Tony
-
Innehållsantal
137 -
Gick med
-
Besökte senast
Inlägg postade av Tony
-
-
Här kommer del två.
------- Sigcheck -------
2008-06-23 16:42 827904 763148c042469c197933ac956e566226 c:windows$hf_mig$KB953838-IE7SP2QFEwininet.dll
2008-08-26 10:12 827904 27431705f27b772f4f7903e4bf96efb2 c:windows$hf_mig$KB956390-IE7SP2QFEwininet.dll
2004-08-04 13:00 656896 9f721bd834534e75661d8f9bd1efdcd7 c:windows$NtServicePackUninstall$wininet.dll
2008-04-14 20:34 666624 b8d98f0cdf9b1429cd95497ad9995078 c:windowsie7wininet.dll
2007-08-13 17:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:windowsie7updatesKB953838-IE7wininet.dll
2008-06-23 17:42 826368 ce365a16790ec5c5dddc78820949c02e c:windowsie7updatesKB956390-IE7wininet.dll
2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowsServicePackFilesi386wininet.dll
2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowssystem32wininet.dll
2008-08-26 09:27 826368 91a76d98b206723d21612aecbc1d65ce c:windowssystem32dllcachewininet.dll
2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsexplorer.exe
2004-08-04 13:00 1032704 87a3c8ead27cf3591713d629d8bcb990 c:windows$NtServicePackUninstall$explorer.exe
2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsServicePackFilesi386explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-11-08_10.50.26,03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-13 09:54:40 24,576 ----a-w c:windowsMcAfee.comFreeScanavdat.exe
+ 2008-07-09 03:30:00 5,444 ----a-w c:windowsMcAfee.comFreeScanconfig.dat
+ 2008-11-07 14:47:52 156,936 ----a-w c:windowsMcAfee.comFreeScanmcfscan.dll
+ 2008-07-09 03:30:00 3,092,646 ----a-w c:windowsMcAfee.comFreeScanmcscan32.dll
+ 2008-11-07 04:30:00 942,396 ----a-w c:windowsMcAfee.comFreeScannames.DAT
+ 2006-12-18 09:03:00 7,449 ----a-w c:windowsMcAfee.comFreeScanrwabs16.dll
+ 2006-12-18 09:03:10 16,921 ----a-w c:windowsMcAfee.comFreeScanrwabs32.dll
+ 2008-11-07 04:30:00 56,335,896 ----a-w c:windowsMcAfee.comFreeScanscan.DAT
- 2008-11-02 11:42:42 76,862 ----a-w c:windowssystem32perfc009.dat
+ 2008-11-08 10:30:41 76,862 ----a-w c:windowssystem32perfc009.dat
- 2008-11-02 11:42:42 88,992 ----a-w c:windowssystem32perfc01D.dat
+ 2008-11-08 10:30:41 88,992 ----a-w c:windowssystem32perfc01D.dat
- 2008-11-02 11:42:42 454,716 ----a-w c:windowssystem32perfh009.dat
+ 2008-11-08 10:30:41 454,716 ----a-w c:windowssystem32perfh009.dat
- 2008-11-02 11:42:42 456,648 ----a-w c:windowssystem32perfh01D.dat
+ 2008-11-08 10:30:41 456,648 ----a-w c:windowssystem32perfh01D.dat
+ 2008-11-09 10:13:49 16,384 ----atw c:windowsTempPerflib_Perfdata_138.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"ctfmon.exe"="c:windowssystem32ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"amd_dc_opt"="c:programAMDDual-Core Optimizeramd_dc_opt.exe" [2007-07-23 77824]
"itype"="c:programMicrosoft IntelliType Proitype.exe" [2008-06-10 1442888]
"NvCplDaemon"="c:windowssystem32NvCpl.dll" [2008-10-23 13672448]
"IntelliPoint"="c:programMicrosoft IntelliPointipoint.exe" [2008-06-10 1406024]
"F-Secure Manager"="c:programTeliaTelias sakerhetstjansterCommonFSM32.EXE" [2008-09-23 182936]
"F-Secure TNB"="c:programTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" [2008-09-23 957024]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:windowssoundman.exe]
c:documents and settingsAll UsersStart-menyProgramAutostart
Personal.lnk - c:programPersonalbinPersonal.exe [2008-09-29 910864]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"MaxRecentDocs"= 2 (0x2)
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifya441e429502]
2008-11-06 09:23 135168 c:windowssystem32dpcdll32.dll
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows]
"AppInit_DLLs"=c:windowsSystem32dpcdll32.dll
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]
"ctfmon.exe"=c:windowssystem32ctfmon.exe
[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
"UpdatesDisableNotify"=dword:00000001
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
"%windir%Network Diagnosticxpnetdiag.exe"=
"c:ProgramMicrosoft OfficeOffice12OUTLOOK.EXE"=
"c:ProgramMicrosoft OfficeOffice12GROOVE.EXE"=
"c:ProgramuTorrentuTorrent.exe"=
"c:ProgramHPDigital Imagingbinhpqtra08.exe"=
"c:ProgramHPDigital Imagingbinhpqste08.exe"=
"c:ProgramHPDigital Imagingbinhpofxm08.exe"=
"c:ProgramHPDigital Imagingbinhposfx08.exe"=
"c:ProgramHPDigital Imagingbinhposid01.exe"=
"c:ProgramHPDigital Imagingbinhpqscnvw.exe"=
"c:ProgramHPDigital Imagingbinhpqkygrp.exe"=
"c:ProgramHPDigital ImagingbinhpqCopy.exe"=
"c:ProgramHPDigital Imagingbinhpfccopy.exe"=
"c:ProgramHPDigital Imagingbinhpzwiz01.exe"=
"c:ProgramHPDigital ImagingUnloadHpqPhUnl.exe"=
"c:ProgramHPDigital ImagingUnloadHpqDIA.exe"=
"c:ProgramHPDigital Imagingbinhpoews01.exe"=
"c:ProgramHPDigital Imagingbinhpqnrs08.exe"=
"c:ProgramMicrosoft GamesGears of WarBinariesWarGame-G4WLive.exe"=
"c:WINDOWSsystem32PnkBstrA.exe"=
"c:WINDOWSsystem32PnkBstrB.exe"=
"c:ProgramElectronic ArtsCrytekCrysisBin32Crysis.exe"=
"c:ProgramElectronic ArtsCrytekCrysisBin32CrysisDedicatedServer.exe"=
"c:ProgramElectronic ArtsMedal of Honor AirborneUnrealEngine3BinariesMOHA.exe"=
"c:ProgramTHQFrontlines-Fuel of WarBinariesFFOW.exe"=
"c:ProgramUbisoftFar Cry 2binFarCry2.exe"=
"c:ProgramUbisoftFar Cry 2binFC2Launcher.exe"=
"c:ProgramUbisoftFar Cry 2binFC2Editor.exe"=
"c:WINDOWSsystem32sessmgr.exe"=
"c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Game.exe"=
"c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Launcher.exe"=
"c:ProgramActivisionCall of Duty 4 - Modern Warfareiw3mp.exe"=
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileIcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 fsbts;fsbts;c:windowssystem32Driversfsbts.sys [2008-11-02 30856]
R0 FSFW;F-Secure Firewall Driver;c:windowssystem32driversfsdfw.sys [2008-09-23 79904]
R0 nvgts;nvgts;c:windowssystem32DRIVERSnvgts.sys [2008-08-18 145952]
R0 pavboot;pavboot;c:windowssystem32driverspavboot.sys [2008-06-19 28544]
R2 JavaQuickStarterService;Java Quick Starter;c:programJavajre6binjqs.exe [2008-10-30 152984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:programMcAfeeSiteAdvisorMcSACore.exe [2008-10-08 203280]
R2 NMSAccessU;NMSAccessU;c:programCDBurnerXPNMSAccessU.exe [2008-06-15 71096]
R2 PD91Agent;PD91Agent;c:programRaxcoPerfectDisk2008PD91Agent.exe [2008-09-09 693512]
R2 UxTuneUp;TuneUp Theme Extension;c:windowsSystem32svchost.exe [2008-04-14 14336]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:programTeliaTelias sakerhetstjansterAnti-Virusminifilterfsgk.sys [2008-09-23 72288]
R3 FSORSPClient;F-Secure ORSP Client;c:programTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe [2008-09-23 55904]
S3 PD91Engine;PD91Engine;c:programRaxcoPerfectDisk2008PD91Engine.exe [2008-09-09 906504]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:windowsSystem32TuneUpDefragService.exe [2008-10-01 355584]
S4 F-Secure Filter;F-Secure File System Filter;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSfilter.sys [2008-09-23 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSrec.sys [2008-09-23 25184]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSvchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2G]
ShellAutoRuncommand - G:LaunchU3.exe -a
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ace7479c-aa5e-11dd-a583-001a921dc4b4}]
ShellAutoRuncommand - G:LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
2008-10-31 c:windowsTasksMicrosoft_Hardware_Launch_IType_exe.job
- c:programMicrosoft IntelliType Proitype.exe [2008-06-10 12:56]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-09 11:28:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: c:windowssystem32winlogon.exe
-> c:windowsSystem32dpcdll32.dll
PROCESS: c:windowssystem32lsass.exe
-> c:windowsSystem32dpcdll32.dll
PROCESS: c:windowsexplorer.exe
-> c:programMcAfeeSiteAdvisorsaHook.dll
-> c:windowsSystem32dpcdll32.dll
-> c:windowssystem321543.tmp
.
Completion time: 2008-11-09 11:29:28
ComboFix-quarantined-files.txt 2008-11-09 10:29:24
ComboFix2.txt 2008-11-09 10:10:34
ComboFix3.txt 2008-11-08 13:10:43
ComboFix4.txt 2008-11-08 09:50:44
Pre-Run: 294 424 633 344 byte ledigt
Post-Run: 294,409,621,504 byte ledigt
394
-
Här kommer loggan.
Den är så stor att jag måste dela den i två.
ComboFix 08-11-07.01 - Administratör 2008-11-09 11:25:27.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.2482 [GMT 1:00]
Running from: c:documents and settingsAdministratörSkrivbordComboFix.exe
Command switches used :: c:documents and settingsAdministratörSkrivbordCFScript.txt
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-10-09 to 2008-11-09 )))))))))))))))))))))))))))))))
.
2008-11-08 11:56 . 2008-11-08 11:56 <KAT> d-------- c:windowsMcAfee.com
2008-11-08 11:29 . 2008-11-08 11:33 <KAT> d-a------ c:documents and settingsAll UsersApplication DataTEMP
2008-11-07 11:37 . 2008-11-07 11:37 <KAT> d-------- c:programTrend Micro
2008-11-07 07:09 . 2008-11-07 07:09 <KAT> d--hs---- c:windowssystem32GroupPolicyManifest
2008-11-06 21:30 . 2008-11-07 11:11 <KAT> d-------- c:programPanda Security
2008-11-06 21:30 . 2008-06-19 17:24 28,544 --a------ c:windowssystem32driverspavboot.sys
2008-11-06 20:34 . 2008-11-06 20:36 <KAT> d-------- c:programSpybot - Search & Destroy
2008-11-06 09:35 . 2008-11-07 07:26 8,230 --a------ c:windowsGnuHashes.ini
2008-11-06 09:23 . 2008-11-06 09:23 318,976 --ahs---- c:windowssystem321543.tmp
2008-11-06 09:23 . 2008-11-06 09:23 135,168 --a------ c:windowssystem32dpcdll32.dll
2008-11-06 09:23 . 2008-11-07 07:09 1,397 --ahs---- c:windowssystem32GroupPolicy000.dat
2008-11-06 07:55 . 2008-11-09 11:23 39,175 --a------ c:windows_DETMP.1
2008-11-05 07:05 . 2008-11-05 13:06 <KAT> d-------- c:programMcAfee
2008-11-05 07:05 . 2008-11-05 07:05 <KAT> d-------- c:programDelade filerMcAfee
2008-11-04 14:09 . 2008-11-04 14:11 <KAT> d-------- c:documents and settingsAdministratörApplication DataU3
2008-11-02 12:47 . 2008-11-02 12:47 30,856 --a------ c:windowssystem32driversfsbts.sys
2008-11-02 12:42 . 2008-11-02 12:42 <KAT> d-------- c:programTelia
2008-11-02 12:42 . 2008-09-23 14:35 79,904 --a------ c:windowssystem32driversfsdfw.sys
2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans
2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans
2008-11-02 12:04 . 2008-11-02 12:04 <KAT> d-------- c:programMicrosoft Baseline Security Analyzer 2
2008-11-02 10:55 . 2008-11-02 10:55 <KAT> d-------- c:programMicrosoft IntelliPoint
2008-11-02 10:55 . 2008-06-10 13:04 31,048 --a------ c:windowssystem32driverspoint32.sys
2008-11-02 10:41 . 2008-11-02 10:41 <KAT> d-------- c:programIObit
2008-11-01 16:52 . 2008-11-01 16:52 <KAT> d-------- c:programCCleaner
2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:programUniblue
2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d--h-c--- c:documents and settingsAll UsersApplication Data{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:documents and settingsAdministratörApplication DataUniblue
2008-10-31 10:23 . 2008-10-31 10:23 <KAT> d-------- c:programMicrosoft IntelliType Pro
2008-10-30 21:17 . 2008-10-30 21:17 410,976 --a------ c:windowssystem32deploytk.dll
2008-10-30 20:56 . 2008-10-30 20:56 <KAT> d-------- c:documents and settingsAdministratörApplication DataInstallShield
2008-10-30 20:56 . 2006-07-01 23:21 43,520 --a------ c:windowssystem32driversAmdK8.sys
2008-10-30 11:14 . 2008-10-30 11:20 20 --a------ c:windowssystem32PDBootState
2008-10-30 10:12 . 2008-10-30 10:12 <KAT> d-------- c:programRealtek AC97
2008-10-29 13:23 . 2005-07-26 07:02 923,520 --a------ c:windowssystem32driversnvmcp.sys
2008-10-29 13:23 . 2005-07-26 07:01 415,360 --a------ c:windowssystem32driversnvapu.sys
2008-10-29 13:23 . 2005-07-26 07:02 66,688 --a------ c:windowssystem32driversnvarm.sys
2008-10-29 13:23 . 2005-07-26 07:02 54,272 --a------ c:windowssystem32nvopenal.dll
2008-10-29 13:23 . 2005-07-26 06:58 53,376 --a------ c:windowssystem32driversnvax.sys
2008-10-29 13:23 . 2005-07-20 17:08 33,280 --a------ c:windowssystem32NVCOAD.DLL
2008-10-29 13:23 . 2005-07-26 07:02 30,208 --a------ c:windowssystem32nvasio.dll
2008-10-29 13:23 . 2005-07-26 07:02 21,504 --a------ c:windowssystem32OpenAL32.dll
2008-10-29 13:23 . 2005-07-26 07:02 7,680 --a------ c:windowssystem32nvack.dll
2008-10-29 13:23 . 2005-07-26 07:02 5,120 --a------ c:windowssystem32ALut.dll
2008-10-29 09:37 . 2008-10-29 09:37 <KAT> d-------- c:windows74224F8D4A1748169EDB7BB854DE532C.TMP
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx0c.dll
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx07.dll
2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:windowssystem32divx_xx0a.dll
2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:windowssystem32divx_xx11.dll
2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:windowssystem32divxdec.ax
2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:windowssystem32DivX.dll
2008-10-28 11:06 . 2008-10-28 11:06 107,888 --a------ c:windowssystem32CmdLineExt.dll
2008-10-28 10:41 . 2008-10-30 10:34 <KAT> d-------- c:programUbisoft
2008-10-28 08:12 . 2008-10-28 08:12 <KAT> dr-h----- c:documents and settingsAdministratörApplication DataSecuROM
2008-10-27 20:35 . 2008-10-22 16:10 38,496 --a------ c:windowssystem32driversmbamswissarmy.sys
2008-10-27 20:35 . 2008-10-22 16:10 15,504 --a------ c:windowssystem32driversmbam.sys
2008-10-27 19:59 . 2007-06-29 14:47 34,304 --a------ c:windowssystem32driversAmdLLD.sys
2008-10-27 19:29 . 2008-10-27 19:29 <KAT> d-------- c:programHDD Health
2008-10-25 11:35 . 2008-10-27 19:29 <KAT> d-------- c:programMicrosoft CAPICOM 2.1.0.2
2008-10-24 16:06 . 2008-10-27 20:36 <KAT> d-------- c:programMalwarebytes' Anti-Malware
2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAll UsersApplication DataMalwarebytes
2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAdministratörApplication DataMalwarebytes
2008-10-16 19:42 . 2008-10-16 19:42 <KAT> d--h----- c:windowsPIF
2008-10-14 10:17 . 2008-10-14 10:17 <KAT> d-------- c:documents and settingsAdministratörApplication DataApple Computer
2008-10-14 08:45 . 2008-04-14 20:34 221,184 --a------ c:windowssystem32wmpns.dll
2008-10-14 06:40 . 2008-10-14 06:40 <KAT> d-------- c:programJoshMadison
2008-10-13 09:56 . 2008-10-13 09:56 70,936 --a------ c:windowssystem32PhysXLoader.dll
2008-10-13 06:16 . 2008-10-13 06:16 250 --a------ c:windowsgmer.ini
2008-10-12 10:10 . 2008-10-27 19:59 <KAT> d-------- c:programAMD
2008-10-12 08:28 . 2008-10-23 07:42 203,146 --a------ c:windowssystem32nvapps.nvb
2008-10-11 17:30 . 2008-10-11 17:30 <KAT> d-------- c:programWebshots
2008-10-11 17:23 . 2008-10-11 17:23 <KAT> d-------- c:programAGI
2008-10-10 06:42 . 2008-04-14 20:34 116,224 --a--c--- c:windowssystem32dllcachexrxwiadr.dll
2008-10-10 06:42 . 2001-08-18 05:37 99,865 --a--c--- c:windowssystem32dllcachexlog.exe
2008-10-10 06:42 . 2001-09-06 19:33 27,648 --a--c--- c:windowssystem32dllcachexrxftplt.exe
2008-10-10 06:42 . 2001-09-06 19:33 23,040 --a--c--- c:windowssystem32dllcachexrxwbtmp.dll
2008-10-10 06:42 . 2008-04-13 21:04 19,455 --a--c--- c:windowssystem32dllcachewvchntxx.sys
2008-10-10 06:42 . 2008-04-13 23:16 19,200 --a--c--- c:windowssystem32dllcachewstcodec.sys
2008-10-10 06:42 . 2008-04-14 20:34 18,944 --a--c--- c:windowssystem32dllcachexrxscnui.dll
2008-10-10 06:42 . 2001-08-17 19:11 16,970 --a--c--- c:windowssystem32dllcachexem336n5.sys
2008-10-10 06:42 . 2008-04-13 21:04 12,063 --a--c--- c:windowssystem32dllcachewsiintxx.sys
2008-10-10 06:42 . 2008-04-14 20:34 8,192 --a--c--- c:windowssystem32dllcachewshirda.dll
2008-10-10 06:42 . 2001-09-06 19:33 4,608 --a--c--- c:windowssystem32dllcachexrxflnch.exe
2008-10-10 06:40 . 2001-08-17 20:28 794,399 --a--c--- c:windowssystem32dllcacheusr1806v.sys
2008-10-10 06:39 . 2001-08-17 20:28 794,654 --a--c--- c:windowssystem32dllcacheusr1801.sys
2008-10-10 06:38 . 2001-09-06 19:33 525,568 --a--c--- c:windowssystem32dllcachetridxp.dll
2008-10-10 06:37 . 2001-09-06 19:33 172,768 --a--c--- c:windowssystem32dllcachet2r4disp.dll
2008-10-10 06:36 . 2001-09-06 18:47 285,760 --a--c--- c:windowssystem32dllcachestlnata.sys
2008-10-10 06:35 . 2001-09-06 19:33 147,200 --a--c--- c:windowssystem32dllcachesmidispb.dll
2008-10-10 06:34 . 2001-09-06 19:33 386,560 --a--c--- c:windowssystem32dllcachesgiul50.dll
2008-10-10 06:33 . 2001-09-06 19:32 495,616 --a--c--- c:windowssystem32dllcachesblfx.dll
2008-10-10 06:32 . 2001-09-06 19:09 714,858 --a--c--- c:windowssystem32dllcacher2mdmkxx.sys
2008-10-10 06:31 . 2001-09-06 19:09 899,274 --a--c--- c:windowssystem32dllcacher2mdkxga.sys
2008-10-10 06:31 . 2008-04-14 20:34 159,232 --a--c--- c:windowssystem32dllcacheptpusd.dll
2008-10-10 06:31 . 2001-08-17 20:28 130,942 --a--c--- c:windowssystem32dllcacheptserlv.sys
2008-10-10 06:31 . 2001-08-17 20:28 128,286 --a--c--- c:windowssystem32dllcacheptserli.sys
2008-10-10 06:31 . 2001-08-17 20:28 112,574 --a--c--- c:windowssystem32dllcacheptserlp.sys
2008-10-10 06:31 . 2001-08-17 20:52 49,024 --a--c--- c:windowssystem32dllcacheql1280.sys
2008-10-10 06:31 . 2001-08-17 20:52 45,312 --a--c--- c:windowssystem32dllcacheql12160.sys
2008-10-10 06:31 . 2001-09-06 19:33 41,472 --a--c--- c:windowssystem32dllcacheqvusd.dll
2008-10-10 06:31 . 2001-08-17 20:52 40,448 --a--c--- c:windowssystem32dllcacheql1240.sys
2008-10-10 06:31 . 2001-08-17 20:52 40,320 --a--c--- c:windowssystem32dllcacheql1080.sys
2008-10-10 06:31 . 2001-08-17 20:52 33,152 --a--c--- c:windowssystem32dllcacheql10wnt.sys
2008-10-10 06:31 . 2008-04-13 23:10 6,016 --a--c--- c:windowssystem32dllcacheqic157.sys
2008-10-10 06:31 . 2001-08-17 20:53 3,328 --a--c--- c:windowssystem32dllcacheqv2kux.sys
