Gå til innhold

ehSched.exe it's back

Gjest Slettet-oVjeg2q2Tk

Av Gjest Slettet-oVjeg2q2Tk
i Forumarkiv

Anbefalte innlegg

Gjest Slettet-oVjeg2q2Tk

Gjest Slettet-oVjeg2q2Tk

Skrevet
Skrevet

Jepp og jeg fikk det. Kjørte comboFix og fikk denne log fila :

 

 

ComboFix 08-07-05.1 - Steffen 2008-07-07 1:15:42.1 - NTFSx86

Running from: C:\Users\Steffen\Desktop\ComboFix.exe

* Created a new restore point

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Windows\Downloaded Program Files\setup.inf

C:\Windows\ehSched.exe

D:\Autorun.inf

 

.

((((((((((((((((((((((((( Files Created from 2008-06-06 to 2008-07-06 )))))))))))))))))))))))))))))))

.

 

2008-07-06 21:58 . 2008-07-06 21:58 <DIR> d-------- C:\Program Files\CCleaner

2008-07-06 20:02 . 2008-07-06 20:02 19,709,440 --a------ C:\Windows\System32\imageres.dll

2008-07-06 15:50 . 2008-07-06 15:50 <DIR> d-------- C:\Users\All Users\Stardock

2008-07-06 15:50 . 2008-07-06 15:50 <DIR> d-------- C:\ProgramData\Stardock

2008-07-06 15:50 . 2008-07-06 15:59 <DIR> d-------- C:\Program Files\Stardock

2008-07-06 15:50 . 2007-06-05 11:26 567,040 --a------ C:\Windows\System32\wbocx.ocx

2008-07-06 15:50 . 2007-06-05 11:26 56,496 --a------ C:\Windows\System32\wbhelp2.dll

2008-06-27 14:46 . 2008-06-27 14:46 <DIR> d-------- C:\Program Files\DVDVideoSoft

2008-06-27 14:46 . 2008-06-27 14:46 <DIR> d-------- C:\Program Files\Common Files\DVDVideoSoft

2008-06-27 14:40 . 2008-06-27 14:40 <DIR> d-------- C:\Windows\System32\avsplugin

2008-06-27 14:40 . 2008-06-27 14:40 <DIR> d-------- C:\Program Files\Smallvideosoft

2008-06-27 14:40 . 2004-05-26 20:37 719,872 --a------ C:\Windows\System32\devil.dll

2008-06-27 14:40 . 2006-10-17 22:29 487,479 --a------ C:\Windows\System32\SkinMagic.dll

2008-06-27 14:40 . 2006-12-31 10:16 313,344 --a------ C:\Windows\System32\avisynth.dll

2008-06-27 14:40 . 2007-02-16 07:10 60,273 --a------ C:\Windows\System32\pthreadGC2.dll

2008-06-27 14:24 . 2008-06-27 14:24 <DIR> d-------- C:\Program Files\AliveMedia

2008-06-26 22:10 . 2008-06-26 22:10 42,320 --a------ C:\Windows\System32\xfcodec.dll

2008-06-26 00:54 . 2008-06-26 00:54 <DIR> d-------- C:\Users\All Users\pixelStorm

2008-06-26 00:54 . 2008-06-26 00:54 <DIR> d-------- C:\ProgramData\pixelStorm

2008-06-23 22:29 . 2008-06-23 23:08 <DIR> d-------- C:\Users\Steffen\AppData\Roaming\Winamp

2008-06-23 18:49 . 2008-06-23 18:49 11,264 --ah----- C:\Windows\DpNtC.dll

2008-06-22 20:56 . 2008-06-30 21:44 <DIR> d-------- C:\Program Files\DC++

2008-06-14 19:37 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll

2008-06-14 19:37 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll

2008-06-14 19:37 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax

2008-06-14 19:37 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax

2008-06-11 15:13 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb

2008-06-11 15:13 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll

2008-06-11 15:13 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll

2008-06-11 15:13 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-06 18:03 --------- d-----w C:\Users\Steffen\AppData\Roaming\uTorrent

2008-07-06 13:52 --------- d-----w C:\Users\Steffen\AppData\Roaming\App Launcher Gadget

2008-07-04 22:49 --------- d-----w C:\Users\Steffen\AppData\Roaming\Xfire

2008-07-03 22:06 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys

2008-07-03 22:06 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe

2008-07-03 18:19 --------- d-----w C:\ProgramData\Xfire

2008-07-01 19:03 --------- d-----w C:\Program Files\Steam

2008-07-01 16:59 --------- d-s---w C:\Program Files\Xfire

2008-06-25 14:35 --------- d-----w C:\ProgramData\TrackMania

2008-06-23 20:29 --------- d-----w C:\Program Files\Winamp

2008-06-22 22:46 --------- d-----w C:\Program Files\Alwil Software

2008-06-21 16:44 --------- d-----w C:\Program Files\Common Files\Steam

2008-06-11 14:40 --------- d-----w C:\Program Files\Windows Mail

2008-06-08 17:30 --------- d-----w C:\Users\Steffen\AppData\Roaming\Apple Computer

2008-06-03 18:01 --------- d-----w C:\Program Files\FlashGet

2008-05-28 20:01 --------- d-----w C:\Program Files\iTunes

2008-05-28 20:01 --------- d-----w C:\Program Files\iPod

2008-05-28 20:00 --------- d-----w C:\Program Files\QuickTime

2008-05-28 19:47 --------- d-----w C:\Program Files\Apple Software Update

2008-05-26 20:56 --------- d-----w C:\Users\Steffen\AppData\Roaming\teamspeak2

2008-05-20 21:11 --------- d-----w C:\Program Files\Microsoft Silverlight

2008-05-18 12:13 --------- d-----w C:\Program Files\Microsoft Games

2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys

2008-05-11 22:27 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-05-11 22:25 --------- d-----w C:\ProgramData\Codemasters

2008-05-11 11:17 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll

2008-05-11 11:15 444,952 ----a-w C:\Windows\System32\wrap_oal.dll

2008-05-11 11:15 109,080 ----a-w C:\Windows\System32\OpenAL32.dll

2008-05-11 11:15 --------- d-----w C:\Program Files\OpenAL

2008-05-10 10:35 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-05-09 16:11 --------- d-----w C:\Program Files\Active Desktop

2008-05-09 13:19 --------- d-----w C:\ProgramData\NVIDIA

2008-05-09 13:17 174 --sha-w C:\Program Files\desktop.ini

2008-05-09 13:10 --------- d-----w C:\Program Files\Windows Calendar

2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Sidebar

2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Photo Gallery

2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Journal

2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Defender

2008-05-09 13:09 --------- d-----w C:\Program Files\Windows Collaboration

2008-05-09 05:55 82,432 ----a-w C:\Windows\System32\axaltocm.dll

2008-05-09 05:55 101,888 ----a-w C:\Windows\System32\ifxcardm.dll

2008-05-07 13:14 --------- d-----w C:\ProgramData\Ubisoft

2008-04-28 10:29 805,400 ----a-r C:\Windows\System32\tmpA65B.tmp

2008-04-28 10:29 805,400 ----a-r C:\Windows\System32\tmpA65A.tmp

2008-01-14 20:55 267,592 ----a-w C:\Program Files\Uninstall Ask Toolbar.dll

2007-11-13 16:46 22,328 ----a-w C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys

2007-10-07 17:32 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

2007-10-07 17:32 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

2007-10-07 17:32 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]

"igndlm.exe"="C:\Program Files\Download Manager\DLM.exe" [2007-03-05 23:57 1103480]

"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]

"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 16:16 171464]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-11 17:06 86016]

"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-11 17:06 8530464]

"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-11 17:06 81920]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

"RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 20:11 4317184 C:\Windows\RtHDVCpl.exe]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Install Pending Files.LNK - C:\Program Files\SIFXINST\SIFXINST.EXE [2007-01-25 13:30:57 729088]

Jensen AirLink 7554 Wlan Utility.lnk - C:\Program Files\JensenScandinavia\Jensen AirLink 7554 Wlan Utility\Installer\Win2k\AWU.exe [2007-03-17 15:53:13 630784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.XFR1"= xfcodec.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{4CDA3094-5207-4563-BF60-E1936AAB322B}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2ServerLauncher.exe:Launch BF2 Standalone Server

"{2E9734FD-95DF-442D-B3BC-74C03BD2330F}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2ServerLauncher.exe:Launch BF2 Standalone Server

"{3B1FA284-4059-486F-B039-7EEEA4462A36}"= UDP:C:\Program Files\Microsoft Games\Chess\Chess.exe:Chess Titans

"{35EA2926-DA3B-42CF-A7B9-5279CE392BB1}"= TCP:C:\Program Files\Microsoft Games\Chess\Chess.exe:Chess Titans

"{D003C88F-5158-4019-85BF-915CFCCCBFA7}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\SupportXP1\EReg.exe:Register this Product

"{25B8C46C-CD99-4AE8-A692-BE8BE72BB542}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\SupportXP1\EReg.exe:Register this Product

"{DE72506D-57E2-4E7E-86AC-AB6AC866486A}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\Support\EReg.exe:Register this Product

"{14C9B939-7800-495E-B216-E68FACAEBDE0}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\Support\EReg.exe:Register this Product

"TCP Query User{6B2D3A61-D4B1-4867-B3AA-4EBECEAD272C}C:\\stubinstaller.exe"= UDP:C:\stubinstaller.exe:LimeWire swarmed installer

"UDP Query User{FAFF20E0-D297-46CA-A5E2-D0D5FBD98322}C:\\stubinstaller.exe"= TCP:C:\stubinstaller.exe:LimeWire swarmed installer

"{41D39100-D87F-4B7C-9F06-8B8BF0F73BA3}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"{E72E8B5E-520B-4242-B9C9-9B9D63B80E66}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"{B5C98D52-EF13-4116-A794-73AF7BB7B1C9}"= UDP:C:\Program Files\Bohemia Interactive\ArmA\arma.exe:ArmA

"{3C83D2B1-1511-42B2-8A5F-D8523978E0F7}"= TCP:C:\Program Files\Bohemia Interactive\ArmA\arma.exe:ArmA

"{619253FD-B390-411A-8051-E749BFEDE9D5}"= UDP:C:\Program Files\JensenScandinavia\Jensen AirLink 7554 Wlan Utility\Installer\Win2k\AWU.exe:Jensen AirLink 7554 Wlan Utility

"{AB021700-2019-44CF-A5A7-DDB7BE127970}"= TCP:C:\Program Files\JensenScandinavia\Jensen AirLink 7554 Wlan Utility\Installer\Win2k\AWU.exe:Jensen AirLink 7554 Wlan Utility

"{FC3BBCFE-B2F8-44AA-B78C-6047F4947B7E}"= UDP:C:\Program Files\Alwil Software\Avast4\ashAvast.exe:avast! Antivirus

"{29BA7BC9-6D6B-4831-9F52-A8C600CDB95E}"= TCP:C:\Program Files\Alwil Software\Avast4\ashAvast.exe:avast! Antivirus

"{990D8F4C-C97D-45D8-BB6F-8DF01084CDB8}"= UDP:C:\Program Files\EA GAMES\Kampen om Midgard\game.dat:Kampen om Midgard

"{02803495-5136-4444-82A4-BD8EB6B87E56}"= TCP:C:\Program Files\EA GAMES\Kampen om Midgard\game.dat:Kampen om Midgard

"{E40F648D-892C-43CD-BB78-A7EA76D83322}"= UDP:C:\Program Files\Sierra\FEARCombat\FEARMP.exe:FEAR Combat

"{E44DD167-60C0-4070-A4A1-0900E484F55F}"= TCP:C:\Program Files\Sierra\FEARCombat\FEARMP.exe:FEAR Combat

"{62778641-5C65-466F-8779-AD3C844EB290}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent

"{60A74B65-F858-44DC-80DB-02DD37EB218C}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent

"TCP Query User{AAABCF96-7E89-4A96-A7AA-B46878D0B555}C:\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:bittorrent

"UDP Query User{5065BFBF-81AF-4512-BA6C-F29119DBDA0F}C:\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:bittorrent

"{4DE7C81B-0967-4ED7-9A5A-D4E97F4B083C}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{AFC50E95-568C-4E7C-AB70-302BE4D9571B}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{5F489C37-1B95-4263-91D4-2C14F3CED635}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{9CE6FE1A-0028-4714-B1B2-ABEF3CEEEBFC}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{A8927193-0301-4EAA-A2AF-90EFC34656B9}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict

"{BB4E0DF2-C27D-40DF-B38B-D0F55B9A292D}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict

"{C4EE0D1A-24AB-49E3-B13B-4DCCB39BEBAF}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only

"{F663B34D-096B-4F54-B1EB-824E4A2B7D9A}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only

"{DB181502-9201-48C3-B286-301D85C8B73A}"= UDP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server

"{771F903F-06B6-4AB3-A4BE-2EE5A34D90C6}"= TCP:C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server

"{CC87DD19-77CE-4169-8EC4-A7E70A57F599}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008

"{B27FE948-4E4E-47C4-95C5-8F422943D732}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008

"{43F6F06F-B019-452B-8761-089FB2599755}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype

"{3D7EADA9-9442-40D4-AB60-51BB4400B9A7}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype

"{E3CBE652-09D8-4D68-B1EC-77291F1310FC}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{F67A9462-D2C2-4169-86AC-D62325C80163}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{455273ED-75CF-47C5-A6BC-83F3C7724667}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2

"{ACD36E40-46C7-45EC-BC72-21BDE14DFE60}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2

"{E392360E-089A-4D1B-976F-2B60BD82BBFD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{01768565-2BF5-4570-89BD-2F6EAC0841C3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{FDED1C70-27AF-4DA1-BFD6-203CBE36A62E}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire

"{7832CCEE-7006-480F-BA8C-6796587194E7}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire

"TCP Query User{4BA764E7-058A-4340-9AC6-6E2B2857EDB9}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire

"UDP Query User{BFB6B5E0-05B0-4FEE-99A5-B3304D1FAA02}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire

"{CDFC1C67-3BA4-44EB-99B6-A7236326E4DC}"= UDP:C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3

"{9046D234-593E-4607-93B9-BEA536541679}"= TCP:C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3

"{395A9284-39FF-481F-8FCD-913AC7A88391}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{816F6D38-12EC-421C-AC3A-A968971CD20F}"= UDP:C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:Dungeon Siege 2 Game Executable

"{5D5D4869-BCAC-426E-BF98-5F62B1224DB8}"= TCP:C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:Dungeon Siege 2 Game Executable

"{DACEFFF9-E597-4426-8904-332AC7ED41A0}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes

"{733695D6-6F4D-4AFC-AAFB-E89283A72205}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

"{C70CBD20-2D8C-4517-A08C-54E80F1CBF57}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)

"{AE09475D-E1A7-4539-90F2-EC742FD7A416}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)

"{E17D24A7-9839-4F3C-B224-AD607931A685}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)

"{336E0E5B-88C7-4186-B7AD-D0A70997589A}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

 

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]

R1 ShldDrv;Panda File Shield Driver;C:\Windows\system32\drivers\ShldDrv.sys [2005-08-29 14:23]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]

S2 PavProc;Panda Process Protection Driver;C:\Windows\system32\DRIVERS\PavProc.sys [2006-04-25 17:02]

S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-06-21 11:53]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d1e8044-cd84-11db-bc19-806e6f6e6963}]

\shell\AutoRun\command - E:\setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd605a2a-a986-11dc-8d22-001617ee7eaf}]

\shell\AutoRun\command - H:\autorun.exe

 

*Newly Created Service* - CATCHME

.

- - - - ORPHANS REMOVED - - - -

 

WebBrowser-{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)

HKCU-Run-BitTorrent - C:\Program Files\BitTorrent\bittorrent.exe

HKLM-Run-APVXDWIN - C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE

 

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-07 01:19:27

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-07-07 1:20:27

ComboFix-quarantined-files.txt 2008-07-06 23:20:20

 

Pre-Run: 191,187,677,184 byte ledig

Post-Run: 191,168,696,320 byte ledig

 

221 --- E O F --- 2008-06-25 09:49:07

 

 

Er det bara en dans på rosor nu eller? :)

 

La merke til at programmet gjorde om ganske my på instillinger etc her på pc'en, kan jeg gjenopprette pc'en min til et tidligere tidspunkt? Lagde comboFix et slikt tidspunkt?

 

 

Takker for svar.

 

:)

  • Liker 1
Lenke til kommentar

Videoannonse

Videoannonse
Annonse
Gjest
Dette emnet er stengt for flere svar.
Gå til emneliste

  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...