Gå til innhold
🎄🎅❄️God Jul og Godt Nyttår fra alle oss i Diskusjon.no ×

Anbefalte innlegg

mbam-log som skal vises her

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.18.09

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

repoman :: YOUR-590D57A1C5 [administrator]

18.04.2013 21:46:46

mbam-log-2013-04-18 (21-46-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 235406

Time elapsed: 12 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

 

Og Compofix

 

ComboFix 13-04-18.03 - repoman 18.04.2013 22:50:09.8.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.1015.167 [GMT 2:00]

Kjører fra: c:\documents and settings\repoman\Mine dokumenter\Downloads\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Programdata\TEMP

c:\windows\IsUn0407.exe

c:\windows\IsUn0416.exe

c:\windows\system32\SETAA3.tmp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2013-03-18 til 2013-04-18 )))))))))))))))))))))))))))))))))

.

.

2013-04-18 19:43 . 2013-04-18 19:43 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware

2013-04-18 19:43 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-18 19:21 . 2013-04-18 20:49 -------- d--h--r- c:\documents and settings\repoman\Siste

2013-04-05 19:54 . 2013-04-05 19:54 95616 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys

2013-04-05 19:54 . 2013-04-05 19:54 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys

2013-04-05 19:54 . 2013-04-05 19:54 76544 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys

2013-04-05 19:54 . 2013-04-05 19:54 70016 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys

2013-03-28 17:52 . 2013-03-28 17:52 -------- d-----w- c:\documents and settings\repoman\Programdata\Avira

2013-03-28 17:46 . 2013-03-28 17:44 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2013-03-28 17:46 . 2013-03-28 17:44 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2013-03-28 17:46 . 2013-03-28 17:44 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys

2013-03-28 17:46 . 2013-03-28 17:46 -------- d-----w- c:\programfiler\Avira

2013-03-28 17:46 . 2013-03-28 17:46 -------- d-----w- c:\documents and settings\All Users\Programdata\Avira

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-12 13:25 . 2013-03-12 13:26 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-12 13:25 . 2013-03-12 13:26 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-03-12 13:25 . 2012-04-22 16:12 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-12 13:25 . 2010-06-01 08:33 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-08 08:36 . 2004-08-04 08:00 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 15:56 . 2008-05-07 10:33 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 15:56 . 2008-05-07 10:33 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:08 . 2004-08-04 08:00 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:08 . 2004-08-04 08:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-02 02:08 . 2004-08-04 08:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:58 . 2008-05-07 10:34 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec

2013-02-27 07:58 . 2004-08-04 08:00 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-12 00:32 . 2008-05-07 10:33 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-12 00:32 . 2008-04-13 18:56 12928 ----a-w- c:\windows\system32\drivers\usb8023x.sys

2013-01-26 03:55 . 2008-05-07 10:34 552448 ----a-w- c:\windows\system32\oleaut32.dll

2013-04-12 05:30 . 2013-04-12 05:30 263064 ----a-w- c:\programfiler\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-05 4763008]

"Spotify Web Helper"="c:\programfiler\Spotify\Data\SpotifyWebHelper.exe" [2013-04-04 1104280]

"NokiaSuite.exe"="c:\programfiler\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424]

"WMPNSCFG"="c:\programfiler\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="mqrt.dll" [2008-04-14 177152]

"PTHOSTTR"="c:\programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2006-02-14 122880]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-08-31 122940]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1015808]

"CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920]

"QlbCtrl"="c:\programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 131072]

"Cpqset"="c:\programfiler\HPQ\Default Settings\cpqset.exe" [2006-02-22 40960]

"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]

"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-01-23 802816]

"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-02-15 892928]

"WatchDog"="c:\programfiler\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 184320]

"SynTPStart"="c:\programfiler\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]

"Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"LogitechQuickCamRibbon"="c:\programfiler\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]

"APSDaemon"="c:\programfiler\Fellesfiler\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]

"QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2012-10-25 421888]

"SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2012-07-03 252848]

"avgnt"="c:\programfiler\Avira\AntiVir Desktop\avgnt.exe" [2013-03-28 345312]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - c:\programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2006-2-15 581693]

Windows Search.lnk - c:\programfiler\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programfiler\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

2005-07-25 18:41 40960 ------w- c:\programfiler\HPQ\IAM\Bin\AsWlnPkg.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^DVD Check.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\DVD Check.lnk

backup=c:\windows\pss\DVD Check.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^EagleEyeOS Update Manager.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\EagleEyeOS Update Manager.lnk

backup=c:\windows\pss\EagleEyeOS Update Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^SqueezeCenter Tray Tool.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\SqueezeCenter Tray Tool.lnk

backup=c:\windows\pss\SqueezeCenter Tray Tool.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^repoman^Start-meny^Programmer^Oppstart^Logitech . Produktregistrering.lnk]

path=c:\documents and settings\repoman\Start-meny\Programmer\Oppstart\Logitech . Produktregistrering.lnk

backup=c:\windows\pss\Logitech . Produktregistrering.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

2006-02-14 08:49 454656 ------w- c:\programfiler\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]

2011-06-02 00:15 6123032 ----a-w- c:\programfiler\Logitech\Vid HD\Vid.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

2009-10-14 12:36 2793304 ----a-w- c:\programfiler\Logitech\Logitech WebCam Software\LWS.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2007-01-05 20:36 872448 -c----w- c:\programfiler\Analog Devices\Core\smax4pnp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\mqsvc.exe"=

"c:\\WINDOWS\\SMINST\\Scheduler.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\DNA\\btdna.exe"=

"c:\\Programfiler\\Spotify\\spotify.exe"=

"c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Programfiler\\Messenger\\msmsgs.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Programfiler\\Fellesfiler\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Programfiler\\Logitech\\Vid HD\\Vid.exe"=

"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"67:UDP"= 67:UDP:DHCP Discovery Service

"9000:TCP"= 9000:TCP:SqueezeCenter 9000 tcp

"3483:UDP"= 3483:UDP:SqueezeCenter 3483 udp

"3483:TCP"= 3483:TCP:SqueezeCenter 3483 tcp

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [28.03.2013 19:46 37352]

R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [22.07.2011 18:27 12880]

R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [12.07.2011 23:55 67664]

R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [14.04.2012 20:49 332248]

R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [14.04.2012 20:50 212568]

R2 !SASCORE;SAS Core Service;c:\programfiler\SUPERAntiSpyware\SASCORE.EXE [12.08.2011 01:38 116608]

R2 AntiVirSchedulerService;Avira Scheduler;c:\programfiler\Avira\AntiVir Desktop\sched.exe [28.03.2013 19:46 86752]

R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 10:00 14336]

R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\All Users\Programdata\DataCardService\HWDeviceService.exe [14.03.2011 17:27 271712]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [17.04.2007 21:09 13880]

R2 SqueezeMySQL;SqueezeMySQL;c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\PROGRA~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL --> c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\PROGRA~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL [?]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [05.04.2013 21:54 76544]

R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\programfiler\Microsoft Fix it Center\Matsvc.exe [13.06.2011 22:09 267568]

R3 NETwLx32; Intel® Wireless WiFi Link 5000-serien kortdriver for Windows XP 32-bit;c:\windows\system32\drivers\NETwLx32.sys [23.04.2012 02:04 6609920]

R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [14.04.2012 20:49 69208]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

S2 Mobile Broadband. RunOuc;Mobile Broadband. OUC;c:\programfiler\Mobile Broadband\UpdateDog\ouc.exe [05.04.2013 21:54 655712]

S2 SkypeUpdate;Skype Updater;c:\programfiler\Skype\Updater\Updater.exe [08.01.2013 13:55 161536]

S3 cpudrv;cpudrv;c:\programfiler\SystemRequirementsLab\cpudrv.sys [02.06.2011 11:08 11336]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [05.04.2013 21:54 102784]

S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [05.04.2013 21:54 11136]

S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [05.04.2013 21:54 95616]

S3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\drivers\ew_jucdcecm.sys [05.04.2013 21:54 70016]

S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [05.04.2013 21:54 27520]

S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [14.04.2012 20:49 69208]

S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [14.04.2012 20:50 94040]

.

--- Andre tjenester/drivere lastet i minnet ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASChannel

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-10 05:29 1642448 ----a-w- c:\programfiler\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 23:10]

.

2013-04-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2013-04-18 c:\windows\Tasks\ConfigExec.job

- c:\programfiler\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]

.

2013-04-18 c:\windows\Tasks\DataUpload.job

- c:\programfiler\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]

.

2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\programfiler\Google\Update\GoogleUpdate.exe [2013-01-23 18:17]

.

2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\programfiler\Google\Update\GoogleUpdate.exe [2013-01-23 18:17]

.

2013-04-17 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

.

2013-04-18 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

.

2013-04-18 c:\windows\Tasks\User_Feed_Synchronization-{5C16B363-89BD-445E-B506-64DCA3E6085F}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_0&u=B3AB5193DFD2BA25928CB04F89C626F7

TCP: DhcpNameServer = 84.208.20.110 84.208.20.111

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://webgames.d.tmsrv.com/c=557f379657f3c0acfa7f7d670ff02e53/aff=lws_t_02re_02_wg/p/release/gamehouse/wg_babel/babel/zylomplayer.cab

FF - ProfilePath - c:\documents and settings\repoman\Programdata\Mozilla\Firefox\Profiles\eaqgrlo1.default-1358964537046\

FF - prefs.js: browser.startup.homepage - areena.yle.fi/radio

.

- - - - TOMME PEKERE FJERNET - - - -

.

SafeBoot-WudfPf

SafeBoot-WudfRd

AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-04-18 23:08

Windows 5.1.2600 Service Pack 3 NTFS

.

skanner skjulte prosesser ...

.

skanner skjulte autostart-oppføringer ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\programfiler\HPQ\Default Settings\cpqset.exe??????? ???@???????????????@??????e??????(?@???????@

.

skanner skjulte filer ...

.

skanning vellykket

skjulte filer: 0

.

**************************************************************************

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{114b2417-ea78-40ad-8808-32bff2230396}]

@Denied: (Full) (Everyone)

"Model"=dword:0000009c

"Therad"=dword:0000001b

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):8a,4d,f7,5c,23,7d,d9,51,ed,07,4d,97,d7,01,16,7a,b8,27,41,ca,b2,

af,88,98,d1,21,31,de,97,cf,d2,f3,42,0d,a5,52,07,02,76,ec,00,00,00,00,00,00,\

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

.

- - - - - - - > 'winlogon.exe'(1372)

c:\programfiler\HPQ\IAM\Bin\AsWlnPkg.dll

.

- - - - - - - > 'explorer.exe'(5872)

c:\programfiler\HPQ\IAM\Bin\SFSShell.dll

c:\programfiler\HPQ\IAM\bin\ItMsg.dll

c:\programfiler\Windows Desktop Search\deskbar.dll

c:\programfiler\Windows Desktop Search\nb-no\dbres.dll.mui

c:\programfiler\Windows Desktop Search\dbres.dll

c:\programfiler\Windows Desktop Search\wordwheel.dll

c:\programfiler\Windows Desktop Search\nb-no\msnlExtRes.dll.mui

c:\programfiler\Windows Desktop Search\msnlExtRes.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andre Kjørende Prosesser ------------------------

.

c:\windows\system32\brss01a.exe

c:\windows\system32\DllHost.exe

c:\programfiler\HPQ\IAM\bin\asghost.exe

c:\windows\system32\msdtc.exe

c:\windows\system32\agrsmsvc.exe

c:\programfiler\Avira\AntiVir Desktop\avguard.exe

c:\programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe

c:\programfiler\Java\jre7\bin\jqs.exe

c:\programfiler\Fellesfiler\LightScribe\LSSrvc.exe

c:\programfiler\Fellesfiler\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\windows\system32\igfxsrvc.exe

c:\documents and settings\All Users\Programdata\Mobile Broadband\OnlineUpdate\ouc.exe

c:\programfiler\Fellesfiler\Protexis\License Service\PsiService_2.exe

c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe

c:\windows\system32\mqsvc.exe

c:\windows\system32\SearchIndexer.exe

c:\programfiler\Hewlett-Packard\Shared\hpqwmiex.exe

c:\windows\system32\mqtgsvc.exe

c:\programfiler\Fellesfiler\Logishrd\LQCVFX\COCIManager.exe

c:\programfiler\Avira\AntiVir Desktop\avshadow.exe

c:\programfiler\Windows Media Player\WMPNetwk.exe

c:\programfiler\PC Connectivity Solution\ServiceLayer.exe

c:\programfiler\PC Connectivity Solution\Transports\NclUSBSrv.exe

c:\programfiler\avira\antivir desktop\avscan.exe

c:\windows\system32\wbem\wmiapsrv.exe

.

**************************************************************************

.

Tidspunkt ferdig: 2013-04-18 23:20:13 - maskinen ble startet på nytt

ComboFix-quarantined-files.txt 2013-04-18 21:20

ComboFix2.txt 2008-11-16 05:05

ComboFix3.txt 2008-07-23 09:15

.

Pre-Run: 27 012 780 032 byte ledig

Post-Run: 27 290 112 000 byte ledig

.

WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 036924D327DB1AF0DE028AEBB73EE5A8

 

Takker i forvei:)

Lenke til kommentar
Videoannonse
Annonse

Hai, :)

 

Kan du beskrive litt mer utfyllende hva som er problemet med PCen din? I combofix loggen er det ikke noe mistenksomt. Kjør også en Fullstendig søk med Malwarebytes Anti Malware, ikke Quickscan.

Endret av Dr.Geek
Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
×
×
  • Opprett ny...