47 65,296 ----a-w c:\windows\BricoPackUninst.cmd 2008-10-15 20:47 6,110 ----a-w c:\windows\BricoPackFoldersDelete.cmd 2008-02-26 19:17 47,360 ----a-w c:\documents and settings\Tom\Programdata\pcouffin.sys 2007-08-09 12:08 8,784 ----a-w c:\programfiler\mozilla firefox\plugins\ractrlkeyhook.dll 2007-08-09 12:10 245,408 ----a-w c:\programfiler\mozilla firefox\plugins\unicows.dll 2008-05-10 08:36 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\MSHist012008051020080511\index.dat . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "uTorrent"="c:\programfiler\uTorrent\uTorrent.exe" [2008-10-09 270128] "WMPNSCFG"="c:\programfiler\Windows Media Player\WMPNSCFG.exe" [2006-11-15 204288] "DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "gStart"="c:\garmin\gStart.exe" [2008-08-13 1891416] "Nokia.PCSync"="c:\programfiler\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280] "PC Suite Tray"="c:\programfiler\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-08-29 1966080] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920] "ISUSPM Startup"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856] "ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776] "LogMeIn GUI"="c:\programfiler\LogMeIn\x86\LogMeInSystray.exe" [2008-02-28 63048] "Cobian Backup 9"="c:\programfiler\Cobian Backup 9\Cobian.exe" [2008-04-07 579072] "QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2008-09-06 413696] "iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2008-10-01 289576] "TMRUBottedTray"="c:\programfiler\Trend Micro\RUBotted\TMRUBottedTray.exe" [2008-11-06 288088] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2008-11-10 136600] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "SpyHunter Security Suite"="c:\programfiler\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-10-08 864256] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl] "RTHDCPL"="RTHDCPL.EXE" [2007-10-16 c:\windows\RTHDCPL.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "SynchronousMachineGroupPolicy"= 1 (0x1) "SynchronousUserGroupPolicy"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoStrCmpLogical"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 0 (0x0) "MemCheckBoxInRunDlg"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoWelcomeScreen"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "ForceClassicControlPanel"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2008-10-17 18:38 87352 c:\windows\system32\LMIinit.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.CDVC"= cdvccodc.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\IncrediMail\\bin\\ImApp.exe"= "c:\\Programfiler\\IncrediMail\\bin\\IncMail.exe"= "c:\\Programfiler\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Programfiler\\uTorrent\\uTorrent.exe"= "c:\\Programfiler\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Programfiler\\Relook PCEditor\\PCEditor.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "c:\\Programfiler\\FlashFXP\\FlashFXP.exe"= "c:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-18 111184] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-04-25 97928] R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-12-18 20560] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-05 875288] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-05 231704] R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-04-25 76040] R2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\programfiler\LogMeIn\x86\RaInfo.sys [2008-02-28 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\LMIRfsDriver.sys [2008-08-30 47640] R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336] R2 RUBotted;Trend Micro RUBotted Service;"c:\programfiler\Trend Micro\RUBotted\TMRUBotted.exe" [2008-11-12 582992] R2 VirtualSerial;Garmin Spanner Virtual Serial Port Driver;c:\windows\system32\DRIVERS\VirtualSerial.sys [2006-08-15 105984] R2 VspSer;Virtual Serial Port;d:\garmin\VspStartup.exe [2006-08-15 196608] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088] R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys [2008-11-12 206608] S3 BackupReader;BackupReader;c:\windows\system32\DRIVERS\BackupReader.sys [2007-09-06 46368] S3 gwiopm;gwiopm;\??\c:\programfiler\Unknown Device Identifier\gwiopm.sys [] S3 ISSCSp50;ISSCSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\ISSCSp50.sys [2007-07-17 27072] S3 OMNUSB;Omnikey AG CardMan 2020 USB-smartkortleser;c:\windows\system32\DRIVERS\sccmusbm.sys [2008-04-16 23936] S3 PsSdk30;PsSdk30;\??\c:\windows\system32\Drivers\PsSdk30.drv [] S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\DRIVERS\TMPassthru.sys [2008-11-12 206608] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2008-02-15 32000] S3 VESTAUSB;VESTAUSB.Sys VESTAUSB Bulk IO driver;c:\windows\system32\Drivers\VESTAUSB.sys [2007-12-23 12928] S4 LMIRfsClientNP;LMIRfsClientNP; [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{843c23d0-acee-11dc-8208-001060adb01f}] \Shell\AutoRun\command - g:\programs\nu2menu\nu2menu.exe . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-EmsaBandwidthMonitor - (no file) Notify-WgaLogon - (no file) . ------- Tilleggsskanning ------- . uStart Page = uInternet Connection Wizard,ShellNext = hxxp://nvidia.com/ uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = powersurfuk.com:80 TCP: {8BF7CCB8-3918-4F2D-8FD2-D20270D36BE4} = 10.0.0.254 O16 -: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://10.0.0.120/activex/AMC.cab c:\windows\Downloaded Program Files\setup.inf c:\windows\Downloaded Program Files\DVM_IPCam2.ocx - O16 -: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://www.bsti.com.tw:101/codebase/DVM_IPCam2.ocx c:\windows\Downloaded Program Files\CONFLICT.1\unicows.dll - c:\windows\Downloaded Program Files\CONFLICT.1\webdiag.dll O16 -: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} hxxp://scan.networkmagic.com/nmscan/download/WebDiag.4.5.8056.1-ship-WD.V1.cab c:\windows\Downloaded Program Files\CONFLICT.1\webdiag.inf c:\windows\Downloaded Program Files\ISSCCamControl.dll - O16 -: {AA0FB75C-C50E-47B6-B7E0-3B9C3FAA8AC4} hxxp://10.0.0.4/Comm/IPCamControl.cab c:\windows\Downloaded Program Files\ISSCCamControl.inf c:\windows\Downloaded Program Files\Microsoft.Live.Folders.RichUpload.dll - O16 -: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} hxxps://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/etc/Microsoft.Live.Folders.RichUpload.cab c:\windows\Downloaded Program Files\Microsoft.Live.Folders.RichUpload.inf c:\windows\Downloaded Program Files\FileOpenInstall.dll - O16 -: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} hxxp://plugin.fileopen.com/current/FileOpen.CAB c:\windows\Downloaded Program Files\FileOpenInstall.OSD FF - ProfilePath - c:\documents and settings\Tom\Programdata\Mozilla\Firefox\Profiles\zflp80gj.default\ FF - prefs.js: browser.startup.homepage - hxxp://vg.no/ FF - component: c:\documents and settings\Tom\Programdata\Mozilla\Firefox\Profiles\zflp80gj.default\extensions\[email protected]\components\BkMrkExt.dll FF - plugin: c:\documents and settings\Tom\Programdata\Mozilla\Firefox\Profiles\zflp80gj.default\extensions\[email protected]\plugins\npRACtrl.dll FF - plugin: c:\program files\Garmin GPS Plugin\npGarmin.dll FF - plugin: c:\programfiler\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\programfiler\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\np32dsw.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npdeploytk.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npdivx32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npLegitCheckPlugin.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npnul32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nppdf32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nppl3260.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin2.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin3.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin4.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin5.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin6.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin7.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npRACtrl.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nprpjplug.dll FF - plugin: c:\programfiler\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-21 15:37:10 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdk30] "ImagePath"="\??\c:\windows\system32\Drivers\PsSdk30.drv" . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(1832) c:\windows\system32\LMIinit.dll c:\windows\system32\LMIRfsClientNP.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\programfiler\Alwil Software\Avast4\aswUpdSv.exe c:\programfiler\Alwil Software\Avast4\ashServ.exe c:\windows\system32\BRSS01A.EXE c:\windows\system32\scardsvr.exe c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\programfiler\Bonjour\mDNSResponder.exe c:\programfiler\Java\jre6\bin\jqs.exe c:\programfiler\LogMeIn\x86\ramaint.exe c:\programfiler\LogMeIn\x86\LogMeIn.exe c:\programfiler\LogMeIn\x86\LMIGuardian.exe c:\windows\system32\nvsvc32.exe c:\programfiler\AVG\AVG8\avgrsx.exe c:\programfiler\Windows Media Player\wmpnetwk.exe c:\programfiler\Alwil Software\Avast4\ashMaiSv.exe c:\programfiler\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\programfiler\LogMeIn\x86\LMIGuardian.exe c:\programfiler\Cobian Backup 9\cbInterface.exe c:\programfiler\iPod\bin\iPodService.exe c:\programfiler\PC Connectivity Solution\ServiceLayer.exe c:\programfiler\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\programfiler\PC Connectivity Solution\Transports\NclRSSrv.exe c:\programfiler\PC Connectivity Solution\Transports\NclMSBTSrv.exe c:\programfiler\Fellesfiler\Nokia\MPAPI\MPAPI3s.exe c:\programfiler\Windows Live\Messenger\usnsvc.exe . ************************************************************************** . Tidspunkt ferdig: 2008-12-21 15:40:16 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2008-12-21 14:40:12 Pre-Run: 56 188 649 472 byte ledig Post-Run: 56,937,746,432 byte ledig WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 317 --- E O F --- 2008-12-12 17:08:01 Endret 21. desember 2008 av taz Lenke til kommentar
raWrz Skrevet 21. desember 2008 Del Skrevet 21. desember 2008 Trykk Start - Alle Programmer - Tilbehør - Notisblokk Kopier og Lim inn teksten i kodeboksen nedenfor, inn i Notisblokken: File:: c:\windows\gdrv.sys Driver:: PsSdk30 Lagre det som CFScript på Skrivebordet Dra CFScript over ComboFix.exe som ligger på Skrivebordet, slik animasjonen nedenfor viser. Dette vil starte ComboFix igjen. Hvis maskinen ber om en omstart, lar du den gjøre det med én gang. Post innholdet til ComboFix.txt inn i ditt neste svar på forumet. __________ du har 2 antivirus programmer innstalert: Avast 4 AVG 8 avinnstaler et av dem Lenke til kommentar
TaZ Skrevet 21. desember 2008 Forfatter Del Skrevet 21. desember 2008 Takker for hjelpen ComboFix 08-12-20.05 - Tomja 2008-12-21 17:16:21.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.2046.1169 [GMT 1:00] Kjører fra: c:\documents and settings\Tom\Skrivebord\ComboFix.exe Command switches brukt :: c:\documents and settings\Tom\Skrivebord\CFScript .txt * Opprettet nytt gjenopprettingspunkt FILE :: c:\windows\gdrv.sys . Følgende filer ble deaktivert: c:\programfiler\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\gdrv.sys . ((((((((((((((((((((((((((((((((((((((( Drivere/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_PSSDK30 -------\Service_PsSdk30 ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-21 til 2008-12-21 ))))))))))))))))))))))))))))))))) . 2008-12-21 15:23 . 2008-12-21 15:23 <DIR> d-------- c:\programfiler\Malwarebytes' Anti-Malware 2008-12-21 15:23 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-21 15:23 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-21 15:16 . 2008-12-21 15:16 <DIR> d-------- c:\programfiler\Enigma Software Group 2008-12-19 23:43 . 2008-12-19 23:43 <DIR> d-------- c:\programfiler\UTAC 2008-12-18 13:34 . 2008-12-01 07:39 102,664 --a------ c:\windows\system32\drivers\tmcomm.sys 2008-12-18 13:33 . 2008-12-18 13:33 <DIR> d-------- c:\programfiler\Alwil Software 2008-12-17 13:36 . 2008-12-17 13:36 <DIR> d-------- c:\programfiler\7-Zip 2008-12-17 12:56 . 2008-12-17 12:56 <DIR> d-------- c:\programfiler\TeamViewer 2008-12-13 10:34 . 2008-12-13 10:34 31 --a------ c:\documents and settings\Tom\jagex_runescape_preferences.dat 2008-12-13 10:33 . 2008-12-13 10:33 <DIR> d-------- c:\windows\.jagex_cache_32 2008-12-13 00:38 . 2008-12-15 19:22 <DIR> d-------- c:\programfiler\nLite 2008-12-09 16:27 . 2008-12-09 16:27 <DIR> d-------- c:\programfiler\Mozilla Firefox 3.1 Beta 2 2008-12-07 21:02 . 2008-04-13 11:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys 2008-12-07 21:02 . 2008-04-13 11:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys 2008-12-07 21:01 . 2008-12-07 21:02 <DIR> d-------- c:\documents and settings\Tom\Programdata\PC Suite 2008-12-07 21:01 . 2008-12-07 21:08 <DIR> d-------- c:\documents and settings\Tom\Programdata\Nokia 2008-12-07 21:01 . 2008-12-07 21:02 <DIR> d-------- c:\documents and settings\All Users\Programdata\PC Suite 2008-12-07 21:01 . 2008-12-07 21:01 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-12-07 21:01 . 2008-12-07 21:01 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\PC Connectivity Solution 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\Nokia 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\Fellesfiler\PCSuite 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\Fellesfiler\Nokia 2008-12-07 21:00 . 2008-12-07 21:00 <DIR> d-------- c:\programfiler\DIFX 2008-12-07 21:00 . 2008-05-07 07:39 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll 2008-12-07 21:00 . 2008-05-07 07:38 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2008-12-07 21:00 . 2008-05-07 07:38 90,624 --a------ c:\windows\system32\nmwcdcls.dll 2008-12-07 21:00 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys 2008-12-07 21:00 . 2008-05-07 07:38 20,864 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2008-12-07 21:00 . 2008-05-07 07:38 17,536 --a------ c:\windows\system32\drivers\ccdcmb.sys 2008-12-07 21:00 . 2008-05-07 07:38 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2008-12-07 21:00 . 2008-06-06 09:24 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2008-12-07 19:18 . 2008-12-07 19:18 <DIR> d-------- c:\programfiler\Spotify 2008-12-07 19:18 . 2008-12-21 15:34 <DIR> d-------- c:\documents and settings\Tom\Programdata\Spotify 2008-12-07 16:21 . 2008-12-07 16:21 <DIR> d-------- c:\documents and settings\All Users\Programdata\Installations 2008-12-07 14:06 . 2008-10-02 12:48 4,042,752 --a------ C:\SeaToolsforWindows.exe 2008-12-07 12:43 . 2008-12-07 12:44 <DIR> d-------- c:\documents and settings\Tom\Programdata\ImgBurn 2008-12-07 12:27 . 2008-12-07 12:27 <DIR> d-------- c:\programfiler\ImgBurn 2008-12-01 18:27 . 2008-12-01 18:27 <DIR> d-------- c:\programfiler\Seagate 2008-12-01 18:26 . 2008-12-01 18:26 <DIR> d-------- c:\programfiler\Fellesfiler\Wise Installation Wizard 2008-11-30 21:13 . 2008-12-18 13:34 <DIR> d-------- c:\documents and settings\Tom\.housecall6.6 2008-11-28 21:35 . 2008-11-10 05:43 410,984 --a------ c:\windows\system32\deploytk.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-21 16:17 --------- d-----w c:\documents and settings\Tom\Programdata\uTorrent 2008-12-21 16:13 --------- d-----w c:\documents and settings\All Users\Programdata\avg8 2008-12-21 16:11 --------- d--h--w c:\programfiler\InstallShield Installation Information 2008-12-21 16:11 --------- d-----w c:\programfiler\Trend Micro 2008-12-20 23:16 --------- d-----w c:\programfiler\LogMeIn 2008-12-17 11:56 --------- d-----w c:\documents and settings\Tom\Programdata\TeamViewer 2008-12-16 23:16 --------- d-----w c:\programfiler\FlashFXP 2008-12-10 20:11 --------- d-----w c:\documents and settings\Tom\Programdata\Vso 2008-12-10 19:19 --------- d-----w c:\programfiler\Java 2008-11-10 23:44 --------- d---a-w c:\documents and settings\All