Badmintonball Skrevet 3. februar 2010 Del Skrevet 3. februar 2010 (endret) Har fått XP Antivirus 2010 på maskina. Har kjørt Malwarebyte's og combifix. Den sier nå at alt er borte, men på prosesser ser jeg at flere av .exe 'ne fortsatt er aktive. Loggene er her: ComboFix 10-02-03.04 - Ina 03.02.2010 23:21:03.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.1014.403 [GMT 1:00] Kjører fra: c:\documents and settings\Ina\Mine dokumenter\Nedlastinger\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-484763869-362288127-299502267-1003 c:\windows\system32\AutoRun.inf c:\windows\system32\Thumbs.db . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-01-03 til 2010-02-03 ))))))))))))))))))))))))))))))))) . 2010-02-03 16:16 . 2010-02-03 16:16 5115824 ----a-w- c:\documents and settings\All Users\Programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-02-03 16:15 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-03 16:15 . 2010-02-03 16:16 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2010-02-03 16:15 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-03 08:04 . 2010-02-03 08:04 -------- d-----w- c:\documents and settings\Ina\Programdata\Malwarebytes 2010-02-03 08:04 . 2010-02-03 08:04 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2010-02-03 07:50 . 2010-01-05 08:29 2066200 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgcorex.dll 2010-02-02 23:34 . 2010-02-02 23:34 184320 --sha-w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\av.exe 2010-02-01 12:54 . 2010-02-01 12:54 -------- d-----w- c:\programfiler\Microsoft.NET 2010-02-01 12:52 . 2010-02-01 12:55 -------- d-----w- c:\windows\SHELLNEW 2010-02-01 12:50 . 2010-02-01 12:50 -------- d-----r- C:\MSOCache 2010-02-01 11:38 . 2010-02-01 12:44 -------- d-----w- c:\documents and settings\Ina\Programdata\GetRightToGo 2010-01-19 14:22 . 2010-01-19 14:22 -------- d-----w- c:\documents and settings\All Users\Programdata\Hewlett-Packard 2010-01-19 14:22 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll 2010-01-19 14:22 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll 2010-01-19 14:21 . 2007-03-08 19:20 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys 2010-01-19 14:21 . 2007-03-08 19:20 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys 2010-01-19 14:21 . 2007-03-08 19:20 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys 2010-01-19 14:21 . 2007-03-31 05:07 267864 ----a-w- c:\windows\system32\hpzids01.dll 2010-01-19 14:21 . 2007-03-18 06:11 303104 ----a-w- c:\windows\system32\hpovst10.dll 2010-01-19 14:21 . 2007-03-18 06:11 569344 ----a-w- c:\windows\system32\hpotscl3.dll 2010-01-19 14:21 . 2007-03-08 19:20 364544 ----a-w- c:\windows\system32\hppldcoi.dll 2010-01-19 14:21 . 2007-03-18 06:11 675840 ----a-w- c:\windows\system32\hpowiax3.dll 2010-01-19 14:21 . 2010-01-19 14:21 -------- d-----w- c:\programfiler\HP 2010-01-05 14:12 . 2010-01-05 14:12 -------- d-----w- c:\documents and settings\NetworkService\Lokale innstillinger\Programdata\Google 2010-01-05 14:07 . 2010-01-29 08:12 -------- d-----w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\Temp 2010-01-05 14:07 . 2010-01-05 14:07 -------- d-----w- c:\documents and settings\LocalService\Lokale innstillinger\Programdata\Google 2010-01-05 14:06 . 2010-02-03 00:29 -------- d-----w- c:\programfiler\Google 2010-01-05 14:06 . 2010-02-03 00:28 -------- d-----w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\Google . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-03 08:05 . 2009-06-26 15:19 -------- d-----w- c:\documents and settings\All Users\Programdata\Microsoft Help 2010-02-03 00:10 . 2009-09-20 19:24 -------- d-----w- c:\documents and settings\Ina\Programdata\Spotify 2010-02-01 13:11 . 2009-09-18 03:46 74624 ----a-w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2010-02-01 12:56 . 2009-06-26 14:58 -------- d-----w- c:\programfiler\Microsoft Works 2010-02-01 10:02 . 2009-10-05 08:50 1 ----a-w- c:\documents and settings\Ina\Programdata\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-01-28 17:51 . 2009-10-13 17:57 -------- d-----w- c:\documents and settings\Ina\Programdata\vlc 2010-01-28 07:35 . 2009-06-25 21:10 76354 ----a-w- c:\windows\system32\perfc014.dat 2010-01-28 07:35 . 2009-06-25 21:10 436554 ----a-w- c:\windows\system32\perfh014.dat 2010-01-22 13:34 . 2007-05-22 18:08 10752 ----a-w- c:\windows\system32\KOAZJJ_L.DLL 2010-01-21 13:34 . 2009-09-20 19:29 -------- d-----w- c:\documents and settings\Ina\Programdata\Apple Computer 2010-01-05 10:00 . 2009-06-25 21:10 832512 ----a-w- c:\windows\system32\wininet.dll 2010-01-05 09:59 . 2009-06-25 21:10 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 09:59 . 2009-06-25 21:10 17408 ----a-w- c:\windows\system32\corpol.dll 2010-01-01 01:56 . 2009-12-23 18:51 -------- d-----w- c:\documents and settings\Ina\Programdata\Skype 2010-01-01 01:20 . 2009-12-23 19:22 -------- d-----w- c:\documents and settings\Ina\Programdata\skypePM 2009-12-23 19:22 . 2009-12-23 19:22 32 ----a-w- c:\documents and settings\All Users\Programdata\ezsid.dat 2009-12-23 10:10 . 2009-09-30 08:36 -------- d-----w- c:\programfiler\iTunes 2009-12-23 10:09 . 2009-12-23 10:09 -------- d-----w- c:\programfiler\iPod 2009-12-23 10:09 . 2009-09-20 19:25 -------- d-----w- c:\programfiler\Fellesfiler\Apple 2009-12-23 10:03 . 2009-12-23 10:03 -------- d-----w- c:\programfiler\QuickTime 2009-12-23 09:57 . 2009-12-23 09:57 79144 ----a-w- c:\documents and settings\All Users\Programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-16 16:23 . 2009-12-16 16:23 174 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\uninst2.bat 2009-12-16 16:23 . 2009-12-16 16:23 683801 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\UninstWMP\unins000.exe 2009-12-16 16:23 . 2009-12-16 16:23 -------- d-----w- c:\documents and settings\All Users\Programdata\Last.fm 2009-12-16 16:23 . 2009-12-16 16:23 683801 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\UninstITW\unins000.exe 2009-12-16 16:22 . 2009-12-16 16:22 -------- d-----w- c:\programfiler\Last.fm 2009-12-11 09:51 . 2009-12-11 09:51 -------- d--h--w- c:\documents and settings\All Users\Programdata\CanonBJ 2009-12-07 13:46 . 2009-09-20 19:25 -------- d-----w- c:\documents and settings\All Users\Programdata\Apple 2009-11-21 16:03 . 2009-06-25 21:09 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-21 15:29 . 2009-10-14 12:05 42944 ----a-w- c:\documents and settings\Gjest\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1] @="{fe25455d-b4c2-4e32-97d2-92632ec1c224}" [HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}] 2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2] @="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}" [HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}] 2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SRS Premium Sound"="c:\programfiler\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-05-19 3417336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2009-05-11 17881600] "AsusACPIServer"="c:\programfiler\EeePC\ACPI\AsAcpiSvr.exe" [2009-06-18 696320] "AsusEPCMonitor"="c:\programfiler\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304] "LiveUpdate"="c:\programfiler\Asus\LiveUpdate\LiveUpdate.exe" [2009-08-27 735208] "EasyMode"="c:\programfiler\\ASUS\\Easy Mode\\Easy Mode.exe" [2009-03-18 1249280] "EeeStorageBackup"="c:\programfiler\ASUS\Eee Storage\BackupService.exe" [2009-06-08 935184] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-06-26 3054136] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-12 2043160] "AppleSyncNotifier"="c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-10-02 149280] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-07-06 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-07-06 354840] "PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-07-06 96792] "SynAsusAcpi"="c:\programfiler\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240] "QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2009-11-12 141600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-09-23 21:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin] 2009-06-25 05:13 65536 ----a-w- c:\windows\system32\igdlogin.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"= "c:\\Programfiler\\BitLord\\BitLord.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23.09.2009 22:56 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23.09.2009 22:57 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [23.09.2009 22:45 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [23.09.2009 22:45 297752] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [26.06.2009 16:14 54752] R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\programfiler\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [19.05.2009 17:29 107744] R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [26.06.2009 15:24 5097632] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [04.06.2009 02:54 38912] R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [26.06.2009 17:02 233512] R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [04.06.2009 02:54 39040] S2 gupdate;Google Update Service (gupdate);c:\programfiler\Google\Update\GoogleUpdate.exe [05.01.2010 15:07 135664] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.06.2009 15:24 1684736] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [20.09.2009 20:26 40448] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-12-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2010-01-05 14:06] 2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2010-01-05 14:06] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://eeepc.asus.com/global uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Send til &Bluetooth-enhet... - c:\programfiler\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send til Bluetooth - c:\programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\documents and settings\Ina\Programdata\Mozilla\Firefox\Profiles\s46ilas3.default\ FF - prefs.js: keyword.URL - hxxp://no.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_no&p= FF - component: c:\programfiler\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - plugin: c:\programfiler\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\programfiler\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . - - - - TOMME PEKERE FJERNET - - - - MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe MSConfigStartUp-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-03 23:28 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . Tidspunkt ferdig: 2010-02-03 23:31:18 ComboFix-quarantined-files.txt 2010-02-03 22:31 Pre-Run: 67 515 199 488 byte ledig Post-Run: 68 474 880 000 byte ledig - - End Of File - - BE48BF7EFC785C700888C2208354249E ComboFix 10-02-03.04 - Ina 03.02.2010 23:21:03.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.1014.403 [GMT 1:00] Kjører fra: c:\documents and settings\Ina\Mine dokumenter\Nedlastinger\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-484763869-362288127-299502267-1003 c:\windows\system32\AutoRun.inf c:\windows\system32\Thumbs.db . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-01-03 til 2010-02-03 ))))))))))))))))))))))))))))))))) . 2010-02-03 16:16 . 2010-02-03 16:16 5115824 ----a-w- c:\documents and settings\All Users\Programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-02-03 16:15 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-03 16:15 . 2010-02-03 16:16 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2010-02-03 16:15 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-03 08:04 . 2010-02-03 08:04 -------- d-----w- c:\documents and settings\Ina\Programdata\Malwarebytes 2010-02-03 08:04 . 2010-02-03 08:04 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2010-02-03 07:50 . 2010-01-05 08:29 2066200 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgcorex.dll 2010-02-02 23:34 . 2010-02-02 23:34 184320 --sha-w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\av.exe 2010-02-01 12:54 . 2010-02-01 12:54 -------- d-----w- c:\programfiler\Microsoft.NET 2010-02-01 12:52 . 2010-02-01 12:55 -------- d-----w- c:\windows\SHELLNEW 2010-02-01 12:50 . 2010-02-01 12:50 -------- d-----r- C:\MSOCache 2010-02-01 11:38 . 2010-02-01 12:44 -------- d-----w- c:\documents and settings\Ina\Programdata\GetRightToGo 2010-01-19 14:22 . 2010-01-19 14:22 -------- d-----w- c:\documents and settings\All Users\Programdata\Hewlett-Packard 2010-01-19 14:22 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll 2010-01-19 14:22 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll 2010-01-19 14:21 . 2007-03-08 19:20 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys 2010-01-19 14:21 . 2007-03-08 19:20 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys 2010-01-19 14:21 . 2007-03-08 19:20 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys 2010-01-19 14:21 . 2007-03-31 05:07 267864 ----a-w- c:\windows\system32\hpzids01.dll 2010-01-19 14:21 . 2007-03-18 06:11 303104 ----a-w- c:\windows\system32\hpovst10.dll 2010-01-19 14:21 . 2007-03-18 06:11 569344 ----a-w- c:\windows\system32\hpotscl3.dll 2010-01-19 14:21 . 2007-03-08 19:20 364544 ----a-w- c:\windows\system32\hppldcoi.dll 2010-01-19 14:21 . 2007-03-18 06:11 675840 ----a-w- c:\windows\system32\hpowiax3.dll 2010-01-19 14:21 . 2010-01-19 14:21 -------- d-----w- c:\programfiler\HP 2010-01-05 14:12 . 2010-01-05 14:12 -------- d-----w- c:\documents and settings\NetworkService\Lokale innstillinger\Programdata\Google 2010-01-05 14:07 . 2010-01-29 08:12 -------- d-----w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\Temp 2010-01-05 14:07 . 2010-01-05 14:07 -------- d-----w- c:\documents and settings\LocalService\Lokale innstillinger\Programdata\Google 2010-01-05 14:06 . 2010-02-03 00:29 -------- d-----w- c:\programfiler\Google 2010-01-05 14:06 . 2010-02-03 00:28 -------- d-----w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\Google . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-03 08:05 . 2009-06-26 15:19 -------- d-----w- c:\documents and settings\All Users\Programdata\Microsoft Help 2010-02-03 00:10 . 2009-09-20 19:24 -------- d-----w- c:\documents and settings\Ina\Programdata\Spotify 2010-02-01 13:11 . 2009-09-18 03:46 74624 ----a-w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2010-02-01 12:56 . 2009-06-26 14:58 -------- d-----w- c:\programfiler\Microsoft Works 2010-02-01 10:02 . 2009-10-05 08:50 1 ----a-w- c:\documents and settings\Ina\Programdata\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-01-28 17:51 . 2009-10-13 17:57 -------- d-----w- c:\documents and settings\Ina\Programdata\vlc 2010-01-28 07:35 . 2009-06-25 21:10 76354 ----a-w- c:\windows\system32\perfc014.dat 2010-01-28 07:35 . 2009-06-25 21:10 436554 ----a-w- c:\windows\system32\perfh014.dat 2010-01-22 13:34 . 2007-05-22 18:08 10752 ----a-w- c:\windows\system32\KOAZJJ_L.DLL 2010-01-21 13:34 . 2009-09-20 19:29 -------- d-----w- c:\documents and settings\Ina\Programdata\Apple Computer 2010-01-05 10:00 . 2009-06-25 21:10 832512 ----a-w- c:\windows\system32\wininet.dll 2010-01-05 09:59 . 2009-06-25 21:10 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 09:59 . 2009-06-25 21:10 17408 ----a-w- c:\windows\system32\corpol.dll 2010-01-01 01:56 . 2009-12-23 18:51 -------- d-----w- c:\documents and settings\Ina\Programdata\Skype 2010-01-01 01:20 . 2009-12-23 19:22 -------- d-----w- c:\documents and settings\Ina\Programdata\skypePM 2009-12-23 19:22 . 2009-12-23 19:22 32 ----a-w- c:\documents and settings\All Users\Programdata\ezsid.dat 2009-12-23 10:10 . 2009-09-30 08:36 -------- d-----w- c:\programfiler\iTunes 2009-12-23 10:09 . 2009-12-23 10:09 -------- d-----w- c:\programfiler\iPod 2009-12-23 10:09 . 2009-09-20 19:25 -------- d-----w- c:\programfiler\Fellesfiler\Apple 2009-12-23 10:03 . 2009-12-23 10:03 -------- d-----w- c:\programfiler\QuickTime 2009-12-23 09:57 . 2009-12-23 09:57 79144 ----a-w- c:\documents and settings\All Users\Programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-16 16:23 . 2009-12-16 16:23 174 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\uninst2.bat 2009-12-16 16:23 . 2009-12-16 16:23 683801 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\UninstWMP\unins000.exe 2009-12-16 16:23 . 2009-12-16 16:23 -------- d-----w- c:\documents and settings\All Users\Programdata\Last.fm 2009-12-16 16:23 . 2009-12-16 16:23 683801 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\UninstITW\unins000.exe 2009-12-16 16:22 . 2009-12-16 16:22 -------- d-----w- c:\programfiler\Last.fm 2009-12-11 09:51 . 2009-12-11 09:51 -------- d--h--w- c:\documents and settings\All Users\Programdata\CanonBJ 2009-12-07 13:46 . 2009-09-20 19:25 -------- d-----w- c:\documents and settings\All Users\Programdata\Apple 2009-11-21 16:03 . 2009-06-25 21:09 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-21 15:29 . 2009-10-14 12:05 42944 ----a-w- c:\documents and settings\Gjest\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1] @="{fe25455d-b4c2-4e32-97d2-92632ec1c224}" [HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}] 2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2] @="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}" [HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}] 2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SRS Premium Sound"="c:\programfiler\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-05-19 3417336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2009-05-11 17881600] "AsusACPIServer"="c:\programfiler\EeePC\ACPI\AsAcpiSvr.exe" [2009-06-18 696320] "AsusEPCMonitor"="c:\programfiler\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304] "LiveUpdate"="c:\programfiler\Asus\LiveUpdate\LiveUpdate.exe" [2009-08-27 735208] "EasyMode"="c:\programfiler\\ASUS\\Easy Mode\\Easy Mode.exe" [2009-03-18 1249280] "EeeStorageBackup"="c:\programfiler\ASUS\Eee Storage\BackupService.exe" [2009-06-08 935184] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-06-26 3054136] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-12 2043160] "AppleSyncNotifier"="c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-10-02 149280] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-07-06 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-07-06 354840] "PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-07-06 96792] "SynAsusAcpi"="c:\programfiler\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240] "QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2009-11-12 141600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-09-23 21:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin] 2009-06-25 05:13 65536 ----a-w- c:\windows\system32\igdlogin.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"= "c:\\Programfiler\\BitLord\\BitLord.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23.09.2009 22:56 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23.09.2009 22:57 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [23.09.2009 22:45 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [23.09.2009 22:45 297752] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [26.06.2009 16:14 54752] R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\programfiler\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [19.05.2009 17:29 107744] R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [26.06.2009 15:24 5097632] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [04.06.2009 02:54 38912] R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [26.06.2009 17:02 233512] R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [04.06.2009 02:54 39040] S2 gupdate;Google Update Service (gupdate);c:\programfiler\Google\Update\GoogleUpdate.exe [05.01.2010 15:07 135664] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.06.2009 15:24 1684736] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [20.09.2009 20:26 40448] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-12-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2010-01-05 14:06] 2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2010-01-05 14:06] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://eeepc.asus.com/global uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Send til &Bluetooth-enhet... - c:\programfiler\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send til Bluetooth - c:\programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\documents and settings\Ina\Programdata\Mozilla\Firefox\Profiles\s46ilas3.default\ FF - prefs.js: keyword.URL - hxxp://no.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_no&p= FF - component: c:\programfiler\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - plugin: c:\programfiler\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\programfiler\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . - - - - TOMME PEKERE FJERNET - - - - MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe MSConfigStartUp-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-03 23:28 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . Tidspunkt ferdig: 2010-02-03 23:31:18 ComboFix-quarantined-files.txt 2010-02-03 22:31 Pre-Run: 67 515 199 488 byte ledig Post-Run: 68 474 880 000 byte ledig - - End Of File - - BE48BF7EFC785C700888C2208354249E Endret 3. februar 2010 av Badmintonball Lenke til kommentar
norbat Skrevet 3. februar 2010 Del Skrevet 3. februar 2010 Følg veiledningen, dvs. oppdater mbam og kjør en ny rask skann. Kjør deretter Combofix. Post loggene Lenke til kommentar
Badmintonball Skrevet 4. februar 2010 Forfatter Del Skrevet 4. februar 2010 anyone? Jeg har aldri vurdert kjøp av mac sterkere enn akkurat nå. Lenke til kommentar
norbat Skrevet 4. februar 2010 Del Skrevet 4. februar 2010 Åpne notisblokk og kopier inn det som står i fet tekst under. Lagre fila på skrivebordet som cfscript.txt Dra og slipp fila over combofix-iconet. Combofix vil starte igjen. Post loggen file:: c:\documents and settings\Ina\Lokale innstillinger\Programdata\av.exe Lenke til kommentar
Badmintonball Skrevet 4. februar 2010 Forfatter Del Skrevet 4. februar 2010 Combofix-loggen: ComboFix 10-02-03.08 - Ina 04.02.2010 17:47:40.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.1014.360 [GMT 1:00] Kjører fra: c:\documents and settings\Ina\Skrivebord\ComboFix.exe Command switches brukt :: c:\documents and settings\Ina\Skrivebord\cfscript.txt AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! FILE :: "c:\documents and settings\Ina\Lokale innstillinger\Programdata\av.exe" . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Ina\Lokale innstillinger\Programdata\av.exe . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-01-04 til 2010-02-04 ))))))))))))))))))))))))))))))))) . 2010-02-04 09:07 . 2010-02-04 09:07 -------- d-----w- c:\programfiler\iPod 2010-02-04 08:58 . 2010-02-04 08:58 72488 ----a-w- c:\documents and settings\All Users\Programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-03 16:16 . 2010-02-03 16:16 5115824 ----a-w- c:\documents and settings\All Users\Programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-02-03 16:15 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-03 16:15 . 2010-02-03 16:16 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2010-02-03 16:15 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-03 08:04 . 2010-02-03 08:04 -------- d-----w- c:\documents and settings\Ina\Programdata\Malwarebytes 2010-02-03 08:04 . 2010-02-03 08:04 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2010-02-03 07:50 . 2010-01-05 08:29 2066200 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgcorex.dll 2010-02-01 12:54 . 2010-02-01 12:54 -------- d-----w- c:\programfiler\Microsoft.NET 2010-02-01 12:52 . 2010-02-01 12:55 -------- d-----w- c:\windows\SHELLNEW 2010-02-01 12:50 . 2010-02-01 12:50 -------- d-----r- C:\MSOCache 2010-02-01 11:38 . 2010-02-01 12:44 -------- d-----w- c:\documents and settings\Ina\Programdata\GetRightToGo 2010-01-19 14:22 . 2010-01-19 14:22 -------- d-----w- c:\documents and settings\All Users\Programdata\Hewlett-Packard 2010-01-19 14:22 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll 2010-01-19 14:22 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll 2010-01-19 14:21 . 2007-03-08 19:20 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys 2010-01-19 14:21 . 2007-03-08 19:20 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys 2010-01-19 14:21 . 2007-03-08 19:20 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys 2010-01-19 14:21 . 2007-03-31 05:07 267864 ----a-w- c:\windows\system32\hpzids01.dll 2010-01-19 14:21 . 2007-03-18 06:11 303104 ----a-w- c:\windows\system32\hpovst10.dll 2010-01-19 14:21 . 2007-03-18 06:11 569344 ----a-w- c:\windows\system32\hpotscl3.dll 2010-01-19 14:21 . 2007-03-08 19:20 364544 ----a-w- c:\windows\system32\hppldcoi.dll 2010-01-19 14:21 . 2007-03-18 06:11 675840 ----a-w- c:\windows\system32\hpowiax3.dll 2010-01-19 14:21 . 2010-01-19 14:21 -------- d-----w- c:\programfiler\HP . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-04 14:44 . 2009-09-20 19:24 -------- d-----w- c:\documents and settings\Ina\Programdata\Spotify 2010-02-04 13:16 . 2010-01-05 14:06 -------- d-----w- c:\programfiler\Google 2010-02-04 09:08 . 2009-09-30 08:36 -------- d-----w- c:\programfiler\iTunes 2010-02-04 09:07 . 2009-09-20 19:25 -------- d-----w- c:\programfiler\Fellesfiler\Apple 2010-02-04 07:38 . 2009-06-26 15:19 -------- d-----w- c:\documents and settings\All Users\Programdata\Microsoft Help 2010-02-01 13:11 . 2009-09-18 03:46 74624 ----a-w- c:\documents and settings\Ina\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2010-02-01 12:56 . 2009-06-26 14:58 -------- d-----w- c:\programfiler\Microsoft Works 2010-02-01 10:02 . 2009-10-05 08:50 1 ----a-w- c:\documents and settings\Ina\Programdata\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-01-28 17:51 . 2009-10-13 17:57 -------- d-----w- c:\documents and settings\Ina\Programdata\vlc 2010-01-28 07:35 . 2009-06-25 21:10 76354 ----a-w- c:\windows\system32\perfc014.dat 2010-01-28 07:35 . 2009-06-25 21:10 436554 ----a-w- c:\windows\system32\perfh014.dat 2010-01-22 13:34 . 2007-05-22 18:08 10752 ----a-w- c:\windows\system32\KOAZJJ_L.DLL 2010-01-21 13:34 . 2009-09-20 19:29 -------- d-----w- c:\documents and settings\Ina\Programdata\Apple Computer 2010-01-05 10:00 . 2009-06-25 21:10 832512 ------w- c:\windows\system32\wininet.dll 2010-01-05 09:59 . 2009-06-25 21:10 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 09:59 . 2009-06-25 21:10 17408 ----a-w- c:\windows\system32\corpol.dll 2010-01-01 01:56 . 2009-12-23 18:51 -------- d-----w- c:\documents and settings\Ina\Programdata\Skype 2010-01-01 01:20 . 2009-12-23 19:22 -------- d-----w- c:\documents and settings\Ina\Programdata\skypePM 2009-12-23 19:22 . 2009-12-23 19:22 32 ----a-w- c:\documents and settings\All Users\Programdata\ezsid.dat 2009-12-23 10:03 . 2009-12-23 10:03 -------- d-----w- c:\programfiler\QuickTime 2009-12-16 16:23 . 2009-12-16 16:23 174 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\uninst2.bat 2009-12-16 16:23 . 2009-12-16 16:23 683801 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\UninstWMP\unins000.exe 2009-12-16 16:23 . 2009-12-16 16:23 -------- d-----w- c:\documents and settings\All Users\Programdata\Last.fm 2009-12-16 16:23 . 2009-12-16 16:23 683801 ----a-w- c:\documents and settings\All Users\Programdata\Last.fm\Client\UninstITW\unins000.exe 2009-12-16 16:22 . 2009-12-16 16:22 -------- d-----w- c:\programfiler\Last.fm 2009-12-11 09:51 . 2009-12-11 09:51 -------- d--h--w- c:\documents and settings\All Users\Programdata\CanonBJ 2009-12-07 13:46 . 2009-09-20 19:25 -------- d-----w- c:\documents and settings\All Users\Programdata\Apple 2009-11-21 16:03 . 2009-06-25 21:09 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-21 15:29 . 2009-10-14 12:05 42944 ----a-w- c:\documents and settings\Gjest\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( SnapShot@2010-02-03_22.29.01 ))))))))))))))))))))))))))))))))))))))))) . + 2010-02-04 16:20 . 2010-02-04 16:20 16384 c:\windows\Temp\Perflib_Perfdata_710.dat - 2010-02-01 12:59 . 2010-02-03 08:05 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe + 2010-02-01 12:59 . 2010-02-04 07:38 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe - 2010-02-01 12:59 . 2010-02-03 08:05 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe + 2010-02-01 12:59 . 2010-02-04 07:38 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe - 2010-02-01 12:59 . 2010-02-03 08:05 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe + 2010-02-01 12:59 . 2010-02-04 07:38 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe + 2010-02-04 13:17 . 2010-02-04 13:17 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe + 2010-02-04 13:17 . 2010-02-04 13:17 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe + 2010-02-04 13:17 . 2010-02-04 13:17 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2010-02-04 13:17 . 2010-02-04 13:17 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2010-02-04 13:17 . 2010-02-04 13:17 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe + 2010-02-04 13:17 . 2010-02-04 13:17 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe + 2010-02-04 13:17 . 2010-02-04 13:17 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\ARPPRODUCTICON.exe + 2006-07-24 09:50 . 2006-07-24 09:50 47920 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\VBAME.DLL + 2009-04-02 11:02 . 2009-04-02 11:02 17792 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\OPHPROXY.DLL + 2006-07-24 09:50 . 2006-07-24 09:50 92976 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\MSADDNDR.DLL + 2010-02-01 12:56 . 2010-02-01 12:56 12096 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\WORDPOL.DLL + 2006-10-26 21:58 . 2006-10-26 21:58 33080 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\VPREVIEW.EXE + 2010-02-01 12:56 . 2010-02-01 12:56 12080 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\VBIDEPOL.DLL + 2010-02-01 12:55 . 2010-02-01 12:55 64288 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\VBIDEPIA.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 15672 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\SMARTTAGINSTALL.EXE + 2006-10-26 18:49 . 2006-10-26 18:49 34104 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\SETLANG.EXE + 2006-10-26 19:55 . 2006-10-26 19:55 55056 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\SCANOST.EXE + 2006-10-26 19:55 . 2006-10-26 19:55 76576 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\RM.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 40424 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\REFIEBAR.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 39208 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\RECALL.DLL + 2006-10-26 19:09 . 2006-10-26 19:09 48448 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\PUBTRAP.DLL + 2010-02-01 12:56 . 2010-02-01 12:56 12112 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\PPTPOL.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 53048 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OUTLVBA.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 46936 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OSETUPPS.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 16728 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OMUOPTINPS.DLL + 2006-10-26 19:00 . 2006-10-26 19:00 23392 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OISCTRL.DLL + 2006-10-27 14:11 . 2006-10-27 14:11 54680 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OFFRHD.DLL + 2010-02-01 12:56 . 2010-02-01 12:56 11544 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OFFICEPL.DLL + 2010-02-01 12:56 . 2010-02-01 12:56 12104 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSTAGPOL.DLL + 2010-02-01 12:55 . 2010-02-01 12:55 20280 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSTAGPIA.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 43832 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSSH.DLL + 2006-10-27 14:26 . 2006-10-27 14:26 35152 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSOSTYLE.DLL + 2006-10-26 18:52 . 2006-10-26 18:52 66368 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSOMSE.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 67896 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSOHTMED.EXE + 2006-10-27 14:01 . 2006-10-27 14:01 76088 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSOHEV.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 19768 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSMH.DLL + 2006-10-26 18:52 . 2006-10-26 18:52 48424 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSE7.EXE + 2006-10-26 19:55 . 2006-10-26 19:55 21312 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MLSHEXT.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 89400 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\METCONV.DLL + 2010-02-01 12:56 . 2010-02-01 12:56 12096 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\GRAPHPOL.DLL + 2010-02-01 12:54 . 2010-02-01 12:54 12096 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\EXCELPOL.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 35160 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\DUMPSTER.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 53576 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\AUTHZAX.DLL + 2006-10-26 20:18 . 2006-10-26 20:18 94016 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\ACCOLK.DLL + 2010-02-04 07:31 . 2010-02-04 07:31 10576 c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll + 2010-02-04 07:31 . 2010-02-04 07:31 11112 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll + 2010-02-04 07:32 . 2010-02-04 07:32 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll + 2010-02-04 07:31 . 2010-02-04 07:31 11136 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll + 2010-02-04 07:32 . 2010-02-04 07:32 11152 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll + 2010-02-04 07:31 . 2010-02-04 07:31 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll + 2010-02-04 07:32 . 2010-02-04 07:32 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll + 2010-02-04 07:31 . 2010-02-04 07:31 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2010-02-04 07:31 . 2010-02-04 07:31 19320 c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll + 2009-05-26 17:53 . 2009-05-26 17:53 579072 c:\windows\Installer\317f7.msp + 2010-02-04 09:09 . 2010-02-04 09:09 102400 c:\windows\Installer\{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}\iTunesIco.exe - 2010-02-01 12:59 . 2010-02-03 08:05 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe + 2010-02-01 12:59 . 2010-02-04 07:38 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe + 2010-02-01 12:59 . 2010-02-04 07:38 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe - 2010-02-01 12:59 . 2010-02-03 08:05 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe - 2010-02-01 12:59 . 2010-02-03 08:05 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe + 2010-02-01 12:59 . 2010-02-04 07:38 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe - 2010-02-01 12:59 . 2010-02-03 08:05 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe + 2010-02-01 12:59 . 2010-02-04 07:38 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe + 2010-02-01 12:59 . 2010-02-04 07:38 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe - 2010-02-01 12:59 . 2010-02-03 08:05 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe - 2010-02-03 08:03 . 2010-02-03 08:03 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2010-02-04 07:27 . 2010-02-04 07:27 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2009-04-03 16:57 . 2009-04-03 16:57 509256 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\WRD12CVR.DLL + 2007-06-07 18:51 . 2007-06-07 18:51 125320 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\SSGEN.DLL + 2010-02-04 07:32 . 2010-02-04 07:32 350064 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\PPTPIA.DLL + 2009-04-03 17:04 . 2009-04-03 17:04 521064 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\POWERPNT.EXE + 2007-06-07 18:51 . 2007-06-07 18:51 465800 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\OUTLFLTR.DLL + 2006-07-24 09:50 . 2006-07-24 09:50 125744 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\MSSTDFMT.DLL + 2008-11-04 03:13 . 2008-11-04 03:13 118128 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\MSCONV97.DLL + 2008-11-04 00:44 . 2008-11-04 00:44 435096 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\DWTRIG20.EXE + 2008-11-04 00:44 . 2008-11-04 00:44 439632 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\DWDCW20.DLL + 2006-10-27 14:16 . 2006-10-27 14:16 408880 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\RTFHTML.DLL + 2006-10-26 20:07 . 2006-10-26 20:07 368968 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\PPSLAX.DLL + 2006-10-27 14:16 . 2006-10-27 14:16 138512 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OUTLCTL.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 254776 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OLKFSTUB.DLL + 2006-10-20 07:37 . 2006-10-20 07:37 637744 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OGALEGIT.DLL + 2010-02-01 12:55 . 2010-02-01 12:55 416544 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\OFFICE.DLL + 2006-10-26 18:55 . 2006-10-26 18:55 145688 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSTORE.EXE + 2006-10-26 13:47 . 2006-10-26 13:47 727840 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSPROOF6.DLL + 2006-10-26 12:58 . 2006-10-26 12:58 290576 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MSCDM.DLL + 2006-10-26 18:52 . 2006-10-26 18:52 460616 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\MODHELP.DLL + 2006-10-26 19:00 . 2006-10-26 19:00 178488 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\IETAG.DLL + 2010-02-01 12:55 . 2010-02-01 12:55 150320 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\GRAPHPIA.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 154960 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\ENVELOPE.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 116544 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\EMABLT32.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 106824 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\DSSM.EXE + 2010-02-04 07:31 . 2010-02-04 07:31 423784 c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2010-02-04 07:31 . 2010-02-04 07:31 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2010-02-04 07:37 . 2010-02-04 07:37 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2010-02-04 07:31 . 2010-02-04 07:31 149352 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2010-02-04 09:09 . 2010-02-04 09:09 4449280 c:\windows\Installer\44e1db.msi + 2009-08-05 06:49 . 2009-08-05 06:49 3457024 c:\windows\Installer\319cc.msp + 2009-04-24 11:28 . 2009-04-24 11:28 4450816 c:\windows\Installer\319b6.msp + 2009-04-04 16:10 . 2009-04-04 16:10 1282560 c:\windows\Installer\3198f.msp + 2009-04-04 16:10 . 2009-04-04 16:10 7888384 c:\windows\Installer\31987.msp + 2009-04-04 16:10 . 2009-04-04 16:10 9926144 c:\windows\Installer\3197d.msp + 2009-04-04 09:14 . 2009-04-04 09:14 1094656 c:\windows\Installer\31818.msp + 2009-08-18 11:57 . 2009-08-18 11:57 9122304 c:\windows\Installer\3180c.msp + 2009-10-16 06:09 . 2009-10-16 06:09 2518016 c:\windows\Installer\317e4.msp + 2009-08-18 12:08 . 2009-08-18 12:08 1373696 c:\windows\Installer\317d0.msp + 2010-02-04 13:17 . 2010-02-04 13:17 1262080 c:\windows\Installer\12cfda6.msi - 2010-02-01 12:59 . 2010-02-03 08:05 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe + 2010-02-01 12:59 . 2010-02-04 07:38 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe - 2010-02-01 12:59 . 2010-02-03 08:05 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe + 2010-02-01 12:59 . 2010-02-04 07:38 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe + 2008-11-21 02:12 . 2008-11-21 02:12 3750256 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\VVIEWER.DLL + 2008-10-25 08:35 . 2008-10-25 08:35 1847160 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\VVIEWDWG.DLL + 2009-04-03 17:04 . 2009-04-03 17:04 8468840 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\PPCORE.DLL + 2009-04-03 17:21 . 2009-04-03 17:21 8543096 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\OARTCONV.DLL + 2006-10-26 13:47 . 2006-10-26 13:47 1512304 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\NLSD0000.DLL + 2010-02-01 12:55 . 2010-02-01 12:55 1276720 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.4518\EXCELPIA.DLL + 2010-02-04 07:31 . 2010-02-04 07:31 1279848 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2009-04-04 16:09 . 2009-04-04 16:09 15190016 c:\windows\Installer\31839.msp + 2009-04-04 10:36 . 2009-04-04 10:36 21390848 c:\windows\Installer\31819.msp + 2009-04-03 17:21 . 2009-04-03 17:21 16037736 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\OART.DLL + 2009-04-03 17:46 . 2009-04-03 17:46 17314688 c:\windows\Installer\$PatchCache$\Managed0002119410000000000000000F01FEC\12.0.6425\MSO.DLL + 2009-04-04 16:08 . 2009-04-04 16:08 343058432 c:\windows\Installer\31972.msp . -- Snapshot resatt til dagens dato -- . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1] @="{fe25455d-b4c2-4e32-97d2-92632ec1c224}" [HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}] 2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2] @="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}" [HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}] 2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SRS Premium Sound"="c:\programfiler\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-05-19 3417336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2009-05-11 17881600] "AsusACPIServer"="c:\programfiler\EeePC\ACPI\AsAcpiSvr.exe" [2009-06-18 696320] "AsusEPCMonitor"="c:\programfiler\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304] "LiveUpdate"="c:\programfiler\Asus\LiveUpdate\LiveUpdate.exe" [2009-08-27 735208] "EasyMode"="c:\programfiler\\ASUS\\Easy Mode\\Easy Mode.exe" [2009-03-18 1249280] "EeeStorageBackup"="c:\programfiler\ASUS\Eee Storage\BackupService.exe" [2009-06-08 935184] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-06-26 3054136] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-12 2043160] "AppleSyncNotifier"="c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-10-02 149280] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-07-06 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-07-06 354840] "PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-07-06 96792] "SynAsusAcpi"="c:\programfiler\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240] "QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2010-01-22 141608] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-09-23 21:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin] 2009-06-25 05:13 65536 ----a-w- c:\windows\system32\igdlogin.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"= "c:\\Programfiler\\BitLord\\BitLord.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Programfiler\\iTunes\\iTunes.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23.09.2009 22:56 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23.09.2009 22:57 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [23.09.2009 22:45 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [23.09.2009 22:45 297752] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [26.06.2009 16:14 54752] R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\programfiler\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [19.05.2009 17:29 107744] R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [26.06.2009 15:24 5097632] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [04.06.2009 02:54 38912] R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [26.06.2009 17:02 233512] R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [04.06.2009 02:54 39040] S2 gupdate;Google Update Service (gupdate);c:\programfiler\Google\Update\GoogleUpdate.exe [05.01.2010 15:07 135664] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.06.2009 15:24 1684736] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [20.09.2009 20:26 40448] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-12-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2010-01-05 14:06] 2010-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2010-01-05 14:06] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://eeepc.asus.com/global uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Send til &Bluetooth-enhet... - c:\programfiler\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send til Bluetooth - c:\programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\documents and settings\Ina\Programdata\Mozilla\Firefox\Profiles\s46ilas3.default\ FF - prefs.js: keyword.URL - hxxp://no.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_no&p= FF - component: c:\programfiler\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - plugin: c:\programfiler\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\programfiler\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-04 17:54 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . Tidspunkt ferdig: 2010-02-04 17:56:58 ComboFix-quarantined-files.txt 2010-02-04 16:56 ComboFix2.txt 2010-02-03 22:31 Pre-Run: 66 909 032 448 byte ledig Post-Run: 66 972 876 800 byte ledig - - End Of File - - 84A4408DF26A378C3D0436FBC8D5E989 Lenke til kommentar
norbat Skrevet 4. februar 2010 Del Skrevet 4. februar 2010 Fortsatt problemer? Loggen ser grei ut. Lenke til kommentar
Badmintonball Skrevet 4. februar 2010 Forfatter Del Skrevet 4. februar 2010 Har fortsatt problemer ja. XP Antivirus åpner seg stadig og gir meg advarsler, og får opp sånne windowsbobler om at pc'en har virus. Har skannet og slettet og lett etter løsninger i to dager, men blir ikke kvitt faenskapet. Lenke til kommentar
norbat Skrevet 4. februar 2010 Del Skrevet 4. februar 2010 Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "Bare slett midlertidige filer som er eldre enn 48 timer" Klikk på 'Renser' og deretter 'Kjør CCleaner'. Hent Blacklight og kjør en skann. Fortell hva den evt. finner. Lenke til kommentar
Badmintonball Skrevet 5. februar 2010 Forfatter Del Skrevet 5. februar 2010 Skal prøve det. Tusen takk! Lenke til kommentar
Badmintonball Skrevet 5. februar 2010 Forfatter Del Skrevet 5. februar 2010 Done. Blacklight fant ingenting, men jeg kjørte virusprogrammet mitt en gang til i tillegg, og slettet noen cookies o.l. Har ikke skjedd noe på en stund nå, så kanskje det funker. Tusen tusen takk for hjelpen! Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå