Gå til innhold

Logger. HjT, ComboFix.

elZiko

Av elZiko
i IKT-drift og sikkerhet

Anbefalte innlegg

elZiko

elZiko

Skrevet
Skrevet (endret)

Noen som kan sjekke? føler at pcn har blitt tregere i det siste

 

HjT:

 

Klikk for å se/fjerne innholdet nedenfor
Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:40:39, on 04.08.2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

D:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

D:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

D:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

D:\Program Files\Razer\Copperhead\razerhid.exe

D:\Program Files\Analog Devices\Core\smax4pnp.exe

D:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

D:\Program Files\HP\HP Software Update\hpwuSchd2.exe

D:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe

D:\Program Files\MarkAny\ContentSafer\MaAgent.exe

D:\Program Files\AVG\AVG8\avgtray.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\ehome\ehmsas.exe

D:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\system32\wbem\unsecapp.exe

D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

D:\Program Files\Steam\Steam.exe

D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

D:\Program Files\Stardock\ObjectDock\ObjectDock.exe

D:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

D:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe

D:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

D:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

D:\Program Files\Razer\Copperhead\razertra.exe

D:\Program Files\Razer\Copperhead\razerofa.exe

D:\program files\Mozilla Firefox\firefox.exe

D:\Program Files\Winamp\winamp.exe

D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)

O1 - Hosts: ::1 localhost

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [WinSys2] C:\Windows\system32\startup.exe

O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto

O4 - HKLM\..\Run: [Launch LCDMon] "D:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "D:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [Copperhead] D:\Program Files\Razer\Copperhead\razerhid.exe

O4 - HKLM\..\Run: [soundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundTray] D:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sMSTray] D:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe

O4 - HKLM\..\Run: [MAAgent] D:\Program Files\MarkAny\ContentSafer\MAAgent.exe

O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [steam] "d:\program files\steam\steam.exe" -silent

O4 - Startup: Stardock ObjectDock.lnk = D:\Program Files\Stardock\ObjectDock\ObjectDock.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Unknown owner - D:\Program Files\Bonjour\mDNSResponder.exe (file missing)

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 7682 bytes

 

ComboFix:

 

Klikk for å se/fjerne innholdet nedenfor
ComboFix 08-08-03.05 - Fredd 2008-08-04 21:42:38.2 - NTFSx86

Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.1989 [GMT 2:00]

Running from: C:\Users\Fredd\Desktop\ComboFix.exe

* Created a new restore point

.

 

((((((((((((((((((((((((( Files Created from 2008-07-04 to 2008-08-04 )))))))))))))))))))))))))))))))

.

 

2008-08-04 21:32 . 2008-08-04 21:32 <DIR> d-------- C:\Users\Fredd\AppData\Roaming\Winamp

2008-08-04 21:24 . 2008-08-04 21:24 <DIR> d-------- D:\Program Files\MediaMonkey

2008-08-04 21:07 . 2008-08-04 21:08 <DIR> d-------- D:\Program Files\Audiotester

2008-08-04 20:58 . 2008-08-04 20:58 <DIR> d-------- C:\Users\Fredd\AppData\Roaming\Media Player Classic

2008-08-04 20:57 . 2008-08-04 20:57 <DIR> d-------- D:\Program Files\K-Lite Codec Pack

2008-08-04 20:57 . 2008-05-23 00:22 3,596,288 --a------ C:\Windows\System32\qt-dx331.dll

2008-08-04 20:57 . 2008-07-04 08:34 860,160 --a------ C:\Windows\System32\lameACM.acm

2008-08-04 20:57 . 2008-08-04 20:57 823,296 --a------ C:\Windows\isRS-000.tmp

2008-08-04 20:57 . 2008-05-31 01:22 683,520 --a------ C:\Windows\System32\divx.dll

2008-08-04 20:57 . 2004-01-25 18:18 217,088 --a------ C:\Windows\System32\yv12vfw.dll

2008-08-04 20:57 . 2007-09-04 18:56 164,352 --a------ C:\Windows\System32\unrar.dll

2008-08-04 20:57 . 2007-09-21 02:52 118,784 --a------ C:\Windows\System32\ac3acm.acm

2008-08-04 20:57 . 2008-05-23 00:19 81,920 --a------ C:\Windows\System32\dpl100.dll

2008-08-04 20:57 . 2008-06-12 20:36 7,680 --a------ C:\Windows\System32\ff_vfw.dll

2008-08-04 20:57 . 2007-07-10 18:10 547 --a------ C:\Windows\System32\ff_vfw.dll.manifest

2008-08-04 20:14 . 2008-08-04 20:30 <DIR> d-------- D:\Program Files\FLAC

2008-08-04 20:09 . 2008-08-04 20:13 <DIR> d-------- D:\Program Files\Exact Audio Copy

2008-08-04 20:09 . 2008-08-04 20:09 <DIR> d-------- C:\Users\Fredd\AppData\Roaming\AD ON Multimedia

2008-08-04 20:09 . 2008-08-04 20:09 <DIR> d-------- C:\Users\Fredd\AppData\Roaming\AccurateRip

2008-07-29 19:25 . 2008-07-29 20:02 <DIR> d--h----- C:\$AVG8.VAULT$

2008-07-16 21:47 . 2008-07-16 21:47 <DIR> d-------- C:\Users\All Users\Messenger Plus!

2008-07-16 21:47 . 2008-07-16 21:47 <DIR> d-------- C:\ProgramData\Messenger Plus!

2008-07-11 21:51 . 2008-07-11 21:51 <DIR> d-------- D:\Program Files\GameSpy

2008-07-11 21:50 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll

2008-07-11 21:50 . 2007-05-16 16:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll

2008-07-11 21:50 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll

2008-07-11 21:50 . 2007-05-16 16:45 1,124,720 --a------ C:\Windows\System32\D3DCompiler_34.dll

2008-07-11 21:50 . 2008-07-11 21:50 669,184 --a------ C:\Windows\System32\pbsvc.exe

2008-07-11 21:50 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll

2008-07-11 21:50 . 2007-05-16 16:45 443,752 --a------ C:\Windows\System32\d3dx10_34.dll

2008-07-11 21:50 . 2008-07-11 21:50 103,736 --a------ C:\Windows\System32\PnkBstrB.exe

2008-07-11 21:50 . 2008-07-11 21:50 66,872 --a------ C:\Windows\System32\PnkBstrA.exe

2008-07-11 21:50 . 2008-07-11 21:50 22,328 --a------ C:\Windows\System32\drivers\PnkBstrK.sys

2008-07-11 21:50 . 2008-07-11 21:50 22,328 --a------ C:\Users\Fredd\AppData\Roaming\PnkBstrK.sys

2008-07-06 22:50 . 2008-07-06 22:50 <DIR> d-------- D:\Program Files\Rockstar Games

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-04 19:32 --------- d-----w D:\Program Files\Winamp

2008-08-04 19:14 --------- d-----w D:\Program Files\Steam

2008-08-04 18:58 --------- d-----w C:\Users\Fredd\AppData\Roaming\NoNameScript

2008-08-04 17:59 --------- d-----w D:\Program Files\mIRC

2008-08-04 13:52 --------- d-----w C:\Users\Fredd\AppData\Roaming\uTorrent

2008-08-03 19:00 --------- d-----w C:\Users\Fredd\AppData\Roaming\Ventrilo

2008-08-01 13:44 --------- d-----w C:\Program Files\Common Files\Steam

2008-07-29 16:58 --------- d-----w D:\Program Files\Mozilla Thunderbird

2008-07-15 19:43 --------- d-----w D:\Program Files\Messenger Plus! Live

2008-07-15 19:34 --------- d-----w C:\ProgramData\WLInstaller

2008-07-10 21:11 --------- d-----w D:\Program Files\MarkAny

2008-07-06 20:50 --------- d--h--w D:\Program Files\InstallShield Installation Information

2008-07-03 18:02 96,520 ----a-w C:\Windows\system32\drivers\avgldx86.sys

2008-07-03 18:02 10,520 ----a-w C:\Windows\System32\avgrsstx.dll

2008-07-01 14:43 --------- d-----w D:\Program Files\Ventrilo

2008-07-01 14:43 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2008-06-21 09:27 --------- d-----w C:\ProgramData\TrackMania

2008-06-20 22:42 --------- d-----w C:\Users\Fredd\AppData\Roaming\LimeWire

2008-06-20 22:04 --------- d-----w D:\Program Files\Bit Che

2008-06-20 22:03 --------- d-----w D:\Program Files\LimeWire

2008-06-20 11:33 --------- d-----w D:\Program Files\Analog Devices

2008-06-20 11:32 --------- d---a-w D:\Program Files\FM Genie Scout 2008

2008-06-19 22:02 --------- d-----w D:\Program Files\Guitar Pro 5

2008-06-19 18:11 --------- d-----w D:\Program Files\AVG

2008-06-19 18:11 --------- d-----w C:\ProgramData\avg8

2008-06-19 15:52 --------- d-----w D:\Program Files\Google

2008-06-19 13:24 --------- d-----w C:\Users\Fredd\AppData\Roaming\Sports Interactive

2008-06-19 13:23 --------- d--h--r C:\Users\Fredd\AppData\Roaming\SecuROM

2008-06-19 13:21 --------- d-----w D:\Program Files\Zero G Registry

2008-06-19 13:20 --------- d-----w D:\Program Files\Sports Interactive

2008-06-19 11:03 --------- d-----w D:\Program Files\Trend Micro

2008-06-19 11:03 --------- d-----w D:\Program Files\SUPERAntiSpyware

2008-06-19 11:03 --------- d-----w C:\Users\Fredd\AppData\Roaming\SUPERAntiSpyware.com

2008-06-19 11:03 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com

2008-06-19 10:56 --------- d-----w D:\Program Files\uTorrent

2008-06-19 10:03 --------- d-----w D:\Program Files\Stardock

2008-06-08 17:37 --------- d-----w C:\ProgramData\QuickTime

2008-06-08 17:32 --------- d-----w C:\ProgramData\Ulead Systems

2008-06-08 00:08 --------- d-----w D:\Program Files\Foxit Software

2008-05-28 19:58 65,024 ----a-w C:\Windows\IFinst26.exe

2008-05-22 15:02 409,600 ----a-w C:\Windows\System32\wrap_oal.dll

2008-05-22 15:02 114,688 ----a-w C:\Windows\System32\OpenAL32.dll

.

 

((((((((((((((((((((((((((((( snapshot@2008-06-19_16.11.02,25 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-07-11 19:49:38 10,134 ----a-r C:\Windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe

+ 2008-07-11 19:49:38 10,134 ----a-r C:\Windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe

- 2008-05-19 13:34:31 27,648 ----a-r C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe

+ 2008-06-26 13:15:39 27,648 ----a-r C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe

- 2008-05-19 13:34:41 29,926 ----a-r C:\Windows\Installer\{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}\MsblIco.Exe

+ 2008-07-15 19:38:41 29,926 ----a-r C:\Windows\Installer\{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}\MsblIco.Exe

- 2000-08-31 06:00:00 28,160 ----a-w C:\Windows\Nircmd.exe

+ 2000-08-31 06:00:00 28,672 ----a-w C:\Windows\Nircmd.exe

- 2008-06-19 13:11:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2008-08-04 19:13:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2008-06-19 13:11:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2008-08-04 19:13:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2008-06-19 13:13:05 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT

+ 2008-08-04 19:15:16 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT

+ 2008-08-04 19:15:16 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1

- 2008-06-19 13:13:00 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT

+ 2008-08-04 19:15:11 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT

- 2008-06-10 20:35:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2008-08-01 21:18:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2008-06-10 20:35:55 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-08-01 21:18:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2008-06-10 20:35:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-08-01 21:18:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-06-19 14:09:11 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat

+ 2008-08-04 19:42:35 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat

- 2008-05-16 16:05:40 26,184 ----a-w C:\Windows\System32\drivers\avgmfx86.sys

+ 2008-07-03 18:02:13 26,824 ----a-w C:\Windows\System32\drivers\avgmfx86.sys

- 2008-05-30 14:02:42 371,520 ----a-w C:\Windows\System32\FNTCACHE.DAT

+ 2008-07-13 10:31:00 370,120 ----a-w C:\Windows\System32\FNTCACHE.DAT

- 2008-06-19 09:53:48 107,416 ----a-w C:\Windows\System32\perfc009.dat

+ 2008-07-14 16:42:25 107,416 ----a-w C:\Windows\System32\perfc009.dat

- 2008-06-19 09:53:48 618,272 ----a-w C:\Windows\System32\perfh009.dat

+ 2008-07-14 16:42:25 618,272 ----a-w C:\Windows\System32\perfh009.dat

+ 2007-10-18 09:31:46 51,224 ----a-w C:\Windows\System32\sirenacm.dll

- 2008-06-19 11:48:11 5,767,168 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT

+ 2008-07-15 19:39:03 5,767,168 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT

- 2008-06-19 13:13:24 6,758 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2502830777-2742604688-2715807962-1000_UserData.bin

+ 2008-08-04 19:15:29 7,902 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2502830777-2742604688-2715807962-1000_UserData.bin

- 2008-06-19 13:13:24 65,110 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2008-08-04 19:15:29 70,098 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2008-06-02 16:25:35 3,206 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat

+ 2008-07-01 10:31:19 4,736 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat

- 2008-06-19 11:50:44 38,220 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2008-08-04 19:15:28 42,730 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

- 2008-06-17 14:02:45 231,610 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin

+ 2008-08-04 17:43:43 240,998 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin

- 2004-12-20 09:03:26 679,936 ----a-w C:\Windows\System32\xvidcore.dll

+ 2008-01-10 12:15:30 755,027 ----a-w C:\Windows\System32\xvidcore.dll

- 2004-12-20 09:08:28 155,648 ----a-w C:\Windows\System32\xvidvfw.dll

+ 2008-01-10 12:16:20 159,839 ----a-w C:\Windows\System32\xvidvfw.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:34 125440]

"msnmsgr"="D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]

"SUPERAntiSpyware"="D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]

"Steam"="d:\program files\steam\steam.exe" [2008-06-26 15:15 1271032]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-10-25 23:47 86016]

"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-10-25 23:47 8534560]

"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-10-25 23:47 81920]

"WinSys2"="C:\Windows\system32\startup.exe" [2007-10-30 10:52 57344]

"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45 222208]

"Launch LCDMon"="D:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-12-13 17:43 2051096]

"Launch LGDCore"="D:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-12-13 17:57 2095640]

"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

"Copperhead"="D:\Program Files\Razer\Copperhead\razerhid.exe" [2005-11-25 10:53 155648]

"SoundMAXPnP"="D:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-06-06 08:35 1261568]

"SoundTray"="D:\Program Files\Analog Devices\SoundMAX\SoundTray.exe" [2007-05-21 14:53 49152]

"GrooveMonitor"="D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]

"HP Software Update"="D:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 21:52 49152]

"SMSTray"="D:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 16:32 126976]

"MAAgent"="D:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 20:36 57344]

"AVG8_TRAY"="D:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-03 20:02 1232152]

 

C:\Users\Fredd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Stardock ObjectDock.lnk - D:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-06-19 12:03:37 3581680]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 21:40:10 210520]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "D:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 16:51 192512]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "D:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2007-04-19 13:41 294912 D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.YV12"= yv12vfw.dll

 

[HKLM\~\startupfolder\C:^Users^Fredd^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]

path=C:\Users\Fredd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk

backup=C:\Windows\pss\Stardock ObjectDock.lnk.Startup

backupExtension=.Startup

 

[HKLM\~\startupfolder\C:^Users^Fredd^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TB-Tray.lnk]

path=C:\Users\Fredd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TB-Tray.lnk

backup=C:\Windows\pss\TB-Tray.lnk.Startup

backupExtension=.Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

--a------ 2007-06-27 19:03 152872 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

--a------ 2008-04-01 11:39 486856 D:\Program Files\DAEMON Tools Lite\daemon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2008-03-30 10:36 267048 D:\Program Files\iTunes\iTunesHelper.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

--a------ 2007-10-18 11:34 5724184 D:\Program Files\Windows Live\Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-03-28 23:37 413696 D:\Program Files\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

--a------ 2008-06-26 15:15 1271032 D:\Program Files\Steam\Steam.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{7E3A8E0C-E83C-42DC-8813-C06F1A0830A7}"= UDP:D:\Program Files\Bonjour\mDNSResponder.exe:Bonjour

"{36F0388C-8432-4F26-BCAA-8E786F0BAAAC}"= TCP:D:\Program Files\Bonjour\mDNSResponder.exe:Bonjour

"{8D2B59AC-E218-4728-87C2-B12AC3EB6DFA}"= D:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe

"{289DA0E9-F30F-4303-9376-BCAAAEA58D19}"= D:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{0A2992B2-D476-4469-8CFA-A645556D4F9F}D:\\program files\\steam\\steamapps\\frd_hgn\\counter-strike source\\hl2.exe"= UDP:D:\program files\steam\steamapps\frd_hgn\counter-strike source\hl2.exe:hl2

"UDP Query User{FA3F0ACB-2D34-4AC8-93F3-EECEDE59E099}D:\\program files\\steam\\steamapps\\frd_hgn\\counter-strike source\\hl2.exe"= TCP:D:\program files\steam\steamapps\frd_hgn\counter-strike source\hl2.exe:hl2

"{99FA9833-C9AE-4F6E-B683-E50313DB24D4}"= UDP:D:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{B7F663AC-F8EF-44BC-B497-3A4C2EA0BFE6}"= TCP:D:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

"{1420A2A2-E3A8-40EF-BD0D-923B3B980853}"= D:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{2D0BCE8D-3A97-4618-A445-35401B050C6E}D:\\program files\\mozilla firefox\\firefox.exe"= UDP:D:\program files\mozilla firefox\firefox.exe:Firefox

"UDP Query User{C16B1925-56D7-4C46-A710-F4914C695DAD}D:\\program files\\mozilla firefox\\firefox.exe"= TCP:D:\program files\mozilla firefox\firefox.exe:Firefox

"TCP Query User{EDE961DD-6E84-462D-9B43-2B58E5A9CE06}D:\\program files\\steam\\steamapps\\frd_hgn\\counter-strike\\hl.exe"= UDP:D:\program files\steam\steamapps\frd_hgn\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{6572E87C-78D4-4569-828F-C9E4FBDDB2C3}D:\\program files\\steam\\steamapps\\frd_hgn\\counter-strike\\hl.exe"= TCP:D:\program files\steam\steamapps\frd_hgn\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{2F9CE6D0-7DDC-4E50-A527-DDCA4A88C0BF}D:\\program files\\mirc\\mirc.exe"= UDP:D:\program files\mirc\mirc.exe:mIRC

"UDP Query User{15181557-C9BD-4FDF-AC75-52CB14D38467}D:\\program files\\mirc\\mirc.exe"= TCP:D:\program files\mirc\mirc.exe:mIRC

"{26F2EEC5-668F-453E-81EB-E2F0525E229E}"= TCP:6004|D:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

"{D0E1BE40-0321-4414-8FBD-66324B8D92F8}"= UDP:D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{8EFEFD5A-CB50-4D74-9E68-3671EF212859}"= TCP:D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{77BD4303-9075-4D68-BA50-9835253C44BF}"= UDP:D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{7021C220-29CF-4B1F-9460-61D716FA1133}"= TCP:D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{A6031223-F1EB-4455-9392-C542EE00D090}"= UDP:D:\Program Files\iTunes\iTunes.exe:iTunes

"{B452EB6B-7DB7-4D88-BCE4-00CDA3F6D1FE}"= TCP:D:\Program Files\iTunes\iTunes.exe:iTunes

"TCP Query User{799332E4-946A-4D67-B7BD-D482A36987F8}D:\\program files\\codemasters\\dirt\\dirt.exe"= UDP:D:\program files\codemasters\dirt\dirt.exe:DiRT Executable

"UDP Query User{CA9043D7-CAEE-4039-83FE-380F701F2FDB}D:\\program files\\codemasters\\dirt\\dirt.exe"= TCP:D:\program files\codemasters\dirt\dirt.exe:DiRT Executable

"{8FA2D91A-FE96-4ADB-9271-73C8A8C641B6}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player

"{12817257-2BA5-4A11-A410-E112D9193CBC}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player

"{CD68827D-C295-491F-BF64-5F75E9B0535E}"= UDP:D:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{3C205442-3B79-4BBE-A71E-CA49538F6941}"= TCP:D:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{B2A82ED6-A1A4-4D20-B976-51682AE50677}"= UDP:D:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{6DA417C7-F998-40C5-B421-273607840C94}"= TCP:D:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{5BFB9533-F4B3-4A8C-9D1B-A873FA5F216C}"= UDP:D:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR

"{62036CBE-618E-4DBD-9EAC-9CC92A408C3B}"= TCP:D:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR

"{3D85020E-CD0A-473F-B874-5E542BB95962}"= UDP:D:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"{E9036646-FC31-48D3-AB4B-9506E08B331D}"= TCP:D:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"TCP Query User{B35AA534-595A-4594-B173-BEC547557C74}D:\\program files\\steam\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= UDP:D:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe:TmForever

"UDP Query User{2A94B1EE-8235-485B-BDFD-745CEFCB15DC}D:\\program files\\steam\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= TCP:D:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe:TmForever

"TCP Query User{95863491-59DE-42C5-A114-C587336DE8E1}D:\\program files\\amsn\\bin\\wish.exe"= UDP:D:\program files\amsn\bin\wish.exe:Wish Application

"UDP Query User{66D4FD5F-DE07-42C5-9E8D-A76320A44E71}D:\\program files\\amsn\\bin\\wish.exe"= TCP:D:\program files\amsn\bin\wish.exe:Wish Application

"TCP Query User{F6B7EAA7-9907-4801-A08C-AAD9B5C2E69B}D:\\program files\\google\\google sketchup 6\\sketchup.exe"= UDP:D:\program files\google\google sketchup 6\sketchup.exe:SketchUp Application

"UDP Query User{48C91FC7-9B93-4B08-89E9-8B75EECDA034}D:\\program files\\google\\google sketchup 6\\sketchup.exe"= TCP:D:\program files\google\google sketchup 6\sketchup.exe:SketchUp Application

"TCP Query User{F2C1EBA9-7B3E-4C07-887C-F4C5BE0B2E7F}D:\\program files\\google\\google sketchup 6\\layout\\layout.exe"= UDP:D:\program files\google\google sketchup 6\layout\layout.exe:LayOut

"UDP Query User{BE3D189C-2EE0-471F-B060-505A7BF77A40}D:\\program files\\google\\google sketchup 6\\layout\\layout.exe"= TCP:D:\program files\google\google sketchup 6\layout\layout.exe:LayOut

"{867F9D73-15E2-468A-8B19-6608F606998D}"= UDP:D:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008

"{103BBBA7-CE9F-426B-BD19-EC1AC0D45786}"= TCP:D:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008

"{8AE0DD39-8458-41BB-A190-8EEBF56618D5}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{6378CBE9-48BE-4F33-8C97-6D5063DFBE32}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{18BC005A-787D-4B92-9A8C-C93D60EEE064}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{23443BFC-CAE7-4645-89C6-6AD422A19BB6}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{A58DE5FE-49D7-433D-A284-00628809C06B}"= D:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

 

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-07-03 20:02]

R2 avg8wd;AVG8 WatchDog;D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-03 20:02]

R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-01 15:43]

R3 UsbFltr;Razer Copperhead Driver;C:\Windows\system32\drivers\copperhd.sys [2005-11-02 10:54]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-05-24 10:15]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1951c4be-2382-11dd-93c5-001e8c9a7e73}]

\shell\AutoRun\command - F:\autorun.exe

.

- - - - ORPHANS REMOVED - - - -

 

HKLM-Run-WinampAgent - D:\Program Files\Winamp\winampa.exe

MSConfigStartUp-Launch As Cmd Runner - C:\Program Files\ASUS\AI Direct Link\AsCmd.exe

MSConfigStartUp-Sidebar - D:\Program Files\Desktop Sidebar\dsidebar.exe

 

 

.

------- Supplementary Scan -------

.

FireFox -: Profile - C:\Users\Fredd\AppData\Roaming\Mozilla\Firefox\Profiles\gqusvtvs.default\

FF -: plugin - D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

FF -: plugin - D:\Program Files\Java\jre1.6.0_06\bin\npjava11.dll

FF -: plugin - D:\Program Files\Java\jre1.6.0_06\bin\npjava12.dll

FF -: plugin - D:\Program Files\Java\jre1.6.0_06\bin\npjava13.dll

FF -: plugin - D:\Program Files\Java\jre1.6.0_06\bin\npjava14.dll

FF -: plugin - D:\Program Files\Java\jre1.6.0_06\bin\npjava32.dll

FF -: plugin - D:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll

FF -: plugin - D:\Program Files\Java\jre1.6.0_06\bin\npoji610.dll

FF -: plugin - D:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll

FF -: plugin - D:\Program Files\Yahoo!\Common\npyaxmpb.dll

 

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-04 21:44:28

Windows 6.0.6000 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

PROCESS: C:\Windows\Explorer.exe

-> D:\Program Files\Stardock\ObjectDock\DockShellHook.dll

.

Completion time: 2008-08-04 21:45:31

ComboFix-quarantined-files.txt 2008-08-04 19:45:27

ComboFix2.txt 2008-06-19 14:11:19

 

Pre-Run: 5,240,922,112 bytes free

Post-Run: 5,116,047,360 bytes free

 

306

 

SAS:

 

Klikk for å se/fjerne innholdet nedenfor
SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 08/04/2008 at 10:05 PM

 

Application Version : 4.15.1000

 

Core Rules Database Version : 3485

Trace Rules Database Version: 1476

 

Scan type : Complete Scan

Total Scan Time : 00:24:22

 

Memory items scanned : 676

Memory threats detected : 0

Registry items scanned : 8092

Registry threats detected : 0

File items scanned : 25749

File threats detected : 0

Endret av elZiko
Lenke til kommentar

Videoannonse

Videoannonse
Annonse

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste

  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...