Just nu i M3-nätverket
Gå till innehåll

exidos

Medlem
  • Antal inlägg

    78
  • Gick med

  • Senaste besök

Allt postat av exidos

  1. Har redan det installerat på datorn... Men tack en då. Funkar fortfarande inte
  2. ja, jag startar om datorn. Jag har bara en lägg till ta bort program i min som heter "ATI catalyst install manager". Jag brukar alltid ladda ner drivrutiner till grafikkortet från ATIs hemsida, prövade även nu att ladda ner från Powercolors hemsida men gav fortfarande samma problem...
  3. Nej, CCC.exe syns inte i aktivitetshanteraren kan inte starta det häller genom att starta ny process...
  4. Har uppdaterat drivrutiner till mitt 4870, men nu när jag loggade in på datorn så syns inte ATI ikonen nere till höger av skärmen, och så syns inte CCC när jag höger klickar på skrivbordet. Har prövat med att avinstallera drivrutinerna och installerat dom igen, men händer samma sak att jag inte ser ikonen eller ccc när jag högerklickar. Jag använder w7 64bits, någon som vet vad det kan vara för fel:S?. Hjälp tack. Har också prövat att enbart ladda ner CCC men det fungerar fortfarande inte...
  5. Okej!, tack för svaret!, ska enbart byta processor!. För att mitt moderkort stödjer AM3 med den nyaste bios versionen!
  6. Som rubriken säger. Ska uppgradera från AMD Athlon 64 X2 6000+ till AMD Phenom II X4 965BE, och jag undrar om det är nödvändigt att installera om windows?. Använder Windows 764bits. Tack i förhand!. Eller räcker det med att avinstallera den gamla processorn via enhetshanteraren?.
  7. Jag har en Samsung SyncMaster P2470HD och jag undrar om det på något sätt går att köpa en fjärrkontroll till den?. När jag köpte skärmen så fick jag med en men den försvunnit med tiden. Så finns det att köpa någon stans?, har sökt på Google & Samsungs hemsida men hittar inget. Här är en bild på den http://data.fuskbugg.se/skalman01/syncmaster.JPG [inlägget ändrat 2009-12-20 01:19:55 av exidos]
  8. Hej!, jag köpte ett par nya minnen ---> http://www.komplett.se/k/ki.aspx?sku=346193 sen har jag ett par http://www.komplett.se/k/ki.aspx?sku=321028 , och jag undrar hur man får dom att fungera med varandra?. För att när jag stoppar i dom gamla tillsammans med dom nya i moderkortet så funkar inte skärmen. Men när jag tar bort dom gamla så funkar skärmen. Är det någon som jag måste ändra?. Tack i förhand! Använder Windows 7 ultimate x64 MSI K9A2 Platinum AMD Athlon 64 X2 6000+ powercolor radeon hd 4870 [inlägget ändrat 2009-12-02 17:11:41 av exidos]
  9. RN: Joo jag hade tänkt mig att bara byta till den 4kärniga processorn.
  10. jannejanne:okej. Har windows764bits ultimate OEM RETAIL. Nu har jag 2kärnig processor, ska uppgradera till en 4kärnig. Tack för svaret! flora50: Okej, tack! för svaret, ska pröva det.
  11. Tack så mycket för svaret!. Ska uppgradera till en 4 kärnig processor, har 2kärnig nu. Om jag har tur så kanske jag slipper att windows inte hänger med. Sånt som märks!. Tack
  12. Tänkte köpa en ny processor till datorn, och jag undrar om man måste installera om windows?. Vill helst slippa det. Tack i förväg!
  13. Hej!, jag har ett problem som gör att datorn låser sig. Varje gång jag försöker starta wc3 så startar det inte och datorn låser sig, kan inte få upp aktivitetshanteraren eller göra något annat. Kan starta vilket spel jag vill men inte wc3, har tagit bort det och hämtat det från en annan dator med det händer ändå samma sak. Har inte haft detta problem tidigare:S, det fungerade i söndags när jag spelade det. Och så fungerar det på den andra datorn med, men inte den här. Skulle vara guldvärt om någon visst va det var för fel, Tack!
  14. Har skickat mail till dom, och dom har sakt att dom inte kan göra något åt det. Dom sa "Vilken otur du har, tyvärr så kan vi inte hjälpa dig"
  15. jag har ett problem, vi fick strömavbrott inatt och mitt modem och router la av i ca 8timmar utan ström. Efter det så har inte jag kunnat gå in på bilddagboken,kamrat, är bannad på dom sidorna har inte vart det förut. Min polare sa att jag har fått någons annans ip-adress under den tiden som mitt modem och router var avstäng. Jag har prövat massor av olika metoder men inget har fungerat, så min fråga är om det finns något sätt som fungerar?
  16. [log]GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-06-02 19:06:05 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- SSDT 8955C630 ZwAssignProcessToJobObject SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xBA11887E] SSDT spnv.sys ZwEnumerateKey [0xB9EC5CA4] SSDT spnv.sys ZwEnumerateValueKey [0xB9EC6032] SSDT spnv.sys ZwOpenKey [0xB9EA70C0] SSDT 8955BA60 ZwOpenProcess SSDT 8955BE80 ZwOpenThread SSDT spnv.sys ZwQueryKey [0xB9EC610A] SSDT spnv.sys ZwQueryValueKey [0xB9EC5F8A] SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xBA118BFE] SSDT 8955C460 ZwSuspendProcess SSDT 8955C280 ZwSuspendThread SSDT 8955BC90 ZwTerminateProcess SSDT 8955C0B0 ZwTerminateThread INT 0x62 ? 8A863BF8 INT 0x73 ? 8A65AF00 INT 0x83 ? 8A65AF00 INT 0x83 ? 8A65AF00 INT 0x94 ? 8A65AF00 INT 0xB4 ? 8A863BF8 INT 0xB4 ? 8A863BF8 INT 0xB4 ? 8A863BF8 ---- Kernel code sections - GMER 1.0.15 ---- ? spnv.sys Det går inte att hitta filen. ! .text USBPORT.SYS!DllUnload B4F758AC 5 Bytes JMP 8A65A4E0 .text aynfqiwd.SYS B4D34386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text aynfqiwd.SYS B4D343AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text aynfqiwd.SYS B4D343C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH} .text aynfqiwd.SYS B4D343C9 1 Byte [30] .text aynfqiwd.SYS B4D343C9 11 Bytes [30, 00, 00, 00, 5C, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESP; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL} .text ... ---- User code sections - GMER 1.0.15 ---- .text C:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe[500] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [b9EA8042] spnv.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [b9EA813E] spnv.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [b9EA80C0] spnv.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [b9EA8800] spnv.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [b9EA86D6] spnv.sys IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!READ_PORT_UCHAR] 1C8D9E88 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!KeGetCurrentIrql] 9E880000 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!KfRaiseIrql] 00001CA9 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!KfLowerIrql] 0E798366 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!HalGetInterruptVector] 74AAB000 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!HalTranslateBusAddress] 8186C636 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!KfReleaseSpinLock] 1C8386C6 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!READ_PORT_USHORT] 001C8E86 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200 IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CAA IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[WMILIB.SYS!WmiSystemControl] 8800001C IAT \SystemRoot\System32\Drivers\aynfqiwd.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB19E ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\winlogon.exe[1080] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtLockProductActivationKeys] [0500073E] C:\WINDOWS\system32\antiwpa.dll IAT C:\WINDOWS\system32\winlogon.exe[1080] @ C:\WINDOWS\system32\winlogon.exe [uSER32.dll!GetSystemMetrics] [05000756] C:\WINDOWS\system32\antiwpa.dll ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8A8D11F8 AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) Device \FileSystem\Fastfat \FatCdrom 892691F8 Device \Driver\usbohci \Device\USBPDO-0 8A62E1F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A8D31F8 Device \Driver\dmio \Device\DmControl\DmConfig 8A8D31F8 Device \Driver\dmio \Device\DmControl\DmPnP 8A8D31F8 Device \Driver\dmio \Device\DmControl\DmInfo 8A8D31F8 Device \Driver\usbohci \Device\USBPDO-1 8A62E1F8 Device \Driver\usbohci \Device\USBPDO-2 8A62E1F8 Device \Driver\usbohci \Device\USBPDO-3 8A62E1F8 Device \Driver\usbohci \Device\USBPDO-4 8A62E1F8 AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET) AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB) Device \Driver\usbehci \Device\USBPDO-5 8A5F61F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 8A8641F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8A8641F8 Device \Driver\Cdrom \Device\CdRom0 8A5EA1F8 Device \Driver\Cdrom \Device\CdRom1 8A5EA1F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 894091F8 Device \Driver\NetBT \Device\NetbiosSmb 894091F8 Device \Driver\PCI_PNP4510 \Device\0000004c spnv.sys Device \Driver\usbohci \Device\USBFDO-0 8A62E1F8 Device \Driver\usbohci \Device\USBFDO-1 8A62E1F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 893EE1F8 Device \Driver\usbohci \Device\USBFDO-2 8A62E1F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 893EE1F8 Device \Driver\usbohci \Device\USBFDO-3 8A62E1F8 Device \Driver\usbohci \Device\USBFDO-4 8A62E1F8 Device \Driver\Ftdisk \Device\FtControl 8A8641F8 Device \Driver\usbehci \Device\USBFDO-5 8A5F61F8 Device \Driver\aynfqiwd \Device\Scsi\aynfqiwd1Port4Path0Target0Lun0 8A566500 Device \Driver\aynfqiwd \Device\Scsi\aynfqiwd1 8A566500 Device \Driver\sptd \Device\2990502010 spnv.sys Device \FileSystem\Fastfat \Fat 892691F8 AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET) Device \FileSystem\Cdfs \Cdfs 8A4821F8 ---- Threads - GMER 1.0.15 ---- Thread System [4:388] 8955A790 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE2 0xAD 0x06 0xD1 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x8D 0x4E 0x2C 0x60 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x8D 0x4E 0x2C 0x60 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x59 0xEC 0x78 0x5F ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD8 0x8D 0xA1 0xB4 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD8 0x8D 0xA1 0xB4 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq@start 1 Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq@type 1 Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq@group file system Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq@imagepath \systemroot\system32\drivers\kungsffuxsrflx.sys Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main@aid 10034 Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main@sid 0 Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main@cmddelay 3600 Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main\delete Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main\injector Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main\injector@* kungsfwsp.dll Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\main\tasks Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\modules Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\modules@kungsfrk.sys \systemroot\system32\drivers\kungsffuxsrflx.sys Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\modules@kungsfcmd.dll \systemroot\system32\kungsfodpkowip.dll Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\modules@kungsflog.dat \systemroot\system32\kungsfyujovmpx.dat Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\modules@kungsf.dat \systemroot\system32\kungsfiycdtkci.dat Reg HKLM\SYSTEM\ControlSet007\Services\kungsffubvdppq\modules@kungsfwsp.dll \systemroot\system32\kungsfiqowupxe.dll Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x31 0x90 0xC0 0xC9 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE9 0xB0 0x7C 0x46 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x6B 0xBD 0x40 0x54 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD8 0x8D 0xA1 0xB4 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq@start 1 Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq@type 1 Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq@group file system Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq@imagepath \systemroot\system32\drivers\kungsffuxsrflx.sys Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main@aid 10034 Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main@sid 0 Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main@cmddelay 3600 Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main\delete Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main\injector Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main\injector@* kungsfwsp.dll Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\main\tasks Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\modules Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\modules@kungsfrk.sys \systemroot\system32\drivers\kungsffuxsrflx.sys Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\modules@kungsfcmd.dll \systemroot\system32\kungsfodpkowip.dll Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\modules@kungsflog.dat \systemroot\system32\kungsfyujovmpx.dat Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\modules@kungsf.dat \systemroot\system32\kungsfiycdtkci.dat Reg HKLM\SYSTEM\ControlSet008\Services\kungsffubvdppq\modules@kungsfwsp.dll \systemroot\system32\kungsfiqowupxe.dll Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x31 0x90 0xC0 0xC9 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE9 0xB0 0x7C 0x46 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x6B 0xBD 0x40 0x54 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD8 0x8D 0xA1 0xB4 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq@start 1 Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq@type 1 Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq@group file system Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq@imagepath \systemroot\system32\drivers\kungsffuxsrflx.sys Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main@aid 10034 Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main@sid 0 Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main@cmddelay 3600 Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main\delete Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main\injector Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main\injector@* kungsfwsp.dll Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\main\tasks Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\modules Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\modules@kungsfrk.sys \systemroot\system32\drivers\kungsffuxsrflx.sys Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\modules@kungsfcmd.dll \systemroot\system32\kungsfodpkowip.dll Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\modules@kungsflog.dat \systemroot\system32\kungsfyujovmpx.dat Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\modules@kungsf.dat \systemroot\system32\kungsfiycdtkci.dat Reg HKLM\SYSTEM\ControlSet009\Services\kungsffubvdppq\modules@kungsfwsp.dll \systemroot\system32\kungsfiqowupxe.dll Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x31 0x90 0xC0 0xC9 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE9 0xB0 0x7C 0x46 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x6B 0xBD 0x40 0x54 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD8 0x8D 0xA1 0xB4 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x31 0x90 0xC0 0xC9 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE9 0xB0 0x7C 0x46 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x6B 0xBD 0x40 0x54 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD8 0x8D 0xA1 0xB4 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program\DAEMON Tools LiteReg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x31 0x90 0xC0 0xC9 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE9 0xB0 0x7C 0x46 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x6B 0xBD 0x40 0x54 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0x9B 0xF9 0x56 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE3 0xB4 0x24 0xF2 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD8 0x8D 0xA1 0xB4 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x33 0x2F 0xF4 0x8D ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG11.00.00.01WORKSTATION C4583D3FB9C8D8847EB40AA6348ACF11AB637A32241214A95EC38CF790EFFCA28EA15364CC5EBC56EF2423AE9F57907FDA0ACE1BEC7C8E6D4C3E7A9482D176F5EBB8750D61C51D4B27ABAC33A7095D125F0625757E35A2D01FC58FDA9DC8802DE7FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98085D575E7D6A3B9808FEBC9E127BECC74CE63DCCCC461F76659C0CE4E6E78D2B4603338D1F15BC4C6B518CA405A68C715B06F88F5BE8D4DDEEB066949B92FC3A1E1AF2F98B0F1E21D9AF1C7DD916BEFAF5447A98D394162EA2238F13A9E36217F8F0AA69BCD353D615D5CD81850378F14185B32E8305D1B52C0E5D04445D60FD3BF32CFB6F4A4CBA5BA795EC6E579B4EF3C3DCCA9A477DBB5E1EE6BE86D21BA2EDA71407C72A7E098E1D30B2DFCF8EFC6B89711EAC408F782D93884FEBEBB92A41A03C924A016677B6C099F58AFEBCDB27F7AF893325031A31C56374D7A4EAAF0689C85B632FFD2BFD339513804B15424A431B248A01D7BEA81CD9A30F4BDD40B1A01D5260E8C9C0B326A815B96E88751DB37A37F132927F72159581398448DDDE38621BF2374EC4CB611F3F12758E338B2559448EECBAE194C1816CE6C961FECAB7068E3377943C5B3F0506C8C122AAA508867A69B65BE4B7464FF107E3678 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 ---- EOF - GMER 1.0.15 ---- [/log]
  17. Har försökt igen med Combofix, händer samma sak igen att det står"Att jag inte ska starta några program för att combofix ska göra en log". Har väntat i 2 timmar och inget händer. Har sökt igenom datorn efter "ComboFix.txt" men hittar inget.
  18. [log]Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 Trojan.Win32.Rabbit!IK AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 - Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 - AVG 8.5.0.339 2009.05.30 Win32/Cryptor BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 - Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 Trojan-Downloader.Win32.Small.akzj McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 Artemis!4DC5A88124C0 McAfee-GW-Edition 6.7.6 2009.05.29 - Microsoft 1.4701 2009.05.30 TrojanDownloader:Win32/Cutwail.AI NOD32 4117 2009.05.30 - Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.31 High Risk Cloaked Malware Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 Troj/Pushdo-AN Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 Trojan Horse TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 - VirusBuster 4.6.5.0 2009.05.30 Trojan.DL.Cutwail.UL [/log] [log] Malwarebytes' Anti-Malware 1.37 Databasversion: 2198 Windows 5.1.2600 Service Pack 3 2009-05-31 00:03:56 mbam-log-2009-05-31 (00-03-53).txt Skanningstyp: Snabb skanning Antal skannade objekt: 86222 Förfluten tid: 2 minute(s), 13 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 1 Infekterade registernycklar: 2 Infekterade registervärden: 0 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 3 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> No action taken. Infekterade registernycklar: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\securentm (Trojan.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\antiwpa (Trojan.I.Stole.Windows) -> No action taken. Infekterade registervärden: (Inga illasinnade poster hittades) Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: c:\WINDOWS\Temp\BN6.tmp (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\drivers\securentm.sys (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> No action taken. [/log] Efter jag startade om datorn efter jag hade använt ComboFix så står det att jag inte skulle öppna några program eller dylikt för att ComboFix skulle skapa en loga men väntade i 20 min och det hände inget, men den raderade lite saker som Exidoz.exe och några andra saker med.
  19. C:\Documents and Settings\Exidoz\Exidoz.exe, vet jag inte vad det är:S
  20. [log]Fil ati64si.sys Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 TR/Crypt.XDR.Gen Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.29 Win32:Cutwail AVG 8.5.0.339 2009.05.30 - BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 Win32:Cutwail Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 Trojan-Dropper.Win32.Agent.asdd McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 - McAfee-GW-Edition 6.7.6 2009.05.29 Trojan.Crypt.XDR.Gen Microsoft 1.4701 2009.05.30 - NOD32 4117 2009.05.30 a variant of Win32/TrojanDownloader.Wigon.BS Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 - Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 Mal/Emogen-Y Sunbelt 3.2.1858.2 2009.05.30 Rootkit.Win32.Agent.gvv Symantec 1.4.4.12 2009.05.30 Hacktool.Rootkit TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 - *********************************************************** Fil lxrundc.exe Resultat: 10/40 (25%) Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 Worm/Ready.40449 Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 - AVG 8.5.0.339 2009.05.30 SHeur2.AHPI BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 Win32/Cutwail.AJX F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 - Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 - McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 - McAfee-GW-Edition 6.7.6 2009.05.29 Worm.Ready.40449 Microsoft 1.4701 2009.05.30 - NOD32 4117 2009.05.30 Win32/Wigon.KQ Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 Medium Risk Malware Rising 21.31.21.00 2009.05.27 Worm.Win32.Nodef.cd Sophos 4.42.0 2009.05.30 Sus/EncPk-LN Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 Backdoor.Trojan TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 Trojan.Win32.Agent.40449 VirusBuster 4.6.5.0 2009.05.30 - ************************************************************ Fil C:\mimpjfg.exe Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 HEUR/Malware Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 Win32:Trojan-gen {Other} AVG 8.5.0.339 2009.05.30 Generic13.AWIG BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 Win32:Trojan-gen {Other} Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 Trojan-GameThief.Win32.WOW.orc McAfee 5631 2009.05.30 Generic PWS.g McAfee+Artemis 5631 2009.05.30 Generic PWS.g McAfee-GW-Edition 6.7.6 2009.05.29 Heuristic.Malware Microsoft 1.4701 2009.05.30 - NOD32 4117 2009.05.30 Win32/PSW.WOW.NKN Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 Trj/Downloader.VYZ PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 Medium Risk Malware Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 - Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 - TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 TROJ_GAMETHI.KHB VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 Trojan.Win32.PSWWow.16384.N VirusBuster 4.6.5.0 2009.05.30 - ******************************************************** Fil C:\bwhjhr.exe Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 TR/Spy.Gen Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 Win32:Zlob-CWB AVG 8.5.0.339 2009.05.30 Agent_r.MM BitDefender 7.2 2009.05.30 BehavesLike:Win32.Malware CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 Win32/Puper.XR F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 Win32:Zlob-CWB Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 Heur.Trojan.Generic McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 - McAfee-GW-Edition 6.7.6 2009.05.29 Trojan.Spy.Gen Microsoft 1.4701 2009.05.30 Trojan:Win32/Puvbed.B NOD32 4117 2009.05.30 a variant of Win32/TrojanProxy.Wintu.B Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 High Risk Cloaked Malware Rising 21.31.21.00 2009.05.27 Worm.Win32.Undef.gu Sophos 4.42.0 2009.05.30 Mal/Zlob-AG Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 - TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 - VirusBuster 4.6.5.0 2009.05.30 - ******************************************************** Fil C:\cqgq.exe Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 TR/Crypt.ULPM.Gen Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 W32/Heuristic-MUP!Eldorado Avast 4.8.1335.0 2009.05.30 - AVG 8.5.0.339 2009.05.30 - BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 Suspicious File eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 W32/Heuristic-MUP!Eldorado F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 - Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 - McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 - McAfee-GW-Edition 6.7.6 2009.05.29 Trojan.Crypt.ULPM.Gen Microsoft 1.4701 2009.05.30 - NOD32 4117 2009.05.30 - Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 - Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 Sus/UnkPacker Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 - TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 PAK_Generic.001 VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 - VirusBuster 4.6.5.0 2009.05.30 - ********************************************************* Fil C:\linc.exe Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 - Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 - AVG 8.5.0.339 2009.05.30 - BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 (Suspicious) - DNAScan ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 - Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 - McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 - McAfee-GW-Edition 6.7.6 2009.05.29 - Microsoft 1.4701 2009.05.30 - NOD32 4117 2009.05.30 - Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 Medium Risk Malware Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 - Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 - TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 - ********************************************************* Fil C:\tpoof.exe Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 Trojan-PSW.Win32.WebMoner.ew!A2 AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 - Antiy-AVL 2.0.3.1 2009.05.27 Trojan/Win32.WebMoner Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 - AVG 8.5.0.339 2009.05.30 FakeAlert.KG BitDefender 7.2 2009.05.30 Gen:Trojan.Heur.GM.0040030801 CAT-QuickHeal 10.00 2009.05.29 (Suspicious) - DNAScan ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 Suspicious File eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 Gen:Trojan.Heur.GM.0040030801 Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 Trojan-Spy.Win32.Zbot.vrr McAfee 5631 2009.05.30 Downloader-BPX McAfee+Artemis 5631 2009.05.30 Downloader-BPX McAfee-GW-Edition 6.7.6 2009.05.29 Virus.Win32.FileInfector.gen (suspicious) Microsoft 1.4701 2009.05.30 Backdoor:Win32/Phdet.gen!A NOD32 4117 2009.05.30 - Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 - Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 Mal/FakeVirPk-A Sunbelt 3.2.1858.2 2009.05.30 MSAntispyware 2009 (v) Symantec 1.4.4.12 2009.05.30 - TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 - VirusBuster 4.6.5.0 2009.05.30 - ********************************************************* Fil c:\windows\_MSRSTRT.EXE Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 - Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 - AVG 8.5.0.339 2009.05.30 - BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 - Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 - McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 - McAfee-GW-Edition 6.7.6 2009.05.29 - Microsoft 1.4701 2009.05.30 - NOD32 4117 2009.05.30 - Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 - Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 - Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 - TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - ViRobot 2009.5.29.1761 2009.05.29 Not_a_virus:RiskTool.Reboot.2560 VirusBuster 4.6.5.0 2009.05.30 - ********************************************************* Fil c:\docume~1\exidoz\applic~1\inst.exe Antivirus Version Senaste Uppdatering Resultat a-squared 4.0.0.101 2009.05.30 - AhnLab-V3 5.0.0.2 2009.05.29 - AntiVir 7.9.0.180 2009.05.30 - Antiy-AVL 2.0.3.1 2009.05.27 - Authentium 5.1.2.4 2009.05.30 - Avast 4.8.1335.0 2009.05.30 - AVG 8.5.0.339 2009.05.30 - BitDefender 7.2 2009.05.30 - CAT-QuickHeal 10.00 2009.05.29 - ClamAV 0.94.1 2009.05.30 - Comodo 1220 2009.05.30 - DrWeb 5.0.0.12182 2009.05.29 - eSafe 7.0.17.0 2009.05.27 - eTrust-Vet 31.6.6530 2009.05.30 - F-Prot 4.4.4.56 2009.05.30 - F-Secure 8.0.14470.0 2009.05.30 - Fortinet 3.117.0.0 2009.05.30 - GData 19 2009.05.30 - Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 - Kaspersky 7.0.0.125 2009.05.30 - McAfee 5631 2009.05.30 - McAfee+Artemis 5631 2009.05.30 - McAfee-GW-Edition 6.7.6 2009.05.29 - Microsoft 1.4701 2009.05.30 - NOD32 4117 2009.05.30 - Norman 6.01.05 2009.05.29 - nProtect 2009.1.8.0 2009.05.30 - Panda 10.0.0.14 2009.05.30 - PCTools 4.4.2.0 2009.05.30 - Prevx 3.0 2009.05.30 - Rising 21.31.21.00 2009.05.27 - Sophos 4.42.0 2009.05.30 - Sunbelt 3.2.1858.2 2009.05.30 - Symantec 1.4.4.12 2009.05.30 - TheHacker 6.3.4.3.334 2009.05.29 - TrendMicro 8.950.0.1092 2009.05.29 - VBA32 3.12.10.6 2009.05.27 - ViRobot 2009.5.29.1761 2009.05.29 ********************************************************* [/log] [log] Results of screen317's Security Check version 0.98.3 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: `````````````````````````````` ESETNOD32Antivirus WindowsLiveOneCaresafetyscanner MagicTunePremium Antivirus up to date! (On Access scanning disabled!) `````````````````````````````` Anti-malware/Other Utilities Check: `````````````````````````````` Ad-Aware Malwarebytes' Anti-Malware TuneUp Utilities 2009 Java 6 Update 13 `````````````````````````````` Process Check: objlist.exe by Laurent `````````````````````````````` Ad-Aware AAWService.exe Ad-Aware AAWTray.exe ESET ESET NOD32 Antivirus egui.exe ESET ESET NOD32 Antivirus ekrn.exe `````````````````````````````` DNS Vulnerability Check: `````````````````````````````` GREAT! (Very random) Scan took 47 seconds. `````````End of Log``````````` [/log]
  21. [log]Malwarebytes' Anti-Malware 1.37 Databasversion: 2192 Windows 5.1.2600 Service Pack 3 2009-05-29 18:57:17 mbam-log-2009-05-29 (18-57-17).txt Skanningstyp: Snabb skanning Antal skannade objekt: 85467 Förfluten tid: 1 minute(s), 59 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 1 Infekterade registernycklar: 8 Infekterade registervärden: 0 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 12 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Delete on reboot. Infekterade registernycklar: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\acpi32 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\systemntmi (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\antiwpa (Trojan.I.Stole.Windows) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ksi32sk (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i386si (Rootkit.Spamtool) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ws2_32sik (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netsik (Rootkit.Agent) -> Quarantined and deleted successfully. Infekterade registervärden: (Inga illasinnade poster hittades) Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: c:\WINDOWS\system32\drivers\acpi32.sys (Rootkit.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\drivers\systemntmi.sys (Rootkit.Agent) -> Quarantined and deleted successfully. c:\oakvugfu.exe (Trojan.Qhost) -> Quarantined and deleted successfully. c:\documents and settings\Exidoz\lokala inställningar\Temp\BN20F.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\documents and settings\Exidoz\lokala inställningar\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\BN1D7.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\BN31.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\BN4E.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\BN8.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Delete on reboot. c:\documents and settings\Exidoz\Lokala inställningar\Temp\BN2.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\documents and settings\Exidoz\Lokala inställningar\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. [/log] [log]DDS (Ver_09-05-14.01) - NTFSx86 Run by Exidoz at 19:59:27,67 on 2009-05-29 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.2047.1349 [GMT 2:00] AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\Program\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program\Winamp\winampa.exe C:\Program\Logitech\GamePanel Software\LgDevAgt.exe C:\Program\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program\Razer\DeathAdder\razerhid.exe C:\Program\Java\jre6\bin\jusched.exe C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program\ESET\ESET NOD32 Antivirus\egui.exe C:\Program\Lavasoft\Ad-Aware\AAWTray.exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\DAEMON Tools Lite\daemon.exe C:\Program\MagicTune Premium\GammaTray.exe C:\Program\SEC\Natural Color Pro\NCProTray.exe C:\Program\CASIO\YouTube Uploader for CASIO\YStart.exe C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\System32\svchost.exe C:\Program\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe C:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\MagicTune Premium\MagicTuneEngine.exe C:\Program\CDBurnerXP\NMSAccessU.exe C:\Program\Razer\DeathAdder\razertra.exe C:\WINDOWS\system32\oodag.exe C:\Program\AMD\RAIDXpert\_jvm\bin\java.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program\Razer\DeathAdder\razerofa.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\TUProgSt.exe C:\Documents and Settings\Exidoz\Exidoz.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\MagicTune Premium\MagicTune.exe C:\Program\Mozilla Firefox\firefox.exe C:\Documents and Settings\Exidoz\Skrivbord\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.se/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar.dll uRun: [swg] c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program\daemon tools lite\daemon.exe" -autorun uRun: [RGSC] c:\program\rockstar games\rockstar games social club\RGSCLauncher.exe /silent uRun: [EA Core] "c:\program\electronic arts\eadm\Core.exe" -silent uRun: [Exidoz] c:\documents and settings\exidoz\Exidoz.exe /i mRun: [CTSysVol] c:\program\creative\sbaudigy\surround mixer\CTSysVol.exe /r mRun: [P17Helper] Rundll32 P17.dll,P17Helper mRun: [WinampAgent] c:\program\winamp\winampa.exe mRun: [Launch LgDevAgt] "c:\program\logitech\gamepanel software\LgDevAgt.exe" mRun: [Launch LCDMon] "c:\program\logitech\gamepanel software\lcd manager\LCDMon.exe" mRun: [Launch LGDCore] "c:\program\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE mRun: [amd_dc_opt] c:\program\amd\dual-core optimizer\amd_dc_opt.exe mRun: [MultiScreen] c:\program\multiscreen\MultiScreen.exe mRun: [DeathAdder] c:\program\razer\deathadder\razerhid.exe mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [startCCC] "c:\program\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [OODefragTray] c:\windows\system32\oodtray.exe mRun: [egui] "c:\program\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [Ad-Watch] c:\program\lavasoft\ad-aware\AAWTray.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\gammat~1.lnk - c:\program\magictune premium\GammaTray.exe StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\ncprot~1.lnk - c:\program\sec\natural color pro\NCProTray.exe StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\youtub~1.lnk - c:\program\casio\youtube uploader for casio\YStart.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll Notify: Antiwpa - antiwpa.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\exidoz\applic~1\mozilla\firefox\profiles\w0gts5fe.defaultFF - prefs.js: browser.startup.homepage - www.google.se FF - plugin: c:\documents and settings\exidoz\application data\mozilla\firefox\profiles\w0gts5fe.default\extensions\battlefieldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 c:\program\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B"); c:\program\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask"); ============= SERVICES / DRIVERS =============== R0 FTT3;FTT3;c:\windows\system32\drivers\FTT3.sys [2009-1-5 155792] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-26 64160] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-4-9 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-4-9 94360] R2 AMDRAIDXpert;AMD RAIDXpert;c:\program\amd\raidxpert\jetty\extra\win32\wrapper.exe -s raidxpert.wrapper.conf --> c:\program\amd\raidxpert\jetty\extra\win32\Wrapper.exe -s raidxpert.wrapper.conf [?] R2 ekrn;ESET Service;c:\program\eset\eset nod32 antivirus\ekrn.exe [2009-4-9 731840] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program\lavasoft\ad-aware\AAWService.exe [2009-3-9 1005904] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-1-15 603904] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2009-4-3 22784] S2 AODService;AODService;c:\program\amd\overdrive\AODAssist.exe [2009-2-23 69632] S2 ati64si;ati64si;c:\windows\system32\drivers\ati64si.sys [2008-4-14 30976] S2 Darkness;Darkness;c:\windows\system\svchost.exe --> c:\windows\system\svchost.exe [?] S2 HDD & SSD access service;HDD & SSD access service;"c:\program\delade filer\binarysense\disksvc.exe" --> c:\program\delade filer\binarysense\disksvc.exe [?] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2008-4-15 3584] S3 PLUsbbc2;Hi-Speed USB Bridge Cable Driver;c:\windows\system32\drivers\usbbc2.sys [2009-1-13 7936] =============== Created Last 30 ================ 2009-05-29 19:55 5,376 a------- c:\windows\system32\antiwpa.dll 2009-05-29 18:51 <DIR> --d----- c:\docume~1\exidoz\applic~1\Malwarebytes 2009-05-29 18:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-05-27 22:37 38,912 a------- C:\lxrundc.exe 2009-05-27 22:37 14,336 a------- C:\mimpjfg.exe 2009-05-27 22:36 56,320 a------- C:\bwhjhr.exe 2009-05-27 18:08 <DIR> --d----- c:\program\Trojan Remover 2009-05-27 18:08 <DIR> --d----- c:\docume~1\exidoz\applic~1\Simply Super Software 2009-05-27 17:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Simply Super Software 2009-05-27 15:01 20,991 ----h--- c:\documents and settings\exidoz\Exidoz.exe 2009-05-26 18:45 0 a------- C:\rtceb.exe 2009-05-26 18:45 141,312 a------- C:\cqgq.exe 2009-05-26 18:45 2 a------- C:\-995538728 2009-05-26 18:45 8,704 a------- C:\linc.exe 2009-05-26 18:45 31,744 a------- C:\tpoof.exe 2009-05-26 16:24 15,688 a------- c:\windows\system32\lsdelete.exe 2009-05-26 16:09 64,160 a------- c:\windows\system32\drivers\Lbd.sys 2009-05-26 16:08 <DIR> --d----- c:\docume~1\exidoz\applic~1\_a4411762b8f9517e28f34e989e0a9351 2009-05-26 16:08 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F} 2009-05-26 16:08 <DIR> --d----- c:\program\Lavasoft 2009-05-26 15:35 <DIR> --d----- C:\ProgramData 2009-05-26 15:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Electronic Arts 2009-05-18 18:09 <DIR> --d----- c:\program\Microsoft WSE 2009-05-16 16:33 442,368 a----r-- c:\windows\system32\vp6vfw.dll 2009-05-10 13:23 <DIR> --d----- c:\program\DAEMON Tools Toolbar 2009-05-10 13:23 <DIR> --d----- c:\program\DAEMON Tools Lite 2009-05-07 16:37 <DIR> --d----- c:\program\EA Games 2009-05-06 17:23 <DIR> --d----- C:\Keys 2009-05-05 17:02 <DIR> --d----- c:\program\PowerISO 2009-05-02 20:20 <DIR> --d----- c:\program\Messenger Plus! Live 2009-04-30 21:30 664 a------- c:\windows\system32\d3d9caps.dat ==================== Find3M ==================== 2009-05-29 17:24 189,072 a------- c:\windows\system32\PnkBstrB.exe 2009-05-29 16:34 138,920 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-05-10 13:52 434,980 a------- c:\windows\system32\perfh01D.dat 2009-05-10 13:52 78,970 a------- c:\windows\system32\perfc01D.dat 2009-05-10 13:20 721,904 a------- c:\windows\system32\drivers\sptd.sys 2009-04-24 20:25 2,286,080 a------- c:\windows\system32\TUKernel.exe 2009-04-09 18:48 219,136 a------- c:\windows\system32\uxtheme.dll 2009-04-09 18:48 62,847 a------- c:\windows\BricoPackUninst.cmd 2009-04-09 18:48 6,114 a------- c:\windows\BricoPackFoldersDelete.cmd 2009-04-09 15:21 94,360 a------- c:\windows\system32\drivers\epfwtdir.sys 2009-04-09 15:18 107,256 a------- c:\windows\system32\drivers\ehdrv.sys 2009-04-09 15:10 113,960 a------- c:\windows\system32\drivers\eamon.sys 2009-04-07 20:26 168 a------- c:\docume~1\alluse~1\applic~1\Setting.dat 2009-04-01 22:15 418,480 a------- c:\windows\system32\wrap_oal.dll 2009-04-01 22:15 115,432 a------- c:\windows\system32\OpenAL32.dll 2009-03-28 22:37 2,560 a------- c:\windows\_MSRSTRT.EXE 2009-03-19 20:04 75,064 a------- c:\windows\system32\PnkBstrA.exe 2009-03-19 19:02 22,328 a------- c:\docume~1\exidoz\applic~1\PnkBstrK.sys 2009-03-18 11:17 155,648 a------- c:\windows\system32\XAPI2000.dll 2009-03-17 21:05 593,920 -------- c:\windows\system32\ati2sgag.exe 2009-03-16 22:27 442,368 a------- c:\windows\system32\ATIDEMGX.dll 2009-03-16 22:26 328,704 a------- c:\windows\system32\ati2dvag.dll 2009-03-16 22:17 307,200 a------- c:\windows\system32\atiiiexx.dll 2009-03-16 22:17 204,800 a------- c:\windows\system32\atipdlxx.dll 2009-03-16 22:16 155,648 a------- c:\windows\system32\Oemdspif.dll 2009-03-16 22:16 26,112 a------- c:\windows\system32\Ati2mdxx.exe 2009-03-16 22:16 43,520 a------- c:\windows\system32\ati2edxx.dll 2009-03-16 22:16 155,648 a------- c:\windows\system32\ati2evxx.dll 2009-03-16 22:15 602,112 a------- c:\windows\system32\ati2evxx.exe 2009-03-16 22:13 53,248 a------- c:\windows\system32\ATIDDC.DLL 2009-03-16 22:06 3,820,736 a------- c:\windows\system32\ati3duag.dll 2009-03-16 22:04 11,563,008 a------- c:\windows\system32\atioglxx.dll 2009-03-16 21:53 2,675,328 a------- c:\windows\system32\ativvaxx.dll 2009-03-16 21:40 49,664 a------- c:\windows\system32\atimpc32.dll 2009-03-16 21:40 49,664 a------- c:\windows\system32\amdpcom32.dll 2009-03-16 21:36 475,136 a------- c:\windows\system32\atikvmag.dll 2009-03-16 21:35 303,104 a------- c:\windows\system32\atiok3x2.dll 2009-03-16 21:35 131,072 a------- c:\windows\system32\atiadlxx.dll 2009-03-16 21:35 45,056 a------- c:\windows\system32\aticalrt.dll 2009-03-16 21:34 45,056 a------- c:\windows\system32\aticalcl.dll 2009-03-16 21:34 17,408 a------- c:\windows\system32\atitvo32.dll 2009-03-16 21:33 3,264,512 a------- c:\windows\system32\aticaldd.dll 2009-03-16 21:28 630,784 a------- c:\windows\system32\ati2cqag.dll 2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll 2009-03-09 00:54 505,128 a------- c:\windows\system32\msvcp71.dll 2009-03-09 00:54 29,480 a------- c:\windows\system32\msxml3a.dll 2009-03-08 05:34 914,944 a------- c:\windows\system32\wininet.dll 2009-03-08 05:34 43,008 a------- c:\windows\system32\licmgr10.dll 2009-03-08 05:33 18,944 a------- c:\windows\system32\corpol.dll 2009-03-08 05:33 420,352 a------- c:\windows\system32\vbscript.dll 2009-03-08 05:32 72,704 a------- c:\windows\system32\admparse.dll 2009-03-08 05:32 71,680 a------- c:\windows\system32\iesetup.dll 2009-03-08 05:31 34,816 a------- c:\windows\system32\imgutil.dll 2009-03-08 05:31 48,128 a------- c:\windows\system32\mshtmler.dll 2009-03-08 05:31 45,568 a------- c:\windows\system32\mshta.exe 2009-03-08 05:22 156,160 a------- c:\windows\system32\msls31.dll 2009-03-06 16:24 284,160 a------- c:\windows\system32\pdh.dll 2009-03-03 21:56 118,784 a------- c:\windows\system32\atibtmon.exe 2009-01-25 23:06 87,608 a------- c:\docume~1\exidoz\applic~1\inst.exe 2009-01-25 23:06 47,360 a------- c:\docume~1\exidoz\applic~1\pcouffin.sys 2008-04-15 14:00 60,416 a--sh--- c:\windows\bricopacks\sysfiles\80_msimn.exe ============= FINISH: 20:00:33,85 =============== [/log]
  22. Här är en bild på logen http://data.fuskbugg.se/skalman01/Nod32%20-%201.jpg http://data.fuskbugg.se/skalman01/Nod32%20-%202.jpg http://data.fuskbugg.se/skalman01/Nod32%20-%203.jpg Som du ser så är det ganska mycket... [inlägget ändrat 2009-05-29 18:43:47 av exidos]
  23. [log]UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-05-14.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2009-01-05 21:21:50 System Uptime: 2009-05-29 16:26:33 (2 hours ago) Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | MS-7376 Processor: AMD Athlon 64 X2 Dual Core Processor 6000+ | CPU 1 | 3000/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 68 GiB total, 42,925 GiB free. D: is CDROM () E: is CDROM () F: is FIXED (NTFS) - 397 GiB total, 332,64 GiB free. ==== Disabled Device Manager Items ============= Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Ljudenhet på High Definition Audio-buss Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&21834DBF&0&0001 Manufacturer: Name: Ljudenhet på High Definition Audio-buss PNP Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&21834DBF&0&0001 Service: Class GUID: Description: RAID-styrenhet Device ID: PCI\VEN_105A&DEV_3F20&SUBSYS_37161462&REV_00\4&4BC0B0D&0&0048 Manufacturer: Name: RAID-styrenhet PNP Device ID: PCI\VEN_105A&DEV_3F20&SUBSYS_37161462&REV_00\4&4BC0B0D&0&0048 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Ljudenhet på High Definition Audio-buss Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_14627376&REV_1000\4&16ACDD55&0&0001 Manufacturer: Name: Ljudenhet på High Definition Audio-buss PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_14627376&REV_1000\4&16ACDD55&0&0001 Service: ==== System Restore Points =================== RP192: 2009-03-26 19:00:08 - Windows Internet Explorer 8 installerades. RP193: 2009-03-26 19:14:43 - Installed Windows Installer Clean Up RP194: 2009-03-26 19:51:21 - Installed MSN Messenger 7.5 RP195: 2009-03-27 17:34:34 - Installed Windows Live Messenger RP196: 2009-03-27 17:49:42 - Installed MSN Messenger 7.5 RP197: 2009-03-27 18:33:14 - MSN Messenger 7.5 installerades RP198: 2009-03-28 21:44:26 - Skype™ 4.0 togs bort RP199: 2009-03-28 21:44:56 - Removed AMD Fusion for Gaming RP200: 2009-03-28 21:46:00 - Removed Age of Empires III - The WarChiefs RP201: 2009-03-28 21:46:16 - Removed Age of Empires III - The WarChiefs RP202: 2009-03-28 21:46:54 - Removed HDD Temperature v.4 RP203: 2009-03-28 21:47:14 - Removed Rockstar Games Social Club RP204: 2009-03-28 21:48:40 - Borttagen Trafikskolan TEO 2009. RP205: 2009-03-29 18:15:45 - DirectX har installerats RP206: 2009-03-30 23:01:34 - Systemkontrollpunkt RP207: 2009-04-01 13:06:24 - Paint.NET v3.36 RP208: 2009-04-01 15:00:12 - Software Distribution Service 3.0 RP209: 2009-04-01 22:09:06 - Installed Wanted: Weapons of Fate RP210: 2009-04-02 22:39:59 - Systemkontrollpunkt RP211: 2009-04-03 15:35:04 - Installerade Windows XP WgaNotify. RP212: 2009-04-03 15:36:55 - Installed Razer DeathAdder Mouse RP213: 2009-04-03 20:43:30 - Installed ProductName from default.wxl RP214: 2009-04-05 14:51:17 - Systemkontrollpunkt RP215: 2009-04-06 15:35:04 - Systemkontrollpunkt RP216: 2009-04-07 12:14:28 - Installed Java 6 Update 13 RP217: 2009-04-07 13:50:55 - Installed %1 %2. RP218: 2009-04-07 13:52:29 - Installed %1 %2. RP219: 2009-04-07 14:00:02 - MSN Messenger 7.5 togs bort RP220: 2009-04-07 19:13:12 - Removed The Godfather™ II RP221: 2009-04-08 14:44:23 - DirectX har installerats RP222: 2009-04-09 16:35:21 - Systemkontrollpunkt RP223: 2009-04-09 18:47:52 - BricoPack Automatic Restore Point RP224: 2009-04-10 18:48:40 - Systemkontrollpunkt RP225: 2009-04-11 19:54:49 - Systemkontrollpunkt RP226: 2009-04-11 23:55:58 - Removed Steam RP227: 2009-04-12 00:05:47 - Installed Steam RP228: 2009-04-12 00:15:07 - Installerad ATI Catalyst Control Center RP229: 2009-04-12 00:15:35 - Installed ATI Catalyst Registration RP230: 2009-04-12 01:48:37 - Removed Steam RP231: 2009-04-12 19:29:32 - DirectX har installerats RP232: 2009-04-12 21:53:54 - Installed Steam RP233: 2009-04-12 22:15:52 - Installed O&O Defrag Professional. RP234: 2009-04-13 21:56:10 - Installed Call of Duty® - World at War 1.4 Patch RP235: 2009-04-14 22:30:10 - Systemkontrollpunkt RP236: 2009-04-15 13:31:02 - Installed HOT ALBUM MYBOX RP237: 2009-04-15 13:31:57 - ???????? ƒJƒ‰ƒŠƒI‚©‚ñ‚½‚ñƒvƒŠƒ“ƒgƒ‚ƒWƒ…�[ƒ‹ RP238: 2009-04-15 13:35:01 - Removed HOT ALBUM MYBOX RP239: 2009-04-15 13:36:42 - Installed YouTube Uploader for CASIO. RP240: 2009-04-16 14:00:14 - Software Distribution Service 3.0 RP241: 2009-04-17 14:44:13 - Systemkontrollpunkt RP242: 2009-04-18 15:17:11 - Systemkontrollpunkt RP243: 2009-04-19 15:33:50 - Systemkontrollpunkt RP244: 2009-04-20 15:47:41 - Systemkontrollpunkt RP245: 2009-04-21 16:43:20 - Systemkontrollpunkt RP246: 2009-04-21 17:02:05 - Installed Supreme Commander RP247: 2009-04-21 17:02:17 - DirectX har installerats RP248: 2009-04-22 17:41:00 - Systemkontrollpunkt RP249: 2009-04-23 17:03:22 - Removed Supreme Commander RP250: 2009-04-24 12:44:48 - Removed ESET NOD32 Antivirus RP251: 2009-04-24 12:49:59 - Installed ESET NOD32 Antivirus RP252: 2009-04-24 12:52:59 - Installed ESET NOD32 Antivirus RP253: 2009-04-24 20:13:55 - Styler installerades RP254: 2009-04-26 11:36:56 - Systemkontrollpunkt RP255: 2009-04-27 15:50:53 - Systemkontrollpunkt RP256: 2009-04-28 16:13:16 - Systemkontrollpunkt RP257: 2009-04-29 14:00:12 - Software Distribution Service 3.0 RP258: 2009-04-30 14:28:35 - Systemkontrollpunkt RP259: 2009-05-01 15:52:53 - Systemkontrollpunkt RP260: 2009-05-02 17:20:13 - Systemkontrollpunkt RP261: 2009-05-03 18:09:44 - Systemkontrollpunkt RP262: 2009-05-04 18:43:15 - Systemkontrollpunkt RP263: 2009-05-05 20:10:15 - Styler togs bort RP264: 2009-05-06 20:27:57 - Systemkontrollpunkt RP265: 2009-05-07 23:03:06 - Systemkontrollpunkt RP266: 2009-05-08 23:52:26 - Systemkontrollpunkt RP267: 2009-05-10 13:20:19 - SPTD setup V1.58 RP268: 2009-05-10 13:27:56 - Installed Rockstar Games Social Club RP269: 2009-05-10 13:29:52 - Removed Rockstar Games Social Club RP270: 2009-05-10 13:30:42 - Installed Rockstar Games Social Club RP271: 2009-05-10 13:31:41 - Installed Grand Theft Auto IV RP272: 2009-05-10 16:01:42 - Removed Grand Theft Auto IV RP273: 2009-05-11 18:01:40 - Removed Microsoft Games for Windows - LIVE RP274: 2009-05-11 18:02:00 - Removed Age of Empires III - The WarChiefs RP275: 2009-05-12 18:59:41 - Systemkontrollpunkt RP276: 2009-05-12 20:35:46 - Removed Rockstar Games Social Club RP277: 2009-05-13 14:00:12 - Software Distribution Service 3.0 RP278: 2009-05-14 15:30:42 - Systemkontrollpunkt RP279: 2009-05-15 15:49:50 - Systemkontrollpunkt RP280: 2009-05-16 16:01:52 - Systemkontrollpunkt RP281: 2009-05-17 16:20:49 - Systemkontrollpunkt RP282: 2009-05-18 17:39:19 - Systemkontrollpunkt RP283: 2009-05-18 18:00:45 - Installerad The Sims 3 RP284: 2009-05-19 19:59:12 - Systemkontrollpunkt RP285: 2009-05-20 20:20:34 - Systemkontrollpunkt RP286: 2009-05-22 13:38:20 - Systemkontrollpunkt RP287: 2009-05-23 14:54:54 - Systemkontrollpunkt RP288: 2009-05-24 16:51:37 - Systemkontrollpunkt RP289: 2009-05-25 19:44:32 - Systemkontrollpunkt RP290: 2009-05-26 14:51:17 - Borttagen The Sims 3 RP291: 2009-05-26 14:51:50 - Removed Wanted: Weapons of Fate RP292: 2009-05-26 15:22:38 - Installerad The Sims 3 RP293: 2009-05-26 15:57:47 - Borttagen The Sims 3 RP294: 2009-05-26 16:27:24 - Installerad The Sims 3 RP295: 2009-05-26 16:44:30 - Borttagen The Sims 3 ==== Installed Programs ====================== Ad-Aware Adobe Flash Player 10 Plugin Adobe Flash Player ActiveX Adobe Reader 9.1.1 - Svenska Adobe Shockwave Player 11.5 Advanced Audio Recorder v6.0.2 Age of Empires III - The WarChiefs AMD OverDrive ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver µTorrent Battlefield Heroes Bonniers Trafikskola 2009 Call of Duty® - World at War Call of Duty® - World at War 1.1 Patch Call of Duty® - World at War 1.2 Patch Call of Duty® - World at War 1.3 Patch Call of Duty® - World at War 1.4 Patch Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.2 Patch Call of Duty® 4 - Modern Warfare 1.3 Patch Call of Duty® 4 - Modern Warfare 1.4 Patch Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch Call of Duty® 4 - Modern Warfare 1.5 Patch Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center HydraVision Full ccc-core-preinstall ccc-core-static ccc-utility CCC Help English CDBurnerXP Choice Guard Company of Heroes Company of Heroes - FAKEMSI ConvertXtoDVD 3.3.4.107 Counter-Strike Creative Software AutoUpdate Creative System Information DAEMON Tools Toolbar Dual-Core Optimizer DVD Decrypter (Remove Only) ESET NOD32 Antivirus EVEREST Ultimate Edition v5.01 FMUS4V5 Google Toolbar for Internet Explorer Hi-Speed USB Bridge-Network Cable Hotfix for Windows Media Format 11 SDK (KB929399) ImagXpress Java 6 Update 13 JScreenFix deluxe Left 4 Dead LimeWire PRO 5.1.1 Logitech GamePanel Software 3.01 MagicTune Premium Messenger Plus! Live Microsoft .NET Framework 2.0 Service Pack 1 Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - SVE Microsoft .NET Framework 3.0 Service Pack 1 Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - SVE Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 Language Pack - sve Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Games for Windows - LIVE Redistributable Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft WSE 3.0 Runtime Mozilla Firefox (3.0.10) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 6.0 Parser (KB925673) MultiScreen neroxml NVIDIA PhysX O&O Defrag Professional OpenAL Paint.NET v3.36 PowerISO Promise FastTrak PDC42819 RAID Controller Windows Driver PunkBuster Services RAIDXpert Razer DeathAdder Mouse Segoe UI Skins Snabbkorrigering för Windows Media Player 11 (KB939683) Snabbkorrigering för Windows XP (KB942288-v3) Snabbkorrigering för Windows XP (KB952287) Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127-v2) Säkerhetsuppdatering för Windows Internet Explorer 7 (KB958215) Säkerhetsuppdatering för Windows Internet Explorer 7 (KB960714) Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260) Säkerhetsuppdatering för Windows Media Player (KB952069) Säkerhetsuppdatering för Windows Media Player 11 (KB936782) Säkerhetsuppdatering för Windows Media Player 11 (KB954154) Säkerhetsuppdatering för Windows XP (KB938464) Säkerhetsuppdatering för Windows XP (KB941569) Säkerhetsuppdatering för Windows XP (KB946648) Säkerhetsuppdatering för Windows XP (KB950762) Säkerhetsuppdatering för Windows XP (KB950974) Säkerhetsuppdatering för Windows XP (KB951066) Säkerhetsuppdatering för Windows XP (KB951376-v2) Säkerhetsuppdatering för Windows XP (KB951698) Säkerhetsuppdatering för Windows XP (KB951748) Säkerhetsuppdatering för Windows XP (KB952004) Säkerhetsuppdatering för Windows XP (KB952954) Säkerhetsuppdatering för Windows XP (KB954211) Säkerhetsuppdatering för Windows XP (KB954459) Säkerhetsuppdatering för Windows XP (KB954600) Säkerhetsuppdatering för Windows XP (KB955069) Säkerhetsuppdatering för Windows XP (KB956391) Säkerhetsuppdatering för Windows XP (KB956572) Säkerhetsuppdatering för Windows XP (KB956802) Säkerhetsuppdatering för Windows XP (KB956803) Säkerhetsuppdatering för Windows XP (KB956841) Säkerhetsuppdatering för Windows XP (KB957095) Säkerhetsuppdatering för Windows XP (KB957097) Säkerhetsuppdatering för Windows XP (KB958215) Säkerhetsuppdatering för Windows XP (KB958644) Säkerhetsuppdatering för Windows XP (KB958687) Säkerhetsuppdatering för Windows XP (KB958690) Säkerhetsuppdatering för Windows XP (KB959426) Säkerhetsuppdatering för Windows XP (KB960225) Säkerhetsuppdatering för Windows XP (KB960714) Säkerhetsuppdatering för Windows XP (KB960715) Säkerhetsuppdatering för Windows XP (KB960803) Säkerhetsuppdatering för Windows XP (KB961373) Sound Blaster Audigy SpeedFan (remove only) Spotify Språkpaket för Microsoft .NET Framework 3.5 - Swedish Steam System Requirements Lab The Sims™ 3 TuneUp Utilities 2009 Uppdatering för Windows XP (KB898461) Uppdatering för Windows XP (KB951978) Uppdatering för Windows XP (KB955839) Uppdatering för Windows XP (KB961503) Uppdatering för Windows XP (KB967715) WebFldrs XP Viktig uppdatering för Windows Media Player 11 (KB959772) Winamp Windows-drivrutinspaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) Windows Driver Package - Cypress (CyUsb) USB Windows Driver Package - Razer (HidUsb) HIDClass (02/02/2007 1.0.5.0) Windows Genuine Advantage Notifications (KB905474) Windows Installer Clean Up Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Communications Platform Windows Live Essentials Windows Live inloggningsassistenten Windows Live Messenger Windows Live OneCare safety scanner Windows Live Upload Tool Windows Media Format 11 runtime Windows Media Player 11 Windows Presentation Foundation WinRAR archiver Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 0.9.8a World of Warcraft Xfire (remove only) XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 YouTube Uploader for CASIO Zune Desktop Theme ==== End Of File =========================== [/log]
  24. [log]DDS (Ver_09-05-14.01) - NTFSx86 Run by Exidoz at 18:26:30,34 on 2009-05-29 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.2047.1304 [GMT 2:00] AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\Program\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe C:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\AMD\RAIDXpert\_jvm\bin\java.exe C:\Program\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program\Winamp\winampa.exe C:\Program\Logitech\GamePanel Software\LgDevAgt.exe C:\Program\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program\Razer\DeathAdder\razerhid.exe C:\Program\Java\jre6\bin\jusched.exe C:\Program\Razer\DeathAdder\razertra.exe C:\Program\ESET\ESET NOD32 Antivirus\egui.exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Razer\DeathAdder\razerofa.exe C:\Program\DAEMON Tools Lite\daemon.exe C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program\MagicTune Premium\GammaTray.exe C:\Program\SEC\Natural Color Pro\NCProTray.exe C:\Program\CASIO\YouTube Uploader for CASIO\YStart.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Exidoz\Exidoz.exe C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\System32\svchost.exe C:\Program\Windows Live\Messenger\msnmsgr.exe C:\Program\Windows Live\Contacts\wlcomm.exe C:\Program\Mozilla Firefox\firefox.exe C:\Documents and Settings\Exidoz\Skrivbord\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.se/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar.dll uRun: [swg] c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program\daemon tools lite\daemon.exe" -autorun uRun: [RGSC] c:\program\rockstar games\rockstar games social club\RGSCLauncher.exe /silent uRun: [EA Core] "c:\program\electronic arts\eadm\Core.exe" -silent uRun: [Exidoz] c:\documents and settings\exidoz\Exidoz.exe /i mRun: [CTSysVol] c:\program\creative\sbaudigy\surround mixer\CTSysVol.exe /r mRun: [P17Helper] Rundll32 P17.dll,P17Helper mRun: [WinampAgent] c:\program\winamp\winampa.exe mRun: [Launch LgDevAgt] "c:\program\logitech\gamepanel software\LgDevAgt.exe" mRun: [Launch LCDMon] "c:\program\logitech\gamepanel software\lcd manager\LCDMon.exe" mRun: [Launch LGDCore] "c:\program\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE mRun: [amd_dc_opt] c:\program\amd\dual-core optimizer\amd_dc_opt.exe mRun: [MultiScreen] c:\program\multiscreen\MultiScreen.exe mRun: [DeathAdder] c:\program\razer\deathadder\razerhid.exe mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [startCCC] "c:\program\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [OODefragTray] c:\windows\system32\oodtray.exe mRun: [egui] "c:\program\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [Ad-Watch] c:\program\lavasoft\ad-aware\AAWTray.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\gammat~1.lnk - c:\program\magictune premium\GammaTray.exe StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\ncprot~1.lnk - c:\program\sec\natural color pro\NCProTray.exe StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\youtub~1.lnk - c:\program\casio\youtube uploader for casio\YStart.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll Notify: Antiwpa - antiwpa.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\exidoz\applic~1\mozilla\firefox\profiles\w0gts5fe.defaultFF - prefs.js: browser.startup.homepage - www.google.se FF - plugin: c:\documents and settings\exidoz\application data\mozilla\firefox\profiles\w0gts5fe.default\extensions\battlefieldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 c:\program\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B"); c:\program\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask"); ============= SERVICES / DRIVERS =============== R0 FTT3;FTT3;c:\windows\system32\drivers\FTT3.sys [2009-1-5 155792] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-26 64160] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-4-9 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-4-9 94360] R2 AMDRAIDXpert;AMD RAIDXpert;c:\program\amd\raidxpert\jetty\extra\win32\wrapper.exe -s raidxpert.wrapper.conf --> c:\program\amd\raidxpert\jetty\extra\win32\Wrapper.exe -s raidxpert.wrapper.conf [?] R2 ekrn;ESET Service;c:\program\eset\eset nod32 antivirus\ekrn.exe [2009-4-9 731840] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-1-15 603904] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2009-4-3 22784] S2 acpi32;acpi32;c:\windows\system32\drivers\acpi32.sys [2008-2-14 29824] S2 amd64si;amd64si;\??\c:\windows\system32\drivers\amd64si.sys --> c:\windows\system32\drivers\amd64si.sys [?] S2 AODService;AODService;c:\program\amd\overdrive\AODAssist.exe [2009-2-23 69632] S2 Darkness;Darkness;c:\windows\system\svchost.exe --> c:\windows\system\svchost.exe [?] S2 HDD & SSD access service;HDD & SSD access service;"c:\program\delade filer\binarysense\disksvc.exe" --> c:\program\delade filer\binarysense\disksvc.exe [?] S2 i386si;i386si;\??\c:\windows\system32\drivers\i386si.sys --> c:\windows\system32\drivers\i386si.sys [?] S2 ksi32sk;ksi32sk;\??\c:\windows\system32\drivers\ksi32sk.sys --> c:\windows\system32\drivers\ksi32sk.sys [?] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program\lavasoft\ad-aware\AAWService.exe [2009-3-9 1005904] S2 netsik;netsik;\??\c:\windows\system32\drivers\netsik.sys --> c:\windows\system32\drivers\netsik.sys [?] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2008-4-15 3584] S2 systemntmi;systemntmi;c:\windows\system32\drivers\systemntmi.sys [2008-2-14 29824] S2 ws2_32sik;ws2_32sik;\??\c:\windows\system32\drivers\ws2_32sik.sys --> c:\windows\system32\drivers\ws2_32sik.sys [?] S3 PLUsbbc2;Hi-Speed USB Bridge Cable Driver;c:\windows\system32\drivers\usbbc2.sys [2009-1-13 7936] =============== Created Last 30 ================ 2009-05-29 16:30 138 a---h--- C:\aaw7boot.cmd 2009-05-27 22:37 38,912 a------- C:\lxrundc.exe 2009-05-27 22:37 14,336 a------- C:\mimpjfg.exe 2009-05-27 22:36 184,320 a------- C:\oakvugfu.exe 2009-05-27 22:36 56,320 a------- C:\bwhjhr.exe 2009-05-27 18:08 <DIR> --d----- c:\program\Trojan Remover 2009-05-27 18:08 <DIR> --d----- c:\docume~1\exidoz\applic~1\Simply Super Software 2009-05-27 17:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Simply Super Software 2009-05-27 15:01 20,991 ----h--- c:\documents and settings\exidoz\Exidoz.exe 2009-05-26 18:45 0 a------- C:\rtceb.exe 2009-05-26 18:45 141,312 a------- C:\cqgq.exe 2009-05-26 18:45 2 a------- C:\-995538728 2009-05-26 18:45 8,704 a------- C:\linc.exe 2009-05-26 18:45 31,744 a------- C:\tpoof.exe 2009-05-26 16:24 15,688 a------- c:\windows\system32\lsdelete.exe 2009-05-26 16:09 64,160 a------- c:\windows\system32\drivers\Lbd.sys 2009-05-26 16:08 <DIR> --d----- c:\docume~1\exidoz\applic~1\_a4411762b8f9517e28f34e989e0a9351 2009-05-26 16:08 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F} 2009-05-26 16:08 <DIR> --d----- c:\program\Lavasoft 2009-05-26 15:35 <DIR> --d----- C:\ProgramData 2009-05-26 15:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Electronic Arts 2009-05-18 18:09 <DIR> --d----- c:\program\Microsoft WSE 2009-05-16 16:33 442,368 a----r-- c:\windows\system32\vp6vfw.dll 2009-05-10 13:23 <DIR> --d----- c:\program\DAEMON Tools Toolbar 2009-05-10 13:23 <DIR> --d----- c:\program\DAEMON Tools Lite 2009-05-07 16:37 <DIR> --d----- c:\program\EA Games 2009-05-06 17:23 <DIR> --d----- C:\Keys 2009-05-05 17:02 <DIR> --d----- c:\program\PowerISO 2009-05-02 20:20 <DIR> --d----- c:\program\Messenger Plus! Live 2009-04-30 21:30 664 a------- c:\windows\system32\d3d9caps.dat ==================== Find3M ==================== 2009-05-29 17:37 29,824 a------- c:\windows\system32\drivers\acpi32.sys 2009-05-29 17:24 189,072 a------- c:\windows\system32\PnkBstrB.exe 2009-05-29 16:34 138,920 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-05-10 13:52 434,980 a------- c:\windows\system32\perfh01D.dat 2009-05-10 13:52 78,970 a------- c:\windows\system32\perfc01D.dat 2009-05-10 13:20 721,904 a------- c:\windows\system32\drivers\sptd.sys 2009-04-24 20:25 2,286,080 a------- c:\windows\system32\TUKernel.exe 2009-04-09 18:48 219,136 a------- c:\windows\system32\uxtheme.dll 2009-04-09 18:48 62,847 a------- c:\windows\BricoPackUninst.cmd 2009-04-09 18:48 6,114 a------- c:\windows\BricoPackFoldersDelete.cmd 2009-04-09 15:21 94,360 a------- c:\windows\system32\drivers\epfwtdir.sys 2009-04-09 15:18 107,256 a------- c:\windows\system32\drivers\ehdrv.sys 2009-04-09 15:10 113,960 a------- c:\windows\system32\drivers\eamon.sys 2009-04-07 20:26 168 a------- c:\docume~1\alluse~1\applic~1\Setting.dat 2009-04-01 22:15 418,480 a------- c:\windows\system32\wrap_oal.dll 2009-04-01 22:15 115,432 a------- c:\windows\system32\OpenAL32.dll 2009-03-28 22:37 2,560 a------- c:\windows\_MSRSTRT.EXE 2009-03-19 20:04 75,064 a------- c:\windows\system32\PnkBstrA.exe 2009-03-19 19:02 22,328 a------- c:\docume~1\exidoz\applic~1\PnkBstrK.sys 2009-03-18 11:17 155,648 a------- c:\windows\system32\XAPI2000.dll 2009-03-17 21:05 593,920 -------- c:\windows\system32\ati2sgag.exe 2009-03-16 22:27 442,368 a------- c:\windows\system32\ATIDEMGX.dll 2009-03-16 22:26 328,704 a------- c:\windows\system32\ati2dvag.dll 2009-03-16 22:17 307,200 a------- c:\windows\system32\atiiiexx.dll 2009-03-16 22:17 204,800 a------- c:\windows\system32\atipdlxx.dll 2009-03-16 22:16 155,648 a------- c:\windows\system32\Oemdspif.dll 2009-03-16 22:16 26,112 a------- c:\windows\system32\Ati2mdxx.exe 2009-03-16 22:16 43,520 a------- c:\windows\system32\ati2edxx.dll 2009-03-16 22:16 155,648 a------- c:\windows\system32\ati2evxx.dll 2009-03-16 22:15 602,112 a------- c:\windows\system32\ati2evxx.exe 2009-03-16 22:13 53,248 a------- c:\windows\system32\ATIDDC.DLL 2009-03-16 22:06 3,820,736 a------- c:\windows\system32\ati3duag.dll 2009-03-16 22:04 11,563,008 a------- c:\windows\system32\atioglxx.dll 2009-03-16 21:53 2,675,328 a------- c:\windows\system32\ativvaxx.dll 2009-03-16 21:40 49,664 a------- c:\windows\system32\atimpc32.dll 2009-03-16 21:40 49,664 a------- c:\windows\system32\amdpcom32.dll 2009-03-16 21:36 475,136 a------- c:\windows\system32\atikvmag.dll 2009-03-16 21:35 303,104 a------- c:\windows\system32\atiok3x2.dll 2009-03-16 21:35 131,072 a------- c:\windows\system32\atiadlxx.dll 2009-03-16 21:35 45,056 a------- c:\windows\system32\aticalrt.dll 2009-03-16 21:34 45,056 a------- c:\windows\system32\aticalcl.dll 2009-03-16 21:34 17,408 a------- c:\windows\system32\atitvo32.dll 2009-03-16 21:33 3,264,512 a------- c:\windows\system32\aticaldd.dll 2009-03-16 21:28 630,784 a------- c:\windows\system32\ati2cqag.dll 2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll 2009-03-09 00:54 505,128 a------- c:\windows\system32\msvcp71.dll 2009-03-09 00:54 29,480 a------- c:\windows\system32\msxml3a.dll 2009-03-08 05:34 914,944 a------- c:\windows\system32\wininet.dll 2009-03-08 05:34 43,008 a------- c:\windows\system32\licmgr10.dll 2009-03-08 05:33 18,944 a------- c:\windows\system32\corpol.dll 2009-03-08 05:33 420,352 a------- c:\windows\system32\vbscript.dll 2009-03-08 05:32 72,704 a------- c:\windows\system32\admparse.dll 2009-03-08 05:32 71,680 a------- c:\windows\system32\iesetup.dll 2009-03-08 05:31 34,816 a------- c:\windows\system32\imgutil.dll 2009-03-08 05:31 48,128 a------- c:\windows\system32\mshtmler.dll 2009-03-08 05:31 45,568 a------- c:\windows\system32\mshta.exe 2009-03-08 05:22 156,160 a------- c:\windows\system32\msls31.dll 2009-03-06 16:24 284,160 a------- c:\windows\system32\pdh.dll 2009-03-03 21:56 118,784 a------- c:\windows\system32\atibtmon.exe 2009-01-25 23:06 87,608 a------- c:\docume~1\exidoz\applic~1\inst.exe 2009-01-25 23:06 47,360 a------- c:\docume~1\exidoz\applic~1\pcouffin.sys 2008-04-15 14:00 60,416 a--sh--- c:\windows\bricopacks\sysfiles\80_msimn.exe ============= FINISH: 18:27:30,54 =============== [/log]
×
×
  • Skapa nytt...