RogerR Skrevet 29. september 2010 Del Skrevet 29. september 2010 (endret) Hei, Mistanke om at ting ikke er helt som det skal / bør pga. litt lang oppstart og langt ifra max på linja ift. normalen. Fant også noen småvirus her og der ifg. Avira AntiVirus, men usikker på om dette ble fjernet. Kjører SpyBot og Malwarebytes utenom som har stått på 24/7. LOGG ComboFix 10-09-28.03 - User 29.09.2010 17:57:45.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.3030.2467 [GMT 2:00] Kjører fra: c:\documents and settings\User\Skrivebord\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Thumbs.db c:\windows\Tasks\Acrobat Update.job . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-08-28 til 2010-09-29 ))))))))))))))))))))))))))))))))) . 2010-09-29 00:46 . 2010-09-29 00:46 -------- d-----r- c:\documents and settings\LocalService\Favoritter 2010-09-29 00:30 . 2010-09-29 00:30 -------- d-----w- c:\documents and settings\User\Programdata\Avira 2010-09-29 00:28 . 2010-09-29 03:01 -------- d-----w- c:\windows\system32\NtmsData 2010-09-29 00:22 . 2010-09-29 00:22 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-09-29 00:20 . 2010-09-29 00:20 -------- d-----w- c:\programfiler\Avira 2010-09-29 00:20 . 2010-09-29 00:20 -------- d-----w- c:\documents and settings\All Users\Programdata\Avira 2010-09-29 00:20 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-09-29 00:20 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-09-29 00:20 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-09-29 00:20 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-09-27 07:02 . 2010-09-27 07:02 -------- d-----w- c:\programfiler\iPod 2010-09-27 07:02 . 2010-09-27 07:03 -------- d-----w- c:\programfiler\iTunes 2010-09-27 06:59 . 2010-09-27 06:59 -------- d-----w- c:\programfiler\Bonjour 2010-09-22 00:25 . 2010-09-22 00:25 -------- d-----w- c:\documents and settings\User\FutureDecks Data 2010-09-22 00:24 . 2010-03-18 07:15 770384 ----a-w- c:\windows\system32\msvcr100.dll 2010-09-22 00:24 . 2010-03-18 07:15 421200 ----a-w- c:\windows\system32\msvcp100.dll 2010-09-22 00:24 . 2010-09-22 00:24 -------- d-----w- c:\programfiler\XYLIO 2010-09-22 00:10 . 2010-09-22 00:10 -------- d-----w- c:\programfiler\VirtualDJ 2010-09-20 08:29 . 2010-09-20 08:29 -------- d-----w- c:\documents and settings\User\Programdata\Antares 2010-09-20 08:29 . 2010-09-20 08:29 -------- d-----w- c:\programfiler\Antares Audio Technologies 2010-09-20 08:22 . 2010-09-20 08:51 -------- d-----w- c:\programfiler\ASIO4ALL v2 2010-09-20 08:21 . 2010-09-20 08:42 -------- d-----w- c:\programfiler\VstPlugins 2010-09-20 08:21 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll 2010-09-20 08:21 . 2010-09-20 08:21 -------- d-----w- c:\programfiler\Outsim 2010-09-20 08:20 . 2010-09-20 08:22 -------- d-----w- c:\programfiler\Image-Line 2010-09-17 09:25 . 2010-09-17 09:26 -------- d-----w- c:\programfiler\QuickTime 2010-09-16 22:36 . 2010-09-16 22:36 -------- d-----w- c:\documents and settings\User\Programdata\NCH Software 2010-09-16 22:36 . 2010-09-16 22:36 -------- d-----w- c:\documents and settings\All Users\Programdata\NCH Software 2010-09-16 21:23 . 2010-09-16 22:23 -------- d-----w- c:\programfiler\NCH Software 2010-09-16 19:33 . 2010-09-23 19:34 -------- d-----w- c:\documents and settings\User\Programdata\NCH Swift Sound 2010-09-16 19:33 . 2010-09-23 19:34 -------- d-----w- c:\documents and settings\All Users\Programdata\NCH Swift Sound 2010-09-16 19:33 . 2010-09-18 00:55 -------- d-----w- c:\programfiler\NCH Swift Sound 2010-09-14 00:42 . 2010-09-14 00:42 -------- d-sh--w- c:\documents and settings\User\IECompatCache 2010-09-12 21:43 . 2010-09-12 21:43 -------- d-----w- c:\documents and settings\User\Lokale innstillinger\Programdata\cache 2010-09-12 21:23 . 2010-09-12 21:25 -------- d-----w- c:\programfiler\Fellesfiler\Adobe AIR 2010-09-12 21:21 . 2010-09-12 21:21 -------- d-----w- c:\documents and settings\User\Lokale innstillinger\Programdata\P5 2010-09-05 16:21 . 2010-09-05 16:42 -------- d-----w- C:\MP3 2010-09-05 04:15 . 2010-09-29 12:56 -------- d-----w- C:\Download 2010-09-05 04:15 . 2010-09-05 04:46 -------- d-----w- C:\tmpDownload 2010-09-05 04:14 . 2010-09-05 04:15 -------- d-----w- C:\YoutubeMusicDownloader . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-29 16:04 . 2010-07-27 14:24 -------- d-----w- c:\programfiler\Steam 2010-09-29 01:30 . 2010-03-02 18:35 -------- d-----w- c:\documents and settings\User\Programdata\skypePM 2010-09-29 01:28 . 2010-03-02 18:34 -------- d-----w- c:\documents and settings\User\Programdata\Skype 2010-09-29 00:28 . 2009-09-24 07:35 -------- d-----w- c:\documents and settings\User\Programdata\uTorrent 2010-09-28 23:47 . 2009-09-24 07:36 -------- d-----w- c:\programfiler\uTorrent 2010-09-27 22:56 . 2009-10-02 01:42 -------- d-----w- c:\documents and settings\User\Programdata\Spotify 2010-09-27 07:02 . 2010-01-12 02:08 -------- d-----w- c:\programfiler\Fellesfiler\Apple 2010-09-22 01:36 . 2010-08-28 02:56 -------- d-----w- c:\documents and settings\User\Programdata\vlc 2010-09-22 00:25 . 2009-08-11 14:47 63160 ----a-w- c:\documents and settings\Administrator\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2010-09-15 20:25 . 2009-08-26 01:31 -------- d-----w- c:\documents and settings\All Users\Programdata\Microsoft Help 2010-09-13 22:48 . 2009-09-27 03:39 -------- d-----w- c:\programfiler\Microsoft Silverlight 2010-09-11 16:03 . 2009-08-26 02:03 -------- d-----w- c:\programfiler\Opera 2010-08-29 20:06 . 2010-08-29 20:06 -------- d-----w- c:\documents and settings\All Users\Programdata\Logitech 2010-08-29 20:06 . 2010-08-29 20:06 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2010-08-29 19:57 . 2010-08-29 19:50 -------- d-----w- c:\documents and settings\User\Programdata\Logitech 2010-08-29 19:57 . 2010-08-29 19:57 -------- d-----w- c:\documents and settings\User\Programdata\Leadertech 2010-08-29 19:57 . 2010-08-29 19:56 -------- d-----w- c:\programfiler\Fellesfiler\LogiShrd 2010-08-29 19:57 . 2010-08-29 19:57 -------- d-----w- c:\documents and settings\All Users\Programdata\Logishrd 2010-08-29 19:57 . 2010-08-29 19:57 -------- d-----w- c:\programfiler\Logitech 2010-08-29 19:56 . 2010-08-29 19:50 -------- d-----w- c:\documents and settings\User\Programdata\Logishrd 2010-08-29 19:55 . 2010-08-29 19:55 -------- d-----w- c:\documents and settings\User\Programdata\GetRightToGo 2010-08-28 18:01 . 2010-07-10 03:51 -------- d-----w- c:\programfiler\PS3 Media Server 2010-08-22 17:42 . 2010-08-22 17:42 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_netaapl_01009.Wdf 2010-08-22 17:42 . 2010-08-22 17:42 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf 2010-08-17 13:17 . 2006-02-25 12:59 58880 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-16 00:44 . 2010-08-16 00:32 -------- d-----w- c:\programfiler\File List Creator 2010-08-16 00:32 . 2010-08-16 00:32 249856 ------w- c:\windows\Setup1.exe 2010-08-16 00:32 . 2010-08-16 00:32 73216 ----a-w- c:\windows\ST6UNST.EXE 2010-08-14 17:19 . 2010-04-29 09:09 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-08-12 02:20 . 2010-03-02 18:34 -------- d-----r- c:\programfiler\Skype 2010-08-12 01:06 . 2006-02-25 13:00 80036 ----a-w- c:\windows\system32\perfc014.dat 2010-08-12 01:06 . 2006-02-25 13:00 444582 ----a-w- c:\windows\system32\perfh014.dat 2010-08-08 17:04 . 2010-08-08 17:04 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-08-06 00:18 . 2010-08-06 00:17 -------- d-----w- c:\programfiler\GMATPrep 2010-08-06 00:17 . 2009-08-11 14:47 -------- d--h--w- c:\programfiler\InstallShield Installation Information 2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-07-22 15:46 . 2006-02-25 13:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll 2010-07-22 06:19 . 2008-05-05 05:25 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2010-07-19 20:40 . 2009-08-26 01:43 924921 ----a-w- c:\windows\system32\aeyfoc.drv . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "SpybotSD TeaTimer"="c:\programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "Steam"="c:\programfiler\Steam\Steam.exe" [2010-07-27 1238352] "WMPNSCFG"="c:\programfiler\Windows Media Player\WMPNSCFG.exe" [2006-11-15 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "picon"="c:\programfiler\Fellesfiler\Intel\Privacy Icon\PrivacyIconClient.exe" [2008-05-29 367128] "TPFNF7"="c:\programfiler\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192] "TrackPointSrv"="c:\programfiler\Lenovo\TrackPoint\tp4serv.exe" [2008-03-04 92960] "TpShocks"="TpShocks.exe" [2008-06-06 181536] "TPHOTKEY"="c:\programfiler\Lenovo\HOTKEY\TPOSDSVC.exe" [2008-03-24 68464] "EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2008-06-04 242976] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 141848] "TVT Scheduler Proxy"="c:\programfiler\Fellesfiler\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-14 487424] "LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2008-06-08 165208] "LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2008-06-08 124248] "AMSG"="c:\programfiler\ThinkVantage\AMSG\Amsg.exe" [2007-02-01 419376] "CameraApplicationLauncher"="c:\programfiler\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe" [2008-08-12 16384] "PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2008-07-28 331776] "BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2008-07-28 208896] "ACTray"="c:\programfiler\ThinkPad\ConnectUtilities\ACTray.exe" [2008-07-30 425984] "ACWLIcon"="c:\programfiler\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2008-07-30 143360] "cssauth"="c:\programfiler\Lenovo\Client Security Solution\cssauth.exe" [2008-06-13 3073336] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368] "Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "AppleSyncNotifier"="c:\programfiler\Fellesfiler\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-16 47392] "Malwarebytes' Anti-Malware"="c:\programfiler\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584] "SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2010-05-14 248552] "EvtMgr6"="c:\programfiler\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2010-09-08 421888] "iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2010-09-24 421160] "avgnt"="c:\programfiler\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\programfiler\Qualcomm\Eudora\EuShlExt.dll" [2006-08-17 86016] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-05-06 09:29 64592 ----a-w- c:\programfiler\Fellesfiler\LogiShrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2] 2006-09-06 07:37 34344 ----a-w- c:\programfiler\Lenovo\HOTKEY\notifyf2.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey] 2008-03-17 07:02 34080 ----a-w- c:\programfiler\Lenovo\HOTKEY\tphklock.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Programfiler\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\mIRC\\mirc.exe"= "c:\\Programfiler\\uTorrent\\uTorrent.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Opera\\opera.exe"= "c:\\Gamez\\Sports Interactive\\Football Manager 2010\\fm.exe"= "c:\\Programfiler\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Programfiler\\Java\\jre6\\bin\\java.exe"= "c:\\Programfiler\\Java\\jre6\\bin\\javaw.exe"= "c:\\Programfiler\\Steam\\Steam.exe"= "c:\\Programfiler\\Steam\\steamapps\\counter-strike\\hl.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= "c:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [14.05.2008 16:21 19496] R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [09.05.2008 05:50 46144] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programfiler\Avira\AntiVir Desktop\sched.exe [29.09.2010 02:20 135336] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\programfiler\LogMeIn Hamachi\hamachi-2.exe [29.10.2009 13:27 1074568] R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [29.08.2010 21:57 10448] R2 MBAMService;MBAMService;c:\programfiler\Malwarebytes' Anti-Malware\mbamservice.exe [26.08.2009 03:32 304464] R2 Power Manager DBC Service;Power Manager DBC Service;c:\programfiler\ThinkPad\Utilities\PWMDBSVC.exe [11.08.2009 17:04 94208] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programfiler\Lenovo\Rescue and Recovery\rrpservice.exe [14.05.2008 16:25 520192] R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\programfiler\Lenovo\Rescue and Recovery\UpdateMonitor.exe [09.05.2008 05:50 253952] R2 UNS;Intel® Active Management Technology User Notification Service;c:\programfiler\Fellesfiler\Intel\Privacy Icon\UNS\UNS.exe [11.08.2009 16:45 2058776] R3 5U875UVC;Integrated Camera;c:\windows\system32\drivers\5U875.sys [11.08.2009 16:47 72448] R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [12.08.2009 00:33 244368] R3 lnvobus;Ericsson F3507g Mobile Broadband Minicard Composite Device driver (WDM);c:\windows\system32\drivers\lnvobus.sys [11.08.2009 16:52 302464] R3 lnvocard;Ericsson F3507g Mobile Broadband Minicard Device Management;c:\windows\system32\drivers\lnvocard.sys [11.08.2009 16:53 378496] R3 lnvogps;Ericsson F3507g Mobile Broadband Minicard GPS Port;c:\windows\system32\drivers\lnvogps.sys [11.08.2009 16:53 72232] R3 lnvomdfl;Ericsson F3507g Mobile Broadband Minicard Modem Filter;c:\windows\system32\drivers\lnvomdfl.sys [11.08.2009 16:52 15104] R3 lnvomdfl2;Ericsson F3507g Mobile Broadband Minicard Data Modem Filter;c:\windows\system32\drivers\lnvomdfl2.sys [11.08.2009 16:52 15104] R3 lnvomdm;Ericsson F3507g Mobile Broadband Minicard Modem Driver;c:\windows\system32\drivers\lnvomdm.sys [11.08.2009 16:52 387072] R3 lnvomdm2;Ericsson F3507g Mobile Broadband Minicard Data Modem;c:\windows\system32\drivers\lnvomdm2.sys [11.08.2009 16:52 431488] R3 lnvond5;Ericsson F3507g Mobile Broadband Minicard Network Adapter (NDIS);c:\windows\system32\drivers\lnvond5.sys [11.08.2009 16:53 25984] R3 lnvounic;Ericsson F3507g Mobile Broadband Minicard Network Adapter (WDM);c:\windows\system32\drivers\lnvounic.sys [11.08.2009 16:53 402944] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [26.08.2009 03:32 20952] R3 Sony_EricssonWWSC;Ericsson F3507g Mobile Broadband Minicard PC SC Port;c:\windows\system32\drivers\lnvoscard.sys [11.08.2009 16:53 24232] R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [25.08.2008 10:02 22568] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.02.2008 15:54 37312] S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOKALE~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOKALE~1\Temp\DX9\SessionLauncher.exe [?] S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [10.07.2010 22:09 18432] S3 RoxMediaDB10;RoxMediaDB10;c:\programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [25.04.2008 08:15 1120752] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [12.01.2010 04:09 41984] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.08.2009 03:05 691696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] aeyfoc REG_MULTI_SZ aeyfoc . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-09-27 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-09-26 c:\windows\Tasks\mixpadShakeIcon.job - c:\programfiler\NCH Swift Sound\MixPad\mixpad.exe [2010-09-16 19:33] 2010-09-29 c:\windows\Tasks\PMTask.job - c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2009-08-11 16:43] 2010-09-26 c:\windows\Tasks\switchShakeIcon.job - c:\programfiler\NCH Swift Sound\Switch\switch.exe [2010-09-16 19:34] 2010-09-19 c:\windows\Tasks\tonegenShakeIcon.job - c:\programfiler\NCH Software\ToneGen\tonegen.exe [2010-09-16 21:23] 2010-09-20 c:\windows\Tasks\wavepadShakeIcon.job - c:\programfiler\NCH Swift Sound\WavePad\wavepad.exe [2010-09-16 19:33] . . ------- Tilleggsskanning ------- . uStart Page = about:blank uInternet Connection Wizard,ShellNext = hxxp://www.lenovo.com/alldaycomputing uInternet Settings,ProxyServer = proxy.tigerix.net:3128 uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send til &Bluetooth-enhet... - c:\programfiler\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm IE: Send til Bluetooth - c:\programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm TCP: {9D3E6359-4703-4578-831B-2364FFEFBB1D} = 217.13.4.24,217.13.7.140 . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-WinampAgent - c:\programfiler\Winamp\winampa.exe Notify-ACNotify - ACNotify.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-09-29 18:06 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(1252) c:\programfiler\ThinkPad\ConnectUtilities\ACNotify.dll c:\programfiler\ThinkPad\ConnectUtilities\AcSvcStub.dll c:\programfiler\ThinkPad\ConnectUtilities\AcLocSettings.dll c:\programfiler\ThinkPad\ConnectUtilities\ACHelper.dll c:\programfiler\fellesfiler\logishrd\bluetooth\LBTWlgn.dll c:\programfiler\Lenovo\HOTKEY\tphklock.dll c:\windows\system32\igfxdev.dll c:\programfiler\Lenovo\HOTKEY\notifyf2.dll - - - - - - - > 'explorer.exe'(6012) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\programfiler\Lenovo\Drag-to-Disc\Shellex.dll c:\windows\system32\DLAAPI_W.DLL c:\programfiler\Lenovo\Drag-to-Disc\ShellRes.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\ibmpmsvc.exe c:\programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe c:\programfiler\Intel\WiFi\bin\S24EvMon.exe c:\windows\System32\SCardSvr.exe c:\windows\system32\TpShocks.exe c:\programfiler\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe c:\programfiler\Avira\AntiVir Desktop\avguard.exe c:\programfiler\Fellesfiler\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\igfxsrvc.exe c:\programfiler\Bonjour\mDNSResponder.exe c:\programfiler\Intel\WiFi\bin\EvtEng.exe c:\windows\system32\rundll32.exe c:\programfiler\Avira\AntiVir Desktop\avshadow.exe c:\programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe c:\programfiler\Java\jre6\bin\jqs.exe c:\programfiler\Fellesfiler\LogiShrd\KHAL3\KHALMNPR.EXE c:\programfiler\Intel\AMT\LMS.exe c:\programfiler\Lenovo\HOTKEY\TPONSCR.exe c:\programfiler\Lenovo\Zoom\TpScrex.exe c:\programfiler\Lenovo\Camera Center\bin\LenovoCameraCenter.exe c:\programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\mdm.exe c:\programfiler\Fellesfiler\Intel\WirelessCommon\RegSrvc.exe c:\programfiler\Fellesfiler\Lenovo\tvt_reg_monitor_svc.exe c:\windows\System32\TPHDEXLG.exe c:\programfiler\Lenovo\Client Security Solution\tvttcsd.exe c:\programfiler\Lenovo\Rescue and Recovery\rrservice.exe c:\programfiler\Fellesfiler\Lenovo\Scheduler\tvtsched.exe c:\programfiler\Windows Media Player\WMPNetwk.exe c:\programfiler\ThinkPad\ConnectUtilities\AcSvc.exe c:\programfiler\iPod\bin\iPodService.exe c:\windows\system32\wbem\wmiapsrv.exe c:\programfiler\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe . ************************************************************************** . Tidspunkt ferdig: 2010-09-29 18:11:55 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2010-09-29 16:11 Pre-Run: 17 902 743 552 byte ledig Post-Run: 18 220 208 128 byte ledig - - End Of File - - 5757F578E28603F95DAA32C94254B3FF Endret 29. september 2010 av RogerR Lenke til kommentar
norbat Skrevet 29. september 2010 Del Skrevet 29. september 2010 Det er satt proxy på nettforbindelsen din. Er dette noe du selv har gjort? (proxy.tigerix.net:3128) Hvis ikke, kan du fjerne den ved å gå til kontrollpanel->alternativer for internett->tilkoblinger->LAN-innstillinger. Fjern alle avmerkingene. Lenke til kommentar
RogerR Skrevet 29. september 2010 Forfatter Del Skrevet 29. september 2010 Hei, Jepp, norbat, jeg vet. Men ser det ut som pcen er renska for virus/malware nå? Eller må jeg scanne enda mer? Lenke til kommentar
norbat Skrevet 29. september 2010 Del Skrevet 29. september 2010 Kan ikke se noe malware i loggen din. Du kunne ha prøvd en onlineskanner, f.eks. F-Secure Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå