Just nu i M3-nätverket
Gå till innehåll

tankado

Medlem
  • Antal inlägg

    132
  • Gick med

  • Senaste besök

Allt postat av tankado

  1. Logg boken visade följande i beskrivningen för händelsen: Sedan direkt efter:
  2. Faktum är att det otroligt nog har kommit ännu en konstig sak in i datorn. Det händer då och då att explorer (EJ Internet Explorer) slutar fungera, då visas ett meddelande och sedan stängs explorer ner. Efter 3-4 sekunder startas det igen.
  3. Det gör den. Tack ännu en gång för er hjälp!
  4. Haha, jag tackar^^ Till Cecilia: I DISNEY mappen finns två filer: 101_ASB.CXT 101_DEL95.exe Dessa filer tillhör (mig veterligt) spelet 101 dalmatiner som min syster har installerat på datorn. Ny Hijack logg: [log] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:12, on 2008-03-01 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\LckFldService.exe C:\Program\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe c:\Program\Delade filer\Protexis\License Service\PsiService_2.exe C:\WINDOWS\system32\svchost.exe C:\Program\iPod\bin\iPodService.exe C:\Program\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Java\jre1.6.0_03\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program\Alarm Me\AlarmMe.exe C:\Program\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\MSN Messenger\MsnMsgr.Exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\DAEMON Tools\daemon.exe C:\Program\Messenger\msmsgs.exe C:\Program\Skype\Phone\Skype.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\Skype\Plugin Manager\skypePM.exe C:\PROGRAM\MOZILL~1\FIREFOX.EXE G:\Mattias\Program\HiJackThis (stäng av virusskydd)\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AlarmMe] "C:\Program\Alarm Me\AlarmMe.exe" "-h" O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1275210071-412668190-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Päronen') O4 - HKUS\S-1-5-21-1275210071-412668190-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Therese') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program\Delade filer\Protexis\License Service\PsiService_2.exe -- End of file - 7081 bytes[/log]
  5. Till Cecilia: Jag vet, det verkar som att jag har en hög tendens att få virus.. Du har möjligen inga tips på hur jag undviker detta? Här kommer scannrarna: [log] Fil - unvise32.exe Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.2.27.0 2008.02.27 - AntiVir 7.6.0.67 2008.02.27 - Authentium 4.93.8 2008.02.27 - Avast 4.7.1098.0 2008.02.27 - AVG 7.5.0.516 2008.02.27 - BitDefender 7.2 2008.02.27 - CAT-QuickHeal 9.50 2008.02.26 - ClamAV 0.92.1 2008.02.27 - DrWeb 4.44.0.09170 2008.02.27 - eSafe 7.0.15.0 2008.02.26 - eTrust-Vet 31.3.5567 2008.02.27 - Ewido 4.0 2008.02.27 - FileAdvisor 1 2008.02.27 - Fortinet 3.14.0.0 2008.02.27 - F-Prot 4.4.2.54 2008.02.27 - F-Secure 6.70.13260.0 2008.02.27 - Ikarus T3.1.1.20 2008.02.27 - Kaspersky 7.0.0.125 2008.02.27 - McAfee 5239 2008.02.27 - Microsoft 1.3301 2008.02.27 - NOD32v2 2906 2008.02.27 - Norman 5.80.02 2008.02.27 - Panda 9.0.0.4 2008.02.27 - Prevx1 V2 2008.02.27 - Rising 20.33.22.00 2008.02.27 - Sophos 4.27.0 2008.02.27 - Sunbelt 3.0.893.0 2008.02.23 - Symantec 10 2008.02.27 - TheHacker 6.2.9.229 2008.02.25 - VBA32 3.12.6.2 2008.02.27 - VirusBuster 4.3.26:9 2008.02.27 - Webwasher-Gateway 6.6.2 2008.02.27 - Fil - midas.dll Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.2.29.1 2008.02.29 - AntiVir 7.6.0.73 2008.02.29 - Authentium 4.93.8 2008.02.29 - Avast 4.7.1098.0 2008.02.28 - AVG 7.5.0.516 2008.02.29 - BitDefender 7.2 2008.02.29 - CAT-QuickHeal 9.50 2008.02.29 - ClamAV 0.92.1 2008.02.29 - DrWeb 4.44.0.09170 2008.02.29 - eSafe 7.0.15.0 2008.02.28 - eTrust-Vet 31.3.5574 2008.02.29 - Ewido 4.0 2008.02.29 - FileAdvisor 1 2008.02.29 - Fortinet 3.14.0.0 2008.02.29 - F-Prot 4.4.2.54 2008.02.28 - F-Secure 6.70.13260.0 2008.02.29 - Ikarus T3.1.1.20 2008.02.29 - Kaspersky 7.0.0.125 2008.02.29 - McAfee 5242 2008.02.29 - Microsoft 1.3301 2008.02.29 - NOD32v2 2912 2008.02.29 - Panda 9.0.0.4 2008.02.29 - Prevx1 V2 2008.02.29 - Rising 20.33.42.00 2008.02.29 - Sophos 4.27.0 2008.02.29 - Sunbelt 3.0.906.0 2008.02.28 - Symantec 10 2008.02.29 - TheHacker 6.2.9.229 2008.02.25 - VBA32 3.12.6.2 2008.02.27 - VirusBuster 4.3.26:9 2008.02.29 - Webwasher-Gateway 6.6.2 2008.02.29 - Fil - tmp8FDBD.FOT Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.2.29.1 2008.02.29 - AntiVir 7.6.0.73 2008.02.29 - Authentium 4.93.8 2008.02.29 - Avast 4.7.1098.0 2008.02.28 - AVG 7.5.0.516 2008.02.29 - BitDefender 7.2 2008.02.29 - CAT-QuickHeal 9.50 2008.02.29 - ClamAV 0.92.1 2008.02.29 - DrWeb 4.44.0.09170 2008.02.29 - eSafe 7.0.15.0 2008.02.28 - eTrust-Vet 31.3.5574 2008.02.29 - Ewido 4.0 2008.02.29 - FileAdvisor 1 2008.02.29 - Fortinet 3.14.0.0 2008.02.29 - F-Prot 4.4.2.54 2008.02.28 - F-Secure 6.70.13260.0 2008.02.29 - Ikarus T3.1.1.20 2008.02.29 - Kaspersky 7.0.0.125 2008.02.29 - McAfee 5242 2008.02.29 - Microsoft 1.3301 2008.02.29 - NOD32v2 2912 2008.02.29 - Norman 5.80.02 2008.02.29 - Panda 9.0.0.4 2008.02.29 - Prevx1 V2 2008.02.29 - Rising 20.33.42.00 2008.02.29 - Sophos 4.27.0 2008.02.29 - Sunbelt 3.0.906.0 2008.02.28 - Symantec 10 2008.02.29 - TheHacker 6.2.9.229 2008.02.25 - VBA32 3.12.6.2 2008.02.27 - VirusBuster 4.3.26:9 2008.02.29 - Webwasher-Gateway 6.6.2 2008.02.29 - Fil - 101ASBSW.INI Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.2.29.1 2008.02.29 - AntiVir 7.6.0.73 2008.02.29 - Authentium 4.93.8 2008.02.29 - Avast 4.7.1098.0 2008.02.28 - AVG 7.5.0.516 2008.02.29 - BitDefender 7.2 2008.02.29 - CAT-QuickHeal 9.50 2008.02.29 - ClamAV 0.92.1 2008.02.29 - DrWeb 4.44.0.09170 2008.02.29 - eSafe 7.0.15.0 2008.02.28 - eTrust-Vet 31.3.5574 2008.02.29 - Ewido 4.0 2008.02.29 - FileAdvisor 1 2008.02.29 - Fortinet 3.14.0.0 2008.02.29 - F-Prot 4.4.2.54 2008.02.28 - F-Secure 6.70.13260.0 2008.02.29 - Ikarus T3.1.1.20 2008.02.29 - Kaspersky 7.0.0.125 2008.02.29 - McAfee 5242 2008.02.29 - Microsoft 1.3301 2008.02.29 - NOD32v2 2912 2008.02.29 - Norman 5.80.02 2008.02.29 - Panda 9.0.0.4 2008.02.29 - Prevx1 V2 2008.02.29 - Rising 20.33.42.00 2008.02.29 - Sophos 4.27.0 2008.02.29 - Sunbelt 3.0.906.0 2008.02.28 - Symantec 10 2008.02.29 - TheHacker 6.2.9.229 2008.02.25 - VBA32 3.12.6.2 2008.02.27 - VirusBuster 4.3.26:9 2008.02.29 - Webwasher-Gateway 6.6.2 2008.02.29 - Fil - 42BC6FC62E Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.2.29.1 2008.02.29 - AntiVir 7.6.0.73 2008.02.29 - Authentium 4.93.8 2008.02.29 - Avast 4.7.1098.0 2008.02.28 - AVG 7.5.0.516 2008.02.29 - BitDefender 7.2 2008.02.29 - CAT-QuickHeal 9.50 2008.02.29 - ClamAV 0.92.1 2008.02.29 - DrWeb 4.44.0.09170 2008.02.29 - eSafe 7.0.15.0 2008.02.28 - eTrust-Vet 31.3.5574 2008.02.29 - Ewido 4.0 2008.02.29 - FileAdvisor 1 2008.02.29 - Fortinet 3.14.0.0 2008.02.29 - F-Prot 4.4.2.54 2008.02.28 - F-Secure 6.70.13260.0 2008.02.29 - Ikarus T3.1.1.20 2008.02.29 - Kaspersky 7.0.0.125 2008.02.29 - McAfee 5242 2008.02.29 - Microsoft 1.3301 2008.02.29 - NOD32v2 2912 2008.02.29 - Norman 5.80.02 2008.02.29 - Panda 9.0.0.4 2008.02.29 - Prevx1 V2 2008.02.29 - Rising 20.33.42.00 2008.02.29 - Sophos 4.27.0 2008.02.29 - Sunbelt 3.0.906.0 2008.02.28 - Symantec 10 2008.02.29 - TheHacker 6.2.9.229 2008.02.25 - VBA32 3.12.6.2 2008.02.27 - VirusBuster 4.3.26:9 2008.02.29 - Webwasher-Gateway 6.6.2 2008.02.29 - Fil - e SellerateEngine.dll Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.2.22.0 2008.02.21 - AntiVir 7.6.0.67 2008.02.21 - Authentium 4.93.8 2008.02.21 - Avast 4.7.1098.0 2008.02.21 - AVG 7.5.0.516 2008.02.21 - BitDefender 7.2 2008.02.22 - CAT-QuickHeal 9.50 2008.02.21 - ClamAV 0.92.1 2008.02.22 - DrWeb 4.44.0.09170 2008.02.21 - eSafe 7.0.15.0 2008.02.21 - eTrust-Vet 31.3.5554 2008.02.22 - Ewido 4.0 2008.02.21 - FileAdvisor 1 2008.02.22 - Fortinet 3.14.0.0 2008.02.22 - F-Prot 4.4.2.54 2008.02.22 - F-Secure 6.70.13260.0 2008.02.21 - Ikarus T3.1.1.20 2008.02.22 - Kaspersky 7.0.0.125 2008.02.22 - McAfee 5235 2008.02.21 - Microsoft 1.3204 2008.02.22 - NOD32v2 2894 2008.02.21 - Norman 5.80.02 2008.02.21 - Panda 9.0.0.4 2008.02.21 - Prevx1 V2 2008.02.22 - Rising 20.32.32.00 2008.02.21 - Sophos 4.26.0 2008.02.21 - Sunbelt 3.0.884.0 2008.02.21 - Symantec 10 2008.02.22 - TheHacker 6.2.9.226 2008.02.22 - VBA32 3.12.6.1 2008.02.21 - VirusBuster 4.3.26:9 2008.02.21 - Webwasher-Gateway 6.6.2 2008.02.21 - [/log] Till Mr Andersson: Ursäkta felpostandet, det råkade bara bli fel av någon anledning. Tack för att du rättade till det!
  6. Hej! Min dator har betett sig konstigt senaste tiden. Kan ni se om ni hittar något i loggarna? Hijack This: [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:15:22, on 2008-02-28 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\LckFldService.exe C:\Program\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe c:\Program\Delade filer\Protexis\License Service\PsiService_2.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Java\jre1.6.0_03\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program\Alarm Me\AlarmMe.exe C:\Program\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\MSN Messenger\MsnMsgr.Exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\DAEMON Tools\daemon.exe C:\Program\Messenger\msmsgs.exe C:\Program\Skype\Phone\Skype.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\iPod\bin\iPodService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\explorer.exe C:\Program\Mozilla Firefox\firefox.exe G:\Mattias\Program\HiJackThis (stäng av virusskydd)\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AlarmMe] "C:\Program\Alarm Me\AlarmMe.exe" "-h" O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [0463dc96] rundll32.exe "C:\WINDOWS\system32\hgwslifg.dll",b O4 - HKLM\..\Run: [bM0750ef0a] Rundll32.exe "C:\WINDOWS\system32\htwahbvc.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program\Delade filer\Protexis\License Service\PsiService_2.exe -- End of file - 6573 bytes[/log] ComboFix: [log]ComboFix 08-02-25.3 - Mattias 2008-02-28 21:23:06.7 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.502 [GMT 1:00] Running from: C:\Documents and Settings\Mattias\Skrivbord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\awvvw.dll C:\WINDOWS\system32\btljnyxf.dll C:\WINDOWS\system32\cbxxusq.dll C:\WINDOWS\system32\fpyabfoq.dll C:\WINDOWS\system32\gfilswgh.ini C:\WINDOWS\system32\gsnspgvd.dll C:\WINDOWS\system32\hgwslifg.dll C:\WINDOWS\system32\htwahbvc.dll C:\WINDOWS\system32\nnpvkamr.ini C:\WINDOWS\system32\rmakvpnn.dll C:\WINDOWS\system32\ruclrjtw.dll C:\WINDOWS\system32\tuttfdqu.ini C:\WINDOWS\system32\tyggtbdj.dll C:\WINDOWS\system32\wvvwa.ini C:\WINDOWS\system32\wvvwa.ini2 . ((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-28 ))))))))))))))))))))))))))))))) . 2008-02-28 18:34 . 2008-02-28 18:34 352,256 --a------ C:\WINDOWS\eSellerateEngine.dll 2008-02-28 18:32 . 2008-02-28 18:32 <KAT> d-------- C:\Program\Deskshare 2008-02-28 18:25 . 2008-02-28 18:25 <KAT> d-------- C:\Program\Delade filer\DeskShare Shared 2008-02-28 18:23 . 2008-02-28 18:23 <KAT> d-------- C:\Program\particleIllusion_3 2008-02-28 18:17 . 2008-02-28 18:17 <KAT> d-------- C:\Program\MSXML 6.0 2008-02-28 18:16 . 1997-11-19 15:49 303,616 --a------ C:\WINDOWS\IsUninst.exe 2008-02-28 18:15 . 2008-02-28 18:15 <KAT> d-------- C:\Documents and Settings\Mattias\WINDOWS 2008-02-28 09:09 . 2008-02-28 18:21 22 --a------ C:\WINDOWS\pskt.ini 2008-02-27 21:45 . 2008-02-27 21:45 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\Corel 2008-02-27 21:45 . 2008-02-27 21:45 2,516 --ahs---- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys 2008-02-27 21:45 . 2008-02-27 21:45 88 -r-hs---- C:\Documents and Settings\All Users\Application Data\42BC6FC62E.sys 2008-02-27 21:08 . 2008-02-27 21:08 <KAT> d-------- C:\Program\Delade filer\Protexis 2008-02-27 21:08 . 2008-02-27 21:08 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Corel 2008-02-27 21:01 . 2008-02-27 21:01 <KAT> d-------- C:\Program\Delade filer\Corel 2008-02-27 21:00 . 2008-02-27 21:00 <KAT> d-------- C:\Program\Corel 2008-02-26 19:57 . 2008-02-26 19:57 <KAT> d-------- C:\DISNEY 2008-02-26 19:57 . 2008-02-26 19:57 70 --a------ C:\WINDOWS\101ASBSW.INI 2008-02-26 15:34 . 2008-02-26 15:34 1,409 --a------ C:\WINDOWS\system32\tmp8FDBD.FOT 2008-02-26 15:32 . 2008-02-26 15:32 1,409 --a------ C:\WINDOWS\system32\tmpB44CB.FOT 2008-02-26 15:32 . 2008-02-26 15:32 1,409 --a------ C:\WINDOWS\system32\tmpB34CB.FOT 2008-02-26 12:09 . 2008-02-26 12:09 268 --ah----- C:\sqmdata12.sqm 2008-02-26 12:09 . 2008-02-26 12:09 244 --ah----- C:\sqmnoopt12.sqm 2008-02-25 21:51 . 2008-02-25 21:51 268 --ah----- C:\sqmdata11.sqm 2008-02-25 21:51 . 2008-02-25 21:51 244 --ah----- C:\sqmnoopt11.sqm 2008-02-24 21:31 . 2008-02-24 21:31 <KAT> d-------- C:\Program\Advanced Diary 2008-02-24 21:31 . 2002-02-01 19:00 293,888 --a------ C:\WINDOWS\system32\midas.dll 2008-02-24 21:04 . 2008-02-24 21:04 268 --ah----- C:\sqmdata10.sqm 2008-02-24 21:04 . 2008-02-24 21:04 244 --ah----- C:\sqmnoopt10.sqm 2008-02-21 21:11 . 2008-02-21 21:11 <KAT> d-------- C:\Program\DVD Shrink 2008-02-21 21:11 . 2008-02-21 21:11 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink 2008-02-21 19:52 . 2008-02-21 20:09 <KAT> d-------- C:\Fraps 2008-02-19 15:32 . 2008-02-19 15:32 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\vlc 2008-02-19 15:16 . 2008-02-19 15:16 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\dvdcss 2008-02-19 14:57 . 2008-02-19 14:57 <KAT> d-------- C:\Program\VideoLAN 2008-02-19 13:12 . 2008-02-19 13:12 47 --a------ C:\WINDOWS\vg5aloc.ini 2008-02-19 13:11 . 2008-02-19 13:11 <KAT> d-------- C:\Program\PAN Vision 2008-02-19 11:58 . 2008-02-19 11:58 109,146 --a------ C:\WINDOWS\File Renamer - Basic Uninstaller.exe 2008-02-19 11:57 . 2008-02-19 11:59 <KAT> d-------- C:\Program\File Renamer 2008-02-16 19:01 . 2008-02-16 19:01 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2008-02-16 19:01 . 2008-02-16 19:01 298,104 --a------ C:\WINDOWS\system32\imon.dll 2008-02-16 19:01 . 2008-02-16 19:01 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2008-02-16 18:59 . 2008-02-16 18:59 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SiteAdvisor 2008-02-15 17:42 . 2008-02-15 17:42 <KAT> d-------- C:\Program\URUSoft 2008-02-15 17:29 . 1999-12-17 10:13 86,016 --a------ C:\WINDOWS\unvise32.exe 2008-02-12 17:32 . 2002-01-05 04:10 57,344 --------- C:\WINDOWS\system32\mfc70enu.dll 2008-02-10 19:30 . 2008-02-10 19:30 92,728 --a------ C:\WINDOWS\system32\bass.dll 2008-02-10 18:41 . 2008-02-10 18:41 268 --ah----- C:\sqmdata09.sqm 2008-02-10 18:41 . 2008-02-10 18:41 244 --ah----- C:\sqmnoopt09.sqm 2008-02-10 12:47 . 2008-02-10 12:47 268 --ah----- C:\sqmdata08.sqm 2008-02-10 12:47 . 2008-02-10 12:47 244 --ah----- C:\sqmnoopt08.sqm 2008-02-09 17:59 . 2008-02-09 17:59 268 --ah----- C:\sqmdata07.sqm 2008-02-09 17:59 . 2008-02-09 17:59 244 --ah----- C:\sqmnoopt07.sqm 2008-02-09 17:54 . 2008-02-09 17:54 268 --ah----- C:\sqmdata06.sqm 2008-02-09 17:54 . 2008-02-09 17:54 244 --ah----- C:\sqmnoopt06.sqm 2008-02-09 14:00 . 2008-02-09 14:00 268 --ah----- C:\sqmdata05.sqm 2008-02-09 14:00 . 2008-02-09 14:00 244 --ah----- C:\sqmnoopt05.sqm 2008-02-09 13:37 . 2008-02-09 13:37 268 --ah----- C:\sqmdata04.sqm 2008-02-09 13:37 . 2008-02-09 13:37 244 --ah----- C:\sqmnoopt04.sqm 2008-02-08 23:14 . 2008-02-08 23:14 268 --ah----- C:\sqmdata03.sqm 2008-02-08 23:14 . 2008-02-08 23:14 244 --ah----- C:\sqmnoopt03.sqm 2008-02-05 20:06 . 2008-02-05 20:06 <KAT> dr-h----- C:\Documents and Settings\Mattias\Application Data\SecuROM 2008-02-04 19:24 . 2008-02-04 19:24 <KAT> d-------- C:\Program\Skype 2008-02-04 19:24 . 2008-02-04 19:24 <KAT> d-------- C:\Program\Delade filer\Skype 2008-02-04 19:24 . 2008-02-28 21:21 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\Skype 2008-02-04 19:23 . 2008-02-04 19:24 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-02-04 16:55 . 2008-02-04 20:22 <KAT> d-------- C:\Program\GameSpy Arcade 2008-02-03 14:24 . 2008-02-03 14:24 <KAT> d-------- C:\Program\MSN Messenger 2008-02-02 23:41 . 2008-02-16 18:59 32,890 --a------ C:\WINDOWS\system32\Config.MPF 2008-02-02 21:47 . 2008-02-16 19:04 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2008-02-02 21:18 . 2006-09-05 18:59 97,088 -ra------ C:\WINDOWS\system32\drivers\se58mdm.sys 2008-02-02 21:18 . 2006-09-05 18:59 9,360 -ra------ C:\WINDOWS\system32\drivers\se58mdfl.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cmnt.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cm.sys 2008-02-02 21:01 . 2008-02-02 21:01 <KAT> d-------- C:\Program\Disc2Phone 2008-02-02 20:59 . 2006-09-05 18:58 61,536 -ra------ C:\WINDOWS\system32\drivers\se58bus.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58whnt.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58wh.sys 2008-02-01 19:25 . 2008-02-01 19:25 <KAT> dr-h----- C:\Documents and Settings\Therese\Application Data\SecuROM 2008-02-01 18:51 . 2008-02-04 20:17 <KAT> d-------- C:\Program\EA GAMES 2008-02-01 18:51 . 2005-02-26 06:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2008-02-01 18:27 . 2008-02-01 18:27 1,409 --a------ C:\WINDOWS\system32\tmp08005.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpE30F2.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpC90F2.FOT 2008-02-01 14:52 . 2008-02-01 14:52 <KAT> d-------- C:\Program\GameSpy 2008-02-01 14:51 . 2008-02-01 14:51 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-02-01 14:51 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-02-01 14:51 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-02-01 14:51 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2008-02-01 14:51 . 2008-02-26 17:07 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-02-01 14:51 . 2008-02-01 14:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-02-01 14:51 . 2008-02-25 19:34 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\Documents and Settings\Mattias\Application Data\PnkBstrK.sys 2008-02-01 14:50 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-02-01 14:50 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2008-02-01 14:39 . 2008-02-01 14:39 <KAT> d-------- C:\Program\Electronic Arts 2008-01-31 21:55 . 2007-12-04 15:44 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Program\SystemRequirementsLab . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-28 19:27 --------- d-----w C:\Documents and Settings\Mattias\Application Data\LimeWire 2008-02-28 16:41 --------- d-----w C:\Documents and Settings\Mattias\Application Data\uTorrent 2008-02-27 19:58 --------- d-----w C:\Program\ESET 2008-02-19 14:32 --------- d-----w C:\Documents and Settings\Mattias\Application Data\vlc 2008-02-12 16:32 --------- d--h--w C:\Program\InstallShield Installation Information 2008-02-12 16:32 --------- d-----w C:\Program\Macromedia 2008-02-12 16:32 --------- d-----w C:\Program\Delade filer\Macromedia 2008-02-03 12:47 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Ahead 2008-01-29 19:44 --------- d-----w C:\Program\Delade filer\Adobe 2008-01-29 14:52 --------- d-----w C:\Program\epson 2008-01-27 20:55 --------- d-----w C:\Program\Game_Maker6 2008-01-27 20:53 --------- d-----w C:\Program\LG PC Suite 2008-01-27 20:48 --------- d-----w C:\Documents and Settings\Mattias\Application Data\LG Electronics 2008-01-27 20:46 --------- d-----w C:\Program\LG Electronics 2008-01-27 13:04 --------- d-----w C:\Program\LimeWire 2008-01-26 13:14 --------- d-----w C:\Program\GTASA-Ultimate Editor 2008-01-26 13:11 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2008-01-26 13:11 249,856 ------w C:\WINDOWS\Setup1.exe 2008-01-26 13:11 --------- d-----w C:\Program\uTorrent 2008-01-25 22:06 --------- d-----w C:\Program\MSXML 4.0 2008-01-25 18:33 --------- d-----w C:\Documents and Settings\Therese\Application Data\Talkback 2008-01-25 17:53 --------- d-----w C:\Program\San Andreas Mod Installer 2008-01-25 17:17 --------- d-----w C:\Program\Rockstar Games 2008-01-25 17:15 --------- d-----w C:\Program\DAEMON Tools 2008-01-25 17:12 646,392 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-01-25 15:46 --------- d-----w C:\Program\Delade filer\Macromedia Shared 2008-01-25 15:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision 2008-01-24 21:19 --------- d-----w C:\Program\Delade filer\Ahead 2008-01-24 21:18 --------- d-----w C:\Program\Nero 2008-01-24 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2008-01-24 20:53 --------- d-----w C:\Program\Google 2008-01-24 20:37 --------- d-----w C:\Program\Audacity 2008-01-24 20:28 --------- d-----w C:\Program\Total Video Converter 2008-01-24 19:38 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Talkback 2008-01-24 18:56 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Locktime 2008-01-24 13:59 --------- d-----w C:\Documents and Settings\Therese\Application Data\Locktime 2008-01-23 21:24 --------- d-----w C:\Program\Delade filer\Logitech 2008-01-23 21:23 --------- d-----w C:\Program\Delade filer\InstallShield 2008-01-23 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Locktime 2008-01-23 21:19 --------- d-----w C:\Program\iTunes 2008-01-23 21:19 --------- d-----w C:\Program\iPod 2008-01-23 21:19 --------- d-----w C:\Program\Guitar Pro 5 2008-01-23 21:19 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Program\QuickTime 2008-01-23 21:18 --------- d-----w C:\Program\Delade filer\Apple 2008-01-23 21:18 --------- d-----w C:\Program\Apple Software Update 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-01-23 21:14 --------- d-----w C:\Program\Microsoft ActiveSync 2008-01-23 21:13 --------- d-----w C:\Program\Teslain Crypto 2008-01-23 21:06 --------- d-----w C:\Program\Java 2008-01-23 21:06 --------- d-----w C:\Program\Delade filer\Java 2008-01-23 21:02 --------- d-----w C:\Program\CCleaner 2008-01-23 20:59 --------- d-----w C:\Program\FolderAccess 2008-01-23 20:56 --------- d-----w C:\Program\Broadcom 2008-01-23 20:56 --------- d-----w C:\Program\Analog Devices 2008-01-23 20:35 --------- d-----w C:\Program\microsoft frontpage 2008-01-23 20:33 --------- d-----w C:\Program\Onlinetjänster . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:34 15360] "msnmsgr"="C:\Program\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352] "swg"="C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-25 19:33 68856] "MSMSGS"="C:\Program\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "nwiz"="nwiz.exe" [2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 01:07 81920] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" [2007-09-26 14:42 267064] "EPSON Stylus Photo RX420 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [2004-04-09 04:00 98304] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184] "NeroFilterCheck"="C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53 153136] "AlarmMe"="C:\Program\Alarm Me\AlarmMe.exe" [2007-03-03 16:00 2102272] "nod32kui"="C:\Program\Eset\nod32kui.exe" [2008-02-16 19:01 949376] "SoundMAXPnP"="C:\Program\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42 1404928] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:34 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program\\uTorrent\\uTorrent.exe"= "C:\\Program\\MSN Messenger\\msnmsgr.exe"= "C:\\Program\\MSN Messenger\\livecall.exe"= "C:\\Program\\EA GAMES\\Battlefield 2\\BF2.exe"= "C:\\Program\\Skype\\Phone\\Skype.exe"= R2 PSI_SVC_2;Protexis Licensing V2;"c:\Program\Delade filer\Protexis\License Service\PsiService_2.exe" [2007-07-24 11:15] S3 se58bus;Sony Ericsson Device 088 driver (WDM);C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 18:58] S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 18:59] S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 18:59] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-28 21:35:33 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\LckFldService.exe C:\Program\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program\iPod\bin\iPodService.exe . ************************************************************************** . Completion time: 2008-02-28 21:37:24 - machine was rebooted [Therese] ComboFix-quarantined-files.txt 2008-02-28 20:37:21 ComboFix2.txt 2008-02-02 22:31:15 ComboFix3.txt 2008-02-02 21:53:52 ComboFix4.txt 2008-02-02 21:49:55 ComboFix5.txt 2008-02-02 21:46:41 . 2008-02-28 17:17:37 --- E O F --- [/log]
  7. Hej! Någon som vet någon bra låt eller något som är riktigt bra att testa sina 5.1 högtalare med? Mvh Mattias
  8. ingen som kan hjälpa?
  9. Hej! Jag funderar på att köpa bärbart. Vad har ni för tips? Jag vill kunna spela spel som t ex BF2, Crysis, Call Of Duty 4. Det behöver självklart inte vara på High när det gäller grafik och så. Det ska ligga i 10 000 kronors klassen. Jag är öppen för alla modeller och utseenden. Tack på Förhand! /Mattias [inlägget ändrat 2008-02-10 21:56:04 av tankado]
  10. Gjorde det! Tack så mycket för hjälpen! Gjorde två sista sökningar för säkerhets skull: Hijack: [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:33:51, on 2008-02-02 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\LckFldService.exe C:\Program\NetLimiter 2 Pro\nlsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Java\jre1.6.0_03\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program\Alarm Me\AlarmMe.exe C:\Program\Analog Devices\Core\smax4pnp.exe C:\Program\NetLimiter 2 Pro\NLClient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\DAEMON Tools\daemon.exe C:\Program\Messenger\msmsgs.exe C:\WINDOWS\system32\winsrs.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\iPod\bin\iPodService.exe C:\Program\McAfee\MSC\mcpromgr.exe C:\Program\McAfee\MSC\mcusrmgr.exe C:\Program\McAfee\MSC\mcupdmgr.exe C:\Program\McAfee\MSC\mclogsrv.exe C:\Program\McAfee\MSC\mctskshd.exe c:\program\mcafee.com\agent\mcagent.exe c:\program\delade filer\mcafee\mna\mcnasvc.exe C:\Program\McAfee\VIRUSS~1\mcshield.exe C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe C:\Program\McAfee\VIRUSS~1\mcods.exe C:\Program\McAfee\MPF\MPFSrv.exe c:\program\mcafee\msc\mcuimgr.exe C:\WINDOWS\explorer.exe C:\Program\Mozilla Firefox\firefox.exe C:\Documents and Settings\Mattias\Skrivbord\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program\SiteAdvisor\SiteAdv.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program\SiteAdvisor\SiteAdv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AlarmMe] "C:\Program\Alarm Me\AlarmMe.exe" "-h" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Comrade.exe] C:\Program\GameSpy\Comrade\Comrade.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\Program\McAfee\MSC\mclogsrv.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\Program\McAfee\MSC\mctskshd.exe O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcusrmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program\NetLimiter 2 Pro\nlsvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 8548 bytes [/log] ComboFix: [log]ComboFix 08-02.03.1 - Mattias 2008-02-02 23:29:42.6 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.46.1053.18.515 [GMT 1:00] Running from: C:\Documents and Settings\Mattias\Skrivbord\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . G:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-01-02 to 2008-02-02 ))))))))))))))))))))))))))))))) . 2008-02-02 21:49 . 2008-02-02 21:49 <KAT> d-------- C:\Program\SiteAdvisor 2008-02-02 21:49 . 2008-02-02 21:49 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SiteAdvisor 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\WINDOWS\LastGood 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\Program\McAfee.com 2008-02-02 21:48 . 2008-02-02 21:49 <KAT> d-------- C:\Program\McAfee 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\Program\Delade filer\McAfee 2008-02-02 21:48 . 2006-07-14 00:09 161,768 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys 2008-02-02 21:48 . 2006-07-17 21:56 104,024 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys 2008-02-02 21:48 . 2006-07-08 15:46 84,744 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys 2008-02-02 21:48 . 2006-07-14 00:10 37,800 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys 2008-02-02 21:48 . 2006-07-14 00:09 33,896 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys 2008-02-02 21:48 . 2006-07-14 00:09 31,560 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys 2008-02-02 21:48 . 2006-07-27 16:45 1,808 --a------ C:\WINDOWS\system32\subst.inf 2008-02-02 21:47 . 2008-02-02 21:50 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2008-02-02 21:18 . 2006-09-05 18:59 97,088 -ra------ C:\WINDOWS\system32\drivers\se58mdm.sys 2008-02-02 21:18 . 2006-09-05 18:59 9,360 -ra------ C:\WINDOWS\system32\drivers\se58mdfl.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cmnt.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cm.sys 2008-02-02 21:01 . 2008-02-02 21:01 <KAT> d-------- C:\Program\Disc2Phone 2008-02-02 20:59 . 2006-09-05 18:58 61,536 -ra------ C:\WINDOWS\system32\drivers\se58bus.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58whnt.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58wh.sys 2008-02-01 19:25 . 2008-02-01 19:25 <KAT> dr-h----- C:\Documents and Settings\Therese\Application Data\SecuROM 2008-02-01 18:51 . 2008-02-01 19:21 <KAT> d-------- C:\Program\EA GAMES 2008-02-01 18:51 . 2005-02-26 06:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2008-02-01 18:27 . 2008-02-01 18:27 1,409 --a------ C:\WINDOWS\system32\tmp08005.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpE30F2.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpC90F2.FOT 2008-02-01 14:52 . 2008-02-01 14:52 <KAT> d-------- C:\Program\GameSpy 2008-02-01 14:51 . 2008-02-01 14:51 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-02-01 14:51 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-02-01 14:51 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-02-01 14:51 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-02-01 14:51 . 2008-02-01 14:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\Documents and Settings\Mattias\Application Data\PnkBstrK.sys 2008-02-01 14:50 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-02-01 14:50 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2008-02-01 14:39 . 2008-02-01 14:39 <KAT> d-------- C:\Program\Electronic Arts 2008-01-31 21:55 . 2007-12-04 15:44 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Program\SystemRequirementsLab 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SystemRequirementsLab 2008-01-31 19:44 . 2008-01-31 19:44 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\AdobeUM 2008-01-31 08:06 . 2008-01-31 08:06 <KAT> d-------- C:\Program\Alarm Me 2008-01-29 22:01 . 2008-01-29 22:01 335 --a------ C:\WINDOWS\mozregistry.dat 2008-01-29 20:45 . 2008-01-29 20:45 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-01-29 20:44 . 2008-01-29 20:44 <KAT> d-------- C:\Program\Delade filer\Adobe Systems Shared 2008-01-29 20:38 . 2008-01-29 20:38 <KAT> d-------- C:\Program\MyPhoneExplorer 2008-01-29 20:38 . 2008-01-29 20:39 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MyPhoneExplorer 2008-01-29 20:01 . 2008-01-29 20:01 <KAT> d-------- C:\Program\Notepad++ 2008-01-29 20:01 . 2008-01-29 20:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\Notepad++ 2008-01-29 18:51 . 2008-01-29 18:51 1,409 --a------ C:\WINDOWS\system32\tmp35AF8.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp510CF.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp430CF.FOT 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:10 . 2008-01-31 08:07 <KAT> d-------- C:\Program\MilkShape 3D 1.8.0 2008-01-28 19:10 . 2008-01-28 19:21 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MilkShape 3D 1.x.x 2008-01-28 19:10 . 2008-01-28 19:21 4 --a------ C:\Documents and Settings\All Users\Application Data\463DC390.DAT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp70CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp55CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp2CB0B.FOT 2008-01-27 21:50 . 2008-01-27 22:44 <KAT> d--h----- C:\LGFolder 2008-01-27 21:48 . 2008-01-27 21:53 <KAT> d-------- C:\Program\LG PC Suite 2008-01-27 21:48 . 2008-01-27 21:48 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LG Electronics 2008-01-27 21:46 . 2008-01-27 21:46 <KAT> d-------- C:\Program\LG Electronics 2008-01-27 21:46 . 2005-06-24 18:36 39,036 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys 2008-01-27 21:46 . 2005-05-26 11:01 38,144 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys 2008-01-27 21:46 . 2005-05-26 11:01 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys 2008-01-27 14:05 . 2008-02-01 14:41 <KAT> d-------- C:\Documents and Settings\Mattias\Shared 2008-01-27 14:05 . 2008-02-01 14:42 <KAT> d-------- C:\Documents and Settings\Mattias\Incomplete 2008-01-27 14:04 . 2008-01-27 14:04 <KAT> d-------- C:\Program\LimeWire 2008-01-27 14:04 . 2008-02-01 14:37 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LimeWire 2008-01-27 12:58 . 2008-01-27 12:58 1,409 --a------ C:\WINDOWS\system32\tmp1DEB0.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpD564B.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpC864B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp49A5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp10B5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp04F8B.FOT 2008-01-26 14:11 . 2008-01-26 14:11 <KAT> d-------- C:\Program\uTorrent 2008-01-26 14:11 . 2008-01-26 14:14 <KAT> d-------- C:\Program\GTASA-Ultimate Editor 2008-01-26 14:11 . 2008-02-02 12:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\uTorrent 2008-01-26 14:11 . 2008-01-26 14:11 249,856 --------- C:\WINDOWS\Setup1.exe 2008-01-26 14:11 . 2008-01-26 14:11 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-01-26 12:52 . 2008-01-26 12:52 <KAT> d-------- C:\Programmi 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-01-25 23:06 . 2008-01-25 23:06 <KAT> d-------- C:\Program\MSXML 4.0 2008-01-25 19:33 . 2008-01-25 19:33 <KAT> d-------- C:\Documents and Settings\Therese\Application Data\Talkback 2008-01-25 19:26 . 2008-02-01 19:25 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2008-01-25 19:20 . 2008-01-25 19:20 <KAT> d-------- C:\WINDOWS\system32\URTTemp 2008-01-25 18:52 . 2008-01-25 18:52 <KAT> d-------- C:\WINDOWS\San Andreas Mod Installer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-02 20:40 --------- d-----w C:\Program\ESET 2008-01-29 19:44 --------- d-----w C:\Program\Delade filer\Adobe 2008-01-29 14:52 --------- d-----w C:\Program\epson 2008-01-27 20:55 --------- d-----w C:\Program\Game_Maker6 2008-01-27 20:53 --------- d--h--w C:\Program\InstallShield Installation Information 2008-01-24 20:53 --------- d-----w C:\Program\Google 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\SpeechEngines 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\ODBC 2008-01-23 21:24 --------- d-----w C:\Program\NetLimiter 2 Pro 2008-01-23 21:24 --------- d-----w C:\Program\Delade filer\Logitech 2008-01-23 21:23 --------- d-----w C:\Program\Delade filer\InstallShield 2008-01-23 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Locktime 2008-01-23 21:19 --------- d-----w C:\Program\iTunes 2008-01-23 21:19 --------- d-----w C:\Program\iPod 2008-01-23 21:19 --------- d-----w C:\Program\Guitar Pro 5 2008-01-23 21:19 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Program\QuickTime 2008-01-23 21:18 --------- d-----w C:\Program\Delade filer\Apple 2008-01-23 21:18 --------- d-----w C:\Program\Apple Software Update 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-01-23 21:14 --------- d-----w C:\Program\Microsoft ActiveSync 2008-01-23 21:13 --------- d-----w C:\Program\Teslain Crypto 2008-01-23 21:06 --------- d-----w C:\Program\Java 2008-01-23 21:06 --------- d-----w C:\Program\Delade filer\Java 2008-01-23 21:02 --------- d-----w C:\Program\CCleaner 2008-01-23 20:59 --------- d-----w C:\Program\FolderAccess 2008-01-23 20:56 --------- d-----w C:\Program\Broadcom 2008-01-23 20:56 --------- d-----w C:\Program\Analog Devices 2008-01-23 20:35 --------- d-----w C:\Program\microsoft frontpage 2008-01-23 20:33 --------- d-----w C:\Program\Onlinetjänster 2008-01-23 20:32 --------- d-----w C:\Program\Delade filer\MSSoap 2007-11-07 09:29 722,432 ----a-w C:\WINDOWS\system32\lsasrv.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:34 15360] "MsnMsgr"="C:\Program\MSN Messenger\MsnMsgr.exe" [ ] "swg"="C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-25 19:33 68856] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 13:49 153136] "DAEMON Tools"="C:\Program\DAEMON Tools\daemon.exe" [2006-11-12 11:48 157592] "MSMSGS"="C:\Program\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "Comrade.exe"="C:\Program\GameSpy\Comrade\Comrade.exe" [2007-06-29 15:03 36864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "nwiz"="nwiz.exe" [2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 01:07 81920] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" [2007-09-26 14:42 267064] "EPSON Stylus Photo RX420 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [2004-04-09 04:00 98304] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184] "NeroFilterCheck"="C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53 153136] "AlarmMe"="C:\Program\Alarm Me\AlarmMe.exe" [2007-03-03 16:00 2102272] "SoundMAXPnP"="C:\Program\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42 1404928] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:34 15360] R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 12:03] S3 se58bus;Sony Ericsson Device 088 driver (WDM);C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 18:58] S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 18:59] S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 18:59] *Newly Created Service* - EMPROXY *Newly Created Service* - IPFILTERDRIVER *Newly Created Service* - MCAFEE_HACKERWATCH_SERVICE *Newly Created Service* - MCLOGMANAGERSERVICE *Newly Created Service* - MCMISPUPDMGR *Newly Created Service* - MCNASVC *Newly Created Service* - MCODS *Newly Created Service* - MCPROMGR *Newly Created Service* - MCREDIRECTOR *Newly Created Service* - MCSHIELD *Newly Created Service* - MCSYSMON *Newly Created Service* - MCTSKSHD.EXE *Newly Created Service* - MCUSRMGR *Newly Created Service* - MFEAVFK *Newly Created Service* - MFEBOPK *Newly Created Service* - MFEHIDK *Newly Created Service* - MFERKDK *Newly Created Service* - MFESMFK *Newly Created Service* - MPFP *Newly Created Service* - MPFSERVICE . Contents of the 'Scheduled Tasks' folder "2008-02-02 20:48:37 C:\WINDOWS\Tasks\McDefragTask.job" - C:\WINDOWS\system32\defrag.exe "2008-02-02 20:48:35 C:\WINDOWS\Tasks\McQcTask.job" - c:\program\mcafee\mqc\QcConsol.exe.4158 0 . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-02 23:30:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-02 23:31:14 ComboFix-quarantined-files.txt 2008-02-02 22:31:06 ComboFix2.txt 2008-02-02 21:53:52 ComboFix3.txt 2008-02-02 21:49:55 ComboFix4.txt 2008-02-02 21:46:41 ComboFix5.txt 2008-02-02 20:46:23 . 2008-01-29 21:05:20 --- E O F --- [/log] Är det nu säkert att installera om och börja använda MSN som vanligt igen? [inlägget ändrat 2008-02-02 23:36:09 av tankado]
  11. Jag råkade ta bort den första combofix loggen då det raderade filerna men jag gjorde en ny med CFScript och då var ju filerna borttagna här är den: [log]ComboFix 08-02.03.1 - Mattias 2008-02-02 22:48:27.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.46.1053.18.499 [GMT 1:00] Running from: C:\Documents and Settings\Mattias\Skrivbord\ComboFix.exe Command switches used :: C:\Documents and Settings\Mattias\Skrivbord\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE C:\WINDOWS\hi_im_lost.exe.zip C:\WINDOWS\jojjet.exe.zip C:\WINDOWS\lina.4.life.exe.zip C:\WINDOWS\mats_joensson.exe.zip C:\WINDOWS\nirvana_maggot.exe.zip C:\WINDOWS\oliviaflasch.exe.zip C:\WINDOWS\oskuldforlife.exe.zip C:\WINDOWS\pic0382.zip C:\WINDOWS\rap_cs_alex.exe.zip C:\WINDOWS\sandra_lilja.exe.zip C:\WINDOWS\snoddas93.exe.zip C:\WINDOWS\system32\winsrs.exe C:\WINDOWS\xtrmsupra.exe.zip . ((((((((((((((((((((((((( Files Created from 2008-01-02 to 2008-02-02 ))))))))))))))))))))))))))))))) . 2008-02-02 21:49 . 2008-02-02 21:49 <KAT> d-------- C:\Program\SiteAdvisor 2008-02-02 21:49 . 2008-02-02 21:49 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SiteAdvisor 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\WINDOWS\LastGood 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\Program\McAfee.com 2008-02-02 21:48 . 2008-02-02 21:49 <KAT> d-------- C:\Program\McAfee 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\Program\Delade filer\McAfee 2008-02-02 21:48 . 2006-07-14 00:09 161,768 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys 2008-02-02 21:48 . 2006-07-17 21:56 104,024 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys 2008-02-02 21:48 . 2006-07-08 15:46 84,744 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys 2008-02-02 21:48 . 2006-07-14 00:10 37,800 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys 2008-02-02 21:48 . 2006-07-14 00:09 33,896 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys 2008-02-02 21:48 . 2006-07-14 00:09 31,560 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys 2008-02-02 21:48 . 2006-07-27 16:45 1,808 --a------ C:\WINDOWS\system32\subst.inf 2008-02-02 21:47 . 2008-02-02 21:50 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2008-02-02 21:18 . 2006-09-05 18:59 97,088 -ra------ C:\WINDOWS\system32\drivers\se58mdm.sys 2008-02-02 21:18 . 2006-09-05 18:59 9,360 -ra------ C:\WINDOWS\system32\drivers\se58mdfl.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cmnt.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cm.sys 2008-02-02 21:01 . 2008-02-02 21:01 <KAT> d-------- C:\Program\Disc2Phone 2008-02-02 20:59 . 2006-09-05 18:58 61,536 -ra------ C:\WINDOWS\system32\drivers\se58bus.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58whnt.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58wh.sys 2008-02-01 19:25 . 2008-02-01 19:25 <KAT> dr-h----- C:\Documents and Settings\Therese\Application Data\SecuROM 2008-02-01 18:51 . 2008-02-01 19:21 <KAT> d-------- C:\Program\EA GAMES 2008-02-01 18:51 . 2005-02-26 06:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2008-02-01 18:27 . 2008-02-01 18:27 1,409 --a------ C:\WINDOWS\system32\tmp08005.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpE30F2.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpC90F2.FOT 2008-02-01 14:52 . 2008-02-01 14:52 <KAT> d-------- C:\Program\GameSpy 2008-02-01 14:51 . 2008-02-01 14:51 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-02-01 14:51 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-02-01 14:51 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-02-01 14:51 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-02-01 14:51 . 2008-02-01 14:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\Documents and Settings\Mattias\Application Data\PnkBstrK.sys 2008-02-01 14:50 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-02-01 14:50 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2008-02-01 14:39 . 2008-02-01 14:39 <KAT> d-------- C:\Program\Electronic Arts 2008-01-31 21:55 . 2007-12-04 15:44 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Program\SystemRequirementsLab 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SystemRequirementsLab 2008-01-31 19:44 . 2008-01-31 19:44 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\AdobeUM 2008-01-31 08:06 . 2008-01-31 08:06 <KAT> d-------- C:\Program\Alarm Me 2008-01-29 22:01 . 2008-01-29 22:01 335 --a------ C:\WINDOWS\mozregistry.dat 2008-01-29 20:45 . 2008-01-29 20:45 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-01-29 20:44 . 2008-01-29 20:44 <KAT> d-------- C:\Program\Delade filer\Adobe Systems Shared 2008-01-29 20:38 . 2008-01-29 20:38 <KAT> d-------- C:\Program\MyPhoneExplorer 2008-01-29 20:38 . 2008-01-29 20:39 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MyPhoneExplorer 2008-01-29 20:01 . 2008-01-29 20:01 <KAT> d-------- C:\Program\Notepad++ 2008-01-29 20:01 . 2008-01-29 20:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\Notepad++ 2008-01-29 18:51 . 2008-01-29 18:51 1,409 --a------ C:\WINDOWS\system32\tmp35AF8.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp510CF.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp430CF.FOT 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:10 . 2008-01-31 08:07 <KAT> d-------- C:\Program\MilkShape 3D 1.8.0 2008-01-28 19:10 . 2008-01-28 19:21 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MilkShape 3D 1.x.x 2008-01-28 19:10 . 2008-01-28 19:21 4 --a------ C:\Documents and Settings\All Users\Application Data\463DC390.DAT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp70CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp55CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp2CB0B.FOT 2008-01-27 21:50 . 2008-01-27 22:44 <KAT> d--h----- C:\LGFolder 2008-01-27 21:48 . 2008-01-27 21:53 <KAT> d-------- C:\Program\LG PC Suite 2008-01-27 21:48 . 2008-01-27 21:48 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LG Electronics 2008-01-27 21:46 . 2008-01-27 21:46 <KAT> d-------- C:\Program\LG Electronics 2008-01-27 21:46 . 2005-06-24 18:36 39,036 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys 2008-01-27 21:46 . 2005-05-26 11:01 38,144 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys 2008-01-27 21:46 . 2005-05-26 11:01 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys 2008-01-27 14:05 . 2008-02-01 14:41 <KAT> d-------- C:\Documents and Settings\Mattias\Shared 2008-01-27 14:05 . 2008-02-01 14:42 <KAT> d-------- C:\Documents and Settings\Mattias\Incomplete 2008-01-27 14:04 . 2008-01-27 14:04 <KAT> d-------- C:\Program\LimeWire 2008-01-27 14:04 . 2008-02-01 14:37 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LimeWire 2008-01-27 12:58 . 2008-01-27 12:58 1,409 --a------ C:\WINDOWS\system32\tmp1DEB0.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpD564B.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpC864B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp49A5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp10B5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp04F8B.FOT 2008-01-26 14:11 . 2008-01-26 14:11 <KAT> d-------- C:\Program\uTorrent 2008-01-26 14:11 . 2008-01-26 14:14 <KAT> d-------- C:\Program\GTASA-Ultimate Editor 2008-01-26 14:11 . 2008-02-02 12:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\uTorrent 2008-01-26 14:11 . 2008-01-26 14:11 249,856 --------- C:\WINDOWS\Setup1.exe 2008-01-26 14:11 . 2008-01-26 14:11 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-01-26 12:52 . 2008-01-26 12:52 <KAT> d-------- C:\Programmi 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-01-25 23:06 . 2008-01-25 23:06 <KAT> d-------- C:\Program\MSXML 4.0 2008-01-25 19:33 . 2008-01-25 19:33 <KAT> d-------- C:\Documents and Settings\Therese\Application Data\Talkback 2008-01-25 19:26 . 2008-02-01 19:25 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2008-01-25 19:20 . 2008-01-25 19:20 <KAT> d-------- C:\WINDOWS\system32\URTTemp 2008-01-25 18:52 . 2008-01-25 18:52 <KAT> d-------- C:\WINDOWS\San Andreas Mod Installer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-02 20:40 --------- d-----w C:\Program\ESET 2008-01-29 19:44 --------- d-----w C:\Program\Delade filer\Adobe 2008-01-29 14:52 --------- d-----w C:\Program\epson 2008-01-27 20:55 --------- d-----w C:\Program\Game_Maker6 2008-01-27 20:53 --------- d--h--w C:\Program\InstallShield Installation Information 2008-01-24 20:53 --------- d-----w C:\Program\Google 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\SpeechEngines 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\ODBC 2008-01-23 21:24 --------- d-----w C:\Program\NetLimiter 2 Pro 2008-01-23 21:24 --------- d-----w C:\Program\Delade filer\Logitech 2008-01-23 21:23 --------- d-----w C:\Program\Delade filer\InstallShield 2008-01-23 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Locktime 2008-01-23 21:19 --------- d-----w C:\Program\iTunes 2008-01-23 21:19 --------- d-----w C:\Program\iPod 2008-01-23 21:19 --------- d-----w C:\Program\Guitar Pro 5 2008-01-23 21:19 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Program\QuickTime 2008-01-23 21:18 --------- d-----w C:\Program\Delade filer\Apple 2008-01-23 21:18 --------- d-----w C:\Program\Apple Software Update 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-01-23 21:14 --------- d-----w C:\Program\Microsoft ActiveSync 2008-01-23 21:13 --------- d-----w C:\Program\Teslain Crypto 2008-01-23 21:06 --------- d-----w C:\Program\Java 2008-01-23 21:06 --------- d-----w C:\Program\Delade filer\Java 2008-01-23 21:02 --------- d-----w C:\Program\CCleaner 2008-01-23 20:59 --------- d-----w C:\Program\FolderAccess 2008-01-23 20:56 --------- d-----w C:\Program\Broadcom 2008-01-23 20:56 --------- d-----w C:\Program\Analog Devices 2008-01-23 20:35 --------- d-----w C:\Program\microsoft frontpage 2008-01-23 20:33 --------- d-----w C:\Program\Onlinetjänster 2008-01-23 20:32 --------- d-----w C:\Program\Delade filer\MSSoap 2007-11-07 09:29 722,432 ----a-w C:\WINDOWS\system32\lsasrv.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:34 15360] "MsnMsgr"="C:\Program\MSN Messenger\MsnMsgr.exe" [ ] "swg"="C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-25 19:33 68856] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 13:49 153136] "DAEMON Tools"="C:\Program\DAEMON Tools\daemon.exe" [2006-11-12 11:48 157592] "MSMSGS"="C:\Program\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "Comrade.exe"="C:\Program\GameSpy\Comrade\Comrade.exe" [2007-06-29 15:03 36864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "nwiz"="nwiz.exe" [2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 01:07 81920] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" [2007-09-26 14:42 267064] "EPSON Stylus Photo RX420 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [2004-04-09 04:00 98304] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184] "NeroFilterCheck"="C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53 153136] "AlarmMe"="C:\Program\Alarm Me\AlarmMe.exe" [2007-03-03 16:00 2102272] "SoundMAXPnP"="C:\Program\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42 1404928] "WIndos Update"="winsrs.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "WIndos Update"="winsrs.exe" [] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:34 15360] R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 12:03] S3 se58bus;Sony Ericsson Device 088 driver (WDM);C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 18:58] S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 18:59] S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 18:59] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0dbc0d7e-d094-11dc-af51-001111c2139b}] \Shell\AutoRun\command - setupSNK.exe *Newly Created Service* - EMPROXY *Newly Created Service* - IPFILTERDRIVER *Newly Created Service* - MCAFEE_HACKERWATCH_SERVICE *Newly Created Service* - MCLOGMANAGERSERVICE *Newly Created Service* - MCMISPUPDMGR *Newly Created Service* - MCNASVC *Newly Created Service* - MCODS *Newly Created Service* - MCPROMGR *Newly Created Service* - MCREDIRECTOR *Newly Created Service* - MCSHIELD *Newly Created Service* - MCSYSMON *Newly Created Service* - MCTSKSHD.EXE *Newly Created Service* - MCUSRMGR *Newly Created Service* - MFEAVFK *Newly Created Service* - MFEBOPK *Newly Created Service* - MFEHIDK *Newly Created Service* - MFERKDK *Newly Created Service* - MFESMFK *Newly Created Service* - MPFP *Newly Created Service* - MPFSERVICE . Contents of the 'Scheduled Tasks' folder "2008-02-02 20:48:37 C:\WINDOWS\Tasks\McDefragTask.job" - C:\WINDOWS\system32\defrag.exe "2008-02-02 20:48:35 C:\WINDOWS\Tasks\McQcTask.job" - c:\program\mcafee\mqc\QcConsol.exe.4158 0 . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net'>http://www.gmer.net Rootkit scan 2008-02-02 22:49:21 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-02 22:49:54 ComboFix-quarantined-files.txt 2008-02-02 21:49:46 ComboFix2.txt 2008-02-02 21:46:41 ComboFix3.txt 2008-02-02 20:46:23 . 2008-01-29 21:05:20 --- E O F --- [/log] Här är en ny "från scratch" ComboFix eftersom jag råkade ta bort den första.. [log]ComboFix 08-02.03.1 - Mattias 2008-02-02 22:52:24.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.495 [GMT 1:00] Running from: C:\Documents and Settings\Mattias\Skrivbord\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-01-02 to 2008-02-02 ))))))))))))))))))))))))))))))) . 2008-02-02 21:49 . 2008-02-02 21:49 <KAT> d-------- C:\Program\SiteAdvisor 2008-02-02 21:49 . 2008-02-02 21:49 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SiteAdvisor 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\WINDOWS\LastGood 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\Program\McAfee.com 2008-02-02 21:48 . 2008-02-02 21:49 <KAT> d-------- C:\Program\McAfee 2008-02-02 21:48 . 2008-02-02 21:48 <KAT> d-------- C:\Program\Delade filer\McAfee 2008-02-02 21:48 . 2006-07-14 00:09 161,768 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys 2008-02-02 21:48 . 2006-07-17 21:56 104,024 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys 2008-02-02 21:48 . 2006-07-08 15:46 84,744 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys 2008-02-02 21:48 . 2006-07-14 00:10 37,800 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys 2008-02-02 21:48 . 2006-07-14 00:09 33,896 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys 2008-02-02 21:48 . 2006-07-14 00:09 31,560 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys 2008-02-02 21:48 . 2006-07-27 16:45 1,808 --a------ C:\WINDOWS\system32\subst.inf 2008-02-02 21:47 . 2008-02-02 21:50 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2008-02-02 21:18 . 2006-09-05 18:59 97,088 -ra------ C:\WINDOWS\system32\drivers\se58mdm.sys 2008-02-02 21:18 . 2006-09-05 18:59 9,360 -ra------ C:\WINDOWS\system32\drivers\se58mdfl.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cmnt.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cm.sys 2008-02-02 21:01 . 2008-02-02 21:01 <KAT> d-------- C:\Program\Disc2Phone 2008-02-02 20:59 . 2006-09-05 18:58 61,536 -ra------ C:\WINDOWS\system32\drivers\se58bus.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58whnt.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58wh.sys 2008-02-01 19:25 . 2008-02-01 19:25 <KAT> dr-h----- C:\Documents and Settings\Therese\Application Data\SecuROM 2008-02-01 18:51 . 2008-02-01 19:21 <KAT> d-------- C:\Program\EA GAMES 2008-02-01 18:51 . 2005-02-26 06:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2008-02-01 18:27 . 2008-02-01 18:27 1,409 --a------ C:\WINDOWS\system32\tmp08005.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpE30F2.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpC90F2.FOT 2008-02-01 14:52 . 2008-02-01 14:52 <KAT> d-------- C:\Program\GameSpy 2008-02-01 14:51 . 2008-02-01 14:51 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-02-01 14:51 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-02-01 14:51 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-02-01 14:51 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-02-01 14:51 . 2008-02-01 14:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\Documents and Settings\Mattias\Application Data\PnkBstrK.sys 2008-02-01 14:50 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-02-01 14:50 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2008-02-01 14:39 . 2008-02-01 14:39 <KAT> d-------- C:\Program\Electronic Arts 2008-01-31 21:55 . 2007-12-04 15:44 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Program\SystemRequirementsLab 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SystemRequirementsLab 2008-01-31 19:44 . 2008-01-31 19:44 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\AdobeUM 2008-01-31 08:06 . 2008-01-31 08:06 <KAT> d-------- C:\Program\Alarm Me 2008-01-29 22:01 . 2008-01-29 22:01 335 --a------ C:\WINDOWS\mozregistry.dat 2008-01-29 20:45 . 2008-01-29 20:45 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-01-29 20:44 . 2008-01-29 20:44 <KAT> d-------- C:\Program\Delade filer\Adobe Systems Shared 2008-01-29 20:38 . 2008-01-29 20:38 <KAT> d-------- C:\Program\MyPhoneExplorer 2008-01-29 20:38 . 2008-01-29 20:39 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MyPhoneExplorer 2008-01-29 20:01 . 2008-01-29 20:01 <KAT> d-------- C:\Program\Notepad++ 2008-01-29 20:01 . 2008-01-29 20:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\Notepad++ 2008-01-29 18:51 . 2008-01-29 18:51 1,409 --a------ C:\WINDOWS\system32\tmp35AF8.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp510CF.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp430CF.FOT 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:10 . 2008-01-31 08:07 <KAT> d-------- C:\Program\MilkShape 3D 1.8.0 2008-01-28 19:10 . 2008-01-28 19:21 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MilkShape 3D 1.x.x 2008-01-28 19:10 . 2008-01-28 19:21 4 --a------ C:\Documents and Settings\All Users\Application Data\463DC390.DAT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp70CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp55CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp2CB0B.FOT 2008-01-27 21:50 . 2008-01-27 22:44 <KAT> d--h----- C:\LGFolder 2008-01-27 21:48 . 2008-01-27 21:53 <KAT> d-------- C:\Program\LG PC Suite 2008-01-27 21:48 . 2008-01-27 21:48 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LG Electronics 2008-01-27 21:46 . 2008-01-27 21:46 <KAT> d-------- C:\Program\LG Electronics 2008-01-27 21:46 . 2005-06-24 18:36 39,036 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys 2008-01-27 21:46 . 2005-05-26 11:01 38,144 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys 2008-01-27 21:46 . 2005-05-26 11:01 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys 2008-01-27 14:05 . 2008-02-01 14:41 <KAT> d-------- C:\Documents and Settings\Mattias\Shared 2008-01-27 14:05 . 2008-02-01 14:42 <KAT> d-------- C:\Documents and Settings\Mattias\Incomplete 2008-01-27 14:04 . 2008-01-27 14:04 <KAT> d-------- C:\Program\LimeWire 2008-01-27 14:04 . 2008-02-01 14:37 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LimeWire 2008-01-27 12:58 . 2008-01-27 12:58 1,409 --a------ C:\WINDOWS\system32\tmp1DEB0.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpD564B.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpC864B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp49A5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp10B5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp04F8B.FOT 2008-01-26 14:11 . 2008-01-26 14:11 <KAT> d-------- C:\Program\uTorrent 2008-01-26 14:11 . 2008-01-26 14:14 <KAT> d-------- C:\Program\GTASA-Ultimate Editor 2008-01-26 14:11 . 2008-02-02 12:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\uTorrent 2008-01-26 14:11 . 2008-01-26 14:11 249,856 --------- C:\WINDOWS\Setup1.exe 2008-01-26 14:11 . 2008-01-26 14:11 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-01-26 12:52 . 2008-01-26 12:52 <KAT> d-------- C:\Programmi 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-01-25 23:06 . 2008-01-25 23:06 <KAT> d-------- C:\Program\MSXML 4.0 2008-01-25 19:33 . 2008-01-25 19:33 <KAT> d-------- C:\Documents and Settings\Therese\Application Data\Talkback 2008-01-25 19:26 . 2008-02-01 19:25 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2008-01-25 19:20 . 2008-01-25 19:20 <KAT> d-------- C:\WINDOWS\system32\URTTemp 2008-01-25 18:52 . 2008-01-25 18:52 <KAT> d-------- C:\WINDOWS\San Andreas Mod Installer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-02 20:40 --------- d-----w C:\Program\ESET 2008-01-29 19:44 --------- d-----w C:\Program\Delade filer\Adobe 2008-01-29 14:52 --------- d-----w C:\Program\epson 2008-01-27 20:55 --------- d-----w C:\Program\Game_Maker6 2008-01-27 20:53 --------- d--h--w C:\Program\InstallShield Installation Information 2008-01-24 20:53 --------- d-----w C:\Program\Google 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\SpeechEngines 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\ODBC 2008-01-23 21:24 --------- d-----w C:\Program\NetLimiter 2 Pro 2008-01-23 21:24 --------- d-----w C:\Program\Delade filer\Logitech 2008-01-23 21:23 --------- d-----w C:\Program\Delade filer\InstallShield 2008-01-23 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Locktime 2008-01-23 21:19 --------- d-----w C:\Program\iTunes 2008-01-23 21:19 --------- d-----w C:\Program\iPod 2008-01-23 21:19 --------- d-----w C:\Program\Guitar Pro 5 2008-01-23 21:19 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Program\QuickTime 2008-01-23 21:18 --------- d-----w C:\Program\Delade filer\Apple 2008-01-23 21:18 --------- d-----w C:\Program\Apple Software Update 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-01-23 21:14 --------- d-----w C:\Program\Microsoft ActiveSync 2008-01-23 21:13 --------- d-----w C:\Program\Teslain Crypto 2008-01-23 21:06 --------- d-----w C:\Program\Java 2008-01-23 21:06 --------- d-----w C:\Program\Delade filer\Java 2008-01-23 21:02 --------- d-----w C:\Program\CCleaner 2008-01-23 20:59 --------- d-----w C:\Program\FolderAccess 2008-01-23 20:56 --------- d-----w C:\Program\Broadcom 2008-01-23 20:56 --------- d-----w C:\Program\Analog Devices 2008-01-23 20:35 --------- d-----w C:\Program\microsoft frontpage 2008-01-23 20:33 --------- d-----w C:\Program\Onlinetjänster 2008-01-23 20:32 --------- d-----w C:\Program\Delade filer\MSSoap 2007-11-07 09:29 722,432 ----a-w C:\WINDOWS\system32\lsasrv.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:34 15360] "MsnMsgr"="C:\Program\MSN Messenger\MsnMsgr.exe" [ ] "swg"="C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-25 19:33 68856] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 13:49 153136] "DAEMON Tools"="C:\Program\DAEMON Tools\daemon.exe" [2006-11-12 11:48 157592] "MSMSGS"="C:\Program\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "Comrade.exe"="C:\Program\GameSpy\Comrade\Comrade.exe" [2007-06-29 15:03 36864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "nwiz"="nwiz.exe" [2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 01:07 81920] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" [2007-09-26 14:42 267064] "EPSON Stylus Photo RX420 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [2004-04-09 04:00 98304] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184] "NeroFilterCheck"="C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53 153136] "AlarmMe"="C:\Program\Alarm Me\AlarmMe.exe" [2007-03-03 16:00 2102272] "SoundMAXPnP"="C:\Program\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42 1404928] "WIndos Update"="winsrs.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "WIndos Update"="winsrs.exe" [] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:34 15360] R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 12:03] S3 se58bus;Sony Ericsson Device 088 driver (WDM);C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 18:58] S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 18:59] S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 18:59] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0dbc0d7e-d094-11dc-af51-001111c2139b}] \Shell\AutoRun\command - setupSNK.exe *Newly Created Service* - EMPROXY *Newly Created Service* - IPFILTERDRIVER *Newly Created Service* - MCAFEE_HACKERWATCH_SERVICE *Newly Created Service* - MCLOGMANAGERSERVICE *Newly Created Service* - MCMISPUPDMGR *Newly Created Service* - MCNASVC *Newly Created Service* - MCODS *Newly Created Service* - MCPROMGR *Newly Created Service* - MCREDIRECTOR *Newly Created Service* - MCSHIELD *Newly Created Service* - MCSYSMON *Newly Created Service* - MCTSKSHD.EXE *Newly Created Service* - MCUSRMGR *Newly Created Service* - MFEAVFK *Newly Created Service* - MFEBOPK *Newly Created Service* - MFEHIDK *Newly Created Service* - MFERKDK *Newly Created Service* - MFESMFK *Newly Created Service* - MPFP *Newly Created Service* - MPFSERVICE . Contents of the 'Scheduled Tasks' folder "2008-02-02 20:48:37 C:\WINDOWS\Tasks\McDefragTask.job" - C:\WINDOWS\system32\defrag.exe "2008-02-02 20:48:35 C:\WINDOWS\Tasks\McQcTask.job" - c:\program\mcafee\mqc\QcConsol.exe.4158 0 . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-02 22:53:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-02 22:53:51 ComboFix-quarantined-files.txt 2008-02-02 21:53:43 ComboFix2.txt 2008-02-02 21:49:55 ComboFix3.txt 2008-02-02 21:46:41 ComboFix4.txt 2008-02-02 20:46:23 . 2008-01-29 21:05:20 --- E O F --- [/log] Och till sist en ny Hijack logg: [log]Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 22:57:02, on 2008-02-02 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\LckFldService.exe C:\Program\NetLimiter 2 Pro\nlsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Java\jre1.6.0_03\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program\Alarm Me\AlarmMe.exe C:\Program\Analog Devices\Core\smax4pnp.exe C:\Program\NetLimiter 2 Pro\NLClient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\DAEMON Tools\daemon.exe C:\Program\Messenger\msmsgs.exe C:\WINDOWS\system32\winsrs.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\iPod\bin\iPodService.exe C:\Program\McAfee\MSC\mcpromgr.exe C:\Program\McAfee\MSC\mcusrmgr.exe C:\Program\McAfee\MSC\mcupdmgr.exe C:\Program\McAfee\MSC\mclogsrv.exe C:\Program\McAfee\MSC\mctskshd.exe c:\program\mcafee.com\agent\mcagent.exe c:\program\delade filer\mcafee\mna\mcnasvc.exe C:\Program\McAfee\VIRUSS~1\mcshield.exe C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe C:\Program\McAfee\VIRUSS~1\mcods.exe C:\Program\McAfee\MPF\MPFSrv.exe C:\Program\Mozilla Firefox\firefox.exe c:\program\mcafee\msc\mcuimgr.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Mattias\Skrivbord\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program\SiteAdvisor\SiteAdv.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program\SiteAdvisor\SiteAdv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AlarmMe] "C:\Program\Alarm Me\AlarmMe.exe" "-h" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WIndos Update] winsrs.exe O4 - HKLM\..\RunServices: [WIndos Update] winsrs.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Comrade.exe] C:\Program\GameSpy\Comrade\Comrade.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\Program\McAfee\MSC\mclogsrv.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\Program\McAfee\MSC\mctskshd.exe O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcusrmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program\NetLimiter 2 Pro\nlsvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 8867 bytes [/log]
  12. ComBo Fix logg. (xtrmsupra.exe.zip o.s.v är filer som skickades via msn till mina kompisar då det var installerat) [log]ComboFix 08-02.03.1 - Mattias 2008-02-02 21:43:30.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.668 [GMT 1:00] Running from: G:\Mattias\Program\ComboFix\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-01-02 to 2008-02-02 ))))))))))))))))))))))))))))))) . 2008-02-02 21:18 . 2006-09-05 18:59 97,088 -ra------ C:\WINDOWS\system32\drivers\se58mdm.sys 2008-02-02 21:18 . 2006-09-05 18:59 9,360 -ra------ C:\WINDOWS\system32\drivers\se58mdfl.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cmnt.sys 2008-02-02 21:18 . 2006-09-05 19:00 6,240 -ra------ C:\WINDOWS\system32\drivers\se58cm.sys 2008-02-02 21:09 . 2008-02-02 21:09 741,102 --a------ C:\WINDOWS\nirvana_maggot.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,100 --a------ C:\WINDOWS\oskuldforlife.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,100 --a------ C:\WINDOWS\mats_joensson.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,098 --a------ C:\WINDOWS\sandra_lilja.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,098 --a------ C:\WINDOWS\oliviaflasch.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,096 --a------ C:\WINDOWS\rap_cs_alex.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,096 --a------ C:\WINDOWS\lina.4.life.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,094 --a------ C:\WINDOWS\hi_im_lost.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,092 --a------ C:\WINDOWS\xtrmsupra.exe.zip 2008-02-02 21:09 . 2008-02-02 21:09 741,092 --a------ C:\WINDOWS\snoddas93.exe.zip 2008-02-02 21:08 . 2008-02-02 21:09 741,094 --a------ C:\WINDOWS\pic0382.zip 2008-02-02 21:08 . 2008-02-02 21:08 741,086 --a------ C:\WINDOWS\jojjet.exe.zip 2008-02-02 21:01 . 2008-02-02 21:01 <KAT> d-------- C:\Program\Disc2Phone 2008-02-02 20:59 . 2006-09-05 18:58 61,536 -ra------ C:\WINDOWS\system32\drivers\se58bus.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58whnt.sys 2008-02-02 20:59 . 2006-09-05 18:58 5,872 -ra------ C:\WINDOWS\system32\drivers\se58wh.sys 2008-02-01 19:25 . 2008-02-01 19:25 <KAT> dr-h----- C:\Documents and Settings\Therese\Application Data\SecuROM 2008-02-01 18:51 . 2008-02-01 19:21 <KAT> d-------- C:\Program\EA GAMES 2008-02-01 18:51 . 2005-02-26 06:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2008-02-01 18:27 . 2008-02-01 18:27 1,409 --a------ C:\WINDOWS\system32\tmp08005.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpE30F2.FOT 2008-02-01 18:25 . 2008-02-01 18:25 1,409 --a------ C:\WINDOWS\system32\tmpC90F2.FOT 2008-02-01 14:52 . 2008-02-01 14:52 <KAT> d-------- C:\Program\GameSpy 2008-02-01 14:51 . 2008-02-01 14:51 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-02-01 14:51 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-02-01 14:51 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-02-01 14:51 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2008-02-01 14:51 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2008-02-01 14:51 . 2008-02-01 14:51 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-02-01 14:51 . 2008-02-01 14:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-02-01 14:51 . 2008-02-01 14:51 22,328 --a------ C:\Documents and Settings\Mattias\Application Data\PnkBstrK.sys 2008-02-01 14:50 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-02-01 14:50 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2008-02-01 14:39 . 2008-02-01 14:39 <KAT> d-------- C:\Program\Electronic Arts 2008-01-31 21:55 . 2007-12-04 15:44 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Program\SystemRequirementsLab 2008-01-31 21:24 . 2008-01-31 21:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\SystemRequirementsLab 2008-01-31 19:44 . 2008-01-31 19:44 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\AdobeUM 2008-01-31 08:06 . 2008-01-31 08:06 <KAT> d-------- C:\Program\Alarm Me 2008-01-29 22:01 . 2008-01-29 22:01 335 --a------ C:\WINDOWS\mozregistry.dat 2008-01-29 20:45 . 2008-01-29 20:45 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-01-29 20:44 . 2008-01-29 20:44 <KAT> d-------- C:\Program\Delade filer\Adobe Systems Shared 2008-01-29 20:38 . 2008-01-29 20:38 <KAT> d-------- C:\Program\MyPhoneExplorer 2008-01-29 20:38 . 2008-01-29 20:39 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MyPhoneExplorer 2008-01-29 20:01 . 2008-01-29 20:01 <KAT> d-------- C:\Program\Notepad++ 2008-01-29 20:01 . 2008-01-29 20:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\Notepad++ 2008-01-29 18:51 . 2008-01-29 18:51 1,409 --a------ C:\WINDOWS\system32\tmp35AF8.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp510CF.FOT 2008-01-29 18:41 . 2008-01-29 18:41 1,409 --a------ C:\WINDOWS\system32\tmp430CF.FOT 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:31 . 2008-01-28 19:32 <KAT> d-------- C:\Documents and Settings\Päronen\cbt 2008-01-28 19:10 . 2008-01-31 08:07 <KAT> d-------- C:\Program\MilkShape 3D 1.8.0 2008-01-28 19:10 . 2008-01-28 19:21 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\MilkShape 3D 1.x.x 2008-01-28 19:10 . 2008-01-28 19:21 4 --a------ C:\Documents and Settings\All Users\Application Data\463DC390.DAT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp70CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp55CDA.FOT 2008-01-28 16:07 . 2008-01-28 16:07 1,409 --a------ C:\WINDOWS\system32\tmp2CB0B.FOT 2008-01-27 21:50 . 2008-01-27 22:44 <KAT> d--h----- C:\LGFolder 2008-01-27 21:48 . 2008-01-27 21:53 <KAT> d-------- C:\Program\LG PC Suite 2008-01-27 21:48 . 2008-01-27 21:48 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LG Electronics 2008-01-27 21:46 . 2008-01-27 21:46 <KAT> d-------- C:\Program\LG Electronics 2008-01-27 21:46 . 2005-06-24 18:36 39,036 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys 2008-01-27 21:46 . 2005-05-26 11:01 38,144 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys 2008-01-27 21:46 . 2005-05-26 11:01 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys 2008-01-27 14:05 . 2008-02-01 14:41 <KAT> d-------- C:\Documents and Settings\Mattias\Shared 2008-01-27 14:05 . 2008-02-01 14:42 <KAT> d-------- C:\Documents and Settings\Mattias\Incomplete 2008-01-27 14:04 . 2008-01-27 14:04 <KAT> d-------- C:\Program\LimeWire 2008-01-27 14:04 . 2008-02-01 14:37 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\LimeWire 2008-01-27 12:58 . 2008-01-27 12:58 1,409 --a------ C:\WINDOWS\system32\tmp1DEB0.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpD564B.FOT 2008-01-27 12:52 . 2008-01-27 12:52 1,409 --a------ C:\WINDOWS\system32\tmpC864B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp49A5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp10B5B.FOT 2008-01-27 11:08 . 2008-01-27 11:08 1,409 --a------ C:\WINDOWS\system32\tmp04F8B.FOT 2008-01-26 14:11 . 2008-01-26 14:11 <KAT> d-------- C:\Program\uTorrent 2008-01-26 14:11 . 2008-01-26 14:14 <KAT> d-------- C:\Program\GTASA-Ultimate Editor 2008-01-26 14:11 . 2008-02-02 12:24 <KAT> d-------- C:\Documents and Settings\Mattias\Application Data\uTorrent 2008-01-26 14:11 . 2008-01-26 14:11 249,856 --------- C:\WINDOWS\Setup1.exe 2008-01-26 14:11 . 2008-01-26 14:11 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-01-26 12:52 . 2008-01-26 12:52 <KAT> d-------- C:\Programmi 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-01-26 08:09 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-01-26 08:09 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-01-26 08:08 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-01-25 23:06 . 2008-01-25 23:06 <KAT> d-------- C:\Program\MSXML 4.0 2008-01-25 19:33 . 2008-01-25 19:33 <KAT> d-------- C:\Documents and Settings\Therese\Application Data\Talkback 2008-01-25 19:26 . 2008-02-01 19:25 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2008-01-25 19:20 . 2008-01-25 19:20 <KAT> d-------- C:\WINDOWS\system32\URTTemp 2008-01-25 18:52 . 2008-01-25 18:52 <KAT> d-------- C:\WINDOWS\San Andreas Mod Installer 2008-01-25 18:52 . 2008-01-25 18:53 <KAT> d-------- C:\Program\San Andreas Mod Installer 2008-01-25 18:17 . 2008-01-25 18:17 <KAT> d-------- C:\Program\Rockstar Games . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-02 20:40 --------- d-----w C:\Program\ESET 2008-01-29 19:44 --------- d-----w C:\Program\Delade filer\Adobe 2008-01-29 14:52 --------- d-----w C:\Program\epson 2008-01-27 20:55 --------- d-----w C:\Program\Game_Maker6 2008-01-27 20:53 --------- d--h--w C:\Program\InstallShield Installation Information 2008-01-24 20:53 --------- d-----w C:\Program\Google 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\SpeechEngines 2008-01-23 21:25 --------- d-----w C:\Program\Delade filer\ODBC 2008-01-23 21:24 --------- d-----w C:\Program\NetLimiter 2 Pro 2008-01-23 21:24 --------- d-----w C:\Program\Delade filer\Logitech 2008-01-23 21:23 --------- d-----w C:\Program\Delade filer\InstallShield 2008-01-23 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Locktime 2008-01-23 21:19 --------- d-----w C:\Program\iTunes 2008-01-23 21:19 --------- d-----w C:\Program\iPod 2008-01-23 21:19 --------- d-----w C:\Program\Guitar Pro 5 2008-01-23 21:19 --------- d-----w C:\Documents and Settings\Mattias\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Program\QuickTime 2008-01-23 21:18 --------- d-----w C:\Program\Delade filer\Apple 2008-01-23 21:18 --------- d-----w C:\Program\Apple Software Update 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-01-23 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-01-23 21:14 --------- d-----w C:\Program\Microsoft ActiveSync 2008-01-23 21:13 --------- d-----w C:\Program\Teslain Crypto 2008-01-23 21:06 --------- d-----w C:\Program\Java 2008-01-23 21:06 --------- d-----w C:\Program\Delade filer\Java 2008-01-23 21:02 --------- d-----w C:\Program\CCleaner 2008-01-23 20:59 --------- d-----w C:\Program\FolderAccess 2008-01-23 20:56 --------- d-----w C:\Program\Broadcom 2008-01-23 20:56 --------- d-----w C:\Program\Analog Devices 2008-01-23 20:35 --------- d-----w C:\Program\microsoft frontpage 2008-01-23 20:33 --------- d-----w C:\Program\Onlinetjänster 2008-01-23 20:32 --------- d-----w C:\Program\Delade filer\MSSoap 2007-11-07 09:29 722,432 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-06-13 13:23 740,968 --sh--r C:\WINDOWS\system32\winsrs.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:34 15360] "MsnMsgr"="C:\Program\MSN Messenger\MsnMsgr.exe" [ ] "swg"="C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-25 19:33 68856] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 13:49 153136] "DAEMON Tools"="C:\Program\DAEMON Tools\daemon.exe" [2006-11-12 11:48 157592] "MSMSGS"="C:\Program\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "Comrade.exe"="C:\Program\GameSpy\Comrade\Comrade.exe" [2007-06-29 15:03 36864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "nwiz"="nwiz.exe" [2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 01:07 81920] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" [2007-09-26 14:42 267064] "EPSON Stylus Photo RX420 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [2004-04-09 04:00 98304] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184] "NeroFilterCheck"="C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53 153136] "AlarmMe"="C:\Program\Alarm Me\AlarmMe.exe" [2007-03-03 16:00 2102272] "SoundMAXPnP"="C:\Program\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42 1404928] "WIndos Update"="winsrs.exe" [2007-06-13 14:23 740968 C:\WINDOWS\system32\winsrs.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "WIndos Update"="winsrs.exe" [2007-06-13 14:23 740968 C:\WINDOWS\system32\winsrs.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:34 15360] R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 12:03] S3 se58bus;Sony Ericsson Device 088 driver (WDM);C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 18:58] S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 18:59] S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 18:59] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-02 21:45:56 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-02 21:46:23 . 2008-01-29 21:05:20 --- E O F --- [/log]
  13. Min dator har börjat göra konstiga saker bl a med Msn Messenger så jag avinstallerade msn. Jag bifogar en HiJackThis logg. Kan någon expert här titta till den och kanske ge lite tips om vad jag ska göra härnäst. Hijack This Logg: [log]Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 21:25:07, on 2008-02-02 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LckFldService.exe C:\Program\NetLimiter 2 Pro\nlsvc.exe C:\Program\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Eset\nod32kui.exe C:\Program\Java\jre1.6.0_03\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program\Alarm Me\AlarmMe.exe C:\Program\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\DAEMON Tools\daemon.exe C:\Program\Messenger\msmsgs.exe C:\Program\NetLimiter 2 Pro\NLClient.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\iPod\bin\iPodService.exe C:\WINDOWS\system32\winsrs.exe C:\Program\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\msiexec.exe C:\Program\Mozilla Firefox\firefox.exe C:\Documents and Settings\Mattias\Skrivbord\HiJackThis_v2\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AlarmMe] "C:\Program\Alarm Me\AlarmMe.exe" "-h" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WIndos Update] winsrs.exe O4 - HKLM\..\RunServices: [WIndos Update] winsrs.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Comrade.exe] C:\Program\GameSpy\Comrade\Comrade.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program\NetLimiter 2 Pro\nlsvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 6896 bytes [/log]
  14. Hej! Jag köpte idag ett 5.1 högtalarsystem från Philips. Men när allt är ihopkopplat enligt instruktionsboken så hör man inte Center högtalaren. När jag går in och väljer högtalarvolym (Start-Kontrollpanelen-Ljud-Högtalarvolym) så finns där bara "Höger", "Vänster". Men alla låter utom Center. Spec. Dell Dimension 8400 Intel Pentium 4 CPU 3.00 GHz 1024 RAM 180 GB hårddisk SoundMAX Digital Audio Ljudkortsdriver från Dell. (R94481) Någon som vet något? Mvh Mattias
  15. jag löste det efter ganska lång research! Här är en tutorial av mig (Engelska): http://forums.se-nse.net/index.php?showtopic=19233&hl=cribzor&st=20 Ha det bra!
  16. Jag har ett stort problem! Hur kommer man in i Quick Mask Mode i Photoshop Elements 6? Har provat allt känns det som! Det är riktigt störigt att inte ha det Tacksam för svar!
  17. ingen som vet något? Iallafall vad det kallas?
  18. Hej! Min kompis och min flickväns mamma har båda nyare samsung telefoner. De har en bakgrundsbild som ändrar väder och när det blir mörkt ute på riktigt blir det mörkt på telefon-bilden. Detta är ju hur coolt som helst! Var kan jag fixa en sådan bakgrund? Jag har Sony Ericsson W850i. Mvh Mattias [inlägget ändrat 2007-11-28 18:09:43 av tankado]
  19. tankado

    VMware speed

    Okej, Men jag får det nog aldrig att funka 100% för jag har just upptäckt att det inte ser ut att finnas 2 gig RAM till min dator.
  20. tankado

    VMware speed

    Jag tror jag löste problemet med tur, jag hade MAc tiger x86 VMware klarar väl bara x32? Så då går det inte att köra?
  21. tankado

    VMware speed

    Men jag har ju 1024 MB i intern. Kan man inte köra igång 1024 i VMware ändå? Om man skulle behöva nytt så går det att köpa på t ex Kjell o Company rätt billigt? /tankado
  22. tankado

    VMware speed

    Hej! Finns det något sätt att snabba upp WMvare på WinXP när man kör ett virtuellt operativsystem? Jag försöker med Mac OS X Tiger men det går OTROOOLIGT segt. Dell Dimension 8400 1024 MB RAM 120 GB Hårddisk Nvidia GeForce 6 Series /Tankado
  23. Det hade jag gjort.. McAffe hittade inte felet. Men jag formaterade om datorn och fick idag bekräftat från Comhem att jag hade haft virus, så dom hade stängt ner bredbandet hos mig.
  24. Ni tror inte ni skulle kunna tipsa om någon sida på hur man gör detta? [inlägget ändrat 2007-11-01 20:33:27 av tankado]
  25. Jag har ett problem. När jag startar vilken webbläsare som helst och skriver in t ex http://google.se/ så får jag bara "Sidan kan inte visas" detta gäller de flesta sidor. Men om jag sen trycker uppdatera 3-4 gånger så fungerar det helt plötsligt igen. Tacksam för hjälp! /tankado
×
×
  • Skapa nytt...