Nå - fik en form for log ud af det, ved ikke om det er den rigtige, men her kommer de alle 3:
ComboFix:
ComboFix 08-06-19.4 - Bo Mortensen 2008-06-20 21:19:51.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1458 [GMT 2:00]
Running from: C:\Documents and Settings\Bo Mortensen\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\AKlmlUvw.ini
C:\WINDOWS\system32\AKlmlUvw.ini2
C:\WINDOWS\system32\awtqrOiI.dll
C:\WINDOWS\system32\fovetsqr.dll
C:\WINDOWS\system32\iifgGwwt.dll
C:\WINDOWS\system32\mkusxugc.ini
C:\WINDOWS\system32\sykslbse.ini
C:\WINDOWS\system32\twwGgfii.ini
C:\WINDOWS\system32\twwGgfii.ini2
C:\WINDOWS\system32\ycenapcc.ini
.
((((((((((((((((((((((((( Files Created from 2008-05-20 to 2008-06-20 )))))))))))))))))))))))))))))))
.
2008-06-20 21:23 . 2008-06-20 21:23 294 ---hs---- C:\WINDOWS\system32\ycenapcc.ini
2008-06-20 21:17 . 2008-06-20 21:17 79,872 --a------ C:\WINDOWS\system32\ccpanecy.dll
2008-06-20 21:14 . 2008-06-20 21:14 99,328 --a------ C:\WINDOWS\system32\wvjoyiij.dll
2008-06-20 21:12 . 2008-06-20 21:12 90,624 --a------ C:\WINDOWS\system32\sxtuvbgx.dll
2008-06-20 20:38 . 2008-06-20 20:38 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-06-20 20:38 . 2008-06-20 20:38 <DIR> d-------- C:\Documents and Settings\Administrator
2008-06-20 20:35 . 2008-06-20 20:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-20 20:34 . 2008-06-20 21:16 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-20 20:34 . 2008-06-20 20:34 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\Application Data\SUPERAntiSpyware.com
2008-06-20 20:29 . 2008-06-20 20:29 <DIR> d-------- C:\Program Files\CCleaner
2008-06-20 19:05 . 2008-06-20 19:05 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-20 18:24 . 2008-06-20 18:24 37,473 --a------ C:\WINDOWS\system32\muzika.xm
2008-06-20 16:19 . 2008-06-20 16:19 <DIR> d-------- C:\TEMP
2008-06-20 15:45 . 2008-06-20 15:45 <DIR> d-------- C:\Program Files\Alwil Software
2008-06-20 13:26 . 2008-06-20 13:26 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-20 13:26 . 2008-06-20 13:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-20 13:25 . 2008-06-20 20:34 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-20 09:45 . 2008-06-20 09:45 79,360 --a------ C:\WINDOWS\system32\cguxsukm.dll
2008-06-20 09:42 . 2008-06-20 21:22 110,419 --a------ C:\WINDOWS\BM072618de.xml
2008-06-20 09:42 . 2008-06-20 09:42 90,112 --a------ C:\WINDOWS\system32\rnpinjwh.dll
2008-06-19 14:41 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-06-14 22:33 . 2008-06-14 22:33 <DIR> d-------- C:\Program Files\Acoustica Shared Effects
2008-06-14 22:33 . 2008-06-14 22:33 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\Application Data\Acoustica
2008-06-14 22:33 . 2007-08-07 11:32 57,344 --a------ C:\WINDOWS\system32\Wnaspint.dll
2008-06-14 22:22 . 2008-06-14 22:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Acoustica
2008-06-14 22:21 . 2008-06-14 22:33 <DIR> d-------- C:\Program Files\Acoustica Mixcraft 4
2008-06-14 21:45 . 2008-06-14 21:45 <DIR> d-------- C:\Program Files\ASIO4ALL v2
2008-06-14 21:30 . 2008-06-14 21:30 <DIR> d-------- C:\Audio
2008-06-14 21:29 . 2008-06-14 21:29 <DIR> d-------- C:\Program Files\M-Audio USB Keyboard Device
2008-06-14 21:29 . 2008-06-14 21:29 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\Application Data\Steinberg
2008-06-14 21:29 . 2008-06-14 21:29 724,992 --a------ C:\WINDOWS\iun6002.exe
2008-06-14 21:29 . 2008-06-14 21:29 82,944 --a------ C:\WINDOWS\system32\usbkt1x1.dll
2008-06-14 21:29 . 2008-06-14 21:29 22,304 --a------ C:\WINDOWS\system32\drivers\usbkt1x1.sys
2008-06-14 21:29 . 2008-06-14 21:29 13,504 --a------ C:\WINDOWS\system32\drivers\uks11ldr.sys
2008-06-14 21:26 . 2008-06-14 21:26 <DIR> d-------- C:\Program Files\Steinberg
2008-06-14 21:25 . 2008-06-14 21:25 <DIR> d-------- C:\Program Files\Syncrosoft
2008-06-14 21:25 . 2005-10-17 09:35 704,512 --a------ C:\WINDOWS\system32\SYNSOACC.dll
2008-06-14 21:25 . 2004-05-10 15:58 147,456 --a------ C:\WINDOWS\system32\SynsoLChk.dll
2008-06-14 21:25 . 2003-07-31 20:28 147,425 --a------ C:\WINDOWS\system32\SYNSOACC-Aide.chm
2008-06-14 21:25 . 2003-05-26 15:29 120,468 --a------ C:\WINDOWS\system32\SYNSOACC-Hilfe.chm
2008-06-14 21:25 . 2003-05-26 15:29 114,279 --a------ C:\WINDOWS\system32\SYNSOACC-Help.chm
2008-06-14 21:25 . 2002-11-25 08:36 45,056 --a------ C:\WINDOWS\system32\Synsopos.exe
2008-06-14 21:25 . 2005-05-09 20:08 33,792 --a------ C:\WINDOWS\system32\drivers\cledx.sys
2008-06-14 21:25 . 2002-11-25 05:46 16,896 --a------ C:\WINDOWS\system32\drivers\synasUSB.sys
2008-06-14 14:08 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-06-12 19:40 . 2008-04-14 13:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-12 19:40 . 2008-04-14 13:01 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-07 11:04 . 2008-06-07 11:04 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\Application Data\vlc
2008-06-07 11:03 . 2008-06-07 11:03 <DIR> d-------- C:\Program Files\VideoLAN
2008-06-01 18:05 . 2008-06-01 18:05 <DIR> d-------- C:\Program Files\WinEdt Team
2008-05-31 00:12 . 2008-05-31 00:12 <DIR> d-------- C:\Program Files\FLV Player
2008-05-24 11:09 . 2008-05-24 11:09 <DIR> d-------- C:\ubuntu
2008-05-24 10:58 . 2008-05-24 10:58 <DIR> d-------- C:\Program Files\Skype
2008-05-24 10:58 . 2008-05-24 10:58 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-05-24 10:58 . 2008-06-20 17:07 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\Application Data\skypePM
2008-05-24 10:58 . 2008-06-20 21:07 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\Application Data\Skype
2008-05-24 10:58 . 2008-05-24 10:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-05-24 10:58 . 2008-05-24 10:58 48 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-23 13:15 . 2008-05-23 13:20 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\.SunDownloadManager
2008-05-23 13:12 . 2008-05-23 13:20 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\.nbi
2008-05-22 22:43 . 2008-05-22 22:43 <DIR> d-------- C:\WINDOWS\ShellNew
2008-05-22 22:43 . 2008-05-22 22:43 <DIR> d-------- C:\Documents and Settings\Bo Mortensen\Application Data\Microsoft Web Folders
2008-05-22 22:43 . 2008-06-20 18:22 478 --a------ C:\WINDOWS\ODBC.INI
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 14:16 --------- d-----w C:\Documents and Settings\Bo Mortensen\Application Data\uTorrent
2008-06-19 00:05 --------- d-----w C:\Program Files\Tortun
2008-06-14 12:09 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-09 23:25 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-09 23:25 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-05-22 20:43 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-17 00:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-17 00:48 --------- d-----w C:\Program Files\CyberLink
2008-05-17 00:48 --------- d-----w C:\Program Files\Common Files\CyberLink
2008-05-17 00:48 --------- d-----w C:\Documents and Settings\Bo Mortensen\Application Data\CyberLink
2008-05-17 00:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-05-17 00:47 29,480 ----a-w C:\WINDOWS\system32\msxml3a.dll
2008-05-16 21:10 --------- d-----w C:\Program Files\Java
2008-05-16 21:08 --------- d-----w C:\Program Files\Common Files\Java
2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-15 18:51 --------- d-----w C:\Documents and Settings\Bo Mortensen\Application Data\PSpad
2008-05-15 15:45 --------- d-----w C:\Program Files\PSPad editor
2008-05-15 14:54 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2008-05-12 01:24 --------- d-----w C:\Documents and Settings\Bo Mortensen\Application Data\DivX
2008-05-12 01:11 --------- d-----w C:\Program Files\Winamp
2008-05-12 01:11 --------- d-----w C:\Documents and Settings\Bo Mortensen\Application Data\Winamp
2008-05-12 01:07 --------- d-----w C:\Program Files\DivX
2008-05-11 15:09 --------- d-----w C:\Documents and Settings\Bo Mortensen\Application Data\REAPER
2008-05-11 13:14 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-05-11 13:09 --------- d-----w C:\Program Files\VstPlugins
2008-05-11 13:09 --------- d-----w C:\Program Files\Common Files\DigiDesign
2008-05-11 12:49 --------- d-----w C:\Program Files\Toontrack
2008-05-11 12:43 --------- d-----w C:\Program Files\REAPER
2008-05-11 12:37 --------- d-----w C:\Program Files\MagicISO
2008-05-11 11:43 --------- d-----w C:\Program Files\uTorrent
2008-05-10 16:29 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-05-10 16:25 22,328 ----a-w C:\Documents and Settings\Bo Mortensen\Application Data\PnkBstrK.sys
2008-05-10 14:34 --------- d-----w C:\Program Files\Activision
2008-05-10 10:29 --------- d-----w C:\Program Files\MSN Messenger
2008-05-10 10:21 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-10 10:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-10 10:19 --------- d-----w C:\Program Files\Windows Live
2008-05-10 02:32 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-05-10 02:32 --------- d-----w C:\Program Files\Realtek
2008-05-10 02:31 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-10 02:28 --------- d-----w C:\Documents and Settings\Bo Mortensen\Application Data\InstallShield
2008-05-10 02:22 --------- d-----w C:\Program Files\Intel
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-31 21:25 831,488 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{96E1227E-FCCA-4907-96EB-ECD58EA40149}]
C:\WINDOWS\system32\wvUlmlKA.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b9c88c19-c38e-4825-bc13-3123786b60d2}]
2008-06-20 21:14 99328 --a------ C:\WINDOWS\system32\wvjoyiij.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:54 5674352]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:45 22058792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-01-03 16:26 13508608]
"04152b42"="C:\WINDOWS\system32\ccpanecy.dll" [2008-06-20 21:17 79872]
"BM072618de"="C:\WINDOWS\system32\sxtuvbgx.dll" [2008-06-20 21:12 90624]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-06-14 14:09:17 113664]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2003-11-18 12:44:18 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"= usbkt1x1.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"C:\\Program Files\\Tortun\\gui.exe"=
"F:\\Steam\\SteamApps\\kvazr\\day of defeat\\hl.exe"=
"E:\\Games\\Steam\\SteamApps\\kvazr\\day of defeat\\hl.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};C:\Program Files\CyberLink\PowerDVD8\
000.fcl [2008-02-01 17:24]
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 20:08]
S3 UKS11LDR;M-Audio USB Keystation Loader;C:\WINDOWS\system32\drivers\uks11ldr.sys [2008-06-14 21:29]
S3 USBKT1X1;M-Audio USB Keystation;C:\WINDOWS\system32\drivers\usbkt1x1.sys [2008-06-14 21:29]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-20 21:23:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD8\
000.fcl"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2008-06-20 21:24:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-20 19:24:43
Pre-Run: 31,819,620,352 bytes free
Post-Run: 32,525,320,192 bytes free
232 --- E O F --- 2008-06-13 01:00:53
HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:18:21, on 20-06-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BM072618de] Rundll32.exe "C:\WINDOWS\system32\sxtuvbgx.dll",s
O4 - HKLM\..\Run: [04152b42] rundll32.exe "C:\WINDOWS\system32\ccpanecy.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\DOCUME~1\BOMORT~1\LOCALS~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 3490 bytes
SUPERAntiSpywayre:
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 06/20/2008 at 09:31 PM
Application Version : 4.0.1154
Core Rules Database Version : 3486
Trace Rules Database Version: 1477
Scan type : Quick Scan
Total Scan Time : 00:02:13
Memory items scanned : 337
Memory threats detected : 1
Registry items scanned : 267
Registry threats detected : 2
File items scanned : 3501
File threats detected : 2
Trojan.Downloader-NewJuan/VM
C:\WINDOWS\SYSTEM32\WVJOYIIJ.DLL
C:\WINDOWS\SYSTEM32\WVJOYIIJ.DLL
Adware.Tracking Cookie
C:\Documents and Settings\Bo Mortensen\Cookies\bo mortensen@atdmt[1].txt
Adware.Vundo Variant/Rel
HKLM\SOFTWARE\Microsoft\aoprndtws
HKU\S-1-5-21-1417001333-1220945662-839522115-1003\Software\Microsoft\rdfa
