Gå til innhold

Combo Fix logg

heisum

Av heisum
i IKT-drift og sikkerhet

Anbefalte innlegg

heisum

heisum

Skrevet
Skrevet

kan noen sjekke om det er noe feil:)

 

ComboFix 09-03-19.02 - Espen 2009-03-21 16:35:04.1 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.2045.1105 [GMT 1:00]

Kjører fra: c:\users\Espen\AppData\Local\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

* Opprettet nytt gjenopprettingspunkt

.

 

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-02-21 til 2009-03-21 )))))))))))))))))))))))))))))))))

.

 

2009-03-21 16:16 . 2009-03-21 16:16 <DIR> d-------- c:\users\Espen\AppData\Roaming\Malwarebytes

2009-03-21 16:16 . 2009-03-21 16:16 <DIR> d-------- c:\users\All Users\Malwarebytes

2009-03-21 16:16 . 2009-03-21 16:16 <DIR> d-------- c:\programdata\Malwarebytes

2009-03-21 16:16 . 2009-03-21 16:16 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-03-21 16:16 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys

2009-03-21 16:16 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys

2009-03-19 14:06 . 2009-03-19 14:06 <DIR> d-------- c:\users\Espen\AppData\Roaming\dvdcss

2009-03-19 02:08 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll

2009-03-19 02:02 . 2009-03-19 02:02 <DIR> d-------- c:\program files\Microsoft.NET

2009-03-19 01:59 . 2009-03-19 01:59 <DIR> d-------- c:\program files\Microsoft Visual Studio 8

2009-03-19 01:58 . 2009-03-21 03:13 <DIR> d-------- c:\users\All Users\Microsoft Help

2009-03-19 01:58 . 2009-03-21 03:13 <DIR> d-------- c:\programdata\Microsoft Help

2009-03-19 01:55 . 2009-03-19 01:55 <DIR> dr-h----- C:\MSOCache

2009-03-19 01:43 . 2009-03-19 01:43 <DIR> d-------- c:\users\Espen\AppData\Roaming\Roxio

2009-03-16 21:50 . 2009-03-16 21:50 <DIR> d-------- c:\users\All Users\Apple Computer

2009-03-16 21:50 . 2009-03-16 21:50 <DIR> d-------- c:\programdata\Apple Computer

2009-03-16 21:50 . 2009-03-16 21:51 <DIR> d-------- c:\program files\QuickTime

2009-03-16 21:49 . 2009-03-16 21:49 <DIR> d-------- c:\users\All Users\Apple

2009-03-16 21:49 . 2009-03-16 21:49 <DIR> d-------- c:\programdata\Apple

2009-03-16 21:49 . 2009-03-16 21:49 <DIR> d-------- c:\program files\Apple Software Update

2009-03-13 13:27 . 2009-03-14 05:31 <DIR> d--h----- C:\$AVG8.VAULT$

2009-03-11 20:24 . 2009-03-07 18:16 15,688 --a------ c:\windows\System32\lsdelete.exe

2009-03-11 16:31 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL

2009-03-11 16:31 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys

2009-03-11 16:31 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll

2009-03-11 16:31 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll

2009-03-11 16:31 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx

2009-03-11 16:31 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll

2009-03-07 18:16 . 2009-03-07 18:16 64,160 --a------ c:\windows\System32\drivers\Lbd.sys

2009-03-04 22:43 . 2009-03-04 22:43 <DIR> d-------- c:\program files\YouTube Downloader

2009-03-03 19:19 . 2009-03-03 21:24 <DIR> d-------- c:\users\Espen\AppData\Roaming\Orbit

2009-03-03 19:19 . 2009-03-03 19:19 <DIR> d-------- c:\users\Espen\AppData\Roaming\GrabPro

2009-03-03 19:19 . 2009-03-03 19:29 <DIR> d-------- C:\downloads

2009-03-02 20:18 . 2009-03-02 20:18 <DIR> d-------- c:\users\All Users\DFX

2009-03-02 20:18 . 2009-03-02 20:18 <DIR> d-------- c:\programdata\DFX

2009-03-02 20:18 . 2009-03-02 20:18 <DIR> d-------- c:\program files\DFX

2009-03-02 20:18 . 2009-03-02 20:18 <DIR> d-------- c:\program files\Common Files\DFX

2009-03-02 20:18 . 2009-03-02 20:18 <DIR> d-------- c:\program files\AskBarDis

2009-02-27 16:09 . 2009-02-27 16:09 <DIR> d-------- c:\users\Espen\AppData\Roaming\Stardock

2009-02-27 16:09 . 2009-02-27 16:09 <DIR> d-------- c:\program files\Stardock

2009-02-24 16:14 . 2009-02-24 16:14 <DIR> d-------- c:\users\Espen\AppData\Roaming\Template

2009-02-24 16:13 . 2009-03-19 16:02 264 --a------ c:\users\Espen\AppData\Roaming\wklnhst.dat

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-21 15:11 68,940 ----a-w c:\users\All Users\nvModes.dat

2009-03-21 15:11 68,940 ----a-w c:\programdata\nvModes.dat

2009-03-21 15:10 --------- d-----w c:\program files\Steam

2009-03-20 17:35 --------- d-----w c:\users\Espen\AppData\Roaming\mIRC

2009-03-19 20:52 --------- d-----w c:\users\Espen\AppData\Roaming\uTorrent

2009-03-19 01:06 --------- d-----w c:\program files\Microsoft Works

2009-03-19 01:05 --------- d-----w c:\program files\MSBuild

2009-03-19 00:52 --------- d-----w c:\programdata\Roxio

2009-03-19 00:43 --------- d-----w c:\programdata\Sonic

2009-03-17 15:00 --------- d-----w c:\program files\Common Files\Steam

2009-03-12 10:21 --------- d-----w c:\program files\Windows Mail

2009-03-11 19:27 --------- d-----w c:\program files\Opera

2009-02-24 17:39 --------- d-----w c:\programdata\NVIDIA

2009-02-20 02:03 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2

2009-02-18 15:31 --------- d-----w c:\program files\CCleaner

2009-02-17 01:27 --------- d-----w c:\program files\1234

2009-02-17 00:37 --------- d-----w c:\program files\PS3 Media Server

2009-02-17 00:26 --------- d-----w c:\users\Espen\AppData\Roaming\vlc

2009-02-17 00:25 --------- d-----w c:\program files\VideoLAN

2009-02-13 18:32 --------- d-----w c:\users\Espen\AppData\Roaming\Ventrilo

2009-02-13 18:28 --------- d-----w c:\program files\Ventrilo

2009-02-13 18:27 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2009-02-06 17:52 49,504 ----a-w c:\windows\System32\sirenacm.dll

2009-02-06 14:37 --------- d-----w c:\users\Espen\AppData\Roaming\Sports Interactive

2009-02-06 14:36 --------- d-----w c:\programdata\Sports Interactive

2009-02-06 14:33 --------- d-----w c:\programdata\Media Center Programs

2009-02-06 14:16 --------- d--h--w c:\program files\Zero G Registry

2009-02-06 14:16 --------- d-----w c:\program files\Sports Interactive

2009-02-01 21:21 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2009-02-01 19:06 174 --sha-w c:\program files\desktop.ini

2009-02-01 18:56 --------- d-----w c:\program files\Windows Sidebar

2009-02-01 18:56 --------- d-----w c:\program files\Windows Photo Gallery

2009-02-01 18:56 --------- d-----w c:\program files\Windows Journal

2009-02-01 18:56 --------- d-----w c:\program files\Windows Defender

2009-02-01 18:56 --------- d-----w c:\program files\Windows Collaboration

2009-02-01 18:56 --------- d-----w c:\program files\Windows Calendar

2009-02-01 17:05 82,432 ----a-w c:\windows\System32\axaltocm.dll

2009-02-01 17:05 101,888 ----a-w c:\windows\System32\ifxcardm.dll

2009-02-01 02:08 --------- d-----w c:\users\Espen\AppData\Roaming\HP

2009-02-01 02:08 --------- d-----w c:\users\Espen\AppData\Roaming\CyberLink

2009-02-01 02:08 --------- d-----w c:\programdata\HP

2009-01-31 17:16 --------- d-----w c:\programdata\Lavasoft

2009-01-31 17:15 --------- dc-h--w c:\programdata\{83C91755-2546-441D-AC40-9A6B4B860800}

2009-01-31 17:15 --------- d-----w c:\program files\Lavasoft

2009-01-31 15:53 --------- d-----w c:\program files\CONEXANT

2009-01-31 15:46 --------- d-----w c:\program files\uTorrent

2009-01-31 15:41 13,025 ----a-w c:\users\Espen\AppData\Roaming\nvModes.dat

2009-01-31 15:23 269,312 ----a-w c:\windows\System32\es.dll

2009-01-31 02:19 61,440 ----a-w c:\windows\System32\winipsec.dll

2009-01-31 02:19 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL

2009-01-31 02:19 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll

2009-01-31 02:19 272,896 ----a-w c:\windows\System32\polstore.dll

2009-01-31 02:18 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll

2009-01-31 02:18 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll

2009-01-31 02:18 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll

2009-01-31 02:10 296,960 ----a-w c:\windows\System32\gdi32.dll

2009-01-31 02:07 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys

2009-01-31 02:06 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll

2009-01-31 02:06 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll

2009-01-31 02:06 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll

2009-01-31 02:06 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll

2009-01-31 02:06 28,672 ----a-w c:\windows\System32\Apphlpdm.dll

2009-01-31 02:06 2,560 ----a-w c:\windows\AppPatch\AcRes.dll

2009-01-31 02:06 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll

2009-01-31 02:06 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll

2009-01-31 02:06 1,695,744 ----a-w c:\windows\System32\gameux.dll

2009-01-31 02:05 303,616 ----a-w c:\windows\System32\wmpeffects.dll

2009-01-31 02:04 2,048 ----a-w c:\windows\System32\msxml3r.dll

2009-01-31 02:04 1,191,936 ----a-w c:\windows\System32\msxml3.dll

2009-01-31 02:00 2,048 ----a-w c:\windows\System32\tzres.dll

2009-01-31 01:54 2,927,104 ----a-w c:\windows\explorer.exe

2009-01-31 01:46 29,184 ----a-w c:\windows\system32\drivers\BTHUSB.SYS

2009-01-31 01:46 220,160 ----a-w c:\windows\system32\drivers\bthport.sys

2009-01-31 01:46 19,456 ----a-w c:\windows\system32\drivers\bthenum.sys

2009-01-31 01:46 181,760 ----a-w c:\windows\System32\fsquirt.exe

2009-01-31 01:44 988,216 ----a-w c:\windows\System32\winload.exe

2009-01-31 01:44 927,288 ----a-w c:\windows\System32\winresume.exe

2009-01-31 01:44 615,992 ----a-w c:\windows\System32\ci.dll

2009-01-31 01:44 6,656 ----a-w c:\windows\System32\kbd106n.dll

2009-01-31 01:44 46,592 ----a-w c:\windows\System32\setbcdlocale.dll

2009-01-31 01:44 40,960 ----a-w c:\windows\System32\srclient.dll

2009-01-31 01:44 378,368 ----a-w c:\windows\System32\srcore.dll

2009-01-31 01:44 318,464 ----a-w c:\windows\System32\rstrui.exe

2009-01-31 01:44 19,000 ----a-w c:\windows\System32\kd1394.dll

2009-01-31 01:44 14,848 ----a-w c:\windows\System32\srdelayed.exe

2009-01-31 01:41 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll

2009-01-31 01:41 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll

2009-01-31 01:40 347,136 ----a-w c:\windows\System32\WindowsCodecsExt.dll

2009-01-30 23:11 --------- d-----w c:\program files\Common Files\Symantec Shared

2009-01-30 22:51 443,392 ----a-w c:\windows\System32\win32spl.dll

2009-01-30 22:51 37,888 ----a-w c:\windows\System32\printcom.dll

2009-01-30 22:49 14,848 ----a-w c:\windows\System32\wshrm.dll

2009-01-30 22:49 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys

2009-01-30 22:46 288,768 ----a-w c:\windows\system32\drivers\srv.sys

2009-01-30 22:37 97,800 ----a-w c:\windows\System32\infocardapi.dll

2009-01-30 22:37 781,344 ----a-w c:\windows\System32\PresentationNative_v0300.dll

2009-01-30 22:37 622,080 ----a-w c:\windows\System32\icardagt.exe

2009-01-30 22:37 43,544 ----a-w c:\windows\System32\PresentationHostProxy.dll

2009-01-30 22:37 326,160 ----a-w c:\windows\System32\PresentationHost.exe

2009-01-30 22:37 11,264 ----a-w c:\windows\System32\icardres.dll

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

2008-12-09 18:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

 

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

 

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885400]

"Steam"="c:\program files\steam\steam.exe" [2009-02-01 1410296]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]

"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-12-02 167936]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]

"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]

"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2006-12-04 46704]

"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 317152]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2006-10-18 472800]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-02-05 77824]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-30 1601304]

"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-07 515416]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]

Hurtigstart for Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{33D4A27D-FD41-4386-9A70-6C5A853188B4}"= UDP:c:\program files\HP\QuickPlay\QP.exe:QP

"{D48C3D3E-8F8A-4BE8-880B-D6697127EBCE}"= TCP:c:\program files\HP\QuickPlay\QP.exe:QP

"{F91794DE-D956-410E-87FE-964F665C8877}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe

"{C81378CB-7CA7-4F2C-B308-1BE346FF68EE}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe

"{78A56622-3DE4-4870-A990-965A23874C61}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe

"TCP Query User{A1C22594-99C6-45BA-BE84-CB39612C1E83}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{C02573AE-EA2F-40A7-9B3C-455A2051EDC2}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"TCP Query User{68D1C802-0B78-49A6-9947-0297CDBA450A}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC

"UDP Query User{7EF3A79C-EBD3-4D8F-B9C4-3746678CC5AC}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC

"TCP Query User{3D985BFC-FC30-48B3-A304-F0105302826F}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{B76BCE6C-EF85-4310-8725-A3B677C2C5D0}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"{816515A9-B1FD-481F-9CD0-89012DA812FD}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{162FDC74-3632-40DC-A47B-020D142EF28E}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

"TCP Query User{1E6A20CA-A6BD-4DE5-AFA8-71DEB97C88F2}c:\\program files\\steam\\steamapps\\heisum\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\heisum\counter-strike source\hl2.exe:hl2

"UDP Query User{ABDFB33C-8A0A-479A-9C08-2FD9072D829E}c:\\program files\\steam\\steamapps\\heisum\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\heisum\counter-strike source\hl2.exe:hl2

"{84F45B75-B92B-478C-91CB-AF12F7CDF937}"= UDP:c:\program files\Steam\steamapps\common\football manager 2009\fm.exe:Football Manager 2009

"{C3ABCBC7-4232-4141-A32A-BF5B9EDCABF3}"= TCP:c:\program files\Steam\steamapps\common\football manager 2009\fm.exe:Football Manager 2009

"TCP Query User{13B71038-7478-4AD4-A282-1B6B8BDAF82F}c:\\program files\\steam\\steamapps\\espenheisum91\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\espenheisum91\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{FDF7DDB7-F16F-4923-8750-F96E990128B9}c:\\program files\\steam\\steamapps\\espenheisum91\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\espenheisum91\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{588E3138-C70C-47CF-AE76-70AA71EE5192}c:\\program files\\java\\jre1.6.0\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0\bin\javaw.exe:Java Platform SE binary

"UDP Query User{C6C8C649-14A6-4B70-8D02-598DB18E3FE0}c:\\program files\\java\\jre1.6.0\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0\bin\javaw.exe:Java Platform SE binary

"TCP Query User{1D24E0DA-11EF-4FB3-8C5B-F780D1EA43E0}c:\\program files\\java\\jre1.6.0\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0\bin\javaw.exe:Java Platform SE binary

"UDP Query User{CD041277-5E84-4710-8F52-CFEDFDD5549B}c:\\program files\\java\\jre1.6.0\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0\bin\javaw.exe:Java Platform SE binary

"TCP Query User{098C1ACD-3E86-4052-A7CD-6F7009542861}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{974E5045-5606-45D7-8666-0D60F6D54F9B}c:\\program files\\steam\\steamapps\\heisumgeneral\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\heisumgeneral\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{4B566E06-28C0-41D8-9930-322CE8A0E9DD}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC

"UDP Query User{0E94FA02-D059-460B-8203-0433ED040B1B}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC

"TCP Query User{0BA50C73-B3A5-4692-9F14-5B8C527E63FF}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{ECDB747A-0AB2-4959-A4AA-0E631622BC07}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"TCP Query User{99C83A66-CD26-4E55-B148-73422754CAE7}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"UDP Query User{3EC6EF62-A953-4B30-85D3-1E69B3C719E5}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

"TCP Query User{E6EB794E-E59D-4FC6-9A2B-FBCA83DB5EFE}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader

"UDP Query User{20CA7AED-6EC0-4F2F-8556-9EE2215D8954}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader

"{E0AEBDA5-87CA-4FC9-9947-B819CCC05957}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

"{31ED077C-12C3-4A85-9297-653A4E921B26}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{CEE7D8C9-9A2C-4719-905A-D7BF6D337958}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{0C4D3C33-14EB-4A70-B04C-4D88E8B4BB87}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{330D1417-ED07-4D4E-AFD8-FFEC2F1C8FD5}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

 

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [2009-03-07 64160]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2009-01-30 325128]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-01-30 107272]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-30 903960]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-30 298264]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [2008-11-17 3668480]

S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-03-02 234888]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

 

2009-03-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-07 18:16]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://tv2.no/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NB_NO&c=71&bd=Pavilion&pf=laptop

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-21 16:46:50

Windows 6.0.6001 Service Pack 1 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

Tidspunkt ferdig: 2009-03-21 16:49:13

ComboFix-quarantined-files.txt 2009-03-21 15:49:09

 

Pre-Run: 73 580 109 824 byte ledig

Post-Run: 74,346,631,168 byte ledig

 

285 --- E O F --- 2009-03-21 02:13:58

Lenke til kommentar

Videoannonse

Videoannonse
Annonse

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste

  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...