Gjest Slettet-oVjeg2q2Tk Skrevet 6. juli 2008 Del Skrevet 6. juli 2008 Jepp og jeg fikk det. Kjørte comboFix og fikk denne log fila : ComboFix 08-07-05.1 - Steffen 2008-07-07 1:15:42.1 - NTFSx86Running from: C:\Users\Steffen\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\Downloaded Program Files\setup.inf C:\Windows\ehSched.exe D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-06-06 to 2008-07-06 ))))))))))))))))))))))))))))))) . 2008-07-06 21:58 . 2008-07-06 21:58 <DIR> d-------- C:\Program Files\CCleaner 2008-07-06 20:02 . 2008-07-06 20:02 19,709,440 --a------ C:\Windows\System32\imageres.dll 2008-07-06 15:50 . 2008-07-06 15:50 <DIR> d-------- C:\Users\All Users\Stardock 2008-07-06 15:50 . 2008-07-06 15:50 <DIR> d-------- C:\ProgramData\Stardock 2008-07-06 15:50 . 2008-07-06 15:59 <DIR> d-------- C:\Program Files\Stardock 2008-07-06 15:50 . 2007-06-05 11:26 567,040 --a------ C:\Windows\System32\wbocx.ocx 2008-07-06 15:50 . 2007-06-05 11:26 56,496 --a------ C:\Windows\System32\wbhelp2.dll 2008-06-27 14:46 . 2008-06-27 14:46 <DIR> d-------- C:\Program Files\DVDVideoSoft 2008-06-27 14:46 . 2008-06-27 14:46 <DIR> d-------- C:\Program Files\Common Files\DVDVideoSoft 2008-06-27 14:40 . 2008-06-27 14:40 <DIR> d-------- C:\Windows\System32\avsplugin 2008-06-27 14:40 . 2008-06-27 14:40 <DIR> d-------- C:\Program Files\Smallvideosoft 2008-06-27 14:40 . 2004-05-26 20:37 719,872 --a------ C:\Windows\System32\devil.dll 2008-06-27 14:40 . 2006-10-17 22:29 487,479 --a------ C:\Windows\System32\SkinMagic.dll 2008-06-27 14:40 . 2006-12-31 10:16 313,344 --a------ C:\Windows\System32\avisynth.dll 2008-06-27 14:40 . 2007-02-16 07:10 60,273 --a------ C:\Windows\System32\pthreadGC2.dll 2008-06-27 14:24 . 2008-06-27 14:24 <DIR> d-------- C:\Program Files\AliveMedia 2008-06-26 22:10 . 2008-06-26 22:10 42,320 --a------ C:\Windows\System32\xfcodec.dll 2008-06-26 00:54 . 2008-06-26 00:54 <DIR> d-------- C:\Users\All Users\pixelStorm 2008-06-26 00:54 . 2008-06-26 00:54 <DIR> d-------- C:\ProgramData\pixelStorm 2008-06-23 22:29 . 2008-06-23 23:08 <DIR> d-------- C:\Users\Steffen\AppData\Roaming\Winamp 2008-06-23 18:49 . 2008-06-23 18:49 11,264 --ah----- C:\Windows\DpNtC.dll 2008-06-22 20:56 . 2008-06-30 21:44 <DIR> d-------- C:\Program Files\DC++ 2008-06-14 19:37 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll 2008-06-14 19:37 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll 2008-06-14 19:37 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax 2008-06-14 19:37 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax 2008-06-11 15:13 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb 2008-06-11 15:13 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll 2008-06-11 15:13 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll 2008-06-11 15:13 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-06 18:03 --------- d-----w C:\Users\Steffen\AppData\Roaming\uTorrent 2008-07-06 13:52 --------- d-----w C:\Users\Steffen\AppData\Roaming\App Launcher Gadget 2008-07-04 22:49 --------- d-----w C:\Users\Steffen\AppData\Roaming\Xfire 2008-07-03 22:06 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-07-03 22:06 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe 2008-07-03 18:19 --------- d-----w C:\ProgramData\Xfire 2008-07-01 19:03 --------- d-----w C:\Program Files\Steam 2008-07-01 16:59 --------- d-s---w C:\Program Files\Xfire 2008-06-25 14:35 --------- d-----w C:\ProgramData\TrackMania 2008-06-23 20:29 --------- d-----w C:\Program Files\Winamp 2008-06-22 22:46 --------- d-----w C:\Program Files\Alwil Software 2008-06-21 16:44 --------- d-----w C:\Program Files\Common Files\Steam 2008-06-11 14:40 --------- d-----w C:\Program Files\Windows Mail 2008-06-08 17:30 --------- d-----w C:\Users\Steffen\AppData\Roaming\Apple Computer 2008-06-03 18:01 --------- d-----w C:\Program Files\FlashGet 2008-05-28 20:01 --------- d-----w C:\Program Files\iTunes 2008-05-28 20:01 --------- d-----w C:\Program Files\iPod 2008-05-28 20:00 --------- d-----w C:\Program Files\QuickTime 2008-05-28 19:47 --------- d-----w C:\Program Files\Apple Software Update 2008-05-26 20:56 --------- d-----w C:\Users\Steffen\AppData\Roaming\teamspeak2 2008-05-20 21:11 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-05-18 12:13 --------- d-----w C:\Program Files\Microsoft Games 2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys 2008-05-11 22:27 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-11 22:25 --------- d-----w C:\ProgramData\Codemasters 2008-05-11 11:17 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll 2008-05-11 11:15 444,952 ----a-w C:\Windows\System32\wrap_oal.dll 2008-05-11 11:15 109,080 ----a-w C:\Windows\System32\OpenAL32.dll 2008-05-11 11:15 --------- d-----w C:\Program Files\OpenAL 2008-05-10 10:35 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-05-09 16:11 --------- d-----w C:\Program Files\Active Desktop 2008-05-09 13:19 --------- d-----w C:\ProgramData\NVIDIA 2008-05-09 13:17 174 --sha-w C:\Program Files\desktop.ini 2008-05-09 13:10 --------- d-----w C:\Program Files\Windows Calendar 2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Sidebar 2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Journal 2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Defender 2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Collaboration 2008-05-09 05:55 82,432 ----a-w C:\Windows\System32\axaltocm.dll 2008-05-09 05:55 101,888 ----a-w C:\Windows\System32\ifxcardm.dll 2008-05-07 13:14 --------- d-----w C:\ProgramData\Ubisoft 2008-04-28 10:29 805,400 ----a-r C:\Windows\System32\tmpA65B.tmp 2008-04-28 10:29 805,400 ----a-r C:\Windows\System32\tmpA65A.tmp 2008-01-14 20:55 267,592 ----a-w C:\Program Files\Uninstall Ask Toolbar.dll 2007-11-13 16:46 22,328 ----a-w C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys 2007-10-07 17:32 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2007-10-07 17:32 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2007-10-07 17:32 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920] "igndlm.exe"="C:\Program Files\Download Manager\DLM.exe" [2007-03-05 23:57 1103480] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 16:16 171464] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-11 17:06 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-11 17:06 8530464] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-11 17:06 81920] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 20:11 4317184 C:\Windows\RtHDVCpl.exe] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Install Pending Files.LNK - C:\Program Files\SIFXINST\SIFXINST.EXE [2007-01-25 13:30:57 729088] Jensen AirLink 7554 Wlan Utility.lnk - C:\Program Files\JensenScandinavia\Jensen AirLink 7554 Wlan Utility\Installer\Win2k\AWU.exe [2007-03-17 15:53:13 630784] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XFR1"= xfcodec.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{4CDA3094-5207-4563-BF60-E1936AAB322B}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2ServerLauncher.exe:Launch BF2 Standalone Server "{2E9734FD-95DF-442D-B3BC-74C03BD2330F}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2ServerLauncher.exe:Launch BF2 Standalone Server "{3B1FA284-4059-486F-B039-7EEEA4462A36}"= UDP:C:\Program Files\Microsoft Games\Chess\Chess.exe:Chess Titans "{35EA2926-DA3B-42CF-A7B9-5279CE392BB1}"= TCP:C:\Program Files\Microsoft Games\Chess\Chess.exe:Chess Titans "{D003C88F-5158-4019-85BF-915CFCCCBFA7}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\SupportXP1\EReg.exe:Register this Product "{25B8C46C-CD99-4AE8-A692-BE8BE72BB542}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\SupportXP1\EReg.exe:Register this Product "{DE72506D-57E2-4E7E-86AC-AB6AC866486A}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\Support\EReg.exe:Register this Product "{14C9B939-7800-495E-B216-E68FACAEBDE0}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\Support\EReg.exe:Register this Product "TCP Query User{6B2D3A61-D4B1-4867-B3AA-4EBECEAD272C}C:\\stubinstaller.exe"= UDP:C:\stubinstaller.exe:LimeWire swarmed installer "UDP Query User{FAFF20E0-D297-46CA-A5E2-D0D5FBD98322}C:\\stubinstaller.exe"= TCP:C:\stubinstaller.exe:LimeWire swarmed installer "{41D39100-D87F-4B7C-9F06-8B8BF0F73BA3}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{E72E8B5E-520B-4242-B9C9-9B9D63B80E66}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{B5C98D52-EF13-4116-A794-73AF7BB7B1C9}"= UDP:C:\Program Files\Bohemia Interactive\ArmA\arma.exe:ArmA "{3C83D2B1-1511-42B2-8A5F-D8523978E0F7}"= TCP:C:\Program Files\Bohemia Interactive\ArmA\arma.exe:ArmA "{619253FD-B390-411A-8051-E749BFEDE9D5}"= UDP:C:\Program Files\JensenScandinavia\Jensen AirLink 7554 Wlan Utility\Installer\Win2k\AWU.exe:Jensen AirLink 7554 Wlan Utility "{AB021700-2019-44CF-A5A7-DDB7BE127970}"= TCP:C:\Program Files\JensenScandinavia\Jensen AirLink 7554 Wlan Utility\Installer\Win2k\AWU.exe:Jensen AirLink 7554 Wlan Utility "{FC3BBCFE-B2F8-44AA-B78C-6047F4947B7E}"= UDP:C:\Program Files\Alwil Software\Avast4\ashAvast.exe:avast! Antivirus "{29BA7BC9-6D6B-4831-9F52-A8C600CDB95E}"= TCP:C:\Program Files\Alwil Software\Avast4\ashAvast.exe:avast! Antivirus "{990D8F4C-C97D-45D8-BB6F-8DF01084CDB8}"= UDP:C:\Program Files\EA GAMES\Kampen om Midgard\game.dat:Kampen om Midgard "{02803495-5136-4444-82A4-BD8EB6B87E56}"= TCP:C:\Program Files\EA GAMES\Kampen om Midgard\game.dat:Kampen om Midgard "{E40F648D-892C-43CD-BB78-A7EA76D83322}"= UDP:C:\Program Files\Sierra\FEARCombat\FEARMP.exe:FEAR Combat "{E44DD167-60C0-4070-A4A1-0900E484F55F}"= TCP:C:\Program Files\Sierra\FEARCombat\FEARMP.exe:FEAR Combat "{62778641-5C65-466F-8779-AD3C844EB290}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "{60A74B65-F858-44DC-80DB-02DD37EB218C}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "TCP Query User{AAABCF96-7E89-4A96-A7AA-B46878D0B555}C:\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:bittorrent "UDP Query User{5065BFBF-81AF-4512-BA6C-F29119DBDA0F}C:\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:bittorrent "{4DE7C81B-0967-4ED7-9A5A-D4E97F4B083C}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{AFC50E95-568C-4E7C-AB70-302BE4D9571B}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{5F489C37-1B95-4263-91D4-2C14F3CED635}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{9CE6FE1A-0028-4714-B1B2-ABEF3CEEEBFC}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{A8927193-0301-4EAA-A2AF-90EFC34656B9}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict "{BB4E0DF2-C27D-40DF-B38B-D0F55B9A292D}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict "{C4EE0D1A-24AB-49E3-B13B-4DCCB39BEBAF}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only "{F663B34D-096B-4F54-B1EB-824E4A2B7D9A}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only "{DB181502-9201-48C3-B286-301D85C8B73A}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server "{771F903F-06B6-4AB3-A4BE-2EE5A34D90C6}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server "{CC87DD19-77CE-4169-8EC4-A7E70A57F599}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{B27FE948-4E4E-47C4-95C5-8F422943D732}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{43F6F06F-B019-452B-8761-089FB2599755}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype "{3D7EADA9-9442-40D4-AB60-51BB4400B9A7}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype "{E3CBE652-09D8-4D68-B1EC-77291F1310FC}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{F67A9462-D2C2-4169-86AC-D62325C80163}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{455273ED-75CF-47C5-A6BC-83F3C7724667}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2 "{ACD36E40-46C7-45EC-BC72-21BDE14DFE60}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2 "{E392360E-089A-4D1B-976F-2B60BD82BBFD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{01768565-2BF5-4570-89BD-2F6EAC0841C3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{FDED1C70-27AF-4DA1-BFD6-203CBE36A62E}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire "{7832CCEE-7006-480F-BA8C-6796587194E7}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire "TCP Query User{4BA764E7-058A-4340-9AC6-6E2B2857EDB9}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire "UDP Query User{BFB6B5E0-05B0-4FEE-99A5-B3304D1FAA02}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire "{CDFC1C67-3BA4-44EB-99B6-A7236326E4DC}"= UDP:C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3 "{9046D234-593E-4607-93B9-BEA536541679}"= TCP:C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3 "{395A9284-39FF-481F-8FCD-913AC7A88391}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{816F6D38-12EC-421C-AC3A-A968971CD20F}"= UDP:C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:Dungeon Siege 2 Game Executable "{5D5D4869-BCAC-426E-BF98-5F62B1224DB8}"= TCP:C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:Dungeon Siege 2 Game Executable "{DACEFFF9-E597-4426-8904-332AC7ED41A0}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{733695D6-6F4D-4AFC-AAFB-E89283A72205}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{C70CBD20-2D8C-4517-A08C-54E80F1CBF57}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) "{AE09475D-E1A7-4539-90F2-EC742FD7A416}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) "{E17D24A7-9839-4F3C-B224-AD607931A685}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) "{336E0E5B-88C7-4186-B7AD-D0A70997589A}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20] R1 ShldDrv;Panda File Shield Driver;C:\Windows\system32\drivers\ShldDrv.sys [2005-08-29 14:23] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18] S2 PavProc;Panda Process Protection Driver;C:\Windows\system32\DRIVERS\PavProc.sys [2006-04-25 17:02] S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-06-21 11:53] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d1e8044-cd84-11db-bc19-806e6f6e6963}] \shell\AutoRun\command - E:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd605a2a-a986-11dc-8d22-001617ee7eaf}] \shell\AutoRun\command - H:\autorun.exe *Newly Created Service* - CATCHME . - - - - ORPHANS REMOVED - - - - WebBrowser-{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file) HKCU-Run-BitTorrent - C:\Program Files\BitTorrent\bittorrent.exe HKLM-Run-APVXDWIN - C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-07 01:19:27 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-07-07 1:20:27 ComboFix-quarantined-files.txt 2008-07-06 23:20:20 Pre-Run: 191,187,677,184 byte ledig Post-Run: 191,168,696,320 byte ledig 221 --- E O F --- 2008-06-25 09:49:07 Er det bara en dans på rosor nu eller? La merke til at programmet gjorde om ganske my på instillinger etc her på pc'en, kan jeg gjenopprette pc'en min til et tidligere tidspunkt? Lagde comboFix et slikt tidspunkt? Takker for svar. 1 Lenke til kommentar
norbat Skrevet 6. juli 2008 Del Skrevet 6. juli 2008 Kjør gjennom hele veiledningen (-combofix) i denne post: https://www.diskusjon.no/index.php?showtopic=962315&hl= Lenke til kommentar
Gjest Slettet-oVjeg2q2Tk Skrevet 7. juli 2008 Del Skrevet 7. juli 2008 Okei, takketakk menne du, jeg leste om noe greier man kunne skrive i notisblokka etter at man hadde brukt comboFix elns, for a fjærne spor av den tror jeg... Ligger det noe i dette? Har kjørt ccleaner, Avast! skann og comboFix nå, det virker som om problemet er borte, komme rikke opp noe programmkjøringsforespørsel (omg langt ord ) lenger heller 1 Lenke til kommentar
norbat Skrevet 7. juli 2008 Del Skrevet 7. juli 2008 Man kan fjerne filer etc. vha. combofix, men i dette tilfellet er ikke det nødvendig Kjør MBAM til slutt og se om det finner noe av interesse. Lenke til kommentar
Gjest Slettet-oVjeg2q2Tk Skrevet 7. juli 2008 Del Skrevet 7. juli 2008 Det blir omsider i morgen ;P Er det nødvendig etter en full systemskann med Avast! ? 1 Lenke til kommentar
norbat Skrevet 7. juli 2008 Del Skrevet 7. juli 2008 MBAM er et helt annet program enn Avast, så ja, kjør en scan og fjern det den evt. finner. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå