Gå til innhold

Prøver å lære meg HJT, har eg det?

Gavekort

Av Gavekort
i IKT-drift og sikkerhet

Anbefalte innlegg

Gavekort

Gavekort

Skrevet
Skrevet (endret)

Hei, dette er loggen på min maskin som har vært veldig utsatt for virus og har ikke vært formatert på nokkon år, så eg vil bolde ut det eg tror er galt, så kan dykk sei kva eg har gjort.

 

Eg har kjørt Mbam og Combofix. :)

 

 

 

Tusen takk om dykk vil hjelpa meg. :)

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:27:56, on 11.01.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\Gaming Software\LWEMon.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\MICROS~2\rapimgr.exe

C:\Documents and Settings\Fredrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\SpeedFan\speedfan.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\DC++\DCPlusPlus.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.20\RivaTuner.exe" /S

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fredrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

 

--

End of file - 12119 bytes

 

Endret av Blomsterbob
Lenke til kommentar

Videoannonse

Videoannonse
Annonse
Bruker-158599

Bruker-158599

Skrevet
Skrevet
Hei, dette er loggen på min maskin som har vært veldig utsatt for virus og har ikke vært formatert på nokkon år, så eg vil bolde ut det eg tror er galt, så kan dykk sei kva eg har gjort.

 

Eg har kjørt Mbam og Combofix. :)

 

 

 

Tusen takk om dykk vil hjelpa meg. :)

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:27:56, on 11.01.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\Gaming Software\LWEMon.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\MICROS~2\rapimgr.exe

C:\Documents and Settings\Fredrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\SpeedFan\speedfan.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\DC++\DCPlusPlus.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.20\RivaTuner.exe" /S

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fredrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

 

--

End of file - 12119 bytes

Siden du har kjørt combofix så kan du poste loggen.

Lenke til kommentar
Gavekort

Gavekort

Skrevet
  • Forfatter
Skrevet

Combofix-logg?

 

Ayay...

 

 

ComboFix 09-01-05.05 - Fredrik 2009-01-07 22:20:42.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1221 [GMT 1:00]

Running from: c:\documents and settings\Fredrik\Desktop\ComboFix.exe

AV: Norton 360 *On-access scanning disabled* (Updated)

FW: Norton 360 *enabled*

.

ADS - system32: deleted 12 bytes in 1 streams.

 

((((((((((((((((((((((((( Files Created from 2008-12-07 to 2009-01-07 )))))))))))))))))))))))))))))))

.

 

2009-01-06 16:09 . 2009-01-06 16:09

d-------- c:\program files\Malwarebytes' Anti-Malware

2009-01-06 16:09 . 2009-01-06 16:09

d-------- c:\documents and settings\Fredrik\Application Data\Malwarebytes

2009-01-06 16:09 . 2009-01-06 16:09

d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-01-06 16:09 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-01-06 16:09 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2009-01-06 16:06 . 2009-01-06 16:06

d-------- c:\program files\Trend Micro

2009-01-05 19:37 . 2009-01-05 19:38

d-------- c:\windows\system32\Adobe

2009-01-05 17:55 . 2009-01-07 22:17

d-------- c:\program files\Life of D. Duck II

2009-01-04 19:53 . 2009-01-04 19:53

d-------- C:\$WINDOWS.~BT

2009-01-04 19:51 . 2009-01-04 19:51 2,188 --a------ c:\windows\diagwrn.xml

2009-01-04 19:51 . 2009-01-04 19:51 1,890 --a------ c:\windows\diagerr.xml

2008-12-30 17:19 . 2008-12-30 17:19

d-------- c:\program files\7-Zip

2008-12-30 16:16 . 2008-12-30 16:16

d-------- c:\documents and settings\Fredrik\Application Data\gtk-2.0

2008-12-30 15:48 . 2008-12-30 16:36

d-------- c:\documents and settings\Fredrik\Application Data\Wireshark

2008-12-30 15:45 . 2009-01-05 17:16

d-------- c:\documents and settings\Fredrik\Application Data\Hamachi

2008-12-30 15:43 . 2008-12-30 15:45

d-------- c:\program files\Wireshark

2008-12-30 15:43 . 2008-12-30 15:44

d-------- c:\program files\WinPcap

2008-12-30 15:43 . 2008-12-30 15:45

d-------- c:\program files\Hamachi

2008-12-30 15:43 . 2008-12-30 15:43 25,280 --a------ c:\windows\system32\drivers\hamachi.sys

2008-12-29 15:18 . 2008-12-29 15:27

d-------- c:\program files\GTR2

2008-12-24 22:36 . 2008-12-24 22:36

d-------- c:\program files\Capcom

2008-12-24 22:34 . 2008-12-24 22:34

d-------- c:\program files\ZIO Interactive

2008-12-24 00:26 . 2008-12-24 00:26

d-------- c:\program files\Undead

2008-12-24 00:25 . 2008-12-24 00:25

d-------- c:\program files\AIM Productions

2008-12-21 20:31 . 2008-12-21 20:34

d-------- c:\program files\Red Alert 2 Yuri's Revenge

2008-12-21 19:47 . 2008-12-21 19:47

d-------- c:\program files\Empire Interactive

2008-12-20 19:15 . 2008-12-20 19:15

d-------- c:\windows\Sun

2008-12-20 19:15 . 2008-12-20 19:16

d-------- c:\program files\SystemRequirementsLab

2008-12-20 19:15 . 2008-12-20 19:15

d-------- c:\documents and settings\Fredrik\Application Data\SystemRequirementsLab

2008-12-19 17:59 . 2008-12-19 17:59

d-------- c:\program files\Left.4.Dead.Full-Rip.Skullptura

2008-12-16 18:14 . 2008-12-16 18:14

d-------- c:\documents and settings\All Users\Application Data\2DBoy

2008-12-16 18:13 . 2008-12-16 18:14

d-------- c:\program files\WorldOfGoo

2008-12-13 18:41 . 2008-12-13 18:41

d-------- c:\program files\iPod

2008-12-13 18:41 . 2008-12-13 18:41

d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-07 21:30 --------- d-----w c:\program files\SpeedFan

2009-01-07 21:29 --------- d-----w c:\program files\Common Files\Symantec Shared

2009-01-06 22:47 --------- d-----w c:\program files\DC++

2009-01-06 17:09 --------- d-----w c:\program files\World of Warcraft

2009-01-05 16:27 --------- d-----w c:\documents and settings\Fredrik\Application Data\MiniLyrics

2009-01-04 18:53 --------- d-----w c:\program files\Microsoft ActiveSync

2008-12-31 14:55 --------- d-----w c:\documents and settings\All Users\Application Data\Test Drive Unlimited

2008-12-30 17:52 --------- d-----w c:\documents and settings\Fredrik\Application Data\Azureus

2008-12-30 15:35 --------- d-----w c:\documents and settings\Fredrik\Application Data\SiteAdvisor

2008-12-24 21:34 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-23 19:51 --------- d-----w c:\documents and settings\Fredrik\Application Data\FileZilla

2008-12-23 19:37 --------- d-----w c:\documents and settings\Fredrik\Application Data\foobar2000

2008-12-21 19:32 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP

2008-12-21 18:30 --------- d-----w c:\program files\Steam

2008-12-21 17:23 --------- d-----w c:\program files\QuickTime

2008-12-13 17:41 --------- d-----w c:\program files\iTunes

2008-12-13 17:41 --------- d-----w c:\program files\Common Files\Apple

2008-12-06 17:26 --------- d-----w c:\program files\Bullfrog

2008-12-06 16:13 --------- d-----w c:\program files\Lionhead Studios

2008-12-05 22:05 --------- d-----w c:\program files\DeepSilver

2008-12-04 16:45 --------- d-----w c:\program files\RivaTuner v2.20

2008-11-30 20:43 --------- d-----w c:\documents and settings\Fredrik\Application Data\dvdcss

2008-11-24 20:38 --------- d-s---w c:\program files\Xfire

2008-11-24 19:24 --------- d-----w c:\program files\Common Files\INCA Shared

2008-11-24 19:21 --------- d-----w c:\documents and settings\Fredrik\Application Data\Xfire

2008-11-24 18:44 --------- d-----w c:\program files\Games-Masters.com

2008-11-22 16:20 --------- d-----w c:\program files\AOE2

2008-11-22 15:13 --------- d-----w c:\program files\EA GAMES

2008-11-21 13:08 --------- d-----w c:\program files\Vuze

2008-11-19 20:40 --------- d-----w c:\program files\Westwood

2008-11-16 16:17 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf

2008-11-12 14:27 --------- d-----w c:\program files\Norton 360

2008-11-11 15:32 --------- d-----w c:\program files\Lavasoft

2008-11-11 15:31 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-11-09 14:33 --------- d-----w c:\program files\Gothic III

2008-11-09 14:25 271,360 ----a-w c:\windows\system32\drivers\atksgt.sys

2008-11-09 14:25 18,048 ----a-w c:\windows\system32\drivers\lirsgt.sys

2008-11-08 17:20 --------- d-----w c:\program files\GPS Tuner

2008-11-08 14:12 --------- d-----w c:\program files\AGEIA Technologies

2008-11-08 13:57 --------- d-----w c:\program files\Reality Pump

2008-06-30 11:44 324,976 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll

2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll

2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll

2008-09-30 23:53 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008100120081002\index.dat

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]

@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"

[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]

2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]

@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"

[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]

2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]

@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"

[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]

2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]

"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]

"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]

"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

"Google Update"="c:\documents and settings\Fredrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-05 133104]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-12-13 2051096]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-12-13 2095640]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]

"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]

"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"D-Link AirPlus G"="c:\program files\D-Link\AirPlus G\AirGCFG.exe" [2005-07-22 1519616]

"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 49152]

"RivaTunerStartupDaemon"="c:\program files\RivaTuner v2.20\RivaTuner.exe" [2008-11-19 2727936]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]

"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-17 c:\windows\system32\Hdaudpropshortcut.exe]

"nwiz"="nwiz.exe" [2008-05-02 c:\windows\system32\nwiz.exe]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\Fredrik\Start Menu\Programs\Startup\

SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2008-04-22 3287552]

 

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-08-02 805392]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2008-05-02 01:42 72208 c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.I420"= i420vfw.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

 

[HKLM\~\startupfolder\C:^Documents and Settings^Fredrik^Start Menu^Programs^Startup^PC Probe II V1.04.19.lnk]

path=c:\documents and settings\Fredrik\Start Menu\Programs\Startup\PC Probe II V1.04.19.lnk

backup=c:\windows\pss\PC Probe II V1.04.19.lnkStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch Ai Booster]

--a------ 2004-12-10 16:30 3503616 c:\program files\ASUS\Ai Booster\OverClk.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--a------ 2008-04-14 01:12 1695232 c:\program files\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

--a------ 2007-01-19 11:54 5674352 c:\program files\MSN Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

--a------ 2008-11-22 14:09 1410296 c:\program files\Steam\Steam.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Vuze\\Azureus.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\World of Warcraft\\WoW-2.3.0.7561-to-2.4.0.8089-enUS-downloader.exe"=

"c:\\WINDOWS\\system32\\dplaysvr.exe"=

"c:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"c:\\Program Files\\MSN Messenger\\livecall.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=

"c:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=

"c:\\Documents and Settings\\Fredrik\\Desktop\\gmod\\hl2.exe"=

"c:\\Program Files\\Steam\\SteamApps\\bob_mafia1992\\source dedicated server\\srcds.exe"=

"c:\\Program Files\\Steam\\SteamApps\\bob_mafia1992\\counter-strike source\\hl2.exe"=

"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"c:\\Program Files\\AOE2\\age2_x1.exe"=

"c:\\Program Files\\Left.4.Dead.Full-Rip.Skullptura\\Left 4 Dead\\left4dead.exe"=

"c:\\Program Files\\Games-Masters.com\\CABAL Online (Europe)\\launcher\\update\\ESTdnheadless.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Red Alert 2 Yuri's Revenge\\gamemd.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

 

R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2008-07-02 1275584]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-11-28 99376]

R4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-02-18 149352]

R4 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]

S0 NVStrap;NVStrap;c:\windows\system32\drivers\NVStrap.sys [2008-09-02 4224]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-13 23888]

S3 cpuz;cpuz;\??\c:\docume~1\Fredrik\LOCALS~1\Temp\cpuz.sys --> c:\docume~1\Fredrik\LOCALS~1\Temp\cpuz.sys [?]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-01-06 38496]

 

--- Other Services/Drivers In Memory ---

 

*NewlyCreated* - COMHOST

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b85ff80-66ce-11dd-ac30-0013468a5c07}]

\Shell\AutoRun\command - G:\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dab4355c-59af-11dd-ac1e-0013468a5c07}]

\Shell\AutoRun\command - setupSNK.exe

.

Contents of the 'Scheduled Tasks' folder

 

2009-01-05 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

 

2009-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1177238915-725345543-1003.job

- c:\documents and settings\Fredrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-05 12:09]

.

- - - - ORPHANS REMOVED - - - -

 

HKLM-Run-Cmaudio - cmicnfg.cpl

 

 

.

------- Supplementary Scan -------

.

uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage

uInternet Settings,ProxyOverride = *.local

FF - ProfilePath - c:\documents and settings\Fredrik\Application Data\Mozilla\Firefox\Profiles\nb86iz9n.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.tek.no/

FF - prefs.js: network.proxy.type - 2

FF - component: c:\program files\Mozilla Firefox\components\coFFPlgn.dll

FF - plugin: c:\documents and settings\Fredrik\Local Settings\Application Data\Google\Update\1.2.133.33\npGoogleOneClick7.dll

 

ATTENTION: FIREFOX POLICES IS IN FORCE

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-07 22:32:04

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-515967899-1177238915-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Electronic Arts\S*NULL*P*NULL*O*NULL*R*NULL*E*NULL*"!]

"Order"=hex:08,00,00,00,02,00,00,00,fc,01,00,00,01,00,00,00,04,00,00,00,8e,00,\

00,00,00,00,00,00,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,32,\

00,d3,07,00,00,28,39,11,7b,20,00,41,56,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,\

44,00,03,00,04,00,ef,be,28,39,11,7b,53,39,e7,50,14,00,00,00,41,00,76,00,69,\

00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,72,00,20,00,53,00,50,00,4f,00,\

52,00,45,00,22,21,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,\

be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7a,00,00,00,01,00,00,00,6c,00,\

00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,46,08,00,00,28,39,11,\

7b,20,00,45,41,2d,68,6a,65,6c,70,2e,6c,6e,6b,00,00,30,00,03,00,04,00,ef,be,\

28,39,11,7b,53,39,e7,50,14,00,00,00,45,00,41,00,2d,00,68,00,6a,00,65,00,6c,\

00,70,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,\

00,00,1c,00,00,00,00,00,00,00,00,00,74,00,00,00,02,00,00,00,66,00,00,00,41,\

75,67,4d,02,00,00,00,01,00,00,00,54,00,32,00,be,05,00,00,28,39,11,7b,20,00,\

4c,65,73,4d,65,67,2e,6c,6e,6b,00,00,2c,00,03,00,04,00,ef,be,28,39,11,7b,53,\

39,e7,50,14,00,00,00,4c,00,65,00,73,00,4d,00,65,00,67,00,2e,00,6c,00,6e,00,\

6b,00,00,00,1a,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,\

00,00,00,74,00,00,00,03,00,00,00,66,00,00,00,41,75,67,4d,02,00,00,00,01,00,\

00,00,54,00,32,00,58,07,00,00,28,39,11,7b,20,00,53,50,4f,52,45,7e,31,2e,4c,\

4e,4b,00,2c,00,03,00,04,00,ef,be,28,39,11,7b,53,39,e7,50,14,00,00,00,53,00,\

50,00,4f,00,52,00,45,00,22,21,2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,00,00,\

00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00

 

[HKEY_USERS\S-1-5-21-515967899-1177238915-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*NULL*]

"??"=hex:50,f2,84,f6,80,61,70,f5,5c,c9,55,6d,10,86,aa,99,a5,f6,32,c5,fc,97,13,\

6a,60,6b,ce,ad,73,e1,2f,b5,04,ca,fa,81,9d,bb,87,c4,12,3b,32,4b,3f,f1,32,77,\

33,2f,b6,24,6c,62,5e,0b,93,68,1b,58,9e,5c,c7,a0,56,50,47,67,75,81,ce,5c,89,\

7c,b5,6a,df,a2,f7,de,1b,42,40,01,12,13,65,e2,1e,9f,6c,9c,a0,39,74,9f,39,29,\

6a,c5,60,44,80,05,b1,d5,30,99,1f,fe,07,f5,74,06,08,75,c3,db,b7,d4,06,5a,e0,\

3c,d7,3f,9c,9d,eb,6c,bd,48,b8,13,03,c0,a1,3b,fa,cc,9b,ac,d2,58,3f,ff,9c,4f,\

86,c2,64,f3,32,3a,03,9a,b9,6e,20,4e,d6,ff,59,1b,b8,72,d0,b0,b9,b9,62,c0,b6,\

1e,8a,2a,ba,49,78,a0,cc,85,39,33,08,66,72,4b,3b,ee,fb,14,ea,30,34,e6,2f,29,\

d0,a5,a5,53,1c,7f,39,c7,71,3c,43,2b,46,c3,e3,a0,30,04,2b,4a,f9,41,21,b9,92,\

e3,35,00,c3,8d,ce,5b,ac,01,4e,d9,85,9e,14,d1,51,5c,63,9a,c5,74,fd,cb,5a,fb,\

a0,a9,a2,c3,85,8f,19,44,e0,ee,95,ad,46,fd,93,4c,3b,e8,48,e6,b3,33,aa,03,d8,\

76,a8,08,7f,87,44,2f,46,99,3d,69,9c,71,db,17,37,a0,bd,08,20,50,50,3f,7d,8e,\

68,d1,0b,28,26,2e,5e,5e,d5,0c,71,b6,e6,69,d3,e0,78,d2,6f,6d,f5,56,9d,c6,cd,\

56,f3,10,54,62,4d,6c,bb,94,73,be,b8,1e,ed,5f,cd,9c,c6,52,7f,ca,c8,e8,8d,15,\

86,02,3b,ee,34,95,1b,db,d1,be,1c,44,f9,40,1b,aa,40,c0,24,db,ac,4a,e0,3f,62,\

5c,10,a2,18,5c,b0,59,de,b1,30,b7,b9,cf,46,a5,b6,73,17,77,e3,67,06,09,16,15,\

1c,d2,a4,3e,7d,3b,11,88,aa,c3,35,bd,51,4b,2e,87,21,8f,e8,21,12,f2,e6,37,18,\

a7,cd,f9,c8,29,42,06,1d,62,25,88,da,08,44,8b,b8,62,0d,78,da,e2,53,d8,3d,08,\

fb,8d,4b,f7,72,58,5c,85,54,1f,eb,67,ac,c3,de,97,8b,49,3f,0d,54,dd,e9,e5,3c,\

e9,62,2b,15,ad,f0,ec,14,f3,86,48,d2,56,98,3a,bb,ad,33,de,2a,4f,50,7f,6f,07,\

53,83,d6,f3,e3,34,36,67,cc,87,bf,bc,a5,a0,55,1a,f9,0e,60,ca,7c,60,ed,8a,7e,\

88,66,4b,cc,a5,cc,16,71,ec,84,20,38,e4,f9,0b,e3,34,25,6e,9b,98,75,14,d2,98,\

37,2b,fe,67,ee,12,d8,2d,16,c5,90,e3,44,d5,00,27,a1,24,a3,5f,c5,78,67,4e,36,\

a4,3a,71,04,64,35,c4,e1,24,12,ae,87,5c,fa,b5,49,28,20,cb,f5,85,b6,09,a3,bd,\

eb,ae,17,0d,32,34,13,31,ca,c0,72,ac,9d,62,01,8a,70,b8,a3,28,d3,29,a2,47,ef,\

4e,9e,4a,94,58,89,e3,b7,8a,44,ae,64,44,4d,d5,d8,27,6f,e9,4b,34,32,8d,25,58,\

75,27,df,64,3a,58,9f,c7,fa,d6,76,36,86,8d,84,2f,2b,aa,3f,7a,5f,29,ec,e8,e6,\

32,a1,76,77,b4,67,e9,eb,6d,a4,72,83,24,49,e9,aa,80,f4,44,60,c1,90,b2,d3,ff,\

69,51,01,36,fe,92,c8,17,05,b6,cb,3b,ee,01,0c,02,c3,29,34,c0,59,9f,d0,5e,87,\

de,63,9a,94,ff,d0,69,98,47,d0,4d,89,80,d5,82,a4,08,68,14,be,88,31,86,67,10,\

84,db,98,2b,6d,f2,3c,e8,f5,52,e6,e1,61,bc,c8,0f,3c,73,06,8c,29,75,4b,62,e8,\

87,47,1d,82,d5,79,b1,3d,7d,1c,c7,af,e8,e1,78,14,a7,1f,f4,40,d4,3e,da,45,4b,\

37,62,e2,4d,24,0d,df,39,60,27,f9,76,f7,8e,76,f7,06,1b,16,e4,75,e1,ec,a2,00,\

d3,af,5e,8d,fa,30,ec,bd,06,2c,75,ef,5d,99,e6,0e,6b,0e,7e,75,59,57,62,9a,4b,\

0d,57,34,d2,9d,aa,88,16,13,9a,5b,97,c3,e0,eb,e0,94,24,83,89,25,27,67,8a,4e,\

20,9a,9a,1c,1f,13,88,70,a3,19,8e,5f,e2,53,0b,63,f8,2f,4a,01,2d,08,b4,ae,67,\

94,9d,2b,39,f2,1e,3d,3e,90,eb,88,a6,bc,d1,1c,7f,d3,05,a6,08,ae,e1,be,d2,35,\

aa,13,52,aa,27,4a,c6,c3,8d,8b,c7,bc,28,c7,7b,89,b9,93,24,3f,bf,b5,14,9b,f6,\

c0,eb,af,6f,a5,08,02,88,b6,ef,30,ce,2e,dd,eb,48,64,b6,df,35,0e,ad,10,67,82,\

95,e7,e0,ef,5b,79,11,24,7d,07,9b,91,8a,44,3d,26,6e,be,52,0d,c8,52,aa,7c,e2,\

69,97,fb,3a,a7,de,e7,64,90,ec,8d,ab,22,e3,f3,d8,c3,6d,7b,93,18,13,da,b7,5a,\

8b,41,63,4e,9f,d5,f6,9d,63,64,6c,d5,79,74,d9,73,b0,b6,b2,7f,1e,f0,77,3f,39,\

21,38,a4,ce,fa,d8,2c,21,fc,0b,63,87,96,da,af,d4,17,78,c8,c6,d8,32,02,9b,b3,\

eb,bc,3c,f1,96,81,d1,69,d4,b4,a1,c8,02,f3,55,fa,6c,4a,87,bd,0c,b8,3a,72,6a,\

87,5b,f8,ee,ee,26,3a,8a,9a,18,0e,3a,ba,e1,bd,47,a8,a1,31,88,10,11,df,e2,e2,\

2a,95,f9,17,b7,c7,3f,c5,80,f6,3e,84,6b,16,e4,c0,dc,3c,c8,65,2e,e2,95,2a,8b,\

61,38,8c,ff,1d,05,84,de,e1,f6,1f,e3,44,ac,44,96,12,f2,d8,a9,fc,17,3f,dc,89,\

66,19,ac,14,1e,0b,17,67,e1,a3,6a,11,78,32,70,09,7f,a2,e4,4c,dc,37,10,ba,7a,\

e8,3b,9a,0a,c7,e8,73,a4,6b,03,25,01,98,08,11,69,10,b6,58,d2,7d,9a,9a,cf,47,\

2c,0d,a1,f7,e9,2e,42,7c,58,af,18,9a,2c,65,14,d1,17,6d,45,ba,ca,34,2e,7a,4f,\

dd,92,94,2e,b8,73,f0,50,b0,80,5e,98,d7,11,77,24,4a,88,8e,07,7b,b1,ba,40,34,\

c1,92,48,ec,84,74,80,1d,f3,77,dd,a5,18,ae,87,41,4c,f1,74,b9,05,dd,1e,fb,72,\

19,9f,c6,68,2b,93,9b,3f,df,de,35,c2,f5,58,2c,e6,9e,21,fd,7a,3f,58,d5,38,7d,\

cf,61,e4,42,6a,b7,d4,be,94,11,12,bd,e6,20,59,2c,da,40,f4,17,a8,91,e0,be,c2,\

92,2c,0c,2a,6b,a3,27,07,98,46,86,c9,d9,45,37,fa,86,9f,09,74,e6,09,0a,5d,26,\

73,d4,77,0c,b7,1c,83,68,37,b6,ba,db,28,ae,e9,87,8d,31,9c,df,46,c9,0f,12,f7,\

ed,ac,49,42,58,7a,1e,dc,0f,47,67,d1,b0,39,8b,fa,23,3d,9c,ed,f4,2f,d7,aa,ad,\

6d,3f,5c,65,5e,e2,2e,c6,dd,fd,9a,a1,71,bb,f2,61,3f,c4,68,4e,a7,79,7f,ba,02,\

07,66,c2,58,7b,1f,04,ff,58,a7,e9,30,dd,e4,5e,4a,a6,33,74,de,1b,31,ab,a4,c9,\

b8,b6,4f,97,09,b5,8f,e8,a9,b0,79,f4,12,24,71,57,64,c1,cc,2b,d2,c2,3c,8d,f4,\

c3,c7,8a,ad,2e,5c,80,ae,8e,d1,b8,f3,5c,ea,7d,0d,fa,e0,d3,d3,b8,cd,18,0f,c6,\

64,61,16,86,fa,2c,f1,5a,97,4f,a9,e8,07,4f,66,ba,12,34,6c,81,f5,2d,f8,63,88,\

96,70,7c,8f,e3,79,26,7e,a5,87,a4,1c,0b,1c,22,67,d6,73,76,a4,cf,3d,01,56,94,\

c2,08,7d,e0,23,25,4a,17,fb,19,61,4a,b8,12,33,01,4f,af,40,8e,54,46,7a,65,ac,\

f2,41,e7,47,b7,79,d6,39,8b,af,7f,f3,d0,d5,28,11,12,2e,d0,1c,37,d4,88,23,d0,\

9c,e4,ca,56,b1,3c,4d,db,0a,6f,a6,7e,76,36,fa,2c,44,ec,3f,f3,7c,15,45,6a,60,\

98,36,6c,37,3a,99,f3,2d,2d,80,72,6a,03,da,78,83,92,90,ba,91,26,ef,c2,cb,1b,\

ac,f5,9f,6c,9b,7d,a7,a9,8d,90,e1,fd,1e,e7,07,94,a1,a7,84,f3,30,4f,4d,eb,d6,\

ef,a6,f4,52,33,7a,39,04,7f,a7,34,8e,02,de,bc,58,c4,cc,51,d6,e8,cc,04,ce,58,\

ea,56,9d,bb,b7,5d,28,11,1b,ab,2f,01,f2,f3,4f,89,15,10,fb,f9,4c,46,89,db,7f,\

f6,dd,74,9a,7f,b9,e5,cc,e1,cf,fd,13,5e,f6,bf,a0,cc,77,33,0f,ee,b5,ec,a1,49,\

cd,c9,56,10,9e,78,7b,88,e8,6d,07,0c,e8,eb,10,99,ef,44,38,91,b4,61,91,a4,99,\

4a,c8,0e,ac,0d,e0,19,3c,24,d3,4a,7b,15,61,62,22,a9,34,af,c0,07,ef,aa,7e,11,\

55,5a,bf,78,fb,d3,6a,55,db,54,60,5b,54,b5,cc,00,15,1b,ca,37,69,75,65,06,a6,\

7a,51,e1,74,95,e4,59,cd,a7,29,a8,55,11,bc,1b,54,be,44,ab,60,22,bb,32,72,3b,\

2d,76,a9,7c,80,a4,da,60,cd,dd,41,fe,86,7a,f5,57,68,f3,51,69,48,05,01,6b,c8,\

fb,e6,25,0d,a6,d4,5b,9c,49,b4,9c,67,32,ae,36,53,0d,fb,e9,1b,f1,cf,fa,14,81,\

35,4d,03,eb,aa,d2,76,ed,bf,88,68,a7,80,b9,3c,45,c9,e2,ef,3d,96,9e,cd,ea,93,\

c7,ce,b0,82,ca,9b,bd,cd,48,ec,71,2a,24,76,84,a9,9f,f3,65,d3,f2,b1,65,ec,78,\

85,16,b2,2c,ad,30,bb,d2,8f,bf,23,ca,62,1a,98,3e,bd,b1,84,14,4c,57,ab,05,8e,\

53,f8,83,7f,6d,df,d9,c3,28,97,6f,97,18,a1,9e,24,37,dd,90,f4,26,73,29,78,66,\

88,8b,e7,4b,a4,14,d0,6c,a6,b7,eb,e3,1c,93,7c,52,63,75,71,8e,50,06,ce,13,b1,\

f7,f8,e5,cf,0b,52,4a,fc,58,80,bf,a8,da,4b,d2,f6,14,1e,d1,35,f4,19,b1,1f,43,\

83,4b,73,aa,66,34,ff,90,a7,1a,f5,8c,fc,43,e4,59,25,01,ec,78,9d,3b,84,f9,97,\

1b,79,ce,45,ff,0c,49,4b,5d,19,df,c9,f3,b6,5e,5d,21,5e,69,1c,95,d6,56,42,c3,\

ce,86,87,7f,13,ee,92,0e,cd,f1,e1,81,9e,48,bd,3f,33,f3,44,ff,b0,5b,1f,ab,a5,\

f9,c3,d4,a5,90,4f,87,12,d2,c9,5c,8b,3c,10,82,5e,f7,d2,51,8f,41,c8,14,d1,ae,\

80,7f,2b,60,78,3f,a8,c6,23,8a,f1,0e,af,e7,17,fc,d2,99,02,49,8d,53,c0,f2,85,\

33,ef,31,6e,fe,96,db,4a,a9,a2,dd,9b,75,d2,e2,64,31,fc,ef,37,2f,16,42,62,34,\

ff,82,46,71,a2,11,62,f1,f9,b0,88,dd,38,ec,86,0f,4c,09,f0,c6,10,d5,d5,2c,bc,\

08,43,a1,12,5b,db,07,d8,8f,e4,43,73,8f,64,e1,68,9b,03,52,70,ba,e7,3b,40,98,\

34,c8,d1,18,89,fe,95,ca,e1,da,1e,69,9f,2d,90,1d,01,1c,f2,53,e1,c3,d3,b0,29,\

22,c5,09,3e,ef,c9,6c,34,d8,d4,2c,54,8b,73,e1,3e,32,5e,76,6e,d6,ea,f7,3e,41,\

3a,74,ab,c3,8f,76,de,a4,c0,20,42,d9,f5,c2,ec,bf,fe,cf,ca,ff,b8,33,76,27,c1,\

6d,6a,01,49,c6,41,e9,57,db,b5,30,0c,6f,c5,3f,22,e8,9b,e3,c7,19,6a,f4,c4,39,\

bc,b9,3e,25,48,c6,b3,d6,53,f8,f5,0d,46,01,61,14,f1,c1,71,a3,57,d9,1f,a3,85,\

54,db,82,63,70,b5,03,f0,b0,6a,80,8a,39,72,23,f2,77,d2,81,2e,e1,63,81

"??"=hex:b7,8b,21,1d,23,96,5d,99,62,fc,fa,91,49,16,81,bd

 

[HKEY_USERS\S-1-5-21-515967899-1177238915-725345543-1003\Software\SecuROM\License information*NULL*]

"datasecu"=hex:0c,8d,44,30,a6,21,e9,6e,3b,af,d3,6e,c5,c4,45,49,5e,e3,cc,4e,73,\

f7,1b,92,17,62,52,d3,d5,91,56,77,20,74,0a,a2,68,d2,1d,07,aa,da,7d,33,4a,6f,\

5f,51,fb,0b,53,30,96,c0,7a,07,03,f6,7f,31,5a,6a,5e,4e,56,3d,83,37,bf,9a,1c,\

ae,24,93,de,1f,04,f3,5d,c8,6f,c3,d4,3e,6a,a2,1a,a8,fa,97,4e,b1,2e,73,9c,96,\

26,62,19,51,8f,b1,d0,b5,00,bc,83,99,c2,d7,f6,4c,7e,23,8b,3a,ab,01,77,0e,2c,\

9d,d0,39,d3,15,09,8a,55,bb,75,ce,18,f3,0c,90,fe,39,39,c3,0e,1d,ab,78,d9,24,\

08,2f,a0,a8,e4,20,31,2d,1f,d6,e1,a4,0e,af,d4,98,d9,ab,b9,60,1f,f2,ae,28,fe,\

83,68,77,46,79,52,f6,e1,e1,97,e9,0c,99,12,2d,a3,da,9b,aa,6a,6b,9f,14,dd,83,\

7a,1a,9b,68,be,08,02,23,ed,3d,6a,93,47,0f,1d,72,bc,db,fb,0b,15,e9,15,4b,95,\

b8,57,21,22,31,0b,14,5b,63,7d,74,4d,22,2b,ed,29,ec,c7,d2,89,e2,d4,de,a8,2e,\

b5,a9,27,9e,d1,45,8e,da,87,86,82,67,af,03,6c,fd,d9,de,25,53,ac,64,8c,91,ce,\

5f,b3,13,47,6f,76,3d,b9,03,a3,e1,2f,27,12,32,61,a8,7b,bc,a6,05,a1,c4,ae,1b,\

ba,90,d5,83,8b,19,35,b6,3d,e3,8f,ea,b4,dd,8a,e1,70,ab,c3,24,c8,b8,27,a8,37,\

10,95,44,95,05,a9,5e,20,f1,9e,d7,48,6d,ca,66,38,a1,6e,a3,52,43,68,ff,da,8c,\

e9,95,84,fe,8f,60,32,2a,b5,de,32,c6,da,85,e2,b5,0b,28,18,af,81,48,15,66,a1,\

a6,0a,55,73,28,81,c0,4c,aa,ab,8b,40,1b,2e,1c,7a,11,e6,66,c5,0a,c4,c8,aa,d6,\

d0,2b,00,47,74,d4,25,34,de,14,d9,a2,d7,5e,e6,ba,a1,4d,ac,9a,8e,8e,27,b0,28,\

40,1e,bd,a8,02,02,e4,fd,a5,da,63,93,6d,a8,05,51,41,c0,f8,ad,7b,f0,65,ca,08,\

24,b3,75,f8,bc,b7,e0,d9,46,39,d9,64,68,3d,cb,0c,bd,02,e4,69,61,3a,16,5b,50,\

25,12,c6,4d,15,02,bb,53,3c,da,d5,72,bd,61,60,2b,71,3b,30,06,1b,08,67,c6,c2,\

29,2d,82,4d,0d,88,fe,07,c9,50,7b,08,54,25,8c,a3,2f,df,a0,0f,cb,61,cd,02,5d,\

e5,dc,2b,12,b1,80,63,fe,c1,94,69,c4,3a,65,10,51,f1,65,2f,75,2b,fb,e8,48,eb,\

7d,46,48,6e,01,1d,02,7c,1d,0c,70,61,6b,a3,35,ae,67,6b,31,87,52,a3,a4,cc,0c,\

d9,f7,93,bc,01,8b,a4,15,a5,3f,4a,42,0f,ce,da,b4,61,39,4a,55,32,3d,48,66,88,\

4f,3c,f5,98,c0,a7,78,d2,c2,47,56,f4,c8,29,87,03,f2,e2,e2,5b,49,db,4b,1b,da,\

91,60,9e,f2,9c,2a,6d,b0,9b,1c,76,a8,1c,a5,33,0e,46,7f,42,74,39,a9,82,80,83,\

92,bd,c1,1f,17,86,41,de,ae,1c,b9,c0,de,9f,05,6d,6a,84,5f,94,71,52,a9,0f,52,\

cf,78,65,cd,28,4c,d9,41,a5,af,c8,df,e8,f5,2d,90,05,52,8c,40,e5,29,1a,bd,75,\

50,a7,77,0e,7a,5b,7d,16,cd,e0,0b,92,40,87,d4,d8,80,62,4b,04,cc,5f,31,c0,ee,\

d9,16,9f,4a,b0,3f,1c,ff,8c,8d,10,fb,b8,a8,57,ca,9a,bd,64,29,70,f6,bf,6c,3b,\

7b,65,fc,66,83,5a,46,e4,c2,e6,06,cb,a6,94,5b,a6,ab,ba,4d,18,d4,56,b1,cd,cb,\

16,11,b6,e1,37,7d,e6,f4,41,48,6b,6c,22,7f,d2,4d,de,51,78,0f,c8,85,b2,97,d6,\

c6,a4,1d,7f,f5,57,79,e2,58,8e,76,3b,14,8f,db,88,0d,11,d6,a6,c5,ae,aa,dc,5e,\

ab,80,fb,ec,f4,cf,64,a3,5d,d8,f7,46,4b,c3,4e,b0,fc,5e,12,db,11,66,43,7d,a8,\

e4,42,22,68,59,53,27,d7,57,5c,25,28,9e,cf,cf,6f,d8,8a,b2,aa,cc,e6,50,a2,ac,\

67,c4,8e,4a,a1,4b,88,c4,d0,fd,a5,e5,53,02,fc,01,64,dd,7c,8b,13,b6,df,bd,04,\

13,92,c6,b1,a2,06,f4,74,f0,37,b5,da,f7,8f,94,cf,e8,e7,57,35,10,6e,b5,bb,95,\

69,c4,76,41,81,dc,bc,5e,27,7d,f7,3f,37,be,0d,95,3a,4d,2f,e7,f1,e5,59,cc,1c,\

6b,87,24,7a,48,e0,ca,01,86,5e,6e,1d,2b,87,31,08,17,12,4f,5c,9e,4b,91,4d,04,\

3d,a4,4e,b0,e6,54,90,72,5f,7b,0c,eb,33,2d,42,6e,98,6e,55,4d,50,da,39,81,98,\

eb,a6,43,53,9c,16,92,53,ac,da,c2,f7,1e,fb,72,ca,aa,be,6b,40,88,4b,ef,2d,27,\

9b,0c,cb,eb,86,1a,47,af,e4,15,2e,12,8a,0d,33,41,78,47,8e,ac,9f,a1,43,75,84,\

8a,b8,c5,ed,69,8f,b8,18,12,b1,b1,2c,b7,9c,84,e8,8a,bf,5c,81,35,64,5b,cc,c3,\

c1,d5,8c,75,ac,7f,39,82,74,ff,b6,4a,7c,d3,1f,89,e1,a1,9b,fb,b4,f0,39,07,96,\

a2,09,51,1c,a7,63,2c,c9,8b,08,03,b4,5a,1b,dd,19,b6,38,b2,af,74,63,33,f4,2d,\

8d,b8,8b,f5,0b,bf,97,13,bb,ca,5c,a9,90,3c,ff,a6,36,f8,ca,84,fb,8c,3a,48,7e,\

d1,25,73,1c,0a,a9,04,62,c8,88,91,1a,1e,50,33,5b,f3,74,65,4a,62,27,ed,ee,df,\

89,d5,37,32,67,a3,0d,55,66,06,a6,5d,76,f2,02,40,89,b1,12,5e,ef,b3,04,87,23,\

fb,f9,f5,99,79,93,98,ea,2c,03,4e,1a,6c,2b,41,4e,24,a9,8a,2f,d8,46,16,7f,36,\

d0,ab,c9,e1,31,b7,4a,7b,f5,0e,6e,aa,4b,4f,83,49,fa,f6,e2,67,56,26,54,f0,2b,\

2a,a8,a4,15,78,10,3c,40,32,0a,01,a5,c3,3c,28,d9,8c,58,8c,fd,09,ee,2d,a9,4f,\

31,4c,ac,28,0f,e0,59,cd,67,11,6a,f3,93,73,58,18,67,7e,9c,99,80,64,f3,bf,5a,\

1b,58,2e,1d,85,1a,0e,b9,85,39,c5,9c,d1,c5,8f,a5,01,e1,7d,c1,dd,f2,45,41,79,\

17,ed,08,80,e3,30,02,86,95,13,2f,12,97,83,8c,e8,24,00,1e,55,af,59,1f,7b,12,\

47,c6,8c,d0,45,da,bb,ef,52,70,3d,72,4c,29,21,92,b9,0a,fb,58,3b,a5,65,49,c0,\

b4,a5,35,75,c2,72,f2,db,58,70,7a,b5,36,29,8d,97,ff,dd,01,c2,6b,42,ef,aa,55,\

68,ef,64,10,2c,96,35,da,18,fa,e7,1c,65,48,d2,29,cd,bb,ec,86,d7,7a,59,bc,7f,\

52,c0,ca,b7,25,6e,49,76,91,65,06,60,08,9b,9e,cc,e0,d8,54,ea,74,49,fe,2e,ae,\

39,54,8b,29,26,ac,ea,9f,b6,27,71,15,0a,7a,1e,db,5b,b3,02,42,2b,d3,90,57,75,\

a6,e5,61,bf,1d,73,50,a6,20,91,8b,e5,df,f3,da,7b,26,42,05,47,a4,09,65,90,c2,\

37,a7,b7,aa,c4,3b,50,0d,81,00,d6,1c,f3,ce,09,2f,cc,8b,2f,ec,77,c4,29,18,12,\

61,0f,ad,a7,2f,e9,3e,a7,01,22,d7,4a,c6,f3,f8,0c,89,e6,38,eb,9f,cb,dd,2b,88,\

c6,31,ce,40,ee,7d,f8,14,f1,ca,2a,1c,2e,46,f7,f2,6d,c2,35,77,65,35,89,32,26,\

8c,27,a8,79,42,b1,e1,e4,8e,64,51,de,63,31,e7,63,6b,42,fe,9b,fd,eb,68,e2,2a,\

97,50,c7,68,fe,0d,06,5a,cc,95,f3,58,f6,f7,af,11,f6,67,91,36,18,41,08,b4,ad,\

ec,ef,96,a3,eb,ca,91,42,f5,44,99,c0,4d,17,7d,07,d6,a9,7f,57,e5,50,95,b7,1f,\

dd,02,21,71,f6,c4,b5,f4,34,21,c1,03,32,91,6d,e4,8d,ab,22,90,c5,4b,e5,59,e0,\

0f,b1,4a,c2,e9,e1,7d,68,91,cd,f7,69,8f,b9,93,ce,eb,e9,a4,a3,28,92,b4,55,ea,\

5b,aa,c9,34,51,ef,b9,14,98,df,e6,4f,59,52,d5,eb,9a,d2,fb,5e,0c,3f,28,7c,58,\

01,48,55,71,7e,18,7b,22,03,79,b8,dd,40,22,7b,4e,d7,f4,96,71,21,7f,25,8f,1f,\

0d,c0,7b,18,55,22,17,05,95,c8,b3,46,1b,b9,87,37,8d,48,dc,7e,3c,6b,1e,34,38,\

74,8f,d6,4b,80,6e,2c,24,18,44,7f,b8,a1,e5,4f,5e,2e,f6,f8,c4,f4,81,b3,77,78,\

0d,d1,c9,9d,9c,55,fd,81,f1,58,a9,2c,0e,3d,03,d9,00,8f,98,85,3a,8a,2a,62,67,\

04,bd,19,01,63,28,ae,d1,1f,39,ef,16,7a,60,8e,ef,b1,4e,26,a6,6b,90,91,df,9e,\

15,9f,aa,c0,8d,b8,2e,34,a6,a9,4c,de,17,08,e0,32,c1,8e,d1,fc,cc,38,91,b6,7d,\

96,72,9d,57,c8,0c,d3,57,db,e8,b0,5f,61,93,60,be,2e,0c,2f,ed,85,41,61,72,b1,\

c9,b2,f5,56,82,79,29,f6,c1,ad,65,1e,f4,20,bb,bb,c2,c4,79,63,bd,e6,1a,8a,0b,\

3a,54,d3,99,44,a8,00,42,3a,7a,d3,d7,2e,fb,1c,78,6d,da,ea,69,a1,e3,85,9e,4a,\

aa,68,2e,69,03,0a,e5,94,60,e7,e8,3a,ab,1d,bd,2d,85,0d,a0,cc,ce,d0,57,ea,cc,\

9f,5f,fa,c4,97,57

"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

- - - - - - - > 'winlogon.exe'(1460)

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

c:\program files\common files\logishrd\bluetooth\LBTServ.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Lavasoft\Ad-Aware\aawservice.exe

c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\rundll32.exe

c:\program files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

c:\program files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

c:\progra~1\MICROS~2\rapimgr.exe

c:\program files\Microsoft ActiveSync\WCESMgr.exe

c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\Logishrd\LVCOMSER\LVComSer.exe

c:\program files\NVIDIA Corporation\nTune\nTuneService.exe

c:\windows\system32\nvsvc32.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Logishrd\LVCOMSER\LVComSer.exe

c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Completion time: 2009-01-07 22:36:33 - machine was rebooted [Fredrik]

ComboFix-quarantined-files.txt 2009-01-07 21:36:28

 

Pre-Run: 68,877,484,032 bytes free

Post-Run: 68,892,614,656 bytes free

 

488 --- E O F --- 2008-12-21 16:24:02

 

 

Lenke til kommentar
r2d290

r2d290

Skrevet
Skrevet (endret)

For å svare på de uthevede linjene:

 

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

Denne hører egentlig til AVG, men det kan se ut til at du har prøvd å fjerne AVG til fordel for Norton? Isåfall er dette en rest som ikke ble fjernet, så du kan godt fjerne den. Men den skal altså normalt være trygg.

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Dette er vel en av de få (no name)*******(no file) vi pleier å la være. Den kommer fra msn, og gjør ikke noen skade på maskinen.

 

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

ctfmon.exe is a process belonging to Microsoft Office Suite. It activates the Alternative User Input Text Input Processor (TIP) and the Microsoft Office XP Language Bar. (LEGG MERKE TIL AT MANGE VIRUS SKJULER SEG BAK DETTE NAVNET, ENTEN MED EN ANNEN ADRESSE, ELLER ET NAVN SOM LIKNER, eks. CTFM0N.exe (skrevet med en 0-er))

 

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

inetrepl.dll is a ActiveSync Favorite Synchronization Module from Microsoft Corporation belonging to Microsoft ActiveSync

 

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

xpnetdiag.exe is a Network Diagnostic for Windows XP from Microsoft Corporation belonging to Microsoft® Windows® Operating System

 

 

 

HijackThis-loggen var med andre ord ren. Combofix-loggen inneholdt noen elementer som var ukjent for meg, så jeg foreslår at noen andre tar den delen :)

 

 

edit: går i fotsporene til -smash-: siden du kjørte MBAM kan du godt poste mbam-loggen også :)

Endret av r2d290
Lenke til kommentar
Gavekort

Gavekort

Skrevet
  • Forfatter
Skrevet
For å svare på de uthevede linjene:

 

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

Denne hører egentlig til AVG, men det kan se ut til at du har prøvd å fjerne AVG til fordel for Norton? Isåfall er dette en rest som ikke ble fjernet, så du kan godt fjerne den. Men den skal altså normalt være trygg.

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Dette er vel en av de få (no name)*******(no file) vi pleier å la være. Den kommer fra msn, og gjør ikke noen skade på maskinen.

 

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

ctfmon.exe is a process belonging to Microsoft Office Suite. It activates the Alternative User Input Text Input Processor (TIP) and the Microsoft Office XP Language Bar. (LEGG MERKE TIL AT MANGE VIRUS SKJULER SEG BAK DETTE NAVNET, ENTEN MED EN ANNEN ADRESSE, ELLER ET NAVN SOM LIKNER, eks. CTFM0N.exe (skrevet med en 0-er))

 

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll

inetrepl.dll is a ActiveSync Favorite Synchronization Module from Microsoft Corporation belonging to Microsoft ActiveSync

 

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

xpnetdiag.exe is a Network Diagnostic for Windows XP from Microsoft Corporation belonging to Microsoft® Windows® Operating System

 

 

 

HijackThis-loggen var med andre ord ren. Combofix-loggen inneholdt noen elementer som var ukjent for meg, så jeg foreslår at noen andre tar den delen :)

 

 

edit: går i fotsporene til -smash-: siden du kjørte MBAM kan du godt poste mbam-loggen også :)

 

Men eg har aldri hatt MS Office.

 

Takk for hjelpen, korleis finn du info om slike ting?

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste
×
×
  • Opprett ny...