Colamann Skrevet 2. januar 2009 Del Skrevet 2. januar 2009 Hei. Har problem med virus/spyware på pc'en. Problemet oppstod for 3 dager siden da jeg started Mozilla Firefox og det kom opp en slik poppup hvor det stod noe slikt: "Your internet has dedected spyware/virus on you computer. Do you wish to preform a system scan?" da trykket jeg på cancel, men allikevel kom det opp en slags scan process bar(i firefox) som lignet på noe falsk windows scanning opplegg. Etter det så prøvde jeg å lukke firefox, men skaden ser ut til å være gjort. Av og til når jeg åpner firefox så kommer det poppups med slike "Madame spådame spår fremtiden din. Send sms til (1933?) og tast 333" etc. Og av og til begynner firefox å spille lydspor selv om jeg ikke har noen poppups oppe og den eneste siden jeg er inne på er f.eks startsiden.no. I tillegg går pc'en 50% seinere. Etter dette kjørte jeg naturligvis utallige spyware og virus scans. Med "avast" "adaware" "spybot" "ccleaner". Og jeg fikk fjernet noe, men det er fortsatt noen problemer igjen. Når jeg scanner med avast får jeg opp noen slike meldinger: Virus was found! File name "C:\SYSTEM VOLUME INFORMATION\_RESTORE{81E86577-A7BD-4DE7-B115-AF8BFFC261A9}\RP383\A0045704.DLL" Malware name: Win32:Trojan-gen {Other} Malware type: Virus/Worm VPS version: 090101-0,01.01.2009 Recommended action: Move to chest. Da trykker jeg "Move to chest" så: avast!: Prossessen får ikke tilgang til filen fordi den brukes av en annen prosess Cannot process "C:\SYSTEM VOLUME INFORMATION\_RESTORE{81E86577-A7BD-4DE7-B115-AF8BFFC261A9}\RP383\A0045704.DLL" file. Og når jeg kjører spybot: spyware found. "Microsoft.windowssecuritycenter.firewallbypass" og "Virtunmonde.prx" Akkurat denne gangen kom ikke "Microsoft.windowssecuritycenter.firewallbypass" opp. Da trykker jeg "fix all problems", men tar jeg en ny scan kommer det samme spywaret opp på ny. Som dere sikkert kan se så trenger jeg en del hjelp. Har ikke så mye kunnskaper innen dette området, så hadde vært fint om svar ikke inneholder for mye forkortelser og andre slike ting som er en selvfølge for noen, men totalt ??? for andre. Lenke til kommentar
gjeewaytee Skrevet 2. januar 2009 Del Skrevet 2. januar 2009 http://itpro.no/sections.php?op=viewarticle&artid=205 Lenke til kommentar
raWrz Skrevet 2. januar 2009 Del Skrevet 2. januar 2009 kjør igjennom veiledningen som er linket øverst i signaturen min også skal du få hjelp Lenke til kommentar
Colamann Skrevet 7. januar 2009 Forfatter Del Skrevet 7. januar 2009 kjør igjennom veiledningen som er linket øverst i signaturen min også skal du få hjelp Hei. Jeg postet svar med logs fra de programmene som veiledningen din ba meg kjøre i samme tråd som veiledningen, men poster det bare her og for sikkerhets skyld. MBAM: Malwarebytes' Anti-Malware 1.32 Databaseversjon: 1625 Windows 5.1.2600 Service Pack 2 07.01.2009 05:24:01 mbam-log-2009-01-07 (05-24-01).txt Skanntype: Rask Skann Objekter skannet: 48921 Tid tilbakelagt: 3 minute(s), 17 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 3 Registerverdier infisert: 1 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 1 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e20388a0-577d-48c0-a0b9-eca80fe51f1b} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e20388a0-577d-48c0-a0b9-eca80fe51f1b} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. Registerverdier infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gupebakoyi (Trojan.Vundo.H) -> Quarantined and deleted successfully. Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: C:\WINDOWS\system32\matiyefu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. Combofix: ComboFix 09-01-05.05 - User 2009-01-07 5:29:22.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.2046.1235 [GMT 1:00] Kjører fra: c:\documents and settings\User\Skrivebord\ComboFix.exe * Opprettet nytt gjenopprettingspunkt ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\User\Programdata\.# c:\windows\system32\adanudum.ini c:\windows\system32\adeloyiv.ini c:\windows\system32\dumphive.exe c:\windows\system32\ebefufer.ini c:\windows\system32\IEDFix.exe c:\windows\system32\orafewep.ini c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\uberilid.ini c:\windows\system32\ujuhelet.ini c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe H:\Autorun.inf ----- BITS: Mulige infiserte sider ----- hxxp://77.74.48.101 hxxp://77.74.48.105 . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-12-07 til 2009-01-07 ))))))))))))))))))))))))))))))))) . 2009-01-07 05:19 . 2009-01-07 05:19 <DIR> d-------- c:\programfiler\Malwarebytes' Anti-Malware 2009-01-07 05:19 . 2009-01-07 05:19 <DIR> d-------- c:\documents and settings\User\Programdata\Malwarebytes 2009-01-07 05:19 . 2009-01-07 05:19 <DIR> d-------- c:\documents and settings\All Users\Programdata\Malwarebytes 2009-01-07 05:19 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-07 05:19 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-04 15:14 . 2009-01-04 15:24 296 --a------ c:\windows\hex.ini 2009-01-04 15:09 . 2009-01-04 15:09 <DIR> d-------- c:\windows\ShellNew 2009-01-04 15:09 . 2009-01-04 15:09 <DIR> d-------- c:\programfiler\AutoIt3 2009-01-03 22:23 . 2009-01-03 22:23 2,710 ---hs---- c:\windows\system32\redivipo.exe 2009-01-03 04:21 . 2009-01-03 04:21 2,710 ---hs---- c:\windows\system32\pepimude.exe 2009-01-02 16:20 . 2009-01-02 16:20 5,376 --a------ c:\windows\system32\drivers\MS1000.sys 2009-01-02 16:19 . 2009-01-02 16:20 <DIR> d-------- c:\programfiler\The Cleaner Demo 2009-01-02 14:14 . 2009-01-02 14:14 <DIR> d-------- c:\programfiler\SUPERAntiSpyware 2009-01-02 14:14 . 2009-01-02 14:14 <DIR> d-------- c:\documents and settings\User\Programdata\SUPERAntiSpyware.com 2009-01-02 14:14 . 2009-01-02 14:14 <DIR> d-------- c:\documents and settings\All Users\Programdata\SUPERAntiSpyware.com 2009-01-02 13:34 . 2009-01-02 13:34 <DIR> d-------- c:\windows\system32\ZoneLabs 2009-01-02 13:34 . 2009-01-02 13:34 <DIR> d-------- c:\programfiler\Zone Labs 2009-01-02 13:34 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll 2009-01-02 13:34 . 2009-01-07 05:33 348,371 --a------ c:\windows\system32\vsconfig.xml 2009-01-02 13:34 . 2009-01-02 13:34 4,212 --ah----- c:\windows\system32\zllictbl.dat 2009-01-02 13:32 . 2009-01-07 05:33 <DIR> d-------- c:\windows\Internet Logs 2009-01-02 10:18 . 2009-01-02 10:18 2,710 ---hs---- c:\windows\system32\biwomagu.dll 2009-01-01 22:18 . 2009-01-01 22:18 2,710 ---hs---- c:\windows\system32\perapehu.dll 2009-01-01 10:18 . 2009-01-01 10:18 2,710 ---hs---- c:\windows\system32\tofuropi.dll 2008-12-31 14:29 . 2008-12-31 14:29 211 --a------ c:\windows\wininit.ini 2008-12-31 13:55 . 2009-01-07 05:25 <DIR> dr-h----- c:\documents and settings\User\Siste 2008-12-31 10:18 . 2008-12-31 10:18 2,710 ---hs---- c:\windows\system32\tesutefa.dll 2008-12-31 10:18 . 2008-12-31 10:18 2,710 ---hs---- c:\windows\system32\hewevahu.dll 2008-12-31 10:18 . 2008-12-31 10:18 2,710 ---hs---- c:\windows\system32\gerivaya.dll 2008-12-31 10:01 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe 2008-12-30 22:17 . 2008-12-30 22:17 2,710 ---hs---- c:\windows\system32\zofowoda.dll 2008-12-30 22:17 . 