Kan noe sjekke combofix loggen min ?

Hippiebanan · 22. april 2008

ComboFix 08-04-20.5 - renate wollum 2008-04-22 19:19:06.3 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.646 [GMT 2:00]

Running from: C:\Documents and Settings\renate wollum\Skrivebord\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2008-03-22 to 2008-04-22 )))))))))))))))))))))))))))))))

.

2008-04-22 15:42 . 2008-04-22 15:42 <DIR> d-------- C:\Programfiler\Alwil Software

2008-04-21 20:35 . 2008-04-21 20:35 <DIR> d-------- C:\Programfiler\Sun

2008-04-21 20:35 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-04-21 17:24 . 2008-04-21 17:24 268 --ah----- C:\sqmdata19.sqm

2008-04-21 17:24 . 2008-04-21 17:24 244 --ah----- C:\sqmnoopt19.sqm

2008-04-20 14:46 . 2008-04-20 14:46 <DIR> d-------- C:\Programfiler\Trend Micro

2008-04-20 03:09 . 2008-04-20 03:08 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys

2008-04-20 03:08 . 2008-04-20 11:21 <DIR> d-------- C:\Documents and Settings\renate wollum\.housecall6.6

2008-04-20 02:51 . 2008-04-20 02:51 <DIR> d-------- C:\Programfiler\aMSN

2008-04-20 02:51 . 2008-04-21 23:42 <DIR> d-------- C:\Documents and Settings\renate wollum\amsn

2008-04-18 20:22 . 2008-04-18 20:22 268 --ah----- C:\sqmdata18.sqm

2008-04-18 20:22 . 2008-04-18 20:22 244 --ah----- C:\sqmnoopt18.sqm

2008-04-13 22:05 . 2003-05-22 16:31 55,808 --a------ C:\WINDOWS\system32\lfpsd13n.dll

2008-04-13 00:18 . 2008-04-15 15:48 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Skype

2008-04-12 18:17 . 2008-04-12 18:17 304 --ah----- C:\sqmdata16.sqm

2008-04-12 18:17 . 2008-04-12 18:17 268 --ah----- C:\sqmdata17.sqm

2008-04-12 18:17 . 2008-04-12 18:17 244 --ah----- C:\sqmnoopt17.sqm

2008-04-12 18:17 . 2008-04-12 18:17 244 --ah----- C:\sqmnoopt16.sqm

2008-04-11 17:57 . 2008-04-11 17:57 244 --ah----- C:\sqmnoopt15.sqm

2008-04-11 17:57 . 2008-04-11 17:57 232 --ah----- C:\sqmdata15.sqm

2008-04-09 15:30 . 2008-04-09 15:30 <DIR> d-------- C:\Programfiler\Torrent Episode Downloader

2008-04-07 17:08 . 2004-08-04 01:03 116,224 --a------ C:\WINDOWS\system32\dllcache\xrxwiadr.dll

2008-04-07 17:08 . 2001-08-18 06:37 99,865 --a------ C:\WINDOWS\system32\dllcache\xlog.exe

2008-04-07 17:08 . 2001-10-06 14:03 27,648 --a------ C:\WINDOWS\system32\dllcache\xrxftplt.exe

2008-04-07 17:08 . 2001-10-06 14:02 23,040 --a------ C:\WINDOWS\system32\dllcache\xrxwbtmp.dll

2008-04-07 17:08 . 2001-10-06 14:02 17,408 --a------ C:\WINDOWS\system32\dllcache\xrxscnui.dll

2008-04-07 17:08 . 2001-10-06 14:03 4,608 --a------ C:\WINDOWS\system32\dllcache\xrxflnch.exe

2008-04-07 17:06 . 2001-08-17 21:28 794,399 --a------ C:\WINDOWS\system32\dllcache\usr1806v.sys

2008-04-07 17:05 . 2001-08-17 21:28 794,654 --a------ C:\WINDOWS\system32\dllcache\usr1801.sys

2008-04-07 17:04 . 2001-10-06 14:02 525,568 --a------ C:\WINDOWS\system32\dllcache\tridxp.dll

2008-04-07 17:02 . 2004-08-04 13:00 185,344 --a------ C:\WINDOWS\system32\dllcache\thawbrkr.dll

2008-04-07 16:57 . 2004-08-04 13:00 459,264 --a------ C:\WINDOWS\system32\dllcache\smtpsvc.dll

2008-04-07 16:56 . 2004-08-03 22:41 404,990 --a------ C:\WINDOWS\system32\dllcache\slntamr.sys

2008-04-07 16:55 . 2001-10-06 14:01 495,616 --a------ C:\WINDOWS\system32\dllcache\sblfx.dll

2008-04-07 16:54 . 2004-08-04 01:03 397,056 --a------ C:\WINDOWS\system32\dllcache\s3gnb.dll

2008-04-07 16:53 . 2001-10-06 13:38 899,242 --a------ C:\WINDOWS\system32\dllcache\r2mdkxga.sys

2008-04-07 16:49 . 2001-08-17 22:05 351,616 --a------ C:\WINDOWS\system32\dllcache\ovcodek2.sys

2008-04-07 16:48 . 2001-08-17 20:50 198,144 --a------ C:\WINDOWS\system32\dllcache\nv3.sys

2008-04-07 16:47 . 2004-08-04 01:03 1,737,856 --a------ C:\WINDOWS\system32\dllcache\mtxparhd.dll

2008-04-07 16:46 . 2001-08-17 21:28 797,500 --a------ C:\WINDOWS\system32\dllcache\ltsmt.sys

2008-04-07 16:45 . 2001-08-17 21:28 802,683 --a------ C:\WINDOWS\system32\dllcache\ltsm.sys

2008-04-07 16:44 . 2004-08-04 01:03 152,576 --a------ C:\WINDOWS\system32\dllcache\irftp.exe

2008-04-07 16:44 . 2004-08-03 23:00 87,424 --a------ C:\WINDOWS\system32\dllcache\irda.sys

2008-04-07 16:44 . 2004-08-04 13:00 34,816 --a------ C:\WINDOWS\system32\dllcache\iprip.dll

2008-04-07 16:44 . 2001-08-17 21:49 26,624 --a------ C:\WINDOWS\system32\dllcache\irstusb.sys

2008-04-07 16:44 . 2001-08-17 21:49 23,552 --a------ C:\WINDOWS\system32\dllcache\irmk7.sys

2008-04-07 16:44 . 2001-08-17 21:51 18,688 --a------ C:\WINDOWS\system32\dllcache\irsir.sys

2008-04-07 16:44 . 2004-08-04 13:00 18,432 --a------ C:\WINDOWS\system32\dllcache\jupiw.dll

2008-04-07 16:42 . 2004-08-03 22:41 1,041,536 --a------ C:\WINDOWS\system32\dllcache\hsfdpsp2.sys

2008-04-07 16:41 . 2001-10-06 14:02 1,733,120 --a------ C:\WINDOWS\system32\dllcache\g400d.dll

2008-04-07 16:40 . 2001-10-06 13:32 595,743 --a------ C:\WINDOWS\system32\dllcache\es56cvmp.sys

2008-04-07 16:39 . 2001-08-17 20:14 952,007 --a------ C:\WINDOWS\system32\dllcache\diwan.sys

2008-04-07 16:38 . 2001-10-06 14:02 618,525 --a------ C:\WINDOWS\system32\dllcache\digiview.exe

2008-04-07 16:37 . 2001-10-06 13:34 980,034 --a------ C:\WINDOWS\system32\dllcache\cicap.sys

2008-04-07 16:36 . 2001-08-17 21:28 871,388 --a------ C:\WINDOWS\system32\dllcache\bcmdm.sys

2008-04-07 16:35 . 2004-05-13 00:39 876,653 --a------ C:\WINDOWS\system32\dllcache\fp4awel.dll

2008-04-05 18:44 . 2008-04-05 18:44 268 --ah----- C:\sqmdata14.sqm

2008-04-05 18:44 . 2008-04-05 18:44 244 --ah----- C:\sqmnoopt14.sqm

2008-04-05 18:21 . 2008-04-05 18:21 268 --ah----- C:\sqmdata13.sqm

2008-04-05 18:21 . 2008-04-05 18:21 268 --ah----- C:\sqmdata12.sqm

2008-04-05 18:21 . 2008-04-05 18:21 244 --ah----- C:\sqmnoopt13.sqm

2008-04-05 18:21 . 2008-04-05 18:21 244 --ah----- C:\sqmnoopt12.sqm

2008-04-02 23:53 . 2008-04-02 23:53 268 --ah----- C:\sqmdata11.sqm

2008-04-02 23:53 . 2008-04-02 23:53 244 --ah----- C:\sqmnoopt11.sqm

2008-04-02 17:15 . 2008-04-02 17:15 268 --ah----- C:\sqmdata10.sqm

2008-04-02 17:15 . 2008-04-02 17:15 244 --ah----- C:\sqmnoopt10.sqm

2008-04-02 14:10 . 2008-04-02 14:10 268 --ah----- C:\sqmdata09.sqm

2008-04-02 14:10 . 2008-04-02 14:10 244 --ah----- C:\sqmnoopt09.sqm

2008-04-02 13:05 . 2008-04-02 13:05 268 --ah----- C:\sqmdata08.sqm

2008-04-02 13:05 . 2008-04-02 13:05 244 --ah----- C:\sqmnoopt08.sqm

2008-04-02 00:12 . 2008-04-02 00:12 268 --ah----- C:\sqmdata07.sqm

2008-04-02 00:12 . 2008-04-02 00:12 244 --ah----- C:\sqmnoopt07.sqm

2008-03-31 00:29 . 2008-03-31 00:29 268 --ah----- C:\sqmdata06.sqm

2008-03-31 00:29 . 2008-03-31 00:29 244 --ah----- C:\sqmnoopt06.sqm

2008-03-28 23:40 . 2008-04-05 18:38 <DIR> d-------- C:\Programfiler\Free Screen Recorder

2008-03-28 21:39 . 2008-03-28 21:39 304 --ah----- C:\sqmdata05.sqm

2008-03-28 21:39 . 2008-03-28 21:39 244 --ah----- C:\sqmnoopt05.sqm

2008-03-28 16:47 . 2008-03-28 16:47 268 --ah----- C:\sqmdata04.sqm

2008-03-28 16:47 . 2008-03-28 16:47 244 --ah----- C:\sqmnoopt04.sqm

2008-03-28 00:13 . 2008-03-28 00:13 268 --ah----- C:\sqmdata03.sqm

2008-03-28 00:13 . 2008-03-28 00:13 244 --ah----- C:\sqmnoopt03.sqm

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-22 15:33 --------- d-----w C:\Programfiler\Windows Live

2008-04-22 15:32 --------- d-----w C:\Programfiler\Windows Live Toolbar

2008-04-22 15:28 --------- d-----w C:\Programfiler\MSN Messenger

2008-04-22 15:26 --------- d-----w C:\Documents and Settings\All Users\Programdata\WLInstaller

2008-04-21 18:35 --------- d-----w C:\Programfiler\Java

2008-04-21 17:48 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared

2008-04-21 17:46 --------- d-----w C:\Documents and Settings\All Users\Programdata\Symantec

2008-04-15 17:24 --------- d-----w C:\Documents and Settings\renate wollum\Programdata\LimeWire

2008-04-08 19:31 7,408 ----a-w C:\Documents and Settings\renate wollum\Programdata\wklnhst.dat

2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys

2008-03-08 23:34 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-03-03 21:59 --------- d-----w C:\Programfiler\Creative

2008-03-03 21:57 --------- d-----w C:\Programfiler\Fellesfiler\Adobe

2008-03-03 17:01 --------- d-----w C:\Programfiler\CONEXANT

2008-03-03 16:59 --------- d-----w C:\Programfiler\Google

2008-03-02 22:04 --------- d-----w C:\Programfiler\JLC's Software

2008-03-02 21:52 --------- d-----w C:\Documents and Settings\renate wollum\Programdata\.purple

2008-03-02 21:51 --------- d-----w C:\Documents and Settings\renate wollum\Programdata\gtk-2.0

2008-03-02 21:44 --------- d-----w C:\Programfiler\Fellesfiler\GTK

2008-03-02 21:15 --------- d-----w C:\Programfiler\Microsoft SQL Server Compact Edition

2008-03-02 21:12 --------- dcsh--w C:\Programfiler\Fellesfiler\WindowsLiveInstaller

2008-02-22 23:51 --------- d-----w C:\Programfiler\ReflexiveArcade

2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll

2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll

2008-02-20 05:39 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-02-15 09:07 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe

2008-02-03 18:57 38,534 ----a-w C:\WINDOWS\BricoPackUninst.cmd

2008-02-03 18:57 2,382 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd

2007-10-21 18:26 56 --sh--r C:\WINDOWS\system32\9368ADD4A2.sys

2007-05-20 14:27 88 --sh--r C:\WINDOWS\system32\9DCEAD5000.sys

2007-10-21 18:26 7,152 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

.

((((((((((((((((((((((((((((( snapshot@2008-04-21_19.07.16,71 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-04-22 15:31:06 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Client\12.0.1366.1026__31bf3856ad364e35_0ad91662\WindowsLive.Client.dll

+ 2008-04-22 15:30:44 57,344 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Api\1.0.0.0__31bf3856ad364e35_49110564\WindowsLive.Writer.Api.dll

+ 2008-04-22 15:30:47 450,560 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.ApplicationFramework\12.0.1366.1026__31bf3856ad364e35_6aea5bdd\WindowsLive.Writer.ApplicationFramework.dll

+ 2008-04-22 15:30:50 466,944 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.BlogClient\12.0.1366.1026__31bf3856ad364e35_729ad8b7\WindowsLive.Writer.BlogClient.dll

+ 2008-04-22 15:30:51 114,688 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.BrowserControl\12.0.1366.1026__31bf3856ad364e35_f04b945d\WindowsLive.Writer.BrowserControl.dll

+ 2008-04-22 15:30:52 262,144 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Controls\12.0.1366.1026__31bf3856ad364e35_d7248dc1\WindowsLive.Writer.Controls.dll

+ 2008-04-22 15:30:54 917,504 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.CoreServices\12.0.1366.1026__31bf3856ad364e35_3fd35a52\WindowsLive.Writer.CoreServices.dll

+ 2008-04-22 15:31:08 65,536 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Extensibility\12.0.1366.1026__31bf3856ad364e35_41401be9\WindowsLive.Writer.Extensibility.dll

+ 2008-04-22 15:30:55 69,632 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.FileDestinations\12.0.1366.1026__31bf3856ad364e35_59625471\WindowsLive.Writer.FileDestinations.dll

+ 2008-04-22 15:30:57 286,720 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.HtmlEditor\12.0.1366.1026__31bf3856ad364e35_470355a1\WindowsLive.Writer.HtmlEditor.dll

+ 2008-04-22 15:30:57 114,688 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.HtmlParser\12.0.1366.1026__31bf3856ad364e35_41bc8e17\WindowsLive.Writer.HtmlParser.dll

+ 2008-04-22 15:30:59 159,744 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Interop.Mshtml\12.0.1366.1026__31bf3856ad364e35_fc9f1f59\WindowsLive.Writer.Interop.Mshtml.dll

+ 2008-04-22 15:31:00 217,088 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Interop.SHDocVw\1.1.0.0__31bf3856ad364e35_96d6ddb1\WindowsLive.Writer.Interop.SHDocVw.dll

+ 2008-04-22 15:30:58 221,184 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Interop\12.0.1366.1026__31bf3856ad364e35_b99cd700\WindowsLive.Writer.Interop.dll

+ 2008-04-22 15:31:00 151,552 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Mshtml\12.0.1366.1026__31bf3856ad364e35_554a053e\WindowsLive.Writer.Mshtml.dll

+ 2008-04-22 15:31:07 77,824 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.Passport\12.0.1366.1026__31bf3856ad364e35_b1e638ef\WindowsLive.Writer.Passport.dll

+ 2008-04-22 15:31:04 2,297,856 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLive.Writer.PostEditor\12.0.1366.1026__31bf3856ad364e35_866cf837\WindowsLive.Writer.PostEditor.dll

+ 2008-04-22 15:31:09 28,672 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\WindowsLiveWriter\12.0.1366.1026__31bf3856ad364e35_cf932454\WindowsLiveWriter.exe

- 2008-04-21 15:28:14 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-04-22 17:16:02 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-04-22 15:33:23 125,472 ----a-r C:\WINDOWS\Installer\{21667E3B-5BD0-49F9-A1EE-BB50D5A306F4}\WLXPhotoGalleryIcon.exe

+ 2008-04-22 15:32:02 86,746 ----a-r C:\WINDOWS\Installer\{29CB1674-DE1D-4D39-A871-FA0194FC58E9}\wlmail.exe

- 2008-03-09 17:17:35 29,926 ----a-r C:\WINDOWS\Installer\{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}\MsblIco.Exe

+ 2008-04-22 15:27:02 29,926 ----a-r C:\WINDOWS\Installer\{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}\MsblIco.Exe

+ 2008-03-29 17:45:49 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe

+ 2008-03-29 17:23:22 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr

+ 2008-03-29 17:35:49 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys

+ 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys

+ 2008-03-29 17:35:21 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys

+ 2008-03-29 17:29:08 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys

+ 2008-03-29 17:31:34 75,856 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys

+ 2008-03-29 17:27:33 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys

+ 2008-03-29 17:26:52 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys

- 2005-11-10 10:27:06 49,248 ----a-w C:\WINDOWS\system32\java.exe

+ 2008-02-21 23:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe

- 2005-11-10 10:27:16 49,250 ----a-w C:\WINDOWS\system32\javaw.exe

+ 2008-02-21 23:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe

- 2005-11-10 12:03:54 127,078 ----a-w C:\WINDOWS\system32\javaws.exe

+ 2008-02-22 00:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe

- 2007-01-19 10:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll

+ 2007-10-18 09:31:46 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll

+ 2008-04-22 17:16:09 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5e4.dat

+ 2007-10-23 15:49:20 586,240 ----a-w C:\WINDOWS\WLXPGSS.SCR

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

C:\PROGRA~1\FELLES~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]

"msnmsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"@"="C:\Programfiler\Internet Explorer\IEXPLORE.exe" [2004-08-04 13:00 93184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 2007-05-25 15:22 63040 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Programfiler\\LimeWire\\LimeWire.exe"=

"C:\\Programfiler\\Dell Network Assistant\\ezi_hnm2.exe"=

"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=

"C:\\Programfiler\\iTunes\\iTunes.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\Messenger\\msmsgs.exe"=

"C:\\Programfiler\\aMSN\\bin\\wish.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol

"10426:UDP"= 10426:UDP:SingleClick ICC

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2007-04-05 11:55]

S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Programfiler\LogMeIn\x86\RaInfo.sys []

S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 14:58]

S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys []

S4 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ead2628e-7314-11dc-80d9-0016cfffa75e}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.pif

.

Contents of the 'Scheduled Tasks' folder

"2008-03-04 20:01:44 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe

"2008-04-21 18:00:00 C:\WINDOWS\Tasks\Norton Internet Security - Kjør full systemskanning - renate wollum.job"

- C:\Programfiler\Norton Internet Security\Norton AntiVirus\Navw32.exec/TASK:

"2008-04-22 17:08:00 C:\WINDOWS\Tasks\Se etter oppdateringer for Windows Live Toolbar.job"

- C:\Programfiler\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-22 19:21:55

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-04-22 19:23:31

ComboFix-quarantined-files.txt 2008-04-22 17:22:58

ComboFix2.txt 2008-04-21 17:09:15

Pre-Run: 51,903,119,360 byte ledig

Post-Run: 52,132,360,192 byte ledig

248 --- E O F --- 2008-04-21 21:45:31

norbat · 22. april 2008

Ser normal ut den loggen. Du kan godt kjøre en scan med et antispywareprog. Anbefaler SAS (gratisversjonen)

Logg inn

Kan noe sjekke combofix loggen min ?

Anbefalte innlegg

Hippiebanan

Lenke til kommentar

Videoannonse

norbat

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Hvem er aktive 0 medlemmer