Just nu i M3-nätverket
Gå till innehåll

Arashinho

Medlem
  • Antal inlägg

    19
  • Gick med

  • Senaste besök

  1. Jag lyckas inte avinstallera NET framework. Den har varit på 99% i typ tre timmar nu. Händer nog inget...
  2. Förstår inte riktigt den andra länken du postade, den om portarna. Jag är lite konfunderad, är osäker på hur man checkar portar men hittade en sida genom en googlesökning som checkar åt en. Skrev in t ex 80, och sen 1836 och några andra som stod med där, och sedan lite random nummers och allihopa, varenda en stod det, var Closed. Håller dock på att avinstallera net framework nu... ??? Tack för all hjälp!
  3. Usch usch, förlåt för sent svar, har inte haft tid riktigt. Men nu har jag prövat allt som du skrev, och gjorde diskrensning och installerade om, men utan resultat. Ingen felkod, den bara försöker logga in å så avbryts det, varken någon pop-up eller något meddelande, bara återgår till login-delen. Vad är fel?
  4. Hjälpte tyvärr inte... Samma problem som innan!
  5. Hejsan. Jag har sedan någon vecka tillbaka inte kunnat logga in på MSN. Allt började med denna tråd: //eforum.idg.se/topic/218930-min-otroliga-dator-blev-skit-under-en-natt-hjalp/page__st__20 Jag fick hjälp, och lyckades lösa problemet men därefter har jag inte lyckats logga in på MSN (Windows Live Messenger). I början fick jag ett felmeddelande och en kod för felsökning, men den hittade jag inget intressant med, utom att jag skulle söka efter en fil som det fanns två av, och radera den ena, vilket jag gjorde. Den enda skillnaden var att felmeddelandet försvann, och nu försöker den logga in en stund och sedan bara försvinner inloggningsfönstret och det återgår till det normala. Vad ska jag göra? Börjar bli rejält frustrerande och jag saknar mina vänner på msn! Haha. Otroligt tacksam för hjälp!
  6. Sååå! Tack så otroligt mycket! Du har botat min dator och räddat mina kommande veckor/månader/ja vad vet jag! Tack så hemskt mycket, otroligt schysst! CPU-användningen drar ner på 1-2% när jag inte laddar någonting och det fungerar prima! Tack :-)
  7. Sådär! Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 16:55:52, on 2010-03-21 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\Alwil Software\Avast4\aswUpdSv.exe C:\Program\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe C:\Program\ASUS\AI Direct Link\AsShare.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\DeltTray.exe C:\Program\ALWILS~1\Avast4\ashDisp.exe C:\Program\Java\jre6\bin\jusched.exe C:\Program\Bonjour\mDNSResponder.exe C:\Program\Firebird\Firebird_2_1\bin\fbguard.exe C:\Program\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\nvsvc32.exe C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe C:\Documents and Settings\Ägaren\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Program\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\svchost.exe C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Program\Alwil Software\Avast4\ashMaiSv.exe C:\Program\Alwil Software\Avast4\ashWebSv.exe C:\Program\Firebird\Firebird_2_1\bin\fbserver.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskmgr.exe C:\Program\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [Launch Direct Link] "C:\Program\ASUS\AI Direct Link\AsShare.exe" O4 - HKLM\..\Run: [Launch As Cmd Runner] "C:\Program\ASUS\AI Direct Link\AsCmd.exe" -reg O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Ägaren\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [msnmsgr] "C:\Program\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1215807132411 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 8575 bytes
  8. http://sprend.com/download.jsp?FileId=8AXGMhvGvMmW4WbdjqeV Där är den. Otroligt stort tack för att du tar din tid. Grovt tacksam!
  9. Fil syspck32.exe mottagen 2010.03.21 14:15:11 (UTC) Närvarande status: genomförd Resultat: 9/42 (21.43%) Compact Skriv ut resultat Antivirus Version Senaste Uppdatering Resultat a-squared 4.5.0.50 2010.03.21 Trojan-Proxy.Win32.Small!IK AhnLab-V3 5.0.0.2 2010.03.20 - AntiVir 8.2.1.196 2010.03.19 - Antiy-AVL 2.0.3.7 2010.03.19 - Authentium 5.2.0.5 2010.03.21 - Avast 4.8.1351.0 2010.03.21 - Avast5 5.0.332.0 2010.03.21 - AVG 9.0.0.787 2010.03.21 - BitDefender 7.2 2010.03.21 - CAT-QuickHeal 10.00 2010.03.19 - ClamAV 0.96.0.0-git 2010.03.20 - Comodo 4340 2010.03.21 - DrWeb 5.0.1.12222 2010.03.21 Trojan.Botnetlog.126 eSafe 7.0.17.0 2010.03.18 - eTrust-Vet 35.2.7376 2010.03.19 - F-Prot 4.5.1.85 2010.03.21 - F-Secure 9.0.15370.0 2010.03.21 - Fortinet 4.0.14.0 2010.03.20 - GData 19 2010.03.21 - Ikarus T3.1.1.80.0 2010.03.21 Trojan-Proxy.Win32.Small Jiangmin 13.0.900 2010.03.21 - K7AntiVirus 7.10.1002 2010.03.19 - Kaspersky 7.0.0.125 2010.03.21 Trojan-Proxy.Win32.Small.afp McAfee 5926 2010.03.20 - McAfee+Artemis 5926 2010.03.20 - McAfee-GW-Edition 6.8.5 2010.03.21 - Microsoft 1.5605 2010.03.21 - NOD32 4962 2010.03.21 Win32/TrojanDownloader.Bredolab.BE Norman 6.04.09 2010.03.21 - nProtect 2009.1.8.0 2010.03.21 - Panda 10.0.2.2 2010.03.20 - PCTools 7.0.3.5 2010.03.21 - Prevx 3.0 2010.03.21 - Rising 22.39.06.01 2010.03.21 - Sophos 4.51.0 2010.03.21 Mal/Generic-L Sunbelt 6007 2010.03.21 BehavesLike.Win32.Malware (v) Symantec 20091.2.0.41 2010.03.21 Suspicious.Insight TheHacker 6.5.2.0.241 2010.03.21 - TrendMicro 9.120.0.1004 2010.03.21 TROJ_BREDOLB.SMF VBA32 3.12.12.2 2010.03.19 - ViRobot 2010.3.19.2236 2010.03.20 - VirusBuster 5.0.27.0 2010.03.20 - Övrig information File size: 16896 bytes MD5 : 8fa9dc9b87e2338d893e02f032ff6725 SHA1 : e0c38e912cdc298044ac92c8c12f67919e516ef7 SHA256: f51155735edb6d2f904fcb0e4beb03133e53f6223be6bba4500c3a15a1d30349 PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1000 timedatestamp.....: 0x4BA3A79C (Fri Mar 19 17:34:36 2010) machinetype.......: 0x14C (Intel I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x32A 0x400 5.09 e91efecaa2bb3afb978212a45304e3a2 .rdata 0x2000 0x136 0x200 2.69 4ea7a6ccfb86799a6dc349f7bd098d6d .data 0x3000 0x1E3 0x200 2.67 59f920b68e942758f1821eb94aa840f7 .rsrc 0x4000 0x3590 0x3600 7.79 4cba504f5b7e4847f6142253a1fa239f ( 3 imports ) > advapi32.dll: BackupEventLogA > kernel32.dll: LoadLibraryA, ReadFile, GetModuleFileNameA, CreateFileA, CloseHandle > user32.dll: AppendMenuA ( 0 exports ) TrID : File type identification Win32 Executable Generic (57.6%) Win32 Executable MS Visual FoxPro 7 (15.2%) Generic Win/DOS Executable (13.5%) DOS Executable Generic (13.5%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) ssdeep: 384:rG7epDBg03SyDcEq1Dgrh60qUT62Iu17UmxkrYaXVK3z9jf1Y:ry03SyDq1sl5WwuYaXo3ztf1Y sigcheck: publisher....: Flint copyright....: Flint product......: Test description..: Test original name: test.exe internal name: Test file version.: 1.0 comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEiD : - RDS : NSRL Reference Data Set
  10. Fil wuaucldt.exe mottagen 2010.03.21 15:18:11 (UTC) Resultat: 10/42 (23.81%) Antivirus Version Senaste Uppdatering Resultat a-squared4.5.0.502010.03.21-AhnLab-V35.0.0.22010.03.20-AntiVir8.2.1.1962010.03.19-Antiy-AVL2.0.3.72010.03.19-Authentium5.2.0.52010.03.21-Avast4.8.1351.02010.03.21-Avast55.0.332.02010.03.21-AVG9.0.0.7872010.03.21-BitDefender7.22010.03.21-CAT-QuickHeal10.002010.03.19-ClamAV0.96.0.0-git2010.03.20-Comodo43402010.03.21TrojWare.Win32.Trojan.Agent.GenDrWeb5.0.1.122222010.03.21Trojan.DownLoad1.34432eSafe7.0.17.02010.03.18-eTrust-Vet35.2.73762010.03.19-F-Prot4.5.1.852010.03.21-F-Secure9.0.15370.02010.03.21-Fortinet4.0.14.02010.03.20-GData192010.03.21-IkarusT3.1.1.80.02010.03.21-Jiangmin13.0.9002010.03.21-K7AntiVirus7.10.10022010.03.19-Kaspersky7.0.0.1252010.03.21-McAfee59262010.03.20-McAfee+Artemis59262010.03.20Artemis!5787CCD0501FMcAfee-GW-Edition6.8.52010.03.21-Microsoft1.56052010.03.21-NOD3249622010.03.21Win32/Wigon.NNNorman6.04.092010.03.21-nProtect2009.1.8.02010.03.21-Panda10.0.2.22010.03.21-PCTools7.0.3.52010.03.21HeurEngine.ZeroDayThreatPrevx3.02010.03.21High Risk Cloaked MalwareRising22.39.06.012010.03.21-Sophos4.51.02010.03.21Sus/UnkPack-CSunbelt60082010.03.21-Symantec20091.2.0.412010.03.21Suspicious.DLoaderTheHacker6.5.2.0.2412010.03.21Trojan/FakeAV.genTrendMicro9.120.0.10042010.03.21Cryp_Xin1VBA323.12.12.22010.03.19-ViRobot2010.3.19.22362010.03.20-VirusBuster5.0.27.02010.03.20- Övrig information File size: 29764 bytesMD5...: 5787ccd0501f2c73675bbc2ae8939f74SHA1..: 418fb6e07da35a273f0774dc3c1419a766d4ca7cSHA256: 3fdd06a20eba15999cd9cfd6023267dc13f945bb867e84dcb90fd7565164394assdeep: 384:hacDB3Mzq7T7WqV0JjoH5S2WDTqFtWEfqQUUbnZVwGRkhxuoBwS+x1y5DDB4 K50k:/zT7z0J25/FtLibUrZaGRkWSRY33k PEiD..: -PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x3ae timedatestamp.....: 0x4ba3bda0 (Fri Mar 19 18:08:32 2010) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x300 0x29e 0x300 5.68 957eb4a62a0955ec52cd46d40d4781e9 .rdata 0x600 0x12c 0x200 2.81 3e5a7b8fe037d1d3173a6e8ee60d77e3 .data 0x800 0x3c 0x100 1.39 3f4d73901242ed1c5d970c58acf0be19 .rsrc 0x900 0xd60 0xe00 4.68 1d8eef4be1fe0a522b661be48acc7d9f .text 0x1700 0x5e00 0x5e00 7.63 2a671c635e870158bd5d6c0a3d75da4b ( 2 imports ) > kernel32.dll: CreateThread, ExitProcess, GetCurrentProcess, GetLastError, GetModuleHandleA, SleepEx, WaitForSingleObject > psapi.dll: EnumPageFilesA ( 0 exports ) RDS...: NSRL Reference Data Set -pdfid.: -trid..: Win32 Executable Generic (58.4%) DOS Executable Borland Pascal 7.0x (13.9%) Generic Win/DOS Executable (13.7%) DOS Executable Generic (13.6%) Sybase iAnywhere database files (0.1%)sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned
  11. Jaså, här har du loggen! ' Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 15:55:10, on 2010-03-21 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\Alwil Software\Avast4\aswUpdSv.exe C:\Program\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Bonjour\mDNSResponder.exe C:\Program\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\svchost.exe C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Program\Alwil Software\Avast4\ashMaiSv.exe C:\Program\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskmgr.exe C:\Program\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [Launch Direct Link] "C:\Program\ASUS\AI Direct Link\AsShare.exe" O4 - HKLM\..\Run: [Launch As Cmd Runner] "C:\Program\ASUS\AI Direct Link\AsCmd.exe" -reg O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Ägaren\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [syncman] c:\documents and settings\Ägaren\wuaucldt.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: syspck32.exe O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1215807132411 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 7922 bytes
  12. Den finns inte. Finns bara fram till c:\windows\system32\config\systemprofile\ men ingen Application Data elelr jasltw.dat. Hittar det inte heller efter en sökning.
  13. OJDÅ! Nu är CPU-användningen på ca 1-3% igen. Fan vad gött! Är det ComboFix som fixat det och är problemet löst tror du eller lär det återkomma??? EDIT: Kanske aningen mer då jag startar program. Med ett spel uppe hamnar den på runt 20%. Minns faktiskt inte om det var så förut. Har 3.0 GHz processor...
  14. ComboFix 10-03-20.04 - Ägaren 2010-03-21 15:06:05.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.2046.1604 [GMT 1:00] Körs från: c:\documents and settings\Ägaren\Skrivbord\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 100321-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program\DaemonTools_WhenUSave_Installer C:\system.txt c:\windows\eSellerateEngine.dll c:\windows\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd c:\windows\system32\drivers\cdrom.sys was missing Återställd kopia från - c:\windows\ServicePackFiles\i386\cdrom.sys . (((((((((((((((((((((((( Filer Skapade från 2010-02-21 till 2010-03-21 )))))))))))))))))))))))))))))) . 2010-03-21 14:10 . 2008-04-13 18:40 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys 2010-03-21 10:02 . 2010-03-21 10:02 -------- d-----w- c:\program\TrendMicro 2010-03-20 20:38 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-20 20:38 . 2010-03-20 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-03-20 20:38 . 2010-03-20 20:38 -------- d-----w- c:\program\Malwarebytes' Anti-Malware 2010-03-20 20:38 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-16 16:05 . 2010-03-16 16:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-21 10:06 . 2008-07-16 20:30 -------- d-----w- c:\program\Steam 2010-03-20 20:35 . 2010-03-20 20:35 12 ----a-w- c:\windows\system32\config\systemprofile\Application Data\jasltw.dat 2010-03-16 06:55 . 2008-09-14 08:52 -------- d-----w- c:\program\Electronic Arts 2010-03-15 14:24 . 2008-08-10 02:47 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-03-11 20:22 . 2008-09-13 22:42 -------- d-----w- c:\program\World of Warcraft 2010-03-11 20:12 . 2009-07-24 20:58 -------- d-----w- c:\program\Veetle 2009-06-30 23:10 . 2009-06-30 23:10 1678687 ----a-w- c:\program\WinRAR.rar 2009-06-30 23:09 . 2009-06-30 23:09 1956262 ----a-w- c:\program\Internet Explorer.rar 2008-07-27 12:45 . 2008-07-27 12:06 24 --sh--w- c:\windows\S2E1A2134.tmp . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* Tomma poster & legitima standardposter visas inte. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Ägaren\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-03 133104] "Octoshape Streaming Services"="c:\documents and settings\Ägaren\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936] "syncman"="c:\documents and settings\Ägaren\wuaucldt.exe" [2010-03-20 29764] "msnmsgr"="c:\program\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552] "Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 1426432] "CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 626176] "Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 880640] "Launch Direct Link"="c:\program\ASUS\AI Direct Link\AsShare.exe" [2007-08-20 1209856] "Launch As Cmd Runner"="c:\program\ASUS\AI Direct Link\AsCmd.exe" [2007-04-11 376832] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2008-01-03 13508608] "nwiz"="nwiz.exe" [2008-01-03 1626112] "NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2008-01-03 86016] "DeltTray"="DeltTray.exe" [2004-08-26 56320] "avast!"="c:\program\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-06-27 148888] "QuickTime Task"="c:\program\QuickTime\qttask.exe" [2009-01-05 413696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Žgaren\Start-meny\Program\Autostart\ syspck32.exe [2008-4-14 16896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-03-26 13:11 177472 ----a-w- c:\program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2009-01-07 19:46 1468296 ----a-w- c:\program\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-04-02 14:11 342312 ----a-w- c:\program\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2009-01-07 19:23 1496968 ----a-w- c:\program\Microsoft IntelliType Pro\itype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 15:44 3883840 ----a-w- c:\program\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-02-20 08:34 1217872 ----a-w- c:\program\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WLSetupSvc"=3 (0x3) "usnjsvc"=3 (0x3) "gusvc"=3 (0x3) "Apple Mobile Device"=2 (0x2) "ALG"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program\\Messenger\\msmsgs.exe"= "c:\\Program\\uTorrent\\uTorrent.exe"= "c:\\Program\\Warcraft III\\Warcraft III.exe"= "c:\\Program\\TVUPlayer\\TVUPlayer.exe"= "c:\\Program\\Bonjour\\mDNSResponder.exe"= "c:\\Program\\iTunes\\iTunes.exe"= "c:\\Program\\LimeWire\\LimeWire.exe"= "c:\\Program\\Steam\\steamapps\\arretino\\counter-strike source\\hl2.exe"= "c:\\Program\\Mozilla Firefox\\firefox.exe"= "c:\\Documents and Settings\\Ägaren\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"= "c:\\Program\\World of Warcraft\\WoW-2.4.2-enGB-downloader.exe"= "c:\\Program\\World of Warcraft\\WoW-2.4.3-to-3.0.2-enGB-Win-Final-downloader.exe"= "c:\\Program\\SmartFTP Client\\SmartFTP.exe"= "c:\\Program\\Spotify\\spotify.exe"= "c:\\Program\\Steam\\steamapps\\common\\Spotify\\spotify.exe"= "c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"= "c:\\Program\\SopCast\\adv\\SopAdver.exe"= "c:\\Program\\SopCast\\SopCast.exe"= "c:\\Program\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"= "c:\\Program\\World of Warcraft\\Launcher.exe"= "c:\\Program\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"= "c:\\Program\\Ventrilo\\Ventrilo.exe"= "c:\\Program\\Steam\\steamapps\\drba\\counter-strike\\hl.exe"= "c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Documents and Settings\\Ägaren\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"= "c:\\Program\\World of Warcraft\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"= "c:\\Program\\Activision\\Modern Warfare 2\\iw4sp.exe"= "c:\\Program\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"= "c:\\Program\\Steam\\steamapps\\common\\football manager 2010\\fm.exe"= "c:\\Program\\World of Warcraft\\BackgroundDownloader.exe"= "c:\\Program\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"= "c:\\Program\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-11 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-17 20560] R3 PRISM;D-Link Wireless LAN Driver;c:\windows\system32\drivers\PRISMNDS.sys [2008-07-11 50176] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-07-19 682232] S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance --> c:\program\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance [?] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance --> c:\program\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance [?] . Innehållet i mappen 'Schemalagda aktiviteter': 2010-02-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34] . . ------- Extra genomsökning ------- . uStart Page = hxxp://www.plusnetwork.com uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local LSP: %SYSTEMROOT%\system32\nvappfilter.dll Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program\CoreFTP\pftpns.dll DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\Ägaren\Application Data\Mozilla\Firefox\Profiles\cewxntbe.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.svenskafans.com/italien/juventus/forum.asp FF - plugin: c:\program\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\program\Veetle\Player\npvlc.dll FF - plugin: c:\program\Veetle\plugins\npVeetle.dll FF - plugin: c:\program\Veetle\VLCBroadcast\npvbp.dll ---- FIREFOX POLICY ---- c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - HKLM-Run-syncman - c:\windows\system32\wuaucldt.exe MSConfigStartUp-Turbine Download Manager Tray Icon - c:\program\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe AddRemove-4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1 - c:\program\Codemasters\The Lord of the Rings Online\unins000.exe AddRemove-Trickster Online - c:\trickster online\uninst.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-21 15:10 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LÅSTA REGISTERNYCKLAR --------------------- [HKEY_USERS\S-1-5-21-746137067-606747145-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7579F778-D423-9B3A-F92D-F4258097AF52}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iakjdnpnjemlfhebib"=hex:6a,61,6a,6d,6e,70,6f,63,6a,6f,68,6c,69,6c,70,68,6b,6b, 6f,6c,00,00 "hamigdnnmgpmnplb"=hex:69,61,6b,6d,63,61,70,66,69,61,70,66,66,65,69,64,68,66, 00,00 . --------------------- DLLer som "laddats" under processer som körs --------------------- - - - - - - - > 'lsass.exe'(888) c:\windows\system32\nvappfilter.dll . Sluttid: 2010-03-21 15:13:20 ComboFix-quarantined-files.txt 2010-03-21 14:13 Före genomsökningen: 323 843 518 464 byte ledigt Efter genomsökningen: 329 299 562 496 byte ledigt WindowsXP-KB310994-SP2-Home-BootDisk-SVE.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 8D21C98D82B3C1CC041556F0D3642303
×
×
  • Skapa nytt...