Paradoxo Skrevet 15. mai 2010 Del Skrevet 15. mai 2010 Hei jeg har skanna Pcen med Malwarebytes og combofix. og nettet har blitt utrolig tregt etter dette. Loggen ComboFix 10-05-14.06 - Sindre 15.05.2010 15:02:48.1.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.3326.2810 [GMT 2:00] Kjører fra: c:\documents and settings\Sindre\Mine dokumenter\Nedlastinger\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Sindre\Programdata\chrtmp c:\windows\system32\detoured.dll . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-04-15 til 2010-05-15 ))))))))))))))))))))))))))))))))) . 2010-05-13 21:26 . 2010-02-26 11:00 724992 ----a-w- c:\documents and settings\Sindre\Programdata\Mozilla\Firefox\Profiles\ow1kthkj.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll 2010-05-13 21:26 . 2010-02-26 11:00 1291640 ----a-w- c:\documents and settings\Sindre\Programdata\Mozilla\Firefox\Profiles\ow1kthkj.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe 2010-05-12 23:40 . 2010-05-12 23:40 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP 2010-05-12 23:35 . 2010-05-12 23:44 -------- d-----w- c:\programfiler\SAW 2010-05-12 13:08 . 2010-05-12 13:09 -------- d-----w- c:\programfiler\Runes of Magic 2010-05-11 20:58 . 2010-05-11 21:14 -------- d-----w- c:\documents and settings\Sindre\Programdata\NationRed 2010-05-11 20:30 . 2010-05-11 20:58 -------- d-----w- c:\programfiler\Nation Red 2010-05-11 20:27 . 2010-05-11 20:29 -------- d-----w- c:\programfiler\Zombie Driver 2010-05-11 18:58 . 2010-05-11 18:59 -------- d-----w- c:\documents and settings\Sindre\Programdata\ZombieDriver 2010-05-11 18:56 . 2010-05-11 20:31 -------- d-----w- c:\programfiler\OpenAL 2010-04-29 22:08 . 2010-04-29 22:08 0 ----a-w- c:\documents and settings\Sindre\Programdata\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe 2010-04-29 13:57 . 2010-05-12 13:16 -------- d-----w- c:\documents and settings\Sindre\Programdata\Skype 2010-04-29 13:57 . 2010-04-29 13:57 -------- d-----w- c:\programfiler\Fellesfiler\Skype 2010-04-29 13:57 . 2010-04-29 13:57 -------- d-----r- c:\programfiler\Skype 2010-04-28 15:18 . 2010-04-28 15:18 -------- d-----w- c:\programfiler\Activision 2010-04-28 15:17 . 2010-04-28 15:17 -------- d-sh--w- c:\windows\ftpcache 2010-04-27 20:57 . 2010-04-27 20:57 655360 ----a-w- c:\documents and settings\Sindre\Programdata\Spotify\Gracenote\gnsdk_sdkmanager.dll 2010-04-27 20:57 . 2010-04-27 20:57 282624 ----a-w- c:\documents and settings\Sindre\Programdata\Spotify\Gracenote\gnsdk_musicid_file.dll 2010-04-27 20:57 . 2010-04-27 20:57 208896 ----a-w- c:\documents and settings\Sindre\Programdata\Spotify\Gracenote\gnsdk_dsp.dll 2010-04-23 04:03 . 2010-04-23 04:03 -------- d-----w- c:\documents and settings\Sindre\Programdata\Teleca 2010-04-23 03:58 . 2010-04-23 03:58 -------- d-----w- c:\documents and settings\Sindre\Lokale innstillinger\Programdata\Sony Ericsson 2010-04-23 03:58 . 2010-04-23 03:58 -------- d-----w- c:\documents and settings\Sindre\Programdata\Sony Ericsson 2010-04-23 03:58 . 2010-05-12 13:57 -------- d-----w- c:\programfiler\Fellesfiler\Teleca Shared 2010-04-21 17:44 . 2010-04-29 22:35 -------- d-----w- c:\documents and settings\Sindre\Programdata\FrostWire 2010-04-21 06:20 . 2010-04-21 06:20 242696 ----a-w- c:\documents and settings\All Users\Programdata\avg9\update\backup\avgtdix.sys 2010-04-21 06:19 . 2010-04-21 06:19 1689952 ----a-w- c:\documents and settings\All Users\Programdata\avg9\update\backup\avgupd.dll 2010-04-20 17:54 . 2010-05-11 20:28 -------- d-----w- c:\programfiler\Wolfenstein - Enemy Territory 2010-04-18 15:00 . 2010-04-18 15:00 25 ----a-w- c:\windows\popcinfot.dat 2010-04-17 12:02 . 2010-05-12 12:41 -------- d-----w- c:\programfiler\AlienGUIse 2010-04-17 12:02 . 2003-02-26 20:27 36864 ----a-w- c:\windows\system32\wbsys.dll 2010-04-15 16:01 . 2010-04-15 16:01 130 ----a-w- c:\documents and settings\Sindre\Lokale innstillinger\Programdata\fusioncache.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-15 12:58 . 2001-10-09 12:00 79664 ----a-w- c:\windows\system32\perfc014.dat 2010-05-15 12:58 . 2001-10-09 12:00 443576 ----a-w- c:\windows\system32\perfh014.dat 2010-05-15 12:54 . 2009-11-23 16:25 16608 ----a-w- c:\windows\gdrv.sys 2010-05-15 12:47 . 2010-02-11 20:04 -------- d-----w- c:\programfiler\Steam 2010-05-15 12:27 . 2009-12-05 15:03 -------- d-----w- c:\documents and settings\Sindre\Programdata\uTorrent 2010-05-15 12:26 . 2009-12-05 15:04 -------- d-----w- c:\programfiler\uTorrent 2010-05-15 12:25 . 2009-11-23 19:45 -------- d-----w- c:\documents and settings\Sindre\Programdata\Spotify 2010-05-15 12:23 . 2009-11-23 16:25 -------- d--h--w- c:\programfiler\InstallShield Installation Information 2010-05-15 11:57 . 2010-01-30 22:51 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-05-15 11:57 . 2010-01-30 22:51 215016 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-05-13 21:48 . 2010-02-25 00:13 138056 ----a-w- c:\documents and settings\Sindre\Programdata\PnkBstrK.sys 2010-05-13 21:48 . 2010-02-25 00:13 138056 ----a-w- c:\documents and settings\Sindre\Programdata\PnkBstrK.sys 2010-05-13 21:48 . 2010-02-25 00:13 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe 2010-05-13 11:41 . 2010-03-13 12:36 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2010-05-12 14:07 . 2010-01-27 00:04 856864 ----a-w- c:\documents and settings\LocalService\Lokale innstillinger\Programdata\FontCache3.0.0.0.dat 2010-05-12 13:07 . 2009-12-04 22:43 -------- d-----w- c:\documents and settings\Sindre\Programdata\skypePM 2010-05-11 20:29 . 2010-01-29 22:20 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2010-05-11 20:29 . 2010-01-29 22:20 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2010-05-11 20:28 . 2010-04-03 01:10 -------- d-----w- c:\programfiler\Empire Interactive 2010-05-11 18:57 . 2009-12-27 02:44 -------- d-----w- c:\programfiler\AGEIA Technologies 2010-05-11 18:56 . 2009-12-07 18:54 -------- d-----w- c:\programfiler\Fellesfiler\Wise Installation Wizard 2010-05-11 06:35 . 2009-11-23 19:53 -------- d-----w- c:\documents and settings\Sindre\Programdata\vlc 2010-04-29 22:47 . 2009-11-23 17:22 -------- d-----w- c:\documents and settings\All Users\Programdata\avg9 2010-04-29 13:57 . 2009-12-04 22:40 -------- d-----w- c:\documents and settings\All Users\Programdata\Skype 2010-04-28 08:18 . 2009-12-30 01:58 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-25 17:57 . 2010-03-28 20:46 -------- d-----w- c:\programfiler\World of Warcraft 2010-04-24 21:31 . 2009-11-25 16:24 -------- d-----w- c:\programfiler\Windows Live 2010-04-21 06:20 . 2009-11-23 17:22 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-04-16 06:13 . 2009-11-23 22:16 -------- d-----w- c:\programfiler\Fellesfiler\Logishrd 2010-04-15 15:33 . 2009-11-23 22:16 -------- d-----w- c:\programfiler\Logitech 2010-04-15 15:33 . 2009-11-23 22:16 -------- d-----w- c:\documents and settings\All Users\Programdata\LogiShrd 2010-04-15 15:32 . 2010-04-03 17:32 -------- d-----w- c:\documents and settings\All Users\Programdata\Logitech 2010-04-15 15:04 . 2010-04-12 13:38 -------- d-----w- c:\programfiler\Winamp 2010-04-14 22:46 . 2010-04-14 22:46 -------- d-----w- c:\programfiler\dumps 2010-04-14 22:43 . 2009-12-19 17:46 -------- d-----w- c:\documents and settings\Sindre\Programdata\mIRC 2010-04-14 21:54 . 2009-12-19 17:46 -------- d-----w- c:\programfiler\mIRC 2010-04-14 13:08 . 2010-04-14 13:08 -------- d-----w- c:\programfiler\MSXML 4.0 2010-04-13 19:42 . 2010-04-13 19:42 14472 ----a-w- c:\documents and settings\Sindre\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2010-04-13 19:28 . 2010-04-13 19:26 -------- d-----w- c:\programfiler\SpeedFan 2010-04-13 17:49 . 2010-01-26 16:22 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2010-04-13 13:01 . 2010-02-23 11:48 -------- d-----w- c:\programfiler\Rockstar Games 2010-04-13 12:56 . 2010-04-12 12:59 -------- d-----w- c:\programfiler\Webcam Video Capture 2010-04-13 12:35 . 2010-01-26 16:22 0 ----a-w- c:\windows\system32\drivers\logiflt.iad 2010-04-10 10:52 . 2010-04-10 10:52 -------- d-----w- c:\documents and settings\All Users\Programdata\PopCap Games 2010-04-08 16:33 . 2010-04-08 16:33 -------- d-----w- c:\programfiler\Windows Journal Viewer 2010-04-07 15:13 . 2010-01-30 22:37 -------- d-----w- c:\programfiler\EA Games 2010-04-03 17:39 . 2010-04-03 17:35 -------- d-----w- c:\programfiler\LcdStudio 2010-04-02 14:40 . 2010-04-02 14:40 -------- d-----w- c:\documents and settings\Sindre\Programdata\FOG Downloader 2010-04-01 16:28 . 2010-04-01 16:28 -------- d-----w- c:\programfiler\Auran 2010-04-01 14:56 . 2010-04-01 14:56 -------- d-----w- c:\documents and settings\Sindre\Programdata\Disney Interactive Studios 2010-04-01 14:53 . 2010-02-06 12:46 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2010-03-31 18:03 . 2010-03-31 18:03 -------- d-----w- c:\documents and settings\Sindre\Programdata\Ubisoft 2010-03-31 18:03 . 2010-03-31 18:03 -------- d-----w- c:\documents and settings\All Users\Programdata\Ubisoft 2010-03-31 17:54 . 2010-02-06 12:41 -------- d-----w- c:\programfiler\Ubisoft 2010-03-29 17:13 . 2010-03-29 17:04 -------- d-----w- c:\documents and settings\All Users\Programdata\Blizzard Entertainment 2010-03-28 21:59 . 2009-11-23 19:24 -------- d-----w- c:\programfiler\Fellesfiler\Blizzard Entertainment 2010-03-27 19:17 . 2010-01-02 23:29 -------- d-----w- c:\programfiler\Google 2010-03-27 15:10 . 2010-03-15 20:54 -------- d-----w- c:\programfiler\Diablo II 2010-03-27 15:08 . 2010-03-15 20:57 37134 ----a-w- c:\windows\DIIUnin.dat 2010-03-27 15:06 . 2010-03-27 15:06 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2010-03-27 14:56 . 2009-12-29 14:08 21840 ----atw- c:\windows\system32\SIntfNT.dll 2010-03-27 14:56 . 2009-12-29 14:08 17212 ----atw- c:\windows\system32\SIntf32.dll 2010-03-27 14:56 . 2009-12-29 14:08 12067 ----atw- c:\windows\system32\SIntf16.dll 2010-03-27 01:09 . 2010-03-27 01:09 -------- d-----w- c:\programfiler\Microsoft XNA 2010-03-24 19:59 . 2010-01-30 22:51 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-03-24 19:59 . 2010-03-16 17:00 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe 2010-03-22 22:57 . 2010-03-22 22:57 -------- d-----w- c:\programfiler\CPUID 2010-03-21 10:21 . 2010-03-21 01:08 -------- d-----w- c:\programfiler\random 2010-03-21 01:40 . 2010-03-21 01:14 -------- d---a-w- c:\documents and settings\All Users\Programdata\TEMP 2010-03-21 01:16 . 2010-03-21 01:16 -------- d-----w- c:\documents and settings\Sindre\Programdata\TitanicMystery 2010-03-17 19:58 . 2010-03-17 19:58 -------- d-----w- c:\programfiler\DAMN NFO Viewer 2010-03-17 00:58 . 2010-01-31 18:10 -------- d-----w- c:\documents and settings\All Users\Programdata\Electronic Arts 2010-03-17 00:55 . 2010-03-17 00:55 -------- d-----w- c:\documents and settings\Sindre\Programdata\Avnex 2010-03-16 16:53 . 2009-12-29 15:19 -------- d-----w- c:\programfiler\Electronic Arts 2010-03-15 20:57 . 2010-03-15 20:57 94208 ----a-w- c:\windows\DIIUnin.exe 2010-03-15 20:57 . 2010-03-15 20:57 2829 ----a-w- c:\windows\DIIUnin.pif 2010-03-15 00:52 . 2010-03-15 00:52 503808 ----a-w- c:\documents and settings\Sindre\Programdata\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1fba5b4e-n\msvcp71.dll 2010-03-15 00:52 . 2010-03-15 00:52 499712 ----a-w- c:\documents and settings\Sindre\Programdata\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1fba5b4e-n\jmc.dll 2010-03-15 00:52 . 2010-03-15 00:52 348160 ----a-w- c:\documents and settings\Sindre\Programdata\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1fba5b4e-n\msvcr71.dll 2010-03-15 00:52 . 2010-03-15 00:52 61440 ----a-w- c:\documents and settings\Sindre\Programdata\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-122917d5-n\decora-sse.dll 2010-03-15 00:52 . 2010-03-15 00:52 12800 ----a-w- c:\documents and settings\Sindre\Programdata\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-122917d5-n\decora-d3d.dll 2010-03-14 11:22 . 2010-03-14 11:22 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-14 11:22 . 2009-11-23 17:22 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-14 11:22 . 2009-11-23 17:22 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-13 12:36 . 2010-03-13 12:36 53248 ----a-r- c:\documents and settings\Sindre\Programdata\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2010-03-09 11:11 . 2004-08-03 23:03 430080 ----a-w- c:\windows\system32\vbscript.dll 2010-03-08 17:30 . 2010-03-08 17:30 36862 ----a-r- c:\documents and settings\Sindre\Programdata\Microsoft\Installer\{3FDEB837-0EC9-40E0-A3A2-3526A22AA881}\_B39F9A0E79DB5AFC4BD5E6.exe 2010-03-08 17:30 . 2010-03-08 17:30 36862 ----a-r- c:\documents and settings\Sindre\Programdata\Microsoft\Installer\{3FDEB837-0EC9-40E0-A3A2-3526A22AA881}\_7ED53DD8FBE8D04689CC79.exe 2010-03-07 11:32 . 2010-03-07 11:32 4 ----a-w- C:\loadcounter.dat 2010-03-06 17:47 . 2010-03-06 17:47 552 ----a-w- c:\windows\eReg.dat 2010-03-06 16:36 . 2010-03-06 16:36 667648 ----a-w- c:\documents and settings\Sindre\Programdata\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\pmv306a-1002180-0-main.dll 2010-03-06 16:35 . 2010-03-06 16:35 319488 ----a-w- c:\documents and settings\Sindre\Programdata\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe 2010-03-01 20:06 . 2010-03-01 20:06 520192 ----a-w- c:\windows\system32\amd dragon platform technology.scr 2010-03-01 07:06 . 2010-01-06 17:16 9788 ---ha-w- c:\windows\system32\mlfcache.dat 2010-02-24 20:04 . 2010-02-24 10:01 163712 ----a-w- c:\windows\system32\drivers\vidstub.sys 2010-02-24 13:11 . 2004-08-03 21:15 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-22 16:57 . 2010-03-14 13:54 84512 ----a-w- c:\windows\SOUNDMAN.EXE 2010-02-22 16:57 . 2010-03-14 13:54 358944 ----a-w- c:\windows\vncutil.exe 2010-02-22 16:57 . 2010-03-14 13:54 1833504 ----a-w- c:\windows\SkyTel.exe 2010-02-22 16:57 . 2010-03-14 13:54 1489440 ----a-w- c:\windows\RtlUpd.exe . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\programfiler\XfireXO\tbXfir.dll" [2010-02-22 2353176] [HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}] 2010-02-22 11:05 2353176 ----a-w- c:\programfiler\XfireXO\tbXfir.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\programfiler\XfireXO\tbXfir.dll" [2010-02-22 2353176] [HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}"= "c:\programfiler\XfireXO\tbXfir.dll" [2010-02-22 2353176] [HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\programfiler\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Pando Media Booster"="c:\programfiler\Pando Networks\Media Booster\PMB.exe" [2010-02-02 2937528] "uTorrent"="c:\programfiler\uTorrent\uTorrent.exe" [2010-05-15 322352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GEST"="m‘|\ü" [X] "StartCCC"="c:\programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824] "SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2010-02-18 248040] "AdobeCS4ServiceManager"="c:\programfiler\Fellesfiler\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "D-Link AirPlus G"="c:\programfiler\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 1544192] "ANIWZCS2Service"="c:\programfiler\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 49152] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "EvtMgr6"="c:\programfiler\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848] "RTHDCPL"="RTHDCPL.EXE" [2010-02-22 18791456] "Launch LgDeviceAgent"="c:\programfiler\Logitech\GamePanel Software\LgDevAgt.exe" [2010-02-18 357448] "Launch LCDMon"="c:\programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-02-18 1573448] "Launch LGDCore"="c:\programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-02-18 3203144] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Sindre\Start-meny\Programmer\Oppstart\ MagicDisc.lnk - c:\programfiler\MagicDisc\MagicDisc.exe [2009-12-6 576000] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ Ralink Wireless Utility.lnk - c:\windows\RaUI.exe [2010-1-26 598016] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-03-14 11:22 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-01-29 21:17 64592 ----a-w- c:\programfiler\Fellesfiler\Logishrd\Bluetooth\LBTWLgn.dll [HKLM\~\startupfolder\C:^Documents and Settings^Sindre^Start-meny^Programmer^Oppstart^Need for Speed™ Undercover Registration.lnk] path=c:\documents and settings\Sindre\Start-meny\Programmer\Oppstart\Need for Speed™ Undercover Registration.lnk backup=c:\windows\pss\Need for Speed™ Undercover Registration.lnkStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\AVG\\AVG9\\avgemc.exe"= "c:\\Programfiler\\AVG\\AVG9\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG9\\avgnsx.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Programfiler\\uTorrent\\uTorrent.exe"= "c:\\Programfiler\\Ventrilo\\Ventrilo.exe"= "c:\\Programfiler\\mIRC\\mirc.exe"= "c:\\Programfiler\\Sony\\Vegas Pro 9.0\\VegSrv90.exe"= "c:\\Programfiler\\Fellesfiler\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dxdiag.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\Programfiler\\Steam\\steamapps\\paradoxo94\\counter-strike source\\hl2.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Programfiler\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Programfiler\\Steam\\Steam.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Programfiler\\Gigabyte\\EasySaver\\UpdExe.exe"= "c:\\Programfiler\\Xfire\\Xfire.exe"= "c:\\Documents and Settings\\Sindre\\Programdata\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= "d:\\Spell\\The Lord of the Rings Online\\lotroclient.exe"= "c:\\Programfiler\\Steam\\steamapps\\paradoxo94\\day of defeat\\hl.exe"= "c:\\Programfiler\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"= "c:\\Programfiler\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Game.exe"= "c:\\Programfiler\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"= "c:\\Programfiler\\World of Warcraft\\Launcher.exe"= "c:\\Programfiler\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"= "c:\\Programfiler\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"= "c:\\Programfiler\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"= "c:\\Programfiler\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"= "c:\\Programfiler\\VideoLAN\\VLC\\vlc.exe"= "c:\\Documents and Settings\\Sindre\\Skrivebord\\DRM\\server.exe"= "c:\\Programfiler\\Steam\\steamapps\\paradoxo94\\counter-strike\\hl.exe"= "c:\\Programfiler\\Messenger\\msmsgs.exe"= "c:\\Programfiler\\Activision\\Prototype\\prototypef.exe"= "c:\\Programfiler\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"= "c:\\Programfiler\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\Sindre\\Lokale innstillinger\\Apps\\2.0\\EWAYP4E7.QXK\\AM2XVB8Y.L64\\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\\CurseClient.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "58868:TCP"= 58868:TCP:Pando Media Booster "58868:UDP"= 58868:UDP:Pando Media Booster R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23.11.2009 19:22 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23.11.2009 19:22 242896] R2 avg9emc;AVG Free E-mail Scanner;c:\programfiler\AVG\AVG9\avgemc.exe [14.03.2010 13:22 916760] R2 avg9wd;AVG Free WatchDog;c:\programfiler\AVG\AVG9\avgwdsvc.exe [14.03.2010 13:22 308064] R2 ES lite Service;ES lite Service for program management.;c:\programfiler\Gigabyte\EasySaver\essvr.exe [23.11.2009 18:25 68136] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23.11.2009 17:37 19720] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06.12.2009 19:42 722416] S2 AODService;AODService;c:\programfiler\AMD\OverDrive\AODAssist.exe [22.10.2009 04:49 136544] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [14.03.2010 15:53 1691480] S3 cmusbser;%CMUSBSER%;c:\windows\system32\drivers\cmusbser.sys [16.02.2010 15:59 87040] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [03.04.2010 19:32 14856] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?] S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [29.03.2010 23:55 17792] . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-05-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.ask.com?o=15161&l=dis uInternet Settings,ProxyOverride = *.local IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\programfiler\Get Styles\ct.htm FF - ProfilePath - c:\documents and settings\Sindre\Programdata\Mozilla\Firefox\Profiles\ow1kthkj.default\ FF - prefs.js: browser.startup.homepage - hxxp://nb-NO.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nb-NO:official FF - component: c:\programfiler\AVG\AVG9\Firefox\components\avgssff.dll FF - plugin: c:\documents and settings\Sindre\Programdata\Mozilla\Firefox\Profiles\ow1kthkj.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . - - - - TOMME PEKERE FJERNET - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-AdobeBridge - (no file) HKCU-Run-browser - c:\windows\netdir\browser.exe HKLM-Run-browser - c:\windows\netdir\browser.exe HKLM-Explorer_Run-browser - c:\windows\netdir\browser.exe AddRemove-Fraps - c:\fraps\uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-15 15:05 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_USERS\S-1-5-21-2052111302-1592454029-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) [HKEY_USERS\S-1-5-21-2052111302-1592454029-839522115-1003\Software\SecuROM\License information*] "datasecu"=hex:21,17,bd,39,ca,ac,a0,52,66,7c,c7,6c,98,80,36,60,4f,96,46,f9,ea, 21,5a,ee,3d,30,9f,f7,b5,de,ac,16,29,92,cc,15,62,e5,78,76,5c,c4,60,fa,35,ac,\ "rkeysecu"=hex:f9,3f,cc,3a,25,73,49,ba,f9,34,8f,8e,ce,06,60,7d . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(764) c:\windows\system32\Ati2evxx.dll c:\programfiler\fellesfiler\logishrd\bluetooth\LBTWlgn.dll . Tidspunkt ferdig: 2010-05-15 15:06:15 ComboFix-quarantined-files.txt 2010-05-15 13:06 Pre-Run: 333 395 554 304 byte ledig Post-Run: 333 683 838 976 byte ledig WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - 634ED97E63F54EA71FCEE679694A7335 Takk for svar ComboFix.txt Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå