Sjekking av DDS logg

[Dernel]

Har mistanker om no grums på PC-en min for tiden så om noen kunne tatt en titt på loggen min?

MBAM fant desverre ingenting.

 

 

DDS (Ver_10-12-05.01) - NTFS_AMD64

Run by Erlend at 14:28:25,21 on 09.12.2010

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.47.1044.18.4091.2861 [GMT 1:00]

 

SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

 

============== Running Processes ===============

 

C:\PROGRA~2\AVG\AVG10\avgchsva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\SysWOW64\PnkBstrB.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Razer\Lycosa\razerhid.exe

C:\Program Files (x86)\Voddler\service\VNetManager.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Logitech\G35\G35.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Windows\system32\conhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\PROGRA~2\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Program Files (x86)\Spotify\spotify.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\World of Warcraft\Launcher.exe

C:\World of Warcraft\Blizzard Downloader.exe

C:\Windows\system32\taskhost.exe

C:\Users\Erlend\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Påloggingshjelp for Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent

uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun

uRun: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [VoddlerNet Manager] C:\Program Files (x86)\Voddler\service\VNetManager.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

mRunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll"

mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

mRunOnce: [innoSetupRegFile.0000000001] "C:\Windows\is-MV2FI.exe" /REG

StartupFolder: C:\Users\Erlend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip

StartupFolder: C:\Users\Erlend\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LIMEWI~1.LNK - C:\Program Files (x86)\LimeWire\LimeWire.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&ksporter til Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - C:\Users\Erlend\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

 

================= FIREFOX ===================

 

FF - ProfilePath - C:\Users\Erlend\AppData\Roaming\Mozilla\Firefox\Profiles\bq34t46g.default\

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Voddler\plugin\npvoddler.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Extension: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - C:\Users\Erlend\AppData\Roaming\Mozilla\Firefox\Profiles\bq34t46g.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF - Extension: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox

 

============= SERVICES / DRIVERS ===============

 

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-9 382032]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-7 202752]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-4-7 6659072]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-4-7 195584]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]

R3 KoneFltr;ROCCAT Kone;C:\Windows\System32\drivers\Kone.sys [2008-12-11 15488]

R3 LADF_DHP2;G35 DHP2 Filter Driver;C:\Windows\System32\drivers\ladfDHP2amd64.sys [2009-5-28 61712]

R3 LADF_SBVM;G35 SBVM Filter Driver;C:\Windows\System32\drivers\ladfSBVMamd64.sys [2009-5-28 376848]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 VoddlerNet;VoddlerNet;C:\Program Files (x86)\Voddler\service\voddler.exe [2010-10-19 907984]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]

S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);C:\Windows\System32\drivers\s1018bus.sys [2010-7-17 113704]

S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;C:\Windows\System32\drivers\s1018mdfl.sys [2010-7-17 19496]

S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;C:\Windows\System32\drivers\s1018mdm.sys [2010-7-17 153128]

S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-2 1255736]

 

=============== Created Last 30 ================

 

2010-12-09 12:30:08 711168 ----a-w- C:\Windows\is-MV2FI.exe

2010-12-07 14:07:11 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{4EF68769-C0EC-49AC-BD38-1F828DB0970C}\mpengine.dll

2010-12-03 15:37:31 -------- d-----w- C:\Users\Erlend\AppData\Local\Microsoft Games

2010-11-28 10:13:03 -------- d-----w- C:\Users\Erlend\AppData\Roaming\AVG10

2010-11-28 10:10:58 -------- d--h--w- C:\PROGRA~3\Common Files

2010-11-28 10:09:22 -------- d-----w- C:\Windows\System32\drivers\AVG

2010-11-28 10:09:22 -------- d-----w- C:\PROGRA~3\AVG10

2010-11-26 09:47:19 -------- d-----w- C:\PROGRA~3\MFAData

2010-11-25 12:23:52 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2010-11-25 12:23:52 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2010-11-22 22:59:34 -------- d-----w- C:\Users\Erlend\AppData\Local\Microsoft Help

2010-11-20 16:11:00 -------- d-----w- C:\Users\Erlend\AppData\Roaming\SUPERAntiSpyware.com

2010-11-20 16:11:00 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com

2010-11-20 16:10:53 -------- d-----w- C:\PROGRA~3\!SASCORE

2010-11-20 16:10:51 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2010-11-09 21:20:56 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

 

==================== Find3M ====================

 

2010-12-04 23:16:25 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2010-12-04 23:16:25 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2010-10-25 22:06:27 738661 ----a-w- C:\Windows\SysWow64\VnetAuto.exe

2010-10-19 09:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe

2010-09-22 23:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2010-09-22 23:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-09-21 13:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL

2010-09-21 13:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL

2010-09-15 03:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2010-09-13 14:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys

 

============= FINISH: 14:28:54,00 ===============

Endret 9. desember 2010 av Dernel

[norbat]

Hvorfor mistenker du malware?

Kan ikke umiddelbart se noe malware-relatert i loggen din.