2008-12-30 22:17 2,710 ---hs---- c:\windows\system32\tigogitu.dll 2008-12-30 22:17 . 2008-12-30 22:17 2,710 ---hs---- c:\windows\system32\juteruno.dll 2008-12-30 14:30 . 2008-12-30 14:30 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-26 15:20 . 2008-12-26 15:29 <DIR> d-------- c:\programfiler\Incomplete 2008-12-17 05:30 . 2008-12-17 05:30 <DIR> d-------- c:\programfiler\Tortun . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-07 04:34 --------- d-----w c:\documents and settings\User\Programdata\uTorrent 2009-01-07 04:30 --------- d-----w c:\programfiler\DC++ 2009-01-07 04:21 --------- d-----w c:\documents and settings\User\Programdata\SiteAdvisor 2009-01-02 13:13 --------- d-----w c:\programfiler\Fellesfiler\Wise Installation Wizard 2009-01-02 13:11 --------- d-----w c:\programfiler\Microsoft ActiveSync 2008-12-31 13:06 --------- d-----w c:\documents and settings\All Users\Programdata\Spybot - Search & Destroy 2008-12-30 13:30 --------- d-----w c:\programfiler\Java 2008-12-28 08:20 --------- d-----w c:\programfiler\Lavasoft 2008-12-26 14:23 --------- d-----w c:\programfiler\LimeWire 2008-12-10 01:18 --------- d-----w c:\programfiler\Steam 2008-12-09 03:20 --------- d-----w c:\documents and settings\User\Programdata\Skype 2008-12-08 23:08 --------- d-----w c:\documents and settings\User\Programdata\skypePM 2008-12-05 20:15 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-11-16 20:39 --------- d-----w c:\documents and settings\User\Programdata\dvdcss 2008-11-12 18:24 --------- d-----w c:\programfiler\Spybot - Search & Destroy 2008-11-09 21:16 --------- d-----w c:\programfiler\Video Strip Poker 2008-11-09 14:47 --------- d---a-w c:\documents and settings\All Users\Programdata\TEMP 2008-11-07 20:51 --------- d-----w c:\programfiler\Real Alternative 2008-10-27 09:54 901,120 ----a-w c:\windows\TMUninst.exe . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360] "NVIDIA nTune"="c:\programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 81920] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" [2005-09-08 94208] "µTorrent"="c:\documents and settings\User\Skrivebord\utorrent.exe" [2007-09-24 177152] "MSMSGS"="c:\programfiler\Messenger\msmsgs.exe" [2004-10-13 1694208] "msnmsgr"="c:\programfiler\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-22 1830128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864] "JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2008-12-30 136600] "UnlockerAssistant"="c:\programfiler\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Launch LCDMon"="c:\programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-07-18 1687824] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2008-01-31 385024] "Launch LGDCore"="c:\programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-07-18 2094352] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016] "ZoneAlarm Client"="c:\programfiler\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 c:\windows\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe] "nwiz"="nwiz.exe" [2008-05-02 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 11:05 356352 c:\programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.VSPX"= vspxvfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-01-19 12:54 5674352 c:\programfiler\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Documents and Settings\\User\\Skrivebord\\utorrent.exe"= "c:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Programfiler\\DC++\\DCPlusPlus.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\ricochet\\hl.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\team fortress 2\\hl2.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"= "c:\\Programfiler\\Steam\\Steam.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\garrysmod\\hl2.exe"= "c:\\Programfiler\\VentSrv\\ventrilo_srv.exe"= "c:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "c:\\Programfiler\\MSN Messenger\\livecall.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "g:\\Format\\PROGRAMFILER\\Warcraft III\\war3.exe"= "c:\\Programfiler\\TVersity\\Media Server\\MediaServer.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= "c:\\Programfiler\\Tortun\\gui.exe"= "c:\\Programfiler\\Unlocker\\UnlockerAssistant.exe"= "c:\\Programfiler\\Java\\jre6\\bin\\jqs.exe"= "c:\\Programfiler\\Fellesfiler\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-05 111184] R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 81688] R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944] R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024] R3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408] R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2008-02-14 30464] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-05 20560] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-01-07 38496] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512] S3 PAC7311;VGA SoC PC-Camer@;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752] . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-NWEReboot - (no file) . ------- Tilleggsskanning ------- . uInternet Settings,ProxyServer = 208.69.147.43:80 IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\User\Programdata\Mozilla\Firefox\Profiles\eci97996.default\ FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - component: c:\documents and settings\User\Programdata\Mozilla\Firefox\Profiles\eci97996.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll FF - component: c:\documents and settings\User\Programdata\Mozilla\Firefox\Profiles\eci97996.default\extensions\[email protected]\components\coolirisstub.dll FF - plugin: c:\programfiler\Vizky\npVizky.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-07 05:33:50 Windows 5.1.2600 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1390067357-790525478-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*NULL*] "??"=hex:ff,d4,a2,d1,0a,b8,4d,d7,17,55,9e,ca,1d,2f,ae,47,b1,de,05,29,8f,35,17,\ ac,83,ac,59,81,b4,48,0a,be,f0,c1,5e,a3,b0,e1,90,80,f4,93,53,02,1d,f5,33,55,\ 93,e5,5f,e2,c2,ac,d8,25,44,ce,dc,ab,f9,0c,b2,b4,2e,5e,a7,80,6b,82,42,e5,fb,\ fe,a8,d3,30,a1,c8,74,9d,a8,78,4f,ab,0e,ec,7a,38,b8,71,cd,22,6b,45,ae,9d,c5,\ f3,c3,98,15,96,b8,62,ff,15,55,0a,fd,84,be,34,d1,19,f1,d1,b2,0f,5b,8d,b5,52,\ f1,2c,13,a2,ff,d8,9b,ea,a8,14,c7,f6,6a,61,2c,c5,85,f5,a9,7f,b8,99,2f,27,a3,\ 45,8e,b5,b8,4d,98,7b,fc,c7,ca,38,6d,cc,1a,ea,62,6f,ab,0a,51,92,ea,2e,cb,2b,\ 0d,a2,d4,f9,96,e5,be,be,7a,3c,a6,85,90,fd,75,52,c5,2f,4e,fd,0e,1b,b9,47,c9,\ 29,49,27,80,fb,ca,3b,0a,d9,11,90,37,92,93,69,26,60,21,fd,ca,97,6d,9e,e4,38,\ bb,5f,ba,b8,f0,e0,8e,f4,44,90,9e,c3,da,93,cc,54,56,f9,00,b2,94,de,cd,f2,4e,\ ef,4b,ed,fc,eb,45,29,aa,48,11,67,cb,1d,da,74,ad,0a,1f,c1,12,f0,b0,f7,d5,cc,\ 5a,14,e1,17,48,6b,77,29,77,ea,ca,d5,fa,21,5f,19,b4,e8,9a,14,d1,af,38,6f,d0,\ 30,9a,6a,6a,a6,03,52,ff,37,58,9d,87,1d,54,4e,33,fc,36,e7,74,57,1f,ab,e7,da,\ 0e,6f,9c,25,22,e4,7a,0a,fc,12,1e,15,f6,ba,48,76,27,c2,00,1a,78,b4,50,49,d7,\ d5,5c,84,d1,2f,08,15,4b,69,e3,37,de,3f,10,b4,66,8a,d8,4f,ac,0c,02,af,92,d2,\ 34,e8,02,9e,02,af,ed,38,b1,b7,da,d6,a7,1d,7f,05,a2,b1,3e,a4,d0,a0,3c,57,db,\ fa,17,74,21,da,be,c3,bd,64,af,ce,24,3d,79,70,01,7c,8e,63,31,ab,29,30,66,05,\ 60,48,7e,92,5e,ab,02,38,2e,c0,23,f4,48,18,5d,85,51,7f,e4,b3,e6,6c,09,84,92,\ d8,1e,30,91,61,0b,c9,b6,5e,dc,4a,c4,62,de,b6,a6,51,07,65,a0,7d,84,f9,5c,bf,\ 4d,a9,47,4c,ec,cb,80,d6,98,24,ce,c3,66,f0,59,50,85,6d,d7,5a,d5,59,7e,a7,d3,\ 40,be,10,98,33,15,5d,ee,b6,03,78,b8,d3,11,5b,5a,60,0b,f6,6c,02,bf,7c,d3,ae,\ 6e,58,5e,0e,0b,f8,d9,dd,fb,ab,54,e9,b7,8f,e3,b8,67,10,ba,93,31,27,22,62,5a,\ 94,ab,f3,8e,5e,f9,d8,1a,cc,0f,aa,44,f3,98,0d,fa,ed,c2,27,57,58,17,44,d1,70,\ 87,c2,9a,1a,0e,b2,d9,f2,a5,c5,6a,d9,e9,e6,04,9e,66,36,51,76,ca,98,e6,75,64,\ 1e,96,ae,c3,cf,18,a6,33,0d,9f,79,fa,22,17,b9,5a,dc,e8,82,b4,6d,77,17,46,44,\ ad,8f,b7,f8,98,fc,a3,42,2a,17,f0,21,fc,37,75,db,cd,fe,e1,8d,21,59,12,b4,73,\ a9,f3,64,18,7f,95,61,bb,16,ec,b9,d9,5e,d4,76,eb,a6,c5,7a,ac,71,4d,6f,5a,5e,\ 92,ea,4f,8a,e2,85,ee,d2,8d,13,4f,bb,d8,c5,b4,24,aa,5c,28,c7,2d,be,a4,e6,59,\ fe,20,22,67,49,28,09,ba,60,e9,5b,ae,86,0a,a0,19,5e,c8,3a,ef,bf,71,b4,57,c1,\ 1c,6a,27,6a,76,73,07,fb,9b,47,e5,50,ea,20,7a,97,cc,61,e5,43,7d,e6,84,2f,b2,\ 31,01,6e,14,c2,f5,24,af,f9,18,da,55,48,ba,ac,c9,0d,08,ca,bd,ae,3f,43,ce,ec,\ 29,33,05,14,b5,46,90,1b,e9,44,4d,ab,53,d8,8d,e1,c1,60,02,c8,5a,85,cf,24,ac,\ 40,80,81,42,3b,67,9a,d0,c6,29,2a,c8,39,e6,fa,c5,36,b6,e0,f5,e4,9c,d8,61,68,\ 51,c6,25,90,2e,23,ec,a3,0c,01,69,1a,d8,4f,c3,75,2e,0c,31,4d,8d,62,99,24,6a,\ a3,d3,92,96,51,e7,a5,05,cf,5f,83,9d,ba,81,6c,42,06,5e,c2,2a,e0,4e,5d,50,67,\ 45,e9,d1,0c,74,3d,fe,b6,07,1e,ed,61,6b,9a,10,41,a4,d5,23,19,ee,4b,6d,4d,3d,\ 44,8d,c7,b7,86,6a,ef,b2,e7,36,30,74,9b,0f,8c,dd,32,60,14,0f,3f,2d,c3,9f,f6,\ 17,c3,e4,17,c7,06,10,9c,15,57,8c,62,4c,f7,72,05,fa,76,ca,ca,b4,9a,e6,34,10,\ e5,3f,3c,42,41,3b,26,26,2f,03,0b,dc,ca,a8,7e,86,4b,83,54,be,57,58,91,80,be,\ a3,5a,34,b3,6b,81,82,cd,4e,5b,45,82,9b,0f,2f,0f,c7,c4,28,32,a6,64,98,de,5e,\ fc,c1,10,e0,90,35,6b,33,ee,ce,19,47,82,e4,be,05,68,de,fd,fb,dc,89,49,34,7b,\ 5f,7c,2a,49,2b,4e,2a,e5,72,15,98,2d,90,3f,af,c6,13,9b,d5,42,3c,f3,22,7c,4f,\ b1,13,73,c9,e1,07,43,c5,81,60,9e,d7,dd,1b,ed,2d,d9,7a,23,32,01,77,98,f6,5d,\ 83,24,b2,56,58,9a,40,47,ac,83,54,c8,73,b2,d7,70,7c,0e,37,44,f9,69,d1,7e,36,\ 42,20,f3,a5,68,30,a3,dc,c4,70,9d,f6,7b,d7,59,ab,a6,25,59,c6,ef,7e,21,cc,12,\ 50,49,15,aa,79,5e,9b,f8,d6,6a,a7,e0,7d,f9,25,50,96,e0,c3,c9,2d,b3,48,8b,a4,\ fd,f6,32,84,77,27,9b,de,a7,d7,4e,03,9c,3b,9d,03,90,4b,d4,d6,d7,24,ba,db,eb,\ 51,83,22,3a,a5,51,8f,e4,5c,24,86,00,a4,d1,e9,52,01,62,d1,d3,9e,db,e8,ca,b8,\ f2,e6,6a,18,55,c7,89,9f,34,cb,06,98,e1,5f,2b,17,0a,30,54,bc,81,5e,52,27,84,\ 47,2a,7b,bb,d7,d4,80,8b,08,8a,e5,5b,d2,89,95,a8,72,73,a4,49,8f,bf,7b,19,70,\ af,0c,48,9e,fb,8e,6a,a1,fd,1d,c6,c9,c9,f9,d0,26,40,f5,e1,a4,ae,21,13,f0,d6,\ 0c,42,b1,ac,29,6a,3c,f7,8c,dd,68,7c,4f,71,c0,b5,f8,3f,0d,41,0c,9a,f6,8f,d6,\ 58,a7,e2,12,78,2e,35,e8,dc,af,04,84,cc,91,67,fc,d3,7a,58,f7,0c,37,db,d1,74,\ d4,b5,6c,14,49,ed,67,ed,11,53,28,9d,3d,58,77,77,ed,fe,d5,e0,5e,e6,c6,6d,60,\ 07,69,ab,a8,8b,f4,64,d3,c8,bf,90,9a,f3,11,02,00,87,ee,d8,01,42,97,99,57,92,\ 2c,06,66,89,71,94,f6,78,b5,74,8f,b4,66,46,f6,66,8e,e8,db,f5,9a,5e,57,93,b5,\ 0c,d7,19,29,0f,6f,81,e1,8b,bb,b9,aa,d2,6e,ac,e4,44,ca,c3,f7,de,37,af,04,10,\ 2d,a9,d4,50,0e,c5,ec,e7,ad,d9,e8,c0,3c,2e,e9,f5,70,6f,7e,4c,58,79,f1,be,16,\ f2,c7,8a,e9,38,af,10,71,5e,9d,9b,2d,cd,d0,bc,9b,41,97,9b,7e,59,ca,19,f5,8d,\ f9,e7,c7,e5,f2,b7,ff,2d,e1,88,fb,ee,6e,bb,f0,7d,b8,04,ae,d2,e6,33,39,81,2a,\ ef,73,39,9d,b2,01,7f,76,a4,f3,02,3c,4a,0d,02,59,13,9f,6f,bc,7b,4a,ac,10,9f,\ 7b,02,f1,7c,18,f0,e2,2c,23,29,65,4a,02,65,f9,08,d9,ea,f3,a2,5f,60,4e,9a,cc,\ 06,2f,c6,13,01,6d,2e,27,b1,a9,ef,36,ac,e7,f3,85,7f,d0,3c,58,d2,ce,4f,81,ae,\ bc,e7,a8,07,18,ee,7a,69,0f,df,22,6c,9f,e2,f2,e4,c4,e0,98,96,3c,91,92,b4,63,\ 25,bf,1c,d4,cc,0b,81,b7,40,64,43,2d,66,03,8a,38,32,90,88,f7,a5,f0,9f,72,dd,\ 9b,4d,af,56,29,35,6a,a3,1b,a9,14,d2,64,b8,e4,c6,8b,68,86,13,4f,e3,22,ed,8f,\ e8,f3,4c,b7,f7,61,7a,34,08,37,69,76,3e,25,23,6a,c8,62,3d,9a,58,7b,3f,1a,3f,\ 2f,48,1b,03,be,8b,d0,df,dc,77,2e,b5,6d,d4,1a,1d,23,1e,9a,1b,56,df,4e,cb,6d,\ 7b,45,ef,51,16,f1,46,cb,5d,f9,3a,b6,83,26,5a,3b,d5,1a,ce,e9,ab,0d,3f,fa,03,\ 1d,95,28,fb,0c,84,06,00,0a,4f,7e,bf,2c,86,54,53,86,7b,c3,c7,61,c7,8c,b9,58,\ 01,fe,3b,0d,45,a4,f9,61,ed,00,05,24,d3,f8,66,92,6e,a7,92,79,a4,0f,b9,84,2f,\ 01,70,6a,6f,1e,40,35,6e,c2,d8,1a,39,11,18,68,97,64,53,9c,ad,e4,3f,06,71,bd,\ d1,25,16,4c,91,5d,28,72,33,49,f8,f7,75,29,e6,1f,4f,c2,8e,e8,2a,eb,e0,7d,22,\ 32,9f,22,f5,1a,0c,6f,0d,f8,99,62,a7,2d,45,73,18,13,c1,5a,f8,a3,6a,e6,da,00,\ 42,77,a9,5b,8b,4f,8f,8e,10,d7,68,db,dc,0e,80,f7,8c,f9,1a,4f,a6,02,18,c3,f4,\ c7,ca,25,3a,4f,f2,16,21,68,9a,84,b9,6d,fc,e3,87,12,e0,69,62,6b,01,0f,c8,03,\ 2f,91,4f,eb,cc,b5,96,e9,03,c0,62,f9,be,fe,ef,50,0b,de,fb,99,ab,86,04,19,91,\ 2d,6a,7f,19,66,2f,6d,3b,ac,87,7d,93,17,79,09,9c,21,51,80,3a,45,e5,79,96,aa,\ 45,bb,a6,5f,71,de,b6,c0,a5,83,d5,1c,eb,8b,13,8c,1c,4b,9c,21,cc,db,ac,82,29,\ ee,49,b5,f8,c2,d7,82,31,48,a5,f0,43,ed,22,34,d8,c6,fa,d7,7e,8b,b9,b1,db,7c,\ 16,3c,42,13,f5,ad,82,9a,f9,f3,ff,2a,88,8c,5b,9f,e5,f6,bd,e1,08,e6,45,07,40,\ 6d,6e,23,b7,53,4e,57,ed,59,7f,20,89,a9,c9,4e,26,9f,98,56,86,92,d8,ca,9d,07,\ 00,14,81,27,90,0c,4d,69,42,86,9a,78,3e,3b,5a,92,7b,55,6a,5d,99,ba,2c,b0,4f,\ f0,68,55,c9,07,b7,70,97,e0,e7,f7,83,94,d5,a2,6c,b8,5c,97,db,6b,be,2f,2e,f8,\ 23,f7,2c,28,50,ee,ab,ad,bb,b9,60,ec,b4,75,ad,7a,03,e7,03,ad,19,a6,c0,01,26,\ 1e,a5,6b,94,17,c2,61,ae,ea,76,57,08,9c,e8,40,38,0b,9b,86,85,05,62,60,83,1d,\ 58,8a,4e,45,b7,7b,c6,0f,07,35,c4,28,a4,41,6d,22,8e,73,7c,39,5f,f4,62,32,63,\ 5e,70,b1,8e,42,5c,fc,7b,64,c2,04,17,30,99,4f,de,1d,8d,6a,ab,37,47,df,33,3f,\ 74,ff,ad,21,ab,74,62,74,6b,db,a5,4c,9d,b3,86,0e,f3,74,c4,32,ea,6f,57,45,4a,\ ff,48,80,a9,53,44,0e,b9,7c,f1,cb,da,16,d7,38,a9,bd,ad,00,84,c1,6b,ac,fb,bd,\ b8,fd,98,20,6e,9e,4e,de,ee,a9,3a,21,5f,da,f9,80,59,f2,f0,7c,99,d9,83,c2,59,\ 95,2c,1f,5f,33,62,22,90,b9,eb,15,0b,6b,e1,0f,ff,53,06,2e,7d,e7,2b,43,b0,a5,\ 1e,24,e3,d8,c3,44,f9,2a,72,c0,9f,35,a2,4e,10,55,d4,be,51,cb,4c,10,01,d7,8b,\ 0c,34,d2,59,1a,9b,5c,70,d9,e8,7c,38,e0,d7,09,ef,f5,30,4e,02,da,26,aa,94,44,\ bd,41,fe,2c,d8,e3,84,6e,f7,18,ec,b7,fd,52,f4,63,5e,d5,fa,1e,dd,46,44,8c,9a,\ 9e,12,95,12,f5,4f,1f,e6,25,df,f5,cc,28,e7,21,ea,49,84,4c,8e,7b,9e,10,08,3b,\ 14,8f,c1,72,f9,9c,bf,38,34,54,1f,c8,69,d9,42,bb,ce,a4,a8,c5,b4,d1,a2,fb,78,\ 24,b3,61,9b,cf,45,1b,17,81,fb,58,50,dd,e9,a2,cc,0f,11,50,a3,75,f4,5d,a3,8c,\ 3d,03,f7,d5,8d,52,8a,16,f0,5e,86,a4,d5,c8,3f,01,4b,f4,a8,97,05,05,fb,06,b2,\ ae,e3,fc,cc,15,ff,65,97,77,45,6a,9a,d0,7b,25,cc,be,38,74,0a,44,3b,63,6a,aa,\ 7c,3e,7d,25,5b,67,a6,91,4f,49,18,ea,41,15,ec,af,ef,2d,4f,49,93,fd,7b,98,7f,\ 31,fe,0b,5d,01,c3,35,0b,bc,8f,6d,66,79,df,5a,e9,01,91,8d,9a,fa,5f,d2,64,b5,\ a8,99,5e,6d,3e,3e,8d,2c,0d,ab,a1,40,65,33,af,57,37,0e,3f,a1,f0,9c,7a,32,16,\ 57,07,c7,90,ce,6f,5a,d9,d2,4d,31,3f,e2,1c,2f,da,94,6d,a8,57,2a,85,33,a5,89,\ 1d,6a,34,94,8f,87,15,64,9a,c5,5b,af,d6,02,c5,45,ee,5b,34,77,25,e0,da,fb,f3,\ cd,4e,d3,7d,e6,33,36,cc,67,2d,a4,08,8a,02,c7,5f,75,19,e3,ad,8b,7a,1a,3e,e2,\ 97,ba,e5,57,82,6c,21,59,ce,16,11,40,1b,d8,8e,1c,c0,1e,b3,88,e6,d1,6e,57,81,\ e4,f8,6c,c9,c9,e2,39,35,c5,18,16,b0,e5,87,53,af,62,bd,a5,6f,b6,34,70,8d,b5,\ 8f,1a,67,ff,94,39,5c,ec,d9,36,a2,10,fe,95,19,5c,1b,d1,bb,68,6d,f5,42,6a,d1,\ 06,1d,6b,97,52,9c,fe,f7,31,14,86,ce,65,14,d1,de,56,d9,71,00,61,df,67,0f,3f,\ 24,4e,bf,03,27,85,e0,6b,1f,b0,d2,bd,fe,9c,27,6b,57,45,09,b6,f2,8a,b3,d7,bf,\ 52,23,fe,96,44,0c,f8,51,01,28,a6,e6,09,e5,b0,c4,e7,9a,7a,07,88,7e,de,b4,79,\ 32,a0,cd,f3,84,61,8b,37,83,17,35,8c,c7,86,01,59,fb,eb,a7,a5,56,1c,30,d6,34,\ 32,ee,7f,48,62,6b,ed,07,8f,c6,25,c6,55,58,f3,40,e7,24,6a,79,be,ac,98,e8,a0,\ 0f,1f,eb,81,19,ae,73,ef,21,3f,25,49,d8,b3,a8,c6,b7,79,69,46,09,7e,e1,d0,32,\ 46,75,07,5e,43,a6,cc,f3,f4,07,31,14,5b,19,a2,ff,38,c2,76,b6,a9,c2,b3,b4,19,\ d6,b5,7e,06,c6,0d,24,bf,3c,0c,56,29,ed,5b,c9,ff,58,35,7a,cd,6d,c1,2e,aa,2c,\ 03,f7,f2,13,ec,c2,f8,b7,6c,82,e9,f8,f8,a9,d7,c3,5b,ce,35,79,42,29,c8,ab,47,\ 49,97,c9,74,ed,4c,70,d9,cc,e6,83,46,a4,72,a5,32,34,aa,41,95,76,8b,98,a3,9b,\ 0f,30,77,13,86,b4,3d,95,e3,d2,88,6d,15,61,6b,bb,86,6e,52,f1,17,01,63,da,e9,\ 46,02,63,d1,16,6f,21,18,77,fc,65,d2,b4,52,2d,88,b7,c4,13,2c,e2,c8,ce,c0,09,\ 7d,4e,8d,04,79,3a,8e,16,a8,02,ca,ea,46,81,31,38,ab,1f,b2,60,55,84,50,8d,21,\ ff,3a,bc,fb,a2,8c,fe,8b,9d,62,97,a9,51,f0,7a,4b,ed,e1,a4,b5,35,c7,4c,a2,42,\ a7,05,e6,73,40,ee,ea,36,56,6e,71,e5,9a,22,08,fc,91,b6,35,49,f0,30,11,ef,0c,\ a1,79,ce,c4,46,c6,eb,17,12,7b,cf,0f,e7,b5,d8,d8,4d,b8,6d,64,91,3d,be,d2,07,\ a9,ad,4b,da,08,2f,03,24,c6,0a,12,e4,89,7d,16,15,3d,35,79,9b,98,fd,e2,ef,b5,\ 87,c2,fb,c1,b3,ad,66,fc,de,d4,b8,39,23,a5,31,c3,11,06,92,18,1e,d6,fb,bb,df,\ 5e,44,68,14,bb,1b,91,43,23,42,99,b9,a6,d2,e8,6a,a7,06,ae,2a,92,41,ca,2e,c9,\ b8,f2,4f,2f,a4,07,ea,a2,d1,01,cd,86,d8,4f,cb,b0,09,b2,16,4a,9f,ea,86,de,ec,\ 1f,08,a3,9a,3f,c5,e6,d1,02,ae,c2,36,4c,d7,4f,6c,19,58,f1,dd,8e,65,15,10,38,\ 57,0c,39,a9,9f,47,ec,e9,cb,3b,7c,1f,28,82,85,77,77,e7,d2,49,ee,ca,fe,32,61,\ 6c,c0,24,3b,17,1c,62,af,c7,a0,1f,10,bf,16,fd,18,1e,d4,c5,66,0c,33,9a,55,3a,\ c0,42,71,24,98,64,50,04,e0,5c,36,04,c9,a7,5d,73,51,52,a0,91,32,6b,8d,cd,e1,\ 40,d9,ee,e1,e8,09,7f,91,00,11,59,fb,c3,e5,63,fe,2d,65,d6,33,b0,31,e0,27,f7,\ 34,08,c6,0f,fd,0a,d5,8b,02,20,2b,b1,d1,c6,2c,c6,67,6e,6b,33,d4,86,b1,5e,82,\ b2,60,ef,9c,c9,0a,fc,e6,6a,af,65,83,bd,2c,e7,54,4a,a9,e3,ec,71,dc,51,97,fc,\ 84,55,43,99,f6,40,92,e7,c6,cf,bc,6d,51,ac,d5,f9,1f,03,3c,56,f4,d1,d0,69,6f,\ 42,89,96,f9,78,5e,88,bc,de,08,5d,35,ff,51,fc,8f,1a,c6,86,66,eb,91,2c,1a,d0,\ 94,38,9a,ec,ea,42,23,ba,cc,83,d2,f1,5d,a9,39,69,35,d2,50,7d,b0,37,50,86,c5,\ 4e,9a,d1,48,2b,8a,4a,68,bf,83,37,7d,fb,b4,df,dc,ef,b4,1f,7e,47,72,a5,a7,35,\ b3,70,cb,f6,c8,f9,94,63,85,51,75,ac,34,0d,9f,b0,31,44,2e,78,9d,95,c7,97,f4,\ 29,78,2c,57,2b,3b,a9,87,9f,4a,65,d9,66,ce,05,99,86,70,5c,24,6e,1e,36,1a,08,\ ae,79,ee,b9,b3,b0,01,b0,a6,63,e4,e6,67,44,65,b1,57,2a,d6,83,8c,d9,75,39,d2,\ aa,5b,4a,c1,ae,49,de,22,9c,f6,fd,cc,b5,fb,e7,c9,6c,22,99,a9,e3,9c,72,dd,88,\ d3,34,41,18,46,e6,5f,0d,e9,0e,b4,fa,b1,49,52,33,6f,96,17,fb,d5,c8,c3,0b,70,\ 8f,c8,da,fe,21,08,3b,a5,f6,3c,41,db,24,6c,d8,d3,48,cd,e6,6e,2d,99,9d,e3,19,\ be,24,47,1e,bb,5b,04,9f,75,08,f1,96,a4,03,f2,17,c2,ac,f0,06,05,c3,44,e4,98,\ d4,6a,7b,2f,71,22,70,dd,55,98,c5,fa,6e,85,1f,cd,12,aa,c3,81,54,2f,72,37,58,\ a2,8a,13,64,af,96,85,d8,ff,86,86,4a,24,73,c6,eb,72,0a,b5,82,e3,18,38,52,f4,\ 35,53,5a,11,31,6e,0f,cf,69,65,19,dc,3c,6c,ed,6c,2b,0e,65,1d,49,dc,d1,f0,da,\ 2d,3c,cf,67,f5,c4,bb,9a,3f,8e,c2,6b,ca,eb,f0,31,39,12,cd,47,3a,ed,7b,4d,89,\ 4f,72,49,b8,7d,f2,0e,5b,19,07,df,50,e6,c9,88,87,cc,9a,96,b5,7e,b5,20,c9,08,\ 8f,a1,08,7b,a0,4a,e1,c5,12,b7,6f,6e,60,6f,53,ae,4e,41,4e,53,06,c2,44,70,23,\ ec,32,2c,33,25,85,66,18,92,c8,9c,d3,d3,18,c3,ad,7a,04,a9,6f,7c,7f,21,da,8f,\ d7,50,38,ae,93,69,a9,4a,15,48,9e,03,e5,55,54,1b,eb,ad,bb,f3,26,70,ab,56,0e,\ 74,9d,6f,d7,fd,1e,a6,67,1a,66,b1,e5,d3,d2,69,f4,d4,24,a6,9c,55,5c,3d,9d,d2,\ 22,d7,58,09,bd,8e,e3,64,d0,d8,36,2f,bf,ea,cb,40,8b,e2,12,af,5d,f6,ed,27,50,\ 0a,b3,8d,c6,91,9c,d2,db,cd,cd,58,5d,8f,5a,da,51,61,4b,a3,36,15,cb,21,30,7e,\ 3b,f2,d4,3c,be,b8,a5,6e,03,59,5b,30,34,f0,90,b7,98,ba,9d,34,68,45,5c,b5,96,\ ad,bc,5e,0f,d2,f8,e1,3c,7c,7e,57,ee,5a,34,92,df,72,b8,38,0c,82,62,83,0f,b5,\ 1c,58,bd,2f,f6,f9,90,7c,41,39,64,03,58,9f,a4,3e,fd,da,80,9f,56,67,0c,14,95,\ a1,53,0c,62,02,e2,2f,8f,84,3d,77,a6,07,11,77,bf,4e,2c,00,73,3a,0e,07,4f,1b,\ e6,d0,1e,79,5a,97,f8,cd,a8,32,fc,7b,53,0c,7e,c3,25,58,6c,cd,18,21,b5,58,b9,\ 27,29,d2,f7,3c,f7,e8,f1,f6,26,9f,39,4a,a9,d7,f1,98,da,a0,11,d7,a5,cb,2c,52,\ eb,d3,bc,22,d8,4d,46,bc,66,c2,1a,31,af,04,52,5f,07,21,90,bc,7b,a9,7a,6c,bc,\ 0d,57,65,89,19,5b,82,50,81,e3,f7,79,5d,e5,ed,fc,13,ea,96,cc,04,d0,83,76,15,\ fb,db,65,ec,a5,67,76,3b,b4,9f,27,c1,26,80,d4,08,e5,47,f4,16,f2,c8,40,65,01,\ ad,51,8c,7b,7c,44,cf,7b,d2,a9,42,6f,9f,64,f9,39,22,9b,85,22,b7,71,7f,a9,85,\ 06,87,04,fa,60,ff,a5,96,59,6d,87,d3,82,ad,ea,25,a1,67,3f,1c,1d,d2,21,62,9f,\ 3d,83,bd,7d,10,cc,f0,62,e8,1d,54,0e,c3,dd,7b,05,78,c1,15,1b,c9,bf,2e,10,9e,\ 35,2e,da,b2,d2,8d,c4,be,b3,ae,10,ec,a7,55,55,2c,6b,b6,84,50,d0,66,6b,fa,fd,\ 88,5f,39,5f,30,7b,9e,d8,08,ac,e4,a1,83,10,4b,55,98,a8,26,88,56,64,a5,be,1b,\ e2,e2,59,73,9d,2e,f2,94,ba,67,69,97,2f,f2,df,fd,d9,c6,57,cf,63,4d,de,fa,47,\ 06,18,6f,91,47,a8,74,02,ac,1f,c1,ab,98,62,c0,1c,f9,42,e4,01,ad,4c,78,68,b8,\ 30,4c,47,d5,2e,c1,78,fd,8a,ea,48,da,27,97,1c,ab,be,c5,7f,c0,97,21,4d,8a,65,\ fa,46,60,b1,a9,38,83,29,92,a6,16,0d,38,71,fc,21,ed,83,1c,7b,05,b4,19,2b,02,\ 91,8d,1b,1f,95,fd,44,9c,cf,fd,ab,2c,c3,c3,cc,43,1a,f6,d8,dc,9f,7a,47,08,bc,\ a9,5e,28,99,5c,c4,91,87,c1,8c,60,04,b6,2e,e2,d3,81,57,29,e0,fa,b5,9d,11,7d,\ 53,6a,32,fc,54,65,a4,39,00,79,e9,de,a1,64,2c,73,8e,03,c3,bb,b7,e9,49,dd,58,\ 5d,5c,6c,4b,d4,4a,b0,f4,7d,4a,6e,9b,4a,25,a7,d2,b7,e6,cb,61,2b,a2,10,8f,77,\ 7f,13,f8,25,93,77,dd,94,02,9e,58,41,e8,5f,e9,07,82,36,ed,ec,af,76,ab,f5,c6,\ 85,ef,4f,de,c1,b0,90,4b,1f,50,57,23,84,a8,ac,70,8a,66,f6,45,33,c4,51,6c,91,\ 7b,41,a4,b8,c4,d8,15,98,9c,ac,6a,13,6c,7b,0b,3e,20,7c,ee,7f,ae,e4,ad,50,fe,\ ac,7b,62,d3,ce,79,3a,e4,5f,6d,24,f1,05,b8,9d,2e,07,5a,bd,7c,aa,02,16,c5,04,\ a4,83,4a,59,a0,76,b7,cb,0b,d4,62,63,c1,2e,62,29,b9,90,4b,e7,c9,6a,d8,df,45,\ 7c,3e,03,81,13,80,74,33,66,66,ec,03,60,d3,7e,30,4d,b0,c0,61,39,15,4a,42,16,\ 97,1c,fb,60,8c,ae,c8,34,e9,a8,b2,f7,60,de,77,c9,d8,97,71,fb,8b,71,4f,2b,7b,\ 63,06,dc,73,90,b0,88,a4,43,6e,34,53,f3,c4,ab,c8,f6,d1,df,8a,29,58,4e,5f,3d,\ 17,f6,b4,7c,dd,8a,76,b8,a1,8a,e2,8a,90,80,27,d8,3b,37,77,ea,9e,8b,ac,34,db,\ 4f,aa,56,ce,33,23,58,31,95,a2,a1,82,80,40,e9,02,b4,3f,6e,9b,6d,d0,43,e3,49,\ bb,88,cd,35,63,53,f3,45,b0,d7,51,09,8f,8c,c2,15,82,fb,2c,9a,ea,97,c2,a4,1f,\ ce,22,d1,ae,ef,ad,b1,72,1e,64,0b,59,d3,96,f4,90,ba,28,74,f1,e6,f2,48,77,69,\ 4b,c6,cf,3e,c4,4f,7f,80,9c,51,b0,96,e7,05,34,53,b9,b9,7e,d5,fe,b5,32,1d,29,\ 21,d2,77,06,68,84,f7,f6,67,ae,57,96,6e,d6,81,8d,d8,88,b8,43,8d,a7,a2,18,c7,\ 9c,7e,46,a5,9f,f6,f3,ea,51,ea,83,87,da,24,7c,b4,03,77,ae,ce,cf,7a,cb,06,ea,\ cc,c6,9c,8b,26,f8,29,19,09,1a,5e,3b,e9,18,7e,81,2b,47,c5,b8,ce,2f,f0,70,9a,\ 1d,58,de,47,62,be,00,b9,48,5f,b4,56,cb,8a,bb,08,2b,76,93,11,9a,0d,e3,1d,74,\ 43,f9,9b,b8,36,aa,bd,01,54,9e,09,66,a4,f0,e5,f5,da,a3,c1,48,79,6d,18,d9,67,\ 53,51,93,63,7f,0f,1d,1a,fc,41,23,ed,a9,73,f0,be,99 "??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50 . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(892) c:\programfiler\SUPERAntiSpyware\SASWINLO.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\ZoneLabs\vsmon.exe c:\programfiler\Lavasoft\Ad-Aware\aawservice.exe c:\programfiler\Alwil Software\Avast4\aswUpdSv.exe c:\programfiler\Alwil Software\Avast4\ashServ.exe c:\windows\system32\rundll32.exe c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe c:\programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe c:\programfiler\Java\jre6\bin\jqs.exe c:\programfiler\NetLimiter 2 Monitor\nlsvc.exe c:\programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe c:\programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\programfiler\NVIDIA Corporation\nTune\nTuneService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\windows\system32\PAStiSvc.exe c:\windows\system32\wdfmgr.exe c:\programfiler\NetLimiter 2 Monitor\NLClient.exe c:\programfiler\Alwil Software\Avast4\ashMaiSv.exe . ************************************************************************** . Tidspunkt ferdig: 2009-01-07 5:36:45 - maskinen ble startet på nytt [user] ComboFix-quarantined-files.txt 2009-01-07 04:36:42 Pre-Run: 10 780 848 128 byte ledig Post-Run: 10,744,147,968 byte ledig 432 --- E O F --- 2008-04-17 21:33:59 HJT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 05:41:52, on 07.01.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programfiler\Lavasoft\Ad-Aware\aawservice.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe C:\Documents and Settings\User\Skrivebord\utorrent.exe C:\Programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\Programfiler\NetLimiter 2 Monitor\nlsvc.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\NetLimiter 2 Monitor\NLClient.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\User\Skrivebord\Test11\Test11.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 208.69.147.43:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Programfiler\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [µTorrent] "C:\Documents and Settings\User\Skrivebord\utorrent.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programfiler\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Programfiler\NetLimiter 2 Monitor\nlsvc.exe O23 - Service: NMIndexingService - Unknown owner - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programfiler\WinPcap\rpcapd.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Programfiler\TVersity\Media Server\MediaServer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9294 bytes Lenke til kommentar
snippsat Skrevet 7. januar 2009 Del Skrevet 7. januar 2009 Kopiere fet tekst under bildet->åpne notisblokk og lim inn. Lagre på skrivebordet som CFScript.txt Gjør som på bildet combofix vil starte,Post logg c:\combofix.txt File:: c:\windows\system32\redivipo.exe c:\windows\system32\pepimude.exe c:\windows\system32\biwomagu.dll c:\windows\system32\perapehu.dll c:\windows\system32\tofuropi.dll c:\windows\system32\tesutefa.dll c:\windows\system32\hewevahu.dll c:\windows\system32\gerivaya.dll c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\zofowoda.dll c:\windows\system32\tigogitu.dll c:\windows\system32\juteruno.dll Lenke til kommentar
Colamann Skrevet 7. januar 2009 Forfatter Del Skrevet 7. januar 2009 Takk for svar. Her er den nye loggen: ComboFix 09-01-06.02 - Drama 2009-01-07 15:19:53.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.2046.1318 [GMT 1:00] Kjører fra: c:\documents and settings\User\Skrivebord\ComboFix.exe Command switches brukt :: c:\documents and settings\User\Skrivebord\CFScript.txt * Opprettet nytt gjenopprettingspunkt ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! FILE :: c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\biwomagu.dll c:\windows\system32\gerivaya.dll c:\windows\system32\hewevahu.dll c:\windows\system32\juteruno.dll c:\windows\system32\pepimude.exe c:\windows\system32\perapehu.dll c:\windows\system32\redivipo.exe c:\windows\system32\tesutefa.dll c:\windows\system32\tigogitu.dll c:\windows\system32\tofuropi.dll c:\windows\system32\zofowoda.dll . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\biwomagu.dll c:\windows\system32\gerivaya.dll c:\windows\system32\hewevahu.dll c:\windows\system32\juteruno.dll c:\windows\system32\pepimude.exe c:\windows\system32\perapehu.dll c:\windows\system32\redivipo.exe c:\windows\system32\tesutefa.dll c:\windows\system32\tigogitu.dll c:\windows\system32\tofuropi.dll c:\windows\system32\zofowoda.dll . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-12-07 til 2009-01-07 ))))))))))))))))))))))))))))))))) . 2009-01-07 05:19 . 2009-01-07 05:19 <DIR> d-------- c:\programfiler\Malwarebytes' Anti-Malware 2009-01-07 05:19 . 2009-01-07 05:19 <DIR> d-------- c:\documents and settings\User\Programdata\Malwarebytes 2009-01-07 05:19 . 2009-01-07 05:19 <DIR> d-------- c:\documents and settings\All Users\Programdata\Malwarebytes 2009-01-07 05:19 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-07 05:19 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-04 15:14 . 2009-01-04 15:24 296 --a------ c:\windows\hex.ini 2009-01-04 15:09 . 2009-01-04 15:09 <DIR> d-------- c:\windows\ShellNew 2009-01-04 15:09 . 2009-01-04 15:09 <DIR> d-------- c:\programfiler\AutoIt3 2009-01-02 16:20 . 2009-01-02 16:20 5,376 --a------ c:\windows\system32\drivers\MS1000.sys 2009-01-02 16:19 . 2009-01-02 16:20 <DIR> d-------- c:\programfiler\The Cleaner Demo 2009-01-02 14:14 . 2009-01-02 14:14 <DIR> d-------- c:\programfiler\SUPERAntiSpyware 2009-01-02 14:14 . 2009-01-02 14:14 <DIR> d-------- c:\documents and settings\User\Programdata\SUPERAntiSpyware.com 2009-01-02 14:14 . 2009-01-02 14:14 <DIR> d-------- c:\documents and settings\All Users\Programdata\SUPERAntiSpyware.com 2009-01-02 13:34 . 2009-01-02 13:34 <DIR> d-------- c:\windows\system32\ZoneLabs 2009-01-02 13:34 . 2009-01-02 13:34 <DIR> d-------- c:\programfiler\Zone Labs 2009-01-02 13:34 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll 2009-01-02 13:34 . 2009-01-07 05:33 348,371 --a------ c:\windows\system32\vsconfig.xml 2009-01-02 13:34 . 2009-01-02 13:34 4,212 --ah----- c:\windows\system32\zllictbl.dat 2009-01-02 13:32 . 2009-01-07 15:20 <DIR> d-------- c:\windows\Internet Logs 2008-12-31 14:29 . 2008-12-31 14:29 211 --a------ c:\windows\wininit.ini 2008-12-31 13:55 . 2009-01-07 15:17 <DIR> dr-h----- c:\documents and settings\User\Siste 2008-12-30 14:30 . 2008-12-30 14:30 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-26 15:20 . 2008-12-26 15:29 <DIR> d-------- c:\programfiler\Incomplete 2008-12-17 05:30 . 2008-12-17 05:30 <DIR> d-------- c:\programfiler\Tortun . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-07 14:15 --------- d-----w c:\documents and settings\User\Programdata\uTorrent 2009-01-07 14:15 --------- d-----w c:\documents and settings\User\Programdata\SiteAdvisor 2009-01-07 04:30 --------- d-----w c:\programfiler\DC++ 2009-01-06 11:21 748,135 ----a-w c:\windows\Internet Logs\tvDebug.Zip 2009-01-06 11:19 1,399,296 ----a-w c:\windows\Internet Logs\xDB1.tmp 2009-01-02 13:13 --------- d-----w c:\programfiler\Fellesfiler\Wise Installation Wizard 2009-01-02 13:11 --------- d-----w c:\programfiler\Microsoft ActiveSync 2008-12-31 13:06 --------- d-----w c:\documents and settings\All Users\Programdata\Spybot - Search & Destroy 2008-12-30 13:30 --------- d-----w c:\programfiler\Java 2008-12-28 08:20 --------- d-----w c:\programfiler\Lavasoft 2008-12-26 14:23 --------- d-----w c:\programfiler\LimeWire 2008-12-10 01:18 --------- d-----w c:\programfiler\Steam 2008-12-09 03:20 --------- d-----w c:\documents and settings\User\Programdata\Skype 2008-12-08 23:08 --------- d-----w c:\documents and settings\User\Programdata\skypePM 2008-12-05 20:15 201,352 ----a-w c:\windows\system32\PnkBstrB.exe 2008-12-05 20:15 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-11-16 21:10 5,758 ----a-w c:\windows\system32\ealregsnapshot1.reg 2008-11-16 20:39 --------- d-----w c:\documents and settings\User\Programdata\dvdcss 2008-11-12 18:24 --------- d-----w c:\programfiler\Spybot - Search & Destroy 2008-11-09 21:16 --------- d-----w c:\programfiler\Video Strip Poker 2008-11-09 14:47 --------- d---a-w c:\documents and settings\All Users\Programdata\TEMP 2008-11-07 20:51 --------- d-----w c:\programfiler\Real Alternative 2008-10-27 09:54 901,120 ----a-w c:\windows\TMUninst.exe . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360] "NVIDIA nTune"="c:\programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 81920] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" [2005-09-08 94208] "µTorrent"="c:\documents and settings\User\Skrivebord\utorrent.exe" [2007-09-24 177152] "MSMSGS"="c:\programfiler\Messenger\msmsgs.exe" [2004-10-13 1694208] "msnmsgr"="c:\programfiler\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-22 1830128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864] "JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2008-12-30 136600] "UnlockerAssistant"="c:\programfiler\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Launch LCDMon"="c:\programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-07-18 1687824] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2008-01-31 385024] "Launch LGDCore"="c:\programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-07-18 2094352] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016] "ZoneAlarm Client"="c:\programfiler\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 c:\windows\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe] "nwiz"="nwiz.exe" [2008-05-02 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 11:05 356352 c:\programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.VSPX"= vspxvfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-01-19 12:54 5674352 c:\programfiler\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Documents and Settings\\User\\Skrivebord\\utorrent.exe"= "c:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Programfiler\\DC++\\DCPlusPlus.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\ricochet\\hl.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\team fortress 2\\hl2.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"= "c:\\Programfiler\\Steam\\Steam.exe"= "c:\\Programfiler\\Steam\\steamapps\\[email protected]\\garrysmod\\hl2.exe"= "c:\\Programfiler\\VentSrv\\ventrilo_srv.exe"= "c:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "c:\\Programfiler\\MSN Messenger\\livecall.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "g:\\Format\\PROGRAMFILER\\Warcraft III\\war3.exe"= "c:\\Programfiler\\TVersity\\Media Server\\MediaServer.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= "c:\\Programfiler\\Tortun\\gui.exe"= "c:\\Programfiler\\Unlocker\\UnlockerAssistant.exe"= "c:\\Programfiler\\Java\\jre6\\bin\\jqs.exe"= "c:\\Programfiler\\Fellesfiler\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-05 111184] R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 81688] R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944] R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024] R3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-05 20560] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512] S3 PAC7311;VGA SoC PC-Camer@;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 154752] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2008-02-14 30464] --- Other Services/Drivers In Memory --- *Deregistered* - MBAMSwissArmy . . ------- Tilleggsskanning ------- . uInternet Settings,ProxyServer = 208.69.147.43:80 IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\User\Programdata\Mozilla\Firefox\Profiles\eci97996.default\ FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - component: c:\documents and settings\User\Programdata\Mozilla\Firefox\Profiles\eci97996.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll FF - component: c:\documents and settings\User\Programdata\Mozilla\Firefox\Profiles\eci97996.default\extensions\[email protected]\components\coolirisstub.dll FF - plugin: c:\programfiler\Vizky\npVizky.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-07 15:21:10 Windows 5.1.2600 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1390067357-790525478-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*NULL*] "??"=hex:ff,d4,a2,d1,0a,b8,4d,d7,17,55,9e,ca,1d,2f,ae,47,b1,de,05,29,8f,35,17,\ ac,83,ac,59,81,b4,48,0a,be,f0,c1,5e,a3,b0,e1,90,80,f4,93,53,02,1d,f5,33,55,\ 93,e5,5f,e2,c2,ac,d8,25,44,ce,dc,ab,f9,0c,b2,b4,2e,5e,a7,80,6b,82,42,e5,fb,\ fe,a8,d3,30,a1,c8,74,9d,a8,78,4f,ab,0e,ec,7a,38,b8,71,cd,22,6b,45,ae,9d,c5,\ f3,c3,98,15,96,b8,62,ff,15,55,0a,fd,84,be,34,d1,19,f1,d1,b2,0f,5b,8d,b5,52,\ f1,2c,13,a2,ff,d8,9b,ea,a8,14,c7,f6,6a,61,2c,c5,85,f5,a9,7f,b8,99,2f,27,a3,\ 45,8e,b5,b8,4d,98,7b,fc,c7,ca,38,6d,cc,1a,ea,62,6f,ab,0a,51,92,ea,2e,cb,2b,\ 0d,a2,d4,f9,96,e5,be,be,7a,3c,a6,85,90,fd,75,52,c5,2f,4e,fd,0e,1b,b9,47,c9,\ 29,49,27,80,fb,ca,3b,0a,d9,11,90,37,92,93,69,26,60,21,fd,ca,97,6d,9e,e4,38,\ bb,5f,ba,b8,f0,e0,8e,f4,44,90,9e,c3,da,93,cc,54,56,f9,00,b2,94,de,cd,f2,4e,\ ef,4b,ed,fc,eb,45,29,aa,48,11,67,cb,1d,da,74,ad,0a,1f,c1,12,f0,b0,f7,d5,cc,\ 5a,14,e1,17,48,6b,77,29,77,ea,ca,d5,fa,21,5f,19,b4,e8,9a,14,d1,af,38,6f,d0,\ 30,9a,6a,6a,a6,03,52,ff,37,58,9d,87,1d,54,4e,33,fc,36,e7,74,57,1f,ab,e7,da,\ 0e,6f,9c,25,22,e4,7a,0a,fc,12,1e,15,f6,ba,48,76,27,c2,00,1a,78,b4,50,49,d7,\ d5,5c,84,d1,2f,08,15,4b,69,e3,37,de,3f,10,b4,66,8a,d8,4f,ac,0c,02,af,92,d2,\ 34,e8,02,9e,02,af,ed,38,b1,b7,da,d6,a7,1d,7f,05,a2,b1,3e,a4,d0,a0,3c,57,db,\ fa,17,74,21,da,be,c3,bd,64,af,ce,24,3d,79,70,01,7c,8e,63,31,ab,29,30,66,05,\ 60,48,7e,92,5e,ab,02,38,2e,c0,23,f4,48,18,5d,85,51,7f,e4,b3,e6,6c,09,84,92,\ d8,1e,30,91,61,0b,c9,b6,5e,dc,4a,c4,62,de,b6,a6,51,07,65,a0,7d,84,f9,5c,bf,\ 4d,a9,47,4c,ec,cb,80,d6,98,24,ce,c3,66,f0,59,50,85,6d,d7,5a,d5,59,7e,a7,d3,\ 40,be,10,98,33,15,5d,ee,b6,03,78,b8,d3,11,5b,5a,60,0b,f6,6c,02,bf,7c,d3,ae,\ 6e,58,5e,0e,0b,f8,d9,dd,fb,ab,54,e9,b7,8f,e3,b8,67,10,ba,93,31,27,22,62,5a,\ 94,ab,f3,8e,5e,f9,d8,1a,cc,0f,aa,44,f3,98,0d,fa,ed,c2,27,57,58,17,44,d1,70,\ 87,c2,9a,1a,0e,b2,d9,f2,a5,c5,6a,d9,e9,e6,04,9e,66,36,51,76,ca,98,e6,75,64,\ 1e,96,ae,c3,cf,18,a6,33,0d,9f,79,fa,22,17,b9,5a,dc,e8,82,b4,6d,77,17,46,44,\ ad,8f,b7,f8,98,fc,a3,42,2a,17,f0,21,fc,37,75,db,cd,fe,e1,8d,21,59,12,b4,73,\ a9,f3,64,18,7f,95,61,bb,16,ec,b9,d9,5e,d4,76,eb,a6,c5,7a,ac,71,4d,6f,5a,5e,\ 92,ea,4f,8a,e2,85,ee,d2,8d,13,4f,bb,d8,c5,b4,24,aa,5c,28,c7,2d,be,a4,e6,59,\ fe,20,22,67,49,28,09,ba,60,e9,5b,ae,86,0a,a0,19,5e,c8,3a,ef,bf,71,b4,57,c1,\ 1c,6a,27,6a,76,73,07,fb,9b,47,e5,50,ea,20,7a,97,cc,61,e5,43,7d,e6,84,2f,b2,\ 31,01,6e,14,c2,f5,24,af,f9,18,da,55,48,ba,ac,c9,0d,08,ca,bd,ae,3f,43,ce,ec,\ 29,33,05,14,b5,46,90,1b,e9,44,4d,ab,53,d8,8d,e1,c1,60,02,c8,5a,85,cf,24,ac,\ 40,80,81,42,3b,67,9a,d0,c6,29,2a,c8,39,e6,fa,c5,36,b6,e0,f5,e4,9c,d8,61,68,\ 51,c6,25,90,2e,23,ec,a3,0c,01,69,1a,d8,4f,c3,75,2e,0c,31,4d,8d,62,99,24,6a,\ a3,d3,92,96,51,e7,a5,05,cf,5f,83,9d,ba,81,6c,42,06,5e,c2,2a,e0,4e,5d,50,67,\ 45,e9,d1,0c,74,3d,fe,b6,07,1e,ed,61,6b,9a,10,41,a4,d5,23,19,ee,4b,6d,4d,3d,\ 44,8d,c7,b7,86,6a,ef,b2,e7,36,30,74,9b,0f,8c,dd,32,60,14,0f,3f,2d,c3,9f,f6,\ 17,c3,e4,17,c7,06,10,9c,15,57,8c,62,4c,f7,72,05,fa,76,ca,ca,b4,9a,e6,34,10,\ e5,3f,3c,42,41,3b,26,26,2f,03,0b,dc,ca,a8,7e,86,4b,83,54,be,57,58,91,80,be,\ a3,5a,34,b3,6b,81,82,cd,4e,5b,45,82,9b,0f,2f,0f,c7,c4,28,32,a6,64,98,de,5e,\ fc,c1,10,e0,90,35,6b,33,ee,ce,19,47,82,e4,be,05,68,de,fd,fb,dc,89,49,34,7b,\ 5f,7c,2a,49,2b,4e,2a,e5,72,15,98,2d,90,3f,af,c6,13,9b,d5,42,3c,f3,22,7c,4f,\ b1,13,73,c9,e1,07,43,c5,81,60,9e,d7,dd,1b,ed,2d,d9,7a,23,32,01,77,98,f6,5d,\ 83,24,b2,56,58,9a,40,47,ac,83,54,c8,73,b2,d7,70,7c,0e,37,44,f9,69,d1,7e,36,\ 42,20,f3,a5,68,30,a3,dc,c4,70,9d,f6,7b,d7,59,ab,a6,25,59,c6,ef,7e,21,cc,12,\ 50,49,15,aa,79,5e,9b,f8,d6,6a,a7,e0,7d,f9,25,50,96,e0,c3,c9,2d,b3,48,8b,a4,\ fd,f6,32,84,77,27,9b,de,a7,d7,4e,03,9c,3b,9d,03,90,4b,d4,d6,d7,24,ba,db,eb,\ 51,83,22,3a,a5,51,8f,e4,5c,24,86,00,a4,d1,e9,52,01,62,d1,d3,9e,db,e8,ca,b8,\ f2,e6,6a,18,55,c7,89,9f,34,cb,06,98,e1,5f,2b,17,0a,30,54,bc,81,5e,52,27,84,\ 47,2a,7b,bb,d7,d4,80,8b,08,8a,e5,5b,d2,89,95,a8,72,73,a4,49,8f,bf,7b,19,70,\ af,0c,48,9e,fb,8e,6a,a1,fd,1d,c6,c9,c9,f9,d0,26,40,f5,e1,a4,ae,21,13,f0,d6,\ 0c,42,b1,ac,29,6a,3c,f7,8c,dd,68,7c,4f,71,c0,b5,f8,3f,0d,41,0c,9a,f6,8f,d6,\ 58,a7,e2,12,78,2e,35,e8,dc,af,04,84,cc,91,67,fc,d3,7a,58,f7,0c,37,db,d1,74,\ d4,b5,6c,14,49,ed,67,ed,11,53,28,9d,3d,58,77,77,ed,fe,d5,e0,5e,e6,c6,6d,60,\ 07,69,ab,a8,8b,f4,64,d3,c8,bf,90,9a,f3,11,02,00,87,ee,d8,01,42,97,99,57,92,\ 2c,06,66,89,71,94,f6,78,b5,74,8f,b4,66,46,f6,66,8e,e8,db,f5,9a,5e,57,93,b5,\ 0c,d7,19,29,0f,6f,81,e1,8b,bb,b9,aa,d2,6e,ac,e4,44,ca,c3,f7,de,37,af,04,10,\ 2d,a9,d4,50,0e,c5,ec,e7,ad,d9,e8,c0,3c,2e,e9,f5,70,6f,7e,4c,58,79,f1,be,16,\ f2,c7,8a,e9,38,af,10,71,5e,9d,9b,2d,cd,d0,bc,9b,41,97,9b,7e,59,ca,19,f5,8d,\ f9,e7,c7,e5,f2,b7,ff,2d,e1,88,fb,ee,6e,bb,f0,7d,b8,04,ae,d2,e6,33,39,81,2a,\ ef,73,39,9d,b2,01,7f,76,a4,f3,02,3c,4a,0d,02,59,13,9f,6f,bc,7b,4a,ac,10,9f,\ 7b,02,f1,7c,18,f0,e2,2c,23,29,65,4a,02,65,f9,08,d9,ea,f3,a2,5f,60,4e,9a,cc,\ 06,2f,c6,13,01,6d,2e,27,b1,a9,ef,36,ac,e7,f3,85,7f,d0,3c,58,d2,ce,4f,81,ae,\ bc,e7,a8,07,18,ee,7a,69,0f,df,22,6c,9f,e2,f2,e4,c4,e0,98,96,3c,91,92,b4,63,\ 25,bf,1c,d4,cc,0b,81,b7,40,64,43,2d,66,03,8a,38,32,90,88,f7,a5,f0,9f,72,dd,\ 9b,4d,af,56,29,35,6a,a3,1b,a9,14,d2,64,b8,e4,c6,8b,68,86,13,4f,e3,22,ed,8f,\ e8,f3,4c,b7,f7,61,7a,34,08,37,69,76,3e,25,23,6a,c8,62,3d,9a,58,7b,3f,1a,3f,\ 2f,48,1b,03,be,8b,d0,df,dc,77,2e,b5,6d,d4,1a,1d,23,1e,9a,1b,56,df,4e,cb,6d,\ 7b,45,ef,51,16,f1,46,cb,5d,f9,3a,b6,83,26,5a,3b,d5,1a,ce,e9,ab,0d,3f,fa,03,\ 1d,95,28,fb,0c,84,06,00,0a,4f,7e,bf,2c,86,54,53,86,7b,c3,c7,61,c7,8c,b9,58,\ 01,fe,3b,0d,45,a4,f9,61,ed,00,05,24,d3,f8,66,92,6e,a7,92,79,a4,0f,b9,84,2f,\ 01,70,6a,6f,1e,40,35,6e,c2,d8,1a,39,11,18,68,97,64,53,9c,ad,e4,3f,06,71,bd,\ d1,25,16,4c,91,5d,28,72,33,49,f8,f7,75,29,e6,1f,4f,c2,8e,e8,2a,eb,e0,7d,22,\ 32,9f,22,f5,1a,0c,6f,0d,f8,99,62,a7,2d,45,73,18,13,c1,5a,f8,a3,6a,e6,da,00,\ 42,77,a9,5b,8b,4f,8f,8e,10,d7,68,db,dc,0e,80,f7,8c,f9,1a,4f,a6,02,18,c3,f4,\ c7,ca,25,3a,4f,f2,16,21,68,9a,84,b9,6d,fc,e3,87,12,e0,69,62,6b,01,0f,c8,03,\ 2f,91,4f,eb,cc,b5,96,e9,03,c0,62,f9,be,fe,ef,50,0b,de,fb,99,ab,86,04,19,91,\ 2d,6a,7f,19,66,2f,6d,3b,ac,87,7d,93,17,79,09,9c,21,51,80,3a,45,e5,79,96,aa,\ 45,bb,a6,5f,71,de,b6,c0,a5,83,d5,1c,eb,8b,13,8c,1c,4b,9c,21,cc,db,ac,82,29,\ ee,49,b5,f8,c2,d7,82,31,48,a5,f0,43,ed,22,34,d8,c6,fa,d7,7e,8b,b9,b1,db,7c,\ 16,3c,42,13,f5,ad,82,9a,f9,f3,ff,2a,88,8c,5b,9f,e5,f6,bd,e1,08,e6,45,07,40,\ 6d,6e,23,b7,53,4e,57,ed,59,7f,20,89,a9,c9,4e,26,9f,98,56,86,92,d8,ca,9d,07,\ 00,14,81,27,90,0c,4d,69,42,86,9a,78,3e,3b,5a,92,7b,55,6a,5d,99,ba,2c,b0,4f,\ f0,68,55,c9,07,b7,70,97,e0,e7,f7,83,94,d5,a2,6c,b8,5c,97,db,6b,be,2f,2e,f8,\ 23,f7,2c,28,50,ee,ab,ad,bb,b9,60,ec,b4,75,ad,7a,03,e7,03,ad,19,a6,c0,01,26,\ 1e,a5,6b,94,17,c2,61,ae,ea,76,57,08,9c,e8,40,38,0b,9b,86,85,05,62,60,83,1d,\ 58,8a,4e,45,b7,7b,c6,0f,07,35,c4,28,a4,41,6d,22,8e,73,7c,39,5f,f4,62,32,63,\ 5e,70,b1,8e,42,5c,fc,7b,64,c2,04,17,30,99,4f,de,1d,8d,6a,ab,37,47,df,33,3f,\ 74,ff,ad,21,ab,74,62,74,6b,db,a5,4c,9d,b3,86,0e,f3,74,c4,32,ea,6f,57,45,4a,\ ff,48,80,a9,53,44,0e,b9,7c,f1,cb,da,16,d7,38,a9,bd,ad,00,84,c1,6b,ac,fb,bd,\ b8,fd,98,20,6e,9e,4e,de,ee,a9,3a,21,5f,da,f9,80,59,f2,f0,7c,99,d9,83,c2,59,\ 95,2c,1f,5f,33,62,22,90,b9,eb,15,0b,6b,e1,0f,ff,53,06,2e,7d,e7,2b,43,b0,a5,\ 1e,24,e3,d8,c3,44,f9,2a,72,c0,9f,35,a2,4e,10,55,d4,be,51,cb,4c,10,01,d7,8b,\ 0c,34,d2,59,1a,9b,5c,70,d9,e8,7c,38,e0,d7,09,ef,f5,30,4e,02,da,26,aa,94,44,\ bd,41,fe,2c,d8,e3,84,6e,f7,18,ec,b7,fd,52,f4,63,5e,d5,fa,1e,dd,46,44,8c,9a,\ 9e,12,95,12,f5,4f,1f,e6,25,df,f5,cc,28,e7,21,ea,49,84,4c,8e,7b,9e,10,08,3b,\ 14,8f,c1,72,f9,9c,bf,38,34,54,1f,c8,69,d9,42,bb,ce,a4,a8,c5,b4,d1,a2,fb,78,\ 24,b3,61,9b,cf,45,1b,17,81,fb,58,50,dd,e9,a2,cc,0f,11,50,a3,75,f4,5d,a3,8c,\ 3d,03,f7,d5,8d,52,8a,16,f0,5e,86,a4,d5,c8,3f,01,4b,f4,a8,97,05,05,fb,06,b2,\ ae,e3,fc,cc,15,ff,65,97,77,45,6a,9a,d0,7b,25,cc,be,38,74,0a,44,3b,63,6a,aa,\ 7c,3e,7d,25,5b,67,a6,91,4f,49,18,ea,41,15,ec,af,ef,2d,4f,49,93,fd,7b,98,7f,\ 31,fe,0b,5d,01,c3,35,0b,bc,8f,6d,66,79,df,5a,e9,01,91,8d,9a,fa,5f,d2,64,b5,\ a8,99,5e,6d,3e,3e,8d,2c,0d,ab,a1,40,65,33,af,57,37,0e,3f,a1,f0,9c,7a,32,16,\ 57,07,c7,90,ce,6f,5a,d9,d2,4d,31,3f,e2,1c,2f,da,94,6d,a8,57,2a,85,33,a5,89,\ 1d,6a,34,94,8f,87,15,64,9a,c5,5b,af,d6,02,c5,45,ee,5b,34,77,25,e0,da,fb,f3,\ cd,4e,d3,7d,e6,33,36,cc,67,2d,a4,08,8a,02,c7,5f,75,19,e3,ad,8b,7a,1a,3e,e2,\ 97,ba,e5,57,82,6c,21,59,ce,16,11,40,1b,d8,8e,1c,c0,1e,b3,88,e6,d1,6e,57,81,\ e4,f8,6c,c9,c9,e2,39,35,c5,18,16,b0,e5,87,53,af,62,bd,a5,6f,b6,34,70,8d,b5,\ 8f,1a,67,ff,94,39,5c,ec,d9,36,a2,10,fe,95,19,5c,1b,d1,bb,68,6d,f5,42,6a,d1,\ 06,1d,6b,97,52,9c,fe,f7,31,14,86,ce,65,14,d1,de,56,d9,71,00,61,df,67,0f,3f,\ 24,4e,bf,03,27,85,e0,6b,1f,b0,d2,bd,fe,9c,27,6b,57,45,09,b6,f2,8a,b3,d7,bf,\ 52,23,fe,96,44,0c,f8,51,01,28,a6,e6,09,e5,b0,c4,e7,9a,7a,07,88,7e,de,b4,79,\ 32,a0,cd,f3,84,61,8b,37,83,17,35,8c,c7,86,01,59,fb,eb,a7,a5,56,1c,30,d6,34,\ 32,ee,7f,48,62,6b,ed,07,8f,c6,25,c6,55,58,f3,40,e7,24,6a,79,be,ac,98,e8,a0,\ 0f,1f,eb,81,19,ae,73,ef,21,3f,25,49,d8,b3,a8,c6,b7,79,69,46,09,7e,e1,d0,32,\ 46,75,07,5e,43,a6,cc,f3,f4,07,31,14,5b,19,a2,ff,38,c2,76,b6,a9,c2,b3,b4,19,\ d6,b5,7e,06,c6,0d,24,bf,3c,0c,56,29,ed,5b,c9,ff,58,35,7a,cd,6d,c1,2e,aa,2c,\ 03,f7,f2,13,ec,c2,f8,b7,6c,82,e9,f8,f8,a9,d7,c3,5b,ce,35,79,42,29,c8,ab,47,\ 49,97,c9,74,ed,4c,70,d9,cc,e6,83,46,a4,72,a5,32,34,aa,41,95,76,8b,98,a3,9b,\ 0f,30,77,13,86,b4,3d,95,e3,d2,88,6d,15,61,6b,bb,86,6e,52,f1,17,01,63,da,e9,\ 46,02,63,d1,16,6f,21,18,77,fc,65,d2,b4,52,2d,88,b7,c4,13,2c,e2,c8,ce,c0,09,\ 7d,4e,8d,04,79,3a,8e,16,a8,02,ca,ea,46,81,31,38,ab,1f,b2,60,55,84,50,8d,21,\ ff,3a,bc,fb,a2,8c,fe,8b,9d,62,97,a9,51,f0,7a,4b,ed,e1,a4,b5,35,c7,4c,a2,42,\ a7,05,e6,73,40,ee,ea,36,56,6e,71,e5,9a,22,08,fc,91,b6,35,49,f0,30,11,ef,0c,\ a1,79,ce,c4,46,c6,eb,17,12,7b,cf,0f,e7,b5,d8,d8,4d,b8,6d,64,91,3d,be,d2,07,\ a9,ad,4b,da,08,2f,03,24,c6,0a,12,e4,89,7d,16,15,3d,35,79,9b,98,fd,e2,ef,b5,\ 87,c2,fb,c1,b3,ad,66,fc,de,d4,b8,39,23,a5,31,c3,11,06,92,18,1e,d6,fb,bb,df,\ 5e,44,68,14,bb,1b,91,43,23,42,99,b9,a6,d2,e8,6a,a7,06,ae,2a,92,41,ca,2e,c9,\ b8,f2,4f,2f,a4,07,ea,a2,d1,01,cd,86,d8,4f,cb,b0,09,b2,16,4a,9f,ea,86,de,ec,\ 1f,08,a3,9a,3f,c5,e6,d1,02,ae,c2,36,4c,d7,4f,6c,19,58,f1,dd,8e,65,15,10,38,\ 57,0c,39,a9,9f,47,ec,e9,cb,3b,7c,1f,28,82,85,77,77,e7,d2,49,ee,ca,fe,32,61,\ 6c,c0,24,3b,17,1c,62,af,c7,a0,1f,10,bf,16,fd,18,1e,d4,c5,66,0c,33,9a,55,3a,\ c0,42,71,24,98,64,50,04,e0,5c,36,04,c9,a7,5d,73,51,52,a0,91,32,6b,8d,cd,e1,\ 40,d9,ee,e1,e8,09,7f,91,00,11,59,fb,c3,e5,63,fe,2d,65,d6,33,b0,31,e0,27,f7,\ 34,08,c6,0f,fd,0a,d5,8b,02,20,2b,b1,d1,c6,2c,c6,67,6e,6b,33,d4,86,b1,5e,82,\ b2,60,ef,9c,c9,0a,fc,e6,6a,af,65,83,bd,2c,e7,54,4a,a9,e3,ec,71,dc,51,97,fc,\ 84,55,43,99,f6,40,92,e7,c6,cf,bc,6d,51,ac,d5,f9,1f,03,3c,56,f4,d1,d0,69,6f,\ 42,89,96,f9,78,5e,88,bc,de,08,5d,35,ff,51,fc,8f,1a,c6,86,66,eb,91,2c,1a,d0,\ 94,38,9a,ec,ea,42,23,ba,cc,83,d2,f1,5d,a9,39,69,35,d2,50,7d,b0,37,50,86,c5,\ 4e,9a,d1,48,2b,8a,4a,68,bf,83,37,7d,fb,b4,df,dc,ef,b4,1f,7e,47,72,a5,a7,35,\ b3,70,cb,f6,c8,f9,94,63,85,51,75,ac,34,0d,9f,b0,31,44,2e,78,9d,95,c7,97,f4,\ 29,78,2c,57,2b,3b,a9,87,9f,4a,65,d9,66,ce,05,99,86,70,5c,24,6e,1e,36,1a,08,\ ae,79,ee,b9,b3,b0,01,b0,a6,63,e4,e6,67,44,65,b1,57,2a,d6,83,8c,d9,75,39,d2,\ aa,5b,4a,c1,ae,49,de,22,9c,f6,fd,cc,b5,fb,e7,c9,6c,22,99,a9,e3,9c,72,dd,88,\ d3,34,41,18,46,e6,5f,0d,e9,0e,b4,fa,b1,49,52,33,6f,96,17,fb,d5,c8,c3,0b,70,\ 8f,c8,da,fe,21,08,3b,a5,f6,3c,41,db,24,6c,d8,d3,48,cd,e6,6e,2d,99,9d,e3,19,\ be,24,47,1e,bb,5b,04,9f,75,08,f1,96,a4,03,f2,17,c2,ac,f0,06,05,c3,44,e4,98,\ d4,6a,7b,2f,71,22,70,dd,55,98,c5,fa,6e,85,1f,cd,12,aa,c3,81,54,2f,72,37,58,\ a2,8a,13,64,af,96,85,d8,ff,86,86,4a,24,73,c6,eb,72,0a,b5,82,e3,18,38,52,f4,\ 35,53,5a,11,31,6e,0f,cf,69,65,19,dc,3c,6c,ed,6c,2b,0e,65,1d,49,dc,d1,f0,da,\ 2d,3c,cf,67,f5,c4,bb,9a,3f,8e,c2,6b,ca,eb,f0,31,39,12,cd,47,3a,ed,7b,4d,89,\ 4f,72,49,b8,7d,f2,0e,5b,19,07,df,50,e6,c9,88,87,cc,9a,96,b5,7e,b5,20,c9,08,\ 8f,a1,08,7b,a0,4a,e1,c5,12,b7,6f,6e,60,6f,53,ae,4e,41,4e,53,06,c2,44,70,23,\ ec,32,2c,33,25,85,66,18,92,c8,9c,d3,d3,18,c3,ad,7a,04,a9,6f,7c,7f,21,da,8f,\ d7,50,38,ae,93,69,a9,4a,15,48,9e,03,e5,55,54,1b,eb,ad,bb,f3,26,70,ab,56,0e,\ 74,9d,6f,d7,fd,1e,a6,67,1a,66,b1,e5,d3,d2,69,f4,d4,24,a6,9c,55,5c,3d,9d,d2,\ 22,d7,58,09,bd,8e,e3,64,d0,d8,36,2f,bf,ea,cb,40,8b,e2,12,af,5d,f6,ed,27,50,\ 0a,b3,8d,c6,91,9c,d2,db,cd,cd,58,5d,8f,5a,da,51,61,4b,a3,36,15,cb,21,30,7e,\ 3b,f2,d4,3c,be,b8,a5,6e,03,59,5b,30,34,f0,90,b7,98,ba,9d,34,68,45,5c,b5,96,\ ad,bc,5e,0f,d2,f8,e1,3c,7c,7e,57,ee,5a,34,92,df,72,b8,38,0c,82,62,83,0f,b5,\ 1c,58,bd,2f,f6,f9,90,7c,41,39,64,03,58,9f,a4,3e,fd,da,80,9f,56,67,0c,14,95,\ a1,53,0c,62,02,e2,2f,8f,84,3d,77,a6,07,11,77,bf,4e,2c,00,73,3a,0e,07,4f,1b,\ e6,d0,1e,79,5a,97,f8,cd,a8,32,fc,7b,53,0c,7e,c3,25,58,6c,cd,18,21,b5,58,b9,\ 27,29,d2,f7,3c,f7,e8,f1,f6,26,9f,39,4a,a9,d7,f1,98,da,a0,11,d7,a5,cb,2c,52,\ eb,d3,bc,22,d8,4d,46,bc,66,c2,1a,31,af,04,52,5f,07,21,90,bc,7b,a9,7a,6c,bc,\ 0d,57,65,89,19,5b,82,50,81,e3,f7,79,5d,e5,ed,fc,13,ea,96,cc,04,d0,83,76,15,\ fb,db,65,ec,a5,67,76,3b,b4,9f,27,c1,26,80,d4,08,e5,47,f4,16,f2,c8,40,65,01,\ ad,51,8c,7b,7c,44,cf,7b,d2,a9,42,6f,9f,64,f9,39,22,9b,85,22,b7,71,7f,a9,85,\ 06,87,04,fa,60,ff,a5,96,59,6d,87,d3,82,ad,ea,25,a1,67,3f,1c,1d,d2,21,62,9f,\ 3d,83,bd,7d,10,cc,f0,62,e8,1d,54,0e,c3,dd,7b,05,78,c1,15,1b,c9,bf,2e,10,9e,\ 35,2e,da,b2,d2,8d,c4,be,b3,ae,10,ec,a7,55,55,2c,6b,b6,84,50,d0,66,6b,fa,fd,\ 88,5f,39,5f,30,7b,9e,d8,08,ac,e4,a1,83,10,4b,55,98,a8,26,88,56,64,a5,be,1b,\ e2,e2,59,73,9d,2e,f2,94,ba,67,69,97,2f,f2,df,fd,d9,c6,57,cf,63,4d,de,fa,47,\ 06,18,6f,91,47,a8,74,02,ac,1f,c1,ab,98,62,c0,1c,f9,42,e4,01,ad,4c,78,68,b8,\ 30,4c,47,d5,2e,c1,78,fd,8a,ea,48,da,27,97,1c,ab,be,c5,7f,c0,97,21,4d,8a,65,\ fa,46,60,b1,a9,38,83,29,92,a6,16,0d,38,71,fc,21,ed,83,1c,7b,05,b4,19,2b,02,\ 91,8d,1b,1f,95,fd,44,9c,cf,fd,ab,2c,c3,c3,cc,43,1a,f6,d8,dc,9f,7a,47,08,bc,\ a9,5e,28,99,5c,c4,91,87,c1,8c,60,04,b6,2e,e2,d3,81,57,29,e0,fa,b5,9d,11,7d,\ 53,6a,32,fc,54,65,a4,39,00,79,e9,de,a1,64,2c,73,8e,03,c3,bb,b7,e9,49,dd,58,\ 5d,5c,6c,4b,d4,4a,b0,f4,7d,4a,6e,9b,4a,25,a7,d2,b7,e6,cb,61,2b,a2,10,8f,77,\ 7f,13,f8,25,93,77,dd,94,02,9e,58,41,e8,5f,e9,07,82,36,ed,ec,af,76,ab,f5,c6,\ 85,ef,4f,de,c1,b0,90,4b,1f,50,57,23,84,a8,ac,70,8a,66,f6,45,33,c4,51,6c,91,\ 7b,41,a4,b8,c4,d8,15,98,9c,ac,6a,13,6c,7b,0b,3e,20,7c,ee,7f,ae,e4,ad,50,fe,\ ac,7b,62,d3,ce,79,3a,e4,5f,6d,24,f1,05,b8,9d,2e,07,5a,bd,7c,aa,02,16,c5,04,\ a4,83,4a,59,a0,76,b7,cb,0b,d4,62,63,c1,2e,62,29,b9,90,4b,e7,c9,6a,d8,df,45,\ 7c,3e,03,81,13,80,74,33,66,66,ec,03,60,d3,7e,30,4d,b0,c0,61,39,15,4a,42,16,\ 97,1c,fb,60,8c,ae,c8,34,e9,a8,b2,f7,60,de,77,c9,d8,97,71,fb,8b,71,4f,2b,7b,\ 63,06,dc,73,90,b0,88,a4,43,6e,34,53,f3,c4,ab,c8,f6,d1,df,8a,29,58,4e,5f,3d,\ 17,f6,b4,7c,dd,8a,76,b8,a1,8a,e2,8a,90,80,27,d8,3b,37,77,ea,9e,8b,ac,34,db,\ 4f,aa,56,ce,33,23,58,31,95,a2,a1,82,80,40,e9,02,b4,3f,6e,9b,6d,d0,43,e3,49,\ bb,88,cd,35,63,53,f3,45,b0,d7,51,09,8f,8c,c2,15,82,fb,2c,9a,ea,97,c2,a4,1f,\ ce,22,d1,ae,ef,ad,b1,72,1e,64,0b,59,d3,96,f4,90,ba,28,74,f1,e6,f2,48,77,69,\ 4b,c6,cf,3e,c4,4f,7f,80,9c,51,b0,96,e7,05,34,53,b9,b9,7e,d5,fe,b5,32,1d,29,\ 21,d2,77,06,68,84,f7,f6,67,ae,57,96,6e,d6,81,8d,d8,88,b8,43,8d,a7,a2,18,c7,\ 9c,7e,46,a5,9f,f6,f3,ea,51,ea,83,87,da,24,7c,b4,03,77,ae,ce,cf,7a,cb,06,ea,\ cc,c6,9c,8b,26,f8,29,19,09,1a,5e,3b,e9,18,7e,81,2b,47,c5,b8,ce,2f,f0,70,9a,\ 1d,58,de,47,62,be,00,b9,48,5f,b4,56,cb,8a,bb,08,2b,76,93,11,9a,0d,e3,1d,74,\ 43,f9,9b,b8,36,aa,bd,01,54,9e,09,66,a4,f0,e5,f5,da,a3,c1,48,79,6d,18,d9,67,\ 53,51,93,63,7f,0f,1d,1a,fc,41,23,ed,a9,73,f0,be,99 "??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50 . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(892) c:\programfiler\SUPERAntiSpyware\SASWINLO.dll . Tidspunkt ferdig: 2009-01-07 15:22:28 ComboFix-quarantined-files.txt 2009-01-07 14:22:23 ComboFix2.txt 2009-01-07 04:36:46 Pre-Run: 10 698 792 960 byte ledig Post-Run: 10,682,060,800 byte ledig 405 --- E O F --- 2008-04-17 21:33:59 Lenke til kommentar
snippsat Skrevet 7. januar 2009 Del Skrevet 7. januar 2009 Ser bra ut. Bruk pcen litt,fungere alt greit gjør du dette. Du kan fjerne combofix ved å skrive combofix /u fra kjør-vinduet. Denne kommandoen gjør at filer i karantene og backups blir slette. Systemgjenopprettingsmappa nullstilt etc. Surf trygt. Lenke til kommentar
Colamann Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 Ok. Alt ser ut til og være i orden nå. Takk for hjelpen:) Lenke til kommentar
Tosha0007 Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 Dersom du mener at problemet med maskinen din er løst, kan du endre emnetittelen din, ved å trykke på -knappen i førsteposten din. Dette vil være med på å holde forumet mer oversiktlig for supporterne, samt at nye folk som får samme problemet lettere vil finne en passende tråd å se i. -Surf trygt- Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå