Kimelimm Skrevet 2. juni 2007 Del Skrevet 2. juni 2007 Hei! Fikk et virus ved 00:11 tiden i natt Det er en slik Blå runding med en gul X i, så flasher det en gul !TREKANT! der... Har tatt SaS i vanlig OG sikkerhets modus, SDFix, Avast, adaware etc, men vil ikke bort... Hjelp:) Lenke til kommentar
Jallenbo Skrevet 2. juni 2007 Del Skrevet 2. juni 2007 Jeg vil anbefale deg å prøve en virussjekk og en spywaresjekk i følgende rekkefølge: Dersom du har Windows XP kan en systemgjenoppretting etter at du har fjernet virusene føre til at du stiller tilbake maskinen til å være infisert igjen. Prøv først å fjerne virusene uten å deaktivere systemgjenoppretting. Dersom du klarer å desinfisere maskinen stenger du av systemgjenoppretting, restarter og setter på systemgjenoppretting igjen. Dersom du ikke klarer å fjerne virus kan en systemgjenoppretting fungere, velg da et gjenopprettingspunkt hvor du VET du ikke var infisert. All skanning etter virus og spyware skal du nå foreta i sikkermodus med nettverk. Følg lenken dersom du ikke vet hvordan du starter i Sikkermodus med nettverk. Foreta en virusskanning i nettleseren din med BitDefender. Dersom du finner virus starter du på nytt i sikkermodus med nettverk etter skanningen, og foretar en ny skanning. Deretter tar du en spywaresjekk med Ewido Onlinescan. Dersom du finner spyware starter du på nytt i sikkermodus med nettverk etter skanningen, og foretar en ny skanning. Så snart du har fått til å kjøre begge skannerne uten at de gir indikasjon på virus eller spyware er du ferdig med å skanne og skal starte maskinen i vanlig modus igjen. Deretter kan du gå videre til å installere antivirusprogramvare og antispyware dersom du ikke har noe slikt fra før. Slike programmer finner du på oss.viztnd.com/secprog.shtml. Les her dersom du ønsker informasjon om hva spyware er og hvordan du best mulig kan holde PC-en din ren for dette. Les her dersom du ønsker lenker til informasjon om hva virus, trojanere og ormer er. Når det gjelder sikkermodus skal du IKKE gjøre noe annet imens, dvs du skal ikke sitte og surfe her eller andre steder. Dette fordi du da kan starte spionprogrammene eller virusene manuelt. Ovenstående svar med virus og spywaresjekk er basert på en utvidelse for Firefox som henter hurtigsvar på enkelte gjentagende spørsmål. Svarene hentes fra http://hurtigsvar.viztnd.com og utvidelsen til Firefox kan hentes fra www.home.no/apepost for de som ønsker det. Lenke til kommentar
Kimelimm Skrevet 2. juni 2007 Forfatter Del Skrevet 2. juni 2007 For og bumpe denne for HJT logg Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 16:46:41, on 02.06.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\MSI\Live Update 3\LMonitor.exe C:\WINDOWS\system32\RunDLL32.exe C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe C:\Programfiler\SiteAdvisor\6066\SiteAdv.exe C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\WINDOWS\system32\ctfmon.exe C:\DAEMON Tools\daemon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe C:\Programfiler\Bonjour\mDNSResponder.exe C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\SiteAdvisor\6066\SAService.exe C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\Programfiler\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Winamp\winamp.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SeekNewLive Bar - {0CB66BA8-5E1F-4963-93D1-E1D6B78F0212} - C:\Programfiler\SNLBar\SNLBar.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programfiler\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LiveMonitor] C:\Programfiler\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [siteAdvisor] C:\Programfiler\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [spyLocked 4.1] "C:\Programfiler\SpyLocked 4.1\SpyLocked 4.1.exe" /h O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "c:\programfiler\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programfiler\bonjour\mdnsnsp.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programfiler\Fellesfiler\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programfiler\SiteAdvisor\6066\SiteAdv.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: License Management Service ESD - Unknown owner - C:\Programfiler\Fellesfiler\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Programfiler\SiteAdvisor\6066\SAService.exe Lenke til kommentar
norbat Skrevet 2. juni 2007 Del Skrevet 2. juni 2007 HJT-loggen viser ingen spesielle infeksjoner. Ta gjerne å kjøre gjennom de onlinescannerne som Jallebo henviser til. Du kan også gjøre dette (før eller etter): Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix. (vanligvis c:\combofix.txt) Lenke til kommentar
Kimelimm Skrevet 3. juni 2007 Forfatter Del Skrevet 3. juni 2007 Combofix logg! Klikk for å se/fjerne innholdet nedenfor "Kim" - 2007-06-03 16:36:25 Service Pack 2 ComboFix 07-05.27.BV - Running from: "C:\Programfiler\Mozilla Firefox\" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) "C:\install.log" "C:\WINDOWS\system32\components" "C:\Programfiler\Fellesfiler\{3CD49~1" "C:\Programfiler\Fellesfiler\{DCD49~1" ((((((((((((((((((((((((((((((( Files Created from 2007-05-03 to 2007-06-03 )))))))))))))))))))))))))))))))))) 2007-06-03 15:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Spybot - Search & Destroy 2007-06-02 14:55 <DIR> d-------- C:\Programfiler\AudioCommander 2007-06-02 12:24 4,552 --ahs---- C:\WINDOWS\system32\rerolpxew.dat 2007-06-02 12:15 <DIR> d-------- C:\Programfiler\Alwil Software 2007-06-02 00:38 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2007-06-02 00:38 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\SUPERAntiSpyware.com 2007-05-31 12:26 <DIR> d-------- C:\Programfiler\Koei 2007-05-31 12:25 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\InstallShield Installation Information 2007-05-31 07:11 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-29 07:33 <DIR> d-------- C:\Program Files 2007-05-28 02:18 <DIR> d-------- C:\GameRival 2007-05-26 19:07 <DIR> d-------- C:\Programfiler\Celestia 2007-05-24 19:51 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys 2007-05-21 21:02 <DIR> d-------- C:\Programfiler\AMX Mod X 2007-05-21 16:00 <DIR> d-------- C:\Programfiler\Rapidshare Unlimited 2007-05-21 15:58 <DIR> d-------- C:\Programfiler\Rapidown 2007-05-17 23:23 <DIR> d-------- C:\Programfiler\Skype 2007-05-17 23:23 <DIR> d-------- C:\Programfiler\Fellesfiler\Skype 2007-05-17 23:23 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Skype 2007-05-17 23:22 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Skype 2007-05-17 21:44 <DIR> d-------- C:\Programfiler\FileZilla Client 2007-05-17 21:44 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\FileZilla 2007-05-17 21:34 <DIR> d-------- C:\Programfiler\FileZilla 2007-05-17 20:53 26,056 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-05-17 20:53 <DIR> d-------- C:\Programfiler\Hamachi2 2007-05-17 20:51 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Hamachi 2007-05-17 18:14 <DIR> d-------- C:\PacSteam 2007-05-17 18:11 <DIR> d-------- C:\GMOD10 2007-05-17 01:09 <DIR> d-------- C:\Programfiler\Fellesfiler\Thraex Software 2007-05-14 20:19 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll 2007-05-14 20:19 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll 2007-05-14 20:16 <DIR> d-------- C:\Programfiler\Codemasters 2007-05-14 20:10 <DIR> d-------- C:\Programfiler\Fellesfiler\Macrovision Shared 2007-05-14 19:54 <DIR> d-------- C:\ps 2007-05-14 15:44 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Thinstall 2007-05-13 23:52 <DIR> d-------- C:\Programfiler\SystemRequirementsLab 2007-05-13 23:52 <DIR> d-------- C:\DOCUME~1\Kim\SystemRequirementsLab 2007-05-13 23:20 <DIR> d-------- C:\Temp 2007-05-13 23:18 <DIR> d-------- C:\Programfiler\Xilisoft 2007-05-13 23:17 <DIR> d-------- C:\Programfiler\SNLBar 2007-05-13 23:12 <DIR> d-------- C:\Programfiler\AliveMedia 2007-05-13 23:10 <DIR> d-------- C:\Programfiler\MIKSOFT 2007-05-12 13:30 <DIR> d---s---- C:\DOCUME~1\Kim\UserData 2007-05-12 13:18 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-05-12 13:08 33,280 --a------ C:\WINDOWS\system32\HUFFYUV.DLL 2007-05-12 12:58 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll 2007-05-12 12:58 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll 2007-05-12 12:58 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL 2007-05-12 12:58 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll 2007-05-12 12:58 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll 2007-05-12 12:58 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL 2007-05-12 12:58 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll 2007-05-12 12:57 930,992 --------- C:\WINDOWS\system32\Ltr13n.dll 2007-05-12 12:57 884,736 --------- C:\WINDOWS\system32\LMUIRes.dll 2007-05-12 12:57 80,896 --------- C:\WINDOWS\system32\lfwmf13s.dll 2007-05-12 12:57 76,800 --------- C:\WINDOWS\system32\Lfwmf13n.dll 2007-05-12 12:57 73,728 --a------ C:\WINDOWS\system32\MMAviAx.dll 2007-05-12 12:57 73,728 --------- C:\WINDOWS\system32\lffax13n.dll 2007-05-12 12:57 70,144 --------- C:\WINDOWS\system32\lfbmp13s.dll 2007-05-12 12:57 65,536 --------- C:\WINDOWS\system32\lfpcx13s.dll 2007-05-12 12:57 65,536 --------- C:\WINDOWS\system32\Lfpct13n.dll 2007-05-12 12:57 64,512 --------- C:\WINDOWS\system32\lftga13s.dll 2007-05-12 12:57 59,904 --------- C:\WINDOWS\system32\lfpcd13s.dll 2007-05-12 12:57 453,120 --------- C:\WINDOWS\system32\ltkrn13n.dll 2007-05-12 12:57 409,600 --------- C:\WINDOWS\system32\LFCMP13s.DLL 2007-05-12 12:57 393,216 --------- C:\WINDOWS\system32\LFCMP13n.DLL 2007-05-12 12:57 32,768 --a------ C:\WINDOWS\system32\MLPagAx.dll 2007-05-12 12:57 306,352 --------- C:\WINDOWS\system32\Ltrio13n.dll 2007-05-12 12:57 30,208 --------- C:\WINDOWS\system32\lfbmp13n.dll 2007-05-12 12:57 283,648 --------- C:\WINDOWS\system32\LFJ2K13s.dll 2007-05-12 12:57 278,016 --------- C:\WINDOWS\system32\LFJ2K13n.dll 2007-05-12 12:57 24,576 --------- C:\WINDOWS\system32\lftga13n.dll 2007-05-12 12:57 204,881 --a------ C:\WINDOWS\system32\DiskIO.dll 2007-05-12 12:57 2,079,232 --------- C:\WINDOWS\system32\LTCLR13s.dll 2007-05-12 12:57 167,936 --------- C:\WINDOWS\system32\lftif13s.dll 2007-05-12 12:57 155,721 --a------ C:\WINDOWS\system32\RALMain.dll 2007-05-12 12:57 153,088 --------- C:\WINDOWS\system32\ltfil13n.DLL 2007-05-12 12:57 143,360 --------- C:\WINDOWS\system32\lftif13n.dll 2007-05-12 12:57 126,976 --a------ C:\WINDOWS\system32\AVIPrAx.dll 2007-05-12 12:57 12,288 --------- C:\WINDOWS\system32\LMLRes.dll 2007-05-12 12:57 116,224 --------- C:\WINDOWS\system32\lffax13s.dll 2007-05-12 12:57 110,080 --------- C:\WINDOWS\system32\lfpsd13s.dll 2007-05-12 12:57 105,984 --------- C:\WINDOWS\system32\lfpct13s.dll 2007-05-12 12:57 1,693,696 --------- C:\WINDOWS\system32\LTCLR13n.dll 2007-05-12 12:57 1,013,248 --------- C:\WINDOWS\system32\Ltwvc13n.dll 2007-05-12 12:54 765,952 --------- C:\WINDOWS\system32\msvcp71d.dll 2007-05-12 12:54 544,768 --------- C:\WINDOWS\system32\msvcr71d.dll 2007-05-12 12:38 89,088 --a------ C:\WINDOWS\system32\atl71.dll 2007-05-12 12:38 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL 2007-05-12 12:38 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\SmartSound Software Inc 2007-05-12 12:33 57,856 --a------ C:\WINDOWS\system32\masd32.dll 2007-05-12 12:33 41,219 --a------ C:\WINDOWS\RSETPATH.exe 2007-05-12 12:33 27,648 --a------ C:\WINDOWS\system32\ma32.dll 2007-05-12 12:33 196,096 --a------ C:\WINDOWS\system32\macd32.dll 2007-05-12 12:33 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys 2007-05-12 12:33 138,752 --a------ C:\WINDOWS\system32\mase32.dll 2007-05-12 12:33 136,192 --a------ C:\WINDOWS\system32\mamc32.dll 2007-05-12 12:31 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL 2007-05-12 12:31 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL 2007-05-12 12:31 61,440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL 2007-05-12 12:31 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL 2007-05-12 12:31 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL 2007-05-12 12:31 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll 2007-05-12 12:31 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL 2007-05-12 12:31 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL 2007-05-12 12:31 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL 2007-05-12 12:31 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL 2007-05-12 12:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Pinnacle Studio 2007-05-12 12:25 <DIR> d-------- C:\DAEMON Tools 2007-05-12 01:27 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\teamspeak2 2007-05-11 15:01 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Help 2007-05-07 15:35 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll 2007-05-07 15:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Microsoft Help 2007-05-06 14:49 <DIR> d-------- C:\Programfiler\Alias 2007-05-06 14:46 <DIR> d-------- C:\FLEXLM 2007-05-06 13:36 <DIR> d-------- C:\WINDOWS\system32\appmgmt 2007-05-06 13:00 73,728 --a------ C:\WINDOWS\system32\drivers\SENTINEL.SYS 2007-05-06 13:00 685,056 --a------ C:\WINDOWS\system32\drivers\hardlock.sys 2007-05-06 13:00 6,656 --a------ C:\WINDOWS\system32\haspvdd.dll 2007-05-06 13:00 49,664 --a------ C:\WINDOWS\system32\SNTI386.DLL 2007-05-06 13:00 47,616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys 2007-05-06 13:00 383 --a------ C:\WINDOWS\system32\haspdos.sys 2007-05-06 13:00 20,032 -ra------ C:\WINDOWS\system32\drivers\SNTNLUSB.SYS 2007-05-06 13:00 18,432 --a------ C:\WINDOWS\system32\RNBOVDD.DLL 2007-05-06 13:00 <DIR> d-------- C:\DOCUME~1\Kim\WINDOWS 2007-05-04 07:30 <DIR> dr-h----- C:\DOCUME~1\Kim\Siste 2007-05-03 07:26 <DIR> d-------- C:\Programfiler\Half-Life 2 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-03 14:37:37 70,906 ----a-w C:\WINDOWS\system32\perfc014.dat 2007-06-03 14:37:37 405,254 ----a-w C:\WINDOWS\system32\perfh014.dat 2007-06-03 14:33:06 -------- d-----w C:\Programfiler\Steam 2007-06-03 13:48:13 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\uTorrent 2007-06-02 12:37:57 -------- d-----w C:\Programfiler\AV Vcs 4.0 DIAMOND 2007-06-02 10:01:35 -------- d-----w C:\Programfiler\SUPERAntiSpyware 2007-06-01 22:26:35 7,168 --s-a-w C:\WINDOWS\system32\eeuydc.dll 2007-06-01 19:13:01 -------- d-----w C:\Programfiler\Cheat Engine 2007-05-31 10:29:54 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-05-21 19:10:10 -------- d-----w C:\Programfiler\Valve 2007-05-18 13:13:48 -------- d-----w C:\Programfiler\Virtual Sailor 2007-05-16 11:38:30 -------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-05-12 10:47:19 -------- d-----w C:\Programfiler\VirtualDJ 2007-05-12 10:38:15 93 ----a-w C:\AUTOEXEC.BAT 2007-05-12 10:24:58 -------- d-----w C:\Programfiler\DAEMON Tools 2007-05-07 13:36:55 -------- d-----w C:\Programfiler\Pcsx2 2007-05-06 18:20:11 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Ahead 2007-05-06 10:56:54 -------- d-----w C:\Programfiler\Fellesfiler\Autodesk Shared 2007-05-02 18:15:57 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\MayaWebBrowser 2007-05-02 17:45:43 -------- d-----w C:\Programfiler\QuickTime 2007-05-01 18:49:46 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\SiteAdvisor 2007-05-01 10:05:37 -------- d-----w C:\Programfiler\THQ 2007-04-30 20:33:02 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Notepad++ 2007-04-30 20:30:00 -------- d-----w C:\Programfiler\Winamp 2007-04-30 19:14:42 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\WinMX Music 2007-04-30 18:54:54 -------- d-----w C:\Programfiler\WinMX 2007-04-30 18:52:51 -------- d-----w C:\Programfiler\WinMX Music 2007-04-30 10:07:17 -------- d-----w C:\Programfiler\Bus Driver 2007-04-29 13:23:03 -------- d-----w C:\Programfiler\Autodesk 2007-04-26 20:41:29 -------- d-----w C:\Programfiler\The Rosetta Stone 2007-04-23 19:40:09 -------- d-----w C:\Programfiler\Image-Line 2007-04-23 19:39:59 -------- d-----w C:\Programfiler\ASIO4ALL v2 2007-04-23 19:35:27 -------- d-----w C:\Programfiler\Steinberg 2007-04-20 04:46:41 -------- d-----w C:\Programfiler\CAPCOM 2007-04-19 19:35:38 -------- d-----w C:\Programfiler\Yahoo! 2007-04-18 15:35:37 -------- d-----w C:\Programfiler\SiteAdvisor 2007-04-18 13:12:48 670 ----a-w C:\WINDOWS\mozver.dat 2007-04-18 05:16:25 -------- d-----w C:\Programfiler\e frontier 2007-04-17 19:42:02 -------- d-----w C:\Programfiler\Fellesfiler\LightScribe 2007-04-17 19:32:17 682,232 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-04-17 15:41:56 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\e frontier 2007-04-17 15:41:42 3,120 ----a-w C:\WINDOWS\system32\6ffdbcaf-f6c1-42d3-a4a9-c7957224a70b.dll 2007-04-17 14:38:16 -------- d-----w C:\Programfiler\GameHouse 2007-04-16 17:01:23 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Media Player Classic 2007-04-16 17:00:43 -------- d-----w C:\Programfiler\K-Lite Codec Pack 2007-04-16 13:34:19 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Steinberg 2007-04-14 12:46:53 -------- d-----w C:\Programfiler\Fellesfiler\Sandlot Shared 2007-04-14 10:28:34 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Lavasoft 2007-04-14 10:06:13 0 ----a-w C:\WINDOWS\PowerReg.dat 2007-04-14 10:05:14 -------- d-----w C:\Programfiler\Infogrames 2007-04-14 07:17:37 16 ----a-w C:\WINDOWS\guiinfo.dat 2007-04-13 13:05:36 -------- d-----w C:\Programfiler\Bonjour 2007-04-13 13:03:25 -------- d-----w C:\Programfiler\MessengerDiscovery 2007-04-13 13:02:56 -------- d-----w C:\Programfiler\MSN Messenger 2007-04-12 15:29:29 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Teleca 2007-04-12 15:26:48 -------- d-----w C:\Programfiler\Fellesfiler\Teleca Shared 2007-04-12 15:13:07 8,704 ----a-w C:\WINDOWS\system32\sporder.dll 2007-04-12 15:12:58 23,040 ----a-w C:\WINDOWS\system32\mszsrn32.dll 2007-04-12 14:44:38 -------- d-----w C:\Programfiler\Realtek 2007-04-12 14:44:19 315,392 ----a-w C:\WINDOWS\HideWin.exe 2007-04-12 14:38:37 664 ----a-w C:\WINDOWS\system32\d3d9caps.dat 2007-04-12 14:36:45 0 ----a-w C:\WINDOWS\nsreg.dat 2007-04-12 14:24:07 0 ----a-w C:\CONFIG.SYS 2007-04-12 14:19:55 21,704 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2007-04-12 14:19:28 -------- d-----w C:\Programfiler\Messenger 2007-04-11 14:18:08 -------- d-----w C:\Programfiler\Syncrosoft 2007-04-10 13:41:21 -------- d-----w C:\Programfiler\Fellesfiler\Avid 2007-04-10 13:39:04 -------- d-----w C:\Programfiler\Fellesfiler\Softimage 2007-04-09 17:21:34 -------- d-----w C:\Programfiler\XSI 2007-04-09 10:49:39 -------- d-----w C:\Programfiler\Purrint 2007-04-09 00:01:56 -------- d-----w C:\Programfiler\Cake Mania 2007-04-09 00:00:49 -------- d-----w C:\Programfiler\ReflexiveArcade 2007-04-08 23:33:10 -------- d-----w C:\Programfiler\Stand O`Food 2007-03-23 17:19:10 9,715,200 ----a-w C:\WINDOWS\RTLCPL.exe 2007-03-21 12:49:20 16,126,464 ----a-w C:\WINDOWS\RTHDCPL.exe 2007-03-16 13:06:54 1,822,720 ----a-w C:\WINDOWS\SkyTel.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {0CB66BA8-5E1F-4963-93D1-E1D6B78F0212}=C:\Programfiler\SNLBar\SNLBar.dll [2007-04-20 16:27] {53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 01:48] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LiveMonitor"="C:\Programfiler\MSI\Live Update 3\LMonitor.exe" [2006-06-07 14:22] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 11:22 C:\WINDOWS\system32\nvmctray.dll] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "SiteAdvisor"="C:\Programfiler\SiteAdvisor\6066\SiteAdv.exe" [2007-03-30 17:42] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-05-02 19:45] "GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47] "Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 18:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "Steam"="c:\programfiler\steam\steam.exe" [2007-06-02 10:19] "msnmsgr"="C:\Programfiler\MSN Messenger\msnmsgr.exe" [2007-04-12 17:11] "DAEMON Tools"="C:\DAEMON Tools\daemon.exe" [2007-04-04 00:29] "MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-08-04 01:15] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{44e670f2-d57b-4815-a576-955d17dbbf2d}"="C:\WINDOWS\system32\eeuydc.dll" [2007-06-02 00:26] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL" [2006-10-27 01:48] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 12:55] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Programmer^Oppstart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start-meny\Programmer\Oppstart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Programmer^Oppstart^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start-meny\Programmer\Oppstart\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] HDAShCut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyLocked 4.1] "C:\Programfiler\SpyLocked 4.1\SpyLocked 4.1.exe" /h [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20] C:\WINDOWS\system32\sw20.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24] C:\WINDOWS\system32\sw24.exe HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-03 16:45:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ******************************************************************** Completion time: 2007-06-03 16:46:20 C:\ComboFix-quarantined-files.txt ... 2007-06-03 16:46 --- E O F --- Lenke til kommentar
norbat Skrevet 3. juni 2007 Del Skrevet 3. juni 2007 Gjør følgende: Hent Avenger og pakk det ut. Start programmet, sett prikk i "Input Script Manually" og klikk på lupen. I vinduet som kommer opp kopierer du og limer inn det som er i fet skrift under: Registry values to delete: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler | {44e670f2-d57b-4815-a576-955d17dbbf2d} Registry keys to delete: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyLocked 4.1 Files to delete: C:\WINDOWS\system32\eeuydc.dll Folders to delete: C:\Programfiler\SpyLocked 4.1 Klikk på Trafikklyset. Restart pc'n. Etter restart vil det komme en loggfil som forteller hva som har skjedd. Den poster du sammen med en ny HJT-logg. Fortell også hvordan det går med 'varselet' Lenke til kommentar
Kimelimm Skrevet 3. juni 2007 Forfatter Del Skrevet 3. juni 2007 (endret) Avenge: Klikk for å se/fjerne innholdet nedenfor Logfile of The Avenger version 1, by Swandog46Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\xmajjopb ******************* Script file located at: \??\C:\xkwnisyf.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\eeuydc.dll deleted successfully. Folder C:\Programfiler\SpyLocked 4.1 not found! Deletion of folder C:\Programfiler\SpyLocked 4.1 failed! Could not process line: C:\Programfiler\SpyLocked 4.1 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyLocked 4.1 deleted successfully. Completed script processing. ******************* Finished! Terminate. OMG DET RE BORTE! Ser ikke den kukk"kanten" lenger! Endret 3. juni 2007 av Kimelimm Lenke til kommentar
norbat Skrevet 3. juni 2007 Del Skrevet 3. juni 2007 Lag en ny Combofix-logg. Etterpå laster du ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Kjør også noen runder med 'Saker' til det ikke finner flere feil. Restart pc'n. Lenke til kommentar
Kimelimm Skrevet 3. juni 2007 Forfatter Del Skrevet 3. juni 2007 ok Combofix igjen Klikk for å se/fjerne innholdet nedenfor "Kim" - 2007-06-03 17:40:18 Service Pack 2 ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Kim\Skrivebord\" ((((((((((((((((((((((((((((((( Files Created from 2007-05-03 to 2007-06-03 )))))))))))))))))))))))))))))))))) 2007-06-03 17:34 <DIR> dr-h----- C:\DOCUME~1\Kim\Siste 2007-06-03 17:18 <DIR> d-------- C:\avenger 2007-06-03 16:46 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-03 15:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Spybot - Search & Destroy 2007-06-02 14:55 <DIR> d-------- C:\Programfiler\AudioCommander 2007-06-02 12:24 4,552 --ahs---- C:\WINDOWS\system32\rerolpxew.dat 2007-06-02 12:15 <DIR> d-------- C:\Programfiler\Alwil Software 2007-06-02 00:38 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2007-06-02 00:38 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\SUPERAntiSpyware.com 2007-05-31 12:26 <DIR> d-------- C:\Programfiler\Koei 2007-05-31 12:25 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\InstallShield Installation Information 2007-05-31 07:11 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-29 07:33 <DIR> d-------- C:\Program Files 2007-05-28 02:18 <DIR> d-------- C:\GameRival 2007-05-26 19:07 <DIR> d-------- C:\Programfiler\Celestia 2007-05-24 19:51 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys 2007-05-21 21:02 <DIR> d-------- C:\Programfiler\AMX Mod X 2007-05-21 16:00 <DIR> d-------- C:\Programfiler\Rapidshare Unlimited 2007-05-21 15:58 <DIR> d-------- C:\Programfiler\Rapidown 2007-05-17 23:23 <DIR> d-------- C:\Programfiler\Skype 2007-05-17 23:23 <DIR> d-------- C:\Programfiler\Fellesfiler\Skype 2007-05-17 23:23 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Skype 2007-05-17 23:22 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Skype 2007-05-17 21:44 <DIR> d-------- C:\Programfiler\FileZilla Client 2007-05-17 21:44 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\FileZilla 2007-05-17 21:34 <DIR> d-------- C:\Programfiler\FileZilla 2007-05-17 20:53 26,056 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-05-17 20:53 <DIR> d-------- C:\Programfiler\Hamachi2 2007-05-17 20:51 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Hamachi 2007-05-17 18:14 <DIR> d-------- C:\PacSteam 2007-05-17 18:11 <DIR> d-------- C:\GMOD10 2007-05-17 01:09 <DIR> d-------- C:\Programfiler\Fellesfiler\Thraex Software 2007-05-14 20:19 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll 2007-05-14 20:19 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll 2007-05-14 20:16 <DIR> d-------- C:\Programfiler\Codemasters 2007-05-14 20:10 <DIR> d-------- C:\Programfiler\Fellesfiler\Macrovision Shared 2007-05-14 19:54 <DIR> d-------- C:\ps 2007-05-14 15:44 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Thinstall 2007-05-13 23:52 <DIR> d-------- C:\Programfiler\SystemRequirementsLab 2007-05-13 23:52 <DIR> d-------- C:\DOCUME~1\Kim\SystemRequirementsLab 2007-05-13 23:20 <DIR> d-------- C:\Temp 2007-05-13 23:18 <DIR> d-------- C:\Programfiler\Xilisoft 2007-05-13 23:17 <DIR> d-------- C:\Programfiler\SNLBar 2007-05-13 23:12 <DIR> d-------- C:\Programfiler\AliveMedia 2007-05-13 23:10 <DIR> d-------- C:\Programfiler\MIKSOFT 2007-05-12 13:30 <DIR> d---s---- C:\DOCUME~1\Kim\UserData 2007-05-12 13:18 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-05-12 13:08 33,280 --a------ C:\WINDOWS\system32\HUFFYUV.DLL 2007-05-12 12:58 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll 2007-05-12 12:58 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll 2007-05-12 12:58 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL 2007-05-12 12:58 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll 2007-05-12 12:58 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll 2007-05-12 12:58 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL 2007-05-12 12:58 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll 2007-05-12 12:57 930,992 --------- C:\WINDOWS\system32\Ltr13n.dll 2007-05-12 12:57 884,736 --------- C:\WINDOWS\system32\LMUIRes.dll 2007-05-12 12:57 80,896 --------- C:\WINDOWS\system32\lfwmf13s.dll 2007-05-12 12:57 76,800 --------- C:\WINDOWS\system32\Lfwmf13n.dll 2007-05-12 12:57 73,728 --a------ C:\WINDOWS\system32\MMAviAx.dll 2007-05-12 12:57 73,728 --------- C:\WINDOWS\system32\lffax13n.dll 2007-05-12 12:57 70,144 --------- C:\WINDOWS\system32\lfbmp13s.dll 2007-05-12 12:57 65,536 --------- C:\WINDOWS\system32\lfpcx13s.dll 2007-05-12 12:57 65,536 --------- C:\WINDOWS\system32\Lfpct13n.dll 2007-05-12 12:57 64,512 --------- C:\WINDOWS\system32\lftga13s.dll 2007-05-12 12:57 59,904 --------- C:\WINDOWS\system32\lfpcd13s.dll 2007-05-12 12:57 453,120 --------- C:\WINDOWS\system32\ltkrn13n.dll 2007-05-12 12:57 409,600 --------- C:\WINDOWS\system32\LFCMP13s.DLL 2007-05-12 12:57 393,216 --------- C:\WINDOWS\system32\LFCMP13n.DLL 2007-05-12 12:57 32,768 --a------ C:\WINDOWS\system32\MLPagAx.dll 2007-05-12 12:57 306,352 --------- C:\WINDOWS\system32\Ltrio13n.dll 2007-05-12 12:57 30,208 --------- C:\WINDOWS\system32\lfbmp13n.dll 2007-05-12 12:57 283,648 --------- C:\WINDOWS\system32\LFJ2K13s.dll 2007-05-12 12:57 278,016 --------- C:\WINDOWS\system32\LFJ2K13n.dll 2007-05-12 12:57 24,576 --------- C:\WINDOWS\system32\lftga13n.dll 2007-05-12 12:57 204,881 --a------ C:\WINDOWS\system32\DiskIO.dll 2007-05-12 12:57 2,079,232 --------- C:\WINDOWS\system32\LTCLR13s.dll 2007-05-12 12:57 167,936 --------- C:\WINDOWS\system32\lftif13s.dll 2007-05-12 12:57 155,721 --a------ C:\WINDOWS\system32\RALMain.dll 2007-05-12 12:57 153,088 --------- C:\WINDOWS\system32\ltfil13n.DLL 2007-05-12 12:57 143,360 --------- C:\WINDOWS\system32\lftif13n.dll 2007-05-12 12:57 126,976 --a------ C:\WINDOWS\system32\AVIPrAx.dll 2007-05-12 12:57 12,288 --------- C:\WINDOWS\system32\LMLRes.dll 2007-05-12 12:57 116,224 --------- C:\WINDOWS\system32\lffax13s.dll 2007-05-12 12:57 110,080 --------- C:\WINDOWS\system32\lfpsd13s.dll 2007-05-12 12:57 105,984 --------- C:\WINDOWS\system32\lfpct13s.dll 2007-05-12 12:57 1,693,696 --------- C:\WINDOWS\system32\LTCLR13n.dll 2007-05-12 12:57 1,013,248 --------- C:\WINDOWS\system32\Ltwvc13n.dll 2007-05-12 12:54 765,952 --------- C:\WINDOWS\system32\msvcp71d.dll 2007-05-12 12:54 544,768 --------- C:\WINDOWS\system32\msvcr71d.dll 2007-05-12 12:38 89,088 --a------ C:\WINDOWS\system32\atl71.dll 2007-05-12 12:38 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL 2007-05-12 12:38 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\SmartSound Software Inc 2007-05-12 12:33 57,856 --a------ C:\WINDOWS\system32\masd32.dll 2007-05-12 12:33 41,219 --a------ C:\WINDOWS\RSETPATH.exe 2007-05-12 12:33 27,648 --a------ C:\WINDOWS\system32\ma32.dll 2007-05-12 12:33 196,096 --a------ C:\WINDOWS\system32\macd32.dll 2007-05-12 12:33 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys 2007-05-12 12:33 138,752 --a------ C:\WINDOWS\system32\mase32.dll 2007-05-12 12:33 136,192 --a------ C:\WINDOWS\system32\mamc32.dll 2007-05-12 12:31 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL 2007-05-12 12:31 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL 2007-05-12 12:31 61,440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL 2007-05-12 12:31 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL 2007-05-12 12:31 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL 2007-05-12 12:31 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll 2007-05-12 12:31 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL 2007-05-12 12:31 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL 2007-05-12 12:31 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL 2007-05-12 12:31 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL 2007-05-12 12:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Pinnacle Studio 2007-05-12 12:25 <DIR> d-------- C:\DAEMON Tools 2007-05-12 01:27 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\teamspeak2 2007-05-11 15:01 <DIR> d-------- C:\DOCUME~1\Kim\PROGRA~1\Help 2007-05-07 15:35 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll 2007-05-07 15:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\PROGRA~1\Microsoft Help 2007-05-06 14:49 <DIR> d-------- C:\Programfiler\Alias 2007-05-06 14:46 <DIR> d-------- C:\FLEXLM 2007-05-06 13:36 <DIR> d-------- C:\WINDOWS\system32\appmgmt 2007-05-06 13:00 73,728 --a------ C:\WINDOWS\system32\drivers\SENTINEL.SYS 2007-05-06 13:00 685,056 --a------ C:\WINDOWS\system32\drivers\hardlock.sys 2007-05-06 13:00 6,656 --a------ C:\WINDOWS\system32\haspvdd.dll 2007-05-06 13:00 49,664 --a------ C:\WINDOWS\system32\SNTI386.DLL 2007-05-06 13:00 47,616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys 2007-05-06 13:00 383 --a------ C:\WINDOWS\system32\haspdos.sys 2007-05-06 13:00 20,032 -ra------ C:\WINDOWS\system32\drivers\SNTNLUSB.SYS 2007-05-06 13:00 18,432 --a------ C:\WINDOWS\system32\RNBOVDD.DLL 2007-05-06 13:00 <DIR> d-------- C:\DOCUME~1\Kim\WINDOWS 2007-05-03 07:26 <DIR> d-------- C:\Programfiler\Half-Life 2 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-03 15:47:17 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\uTorrent 2007-06-03 15:22:35 70,906 ----a-w C:\WINDOWS\system32\perfc014.dat 2007-06-03 15:22:35 405,254 ----a-w C:\WINDOWS\system32\perfh014.dat 2007-06-03 15:18:23 -------- d-----w C:\Programfiler\Steam 2007-06-02 12:37:57 -------- d-----w C:\Programfiler\AV Vcs 4.0 DIAMOND 2007-06-02 10:01:35 -------- d-----w C:\Programfiler\SUPERAntiSpyware 2007-06-01 19:13:01 -------- d-----w C:\Programfiler\Cheat Engine 2007-05-31 10:29:54 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-05-21 19:10:10 -------- d-----w C:\Programfiler\Valve 2007-05-18 13:13:48 -------- d-----w C:\Programfiler\Virtual Sailor 2007-05-16 11:38:30 -------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-05-12 10:47:19 -------- d-----w C:\Programfiler\VirtualDJ 2007-05-12 10:38:15 93 ----a-w C:\AUTOEXEC.BAT 2007-05-12 10:24:58 -------- d-----w C:\Programfiler\DAEMON Tools 2007-05-07 13:36:55 -------- d-----w C:\Programfiler\Pcsx2 2007-05-06 18:20:11 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Ahead 2007-05-06 10:56:54 -------- d-----w C:\Programfiler\Fellesfiler\Autodesk Shared 2007-05-02 18:15:57 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\MayaWebBrowser 2007-05-02 17:45:43 -------- d-----w C:\Programfiler\QuickTime 2007-05-01 18:49:46 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\SiteAdvisor 2007-05-01 10:05:37 -------- d-----w C:\Programfiler\THQ 2007-04-30 20:33:02 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Notepad++ 2007-04-30 20:30:00 -------- d-----w C:\Programfiler\Winamp 2007-04-30 19:14:42 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\WinMX Music 2007-04-30 18:54:54 -------- d-----w C:\Programfiler\WinMX 2007-04-30 18:52:51 -------- d-----w C:\Programfiler\WinMX Music 2007-04-30 10:07:17 -------- d-----w C:\Programfiler\Bus Driver 2007-04-29 13:23:03 -------- d-----w C:\Programfiler\Autodesk 2007-04-26 20:41:29 -------- d-----w C:\Programfiler\The Rosetta Stone 2007-04-23 19:40:09 -------- d-----w C:\Programfiler\Image-Line 2007-04-23 19:39:59 -------- d-----w C:\Programfiler\ASIO4ALL v2 2007-04-23 19:35:27 -------- d-----w C:\Programfiler\Steinberg 2007-04-20 04:46:41 -------- d-----w C:\Programfiler\CAPCOM 2007-04-19 19:35:38 -------- d-----w C:\Programfiler\Yahoo! 2007-04-18 15:35:37 -------- d-----w C:\Programfiler\SiteAdvisor 2007-04-18 13:12:48 670 ----a-w C:\WINDOWS\mozver.dat 2007-04-18 05:16:25 -------- d-----w C:\Programfiler\e frontier 2007-04-17 19:42:02 -------- d-----w C:\Programfiler\Fellesfiler\LightScribe 2007-04-17 19:32:17 682,232 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-04-17 15:41:56 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\e frontier 2007-04-17 15:41:42 3,120 ----a-w C:\WINDOWS\system32\6ffdbcaf-f6c1-42d3-a4a9-c7957224a70b.dll 2007-04-17 14:38:16 -------- d-----w C:\Programfiler\GameHouse 2007-04-16 17:01:23 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Media Player Classic 2007-04-16 17:00:43 -------- d-----w C:\Programfiler\K-Lite Codec Pack 2007-04-16 13:34:19 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Steinberg 2007-04-14 12:46:53 -------- d-----w C:\Programfiler\Fellesfiler\Sandlot Shared 2007-04-14 10:28:34 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Lavasoft 2007-04-14 10:06:13 0 ----a-w C:\WINDOWS\PowerReg.dat 2007-04-14 10:05:14 -------- d-----w C:\Programfiler\Infogrames 2007-04-14 07:17:37 16 ----a-w C:\WINDOWS\guiinfo.dat 2007-04-13 13:05:36 -------- d-----w C:\Programfiler\Bonjour 2007-04-13 13:03:25 -------- d-----w C:\Programfiler\MessengerDiscovery 2007-04-13 13:02:56 -------- d-----w C:\Programfiler\MSN Messenger 2007-04-12 15:29:29 -------- d-----w C:\DOCUME~1\Kim\PROGRA~1\Teleca 2007-04-12 15:26:48 -------- d-----w C:\Programfiler\Fellesfiler\Teleca Shared 2007-04-12 15:13:07 8,704 ----a-w C:\WINDOWS\system32\sporder.dll 2007-04-12 15:12:58 23,040 ----a-w C:\WINDOWS\system32\mszsrn32.dll 2007-04-12 14:44:38 -------- d-----w C:\Programfiler\Realtek 2007-04-12 14:44:19 315,392 ----a-w C:\WINDOWS\HideWin.exe 2007-04-12 14:38:37 664 ----a-w C:\WINDOWS\system32\d3d9caps.dat 2007-04-12 14:36:45 0 ----a-w C:\WINDOWS\nsreg.dat 2007-04-12 14:24:07 0 ----a-w C:\CONFIG.SYS 2007-04-12 14:19:55 21,704 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2007-04-12 14:19:28 -------- d-----w C:\Programfiler\Messenger 2007-04-11 14:18:08 -------- d-----w C:\Programfiler\Syncrosoft 2007-04-10 13:41:21 -------- d-----w C:\Programfiler\Fellesfiler\Avid 2007-04-10 13:39:04 -------- d-----w C:\Programfiler\Fellesfiler\Softimage 2007-04-09 17:21:34 -------- d-----w C:\Programfiler\XSI 2007-04-09 10:49:39 -------- d-----w C:\Programfiler\Purrint 2007-04-09 00:01:56 -------- d-----w C:\Programfiler\Cake Mania 2007-04-09 00:00:49 -------- d-----w C:\Programfiler\ReflexiveArcade 2007-04-08 23:33:10 -------- d-----w C:\Programfiler\Stand O`Food 2007-03-23 17:19:10 9,715,200 ----a-w C:\WINDOWS\RTLCPL.exe 2007-03-21 12:49:20 16,126,464 ----a-w C:\WINDOWS\RTHDCPL.exe 2007-03-16 13:06:54 1,822,720 ----a-w C:\WINDOWS\SkyTel.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {0CB66BA8-5E1F-4963-93D1-E1D6B78F0212}=C:\Programfiler\SNLBar\SNLBar.dll [2007-04-20 16:27] {53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 01:48] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LiveMonitor"="C:\Programfiler\MSI\Live Update 3\LMonitor.exe" [2006-06-07 14:22] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 11:22 C:\WINDOWS\system32\nvmctray.dll] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "SiteAdvisor"="C:\Programfiler\SiteAdvisor\6066\SiteAdv.exe" [2007-03-30 17:42] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-05-02 19:45] "GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47] "Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 18:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "Steam"="c:\programfiler\steam\steam.exe" [2007-06-02 10:19] "msnmsgr"="C:\Programfiler\MSN Messenger\msnmsgr.exe" [2007-04-12 17:11] "DAEMON Tools"="C:\DAEMON Tools\daemon.exe" [2007-04-04 00:29] "MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-08-04 01:15] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL" [2006-10-27 01:48] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 12:55] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Programmer^Oppstart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start-meny\Programmer\Oppstart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Programmer^Oppstart^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start-meny\Programmer\Oppstart\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] HDAShCut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20] C:\WINDOWS\system32\sw20.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24] C:\WINDOWS\system32\sw24.exe HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-03 17:47:11 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ******************************************************************** Completion time: 2007-06-03 17:48:21 C:\ComboFix-quarantined-files.txt ... 2007-06-03 17:48 C:\ComboFix2.txt ... 2007-06-03 16:46 --- E O F --- Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå