[LØST] Hjelp til youtube virus

[fre4k]

Combofik loggen min:

 

ComboFix 08-06-01.6 - ADMIN 2008-06-02 23:10:32.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.884 [GMT 2:00]

Running from: C:\Documents and Settings\ADMIN\Desktop\ComboFix.exe

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\059573.exe

C:\WINDOWS\images.zip

 

.

((((((((((((((((((((((((( Files Created from 2008-05-02 to 2008-06-02 )))))))))))))))))))))))))))))))

.

 

2008-06-02 22:35 . 2008-06-02 22:34 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys

2008-06-02 22:34 . 2008-06-02 22:34 <DIR> d-------- C:\WINDOWS\Sun

2008-06-02 22:34 . 2008-06-02 22:35 <DIR> d-------- C:\Documents and Settings\ADMIN\.housecall6.6

2008-06-02 22:02 . 2008-06-02 22:02 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy

2008-06-02 22:02 . 2008-06-02 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-06-02 21:36 . 2008-06-02 21:36 <DIR> d--h----- C:\WINDOWS\PIF

2008-06-02 21:30 . 2008-06-02 21:30 53,252 -r-hs---- C:\WINDOWS\ehSched.exe

2008-06-01 13:06 . 2008-06-01 13:06 <DIR> d-------- C:\WINDOWS\LastGood

2008-06-01 01:57 . 2008-06-01 01:57 <DIR> d-------- C:\Logs

2008-06-01 01:34 . 2008-06-01 02:00 <DIR> d-------- C:\Program Files\World of Warcraft

2008-05-31 21:02 . 2008-06-01 01:32 <DIR> d-------- C:\Program Files\WoW-2.3.0.7561-enGB

2008-05-31 21:02 . 2008-06-01 01:45 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment

2008-05-31 03:24 . 2008-05-31 03:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet

2008-05-31 03:09 . 2008-05-31 03:09 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared

2008-05-30 15:01 . 2008-05-30 15:01 <DIR> d-------- C:\Program Files\Red Kawa

2008-05-30 15:01 . 2008-05-30 15:01 <DIR> d-------- C:\Program Files\AviSynth 2.5

2008-05-30 14:39 . 2008-06-01 06:53 54,400 --a------ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:39 . 2008-06-01 06:53 54,400 --a------ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:39 . 2008-06-01 06:53 788 --a------ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:37 . 2007-02-26 15:24 94,208 --a------ C:\WINDOWS\system32\cttele32.dll

2008-05-29 07:48 . 2008-05-29 07:48 <DIR> d-------- C:\Program Files\MSXML 4.0

2008-05-28 19:22 . 2008-05-28 19:22 <DIR> d-------- C:\Program Files\Microsoft Games

2008-05-28 19:22 . 2008-05-29 12:11 <DIR> d-------- C:\Program Files\GameSpy Arcade

2008-05-28 18:26 . 2008-05-28 18:26 <DIR> d-------- C:\Program Files\directx

2008-05-28 18:23 . 2008-05-28 18:26 <DIR> d-------- C:\Program Files\Sudden Strike II

2008-05-26 23:24 . 2008-05-26 23:24 <DIR> d-------- C:\Program Files\BODYGRAMLOUD

2008-05-25 23:51 . 2008-05-25 23:55 720,896 --a------ C:\WINDOWS\iun6002.exe

2008-05-25 23:50 . 2008-05-25 23:56 <DIR> d-------- C:\Program Files\Command And Conquer Red Alert 2 Yuri's Revenge

2008-05-25 20:01 . 2008-05-25 20:01 <DIR> d-------- C:\Program Files\Winamp Now Playing AutoHotkey script

2008-05-25 16:40 . 2008-05-25 19:37 <DIR> d-------- C:\Program Files\SopCast

2008-05-24 21:34 . 2008-05-24 21:54 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak

2008-05-24 21:06 . 2008-04-10 12:08 71,184 -ra------ C:\WINDOWS\system32\drivers\DefragFS.sys

2008-05-24 21:05 . 2008-05-24 21:05 <DIR> d-------- C:\Program Files\Raxco

2008-05-24 21:05 . 2008-05-24 21:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Raxco

2008-05-24 21:04 . 2008-05-24 21:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Protexis

2008-05-24 03:16 . 2008-05-24 03:16 <DIR> d-------- C:\Program Files\GoldWave

2008-05-23 13:57 . 2008-05-23 13:57 <DIR> d-------- C:\Program Files\Apple Software Update

2008-05-22 15:40 . 2008-05-22 15:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania

2008-05-22 09:48 . 2008-05-22 09:48 <DIR> d-------- C:\Program Files\Rockstar Games

2008-05-21 19:05 . 2008-06-01 20:25 <DIR> d-------- C:\Filmer

2008-05-20 23:32 . 2008-05-20 23:32 <DIR> d-------- C:\Program Files\K-Lite Codec Pack

2008-05-20 23:32 . 2008-01-10 13:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll

2008-05-20 23:32 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll

2008-05-20 23:19 . 2008-05-20 23:19 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Media Player Classic

2008-05-19 23:21 . 2008-05-19 23:21 <DIR> d-------- C:\Program Files\ZX-Playback-Pack

2008-05-19 23:20 . 2008-05-19 23:21 <DIR> d-------- C:\Program Files\ffdshow

2008-05-19 20:00 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys

2008-05-19 14:10 . 2008-05-19 14:10 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2008-05-18 23:48 . 2008-06-02 23:11 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\NoNameScript

2008-05-18 20:23 . 2008-05-18 20:23 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\BODYGRAMLOUD

2008-05-18 16:03 . 2008-05-21 19:05 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\BODYGRAMLOUD

2008-05-18 16:00 . 2008-05-18 16:00 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2008-05-18 03:45 . 2008-05-20 14:01 <DIR> d-------- C:\Serier

2008-05-18 02:40 . 2008-05-18 02:40 <DIR> d-------- C:\WINDOWS\system32\Futuremark

2008-05-18 02:40 . 2007-09-07 14:55 27,672 --a------ C:\WINDOWS\system32\drivers\Entech.sys

2008-05-18 02:40 . 2007-09-07 14:55 12,744 --a------ C:\WINDOWS\system32\drivers\Entech64.sys

2008-05-18 02:40 . 2007-09-07 14:55 6,173 --a------ C:\WINDOWS\system32\drivers\Entech.vxd

2008-05-18 02:40 . 2001-11-19 20:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys

2008-05-18 02:38 . 2008-05-18 02:38 <DIR> d-------- C:\Program Files\Futuremark

2008-05-17 23:30 . 2008-05-17 23:30 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire

2008-05-17 23:30 . 2007-10-12 03:56 490,776 --a------ C:\WINDOWS\system32\drivers\LV561AV.SYS

2008-05-17 23:29 . 2008-05-17 23:30 <DIR> d-------- C:\Program Files\Common Files\LogiShrd

2008-05-17 23:29 . 2008-05-17 23:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech

2008-05-17 23:29 . 2008-05-17 23:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd

2008-05-17 19:27 . 2008-05-31 03:15 <DIR> d-------- C:\Program Files\Common Files\Adobe

2008-05-17 18:27 . 2008-05-17 18:28 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Bioshock

2008-05-17 18:27 . 2008-05-17 18:27 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2008-05-17 16:29 . 2008-05-17 16:59 <DIR> d-------- C:\Program Files\Electronic Arts

2008-05-17 16:25 . 2008-05-26 00:19 <DIR> d-------- C:\Spill

2008-05-17 14:09 . 2008-05-17 14:11 <DIR> d-------- C:\Program Files\WhatPulse

2008-05-17 13:53 . 2008-05-16 11:39 211 --ahs---- C:\BOOT.BKK

2008-05-17 13:49 . 2008-05-17 13:49 <DIR> d-------- C:\Program Files\TGTSoft

2008-05-17 13:06 . 2008-05-17 13:06 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire

2008-05-17 13:05 . 2008-05-29 08:09 <DIR> d-------- C:\Program Files\Xfire

2008-05-17 13:05 . 2008-05-20 21:48 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Xfire

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\QuickTime

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\iTunes

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\iPod

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\Common Files\Apple

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\Bonjour

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple

2008-05-17 12:34 . 2008-05-25 14:59 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Apple Computer

2008-05-17 12:34 . 2008-06-01 06:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-05-17 12:34 . 2008-02-18 11:16 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys

2008-05-17 12:34 . 2008-05-17 12:35 1,409 --a------ C:\WINDOWS\QTFont.for

2008-05-17 12:02 . 2008-06-02 22:17 <DIR> d--h----- C:\$AVG8.VAULT$

2008-05-17 11:25 . 2008-05-17 23:29 <DIR> d-------- C:\Program Files\Logitech

2008-05-17 11:25 . 2008-05-17 11:25 <DIR> d-------- C:\Program Files\Common Files\Logitech

2008-05-17 11:22 . 2008-05-17 11:22 <DIR> d-------- C:\1db783fa3f8a2c54ba9e2e838f0f

2008-05-17 11:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-05-17 11:01 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-05-17 11:01 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-05-17 03:01 . 2008-05-30 20:20 <DIR> d-------- C:\Anime

2008-05-17 03:00 . 2008-05-17 03:00 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Program Files\Skype

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Program Files\Common Files\Skype

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype

2008-05-17 02:59 . 2008-06-02 16:06 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\skypePM

2008-05-17 02:59 . 2008-06-02 23:28 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Skype

2008-05-17 02:35 . 2008-05-17 02:35 <DIR> d-------- C:\Program Files\DAEMON Tools Lite

2008-05-17 02:25 . 2008-05-17 02:25 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\DAEMON Tools

2008-05-17 02:25 . 2008-05-17 02:25 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys

2008-05-17 01:52 . 2008-05-17 01:52 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Ubisoft

2008-05-17 01:48 . 2008-05-17 01:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ubisoft

2008-05-17 01:47 . 2008-05-17 01:47 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition

2008-05-17 01:47 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2008-05-17 01:46 . 2008-06-02 22:10 <DIR> d-------- C:\Program Files\Windows Live Toolbar

2008-05-17 01:39 . 2008-05-17 01:39 <DIR> d-------- C:\Program Files\Ubisoft

2008-05-17 01:39 . 2008-05-17 01:43 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller

2008-05-17 01:38 . 2008-06-02 21:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-05-17 01:25 . 2008-05-17 01:25 <DIR> d-------- C:\Program Files\nbs-irc

2008-05-16 14:17 . 2008-06-01 06:55 <DIR> d-------- C:\Program Files\mIRC

2008-05-16 14:17 . 2008-05-18 23:48 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\mIRC

2008-05-16 14:07 . 2008-05-16 14:07 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\vlc

2008-05-16 14:06 . 2008-05-16 14:06 <DIR> d-------- C:\Program Files\VideoLAN

2008-05-16 14:03 . 2008-06-02 19:54 <DIR> d-------- C:\Program Files\SpeedFan

2008-05-16 14:03 . 2008-05-16 14:03 45 --a------ C:\WINDOWS\system32\initdebug.nfo

2008-05-16 14:00 . 2008-06-02 13:54 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg

2008-05-16 14:00 . 2008-05-16 14:00 <DIR> d-------- C:\Program Files\AVG

2008-05-16 14:00 . 2008-05-16 14:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8

2008-05-16 14:00 . 2008-05-16 14:00 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys

2008-05-16 14:00 . 2008-05-16 14:00 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys

2008-05-16 14:00 . 2008-05-16 14:00 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll

2008-05-16 13:58 . 2008-05-16 13:58 <DIR> d-------- C:\Program Files\Lavasoft

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-30 12:37 413,696 ----a-w C:\WINDOWS\system32\wrap_oal.dll

2008-05-30 12:37 110,592 ----a-w C:\WINDOWS\system32\OpenAL32.dll

2008-05-16 09:51 --------- d-----w C:\Program Files\Intel

2008-05-16 09:43 --------- d-----w C:\Program Files\microsoft frontpage

2008-04-16 11:00 230,664 ----a-w C:\WINDOWS\system32\PDBoot.exe

2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" [2008-05-16 13:12 267592]

 

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-05-16 13:12 267592]

 

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]

"Creative MediaSource Go"="C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" [2005-12-12 09:36 143360]

"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]

"Steam"="C:\Program Files\Steam\Steam.exe" [2008-05-16 13:14 1271032]

"grimplatform"="C:\DOCUME~1\ADMIN\APPLIC~1\BODYGR~1\OptionBike.exe" [2008-05-26 23:23 440320]

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:45 22058792]

"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 20:31 1372160]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 11:19 1426432]

"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 11:35 626176]

"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 10:32 880640]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-02-28 07:34 13516800]

"nwiz"="nwiz.exe" [2008-02-28 07:34 1626112 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-02-28 07:34 86016]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]

"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-01-09 04:43 53340]

"Lachesis"="C:\Program Files\Razer\Lachesis\razerhid.exe" [2007-09-12 11:52 172032]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-16 14:00 1177368]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]

"Long Internet Team Stupid"="C:\Documents and Settings\All Users\Application Data\comp two long internet\bold glue.exe" [2008-06-02 20:18 781824]

"CTHelper"="CTHELPER.EXE" [2008-02-20 20:58 19456 C:\WINDOWS\system32\CtHelper.exe]

"CTxfiHlp"="CTXFIHLP.EXE" [2008-02-20 20:58 19968 C:\WINDOWS\system32\Ctxfihlp.exe]

"Windows UDP Control Center"="ehSched.exe" [2008-06-02 21:30 53252 C:\WINDOWS\ehSched.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

 

C:\Documents and Settings\ADMIN\Start Menu\Programs\Startup\

Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-05-14 03:29:28 3007824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="C:\\Program Files\\TGTSoft\\StyleXP\\Logon\\CurrentLogon.EXE"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.XFR1"= xfcodec.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\FrostWire\\FrostWire.exe"=

"C:\\Program Files\\uTorrent\\uTorrent.exe"=

"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\mIRC\\mirc.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=

"C:\\Program Files\\Steam\\steamapps\\moal_1993\\counter-strike\\hl.exe"=

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Program Files\\Xfire\\xfire.exe"=

"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=

"C:\\Program Files\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=

"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=

"C:\\Program Files\\SopCast\\SopCast.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

 

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-16 14:00]

R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-16 14:00]

R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2008-02-25 09:44]

R3 LachesisFltr;Lachesis Mouse Driver;C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 11:04]

S3 uisp;Freescale USB JW32 driver;C:\WINDOWS\system32\Drivers\usbicp.sys [2005-12-21 11:23]

S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys [2008-02-18 11:16]

 

*Newly Created Service* - APPMGMT

*Newly Created Service* - CATCHME

*Newly Created Service* - DEFRAGFS

*Newly Created Service* - TMCOMM

.

Contents of the 'Scheduled Tasks' folder

"2008-05-29 08:33:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-06-02 21:00:07 C:\WINDOWS\Tasks\E0E420248353F150.job"

- c:\docume~1\admin\applic~1\bodygr~1\debugupsite.exe

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-02 23:27:43

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-06-02 23:39:03

ComboFix-quarantined-files.txt 2008-06-02 21:38:27

 

Pre-Run: 569,818,845,184 bytes free

Post-Run: 570,175,045,632 bytes free

 

255 --- E O F --- 2008-06-01 12:30:32

Endret 5. juni 2008 av fre4k

[norbat]

Åpne notisblokk og kopier inn det som står i fet skrift under, lagre fila på skrivebordet som CFScript.txt

Dra deretter fila over Combofix-iconet. Combofix vil starte igjen.

 

File::

C:\WINDOWS\ehSched.exe

C:\WINDOWS\Tasks\E0E420248353F150.job

 

Folder::

C:\Documents and Settings\All Users\Application Data\comp two long internet

C:\DOCUME~1\ADMIN\APPLIC~1\BODYGR~1

 

Registry::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"grimplatform"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Long Internet Team Stupid"=-

"Windows UDP Control Center"=-

 

Post ny logg og fortell hvordan PC-en kjører

Endret 3. juni 2008 av norbat

[fre4k]

Men notepad vil ikke lagre i det formatet :/

[slippern]

Lagre det som CFScript.txt bare skriv det rett inn. så dreg tekst filen over i Combofix.

[fre4k]

Nå har jeg gjort det, for håpe MSN funker igjen ^^

 

Og takk for hjelpen

Endret 3. juni 2008 av fre4k

[norbat]

En ny logg er ønskelig

[fre4k]

Jeg gjør det imorgen, har ikke tid nå.

 

EDIT: Ser visst ut som jeg har det enda, skal kjøre ny compofix når jeg kommer hjem fra skolen.

Endret 4. juni 2008 av fre4k

[slippern]

seff har du det enda få logg så fort som mulig;)

[fre4k]

Endret 4. juni 2008 av fre4k

[fre4k]

Den vil ikke legge inn loggen :/

Endret 4. juni 2008 av fre4k

[norbat]

Se om du får lastet opp txt-fila som et vedlegg hvis du ikke får limt inn innholdet i en post.

[fre4k]

Det er filen

ComboFix.txt

[norbat]

Åpne notisblokk og kopier inn det som står i fet skrift under, lagre fila på skrivebordet som CFScript.txt

Dra deretter fila over Combofix-iconet. Combofix vil starte igjen.

 

File::

C:\WINDOWS\webdls.exe

C:\WINDOWS\webdl.exe

C:\WINDOWS\ehSched.exe

C:\WINDOWS\webdl.got

C:\WINDOWS\39382.got

C:\WINDOWS\sysutili.exe

C:\WINDOWS\ssehost.exe

C:\WINDOWS\sshost.exe

C:\WINDOWS\seeshost.exe

C:\WINDOWS\system32\sysregi.exe

 

Registry::

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Nod32 Runtime"=-

"Windows UDP Control Center"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

"Nod32 Runtime"=-

 

Post ny combofix-logg

 

Last ned gratisversjonen til SAS, installer og oppdater. Kjør en full scan. Ønsker å se logg-rapporten den lager om den finner noe annet enn cookies (preferences->statistic/logs)

Endret 4. juni 2008 av norbat

[fre4k]

ComboFix 08-06-01.6 - ADMIN 2008-06-04 17:41:14.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1500 [GMT 2:00]

Running from: C:\Documents and Settings\ADMIN\Desktop\ComboFix.exe

Command switches used :: C:\Documents and Settings\ADMIN\Desktop\CFScript.txt

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

 

FILE ::

C:\WINDOWS\39382.got

C:\WINDOWS\ehSched.exe

C:\WINDOWS\seeshost.exe

C:\WINDOWS\ssehost.exe

C:\WINDOWS\sshost.exe

C:\WINDOWS\system32\sysregi.exe

C:\WINDOWS\sysutili.exe

C:\WINDOWS\webdl.exe

C:\WINDOWS\webdl.got

C:\WINDOWS\webdls.exe

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\39382.got

C:\WINDOWS\ehSched.exe

C:\WINDOWS\seeshost.exe

C:\WINDOWS\ssehost.exe

C:\WINDOWS\sshost.exe

C:\WINDOWS\system32\sysregi.exe

C:\WINDOWS\sysutili.exe

C:\WINDOWS\webdl.exe

C:\WINDOWS\webdl.got

C:\WINDOWS\webdls.exe

 

.

((((((((((((((((((((((((( Files Created from 2008-05-04 to 2008-06-04 )))))))))))))))))))))))))))))))

.

 

2008-06-04 07:47 . 2008-06-04 07:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

2008-06-03 22:05 . 2006-11-30 14:58 61,536 -ra------ C:\WINDOWS\system32\drivers\se44bus.sys

2008-06-03 22:05 . 2006-11-30 14:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se44whnt.sys

2008-06-03 22:05 . 2006-11-30 14:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se44wh.sys

2008-06-03 22:04 . 2008-06-03 22:04 <DIR> d-------- C:\Program Files\Messenger Plus! Live

2008-06-03 22:04 . 2008-06-03 22:04 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Teleca

2008-06-03 22:04 . 2008-06-03 22:04 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Sony Ericsson

2008-06-03 22:02 . 2008-06-03 22:02 <DIR> d-------- C:\Program Files\Sony Ericsson

2008-06-03 22:02 . 2008-06-03 22:02 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared

2008-06-03 22:02 . 2008-06-03 22:02 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared

2008-06-03 22:02 . 2008-06-03 22:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Teleca

2008-06-03 22:02 . 2008-06-03 22:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson

2008-06-03 22:01 . 2008-06-03 22:01 <DIR> d-------- C:\WINDOWS\Downloaded Installations

2008-06-03 21:59 . 2008-06-03 21:59 <DIR> d-------- C:\Program Files\Disc2Phone

2008-06-03 21:57 . 2008-06-03 21:57 <DIR> d-------- C:\WINDOWS\system32\URTTEMP

2008-06-03 01:36 . 2008-06-03 01:38 <DIR> d-------- C:\Program Files\Windows Live

2008-06-03 00:58 . 2008-06-03 00:58 <DIR> d-------- C:\Program Files\Trend Micro

2008-06-03 00:56 . 2008-06-02 22:34 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys

2008-06-02 22:34 . 2008-06-02 22:34 <DIR> d-------- C:\WINDOWS\Sun

2008-06-02 22:34 . 2008-06-03 08:39 <DIR> d-------- C:\Documents and Settings\ADMIN\.housecall6.6

2008-06-02 22:02 . 2008-06-02 22:02 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy

2008-06-02 22:02 . 2008-06-02 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-06-02 21:36 . 2008-06-02 21:36 <DIR> d--h----- C:\WINDOWS\PIF

2008-06-01 01:57 . 2008-06-01 01:57 <DIR> d-------- C:\Logs

2008-06-01 01:34 . 2008-06-01 02:00 <DIR> d-------- C:\Program Files\World of Warcraft

2008-05-31 21:02 . 2008-06-01 01:32 <DIR> d-------- C:\Program Files\WoW-2.3.0.7561-enGB

2008-05-31 21:02 . 2008-06-01 01:45 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment

2008-05-31 03:24 . 2008-05-31 03:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet

2008-05-31 03:09 . 2008-05-31 03:09 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared

2008-05-30 15:01 . 2008-05-30 15:01 <DIR> d-------- C:\Program Files\Red Kawa

2008-05-30 15:01 . 2008-05-30 15:01 <DIR> d-------- C:\Program Files\AviSynth 2.5

2008-05-30 14:39 . 2008-06-04 15:58 54,400 --a------ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:39 . 2008-06-04 15:58 54,400 --a------ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:39 . 2008-06-04 15:58 788 --a------ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

2008-05-30 14:37 . 2007-02-26 15:24 94,208 --a------ C:\WINDOWS\system32\cttele32.dll

2008-05-29 07:48 . 2008-05-29 07:48 <DIR> d-------- C:\Program Files\MSXML 4.0

2008-05-28 19:22 . 2008-05-28 19:22 <DIR> d-------- C:\Program Files\Microsoft Games

2008-05-28 19:22 . 2008-05-29 12:11 <DIR> d-------- C:\Program Files\GameSpy Arcade

2008-05-28 18:26 . 2008-05-28 18:26 <DIR> d-------- C:\Program Files\directx

2008-05-28 18:23 . 2008-05-28 18:26 <DIR> d-------- C:\Program Files\Sudden Strike II

2008-05-25 23:51 . 2008-05-25 23:55 720,896 --a------ C:\WINDOWS\iun6002.exe

2008-05-25 23:50 . 2008-05-25 23:56 <DIR> d-------- C:\Program Files\Command And Conquer Red Alert 2 Yuri's Revenge

2008-05-25 20:01 . 2008-05-25 20:01 <DIR> d-------- C:\Program Files\Winamp Now Playing AutoHotkey script

2008-05-25 16:40 . 2008-05-25 19:37 <DIR> d-------- C:\Program Files\SopCast

2008-05-24 21:34 . 2008-05-24 21:54 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak

2008-05-24 21:06 . 2008-04-10 12:08 71,184 -ra------ C:\WINDOWS\system32\drivers\DefragFS.sys

2008-05-24 21:05 . 2008-05-24 21:05 <DIR> d-------- C:\Program Files\Raxco

2008-05-24 21:05 . 2008-05-24 21:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Raxco

2008-05-24 21:04 . 2008-05-24 21:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Protexis

2008-05-24 03:16 . 2008-05-24 03:16 <DIR> d-------- C:\Program Files\GoldWave

2008-05-23 13:57 . 2008-05-23 13:57 <DIR> d-------- C:\Program Files\Apple Software Update

2008-05-22 15:40 . 2008-05-22 15:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania

2008-05-22 09:48 . 2008-05-22 09:48 <DIR> d-------- C:\Program Files\Rockstar Games

2008-05-21 19:05 . 2008-06-01 20:25 <DIR> d-------- C:\Filmer

2008-05-20 23:32 . 2008-05-20 23:32 <DIR> d-------- C:\Program Files\K-Lite Codec Pack

2008-05-20 23:32 . 2008-01-10 13:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll

2008-05-20 23:32 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll

2008-05-20 23:19 . 2008-05-20 23:19 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Media Player Classic

2008-05-19 23:21 . 2008-05-19 23:21 <DIR> d-------- C:\Program Files\ZX-Playback-Pack

2008-05-19 23:20 . 2008-05-19 23:21 <DIR> d-------- C:\Program Files\ffdshow

2008-05-19 20:00 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys

2008-05-19 14:10 . 2008-05-19 14:10 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2008-05-18 23:48 . 2008-06-04 14:37 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\NoNameScript

2008-05-18 20:23 . 2008-05-18 20:23 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\BODYGRAMLOUD

2008-05-18 16:03 . 2008-05-21 19:05 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\BODYGRAMLOUD

2008-05-18 16:00 . 2008-05-18 16:00 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2008-05-18 03:45 . 2008-05-20 14:01 <DIR> d-------- C:\Serier

2008-05-18 02:40 . 2008-05-18 02:40 <DIR> d-------- C:\WINDOWS\system32\Futuremark

2008-05-18 02:40 . 2007-09-07 14:55 27,672 --a------ C:\WINDOWS\system32\drivers\Entech.sys

2008-05-18 02:40 . 2007-09-07 14:55 12,744 --a------ C:\WINDOWS\system32\drivers\Entech64.sys

2008-05-18 02:40 . 2007-09-07 14:55 6,173 --a------ C:\WINDOWS\system32\drivers\Entech.vxd

2008-05-18 02:40 . 2001-11-19 20:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys

2008-05-18 02:38 . 2008-05-18 02:38 <DIR> d-------- C:\Program Files\Futuremark

2008-05-17 23:30 . 2008-05-17 23:30 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire

2008-05-17 23:30 . 2007-10-12 03:56 490,776 --a------ C:\WINDOWS\system32\drivers\LV561AV.SYS

2008-05-17 23:29 . 2008-05-17 23:30 <DIR> d-------- C:\Program Files\Common Files\LogiShrd

2008-05-17 23:29 . 2008-05-17 23:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech

2008-05-17 23:29 . 2008-05-17 23:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd

2008-05-17 19:27 . 2008-05-31 03:15 <DIR> d-------- C:\Program Files\Common Files\Adobe

2008-05-17 18:27 . 2008-05-17 18:28 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Bioshock

2008-05-17 18:27 . 2008-05-17 18:27 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2008-05-17 16:29 . 2008-05-17 16:59 <DIR> d-------- C:\Program Files\Electronic Arts

2008-05-17 16:25 . 2008-05-26 00:19 <DIR> d-------- C:\Spill

2008-05-17 14:09 . 2008-05-17 14:11 <DIR> d-------- C:\Program Files\WhatPulse

2008-05-17 13:53 . 2008-05-16 11:39 211 --ahs---- C:\BOOT.BKK

2008-05-17 13:49 . 2008-05-17 13:49 <DIR> d-------- C:\Program Files\TGTSoft

2008-05-17 13:06 . 2008-05-17 13:06 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire

2008-05-17 13:05 . 2008-05-29 08:09 <DIR> d-------- C:\Program Files\Xfire

2008-05-17 13:05 . 2008-06-04 17:40 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Xfire

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\QuickTime

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\iTunes

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\iPod

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\Common Files\Apple

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Program Files\Bonjour

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-05-17 12:34 . 2008-05-17 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple

2008-05-17 12:34 . 2008-05-25 14:59 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Apple Computer

2008-05-17 12:34 . 2008-06-04 16:00 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-05-17 12:34 . 2008-02-18 11:16 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys

2008-05-17 12:34 . 2008-05-17 12:35 1,409 --a------ C:\WINDOWS\QTFont.for

2008-05-17 12:02 . 2008-06-03 01:45 <DIR> d--h----- C:\$AVG8.VAULT$

2008-05-17 11:25 . 2008-05-17 23:29 <DIR> d-------- C:\Program Files\Logitech

2008-05-17 11:25 . 2008-05-17 11:25 <DIR> d-------- C:\Program Files\Common Files\Logitech

2008-05-17 11:22 . 2008-05-17 11:22 <DIR> d-------- C:\1db783fa3f8a2c54ba9e2e838f0f

2008-05-17 11:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-05-17 11:01 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-05-17 11:01 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-05-17 03:01 . 2008-05-30 20:20 <DIR> d-------- C:\Anime

2008-05-17 03:00 . 2008-05-17 03:00 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Program Files\Skype

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Program Files\Common Files\Skype

2008-05-17 02:59 . 2008-05-17 02:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype

2008-05-17 02:59 . 2008-06-04 16:01 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\skypePM

2008-05-17 02:59 . 2008-06-04 17:40 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Skype

2008-05-17 02:35 . 2008-05-17 02:35 <DIR> d-------- C:\Program Files\DAEMON Tools Lite

2008-05-17 02:25 . 2008-05-17 02:25 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\DAEMON Tools

2008-05-17 02:25 . 2008-05-17 02:25 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys

2008-05-17 01:52 . 2008-05-17 01:52 <DIR> d-------- C:\Documents and Settings\ADMIN\Application Data\Ubisoft

2008-05-17 01:48 . 2008-05-17 01:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ubisoft

2008-05-17 01:47 . 2008-05-17 01:47 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition

2008-05-17 01:47 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2008-05-17 01:46 . 2008-06-02 22:10 <DIR> d-------- C:\Program Files\Windows Live Toolbar

2008-05-17 01:39 . 2008-05-17 01:39 <DIR> d-------- C:\Program Files\Ubisoft

2008-05-17 01:39 . 2008-05-17 01:43 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller

2008-05-17 01:38 . 2008-06-03 01:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-30 12:37 413,696 ----a-w C:\WINDOWS\system32\wrap_oal.dll

2008-05-30 12:37 110,592 ----a-w C:\WINDOWS\system32\OpenAL32.dll

2008-05-16 09:51 --------- d-----w C:\Program Files\Intel

2008-05-16 09:43 --------- d-----w C:\Program Files\microsoft frontpage

2008-04-16 11:00 230,664 ----a-w C:\WINDOWS\system32\PDBoot.exe

2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe

.

 

((((((((((((((((((((((((((((( snapshot_2008-06-04_14.44.01,25 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-06-03 14:29:32 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-06-04 13:59:34 2,048 --s-a-w C:\WINDOWS\bootstat.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" [2008-05-16 13:12 267592]

 

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-05-16 13:12 267592]

 

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]

"Creative MediaSource Go"="C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" [2005-12-12 09:36 143360]

"Steam"="C:\Program Files\Steam\Steam.exe" [2008-05-16 13:14 1271032]

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:45 22058792]

"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 20:31 1372160]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 11:19 1426432]

"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 11:35 626176]

"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 10:32 880640]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-02-28 07:34 13516800]

"nwiz"="nwiz.exe" [2008-02-28 07:34 1626112 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-02-28 07:34 86016]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]

"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-01-09 04:43 53340]

"Lachesis"="C:\Program Files\Razer\Lachesis\razerhid.exe" [2007-09-12 11:52 172032]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-16 14:00 1177368]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]

"CTHelper"="CTHELPER.EXE" [2008-02-20 20:58 19456 C:\WINDOWS\system32\CtHelper.exe]

"CTxfiHlp"="CTXFIHLP.EXE" [2008-02-20 20:58 19968 C:\WINDOWS\system32\Ctxfihlp.exe]

"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 01:06 487424]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

 

C:\Documents and Settings\ADMIN\Start Menu\Programs\Startup\

Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-05-14 03:29:28 3007824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="C:\\Program Files\\TGTSoft\\StyleXP\\Logon\\CurrentLogon.EXE"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.XFR1"= xfcodec.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\FrostWire\\FrostWire.exe"=

"C:\\Program Files\\uTorrent\\uTorrent.exe"=

"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\mIRC\\mirc.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=

"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=

"C:\\Program Files\\Steam\\steamapps\\moal_1993\\counter-strike\\hl.exe"=

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Program Files\\Xfire\\xfire.exe"=

"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=

"C:\\Program Files\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=

"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=

"C:\\Program Files\\SopCast\\SopCast.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"DEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ӟ"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

 

 

.

Contents of the 'Scheduled Tasks' folder

"2008-05-29 08:33:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-04 18:05:04

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-06-04 18:25:06

ComboFix-quarantined-files.txt 2008-06-04 16:24:06

ComboFix2.txt 2008-06-04 12:48:20

ComboFix3.txt 2008-06-03 14:25:29

ComboFix4.txt 2008-06-02 21:39:16

 

Pre-Run: 572,152,410,112 bytes free

Post-Run: 572,139,765,760 bytes free

 

276 --- E O F --- 2008-06-01 12:30:32

 

Starter scann med SAS nå

Endret 4. juni 2008 av fre4k

[norbat]

Fint,

Hvis Messenger Plus! ikke er noe du må har, avinstallerer du det fra legg til / fjern programmer (du bør uansett sjekke at du ikke har installert sponsorprogrammet som følger med)

 

Kjør en full scan med gratisversjonen til SAS

 

Post gjerne rapporten den lager (preferences->statistics/logs). Fortell hvordan det går med msn-problemet.

[fre4k]

Jeg skal poste rapporten når jeg er ferdig

 

Og tusen takk for hjelpen, vet jeg hva jeg skal gjør hvis jeg er uheldig en gang til ^^

[fre4k]

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 06/04/2008 at 07:02 PM

 

Application Version : 4.15.1000

 

Core Rules Database Version : 3473

Trace Rules Database Version: 1464

 

Scan type : Complete Scan

Total Scan Time : 00:13:33

 

Memory items scanned : 489

Memory threats detected : 0

Registry items scanned : 4697

Registry threats detected : 0

File items scanned : 19943

File threats detected : 25

 

Adware.Tracking Cookie

C:\Documents and Settings\ADMIN\Cookies\admin@advertising[1].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][1].txt

C:\Documents and Settings\ADMIN\Cookies\admin@atdmt[2].txt

C:\Documents and Settings\ADMIN\Cookies\admin@xiti[1].txt

C:\Documents and Settings\ADMIN\Cookies\admin@adbrite[1].txt

C:\Documents and Settings\ADMIN\Cookies\admin@doubleclick[1].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][2].txt

C:\Documents and Settings\ADMIN\Cookies\admin@serving-sys[2].txt

C:\Documents and Settings\ADMIN\Cookies\admin@fastclick[1].txt

C:\Documents and Settings\ADMIN\Cookies\admin@2o7[2].txt

C:\Documents and Settings\ADMIN\Cookies\admin@mediaplex[1].txt

C:\Documents and Settings\ADMIN\Cookies\admin@tribalfusion[2].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][1].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][3].txt

C:\Documents and Settings\ADMIN\Cookies\admin@clickbank[1].txt

C:\Documents and Settings\ADMIN\Cookies\admin@tradedoubler[1].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][1].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][2].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][1].txt

C:\Documents and Settings\ADMIN\Cookies\admin@adtech[1].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][2].txt

C:\Documents and Settings\ADMIN\Cookies\admin@apmebf[1].txt

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

track.adform.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adtech.de [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.advertising.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.advertising.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.advertising.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.advertising.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.advertising.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.telenor.112.2o7.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.doubleclick.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.tradedoubler.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.tradedoubler.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.tradedoubler.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

statse.webtrendslive.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

server.iad.liveperson.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.mediaplex.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

counter.hitslink.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

ad.yieldmanager.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

ad.yieldmanager.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

ad.yieldmanager.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

ad.yieldmanager.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

ad.yieldmanager.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.dmtracker.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.casalemedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.casalemedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.casalemedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.casalemedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.casalemedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.zedo.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.zedo.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.zedo.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.zedo.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.zedo.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adbrite.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adbrite.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adbrite.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

clicktorrent.info [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

date.ventivmedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

eas.apm.emediate.eu [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.imrworldwide.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.imrworldwide.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

ad1.emediate.dk [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.fastclick.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.fastclick.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.apmebf.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

media.adrevolver.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.realmedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.tacoda.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.tacoda.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adopt.specificclick.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adopt.specificclick.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.tribalfusion.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.realmedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.realmedia.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

ads.revsci.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adrevolver.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.adrevolver.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.atdmt.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.revsci.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.revsci.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.revsci.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.burstnet.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.premiumtv.122.2o7.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.ehg-bskyb.hitbox.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.hitbox.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.stat.katalysatormedia.no [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.usenext.de [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.usenext.de [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

www.countertracker.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

www.countertracker.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.statcounter.com [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

.saxobfno.112.2o7.net [ C:\Documents and Settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\pxn5ijtt.default\cookies.txt ]

C:\Documents and Settings\ADMIN\Cookies\admin@adnetserver[1].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][2].txt

C:\Documents and Settings\ADMIN\Cookies\[email protected][1].txt

 

 

SAS logg

[norbat]

Og så, hvordan går det med MSN-problemet?

[fre4k]

Har ikke merket noe enda, men det kan av og til ta litt tid før jeg begynner å sende linker.

 

Skal gi beskjed hvis jeg merker noe.

[r2d290]

Har ikke merket noe enda, men det kan av og til ta litt tid før jeg begynner å sende linker.

 

Skal gi beskjed hvis jeg merker noe.

 

 

Gi beskjed hvis du ikke merker noe også Da minner du oss på at vi må fortelle deg hvordan du avinstallerer combofix og litt annet...