Users\Programdata\TEMP 2008-11-10 20:49 --------- d-----w c:\programfiler\iTunes 2008-11-10 20:49 --------- d-----w c:\programfiler\iPod 2008-11-10 20:49 --------- d-----w c:\documents and settings\All Users\Programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-11-10 20:48 --------- d-----w c:\programfiler\QuickTime 2008-11-10 20:48 --------- d-----w c:\programfiler\Fellesfiler\Apple 2008-11-10 20:48 --------- d-----w c:\programfiler\Apple Software Update 2008-11-09 21:36 --------- d-----w c:\documents and settings\LocalService\Programdata\TeamViewer 2008-11-08 23:08 --------- d-----w c:\programfiler\SeaClear 2008-11-08 16:01 --------- d-----w c:\programfiler\Google 2008-11-05 17:43 --------- d-----w c:\documents and settings\Tom\Programdata\AdobeUM 2008-11-03 16:13 159,857 ----a-w c:\windows\IPCam Setup Uninstaller.exe 2008-11-03 16:13 --------- d-----w c:\programfiler\IPCam Setup 2008-11-03 15:48 --------- d-----w c:\documents and settings\All Users\Programdata\NCH Software 2008-11-03 15:47 --------- d-----w c:\programfiler\NCH Software 2008-11-03 15:47 --------- d-----w c:\documents and settings\Tom\Programdata\NCH Software 2008-11-02 16:54 --------- d-----w c:\documents and settings\Tom\Programdata\Red Alert 3 2008-11-02 16:38 --------- d--h--r c:\documents and settings\Tom\Programdata\SecuROM 2008-11-02 16:36 --------- d-----w c:\programfiler\COMODO 2008-11-02 16:36 --------- d-----w c:\documents and settings\Tom\Programdata\Comodo 2008-11-02 16:29 --------- d-----w c:\programfiler\Electronic Arts 2008-11-02 16:27 --------- d-----w c:\programfiler\DAEMON Tools Lite 2008-11-02 16:23 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-02 16:23 --------- d-----w c:\documents and settings\Tom\Programdata\DAEMON Tools 2008-11-02 16:18 --------- d-----w c:\programfiler\DAMN NFO Viewer 2008-10-29 15:17 --------- d-----w c:\programfiler\Smart Projects 2008-10-28 23:31 --------- d-----w c:\documents and settings\Tom\Programdata\GARMIN 2008-10-28 19:59 --------- d-----w c:\documents and settings\All Users\Programdata\GARMIN 2008-10-26 19:03 --------- d-----w c:\programfiler\Cobian Backup 9 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-15 20:47 65,296 ----a-w c:\windows\BricoPackUninst.cmd 2008-10-15 20:47 6,110 ----a-w c:\windows\BricoPackFoldersDelete.cmd 2008-02-26 19:17 47,360 ----a-w c:\documents and settings\Tom\Programdata\pcouffin.sys 2007-08-09 12:08 8,784 ----a-w c:\programfiler\mozilla firefox\plugins\ractrlkeyhook.dll 2007-08-09 12:10 245,408 ----a-w c:\programfiler\mozilla firefox\plugins\unicows.dll 2008-05-10 08:36 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\MSHist012008051020080511\index.dat . ((((((((((((((((((((((((((((( snapshot@2008-12-21_15.39.53.39 ))))))))))))))))))))))))))))))))))))))))) . - 2008-12-10 19:19:31 59,916 ----a-w c:\windows\system32\perfc009.dat + 2008-12-21 16:17:44 59,780 ----a-w c:\windows\system32\perfc009.dat - 2008-12-10 19:19:31 68,264 ----a-w c:\windows\system32\perfc014.dat + 2008-12-21 16:17:44 68,074 ----a-w c:\windows\system32\perfc014.dat - 2008-12-10 19:19:31 397,696 ----a-w c:\windows\system32\perfh009.dat + 2008-12-21 16:17:44 397,560 ----a-w c:\windows\system32\perfh009.dat - 2008-12-10 19:19:31 402,086 ----a-w c:\windows\system32\perfh014.dat + 2008-12-21 16:17:44 401,778 ----a-w c:\windows\system32\perfh014.dat + 2008-12-21 16:19:08 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_2f8.dat + 2008-12-21 16:18:52 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7dc.dat . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "uTorrent"="c:\programfiler\uTorrent\uTorrent.exe" [2008-10-09 270128] "WMPNSCFG"="c:\programfiler\Windows Media Player\WMPNSCFG.exe" [2006-11-15 204288] "DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "gStart"="c:\garmin\gStart.exe" [2008-08-13 1891416] "Nokia.PCSync"="c:\programfiler\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280] "PC Suite Tray"="c:\programfiler\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-08-29 1966080] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920] "ISUSPM Startup"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856] "ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776] "LogMeIn GUI"="c:\programfiler\LogMeIn\x86\LogMeInSystray.exe" [2008-02-28 63048] "Cobian Backup 9"="c:\programfiler\Cobian Backup 9\Cobian.exe" [2008-04-07 579072] "QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2008-09-06 413696] "iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2008-10-01 289576] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2008-11-10 136600] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl] "RTHDCPL"="RTHDCPL.EXE" [2007-10-16 c:\windows\RTHDCPL.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "SynchronousMachineGroupPolicy"= 1 (0x1) "SynchronousUserGroupPolicy"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoStrCmpLogical"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 0 (0x0) "MemCheckBoxInRunDlg"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoWelcomeScreen"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "ForceClassicControlPanel"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2008-10-17 18:38 87352 c:\windows\system32\LMIinit.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.CDVC"= cdvccodc.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\IncrediMail\\bin\\ImApp.exe"= "c:\\Programfiler\\IncrediMail\\bin\\IncMail.exe"= "c:\\Programfiler\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Programfiler\\uTorrent\\uTorrent.exe"= "c:\\Programfiler\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Programfiler\\Relook PCEditor\\PCEditor.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "c:\\Programfiler\\FlashFXP\\FlashFXP.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-18 111184] R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-12-18 20560] R2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\programfiler\LogMeIn\x86\RaInfo.sys [2008-02-28 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\LMIRfsDriver.sys [2008-08-30 47640] R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336] R2 VirtualSerial;Garmin Spanner Virtual Serial Port Driver;c:\windows\system32\DRIVERS\VirtualSerial.sys [2006-08-15 105984] R2 VspSer;Virtual Serial Port;d:\garmin\VspStartup.exe [2006-08-15 196608] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088] S3 BackupReader;BackupReader;c:\windows\system32\DRIVERS\BackupReader.sys [2007-09-06 46368] S3 gwiopm;gwiopm;\??\c:\programfiler\Unknown Device Identifier\gwiopm.sys [] S3 ISSCSp50;ISSCSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\ISSCSp50.sys [2007-07-17 27072] S3 OMNUSB;Omnikey AG CardMan 2020 USB-smartkortleser;c:\windows\system32\DRIVERS\sccmusbm.sys [2008-04-16 23936] S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys [] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2008-02-15 32000] S3 VESTAUSB;VESTAUSB.Sys VESTAUSB Bulk IO driver;c:\windows\system32\Drivers\VESTAUSB.sys [2007-12-23 12928] S4 LMIRfsClientNP;LMIRfsClientNP; [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{843c23d0-acee-11dc-8208-001060adb01f}] \Shell\AutoRun\command - g:\programs\nu2menu\nu2menu.exe . . ------- Tilleggsskanning ------- . uStart Page = uInternet Connection Wizard,ShellNext = hxxp://nvidia.com/ uInternet Settings,ProxyServer = powersurfuk.com:80 TCP: {8BF7CCB8-3918-4F2D-8FD2-D20270D36BE4} = 10.0.0.254 O16 -: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://10.0.0.120/activex/AMC.cab c:\windows\Downloaded Program Files\setup.inf c:\windows\Downloaded Program Files\DVM_IPCam2.ocx - O16 -: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://www.bsti.com.tw:101/codebase/DVM_IPCam2.ocx c:\windows\Downloaded Program Files\CONFLICT.1\unicows.dll - c:\windows\Downloaded Program Files\CONFLICT.1\webdiag.dll O16 -: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} hxxp://scan.networkmagic.com/nmscan/download/WebDiag.4.5.8056.1-ship-WD.V1.cab c:\windows\Downloaded Program Files\CONFLICT.1\webdiag.inf c:\windows\Downloaded Program Files\ISSCCamControl.dll - O16 -: {AA0FB75C-C50E-47B6-B7E0-3B9C3FAA8AC4} hxxp://10.0.0.4/Comm/IPCamControl.cab c:\windows\Downloaded Program Files\ISSCCamControl.inf c:\windows\Downloaded Program Files\Microsoft.Live.Folders.RichUpload.dll - O16 -: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} hxxps://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/etc/Microsoft.Live.Folders.RichUpload.cab c:\windows\Downloaded Program Files\Microsoft.Live.Folders.RichUpload.inf c:\windows\Downloaded Program Files\FileOpenInstall.dll - O16 -: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} hxxp://plugin.fileopen.com/current/FileOpen.CAB c:\windows\Downloaded Program Files\FileOpenInstall.OSD FF - ProfilePath - c:\documents and settings\Tom\Programdata\Mozilla\Firefox\Profiles\zflp80gj.default\ FF - prefs.js: browser.startup.homepage - hxxp://vg.no/ FF - component: c:\documents and settings\Tom\Programdata\Mozilla\Firefox\Profiles\zflp80gj.default\extensions\[email protected]\components\BkMrkExt.dll FF - plugin: c:\documents and settings\Tom\Programdata\Mozilla\Firefox\Profiles\zflp80gj.default\extensions\[email protected]\plugins\npRACtrl.dll FF - plugin: c:\program files\Garmin GPS Plugin\npGarmin.dll FF - plugin: c:\programfiler\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\programfiler\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\np32dsw.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npdeploytk.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npdivx32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npLegitCheckPlugin.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npnul32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nppdf32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nppl3260.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin2.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin3.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin4.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin5.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin6.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npqtplugin7.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npRACtrl.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nprpjplug.dll FF - plugin: c:\programfiler\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-21 17:20:45 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(1192) c:\windows\system32\LMIinit.dll c:\windows\system32\LMIRfsClientNP.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\programfiler\Alwil Software\Avast4\aswUpdSv.exe c:\programfiler\Alwil Software\Avast4\ashServ.exe c:\windows\system32\BRSS01A.EXE c:\windows\system32\scardsvr.exe c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\programfiler\Java\jre6\bin\jqs.exe c:\programfiler\LogMeIn\x86\ramaint.exe c:\programfiler\LogMeIn\x86\LogMeIn.exe c:\programfiler\LogMeIn\x86\LMIGuardian.exe c:\windows\system32\nvsvc32.exe c:\programfiler\Windows Media Player\wmpnetwk.exe c:\programfiler\Alwil Software\Avast4\ashMaiSv.exe c:\programfiler\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\programfiler\LogMeIn\x86\LMIGuardian.exe c:\programfiler\Cobian Backup 9\cbInterface.exe c:\programfiler\iPod\bin\iPodService.exe c:\programfiler\PC Connectivity Solution\ServiceLayer.exe c:\programfiler\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\programfiler\PC Connectivity Solution\Transports\NclRSSrv.exe c:\programfiler\PC Connectivity Solution\Transports\NclMSBTSrv.exe c:\programfiler\Fellesfiler\Nokia\MPAPI\MPAPI3s.exe c:\programfiler\Windows Live\Messenger\usnsvc.exe . ************************************************************************** . Tidspunkt ferdig: 2008-12-21 17:23:07 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2008-12-21 16:23:05 ComboFix2.txt 2008-12-21 14:40:18 Pre-Run: 57 065 238 528 byte ledig Post-Run: 57,104,117,760 byte ledig 310 --- E O F --- 2008-12-12 17:08:01 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå