HJT + ComboFix logg sjekk. Har jeg rusk på pcen ?

[EspenFe]

Bruker å ta sjekker av og til om jeg har noe rusk på pcen. Og nå er tiden der igjen. Så hvis det er noen erfarne der ut ( norbat ) som kan sjekke loggene mine blir jeg glade. Det er ingenting rart med pcen eller noe slik, men det er vel bra å sjekke en gang i blandt.

 

 

HJT logg:

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:11:42 AM, on 1/26/2008

Platform: Windows XP SP3, v.3244 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Eset\nod32krn.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Spyware Doctor\svcntaux.exe

C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe

C:\Program Files\Eset\nod32kui.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Spyware Doctor\SDTrayApp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spyware Doctor\swdsvc.exe

C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Webroot\Washer\WasherSvc.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\Espen\LOCALS~1\Temp\Rar$EX00.110\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemonsearch.com/no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.06\RivaTuner.exe" /S

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe

O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

 

--

End of file - 5742 bytes

 

 

 

ComboFix logg:

 

 

 

ComboFix 08-01-23.1C - Espen 2008-01-26 0:14:05.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1417 [GMT 1:00]

Running from: C:\Documents and Settings\Espen\Desktop\ComboFix.exe

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

The following files were disabled during the run:

C:\Program Files\Spyware Doctor\klg.dat

 

 

((((((((((((((((((((((((( Files Created from 2007-12-25 to 2008-01-25 )))))))))))))))))))))))))))))))

.

 

2008-01-26 00:12 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe

2008-01-09 15:53 . 2008-01-22 17:34 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-01-09 15:53 . 2008-01-09 15:53 1,409 --a------ C:\WINDOWS\QTFont.for

2008-01-09 15:39 . 2008-01-09 15:39 <DIR> d-------- C:\Program Files\Rockstar Games

2007-12-28 22:03 . 2007-12-28 22:03 <DIR> d-------- C:\Program Files\Nero

2007-12-28 22:03 . 2007-12-28 22:04 <DIR> d-------- C:\Program Files\Common Files\Ahead

2007-12-28 15:15 . 2007-12-28 15:15 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2007-12-25 04:30 . 2007-02-20 16:04 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll

2007-12-25 04:30 . 2007-02-20 16:04 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe

2007-12-25 04:25 . 2007-12-25 04:25 <DIR> d-------- C:\Program Files\Bonjour

2007-12-25 04:22 . 2007-12-25 04:22 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-01-25 23:12 --------- d-----w C:\Program Files\Spyware Doctor

2008-01-25 19:34 --------- d-----w C:\Program Files\World of Warcraft

2008-01-24 17:14 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-01-24 17:13 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe

2008-01-09 14:39 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-01-06 12:46 --------- d-----w C:\Program Files\Steam

2007-12-25 18:40 --------- d-----w C:\Program Files\Azureus

2007-12-25 18:31 --------- d-----w C:\Program Files\Common Files\Adobe

2007-12-24 15:50 --------- d-----w C:\Program Files\QuickTime

2007-12-22 21:23 --------- d-----w C:\Program Files\MSECache

2007-12-22 21:21 --------- d-----w C:\Program Files\Microsoft.NET

2007-12-22 13:14 83,536 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys

2007-12-22 13:14 59,984 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys

2007-12-22 13:13 52,304 ----a-w C:\WINDOWS\system32\drivers\ikfilesec.sys

2007-12-22 13:13 39,248 ----a-w C:\WINDOWS\system32\drivers\ikfileflt.sys

2007-12-22 13:13 26,064 ----a-w C:\WINDOWS\system32\drivers\kcom.sys

2007-12-16 22:20 --------- d-----w C:\Program Files\SystemRequirementsLab

2007-12-12 14:16 --------- d-----w C:\Program Files\microsoft frontpage

2007-12-12 13:41 --------- d-----w C:\Program Files\CCleaner

2007-12-06 20:46 --------- d-----w C:\Program Files\coverXP

2007-12-06 20:31 --------- d-----w C:\Program Files\CD-LabelPrint

2007-12-06 14:20 --------- d-----w C:\Program Files\GameSpy

2007-12-06 14:18 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe

2007-12-06 14:12 --------- d-----w C:\Program Files\Electronic Arts

2007-12-06 13:57 --------- d-----w C:\Program Files\DAEMON Tools

2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE

2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll

2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll

2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll

2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe

2007-12-05 00:41 7,435,392 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys

2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll

2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll

2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll

2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll

2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll

2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe

2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe

2007-12-05 00:41 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll

2007-12-05 00:41 356,352 ----a-w C:\WINDOWS\system32\nvudisp.exe

2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll

2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll

2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll

2007-12-05 00:41 3,710,976 ----a-w C:\WINDOWS\system32\nvvitvs.dll

2007-12-05 00:41 3,420,160 ----a-w C:\WINDOWS\system32\nvgames.dll

2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll

2007-12-05 00:41 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll

2007-12-05 00:41 2,498,560 ----a-w C:\WINDOWS\system32\nvwss.dll

2007-12-05 00:41 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll

2007-12-05 00:41 155,716 ----a-w C:\WINDOWS\system32\nvsvc32.exe

2007-12-05 00:41 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe

2007-12-05 00:41 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll

2007-12-05 00:41 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe

2007-12-05 00:41 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll

2007-12-05 00:41 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe

2007-12-05 00:41 1,228,800 ----a-w C:\WINDOWS\system32\nvmobls.dll

2007-12-05 00:41 1,089,536 ----a-w C:\WINDOWS\system32\nvcuda.dll

2007-12-05 00:41 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll

2007-12-02 00:44 --------- d-----w C:\Program Files\Ventrilo

2007-12-02 00:44 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2007-12-01 19:10 --------- d-----w C:\Program Files\GameSpy Arcade

2007-12-01 19:05 --------- d-----w C:\Program Files\EA GAMES

2007-12-01 13:14 86,016 ----a-w C:\WINDOWS\system32\OpenAL32.dll

2007-12-01 13:14 262,144 ----a-w C:\WINDOWS\system32\wrap_oal.dll

2007-12-01 13:10 --------- d-----w C:\Program Files\Futuremark

2007-11-30 18:42 --------- d-----w C:\Program Files\DivX

2007-11-30 17:28 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment

2007-11-30 17:19 --------- d-----w C:\Program Files\JAM Software

2007-11-30 17:04 --------- d-----w C:\Program Files\Common Files\CANON

2007-11-30 17:04 --------- d-----w C:\Program Files\Canon

2007-11-30 17:02 --------- d--h--w C:\Program Files\CanonBJ

2007-11-30 16:39 --------- d-----w C:\Program Files\MSXML 4.0

2007-11-30 14:20 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe

2007-11-29 23:17 --------- d-----w C:\Program Files\PowerISO

2007-11-29 23:08 --------- d-----w C:\Program Files\HD Tune

2007-11-29 22:55 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2007-11-29 22:19 --------- d-----w C:\Program Files\Stardock

2007-11-29 21:17 --------- d-----w C:\Program Files\RivaTuner v2.06

2007-11-29 20:20 --------- d-----w C:\Program Files\Webroot

2007-11-29 20:20 --------- d-----w C:\Program Files\Common Files\Webroot Shared

2007-11-29 17:59 --------- d-----w C:\Program Files\LimeWire

2007-11-29 17:51 --------- d-----w C:\Program Files\VideoLAN

2007-11-29 17:43 --------- d-----w C:\Program Files\Java

2007-11-29 17:43 --------- d-----w C:\Program Files\Common Files\Java

2007-11-29 17:34 502,208 ----a-w C:\WINDOWS\system32\drivers\amon.sys

2007-11-29 17:34 270,336 ----a-w C:\WINDOWS\system32\imon.dll

2007-11-29 15:20 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller

2007-11-29 15:20 --------- d-----w C:\Program Files\Windows Live

2007-11-29 14:21 --------- d-----w C:\Program Files\Realtek

2007-11-29 14:07 --------- d-----w C:\Program Files\ASUS

2007-11-29 14:05 21,035 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys

2007-11-29 14:05 --------- d-----w C:\Program Files\Common Files\InstallShield

2007-11-29 14:05 --------- d-----w C:\Program Files\ASUS WiFi-AP Solo

2007-11-29 14:04 --------- d-----w C:\Program Files\Marvell

2007-11-29 13:55 --------- d-----w C:\Program Files\Intel

2007-11-29 13:52 --------- d--h--w C:\Program Files\Uninstall Information

2007-10-30 23:37 330,240 ----a-w C:\WINDOWS\system32\netsetup.exe

2007-10-30 23:33 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll

2007-10-30 23:33 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr

2007-10-30 23:33 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-10-31 00:32 15360]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2007-10-31 00:32 1695232]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-07-19 09:52 3167744]

"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-11-29 18:34 917504]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]

"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]

"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.06\RivaTuner.exe" [2007-10-30 19:05 2650112]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]

"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-12-22 14:14 810576]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-11-29 23:20 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=wbsys.dll

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ASUS WiFi-AP Solo.lnk]

backup=C:\WINDOWS\pss\ASUS WiFi-AP Solo.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

--a------ 2007-10-10 19:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

-r------- 2005-05-03 11:43 69632 C:\WINDOWS\Alcmtr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]

--a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]

--a------ 2007-12-06 13:06 167368 C:\Program Files\DAEMON Tools\daemon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X Configure]

-r------- 2006-06-29 03:07 352256 C:\WINDOWS\system32\JMRaidTool.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--------- 2007-10-31 00:32 1695232 C:\Program Files\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2007-12-24 16:48 155648 C:\Program Files\QuickTime\qttask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

-r------- 2006-04-17 08:34 16143872 C:\WINDOWS\RTHDCPL.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]

--a------ 2007-12-22 14:14 810576 C:\Program Files\Spyware Doctor\SDTrayApp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

--a------ 2007-12-01 22:42 1266936 C:\Program Files\Steam\Steam.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Window Washer]

--a------ 2007-08-09 13:56 1261384 C:\Program Files\Webroot\Washer\wwDisp.exe

 

R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-08-09 13:56]

S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\Asushwio.sys [2004-04-27 16:26]

S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 08:30]

S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2006-03-31 04:39]

 

*Newly Created Service* - PROCEXP90

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-01-26 00:16:08

Windows 5.1.2600 Service Pack 3, v.3244 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3244]

-> C:\Program Files\Stardock\Object Desktop\WindowBlinds\tray.dll

.

Completion time: 2008-01-26 0:16:29

.

2008-01-09 14:06:39 --- E O F ---

 

 

 

 

MVH Espen

[norbat]

Ser fint ut dette, Espen

[EspenFe]

Ser fint ut dette, Espen

Det var godt å høre. Er bra å ta en sjekk iblandt, så nå ble jeg glad.

 

Takker for hjelpen norbat

[norbat]

Du kan fjerne combofix da dette er et prog. som oppdateres ofte. Får du bruk for det igjen er det bare å laste ned igjen.

 

Du avinstallerer det ved å skrive combofix /u fra kjør-vinduet (start->kjør)

[EspenFe]

Du kan fjerne combofix da dette er et prog. som oppdateres ofte. Får du bruk for det igjen er det bare å laste ned igjen.

 

Du avinstallerer det ved å skrive combofix /u fra kjør-vinduet (start->kjør)

Takker