rstrr Skrevet 18. april 2013 Del Skrevet 18. april 2013 mbam-log som skal vises her Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.04.18.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 repoman :: YOUR-590D57A1C5 [administrator] 18.04.2013 21:46:46 mbam-log-2013-04-18 (21-46-46).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 235406 Time elapsed: 12 minute(s), 26 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Og Compofix ComboFix 13-04-18.03 - repoman 18.04.2013 22:50:09.8.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.1015.167 [GMT 2:00] Kjører fra: c:\documents and settings\repoman\Mine dokumenter\Downloads\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Programdata\TEMP c:\windows\IsUn0407.exe c:\windows\IsUn0416.exe c:\windows\system32\SETAA3.tmp c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe c:\windows\TEMP\logishrd\LVPrcInj01.dll . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2013-03-18 til 2013-04-18 ))))))))))))))))))))))))))))))))) . . 2013-04-18 19:43 . 2013-04-18 19:43 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2013-04-18 19:43 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-04-18 19:21 . 2013-04-18 20:49 -------- d--h--r- c:\documents and settings\repoman\Siste 2013-04-05 19:54 . 2013-04-05 19:54 95616 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys 2013-04-05 19:54 . 2013-04-05 19:54 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys 2013-04-05 19:54 . 2013-04-05 19:54 76544 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys 2013-04-05 19:54 . 2013-04-05 19:54 70016 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys 2013-03-28 17:52 . 2013-03-28 17:52 -------- d-----w- c:\documents and settings\repoman\Programdata\Avira 2013-03-28 17:46 . 2013-03-28 17:44 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-03-28 17:46 . 2013-03-28 17:44 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2013-03-28 17:46 . 2013-03-28 17:44 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-03-28 17:46 . 2013-03-28 17:46 -------- d-----w- c:\programfiler\Avira 2013-03-28 17:46 . 2013-03-28 17:46 -------- d-----w- c:\documents and settings\All Users\Programdata\Avira . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-12 13:25 . 2013-03-12 13:26 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-03-12 13:25 . 2013-03-12 13:26 143872 ----a-w- c:\windows\system32\javacpl.cpl 2013-03-12 13:25 . 2012-04-22 16:12 861088 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-03-12 13:25 . 2010-06-01 08:33 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-08 08:36 . 2004-08-04 08:00 293376 ----a-w- c:\windows\system32\winsrv.dll 2013-03-07 15:56 . 2008-05-07 10:33 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-07 15:56 . 2008-05-07 10:33 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-02 02:08 . 2004-08-04 08:00 916480 ----a-w- c:\windows\system32\wininet.dll 2013-03-02 02:08 . 2004-08-04 08:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-02 02:08 . 2004-08-04 08:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-03-02 01:58 . 2008-05-07 10:34 1867264 ----a-w- c:\windows\system32\win32k.sys 2013-03-02 01:08 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec 2013-02-27 07:58 . 2004-08-04 08:00 2067456 ----a-w- c:\windows\system32\mstscax.dll 2013-02-12 00:32 . 2008-05-07 10:33 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-02-12 00:32 . 2008-04-13 18:56 12928 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2013-01-26 03:55 . 2008-05-07 10:34 552448 ----a-w- c:\windows\system32\oleaut32.dll 2013-04-12 05:30 . 2013-04-12 05:30 263064 ----a-w- c:\programfiler\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-05 4763008] "Spotify Web Helper"="c:\programfiler\Spotify\Data\SpotifyWebHelper.exe" [2013-04-04 1104280] "NokiaSuite.exe"="c:\programfiler\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424] "WMPNSCFG"="c:\programfiler\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="mqrt.dll" [2008-04-14 177152] "PTHOSTTR"="c:\programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2006-02-14 122880] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-08-31 122940] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1015808] "CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920] "QlbCtrl"="c:\programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 131072] "Cpqset"="c:\programfiler\HPQ\Default Settings\cpqset.exe" [2006-02-22 40960] "Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-01-23 802816] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-02-15 892928] "WatchDog"="c:\programfiler\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 184320] "SynTPStart"="c:\programfiler\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072] "Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "LogitechQuickCamRibbon"="c:\programfiler\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "APSDaemon"="c:\programfiler\Fellesfiler\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280] "QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2012-10-25 421888] "SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2012-07-03 252848] "avgnt"="c:\programfiler\Avira\AntiVir Desktop\avgnt.exe" [2013-03-28 345312] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ BTTray.lnk - c:\programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2006-2-15 581693] Windows Search.lnk - c:\programfiler\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programfiler\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2005-07-25 18:41 40960 ------w- c:\programfiler\HPQ\IAM\Bin\AsWlnPkg.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^DVD Check.lnk] path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\DVD Check.lnk backup=c:\windows\pss\DVD Check.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^EagleEyeOS Update Manager.lnk] path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\EagleEyeOS Update Manager.lnk backup=c:\windows\pss\EagleEyeOS Update Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^SqueezeCenter Tray Tool.lnk] path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\SqueezeCenter Tray Tool.lnk backup=c:\windows\pss\SqueezeCenter Tray Tool.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^repoman^Start-meny^Programmer^Oppstart^Logitech . Produktregistrering.lnk] path=c:\documents and settings\repoman\Start-meny\Programmer\Oppstart\Logitech . Produktregistrering.lnk backup=c:\windows\pss\Logitech . Produktregistrering.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] 2006-02-14 08:49 454656 ------w- c:\programfiler\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid] 2011-06-02 00:15 6123032 ----a-w- c:\programfiler\Logitech\Vid HD\Vid.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2009-10-14 12:36 2793304 ----a-w- c:\programfiler\Logitech\Logitech WebCam Software\LWS.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2007-01-05 20:36 872448 -c----w- c:\programfiler\Analog Devices\Core\smax4pnp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\DNA\\btdna.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programfiler\\Messenger\\msmsgs.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Programfiler\\Fellesfiler\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Programfiler\\Logitech\\Vid HD\\Vid.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "67:UDP"= 67:UDP:DHCP Discovery Service "9000:TCP"= 9000:TCP:SqueezeCenter 9000 tcp "3483:UDP"= 3483:UDP:SqueezeCenter 3483 udp "3483:TCP"= 3483:TCP:SqueezeCenter 3483 tcp "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [28.03.2013 19:46 37352] R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [22.07.2011 18:27 12880] R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [12.07.2011 23:55 67664] R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [14.04.2012 20:49 332248] R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [14.04.2012 20:50 212568] R2 !SASCORE;SAS Core Service;c:\programfiler\SUPERAntiSpyware\SASCORE.EXE [12.08.2011 01:38 116608] R2 AntiVirSchedulerService;Avira Scheduler;c:\programfiler\Avira\AntiVir Desktop\sched.exe [28.03.2013 19:46 86752] R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 10:00 14336] R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\All Users\Programdata\DataCardService\HWDeviceService.exe [14.03.2011 17:27 271712] R2 regi;regi;c:\windows\system32\drivers\regi.sys [17.04.2007 21:09 13880] R2 SqueezeMySQL;SqueezeMySQL;c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\PROGRA~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL --> c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\PROGRA~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL [?] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [05.04.2013 21:54 76544] R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\programfiler\Microsoft Fix it Center\Matsvc.exe [13.06.2011 22:09 267568] R3 NETwLx32; Intel® Wireless WiFi Link 5000-serien kortdriver for Windows XP 32-bit;c:\windows\system32\drivers\NETwLx32.sys [23.04.2012 02:04 6609920] R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [14.04.2012 20:49 69208] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?] S2 Mobile Broadband. RunOuc;Mobile Broadband. OUC;c:\programfiler\Mobile Broadband\UpdateDog\ouc.exe [05.04.2013 21:54 655712] S2 SkypeUpdate;Skype Updater;c:\programfiler\Skype\Updater\Updater.exe [08.01.2013 13:55 161536] S3 cpudrv;cpudrv;c:\programfiler\SystemRequirementsLab\cpudrv.sys [02.06.2011 11:08 11336] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [05.04.2013 21:54 102784] S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [05.04.2013 21:54 11136] S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [05.04.2013 21:54 95616] S3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\drivers\ew_jucdcecm.sys [05.04.2013 21:54 70016] S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [05.04.2013 21:54 27520] S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [14.04.2012 20:49 69208] S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [14.04.2012 20:50 94040] . --- Andre tjenester/drivere lastet i minnet --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASChannel . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-04-10 05:29 1642448 ----a-w- c:\programfiler\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 23:10] . 2013-04-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2013-04-18 c:\windows\Tasks\ConfigExec.job - c:\programfiler\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09] . 2013-04-18 c:\windows\Tasks\DataUpload.job - c:\programfiler\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09] . 2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2013-01-23 18:17] . 2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2013-01-23 18:17] . 2013-04-17 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2013-04-18 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . 2013-04-18 c:\windows\Tasks\User_Feed_Synchronization-{5C16B363-89BD-445E-B506-64DCA3E6085F}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_0&u=B3AB5193DFD2BA25928CB04F89C626F7 TCP: DhcpNameServer = 84.208.20.110 84.208.20.111 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://webgames.d.tmsrv.com/c=557f379657f3c0acfa7f7d670ff02e53/aff=lws_t_02re_02_wg/p/release/gamehouse/wg_babel/babel/zylomplayer.cab FF - ProfilePath - c:\documents and settings\repoman\Programdata\Mozilla\Firefox\Profiles\eaqgrlo1.default-1358964537046\ FF - prefs.js: browser.startup.homepage - areena.yle.fi/radio . - - - - TOMME PEKERE FJERNET - - - - . SafeBoot-WudfPf SafeBoot-WudfRd AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-04-18 23:08 Windows 5.1.2600 Service Pack 3 NTFS . skanner skjulte prosesser ... . skanner skjulte autostart-oppføringer ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\programfiler\HPQ\Default Settings\cpqset.exe??????? ???@???????????????@??????e??????(?@???????@ . skanner skjulte filer ... . skanning vellykket skjulte filer: 0 . ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{114b2417-ea78-40ad-8808-32bff2230396}] @Denied: (Full) (Everyone) "Model"=dword:0000009c "Therad"=dword:0000001b . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):8a,4d,f7,5c,23,7d,d9,51,ed,07,4d,97,d7,01,16,7a,b8,27,41,ca,b2, af,88,98,d1,21,31,de,97,cf,d2,f3,42,0d,a5,52,07,02,76,ec,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- . - - - - - - - > 'winlogon.exe'(1372) c:\programfiler\HPQ\IAM\Bin\AsWlnPkg.dll . - - - - - - - > 'explorer.exe'(5872) c:\programfiler\HPQ\IAM\Bin\SFSShell.dll c:\programfiler\HPQ\IAM\bin\ItMsg.dll c:\programfiler\Windows Desktop Search\deskbar.dll c:\programfiler\Windows Desktop Search\nb-no\dbres.dll.mui c:\programfiler\Windows Desktop Search\dbres.dll c:\programfiler\Windows Desktop Search\wordwheel.dll c:\programfiler\Windows Desktop Search\nb-no\msnlExtRes.dll.mui c:\programfiler\Windows Desktop Search\msnlExtRes.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\brss01a.exe c:\windows\system32\DllHost.exe c:\programfiler\HPQ\IAM\bin\asghost.exe c:\windows\system32\msdtc.exe c:\windows\system32\agrsmsvc.exe c:\programfiler\Avira\AntiVir Desktop\avguard.exe c:\programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe c:\programfiler\Java\jre7\bin\jqs.exe c:\programfiler\Fellesfiler\LightScribe\LSSrvc.exe c:\programfiler\Fellesfiler\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\igfxsrvc.exe c:\documents and settings\All Users\Programdata\Mobile Broadband\OnlineUpdate\ouc.exe c:\programfiler\Fellesfiler\Protexis\License Service\PsiService_2.exe c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe c:\windows\system32\mqsvc.exe c:\windows\system32\SearchIndexer.exe c:\programfiler\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqtgsvc.exe c:\programfiler\Fellesfiler\Logishrd\LQCVFX\COCIManager.exe c:\programfiler\Avira\AntiVir Desktop\avshadow.exe c:\programfiler\Windows Media Player\WMPNetwk.exe c:\programfiler\PC Connectivity Solution\ServiceLayer.exe c:\programfiler\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\programfiler\avira\antivir desktop\avscan.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Tidspunkt ferdig: 2013-04-18 23:20:13 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2013-04-18 21:20 ComboFix2.txt 2008-11-16 05:05 ComboFix3.txt 2008-07-23 09:15 . Pre-Run: 27 012 780 032 byte ledig Post-Run: 27 290 112 000 byte ledig . WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 036924D327DB1AF0DE028AEBB73EE5A8 Takker i forvei:) Lenke til kommentar
Dr.Geek Skrevet 19. april 2013 Del Skrevet 19. april 2013 (endret) Hai, Kan du beskrive litt mer utfyllende hva som er problemet med PCen din? I combofix loggen er det ikke noe mistenksomt. Kjør også en Fullstendig søk med Malwarebytes Anti Malware, ikke Quickscan. Endret 19. april 2013 av Dr.Geek Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå