Har fått meg en form for infeksjon..

[Lurkern]

Jeg har aldri vært borti denne tupen infeksjon før. PC'n er blitt utrolig glad i å "scroll'e" mens jeg surfer eller spiller.

Først trodde jeg det var Musa mi som var slitt, men prøvde med en annen også og fikk samme problem. Tok ut den jeg jeg skifra med og skulle sette inn den første og så at PC'n scroller framdeles i ny og ned uten en mus plugget inn også.

Noen ganger scroller den hyppig mens andre ganger sakte. Helt random times opp eller ned.

 

Har scannet med Malwarebytes Combofix og Hijack this uten at jeg selv så noe spesielt.

 

Malware

Malwarebytes' Anti-Malware 1.34

Databaseversjon: 1814

Windows 5.1.2600 Service Pack 3

 

03.03.2009 07:15:28

mbam-log-2009-03-03 (07-15-28).txt

 

Skanntype: Rask Skann

Objekter skannet: 54294

Tid tilbakelagt: 4 minute(s), 26 second(s)

 

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert: 0

 

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

 

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

 

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

 

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

 

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

 

Mapper infisert:

(Ingen mistenkelige filer funnet)

 

Filer infisert:

(Ingen mistenkelige filer funnet)

 

 

 

 

 

Combofix

ComboFix 09-03-02.01 - Lurkern 2009-03-03 7:27:03.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1044.18.1023.645 [GMT 1:00]

Kjører fra: c:\documents and settings\Lurkern\Skrivebord\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

* Opprettet nytt gjenopprettingspunkt

 

ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!

.

 

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-02-03 til 2009-03-03 )))))))))))))))))))))))))))))))))

.

 

2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\programfiler\Trend Micro

2009-02-18 21:24 . 2009-02-18 21:24 <DIR> d-------- c:\programfiler\Team17 Software Ltd

2009-02-18 21:18 . 2009-02-18 21:20 47,104 --a------ c:\windows\system32\KMVIDC32.DLL

2009-02-16 22:59 . 2009-02-16 22:59 57 --a------ c:\windows\sierra.ini

2009-02-16 22:57 . 2009-02-16 22:57 <DIR> d-------- C:\Sierra

2009-02-16 22:34 . 2009-03-03 06:57 <DIR> d-------- c:\programfiler\Steam

2009-02-06 12:16 . 2009-03-02 19:15 <DIR> d--h----- C:\$AVG8.VAULT$

2009-02-06 12:01 . 2009-03-02 10:26 <DIR> d-------- c:\windows\system32\drivers\Avg

2009-02-06 12:01 . 2009-02-06 12:01 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys

2009-02-06 12:01 . 2009-02-06 12:01 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys

2009-02-06 12:01 . 2009-02-06 12:01 10,520 --a------ c:\windows\system32\avgrsstx.dll

2009-02-06 12:00 . 2009-02-06 12:00 <DIR> d-------- c:\programfiler\AVG

2009-02-06 12:00 . 2009-02-06 12:00 <DIR> d-------- c:\documents and settings\All Users\Programdata\avg8

2009-02-04 11:19 . 2009-02-04 11:19 21,840 --a------ c:\windows\system32\SIntfNT.dll

2009-02-04 11:19 . 2009-02-04 11:19 17,212 --a------ c:\windows\system32\SIntf32.dll

2009-02-04 11:19 . 2009-02-04 11:19 12,067 --a------ c:\windows\system32\SIntf16.dll

2009-02-04 11:05 . 2009-02-04 11:05 94,208 --a------ c:\windows\DIIUnin.exe

2009-02-04 11:05 . 2009-02-04 11:20 35,620 --a------ c:\windows\DIIUnin.dat

2009-02-04 11:05 . 2009-02-04 11:05 2,829 --a------ c:\windows\DIIUnin.pif

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-03 06:26 --------- d-----w c:\documents and settings\Lurkern\Programdata\DNA

2009-03-03 05:56 --------- d-----w c:\programfiler\DNA

2009-02-24 01:39 --------- d-----w c:\documents and settings\Lurkern\Programdata\dvdcss

2009-02-20 19:25 --------- d-----w c:\programfiler\Malwarebytes' Anti-Malware

2009-02-18 23:51 --------- d-----w c:\programfiler\World of Warcraft

2009-02-14 18:05 34 ----a-w c:\documents and settings\Lurkern\jagex_runescape_preferences.dat

2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys

2009-02-06 11:32 --------- d-----w c:\programfiler\MioNet

2009-01-31 06:08 --------- d-----w c:\documents and settings\Lurkern\Programdata\BitTorrent

2009-01-15 23:18 921,632 ----a-w C:\SPC610NC.DAT

2009-01-15 22:56 --------- d--h--w c:\programfiler\InstallShield Installation Information

2009-01-15 22:56 --------- d-----w c:\programfiler\Fellesfiler\SPC500NC

2009-01-15 22:56 --------- d-----w c:\programfiler\Fellesfiler\ArcSoft

2009-01-15 22:55 --------- d-----w c:\programfiler\Philips

2009-01-15 20:42 --------- d-----w c:\documents and settings\Lurkern\Programdata\Ventrilo

2009-01-11 19:52 --------- d-----w c:\programfiler\Teamspeak2_RC2

2009-01-11 19:52 --------- d-----w c:\documents and settings\Lurkern\Programdata\teamspeak2

2008-12-26 19:32 410,984 ----a-w c:\windows\system32\deploytk.dll

2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll

2001-11-23 04:08 712,704 ----a-r c:\windows\inf\OTHER\AUDIO3D.DLL

2008-11-20 08:27 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\MSHist012008112020081121\index.dat

.

 

((((((((((((((((((((((((((((( snapshot@2008-12-19_21.07.46,18 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys

+ 2008-06-20 17:45:13 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll

+ 2008-06-20 17:45:13 246,784 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys

+ 2007-11-30 12:39:50 17,784 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll

+ 2007-11-30 12:39:50 232,824 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe

+ 2007-11-30 12:39:50 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll

+ 2007-11-30 12:39:47 760,696 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe

+ 2007-11-30 12:39:48 385,912 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll

+ 2008-12-11 12:33:59 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys

+ 2007-11-30 12:39:50 17,784 ----a-w c:\windows\$hf_mig$\KB958687\spmsg.dll

+ 2007-11-30 12:39:50 232,824 ----a-w c:\windows\$hf_mig$\KB958687\spuninst.exe

+ 2007-11-30 12:39:50 26,488 ----a-w c:\windows\$hf_mig$\KB958687\update\spcustom.dll

+ 2007-11-30 12:39:50 760,696 ----a-w c:\windows\$hf_mig$\KB958687\update\update.exe

+ 2007-11-30 12:39:50 385,912 ----a-w c:\windows\$hf_mig$\KB958687\update\updspapi.dll

+ 2008-04-14 16:21:58 147,968 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll

+ 2008-04-14 16:22:13 246,784 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll

+ 2007-11-30 12:39:50 232,824 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe

+ 2007-11-30 12:39:48 385,912 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll

+ 2008-04-13 19:20:16 361,344 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys

+ 2008-04-13 19:00:02 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys

+ 2007-11-30 12:39:50 232,824 -c----w c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe

+ 2007-11-30 12:39:50 385,912 -c----w c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll

+ 2008-09-08 10:41:42 333,824 -c----w c:\windows\$NtUninstallKB958687$\srv.sys

+ 2009-02-14 18:05:57 101,991 ----a-w c:\windows\.jagex_cache_32\loginapplet\cache-1272026540.dat

+ 2009-02-14 18:05:00 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll

+ 2009-02-14 18:05:00 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll

+ 2008-10-16 20:33:22 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll

+ 2008-10-16 20:33:22 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll

+ 2008-10-16 20:33:22 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll

+ 2008-10-16 20:33:22 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll

+ 2008-10-16 20:33:22 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll

+ 2008-10-16 13:15:01 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe

+ 2008-10-16 20:33:22 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll

+ 2008-10-16 20:33:23 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll

+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll

+ 2008-10-16 20:33:23 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll

+ 2008-10-16 20:33:23 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll

+ 2008-10-16 20:33:26 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll

+ 2008-10-16 20:33:26 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll

+ 2008-10-16 20:33:26 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll

+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe

+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe

+ 2008-10-16 20:33:27 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll

+ 2008-10-16 20:33:27 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll

+ 2008-10-16 20:33:27 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll

+ 2008-12-13 06:40:02 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll

+ 2008-10-16 20:33:30 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll

+ 2008-10-16 20:33:30 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll

+ 2008-10-16 20:33:31 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll

+ 2008-10-16 20:33:31 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll

+ 2008-10-16 20:33:31 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll

+ 2007-03-06 02:01:51 214,752 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe

+ 2007-03-06 02:03:01 374,496 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll

+ 2008-10-16 20:33:31 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll

+ 2008-10-16 20:33:32 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll

+ 2008-10-16 20:33:32 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll

+ 2008-10-16 20:33:33 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll

+ 2009-02-16 21:34:10 27,648 ----a-r c:\windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe

- 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe

+ 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe

+ 1995-08-01 03:44:46 212,480 ----a-w c:\windows\PCDLIB32.DLL

+ 2001-11-05 15:50:24 69,632 ----a-w c:\windows\Philips\SPC500NC\AMCap.exe

+ 2005-11-11 15:44:06 2,571 ----a-w c:\windows\Philips\SPC500NC\CtlStiSc.bat

+ 2005-11-29 17:34:00 323,584 ----a-w c:\windows\Philips\SPC500NC\PASnap.exe

+ 2005-01-14 08:32:38 53,248 ----a-w c:\windows\Philips\SPC500NC\PAStiSvc.exe

+ 2005-01-14 08:32:38 53,248 ----a-w c:\windows\PixArt\PAC7311\PAStiSvc.exe

- 2008-10-16 20:33:22 124,928 ----a-w c:\windows\system32\advpack.dll

+ 2008-12-20 23:03:36 124,928 ----a-w c:\windows\system32\advpack.dll

- 2008-10-16 20:33:22 124,928 -c----w c:\windows\system32\dllcache\advpack.dll

+ 2008-12-20 23:03:36 124,928 -c----w c:\windows\system32\dllcache\advpack.dll

+ 2008-04-13 18:46:24 17,024 -c--a-w c:\windows\system32\dllcache\ccdecode.sys

+ 2008-06-20 17:49:37 147,968 -c----w c:\windows\system32\dllcache\dnsapi.dll

- 2008-10-16 20:33:22 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll

+ 2008-12-20 23:03:36 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll

- 2008-10-16 20:33:22 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll

+ 2008-12-20 23:03:36 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll

- 2008-10-16 20:33:22 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll

+ 2008-12-20 23:03:36 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll

- 2008-10-16 20:33:22 63,488 -c----w c:\windows\system32\dllcache\icardie.dll

+ 2008-12-20 23:03:36 63,488 -c----w c:\windows\system32\dllcache\icardie.dll

- 2008-10-16 13:15:01 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe

+ 2008-12-19 09:13:43 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe

- 2008-10-16 20:33:22 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll

+ 2008-12-20 23:03:36 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll

- 2008-10-16 20:33:23 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll

+ 2008-12-20 23:03:36 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll

- 2008-10-15 07:04:53 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll

+ 2008-12-19 05:23:56 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll

- 2008-10-16 20:33:23 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll

+ 2008-12-20 23:03:37 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll

- 2008-10-16 20:33:23 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll

+ 2008-12-20 23:03:37 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll

- 2008-10-16 20:33:26 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll

+ 2008-12-20 23:03:39 6,066,688 -c----w c:\windows\system32\dllcache\ieframe.dll

- 2008-10-16 20:33:26 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll

+ 2008-12-20 23:03:39 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll

- 2008-10-16 20:33:26 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll

+ 2008-12-20 23:03:39 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll

- 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe

+ 2008-12-19 09:10:15 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe

- 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe

+ 2008-12-19 05:25:25 634,024 -c----w c:\windows\system32\dllcache\iexplore.exe

- 2008-10-16 20:33:27 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll

+ 2008-12-20 23:03:41 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll

- 2008-10-16 20:33:27 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll

+ 2008-12-20 23:03:41 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll

- 2008-10-16 20:33:27 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll

+ 2008-12-20 23:03:42 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll

- 2008-12-13 06:40:02 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll

+ 2009-01-16 20:31:48 3,594,752 -c----w c:\windows\system32\dllcache\mshtml.dll

- 2008-10-16 20:33:30 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll

+ 2008-12-20 23:03:45 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll

- 2008-10-16 20:33:30 193,024 -c----w c:\windows\system32\dllcache\msrating.dll

+ 2008-12-20 23:03:45 193,024 -c----w c:\windows\system32\dllcache\msrating.dll

+ 2008-04-13 18:39:50 5,504 -c--a-w c:\windows\system32\dllcache\mstee.sys

- 2008-10-16 20:33:31 671,232 -c----w c:\windows\system32\dllcache\mstime.dll

+ 2008-12-20 23:03:46 671,232 -c----w c:\windows\system32\dllcache\mstime.dll

+ 2008-06-20 17:49:37 246,784 -c----w c:\windows\system32\dllcache\mswsock.dll

+ 2008-04-13 18:46:26 85,248 -c--a-w c:\windows\system32\dllcache\nabtsfec.sys

+ 2008-04-13 18:46:22 10,880 -c--a-w c:\windows\system32\dllcache\ndisip.sys

- 2008-10-16 20:33:31 102,912 -c----w c:\windows\system32\dllcache\occache.dll

+ 2008-12-20 23:03:46 102,912 -c----w c:\windows\system32\dllcache\occache.dll

- 2008-10-16 20:33:31 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll

+ 2008-12-20 23:03:46 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll

+ 2008-06-17 19:03:19 8,467,456 -c----w c:\windows\system32\dllcache\shell32.dll

+ 2008-04-13 18:46:24 11,136 -c--a-w c:\windows\system32\dllcache\slip.sys

- 2008-09-08 10:41:42 333,824 -c----w c:\windows\system32\dllcache\srv.sys

+ 2008-12-11 10:57:09 333,952 -c----w c:\windows\system32\dllcache\srv.sys

+ 2008-04-13 18:46:22 15,232 -c--a-w c:\windows\system32\dllcache\streamip.sys

+ 2008-06-20 11:51:12 361,600 -c----w c:\windows\system32\dllcache\tcpip.sys

+ 2008-06-20 11:08:27 225,856 -c----w c:\windows\system32\dllcache\tcpip6.sys

- 2008-10-16 20:33:31 105,984 -c----w c:\windows\system32\dllcache\url.dll

+ 2008-12-20 23:03:46 105,984 -c----w c:\windows\system32\dllcache\url.dll

- 2008-10-16 20:33:32 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll

+ 2008-12-20 23:03:47 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll

+ 2008-04-14 16:22:30 53,760 -c--a-w c:\windows\system32\dllcache\vfwwdm32.dll

- 2008-10-16 20:33:32 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll

+ 2008-12-20 23:03:48 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll

- 2008-10-16 20:33:33 826,368 -c----w c:\windows\system32\dllcache\wininet.dll

+ 2008-12-20 23:03:48 826,368 -c----w c:\windows\system32\dllcache\wininet.dll

+ 2008-04-13 18:46:24 19,200 -c--a-w c:\windows\system32\dllcache\wstcodec.sys

- 2008-04-14 16:21:58 147,968 ----a-w c:\windows\system32\dnsapi.dll

+ 2008-06-20 17:49:37 147,968 ----a-w c:\windows\system32\dnsapi.dll

+ 2009-02-06 11:01:11 27,656 ----a-w c:\windows\system32\drivers\avgmfx86.sys

+ 2008-04-13 18:46:24 17,024 ----a-w c:\windows\system32\drivers\CCDECODE.sys

+ 2008-04-13 18:39:50 5,504 ----a-w c:\windows\system32\drivers\MSTEE.sys

+ 2008-04-13 18:46:26 85,248 ----a-w c:\windows\system32\drivers\NABTSFEC.sys

+ 2008-04-13 18:46:22 10,880 ----a-w c:\windows\system32\drivers\NdisIP.sys

+ 2005-05-16 23:03:44 15,340 ----a-r c:\windows\system32\drivers\ndisrd.sys

+ 2008-04-13 18:46:24 11,136 ----a-w c:\windows\system32\drivers\SLIP.sys

+ 2005-10-13 15:41:32 156,800 ----a-w c:\windows\system32\drivers\SPC610NC.sys

- 2008-09-08 10:41:42 333,824 ----a-w c:\windows\system32\drivers\srv.sys

+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys

+ 2008-04-13 18:46:22 15,232 ----a-w c:\windows\system32\drivers\StreamIP.sys

- 2008-04-13 19:20:16 361,344 ----a-w c:\windows\system32\drivers\tcpip.sys

+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys

- 2008-04-13 19:00:02 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys

+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys

+ 2008-04-13 18:46:24 19,200 ----a-w c:\windows\system32\drivers\WSTCODEC.SYS

- 2008-10-16 20:33:22 347,136 ------w c:\windows\system32\dxtmsft.dll

+ 2008-12-20 23:03:36 347,136 ------w c:\windows\system32\dxtmsft.dll

- 2008-10-16 20:33:22 214,528 ------w c:\windows\system32\dxtrans.dll

+ 2008-12-20 23:03:36 214,528 ------w c:\windows\system32\dxtrans.dll

- 2008-10-16 20:33:22 133,120 ------w c:\windows\system32\extmgr.dll

+ 2008-12-20 23:03:36 133,120 ------w c:\windows\system32\extmgr.dll

- 2008-10-16 20:33:22 63,488 ----a-w c:\windows\system32\icardie.dll

+ 2008-12-20 23:03:36 63,488 ----a-w c:\windows\system32\icardie.dll

- 2008-10-16 13:15:01 70,656 ------w c:\windows\system32\ie4uinit.exe

+ 2008-12-19 09:13:43 70,656 ------w c:\windows\system32\ie4uinit.exe

- 2008-10-16 20:33:22 153,088 ------w c:\windows\system32\ieakeng.dll

+ 2008-12-20 23:03:36 153,088 ------w c:\windows\system32\ieakeng.dll

- 2008-10-16 20:33:23 230,400 ------w c:\windows\system32\ieaksie.dll

+ 2008-12-20 23:03:36 230,400 ------w c:\windows\system32\ieaksie.dll

- 2008-10-15 07:04:53 161,792 ------w c:\windows\system32\ieakui.dll

+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll

- 2008-10-16 20:33:23 383,488 ----a-w c:\windows\system32\ieapfltr.dll

+ 2008-12-20 23:03:37 383,488 ----a-w c:\windows\system32\ieapfltr.dll

- 2008-10-16 20:33:23 384,512 ------w c:\windows\system32\iedkcs32.dll

+ 2008-12-20 23:03:37 384,512 ------w c:\windows\system32\iedkcs32.dll

- 2008-10-16 20:33:26 6,066,176 ----a-w c:\windows\system32\ieframe.dll

+ 2008-12-20 23:03:39 6,066,688 ----a-w c:\windows\system32\ieframe.dll

- 2008-10-16 20:33:26 44,544 ------w c:\windows\system32\iernonce.dll

+ 2008-12-20 23:03:39 44,544 ------w c:\windows\system32\iernonce.dll

- 2008-10-16 20:33:26 267,776 ----a-w c:\windows\system32\iertutil.dll

+ 2008-12-20 23:03:39 267,776 ----a-w c:\windows\system32\iertutil.dll

- 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe

+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe

+ 2008-12-26 19:32:24 144,792 ----a-w c:\windows\system32\java.exe

+ 2008-12-26 19:32:24 144,792 ----a-w c:\windows\system32\javaw.exe

+ 2008-12-26 19:32:24 148,888 ----a-w c:\windows\system32\javaws.exe

- 2008-10-16 20:33:27 27,648 ------w c:\windows\system32\jsproxy.dll

+ 2008-12-20 23:03:41 27,648 ------w c:\windows\system32\jsproxy.dll

- 2008-12-09 23:24:37 17,593,280 ----a-w c:\windows\system32\MRT.exe

+ 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe

- 2008-10-16 20:33:27 459,264 ----a-w c:\windows\system32\msfeeds.dll

+ 2008-12-20 23:03:41 459,264 ----a-w c:\windows\system32\msfeeds.dll

- 2008-10-16 20:33:27 52,224 ----a-w c:\windows\system32\msfeedsbs.dll

+ 2008-12-20 23:03:42 52,224 ----a-w c:\windows\system32\msfeedsbs.dll

- 2008-12-13 06:40:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll

+ 2009-01-16 20:31:48 3,594,752 ----a-w c:\windows\system32\mshtml.dll

- 2008-10-16 20:33:30 477,696 ------w c:\windows\system32\mshtmled.dll

+ 2008-12-20 23:03:45 477,696 ------w c:\windows\system32\mshtmled.dll

- 2008-10-16 20:33:30 193,024 ------w c:\windows\system32\msrating.dll

+ 2008-12-20 23:03:45 193,024 ------w c:\windows\system32\msrating.dll

- 2008-10-16 20:33:31 671,232 ------w c:\windows\system32\mstime.dll

+ 2008-12-20 23:03:46 671,232 ------w c:\windows\system32\mstime.dll

+ 2003-03-18 21:14:52 499,712 ----a-r c:\windows\system32\msvcp71.dll

+ 2003-02-21 03:42:22 348,160 ----a-w c:\windows\system32\msvcr71.dll

- 2008-04-14 16:22:13 246,784 ----a-w c:\windows\system32\mswsock.dll

+ 2008-06-20 17:49:37 246,784 ----a-w c:\windows\system32\mswsock.dll

+ 2005-05-16 23:03:44 57,344 ----a-r c:\windows\system32\ndisapi.dll

- 2008-10-16 20:33:31 102,912 ------w c:\windows\system32\occache.dll

+ 2008-12-20 23:03:46 102,912 ------w c:\windows\system32\occache.dll

+ 2005-01-14 08:32:38 53,248 ----a-w c:\windows\system32\PAStiSvc.exe

- 2008-10-16 20:33:31 44,544 ------w c:\windows\system32\pngfilt.dll

+ 2008-12-20 23:03:46 44,544 ------w c:\windows\system32\pngfilt.dll

- 2008-04-14 16:22:21 8,466,944 ----a-w c:\windows\system32\shell32.dll

+ 2008-06-17 19:03:19 8,467,456 ----a-w c:\windows\system32\shell32.dll

+ 2005-05-17 14:21:00 10,240 ----a-w c:\windows\system32\SPC610NC.dll

- 2007-11-30 12:39:50 17,784 ------w c:\windows\system32\spmsg.dll

+ 2008-07-09 07:44:41 17,784 ------w c:\windows\system32\spmsg.dll

+ 2004-12-07 09:11:34 258,352 ----a-w c:\windows\system32\unicows.dll

- 2008-10-16 20:33:31 105,984 ----a-w c:\windows\system32\url.dll

+ 2008-12-20 23:03:46 105,984 ----a-w c:\windows\system32\url.dll

- 2008-10-16 20:33:32 1,160,192 ----a-w c:\windows\system32\urlmon.dll

+ 2008-12-20 23:03:47 1,160,192 ----a-w c:\windows\system32\urlmon.dll

+ 2008-04-14 16:22:30 53,760 ----a-w c:\windows\system32\vfwwdm32.dll

- 2008-10-16 20:33:32 233,472 ----a-w c:\windows\system32\webcheck.dll

+ 2008-12-20 23:03:48 233,472 ----a-w c:\windows\system32\webcheck.dll

+ 2009-03-03 05:56:38 16,384 ----atw c:\windows\temp\Perflib_Perfdata_114.dat

+ 2006-06-02 22:50:58 470,016 ----a-w c:\windows\VPro500.exe

+ 2006-12-01 21:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll

+ 2006-12-01 21:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll

+ 2006-12-01 21:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

+ 2006-12-01 21:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

+ 2006-12-01 23:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll

+ 2006-12-01 23:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

+ 2006-12-01 23:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll

+ 2006-12-01 23:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll

+ 2006-12-01 23:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll

+ 2006-12-01 23:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll

+ 2006-12-01 23:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll

+ 2006-12-01 23:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll

+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll

+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll

+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll

+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll

+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll

+ 2006-12-01 23:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll

.

-- Snapshot resatt til dagens dato --

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"MsnMsgr"="c:\programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"BitTorrent DNA"="c:\programfiler\DNA\btdna.exe" [2008-12-21 342848]

"Steam"="c:\programfiler\steam\steam.exe" [2009-02-16 1410296]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ATIPTA"="c:\programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-04-28 323584]

"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2008-12-26 136600]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-06 1601304]

"C-Media Mixer"="Mixer.exe" [2002-10-15 c:\windows\mixer.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

VPro500.lnk - c:\windows\VPro500.exe [2009-01-15 470016]

Wireless Connection Manager.lnk - c:\programfiler\D-Link\D-Link RangeBooster N 650 DWA-547\wirelesscm.exe [2008-11-19 12693504]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-02-06 12:01 10520 c:\windows\system32\avgrsstx.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\Ventrilo\\Ventrilo.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Programfiler\\DNA\\btdna.exe"=

"c:\\Programfiler\\BitTorrent\\bittorrent.exe"=

"c:\\Programfiler\\AVG\\AVG8\\avgemc.exe"=

"c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"=

"c:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Programfiler\\Mozilla Firefox\\firefox.exe"=

"c:\\Programfiler\\Steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"=

"c:\\Programfiler\\Team17 Software Ltd\\Worms Forts Under Siege\\WF.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1700:TCP"= 1700:TCP:MioNet Remote Drive Access

"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification

 

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-06 325128]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-06 107272]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-06 903960]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-06 298264]

R2 MioNet;MioNet Service;c:\programfiler\MioNet\MioNetManager.exe -s c:\programfiler\MioNet\wrapper.conf --> c:\programfiler\MioNet\MioNetManager.exe -s c:\programfiler\MioNet\wrapper.conf [?]

R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [2008-11-19 54432]

S3 SPC610NC;Philips SPC500NC Webcam;c:\windows\system32\drivers\SPC610NC.sys [2009-01-15 156800]

 

--- Andre tjenester/drivere lastet i minnet ---

 

*Deregistered* - NDISRD

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.google.no/

FF - ProfilePath - c:\documents and settings\Lurkern\Programdata\Mozilla\Firefox\Profiles\giwkrc4a.default\

FF - component: c:\programfiler\AVG\AVG8\Firefox\components\avgssff.dll

FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npbittorrent.dll

 

---- FIREFOX POLICIES ----

c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-03 07:28:21

Windows 5.1.2600 Service Pack 3 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

 

- - - - - - - > 'winlogon.exe'(820)

c:\windows\system32\Ati2evxx.dll

.

Tidspunkt ferdig: 2009-03-03 7:29:30

ComboFix-quarantined-files.txt 2009-03-03 06:29:28

ComboFix2.txt 2008-12-19 20:08:17

 

Pre-Run: 36 238 041 088 byte ledig

Post-Run: 36,274,282,496 byte ledig

 

389 --- E O F --- 2009-02-25 07:00:36

 

Hijack this

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 07:31:07, on 03.03.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\D-Link\D-Link RangeBooster N 650 DWA-547\acs.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Programfiler\Java\jre6\bin\jqs.exe

C:\Programfiler\MioNet\MioNetManager.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\Programfiler\MioNet\jvm\bin\MioNet.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\Mixer.exe

C:\Programfiler\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\DNA\btdna.exe

C:\WINDOWS\VPro500.exe

C:\Programfiler\D-Link\D-Link RangeBooster N 650 DWA-547\wirelesscm.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Programfiler\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Programfiler\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Programfiler\DNA\btdna.exe"

O4 - HKCU\..\Run: [steam] "c:\programfiler\steam\steam.exe" -silent

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: VPro500.lnk = ?

O4 - Global Startup: Wireless Connection Manager.lnk = C:\Programfiler\D-Link\D-Link RangeBooster N 650 DWA-547\wirelesscm.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1227164207859

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Programfiler\D-Link\D-Link RangeBooster N 650 DWA-547\acs.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe

O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Programfiler\MioNet\MioNetManager.exe

O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

 

--

End of file - 5459 bytes

[Lurkern]

Nå har musa begynt å avinstallere/installere seg selv av og til :S

Begynner å bli litt bekymret

[norbat]

Er det en trådløs mus?

Hvis, kan det være dårlig batteri, forstyrrende signaler i nærheten?

[Lurkern]

Nei, er en optisk mus med ledning.

[Bruker-158599]

Nei, er en optisk mus med ledning.

Endret 30. juli 2010 av riskake90

[Lurkern]

Nei, er en optisk mus med ledning.

Siden den gjør det uten musa så må det være noe annet. Rart, avinstalerer den seg? Har du nyeste driver?

Jeg går ut fra det. Driverne innstallerer seg jo selv når man plugger inn USB'en.

Men ja, jeg skjønner ikke hvordan den avinstallerer seg av seg selv. Logikken min sier at jeg har en infeksjon en plass, men kan ikke finne noen :S

[Tosha0007]

har du hatt dette problemet lenge? Evt når kom det, slik at me kan sjekke om det er nokon endrigar i loggane som kan vera "synderen".

[Lurkern]

2-3 dager siden

[norbat]

Du kunne ha forsøkt en systemgjenoppretting til en dato da ting og tang fungerte greit.

Tilbehør->systemverktøy->systemgjenoppretting

[Lurkern]

Hva skjer når man kjører systemgjenoppretting?

[snippsat]

Hva skjer når man kjører systemgjenoppretting?

Den fjerner kun det siste du har installert.

Velger du si 26feb vil den se ut som den gjorde den datoen.

[Lurkern]

Jeg tok sånn systemgjenoppretting i går og maskinen funket fint igjen. Flott tenkte jeg og avsluttet maskinen på kvelden og slo av.

I mårrest da jeg våknet slo jeg på maskinen igjen og da var de gamle symptomene tilbake. Scrolling hyppig opp og ned og en og annen gang hopper den til en side bakover.

 

Det virker som dette er en infeksjon som har gått inn i mus-konfigurasjonen på maskinen, hvis det er noe som heter det.

[Bruker-158599]

Endret 30. juli 2010 av riskake90

[Lurkern]

Jeg tok sånn systemgjenoppretting i går og maskinen funket fint igjen. Flott tenkte jeg og avsluttet maskinen på kvelden og slo av.

I mårrest da jeg våknet slo jeg på maskinen igjen og da var de gamle symptomene tilbake. Scrolling hyppig opp og ned og en og annen gang hopper den til en side bakover.

 

Det virker som dette er en infeksjon som har gått inn i mus-konfigurasjonen på maskinen, hvis det er noe som heter det.

Rart, du har nyeste driver også. Er det ikke teng på infeksjon i loggene dne?

Jeg vet rett og slett ikke.

Det virker som jeg har fått meg et trojan som gir seg ut for å være maskinvaren til musa kansje... Men siden ingen her ser ut til å vite, finne ut av hva det kan være selv med log filene postet er vell eneste utvei at jeg formaterer maskinen.

 

Jeg håper aldri noen andre får samme infeksjon som jeg har nå, for den er utrolig irriterende...

[norbat]

Det er ingen ting i loggene som viser noen infeksjoner. Sannsynligvis er det ett eller annet prog. som er forstyrrer porten/driveren e.l som musa bruker. Er det USB? Hvis, prøv en PS/2-mus (hvis du har denne inngangen)

Endret 7. mars 2009 av norbat