2008-10-10 06:29 . 2001-08-17 21:05 351,616 --a--c--- c:windowssystem32dllcacheovcodek2.sys
2008-10-10 06:28 . 2008-08-14 14:27 2,066,816 --a--c--- c:windowssystem32dllcachentkrnlpa.exe
2008-10-10 06:28 . 2001-08-17 19:50 198,144 --a--c--- c:windowssystem32dllcachenv3.sys
2008-10-10 06:28 . 2008-04-14 20:13 132,695 --a--c--- c:windowssystem32dllcachenetwlan5.sys
2008-10-10 06:28 . 2001-08-17 19:20 126,080 --a--c--- c:windowssystem32dllcachenm5a2wdm.sys
2008-10-10 06:28 . 2001-09-06 19:32 123,776 --a--c--- c:windowssystem32dllcachenv3.dll
2008-10-10 06:28 . 2001-08-17 19:20 87,040 --a--c--- c:windowssystem32dllcachenm6wdm.sys
2008-10-10 06:28 . 2001-09-06 19:01 65,278 --a--c--- c:windowssystem32dllcachenetflx3.sys
2008-10-10 06:28 . 2001-08-17 19:20 54,528 --a--c--- c:windowssystem32dllcacheopl3sax.sys
2008-10-10 06:28 . 2001-08-17 19:49 51,552 --a--c--- c:windowssystem32dllcachentgrip.sys
2008-10-10 06:28 . 2001-08-17 19:12 32,840 --a--c--- c:windowssystem32dllcachengrpci.sys
2008-10-10 06:28 . 2008-04-13 23:24 28,672 --a--c--- c:windowssystem32dllcachenscirda.sys
2008-10-10 06:28 . 2001-09-06 19:02 9,472 --a--c--- c:windowssystem32dllcachentapm.sys
2008-10-10 06:28 . 2001-08-17 20:53 7,552 --a--c--- c:windowssystem32dllcachensmmc.sys
2008-10-10 06:26 . 2008-04-14 20:35 56,832 --a--c--- c:windowssystem32dllcachemsdvbnp.ax
2008-10-10 06:26 . 2008-04-13 23:16 51,200 --a--c--- c:windowssystem32dllcachemsdv.sys
2008-10-10 06:26 . 2008-04-13 23:16 49,024 --a--c--- c:windowssystem32dllcachemstape.sys
2008-10-10 06:26 . 2001-08-17 21:02 35,200 --a--c--- c:windowssystem32dllcachemsgame.sys
2008-10-10 06:26 . 2008-04-13 23:24 22,016 --a--c--- c:windowssystem32dllcachemsircomm.sys
2008-10-10 06:26 . 2001-08-17 20:52 17,280 --a--c--- c:windowssystem32dllcachemraid35x.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-08 12:51 --------- d-----w c:documents and settingsNetworkServiceApplication DataSACore
2008-11-07 16:55 --------- d-----w c:documents and settingsAll UsersApplication DataSpybot - Search & Destroy
2008-11-07 10:33 --------- d-----w c:programVista Inspirat 2
2008-11-06 08:20 --------- d-----w c:documents and settingsAdministratörApplication DataLimeWire
2008-11-06 06:55 --------- d-----w c:programTYPEFACE
2008-11-06 06:55 --------- d-----w c:programSYMBOLS
2008-11-06 06:55 --------- d-----w c:programPALETTES
2008-11-06 06:55 --------- d-----w c:programFONTS
2008-11-06 06:55 --------- d-----w c:programFILTERS
2008-11-06 06:55 --------- d-----w c:programCUSTOM
2008-11-06 06:55 --------- d-----w c:programBANNERS
2008-11-06 06:55 --------- d-----w c:programACTIVITY
2008-11-05 12:09 --------- d-----r c:programPrivat
2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataSiteAdvisor
2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataMcAfee
2008-11-04 20:02 --------- d-----w c:documents and settingsAdministratörApplication DatauTorrent
2008-11-04 19:56 --------- d-----w c:programSystemRequirementsLab
2008-11-04 13:37 --------- d-----w c:programDivX
2008-11-02 18:01 --------- d-----w c:programLimeWire
2008-11-02 11:42 --------- d-----w c:documents and settingsAll UsersApplication DataF-Secure
2008-11-02 11:41 --------- d-----w c:documents and settingsAll UsersApplication Datafssg
2008-11-01 15:41 --------- d--h--w c:programInstallShield Installation Information
2008-10-31 12:39 --------- d-----w c:programApple Software Update
2008-10-31 11:46 --------- d-----w c:programHP
2008-10-31 09:49 --------- d-----w c:programCDBurnerXP
2008-10-31 09:20 --------- d-----w c:programJava
2008-10-30 15:24 --------- d-----w c:programStadkart
2008-10-30 15:22 --------- d-----w c:programUnlocker
2008-10-30 09:41 66,872 ----a-w c:windowssystem32PnkBstrA.exe
2008-10-30 09:41 22,328 ----a-w c:windowssystem32driversPnkBstrK.sys
2008-10-30 09:41 22,328 ----a-w c:documents and settingsAdministratörApplication DataPnkBstrK.sys
2008-10-30 09:41 2,337,865 ----a-w c:windowssystem32pbsvc.exe
2008-10-30 09:41 107,832 ----a-w c:windowssystem32PnkBstrB.exe
2008-10-29 08:37 --------- d-----w c:programDelade filerWise Installation Wizard
2008-10-29 08:03 --------- d-----w c:programAGEIA Technologies
2008-10-28 16:21 --------- d-----w c:programTuneUp Utilities 2008
2008-10-27 18:33 --------- d-----w c:programMicrosoft Silverlight
2008-10-27 18:29 --------- d-----w c:documents and settingsAll UsersApplication DataMicrosoft Help
2008-10-25 10:30 --------- d-----w c:programMicrosoft Visual Studio 8
2008-10-22 15:55 453,152 ----a-w c:windowssystem32NVUNINST.EXE
2008-10-18 10:50 --------- d-----w c:documents and settingsAll UsersApplication DatanView_Profiles
2008-10-18 10:05 --------- d-----w c:programASUS
2008-10-11 16:30 --------- d-----w c:documents and settingsAdministratörApplication DataWebshots
2008-10-10 05:55 --------- d-----w c:programIZArc
2008-10-07 11:33 286,720 ----a-w c:windowssystem32nvnt4cpl.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelTraditionalChinese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSwedish.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSpanish.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSimplifiedChinese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelPortugese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelKorean.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelJapanese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelGerman.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelFrench.dll
2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCplUI.exe
2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCompatCplUI.exe
2008-10-07 08:13 23,320 ----a-w c:windowssystem32PhysXDevice.dll
2008-10-05 18:52 --------- d-----w c:programQuickTime
2008-10-05 18:52 --------- d-----w c:programDelade filerApple
2008-10-05 18:52 --------- d-----w c:documents and settingsAll UsersApplication DataApple Computer
2008-10-05 18:51 --------- d-----w c:documents and settingsAll UsersApplication DataApple
2008-10-05 12:23 --------- d-----w c:programTHQ
2008-10-04 13:16 --------- d-----w c:documents and settingsAdministratörApplication DataMicrosoft Games
2008-10-03 16:09 --------- d-----w c:programuTorrent
2008-10-01 13:13 --------- d-----w c:documents and settingsLocalServiceApplication DataSACore
2008-10-01 12:23 355,584 ----a-w c:windowssystem32TuneUpDefragService.exe
2008-10-01 07:17 --------- d-----w c:documents and settingsAdministratörApplication DataDivX
2008-09-30 18:44 --------- d-----w c:programElectronic Arts
2008-09-30 15:45 --------- d-----w c:programReference Assemblies
2008-09-30 15:45 --------- d-----w c:programMSBuild
2008-09-30 07:05 --------- d-----w c:documents and settingsAdministratörApplication DataF-Secure
2008-09-29 17:26 --------- d-----w c:programMSXML 4.0
2008-09-29 13:56 215,144 ----a-w c:windowspatchw32.dll
2008-09-29 11:59 --------- d-----w c:programActivision
2008-09-29 11:05 --------- d-----w c:documents and settingsAll UsersApplication DataUbisoft
2008-09-29 10:29 --------- d-----w c:programMicrosoft Games
2008-09-29 10:23 --------- dc-h--w c:documents and settingsAll UsersApplication Data{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2008-09-29 10:20 --------- d-----w c:programEADM
2008-09-29 10:19 --------- d-----w c:programDelade filerInstallShield
2008-09-29 10:09 --------- d-----w c:programFoxit Software
2008-09-29 10:07 --------- d-----w c:documents and settingsAdministratörApplication DataHP
2008-09-29 10:05 --------- d-----w c:documents and settingsAll UsersApplication DataHP
2008-09-29 10:03 --------- d-----w c:programDelade filerSonic Shared
2008-09-29 10:03 --------- d-----w c:programDelade filerHP
2008-09-29 10:03 --------- d-----w c:documents and settingsAll UsersApplication DataSonic
2008-09-29 10:01 --------- d-----w c:programHewlett-Packard
2008-09-29 10:01 --------- d-----w c:programDelade filerHewlett-Packard
2008-09-29 09:36 --------- d-----w c:programDIFX
2008-09-29 09:27 --------- d-----w c:programGoogle
2008-09-29 09:26 39,397 ----a-w c:programDEISL1.ISU
2008-09-29 09:22 --------- d-----w c:programfilehippo.com
2008-09-29 07:54 60,080 ----a-w c:windowsBricoPackUninst.cmd
2008-09-29 07:54 5,308 ----a-w c:windowsBricoPackFoldersDelete.cmd
2008-09-29 07:54 219,136 ----a-w c:windowssystem32uxtheme.dll
2008-09-29 07:43 --------- d-----w c:documents and settingsAll UsersApplication DataTuneUp Software
2008-09-29 07:43 --------- d-----w c:documents and settingsAdministratörApplication DataTuneUp Software
2008-09-29 07:34 --------- d-----w c:programNätLex
2008-09-29 07:29 --------- d-----w c:programRaxco
2008-09-29 07:29 --------- d-----w c:documents and settingsAll UsersApplication DataRaxco
2008-09-29 07:19 --------- d-----w c:programDAEMON Tools Lite
2008-04-14 19:35 60,416 --sha-w c:windowsBricoPacksSysFiles80_msimn.exe
-
Hej igen Malou.
Vet inte riktigt vad du menade med"File:: /Registry:: men jag gör så gott jak kan eftersom jag inte är någon "Dataguru".
Skickar Hijackisloggan först för att skicka den andra loggan direkt efter.
Tony.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:33, on 2008-11-09
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgramMicrosoft IntelliType Proitype.exe
C:ProgramMicrosoft IntelliPointipoint.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramPersonalbinPersonal.exe
C:WINDOWSSystem32svchost.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE
C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE
C:WINDOWSSystem32svchost.exe
C:ProgramJavajre6binjqs.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE
C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe
C:ProgramMcAfeeSiteAdvisorMcSACore.exe
C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe
C:ProgramCDBurnerXPNMSAccessU.exe
C:WINDOWSsystem32nvsvc32.exe
C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32PnkBstrB.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe
C:WINDOWSexplorer.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe
C:WINDOWSexplorer.exe
C:ProgramTrend MicroHijackThisTonys.exe.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll
O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe
O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe"
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe"
O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash
O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...427/mcfscan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll
O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll
O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe
O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe
--
End of file - 9653 bytes
-
Här kommer nästa.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-08 12:51 --------- d-----w c:documents and settingsNetworkServiceApplication DataSACore
2008-11-07 16:55 --------- d-----w c:documents and settingsAll UsersApplication DataSpybot - Search & Destroy
2008-11-07 10:33 --------- d-----w c:programVista Inspirat 2
2008-11-06 08:20 --------- d-----w c:documents and settingsAdministratörApplication DataLimeWire
2008-11-06 06:55 --------- d-----w c:programTYPEFACE
2008-11-06 06:55 --------- d-----w c:programSYMBOLS
2008-11-06 06:55 --------- d-----w c:programPALETTES
2008-11-06 06:55 --------- d-----w c:programFONTS
2008-11-06 06:55 --------- d-----w c:programFILTERS
2008-11-06 06:55 --------- d-----w c:programCUSTOM
2008-11-06 06:55 --------- d-----w c:programBANNERS
2008-11-06 06:55 --------- d-----w c:programACTIVITY
2008-11-05 12:09 --------- d-----r c:programPrivat
2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataSiteAdvisor
2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataMcAfee
2008-11-04 20:02 --------- d-----w c:documents and settingsAdministratörApplication DatauTorrent
2008-11-04 19:56 --------- d-----w c:programSystemRequirementsLab
2008-11-04 13:37 --------- d-----w c:programDivX
2008-11-02 18:01 --------- d-----w c:programLimeWire
2008-11-02 11:42 --------- d-----w c:documents and settingsAll UsersApplication DataF-Secure
2008-11-02 11:41 --------- d-----w c:documents and settingsAll UsersApplication Datafssg
2008-11-01 15:41 --------- d--h--w c:programInstallShield Installation Information
2008-10-31 12:39 --------- d-----w c:programApple Software Update
2008-10-31 11:46 --------- d-----w c:programHP
2008-10-31 09:49 --------- d-----w c:programCDBurnerXP
2008-10-31 09:20 --------- d-----w c:programJava
2008-10-30 15:24 --------- d-----w c:programStadkart
2008-10-30 15:22 --------- d-----w c:programUnlocker
2008-10-30 09:41 66,872 ----a-w c:windowssystem32PnkBstrA.exe
2008-10-30 09:41 22,328 ----a-w c:windowssystem32driversPnkBstrK.sys
2008-10-30 09:41 22,328 ----a-w c:documents and settingsAdministratörApplication DataPnkBstrK.sys
2008-10-30 09:41 2,337,865 ----a-w c:windowssystem32pbsvc.exe
2008-10-30 09:41 107,832 ----a-w c:windowssystem32PnkBstrB.exe
2008-10-29 08:37 --------- d-----w c:programDelade filerWise Installation Wizard
2008-10-29 08:03 --------- d-----w c:programAGEIA Technologies
2008-10-28 16:21 --------- d-----w c:programTuneUp Utilities 2008
2008-10-27 18:33 --------- d-----w c:programMicrosoft Silverlight
2008-10-27 18:29 --------- d-----w c:documents and settingsAll UsersApplication DataMicrosoft Help
2008-10-25 10:30 --------- d-----w c:programMicrosoft Visual Studio 8
2008-10-22 15:55 453,152 ----a-w c:windowssystem32NVUNINST.EXE
2008-10-18 10:50 --------- d-----w c:documents and settingsAll UsersApplication DatanView_Profiles
2008-10-18 10:05 --------- d-----w c:programASUS
2008-10-11 16:30 --------- d-----w c:documents and settingsAdministratörApplication DataWebshots
2008-10-10 05:55 --------- d-----w c:programIZArc
2008-10-07 11:33 286,720 ----a-w c:windowssystem32nvnt4cpl.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelTraditionalChinese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSwedish.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSpanish.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSimplifiedChinese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelPortugese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelKorean.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelJapanese.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelGerman.dll
2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelFrench.dll
2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCplUI.exe
2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCompatCplUI.exe
2008-10-07 08:13 23,320 ----a-w c:windowssystem32PhysXDevice.dll
2008-10-05 18:52 --------- d-----w c:programQuickTime
2008-10-05 18:52 --------- d-----w c:programDelade filerApple
2008-10-05 18:52 --------- d-----w c:documents and settingsAll UsersApplication DataApple Computer
2008-10-05 18:51 --------- d-----w c:documents and settingsAll UsersApplication DataApple
2008-10-05 12:23 --------- d-----w c:programTHQ
2008-10-04 13:16 --------- d-----w c:documents and settingsAdministratörApplication DataMicrosoft Games
2008-10-03 16:09 --------- d-----w c:programuTorrent
2008-10-01 13:13 --------- d-----w c:documents and settingsLocalServiceApplication DataSACore
2008-10-01 12:23 355,584 ----a-w c:windowssystem32TuneUpDefragService.exe
2008-10-01 07:17 --------- d-----w c:documents and settingsAdministratörApplication DataDivX
2008-09-30 18:44 --------- d-----w c:programElectronic Arts
2008-09-30 15:45 --------- d-----w c:programReference Assemblies
2008-09-30 15:45 --------- d-----w c:programMSBuild
2008-09-30 07:05 --------- d-----w c:documents and settingsAdministratörApplication DataF-Secure
2008-09-29 17:26 --------- d-----w c:programMSXML 4.0
2008-09-29 13:56 215,144 ----a-w c:windowspatchw32.dll
2008-09-29 11:59 --------- d-----w c:programActivision
2008-09-29 11:05 --------- d-----w c:documents and settingsAll UsersApplication DataUbisoft
2008-09-29 10:29 --------- d-----w c:programMicrosoft Games
2008-09-29 10:23 --------- dc-h--w c:documents and settingsAll UsersApplication Data{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2008-09-29 10:20 --------- d-----w c:programEADM
2008-09-29 10:19 --------- d-----w c:programDelade filerInstallShield
2008-09-29 10:09 --------- d-----w c:programFoxit Software
2008-09-29 10:07 --------- d-----w c:documents and settingsAdministratörApplication DataHP
2008-09-29 10:05 --------- d-----w c:documents and settingsAll UsersApplication DataHP
2008-09-29 10:03 --------- d-----w c:programDelade filerSonic Shared
2008-09-29 10:03 --------- d-----w c:programDelade filerHP
2008-09-29 10:03 --------- d-----w c:documents and settingsAll UsersApplication DataSonic
2008-09-29 10:01 --------- d-----w c:programHewlett-Packard
2008-09-29 10:01 --------- d-----w c:programDelade filerHewlett-Packard
2008-09-29 09:36 --------- d-----w c:programDIFX
2008-09-29 09:27 --------- d-----w c:programGoogle
2008-09-29 09:26 39,397 ----a-w c:programDEISL1.ISU
2008-09-29 09:22 --------- d-----w c:programfilehippo.com
2008-09-29 07:54 60,080 ----a-w c:windowsBricoPackUninst.cmd
2008-09-29 07:54 5,308 ----a-w c:windowsBricoPackFoldersDelete.cmd
2008-09-29 07:54 219,136 ----a-w c:windowssystem32uxtheme.dll
2008-09-29 07:43 --------- d-----w c:documents and settingsAll UsersApplication DataTuneUp Software
2008-09-29 07:43 --------- d-----w c:documents and settingsAdministratörApplication DataTuneUp Software
2008-09-29 07:34 --------- d-----w c:programNätLex
2008-09-29 07:29 --------- d-----w c:programRaxco
2008-09-29 07:29 --------- d-----w c:documents and settingsAll UsersApplication DataRaxco
2008-09-29 07:19 --------- d-----w c:programDAEMON Tools Lite
2008-04-14 19:35 60,416 --sha-w c:windowsBricoPacksSysFiles80_msimn.exe
.
------- Sigcheck -------
2008-06-23 16:42 827904 763148c042469c197933ac956e566226 c:windows$hf_mig$KB953838-IE7SP2QFEwininet.dll
2008-08-26 10:12 827904 27431705f27b772f4f7903e4bf96efb2 c:windows$hf_mig$KB956390-IE7SP2QFEwininet.dll
2004-08-04 13:00 656896 9f721bd834534e75661d8f9bd1efdcd7 c:windows$NtServicePackUninstall$wininet.dll
2008-04-14 20:34 666624 b8d98f0cdf9b1429cd95497ad9995078 c:windowsie7wininet.dll
2007-08-13 17:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:windowsie7updatesKB953838-IE7wininet.dll
2008-06-23 17:42 826368 ce365a16790ec5c5dddc78820949c02e c:windowsie7updatesKB956390-IE7wininet.dll
2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowsServicePackFilesi386wininet.dll
2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowssystem32wininet.dll
2008-08-26 09:27 826368 91a76d98b206723d21612aecbc1d65ce c:windowssystem32dllcachewininet.dll
2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsexplorer.exe
2004-08-04 13:00 1032704 87a3c8ead27cf3591713d629d8bcb990 c:windows$NtServicePackUninstall$explorer.exe
2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsServicePackFilesi386explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-11-08_10.50.26,03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-13 09:54:40 24,576 ----a-w c:windowsMcAfee.comFreeScanavdat.exe
+ 2008-07-09 03:30:00 5,444 ----a-w c:windowsMcAfee.comFreeScanconfig.dat
+ 2008-11-07 14:47:52 156,936 ----a-w c:windowsMcAfee.comFreeScanmcfscan.dll
+ 2008-07-09 03:30:00 3,092,646 ----a-w c:windowsMcAfee.comFreeScanmcscan32.dll
+ 2008-11-07 04:30:00 942,396 ----a-w c:windowsMcAfee.comFreeScannames.DAT
+ 2006-12-18 09:03:00 7,449 ----a-w c:windowsMcAfee.comFreeScanrwabs16.dll
+ 2006-12-18 09:03:10 16,921 ----a-w c:windowsMcAfee.comFreeScanrwabs32.dll
+ 2008-11-07 04:30:00 56,335,896 ----a-w c:windowsMcAfee.comFreeScanscan.DAT
- 2008-11-02 11:42:42 76,862 ----a-w c:windowssystem32perfc009.dat
+ 2008-11-08 10:30:41 76,862 ----a-w c:windowssystem32perfc009.dat
- 2008-11-02 11:42:42 88,992 ----a-w c:windowssystem32perfc01D.dat
+ 2008-11-08 10:30:41 88,992 ----a-w c:windowssystem32perfc01D.dat
- 2008-11-02 11:42:42 454,716 ----a-w c:windowssystem32perfh009.dat
+ 2008-11-08 10:30:41 454,716 ----a-w c:windowssystem32perfh009.dat
- 2008-11-02 11:42:42 456,648 ----a-w c:windowssystem32perfh01D.dat
+ 2008-11-08 10:30:41 456,648 ----a-w c:windowssystem32perfh01D.dat
+ 2008-11-08 10:36:06 16,384 ----atw c:windowsTempPerflib_Perfdata_170.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"ctfmon.exe"="c:windowssystem32ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"amd_dc_opt"="c:programAMDDual-Core Optimizeramd_dc_opt.exe" [2007-07-23 77824]
"itype"="c:programMicrosoft IntelliType Proitype.exe" [2008-06-10 1442888]
"NvCplDaemon"="c:windowssystem32NvCpl.dll" [2008-10-23 13672448]
"IntelliPoint"="c:programMicrosoft IntelliPointipoint.exe" [2008-06-10 1406024]
"F-Secure Manager"="c:programTeliaTelias sakerhetstjansterCommonFSM32.EXE" [2008-09-23 182936]
"F-Secure TNB"="c:programTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" [2008-09-23 957024]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:windowssoundman.exe]
c:documents and settingsAll UsersStart-menyProgramAutostart
Personal.lnk - c:programPersonalbinPersonal.exe [2008-09-29 910864]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"MaxRecentDocs"= 2 (0x2)
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifya441e429502]
2008-11-06 09:23 135168 c:windowssystem32dpcdll32.dll
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows]
"AppInit_DLLs"=c:windowsSystem32dpcdll32.dll
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]
"ctfmon.exe"=c:windowssystem32ctfmon.exe
[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
"UpdatesDisableNotify"=dword:00000001
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
"%windir%Network Diagnosticxpnetdiag.exe"=
"c:ProgramMicrosoft OfficeOffice12OUTLOOK.EXE"=
"c:ProgramMicrosoft OfficeOffice12GROOVE.EXE"=
"c:ProgramuTorrentuTorrent.exe"=
"c:ProgramHPDigital Imagingbinhpqtra08.exe"=
"c:ProgramHPDigital Imagingbinhpqste08.exe"=
"c:ProgramHPDigital Imagingbinhpofxm08.exe"=
"c:ProgramHPDigital Imagingbinhposfx08.exe"=
"c:ProgramHPDigital Imagingbinhposid01.exe"=
"c:ProgramHPDigital Imagingbinhpqscnvw.exe"=
"c:ProgramHPDigital Imagingbinhpqkygrp.exe"=
"c:ProgramHPDigital ImagingbinhpqCopy.exe"=
"c:ProgramHPDigital Imagingbinhpfccopy.exe"=
"c:ProgramHPDigital Imagingbinhpzwiz01.exe"=
"c:ProgramHPDigital ImagingUnloadHpqPhUnl.exe"=
"c:ProgramHPDigital ImagingUnloadHpqDIA.exe"=
"c:ProgramHPDigital Imagingbinhpoews01.exe"=
"c:ProgramHPDigital Imagingbinhpqnrs08.exe"=
"c:ProgramMicrosoft GamesGears of WarBinariesWarGame-G4WLive.exe"=
"c:WINDOWSsystem32PnkBstrA.exe"=
"c:WINDOWSsystem32PnkBstrB.exe"=
"c:ProgramElectronic ArtsCrytekCrysisBin32Crysis.exe"=
"c:ProgramElectronic ArtsCrytekCrysisBin32CrysisDedicatedServer.exe"=
"c:ProgramElectronic ArtsMedal of Honor AirborneUnrealEngine3BinariesMOHA.exe"=
"c:ProgramTHQFrontlines-Fuel of WarBinariesFFOW.exe"=
"c:ProgramUbisoftFar Cry 2binFarCry2.exe"=
"c:ProgramUbisoftFar Cry 2binFC2Launcher.exe"=
"c:ProgramUbisoftFar Cry 2binFC2Editor.exe"=
"c:WINDOWSsystem32sessmgr.exe"=
"c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Game.exe"=
"c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Launcher.exe"=
"c:ProgramActivisionCall of Duty 4 - Modern Warfareiw3mp.exe"=
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileIcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 fsbts;fsbts;c:windowssystem32Driversfsbts.sys [2008-11-02 30856]
R0 FSFW;F-Secure Firewall Driver;c:windowssystem32driversfsdfw.sys [2008-09-23 79904]
R0 nvgts;nvgts;c:windowssystem32DRIVERSnvgts.sys [2008-08-18 145952]
R0 pavboot;pavboot;c:windowssystem32driverspavboot.sys [2008-06-19 28544]
R2 JavaQuickStarterService;Java Quick Starter;c:programJavajre6binjqs.exe [2008-10-30 152984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:programMcAfeeSiteAdvisorMcSACore.exe [2008-10-08 203280]
R2 NMSAccessU;NMSAccessU;c:programCDBurnerXPNMSAccessU.exe [2008-06-15 71096]
R2 PD91Agent;PD91Agent;c:programRaxcoPerfectDisk2008PD91Agent.exe [2008-09-09 693512]
R2 UxTuneUp;TuneUp Theme Extension;c:windowsSystem32svchost.exe [2008-04-14 14336]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:programTeliaTelias sakerhetstjansterAnti-Virusminifilterfsgk.sys [2008-09-23 72288]
S3 FSORSPClient;F-Secure ORSP Client;c:programTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe [2008-09-23 55904]
S3 PD91Engine;PD91Engine;c:programRaxcoPerfectDisk2008PD91Engine.exe [2008-09-09 906504]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:windowsSystem32TuneUpDefragService.exe [2008-10-01 355584]
S4 F-Secure Filter;F-Secure File System Filter;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSfilter.sys [2008-09-23 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSrec.sys [2008-09-23 25184]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSvchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2G]
ShellAutoRuncommand - G:LaunchU3.exe -a
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ace7479c-aa5e-11dd-a583-001a921dc4b4}]
ShellAutoRuncommand - G:LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
2008-10-31 c:windowsTasksMicrosoft_Hardware_Launch_IType_exe.job
- c:programMicrosoft IntelliType Proitype.exe [2008-06-10 12:56]
.
.
------- Supplementary Scan -------
.
O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab
c:windowsDownloaded Program Filessysreqlab.osd
c:windowsDownloaded Program Filessysreqlab3.dll
c:windowsDownloaded Program Filessysreqlab_srl.dll
O16 -: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.framkalla.com/iu/ImageUploader5.cab
c:windowsDownloaded Program FilesImageUploader5.inf
c:windowssystem32unicows.dll
c:windowsDownloaded Program FilesImageUploader5.ocx
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 14:10:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: c:windowssystem32winlogon.exe
-> c:windowsSystem32dpcdll32.dll
PROCESS: c:windowssystem32lsass.exe
-> c:windowsSystem32dpcdll32.dll
.
Completion time: 2008-11-08 14:10:43
ComboFix-quarantined-files.txt 2008-11-08 13:10:40
ComboFix2.txt 2008-11-08 09:50:44
Pre-Run: 294,487,400,448 byte ledigt
Post-Run: 294,476,308,480 byte ledigt
397
ommer loggan på det andra
-
Hej.
Här kommer ComboFix. måste dela det på två.
Tony.
ComboFix 08-11-07.01 - Administratör 2008-11-08 14:08:49.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.2474 [GMT 1:00]
Running from: c:documents and settingsAdministratörSkrivbordComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-10-08 to 2008-11-08 )))))))))))))))))))))))))))))))
.
2008-11-08 11:56 . 2008-11-08 11:56 <KAT> d-------- c:windowsMcAfee.com
2008-11-08 11:56 . 2008-11-08 11:56 <KAT> d-------- c:windowsLastGood
2008-11-08 11:29 . 2008-11-08 11:33 <KAT> d-a------ c:documents and settingsAll UsersApplication DataTEMP
2008-11-07 11:37 . 2008-11-07 11:37 <KAT> d-------- c:programTrend Micro
2008-11-07 07:09 . 2008-11-07 07:09 <KAT> d--hs---- c:windowssystem32GroupPolicyManifest
2008-11-06 21:30 . 2008-11-07 11:11 <KAT> d-------- c:programPanda Security
2008-11-06 21:30 . 2008-06-19 17:24 28,544 --a------ c:windowssystem32driverspavboot.sys
2008-11-06 20:34 . 2008-11-06 20:36 <KAT> d-------- c:programSpybot - Search & Destroy
2008-11-06 09:35 . 2008-11-07 07:26 8,230 --a------ c:windowsGnuHashes.ini
2008-11-06 09:23 . 2008-11-06 09:23 318,976 --ahs---- c:windowssystem321543.tmp
2008-11-06 09:23 . 2008-11-06 09:23 135,168 --a------ c:windowssystem32dpcdll32.dll
2008-11-06 09:23 . 2008-11-07 07:09 1,397 --ahs---- c:windowssystem32GroupPolicy000.dat
2008-11-06 07:55 . 2008-11-04 18:24 39,157 --a------ c:windows_DETMP.1
2008-11-05 07:05 . 2008-11-05 13:06 <KAT> d-------- c:programMcAfee
2008-11-05 07:05 . 2008-11-05 07:05 <KAT> d-------- c:programDelade filerMcAfee
2008-11-04 14:09 . 2008-11-04 14:11 <KAT> d-------- c:documents and settingsAdministratörApplication DataU3
2008-11-02 12:47 . 2008-11-02 12:47 30,856 --a------ c:windowssystem32driversfsbts.sys
2008-11-02 12:42 . 2008-11-02 12:42 <KAT> d-------- c:programTelia
2008-11-02 12:42 . 2008-09-23 14:35 79,904 --a------ c:windowssystem32driversfsdfw.sys
2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans
2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans
2008-11-02 12:04 . 2008-11-02 12:04 <KAT> d-------- c:programMicrosoft Baseline Security Analyzer 2
2008-11-02 10:55 . 2008-11-02 10:55 <KAT> d-------- c:programMicrosoft IntelliPoint
2008-11-02 10:55 . 2008-06-10 13:04 31,048 --a------ c:windowssystem32driverspoint32.sys
2008-11-02 10:41 . 2008-11-02 10:41 <KAT> d-------- c:programIObit
2008-11-01 16:52 . 2008-11-01 16:52 <KAT> d-------- c:programCCleaner
2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:programUniblue
2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d--h-c--- c:documents and settingsAll UsersApplication Data{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:documents and settingsAdministratörApplication DataUniblue
2008-10-31 10:23 . 2008-10-31 10:23 <KAT> d-------- c:programMicrosoft IntelliType Pro
2008-10-30 21:17 . 2008-10-30 21:17 410,976 --a------ c:windowssystem32deploytk.dll
2008-10-30 20:56 . 2008-10-30 20:56 <KAT> d-------- c:documents and settingsAdministratörApplication DataInstallShield
2008-10-30 20:56 . 2006-07-01 23:21 43,520 --a------ c:windowssystem32driversAmdK8.sys
2008-10-30 11:14 . 2008-10-30 11:20 20 --a------ c:windowssystem32PDBootState
2008-10-30 10:12 . 2008-10-30 10:12 <KAT> d-------- c:programRealtek AC97
2008-10-29 13:23 . 2005-07-26 07:02 923,520 --a------ c:windowssystem32driversnvmcp.sys
2008-10-29 13:23 . 2005-07-26 07:01 415,360 --a------ c:windowssystem32driversnvapu.sys
2008-10-29 13:23 . 2005-07-26 07:02 66,688 --a------ c:windowssystem32driversnvarm.sys
2008-10-29 13:23 . 2005-07-26 07:02 54,272 --a------ c:windowssystem32nvopenal.dll
2008-10-29 13:23 . 2005-07-26 06:58 53,376 --a------ c:windowssystem32driversnvax.sys
2008-10-29 13:23 . 2005-07-20 17:08 33,280 --a------ c:windowssystem32NVCOAD.DLL
2008-10-29 13:23 . 2005-07-26 07:02 30,208 --a------ c:windowssystem32nvasio.dll
2008-10-29 13:23 . 2005-07-26 07:02 21,504 --a------ c:windowssystem32OpenAL32.dll
2008-10-29 13:23 . 2005-07-26 07:02 7,680 --a------ c:windowssystem32nvack.dll
2008-10-29 13:23 . 2005-07-26 07:02 5,120 --a------ c:windowssystem32ALut.dll
2008-10-29 09:37 . 2008-10-29 09:37 <KAT> d-------- c:windows74224F8D4A1748169EDB7BB854DE532C.TMP
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx0c.dll
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx07.dll
2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:windowssystem32divx_xx0a.dll
2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:windowssystem32divx_xx11.dll
2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:windowssystem32divxdec.ax
2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:windowssystem32DivX.dll
2008-10-28 11:06 . 2008-10-28 11:06 107,888 --a------ c:windowssystem32CmdLineExt.dll
2008-10-28 10:41 . 2008-10-30 10:34 <KAT> d-------- c:programUbisoft
2008-10-28 08:12 . 2008-10-28 08:12 <KAT> dr-h----- c:documents and settingsAdministratörApplication DataSecuROM
2008-10-27 20:35 . 2008-10-22 16:10 38,496 --a------ c:windowssystem32driversmbamswissarmy.sys
2008-10-27 20:35 . 2008-10-22 16:10 15,504 --a------ c:windowssystem32driversmbam.sys
2008-10-27 19:59 . 2007-06-29 14:47 34,304 --a------ c:windowssystem32driversAmdLLD.sys
2008-10-27 19:29 . 2008-10-27 19:29 <KAT> d-------- c:programHDD Health
2008-10-25 11:35 . 2008-10-27 19:29 <KAT> d-------- c:programMicrosoft CAPICOM 2.1.0.2
2008-10-24 16:06 . 2008-10-27 20:36 <KAT> d-------- c:programMalwarebytes' Anti-Malware
2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAll UsersApplication DataMalwarebytes
2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAdministratörApplication DataMalwarebytes
2008-10-16 19:42 . 2008-10-16 19:42 <KAT> d--h----- c:windowsPIF
2008-10-14 10:17 . 2008-10-14 10:17 <KAT> d-------- c:documents and settingsAdministratörApplication DataApple Computer
2008-10-14 08:45 . 2008-04-14 20:34 221,184 --a------ c:windowssystem32wmpns.dll
2008-10-14 06:40 . 2008-10-14 06:40 <KAT> d-------- c:programJoshMadison
2008-10-13 09:56 . 2008-10-13 09:56 70,936 --a------ c:windowssystem32PhysXLoader.dll
2008-10-13 06:16 . 2008-10-13 06:16 250 --a------ c:windowsgmer.ini
2008-10-12 10:10 . 2008-10-27 19:59 <KAT> d-------- c:programAMD
2008-10-12 08:28 . 2008-10-23 07:42 203,146 --a------ c:windowssystem32nvapps.nvb
2008-10-11 17:30 . 2008-10-11 17:30 <KAT> d-------- c:programWebshots
2008-10-11 17:23 . 2008-10-11 17:23 <KAT> d-------- c:programAGI
2008-10-10 06:42 . 2008-04-14 20:34 116,224 --a--c--- c:windowssystem32dllcachexrxwiadr.dll
2008-10-10 06:42 . 2001-08-18 05:37 99,865 --a--c--- c:windowssystem32dllcachexlog.exe
2008-10-10 06:42 . 2001-09-06 19:33 27,648 --a--c--- c:windowssystem32dllcachexrxftplt.exe
2008-10-10 06:42 . 2001-09-06 19:33 23,040 --a--c--- c:windowssystem32dllcachexrxwbtmp.dll
2008-10-10 06:42 . 2008-04-13 21:04 19,455 --a--c--- c:windowssystem32dllcachewvchntxx.sys
2008-10-10 06:42 . 2008-04-13 23:16 19,200 --a--c--- c:windowssystem32dllcachewstcodec.sys
2008-10-10 06:42 . 2008-04-14 20:34 18,944 --a--c--- c:windowssystem32dllcachexrxscnui.dll
2008-10-10 06:42 . 2001-08-17 19:11 16,970 --a--c--- c:windowssystem32dllcachexem336n5.sys
2008-10-10 06:42 . 2008-04-13 21:04 12,063 --a--c--- c:windowssystem32dllcachewsiintxx.sys
2008-10-10 06:42 . 2008-04-14 20:34 8,192 --a--c--- c:windowssystem32dllcachewshirda.dll
2008-10-10 06:42 . 2001-09-06 19:33 4,608 --a--c--- c:windowssystem32dllcachexrxflnch.exe
2008-10-10 06:40 . 2001-08-17 20:28 794,399 --a--c--- c:windowssystem32dllcacheusr1806v.sys
2008-10-10 06:39 . 2001-08-17 20:28 794,654 --a--c--- c:windowssystem32dllcacheusr1801.sys
2008-10-10 06:38 . 2001-09-06 19:33 525,568 --a--c--- c:windowssystem32dllcachetridxp.dll
2008-10-10 06:37 . 2001-09-06 19:33 172,768 --a--c--- c:windowssystem32dllcachet2r4disp.dll
2008-10-10 06:36 . 2001-09-06 18:47 285,760 --a--c--- c:windowssystem32dllcachestlnata.sys
2008-10-10 06:35 . 2001-09-06 19:33 147,200 --a--c--- c:windowssystem32dllcachesmidispb.dll
2008-10-10 06:34 . 2001-09-06 19:33 386,560 --a--c--- c:windowssystem32dllcachesgiul50.dll
2008-10-10 06:33 . 2001-09-06 19:32 495,616 --a--c--- c:windowssystem32dllcachesblfx.dll
2008-10-10 06:32 . 2001-09-06 19:09 714,858 --a--c--- c:windowssystem32dllcacher2mdmkxx.sys
2008-10-10 06:31 . 2001-09-06 19:09 899,274 --a--c--- c:windowssystem32dllcacher2mdkxga.sys
2008-10-10 06:31 . 2008-04-14 20:34 159,232 --a--c--- c:windowssystem32dllcacheptpusd.dll
2008-10-10 06:31 . 2001-08-17 20:28 130,942 --a--c--- c:windowssystem32dllcacheptserlv.sys
2008-10-10 06:31 . 2001-08-17 20:28 128,286 --a--c--- c:windowssystem32dllcacheptserli.sys
2008-10-10 06:31 . 2001-08-17 20:28 112,574 --a--c--- c:windowssystem32dllcacheptserlp.sys
2008-10-10 06:31 . 2001-08-17 20:52 49,024 --a--c--- c:windowssystem32dllcacheql1280.sys
2008-10-10 06:31 . 2001-08-17 20:52 45,312 --a--c--- c:windowssystem32dllcacheql12160.sys
2008-10-10 06:31 . 2001-09-06 19:33 41,472 --a--c--- c:windowssystem32dllcacheqvusd.dll
2008-10-10 06:31 . 2001-08-17 20:52 40,448 --a--c--- c:windowssystem32dllcacheql1240.sys
2008-10-10 06:31 . 2001-08-17 20:52 40,320 --a--c--- c:windowssystem32dllcacheql1080.sys
2008-10-10 06:31 . 2001-08-17 20:52 33,152 --a--c--- c:windowssystem32dllcacheql10wnt.sys
2008-10-10 06:31 . 2008-04-13 23:10 6,016 --a--c--- c:windowssystem32dllcacheqic157.sys
2008-10-10 06:31 . 2001-08-17 20:53 3,328 --a--c--- c:windowssystem32dllcacheqv2kux.sys
2008-10-10 06:29 . 2001-08-17 21:05 351,616 --a--c--- c:windowssystem32dllcacheovcodek2.sys
2008-10-10 06:28 . 2008-08-14 14:27 2,066,816 --a--c--- c:windowssystem32dllcachentkrnlpa.exe
2008-10-10 06:28 . 2001-08-17 19:50 198,144 --a--c--- c:windowssystem32dllcachenv3.sys
2008-10-10 06:28 . 2008-04-14 20:13 132,695 --a--c--- c:windowssystem32dllcachenetwlan5.sys
2008-10-10 06:28 . 2001-08-17 19:20 126,080 --a--c--- c:windowssystem32dllcachenm5a2wdm.sys
2008-10-10 06:28 . 2001-09-06 19:32 123,776 --a--c--- c:windowssystem32dllcachenv3.dll
2008-10-10 06:28 . 2001-08-17 19:20 87,040 --a--c--- c:windowssystem32dllcachenm6wdm.sys
2008-10-10 06:28 . 2001-09-06 19:01 65,278 --a--c--- c:windowssystem32dllcachenetflx3.sys
2008-10-10 06:28 . 2001-08-17 19:20 54,528 --a--c--- c:windowssystem32dllcacheopl3sax.sys
2008-10-10 06:28 . 2001-08-17 19:49 51,552 --a--c--- c:windowssystem32dllcachentgrip.sys
2008-10-10 06:28 . 2001-08-17 19:12 32,840 --a--c--- c:windowssystem32dllcachengrpci.sys
2008-10-10 06:28 . 2008-04-13 23:24 28,672 --a--c--- c:windowssystem32dllcachenscirda.sys
2008-10-10 06:28 . 2001-09-06 19:02 9,472 --a--c--- c:windowssystem32dllcachentapm.sys
2008-10-10 06:28 . 2001-08-17 20:53 7,552 --a--c--- c:windowssystem32dllcachensmmc.sys
2008-10-10 06:26 . 2008-04-14 20:35 56,832 --a--c--- c:windowssystem32dllcachemsdvbnp.ax
2008-10-10 06:26 . 2008-04-13 23:16 51,200 --a--c--- c:windowssystem32dllcachemsdv.sys
2008-10-10 06:26 . 2008-04-13 23:16 49,024 --a--c--- c:windowssystem32dllcachemstape.sys
2008-10-10 06:26 . 2001-08-17 21:02 35,200 --a--c--- c:windowssystem32dllcachemsgame.sys
2008-10-10 06:26 . 2008-04-13 23:24 22,016 --a--c--- c:windowssystem32dllcachemsircomm.sys
.
-
Hej igen Malou.
Har kört programmet igen och sparat loggan på en annan Hd.
Så här kommer den
Hoppas det går bättre nu. Skicka även loggan på Hijackis.
Måste skicka det var för sig när det blev för stort
Tony.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:19:43, on 2008-11-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:ProgramMicrosoft IntelliType Proitype.exe
C:ProgramMicrosoft IntelliPointipoint.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramPersonalbinPersonal.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe
C:WINDOWSSystem32svchost.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE
C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE
C:WINDOWSSystem32svchost.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE
C:ProgramJavajre6binjqs.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE
C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe
C:ProgramMcAfeeSiteAdvisorMcSACore.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe
C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe
C:WINDOWSsystem32msiexec.exe
C:ProgramCDBurnerXPNMSAccessU.exe
C:WINDOWSsystem32nvsvc32.exe
C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32PnkBstrB.exe
C:WINDOWSsystem32locator.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe
C:WINDOWSsystem32msdtc.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSexplorer.exe
C:ProgramTrend MicroHijackThisTonys.exe.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll
O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe
O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe"
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe"
O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash
O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...427/mcfscan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll
O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll
O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe
O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe
--
End of file - 10072 bytes
-
Hej igen.
Orsaken till omstarten var att jag inte kunde starta om "Telia säker surf", det var helt kört. Därför ville jag inte starta internet heller.
Har letat i Combo Fix mapp men tyvärr inte hittat txt-filen.
Det börjar att luta åt att formatera Hd
Mvh.
Tony
-
Hej igen Malou.
Nu är jag igång igen.
Här kommer loggan.
Jag blev tvingad att starta om datorn för att få allt att fungera igen, därför vet jag inte var loggan för Combofix tog vägen. hoppas att det är denna som jag skickar med.
2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe Flash Player 10 ActiveX
Adobe Shockwave Player 11
Advanced WindowsCare Personal
AI Booster
AiO_Scan_CDA
AiOSoftwareNPI
AMD Processor Driver
Apple Software Update
ASUSUpdate
µTorrent
Brothers in Arms: Hell's Highway
BufferChm
C4100
c4100_Help
Call of Duty® 2
Call of Duty® 2 Patch 1.2
Call of Duty® 2 Patch 1.3
Call of Duty® 4 - Modern Warfare
Call of Duty® 4 - Modern Warfare 1.1 Patch
Call of Duty® 4 - Modern Warfare 1.2 Patch
Call of Duty® 4 - Modern Warfare 1.4 Patch
Call of Duty® 4 - Modern Warfare 1.6 Patch
Call of Duty® 4 - Modern Warfare 1.7 Patch
CCleaner (remove only)
CDBurnerXP
Convert
Cool & Quiet
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Panorama1Config
cp_PosterPrintConfig
Crysis WARHEAD®
Crysis®
CueTour
CustomerResearchQFolder
Destinations
DeviceManagementQFolder
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocProcQFolder
DocumentViewer
DocumentViewerQFolder
Dual-Core Optimizer
EA Download Manager
eSupportQFolder
Far Cry
Far Cry (Patch 1)
Far Cry (Patch 1.4)
Far Cry 2
Fax_CDA
filehippo.com Update Checker
Foxit Reader
Frontlines: Fuel of War
FullDPAppQFolder
Gears of War
Google Earth
Harry Potter och Fenixorden
HDD Health v3.3 Beta
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915800-v4)
HP Update
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevices
InstantShareDevicesMFC
IZArc 3.81
Java 6 Update 10
Kartex
LimeWire PRO 4.18.8
Malwarebytes' Anti-Malware
MarketResearch
McAfee SiteAdvisor
Medal of Honor Airborne
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 1.1 Swedish Language Pack
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - SVE
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - SVE
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Language Pack - sve
Microsoft Application Error Reporting
Microsoft Baseline Security Analyzer 2.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft IntelliPoint 6.3
Microsoft IntelliType Pro 6.3
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (Swedish) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Swedish) 2007
Microsoft Office Groove MUI (Swedish) 2007
Microsoft Office InfoPath MUI (Swedish) 2007
Microsoft Office OneNote MUI (Swedish) 2007
Microsoft Office Outlook MUI (Swedish) 2007
Microsoft Office PowerPoint MUI (Swedish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Finnish) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Swedish) 2007
Microsoft Office Proofing (Swedish) 2007
Microsoft Office Publisher MUI (Swedish) 2007
Microsoft Office Shared MUI (Swedish) 2007
Microsoft Office Word MUI (Swedish) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Swedish) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MSXML 4.0 SP2 (KB936181)
NewCopy_CDA
NätLex 1.1.11
NVIDIA Drivers
NVIDIA PhysX v8.10.13
Pack Vista Inspirat 2 1.0
Panda ActiveScan 2.0
PanoStandAlone
PerfectDisk 2008 Professional
Personal 4.9.3
PhotoGallery
ProductContextNPI
PunkBuster Services
QuickTime
RandMap
Readme
Realtek AC'97 Audio
Scan
ScannerCopy
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
SkinsHP1
SlideShow
Snabbkorrigering för Windows Media Player 11 (KB939683)
Snabbkorrigering för Windows XP (KB952287)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127-v2)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390)
Säkerhetsuppdatering för Windows Media Player 11 (KB936782)
Säkerhetsuppdatering för Windows Media Player 11 (KB954154)
Säkerhetsuppdatering för Windows XP (KB923789)
Säkerhetsuppdatering för Windows XP (KB938464)
Säkerhetsuppdatering för Windows XP (KB941569)
Säkerhetsuppdatering för Windows XP (KB946648)
Säkerhetsuppdatering för Windows XP (KB950762)
Säkerhetsuppdatering för Windows XP (KB950974)
Säkerhetsuppdatering för Windows XP (KB951066)
Säkerhetsuppdatering för Windows XP (KB951376-v2)
Säkerhetsuppdatering för Windows XP (KB951698)
Säkerhetsuppdatering för Windows XP (KB951748)
Säkerhetsuppdatering för Windows XP (KB952954)
Säkerhetsuppdatering för Windows XP (KB953839)
Säkerhetsuppdatering för Windows XP (KB954211)
Säkerhetsuppdatering för Windows XP (KB956391)
Säkerhetsuppdatering för Windows XP (KB956803)
Säkerhetsuppdatering för Windows XP (KB956841)
Säkerhetsuppdatering för Windows XP (KB957095)
Säkerhetsuppdatering för Windows XP (KB958644)
SolutionCenter
Sonic_PrimoSDK
Språkpaket för Microsoft .NET Framework 3.5 - Swedish
Spybot - Search & Destroy
Stadskartan
Status
System Requirements Lab
Telia Säker Surf
Tom Clancy's Rainbow Six Vegas 2
Toolbox
TrayApp
TuneUp Utilities 2008
Uniblue RegistryBooster 2009
Unload
Unlocker 1.8.7
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957258)
Uppdatering för Windows XP (KB898461)
Uppdatering för Windows XP (KB943729)
Uppdatering för Windows XP (KB951072-v2)
Uppdatering för Windows XP (KB951978)
Uppgradering till Kartex 5.02.42
WebFldrs XP
WebReg
Webshots Desktop
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:49, on 2008-11-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:ProgramMicrosoft IntelliType Proitype.exe
C:ProgramMicrosoft IntelliPointipoint.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramPersonalbinPersonal.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe
C:WINDOWSSystem32svchost.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE
C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE
C:WINDOWSSystem32svchost.exe
C:ProgramJavajre6binjqs.exe
C:ProgramMcAfeeSiteAdvisorMcSACore.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE
C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe
C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe
C:ProgramCDBurnerXPNMSAccessU.exe
C:WINDOWSsystem32nvsvc32.exe
C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32PnkBstrB.exe
C:WINDOWSsystem32locator.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe
C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe
C:WINDOWSsystem32dllhost.exe
C:WINDOWSsystem32msdtc.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe
C:WINDOWSexplorer.exe
C:ProgramTrend MicroHijackThisTonys.exe.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll
O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe
O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe"
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe"
O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash
O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll
O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll
O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe
O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe
--
End of file - 9925 bytes
-
Hej Malou.
Tack för att du hjälper mig.
Här kommer resultatet
Antivirus Version Senaste Uppdatering Resultat
AhnLab-V3 2008.11.7.1 2008.11.07 -
AntiVir 7.9.0.26 2008.11.07 TR/Spy.Gen
Authentium 5.1.0.4 2008.11.07 W32/Heuristic-KPP!Eldorado
Avast 4.8.1248.0 2008.11.06 -
AVG 8.0.0.161 2008.11.07 Agent.AJDA
BitDefender 7.2 2008.11.07 -
CAT-QuickHeal 9.50 2008.11.07 -
ClamAV 0.94.1 2008.11.07 -
DrWeb 4.44.0.09170 2008.11.07 DLOADER.Trojan
eSafe 7.0.17.0 2008.11.06 -
eTrust-Vet 31.6.6198 2008.11.07 -
Ewido 4.0 2008.11.07 -
F-Prot 4.4.4.56 2008.11.06 W32/Heuristic-KPP!Eldorado
F-Secure 8.0.14332.0 2008.11.07 Trojan-Downloader.Win32.Agent.aoal
Fortinet 3.117.0.0 2008.11.07 -
GData 19 2008.11.07 -
Ikarus T3.1.1.45.0 2008.11.07 -
K7AntiVirus 7.10.519 2008.11.07 -
Kaspersky 7.0.0.125 2008.11.07 Trojan-Downloader.Win32.Agent.aoal
McAfee 5426 2008.11.06 -
Microsoft 1.4104 2008.11.07 -
NOD32 3595 2008.11.07 a variant of Win32/Agent.OAF
Norman 5.80.02 2008.11.07 -
Panda 9.0.0.4 2008.11.07 Suspicious file
PCTools 4.4.2.0 2008.11.07 -
Prevx1 V2 2008.11.07 Malware Downloader
Rising 21.02.42.00 2008.11.07 -
SecureWeb-Gateway 6.7.6 2008.11.07 Trojan.Spy.Gen
Sophos 4.35.0 2008.11.07 Mal/Behav-027
Sunbelt 3.1.1783.2 2008.11.05 -
Symantec 10 2008.11.07 -
TheHacker 6.3.1.1.143 2008.11.07 -
TrendMicro 8.700.0.1004 2008.11.07 -
VBA32 3.12.8.9 2008.11.06 -
ViRobot 2008.11.7.1457 2008.11.07 -
VirusBuster 4.5.11.0 2008.11.06 -
Övrig information
File size: 135168 bytes
MD5...: 5f4fb6b0baa1543ee73f134a2339703d
SHA1..: 27f92d7b8fd511af00f1b284b39a06fedb48d823
SHA256: 83f56612479b8f4a339b6f35e45d1b58a229da1dc7a77e9d2904f0a1d93102b2
SHA512: fb10974493d45f66125a31d9726b442e31bad3891e5bdc8aa52a80e267194c0d
39d8bd7977f41267f5e0fa16806f34044c2e5eb9e3f3de26b1096f47b84f304d
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10001fc1
timedatestamp.....: 0x49113276 (Wed Nov 05 05:43:18 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x150d4 0x16000 6.44 b566629051391d7469f5b66ba1d58b9f
.rdata 0x17000 0x62f9 0x7000 6.29 a4653a5c80268c9a4c38e341392316ca
.data 0x1e000 0x1498 0x1000 2.08 46eb391337a4ff9ec00d45f11c73b00a
.reloc 0x20000 0x1a94 0x2000 5.84 29b3f505ac36c7db13d25f8d7b2e0813
( 11 imports )
> ntdll.dll: _snprintf, _strnicmp, strlen, strstr, _stricmp, memcmp, atoi, _itoa, memcpy, _ultoa, tolower, memset, _chkstk, _allmul, _alldiv
> msvcrt.dll: strtok
> WS2_32.dll: -, -, WSAIoctl, -, WSAGetOverlappedResult, -, WSACreateEvent, -, WSAWaitForMultipleEvents, WSASend, WSASocketW, -, -, -, -, -, -, WSARecv
> WININET.dll: InternetConnectA, HttpAddRequestHeadersA, HttpOpenRequestA, HttpSendRequestA, InternetOpenA, HttpQueryInfoA, InternetReadFile, InternetCloseHandle, InternetOpenUrlA, InternetSetOptionA
> OLEAUT32.dll: -, -
> SHLWAPI.dll: PathFileExistsA
> KERNEL32.dll: EnterCriticalSection, GetVolumeInformationA, GetWindowsDirectoryA, GetFileTime, HeapFree, WaitNamedPipeA, FindNextFileA, SetNamedPipeHandleState, HeapAlloc, GetSystemDirectoryA, GetVersionExA, FindClose, RemoveDirectoryA, TransactNamedPipe, HeapSetInformation, HeapCreate, FindFirstFileA, HeapDestroy, FreeLibrary, CreateFileMappingA, OpenFileMappingA, UnmapViewOfFile, MapViewOfFile, ExitProcess, GetFileAttributesExA, SetFileAttributesA, CreateDirectoryA, TlsGetValue, TlsAlloc, CreateEventA, TlsSetValue, ProcessIdToSessionId, Process32Next, Process32First, WriteProcessMemory, VirtualAllocEx, Thread32Next, GetModuleHandleA, Thread32First, CreateToolhelp32Snapshot, InterlockedIncrement, InterlockedDecrement, GetCurrentThreadId, GetProcAddress, CloseHandle, OpenThread, GetCurrentProcessId, lstrcpyA, CreateFileA, WaitForMultipleObjects, GetFileSize, ReadFile, GetModuleFileNameA, GetModuleFileNameW, InitializeCriticalSection, ResetEvent, lstrcatA, GetLocalTime, WaitForSingleObject, OpenMutexA, InterlockedCompareExchange, CreateMutexA, lstrlenA, SetEvent, TerminateThread, OutputDebugStringA, Sleep, DuplicateHandle, GetExitCodeThread, ReleaseMutex, FlushFileBuffers, OpenEventA, SetUnhandledExceptionFilter, LeaveCriticalSection, GetCurrentThread, VirtualFree, GetFileInformationByHandle, GetLastError, SystemTimeToFileTime, lstrcmpiA, GetSystemTime, GetCurrentProcess, WriteFile, CreateThread, VirtualFreeEx, DisconnectNamedPipe, CreateNamedPipeA, ConnectNamedPipe, PeekNamedPipe, lstrcmpA, SetFilePointer, SetEndOfFile, GetTempFileNameA, DeleteCriticalSection, GetTempPathA, VirtualProtect, FlushInstructionCache, VirtualQuery, VirtualAlloc, SuspendThread, ResumeThread, GetThreadContext, SetThreadContext, SetLastError, lstrcmpW, MultiByteToWideChar, DeleteFileA, CreateProcessA, GetTickCount, GetFileAttributesA, LoadLibraryA, CreateRemoteThread, OpenProcess
> USER32.dll: SetForegroundWindow, ShowWindow, PeekMessageA, WaitForInputIdle, MsgWaitForMultipleObjects, GetSystemMetrics, wsprintfA, DispatchMessageA
