Søppel her. Kan noen hjelpe?

[rstrr]

mbam-log som skal vises her

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.18.09

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

repoman :: YOUR-590D57A1C5 [administrator]

18.04.2013 21:46:46

mbam-log-2013-04-18 (21-46-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 235406

Time elapsed: 12 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

 

Og Compofix

 

ComboFix 13-04-18.03 - repoman 18.04.2013 22:50:09.8.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.1015.167 [GMT 2:00]

Kjører fra: c:\documents and settings\repoman\Mine dokumenter\Downloads\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Programdata\TEMP

c:\windows\IsUn0407.exe

c:\windows\IsUn0416.exe

c:\windows\system32\SETAA3.tmp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2013-03-18 til 2013-04-18 )))))))))))))))))))))))))))))))))

.

.

2013-04-18 19:43 . 2013-04-18 19:43 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware

2013-04-18 19:43 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-18 19:21 . 2013-04-18 20:49 -------- d--h--r- c:\documents and settings\repoman\Siste

2013-04-05 19:54 . 2013-04-05 19:54 95616 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys

2013-04-05 19:54 . 2013-04-05 19:54 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys

2013-04-05 19:54 . 2013-04-05 19:54 76544 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys

2013-04-05 19:54 . 2013-04-05 19:54 70016 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys

2013-03-28 17:52 . 2013-03-28 17:52 -------- d-----w- c:\documents and settings\repoman\Programdata\Avira

2013-03-28 17:46 . 2013-03-28 17:44 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2013-03-28 17:46 . 2013-03-28 17:44 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2013-03-28 17:46 . 2013-03-28 17:44 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys

2013-03-28 17:46 . 2013-03-28 17:46 -------- d-----w- c:\programfiler\Avira

2013-03-28 17:46 . 2013-03-28 17:46 -------- d-----w- c:\documents and settings\All Users\Programdata\Avira

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-12 13:25 . 2013-03-12 13:26 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-12 13:25 . 2013-03-12 13:26 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-03-12 13:25 . 2012-04-22 16:12 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-12 13:25 . 2010-06-01 08:33 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-08 08:36 . 2004-08-04 08:00 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 15:56 . 2008-05-07 10:33 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 15:56 . 2008-05-07 10:33 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:08 . 2004-08-04 08:00 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:08 . 2004-08-04 08:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-02 02:08 . 2004-08-04 08:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:58 . 2008-05-07 10:34 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec

2013-02-27 07:58 . 2004-08-04 08:00 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-12 00:32 . 2008-05-07 10:33 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-12 00:32 . 2008-04-13 18:56 12928 ----a-w- c:\windows\system32\drivers\usb8023x.sys

2013-01-26 03:55 . 2008-05-07 10:34 552448 ----a-w- c:\windows\system32\oleaut32.dll

2013-04-12 05:30 . 2013-04-12 05:30 263064 ----a-w- c:\programfiler\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-05 4763008]

"Spotify Web Helper"="c:\programfiler\Spotify\Data\SpotifyWebHelper.exe" [2013-04-04 1104280]

"NokiaSuite.exe"="c:\programfiler\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424]

"WMPNSCFG"="c:\programfiler\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="mqrt.dll" [2008-04-14 177152]

"PTHOSTTR"="c:\programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2006-02-14 122880]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-08-31 122940]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1015808]

"CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920]

"QlbCtrl"="c:\programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 131072]

"Cpqset"="c:\programfiler\HPQ\Default Settings\cpqset.exe" [2006-02-22 40960]

"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]

"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-01-23 802816]

"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-02-15 892928]

"WatchDog"="c:\programfiler\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 184320]

"SynTPStart"="c:\programfiler\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]

"Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"LogitechQuickCamRibbon"="c:\programfiler\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]

"APSDaemon"="c:\programfiler\Fellesfiler\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]

"QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2012-10-25 421888]

"SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2012-07-03 252848]

"avgnt"="c:\programfiler\Avira\AntiVir Desktop\avgnt.exe" [2013-03-28 345312]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - c:\programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2006-2-15 581693]

Windows Search.lnk - c:\programfiler\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programfiler\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

2005-07-25 18:41 40960 ------w- c:\programfiler\HPQ\IAM\Bin\AsWlnPkg.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^DVD Check.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\DVD Check.lnk

backup=c:\windows\pss\DVD Check.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^EagleEyeOS Update Manager.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\EagleEyeOS Update Manager.lnk

backup=c:\windows\pss\EagleEyeOS Update Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^SqueezeCenter Tray Tool.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\SqueezeCenter Tray Tool.lnk

backup=c:\windows\pss\SqueezeCenter Tray Tool.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^repoman^Start-meny^Programmer^Oppstart^Logitech . Produktregistrering.lnk]

path=c:\documents and settings\repoman\Start-meny\Programmer\Oppstart\Logitech . Produktregistrering.lnk

backup=c:\windows\pss\Logitech . Produktregistrering.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

2006-02-14 08:49 454656 ------w- c:\programfiler\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]

2011-06-02 00:15 6123032 ----a-w- c:\programfiler\Logitech\Vid HD\Vid.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

2009-10-14 12:36 2793304 ----a-w- c:\programfiler\Logitech\Logitech WebCam Software\LWS.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2007-01-05 20:36 872448 -c----w- c:\programfiler\Analog Devices\Core\smax4pnp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\mqsvc.exe"=

"c:\\WINDOWS\\SMINST\\Scheduler.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\DNA\\btdna.exe"=

"c:\\Programfiler\\Spotify\\spotify.exe"=

"c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Programfiler\\Messenger\\msmsgs.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Programfiler\\Fellesfiler\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Programfiler\\Logitech\\Vid HD\\Vid.exe"=

"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"67:UDP"= 67:UDP:DHCP Discovery Service

"9000:TCP"= 9000:TCP:SqueezeCenter 9000 tcp

"3483:UDP"= 3483:UDP:SqueezeCenter 3483 udp

"3483:TCP"= 3483:TCP:SqueezeCenter 3483 tcp

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [28.03.2013 19:46 37352]

R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [22.07.2011 18:27 12880]

R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [12.07.2011 23:55 67664]

R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [14.04.2012 20:49 332248]

R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [14.04.2012 20:50 212568]

R2 !SASCORE;SAS Core Service;c:\programfiler\SUPERAntiSpyware\SASCORE.EXE [12.08.2011 01:38 116608]

R2 AntiVirSchedulerService;Avira Scheduler;c:\programfiler\Avira\AntiVir Desktop\sched.exe [28.03.2013 19:46 86752]

R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 10:00 14336]

R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\All Users\Programdata\DataCardService\HWDeviceService.exe [14.03.2011 17:27 271712]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [17.04.2007 21:09 13880]

R2 SqueezeMySQL;SqueezeMySQL;c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\PROGRA~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL --> c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\PROGRA~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL [?]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [05.04.2013 21:54 76544]

R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\programfiler\Microsoft Fix it Center\Matsvc.exe [13.06.2011 22:09 267568]

R3 NETwLx32; Intel® Wireless WiFi Link 5000-serien kortdriver for Windows XP 32-bit;c:\windows\system32\drivers\NETwLx32.sys [23.04.2012 02:04 6609920]

R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [14.04.2012 20:49 69208]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

S2 Mobile Broadband. RunOuc;Mobile Broadband. OUC;c:\programfiler\Mobile Broadband\UpdateDog\ouc.exe [05.04.2013 21:54 655712]

S2 SkypeUpdate;Skype Updater;c:\programfiler\Skype\Updater\Updater.exe [08.01.2013 13:55 161536]

S3 cpudrv;cpudrv;c:\programfiler\SystemRequirementsLab\cpudrv.sys [02.06.2011 11:08 11336]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [05.04.2013 21:54 102784]

S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [05.04.2013 21:54 11136]

S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [05.04.2013 21:54 95616]

S3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\drivers\ew_jucdcecm.sys [05.04.2013 21:54 70016]

S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [05.04.2013 21:54 27520]

S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [14.04.2012 20:49 69208]

S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [14.04.2012 20:50 94040]

.

--- Andre tjenester/drivere lastet i minnet ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASChannel

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-10 05:29 1642448 ----a-w- c:\programfiler\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 23:10]

.

2013-04-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2013-04-18 c:\windows\Tasks\ConfigExec.job

- c:\programfiler\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]

.

2013-04-18 c:\windows\Tasks\DataUpload.job

- c:\programfiler\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]

.

2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\programfiler\Google\Update\GoogleUpdate.exe [2013-01-23 18:17]

.

2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\programfiler\Google\Update\GoogleUpdate.exe [2013-01-23 18:17]

.

2013-04-17 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

.

2013-04-18 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

.

2013-04-18 c:\windows\Tasks\User_Feed_Synchronization-{5C16B363-89BD-445E-B506-64DCA3E6085F}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_0&u=B3AB5193DFD2BA25928CB04F89C626F7

TCP: DhcpNameServer = 84.208.20.110 84.208.20.111

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://webgames.d.tmsrv.com/c=557f379657f3c0acfa7f7d670ff02e53/aff=lws_t_02re_02_wg/p/release/gamehouse/wg_babel/babel/zylomplayer.cab

FF - ProfilePath - c:\documents and settings\repoman\Programdata\Mozilla\Firefox\Profiles\eaqgrlo1.default-1358964537046\

FF - prefs.js: browser.startup.homepage - areena.yle.fi/radio

.

- - - - TOMME PEKERE FJERNET - - - -

.

SafeBoot-WudfPf

SafeBoot-WudfRd

AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-04-18 23:08

Windows 5.1.2600 Service Pack 3 NTFS

.

skanner skjulte prosesser ...

.

skanner skjulte autostart-oppføringer ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\programfiler\HPQ\Default Settings\cpqset.exe??????? ???@???????????????@??????e??????(?@???????@

.

skanner skjulte filer ...

.

skanning vellykket

skjulte filer: 0

.

**************************************************************************

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{114b2417-ea78-40ad-8808-32bff2230396}]

@Denied: (Full) (Everyone)

"Model"=dword:0000009c

"Therad"=dword:0000001b

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):8a,4d,f7,5c,23,7d,d9,51,ed,07,4d,97,d7,01,16,7a,b8,27,41,ca,b2,

af,88,98,d1,21,31,de,97,cf,d2,f3,42,0d,a5,52,07,02,76,ec,00,00,00,00,00,00,\

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

.

- - - - - - - > 'winlogon.exe'(1372)

c:\programfiler\HPQ\IAM\Bin\AsWlnPkg.dll

.

- - - - - - - > 'explorer.exe'(5872)

c:\programfiler\HPQ\IAM\Bin\SFSShell.dll

c:\programfiler\HPQ\IAM\bin\ItMsg.dll

c:\programfiler\Windows Desktop Search\deskbar.dll

c:\programfiler\Windows Desktop Search\nb-no\dbres.dll.mui

c:\programfiler\Windows Desktop Search\dbres.dll

c:\programfiler\Windows Desktop Search\wordwheel.dll

c:\programfiler\Windows Desktop Search\nb-no\msnlExtRes.dll.mui

c:\programfiler\Windows Desktop Search\msnlExtRes.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andre Kjørende Prosesser ------------------------

.

c:\windows\system32\brss01a.exe

c:\windows\system32\DllHost.exe

c:\programfiler\HPQ\IAM\bin\asghost.exe

c:\windows\system32\msdtc.exe

c:\windows\system32\agrsmsvc.exe

c:\programfiler\Avira\AntiVir Desktop\avguard.exe

c:\programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe

c:\programfiler\Java\jre7\bin\jqs.exe

c:\programfiler\Fellesfiler\LightScribe\LSSrvc.exe

c:\programfiler\Fellesfiler\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\windows\system32\igfxsrvc.exe

c:\documents and settings\All Users\Programdata\Mobile Broadband\OnlineUpdate\ouc.exe

c:\programfiler\Fellesfiler\Protexis\License Service\PsiService_2.exe

c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe

c:\windows\system32\mqsvc.exe

c:\windows\system32\SearchIndexer.exe

c:\programfiler\Hewlett-Packard\Shared\hpqwmiex.exe

c:\windows\system32\mqtgsvc.exe

c:\programfiler\Fellesfiler\Logishrd\LQCVFX\COCIManager.exe

c:\programfiler\Avira\AntiVir Desktop\avshadow.exe

c:\programfiler\Windows Media Player\WMPNetwk.exe

c:\programfiler\PC Connectivity Solution\ServiceLayer.exe

c:\programfiler\PC Connectivity Solution\Transports\NclUSBSrv.exe

c:\programfiler\avira\antivir desktop\avscan.exe

c:\windows\system32\wbem\wmiapsrv.exe

.

**************************************************************************

.

Tidspunkt ferdig: 2013-04-18 23:20:13 - maskinen ble startet på nytt

ComboFix-quarantined-files.txt 2013-04-18 21:20

ComboFix2.txt 2008-11-16 05:05

ComboFix3.txt 2008-07-23 09:15

.

Pre-Run: 27 012 780 032 byte ledig

Post-Run: 27 290 112 000 byte ledig

.

WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 036924D327DB1AF0DE028AEBB73EE5A8

 

Takker i forvei:)

[Dr.Geek]

Hai,

 

Kan du beskrive litt mer utfyllende hva som er problemet med PCen din? I combofix loggen er det ikke noe mistenksomt. Kjør også en Fullstendig søk med Malwarebytes Anti Malware, ikke Quickscan.

Endret 19. april 2013 av Dr.Geek