tror jeg har virus

[heisum]

Pcen min bebyner å bli treg. Og det popper opp en internett side vær andre time ca, her er siden som popper opp: http://tibia-inject.com/ping.php?id=68085&...amp;infname=lol

 

Har tatt ComboFix, kan noen sjekke den og si om det er noe feil.

Taker for hjelp:)

 

 

 

ComboFix 08-12-30.02 - Espen 2008-12-31 14:00:31.1 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.2045.1109 [GMT 1:00]

Kjører fra: c:\users\Espen\Desktop\ComboFix.exe

* Opprettet nytt gjenopprettingspunkt

.

 

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe

c:\users\Espen\AppData\Local\Temp\IXP000.TMP\server.exe

 

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-28 til 2008-12-31 )))))))))))))))))))))))))))))))))

.

 

2008-12-29 20:44 . 2008-12-29 20:44 <DIR> d-------- c:\users\Espen\AppData\Roaming\GTek

2008-12-28 05:09 . 2008-12-28 05:09 <DIR> d-------- c:\program files\Ventrilo

2008-12-28 05:06 . 2008-12-28 05:06 <DIR> d-------- C:\Tempdata

2008-12-27 02:39 . 2008-12-27 02:39 <DIR> d-------- c:\users\Espen\AppData\Roaming\vlc

2008-12-26 19:43 . 2008-12-26 19:43 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-12-26 03:57 . 2008-12-26 03:57 <DIR> d-------- c:\users\All Users\TVU Networks

2008-12-26 03:57 . 2008-12-26 03:57 <DIR> d-------- c:\programdata\TVU Networks

2008-12-21 23:19 . 2008-12-21 23:19 <DIR> d-------- c:\users\Espen\AppData\Roaming\VOIPlay

2008-12-11 12:41 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll

2008-12-10 18:50 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll

2008-12-10 18:50 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll

2008-12-10 18:50 . 2008-10-16 05:47 827,392 --a------ c:\windows\System32\wininet.dll

2008-12-10 18:50 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe

2008-12-10 14:54 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll

2008-12-10 14:53 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll

2008-12-10 14:53 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll

2008-12-10 14:45 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe

2008-12-07 00:22 . 2008-12-30 23:32 <DIR> d-------- c:\users\Espen\AppData\Roaming\mIRC

2008-12-07 00:22 . 2008-12-07 00:43 <DIR> d-------- c:\program files\mIRC

2008-11-26 15:41 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll

2008-11-26 15:41 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll

2008-11-26 15:41 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll

2008-11-26 15:41 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll

2008-11-26 15:41 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll

2008-11-26 03:11 . 2008-11-26 03:14 <DIR> d-------- c:\users\Espen\AppData\Roaming\Ventrilo

2008-11-17 22:37 . 2008-04-26 09:26 891,448 --a------ c:\windows\System32\drivers\tcpip.sys

2008-11-17 17:34 . 2008-11-17 17:34 <DIR> d-------- C:\PerfLogs

2008-11-17 16:32 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll

2008-11-17 16:32 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll

2008-11-17 16:32 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll

2008-11-17 16:32 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll

2008-11-17 16:32 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe

2008-11-17 16:32 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll

2008-11-17 16:32 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll

2008-11-17 16:31 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll

2008-11-17 16:31 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe

2008-11-14 21:56 . 2008-11-14 21:56 <DIR> d-------- c:\program files\Sports Interactive

2008-11-14 21:43 . 2008-12-03 15:43 <DIR> d-------- c:\program files\Common Files\Steam

2008-11-14 17:55 . 2008-11-14 21:36 <DIR> d-------- c:\users\Espen\AppData\Roaming\Sports Interactive

2008-11-14 17:51 . 2008-11-14 17:51 <DIR> d-------- c:\users\All Users\Sports Interactive

2008-11-14 17:51 . 2008-11-14 17:51 <DIR> d-------- c:\programdata\Sports Interactive

2008-11-14 17:50 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\System32\d3dx9_26.dll

2008-11-14 17:39 . 2008-11-14 17:39 <DIR> d--h----- c:\program files\Zero G Registry

2008-11-14 17:38 . 2008-11-14 17:38 <DIR> d--h----- c:\users\Espen\InstallAnywhere

2008-11-12 17:21 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll

2008-11-12 17:21 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll

2008-11-12 17:21 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys

2008-11-01 02:07 . 2008-08-05 10:49 428,544 --a------ c:\windows\System32\EncDec.dll

2008-11-01 02:07 . 2008-08-05 10:49 293,376 --a------ c:\windows\System32\psisdecd.dll

2008-11-01 02:07 . 2008-08-05 10:48 217,088 --a------ c:\windows\System32\psisrndr.ax

2008-11-01 02:07 . 2008-08-05 10:48 177,664 --a------ c:\windows\System32\mpg2splt.ax

2008-11-01 02:07 . 2008-08-05 10:48 80,896 --a------ c:\windows\System32\MSNP.ax

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-31 12:45 52,775 ----a-w c:\users\Espen\AppData\Roaming\nvModes.dat

2008-12-31 12:12 --------- d-----w c:\program files\Steam

2008-12-30 19:37 --------- d-----w c:\users\Espen\AppData\Roaming\uTorrent

2008-12-29 19:45 --------- d-----w c:\users\Espen\AppData\Roaming\dvdcss

2008-12-29 19:44 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-29 19:43 --------- d-----w c:\program files\HP

2008-12-29 19:43 --------- d-----w c:\program files\Hewlett-Packard

2008-12-28 04:08 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-12-12 00:50 --------- d-----w c:\program files\Windows Mail

2008-12-11 11:44 --------- d-----w c:\programdata\Microsoft Help

2008-11-30 20:56 --------- d-----w c:\users\Espen\AppData\Roaming\LimeWire

2008-11-20 14:22 --------- d-----w c:\program files\LimeWire

2008-11-17 16:47 174 --sha-w c:\program files\desktop.ini

2008-11-17 16:38 --------- d-----w c:\program files\Windows Sidebar

2008-11-17 16:38 --------- d-----w c:\program files\Windows Photo Gallery

2008-11-17 16:38 --------- d-----w c:\program files\Windows Journal

2008-11-17 16:38 --------- d-----w c:\program files\Windows Defender

2008-11-17 16:38 --------- d-----w c:\program files\Windows Collaboration

2008-11-17 16:38 --------- d-----w c:\program files\Windows Calendar

2008-11-17 16:08 82,432 ----a-w c:\windows\System32\axaltocm.dll

2008-11-17 16:08 101,888 ----a-w c:\windows\System32\ifxcardm.dll

2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll

2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll

2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll

2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll

2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll

2008-10-31 18:09 --------- d-----w c:\program files\vghd

2008-10-31 16:48 --------- d-----w c:\users\Espen\AppData\Roaming\vghd

2008-10-31 15:06 --------- d-----w c:\program files\Apple Software Update

2008-10-31 15:05 --------- d-----w c:\programdata\Apple Computer

2008-10-31 15:05 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-10-31 15:05 --------- d-----w c:\program files\iTunes

2008-10-31 15:05 --------- d-----w c:\program files\iPod

2008-10-31 15:03 --------- d-----w c:\program files\QuickTime

2008-10-31 15:03 --------- d-----w c:\program files\Common Files\Apple

2008-10-31 14:56 --------- d-----w c:\program files\Bonjour

2008-10-27 00:00 152,904 ----a-w c:\windows\System32\vghd.scr

2008-10-12 23:05 16,013,312 ----a-w c:\windows\System32\imageres.dll

2008-10-02 13:29 10,520 ----a-w c:\windows\System32\avgrsstx.dll

2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll

2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe

2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe

2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll

2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll

2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys

2008-08-21 14:02 332 ----a-w c:\users\Espen\AppData\Roaming\wklnhst.dat

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"Steam"="c:\program files\steam\steam.exe" [2008-11-14 1410296]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 c:\windows\System32\oobefldr.dll]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]

"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-12-02 167936]

"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]

"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]

"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 317152]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2006-10-18 472800]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-02-05 77824]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-02 1261336]

"MSConfig"="c:\windows\system32\msconfig.exe" [2008-01-19 227840]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-02-27 90191]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-27 7770112]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-27 81920]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]

Hurtigstart for Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

--a------ 2008-10-01 12:57 111936 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2008-10-01 18:57 289576 c:\program files\iTunes\iTunesHelper.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{33D4A27D-FD41-4386-9A70-6C5A853188B4}"= UDP:c:\program files\HP\QuickPlay\QP.exe:QP

"{D48C3D3E-8F8A-4BE8-880B-D6697127EBCE}"= TCP:c:\program files\HP\QuickPlay\QP.exe:QP

"{59CA1633-F0BF-442B-BFD9-B040BEF26467}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{F953D3D8-1EFD-49C5-B1DF-6B8F24D9567A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{9329E964-5969-4F57-BCE0-7F83F8596E29}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"TCP Query User{381D2F3F-CD7B-4234-99C4-DAD97EB60D4F}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent

"UDP Query User{045F80EF-ADFA-47E8-BB08-27D4C1ED57E2}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent

"TCP Query User{D58423E4-9FC3-4607-929C-8E08F6D7085D}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser

"UDP Query User{4B25E9D8-7368-4DD5-A238-BCE35A29D1C3}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser

"{EEDB07A0-1B18-4DE8-B3F3-70B2973BEF06}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{D91A1791-7D6F-4979-9F48-52443BF84347}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

"{624B3728-AE6E-49F5-AE05-9ECECFE71547}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

"{7915701B-6A11-4450-B801-A35681C2944B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{3ED6ADF4-7C6E-4FF3-A265-810F21CF80E2}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{E7BCF139-E796-40EC-A700-D3B7197B1C34}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{4029EFBF-041B-4EED-BC12-6075C1F47EFB}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{2DF21D97-13B0-48FC-81A5-C894CF742AD0}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{2157D3E0-2E44-4D87-968D-4DBC5CFA8A83}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"TCP Query User{B40D7E48-2F06-4937-AB76-61622D29D427}c:\\program files\\steam\\steamapps\\espenheisum91\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\espenheisum91\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{5592570D-19BB-45EE-BC2C-5C49F8CC1E86}c:\\program files\\steam\\steamapps\\espenheisum91\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\espenheisum91\counter-strike\hl.exe:Half-Life Launcher

"{4F55C7F2-083D-4C15-859F-1246AAB74D75}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe

"{0C85E6D0-C0B4-4799-850F-37D2F02A1380}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{909647B0-10E4-4FCD-8368-958E0C505F12}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{1BF3BD6B-0B6B-4429-ADC0-4870B38E688E}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{698BB578-FE9B-407F-949B-5408D397ED9B}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"{534C7D8F-6A3B-4A4B-9D0F-42FD419061F6}"= Disabled:UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009

"{0CC9C46E-99AB-4BE2-8999-4D9CDB74F6E9}"= Disabled:TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009

"{02C4648F-49A5-40CA-99D7-CE12CCA22033}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe

"{341CAD9B-E58A-4249-B60D-7B857587E2FF}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe

"TCP Query User{DA8F0BC1-2D1A-4DA2-B75C-49AD936C0273}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC

"UDP Query User{18B004F0-3A0E-4475-A12F-C0AFEEADFEFC}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC

"{E3F192C3-3D51-4446-BFD1-5AF301E541DF}"= UDP:c:\program files\Steam\SteamApps\common\football manager 2009\fm.exe:Football Manager 2009

"{99CE3091-3F3F-4DFA-9AF7-B28048A20EB3}"= TCP:c:\program files\Steam\SteamApps\common\football manager 2009\fm.exe:Football Manager 2009

"TCP Query User{9E256B47-F23E-4F66-AB7E-EDDB05FC2C89}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{6383EABC-9D28-4B31-ABAD-DEF0077D4B95}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{3907637B-4067-41E7-996C-5981D827D23C}c:\\program files\\steam\\steamapps\\heisumgeneral\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\heisumgeneral\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{DB088848-937F-4062-955E-89CCCFB96454}c:\\program files\\steam\\steamapps\\heisumgeneral\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\heisumgeneral\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{3AAD4287-6B47-4A52-8483-B3B08739EA67}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component

"UDP Query User{07D96913-24CE-48EB-8B06-54F7593D112C}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component

"TCP Query User{0D18AAB9-E806-45C4-8C8D-DA1D640E5397}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component

"UDP Query User{6BB2A23B-3318-4C65-9E4A-04CA4C713269}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component

"TCP Query User{91E56B63-C2F5-4EC6-8C16-B3B28875E7BF}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{C411B3BC-1613-495E-92B8-583974AE6BF2}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{53B3CB23-6AC2-4C5F-9AE4-25C50B4338FE}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC

"UDP Query User{D0BE25EF-66C2-4438-B5F9-662FB0E3DE2E}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC

"TCP Query User{DE687740-8B04-457B-B807-8824A98355D1}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"UDP Query User{679BF0EF-F69E-46E2-A9F3-44C89EB7356E}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

"TCP Query User{D59F9EBA-03C2-4125-9514-4A341C300ECE}c:\\program files\\steam\\steamapps\\heisumgeneral\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\heisumgeneral\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{20962FD5-5525-4844-BDFE-F12BF0C8D36C}c:\\program files\\steam\\steamapps\\heisumgeneral\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\heisumgeneral\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{F4DBFD6D-F99C-46A9-95C7-067D5C881DEC}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{C51F4368-A3AD-40BB-BA06-976BFFCB25D5}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

 

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-10-02 97928]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-02 231704]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77c3a79f-d36a-11dd-9976-001a6b6f7fef}]

\shell\AutoRun\command - G:\LaunchU3.exe -a

 

*Newly Created Service* - PROCEXP90

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.tv2.no/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NB_NO&c=71&bd=Pavilion&pf=laptop

uInternet Settings,ProxyOverride = *.local

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-31 14:03:39

Windows 6.0.6001 Service Pack 1 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

 

- - - - - - - > 'winlogon.exe'(876)

c:\windows\system32\avgrsstx.dll

 

- - - - - - - > 'lsass.exe'(716)

c:\windows\system32\avgrsstx.dll

.

Tidspunkt ferdig: 2008-12-31 14:05:03

ComboFix-quarantined-files.txt 2008-12-31 13:05:01

 

Pre-Run: 75 714 437 120 byte ledig

Post-Run: 75,720,716,288 byte ledig

 

256 --- E O F --- 2008-12-31 12:47:20

[Supreme P.]

Ta å rens maksinen med programmer som ccleaner,lavasoft,Iobit advance care o.l. Oppdater anti virus programmet ditt. Det hjalp på min gamle pc.

[Terje92]

http://siri.geekstogo.com/SmitfraudFix.php Funker ofte mot sånt.

[Tosha0007]

Last ned Malwarebytes' Anti-Malware Her eller Her.''' Lagre den på Skrivebordet.

 

Kjør fila og installer programmet. Velg Norsk språkdrakt.

• Sett en hake ved siden av Oppdater Malwarebytes' Anti-Malware og Kjør Malwarebytes' Anti-Malware, og trykk Ferdig.
  

La programmet oppdatere seg og velg Utfør hurtig systemskann.

 

Du får en meldingsboks når programmet er ferdigkjørt

Klikk deretter på Vis resultat-knappen. Hvis det er funnet malware, vil du nå se hva som er funnet.

 

Klikk så på Fjern valgt -knappen for å fjerne malwaren som evt. ble funnet.

 

Notis:

Hvis MBAM finner en fil som er vanskelig å fjerne, vil du bli spurt om to spørsmål.

Trykk OK på begge, og la MBAM gjøre seg ferdig med desinfeksjonen.

Hvis du blir spurt om å restarte maskinen, gjør du det med en gang.

 

Når MBAM er ferdig med å fjerne det den har funnet, vil det bli åpnet en logg i notisblokk. Den poster du senere om den fant noe annet enn cookies

 

 

Etterpå tar du ein ny runde med combofix

[heisum]

fant ikke noe der.

 

 

 

Malwarebytes' Anti-Malware 1.31

Databaseversjon: 1582

Windows 6.0.6001 Service Pack 1

 

31.12.2008 16:40:45

mbam-log-2008-12-31 (16-40-45).txt

 

Skanntype: Rask Skann

Objekter skannet: 52506

Tid tilbakelagt: 4 minute(s), 18 second(s)

 

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert: 0

 

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

 

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

 

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

 

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

 

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

 

Mapper infisert:

(Ingen mistenkelige filer funnet)

 

Filer infisert:

(Ingen mistenkelige filer funnet)

[norbat]

Sliter du fortsatt med popups?