> ADVAPI32.dll: ControlService, RegDeleteKeyA, OpenSCManagerA, RegCreateKeyExA, CloseServiceHandle, OpenServiceA, RegQueryValueExA, ChangeServiceConfigA, RegQueryInfoKeyA, RegEnumKeyExA, RegSetValueExA, RegCloseKey, RegOpenKeyExA
> SHELL32.dll: ShellExecuteA, SHGetFolderPathA
> ole32.dll: CoUninitialize, CoInitializeEx, CoCreateInstance
( 2 exports )
DllGetClassObject, EventStartup
Prevx info: http://info.prevx.com/aboutprogramtext.asp...A56E900A6DDBF82
Antivirus Version Senaste Uppdatering Resultat
AhnLab-V3 2008.11.7.1 2008.11.07 -
AntiVir 7.9.0.26 2008.11.07 -
Authentium 5.1.0.4 2008.11.07 -
Avast 4.8.1248.0 2008.11.06 -
AVG 8.0.0.161 2008.11.07 -
BitDefender 7.2 2008.11.07 -
CAT-QuickHeal 9.50 2008.11.07 -
ClamAV 0.94.1 2008.11.07 -
DrWeb 4.44.0.09170 2008.11.07 -
eSafe 7.0.17.0 2008.11.06 -
eTrust-Vet 31.6.6198 2008.11.07 -
Ewido 4.0 2008.11.07 -
F-Prot 4.4.4.56 2008.11.06 -
F-Secure 8.0.14332.0 2008.11.07 -
Fortinet 3.117.0.0 2008.11.07 -
GData 19 2008.11.07 -
Ikarus T3.1.1.45.0 2008.11.07 -
K7AntiVirus 7.10.519 2008.11.07 -
Kaspersky 7.0.0.125 2008.11.07 -
McAfee 5426 2008.11.06 -
Microsoft 1.4104 2008.11.07 -
NOD32 3595 2008.11.07 -
Norman 5.80.02 2008.11.07 -
Panda 9.0.0.4 2008.11.07 -
PCTools 4.4.2.0 2008.11.07 -
Prevx1 V2 2008.11.07 -
Rising 21.02.42.00 2008.11.07 -
SecureWeb-Gateway 6.7.6 2008.11.07 -
Sophos 4.35.0 2008.11.07 -
Sunbelt 3.1.1783.2 2008.11.05 -
Symantec 10 2008.11.07 -
TheHacker 6.3.1.1.143 2008.11.07 -
TrendMicro 8.700.0.1004 2008.11.07 -
VBA32 3.12.8.9 2008.11.06 -
ViRobot 2008.11.7.1457 2008.11.07 -
VirusBuster 4.5.11.0 2008.11.06 -
Övrig information
File size: 6144 bytes
MD5...: 7a73fdeef6cf45d27edd73220eaf1c8f
SHA1..: e3484c64bff319b0fa2618bb2f77c557dde85c55
SHA256: 83374c15875264e8e5595172b9690711928b1a27a4736506a9a8b21821fd8e53
SHA512: 02b3da927cc64a9bbc82b2888f511e2f16ccbac3b86de2e65d770d60e26f511a
e0b8952cd26dabe76dd1868a8fb225de494f6049c6e12c138858316a1c869b58
PEiD..: -
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x40127c
timedatestamp.....: 0x46647733 (Mon Jun 04 20:33:55 2007)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x754 0x800 5.60 a550b0bc8ee8e390532fdec4aa7abeb4
.data 0x2000 0x24 0x200 0.06 03cbffffede4434fbef2f26e0d64c6de
.rsrc 0x3000 0x840 0xa00 3.31 6d932478ac97bfd7cf753ed0ccd7ca77
( 3 imports )
> KERNEL32.dll: GetCommandLineW, GetModuleHandleA, GetStartupInfoW
> msvcrt.dll: __2@YAPAXI@Z, _c_exit, _exit, _XcptFilter, _cexit, exit, _wcmdln, __wgetmainargs, wcstok, wcslen, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, __setusermatherr, wcscpy, __3@YAXPAX@Z, _initterm
> MSDTCTM.dll: -
-
Hej igen.
Har nu följt Malous eminenta sida för HijackThis och tror att jag gjort rätt
Skickar med logganså ev.Malou kan titta på den.
Tack på förhandLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:59, on 2008-11-07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:ProgramMicrosoft IntelliType Proitype.exe
C:ProgramMicrosoft IntelliPointipoint.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramPersonalbinPersonal.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe
C:WINDOWSSystem32svchost.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE
C:WINDOWSSystem32svchost.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE
C:ProgramJavajre6binjqs.exe
C:ProgramMcAfeeSiteAdvisorMcSACore.exe
C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE
C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe
C:ProgramCDBurnerXPNMSAccessU.exe
C:WINDOWSsystem32nvsvc32.exe
C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32PnkBstrB.exe
C:WINDOWSsystem32locator.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe
C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe
C:WINDOWSsystem32dllhost.exe
C:WINDOWSsystem32msdtc.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe
C:ProgramInternet Exploreriexplore.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe
C:WINDOWSexplorer.exe
C:ProgramTrend MicroHijackThisTonys.exe.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll
O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe
O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe"
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe"
O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash
O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll
O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll
O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe
O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe
--
End of file - 10335 bytes
-
*********************************************
2009-01-08:
Tråden är nu låst.
Tycker du att den är felaktigt låst, var god kontakta
*********************************************
Har fått något konstigt i min dator. när jag öppnar webbläsaren -IE- så öppnas flera andra sidor samtidigt. Efter en kort stund försvinner de och min riktiga hemsida öppnas.
Har McAffe site advisor och den flaggar rött på dessa sidor.
Mitt bredbandsmodem verkar att gå hela tiden, lampan blinkar oupphörligt.
Datorn är också väldigt långsam, och det är svårt att få något att fungera.
Har "Telia säker surf" som jag har kört flera gånger men inte hittat något.
Har även kört Malwarebytes, CCleaner och Spybot- search and destroy utan resultat.
Tony.
-
Går inte att installera Framework 2 språkpaket från Microsoft update.
Står bara att installationen misslyckas.
Vad göra?.
Har även försökt att installera den direkt från Microsfts egen sida, men misslyckats.
Har det någon större betydels då min dator fungerar bra.
Tony.
-
Tack för all hjälp.
Satte i kontakten till ljudet fram, och ljudet fungerar! Fantastiskt att jag glömde detta. men det är väl åldern (62).
Tack än en gång. vad skulle man göra utan er hjälp.
Tony.
-
Alla kort som satt i gamla lådan sitter på samma plats.
Kabeln till ljuduttaget fram har jag inte kopplat in. i övrigt sitter alla saker på samma plats som tidigare.
skall kanske prova med att ta ur alla kort för att se om det blir någon ändring.
-
Har bytt till en ny datorlåda och efter det har jag inget ljud i högtalarna. I övrigt fungerar allt.
Har kört "Sound manager" , det är ASUS AC 97 ljuddrivrutiner, och den säger att alla anslutningar är okej.
Har inte gjort några förändringar med datorn förutom att ha flyttat över allt till den nya lådan.
Har kontrollera i ljuddrivrutinerna att allt är okej. När jag drar ut kontakten ur datorn så hörs det ett litet "brumljud" precis när den ska åka ut. det verkar som om allt är okej, men det låter inget
Vad är det för fel.
Tony
-
Tack Waxinator.
Har läst igenom detta, och jag tror att jag avvaktar tills vidare för att se om det kommer något från Asus eller Microsoft.
Tack för hjälpen, ni är oerhört duktiga och hjälpsamma i detta forum som jag besöker varje dag.
Tack igen.
Tony.
-
Hej.
Ja det är det. tyvärr blev jag tvungen till det, då inget annat gick oavsett vad jag provade med. Vad är APCI för något. det är tydligen det som krånglar hela tiden, även fast jag formaterat och lagt in nytt XP Pro. Hoppas någon kan gjälpa mig med detta
-
Hej.
För mig startar inte datorn överhuvudtaget efter att ha installerat Xp Sp 3. Har AMD Athlon 64 x2 4.200+ och ett A8N32-SLI Delux moderkort från Asus med tre gb ram. Går inte att komma in i felsäkert läge, kan inte backa, går inte att reparera med XP-skvan, utan det enda är att formatera om Hd.
Har nu gjort det tre gånger och ger nu upp.
Det står på blåskärmen att jag ska uppdatera BIOS och att jag har fel alt. gammal ACPI, men jag har det senaste BIOS som finns att hämta hos ASUS för detta moderkort. Datorn har tidigare fungerat klockrent.
Vad gör man? Ytterligt tacksam för hjälp från er.
Tony.
-
Hej.
Jag har XP- pro, och jag har samma problem, men det finns inget Intelppm i mitt register. vad gör jag?
-
(LÖST) Hej.
Har efter att ha haft lite problem med Winows XP SP2. försökt att köra en reparation med "SFC /scannow" men har inte lyckats. När jag startar om efter att ha kört detta får jag blåskärm.
Får gå till "felsäkert läge" för att backa systemet, för att få datorn att fungera.
Vad är det som gör att det inte fungerar?
Mvh.
Tony.
Ämnet redigerat av stenis, har förtydligat ämnet/rubriken
Ämnet flyttat av stenis
-
Ja, det är en liten "krok" på uttagskontakten samt någon"fjäder" i miniatyr för att passa i den speciella kontakten, samma på externa lådan också. det passar bara i det speciella uttaget på datorn, men enligt den manual som följde med Hd-kassetten står det att det är USB.
I manualen för moderkortet står det att kontakten heter "External SATA port. This port connects to an external SATA box or a serial ATA port multiplier".
I BIOS är allt påslaget gällande "USB support".
Tony.
-
Alla tre Hd har NTFS.
USB-kontakterna är lite speciella. det finns bara två stycken USB-kontakter på Pc´n som passar på externHd. har provat bägge två utan resultat.
Tony.
-
Det står ingentig, för den finns inte där. Jag har dragit ur sladdarna och satt i dom igen, men ingen reaktion. Har varit in i datorhanteringen för att se om den finns där, men icke.
Har fungerat klockrent tidigare.
Tony.
-
Glömde tillägga att de andra USB-anslutningarna fungerar, som t.ex. digitalkameraanslutningen och tangentbordet.
Tony.
Virus eller annat skräp i datorn
i Borttagning av virus och andra skadliga program
Postad
Hej Malou.
Här kommer loggorna.
Mvh.
Tony.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:48:38, on 2008-11-09
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32NOTEPAD.EXE
C:WINDOWSSOUNDMAN.EXE
C:ProgramMicrosoft IntelliType Proitype.exe
C:ProgramMicrosoft IntelliPointipoint.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramPersonalbinPersonal.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe
C:WINDOWSSystem32svchost.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE
C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE
C:WINDOWSSystem32svchost.exe
C:ProgramJavajre6binjqs.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE
C:ProgramMcAfeeSiteAdvisorMcSACore.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe
C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE
C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe
C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe
C:WINDOWSsystem32msiexec.exe
C:ProgramCDBurnerXPNMSAccessU.exe
C:WINDOWSsystem32nvsvc32.exe
C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32PnkBstrB.exe
C:WINDOWSsystem32locator.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe
C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
C:WINDOWSsystem32dllhost.exe
C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe
C:WINDOWSsystem32msdtc.exe
C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe
C:WINDOWSsystem32wuauclt.exe
C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe
C:WINDOWSexplorer.exe
C:ProgramTrend MicroHijackThisTonys.exe.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll
O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe
O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe"
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe"
O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash
O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll
O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...427/mcfscan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll
O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll
O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe
O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe
--
End of file - 10024 bytes
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "c:windowssystem321543.tmp" deleted successfully.
File "c:windows_DETMP.1" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.