Just nu i M3-nätverket
Jump to content

Maryloo

Medlem
  • Content count

    46
  • Joined

  • Last visited

1 Follower

About Maryloo

  • Rank
    Användare
  1. Hjälp med översättning från svenska till latin

    Här hittar du en del fraser http://sv.wikipedia.org/wiki/Lista_%C3%B6ver_latinska_ordspr%C3%A5k_och_tales%C3%A4tt och här också http://www.johny.nu/citat.asp?val=6
  2. Jag har semster nu och behöver inte heler upp tidigt men nu ramlar jag snart av stolen. Pussar och kramar till dig som hjälpt mig så mycket.
  3. Jodå jag har startat om och allt verkar vara ok nu. Hur tar jag bort MBRcheck.exe, Mbr, TDSkiller och TFC ? Förresten sover du aldrig ?
  4. Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys atapi.sys hal.dll atiide.sys PCIIDEX.SYS kernel: MBR read successfully user & kernel MBR OK ******** MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x0000000d Kernel Drivers (total 142): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806E4000 \WINDOWS\system32\hal.dll 0xF7B04000 \WINDOWS\system32\KDCOM.DLL 0xF7A14000 \WINDOWS\system32\BOOTVID.dll 0xF74E3000 fltmgr.sys 0xF74B5000 ACPI.sys 0xF7B06000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xF74A4000 pci.sys 0xF7604000 isapnp.sys 0xF7BCC000 pciide.sys 0xF7884000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS 0xF7614000 MountMgr.sys 0xF7485000 ftdisk.sys 0xF7B08000 dmload.sys 0xF745F000 dmio.sys 0xF788C000 PartMgr.sys 0xF7BCD000 atiide.sys 0xF7624000 VolSnap.sys 0xF7447000 atapi.sys 0xF7634000 disk.sys 0xF7644000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xF7435000 sr.sys 0xF73D8000 mfehidk.sys 0xF739F000 PCTCore.sys 0xF7389000 DRVMCDB.SYS 0xF7654000 PxHelp20.sys 0xF7372000 KSecDD.sys 0xF735F000 WudfPf.sys 0xF72D2000 Ntfs.sys 0xF72A5000 NDIS.sys 0xF728B000 Mup.sys 0xF7714000 \SystemRoot\system32\DRIVERS\intelppm.sys 0xF6D7E000 \SystemRoot\system32\DRIVERS\ati2mtag.sys 0xF6D6A000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xF7724000 \SystemRoot\system32\DRIVERS\imapi.sys 0xF7B4C000 \SystemRoot\System32\Drivers\DLACDBHM.SYS 0xF7734000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xF7744000 \SystemRoot\system32\DRIVERS\redbook.sys 0xF6D47000 \SystemRoot\system32\DRIVERS\ks.sys 0xF7984000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys 0xF798C000 \SystemRoot\system32\DRIVERS\usbohci.sys 0xF6D23000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xF7994000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xF6CFB000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0xF799C000 \SystemRoot\system32\DRIVERS\fdc.sys 0xF6CE7000 \SystemRoot\system32\DRIVERS\parport.sys 0xF7754000 \SystemRoot\system32\DRIVERS\serial.sys 0xF723E000 \SystemRoot\system32\DRIVERS\serenum.sys 0xF7764000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys 0xF7CCB000 \SystemRoot\system32\DRIVERS\audstub.sys 0xF6CD3000 \SystemRoot\system32\DRIVERS\mfendisk.sys 0xF7774000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xF7236000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xF6CBC000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xF7784000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xF7794000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xF79A4000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xF6CAB000 \SystemRoot\system32\DRIVERS\psched.sys 0xF77A4000 \SystemRoot\system32\DRIVERS\msgpc.sys 0xF6C87000 \SystemRoot\system32\drivers\mfeavfk.sys 0xF6C14000 \SystemRoot\system32\drivers\mfefirek.sys 0xF79AC000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xF79B4000 \SystemRoot\system32\DRIVERS\raspti.sys 0xF6BE4000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xF77B4000 \SystemRoot\system32\DRIVERS\termdd.sys 0xF79BC000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xF79C4000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xF7B50000 \SystemRoot\system32\DRIVERS\swenum.sys 0xF6B5E000 \SystemRoot\system32\DRIVERS\update.sys 0xF7AD0000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xF77C4000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xF77F4000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xF7B58000 \SystemRoot\system32\DRIVERS\USBD.SYS 0xEEA37000 \SystemRoot\system32\drivers\ADIHdAud.sys 0xEEA13000 \SystemRoot\system32\drivers\portcls.sys 0xF7804000 \SystemRoot\system32\drivers\drmk.sys 0xEE9B3000 \SystemRoot\system32\drivers\Senfilt.sys 0xF79CC000 \SystemRoot\system32\DRIVERS\flpydisk.sys 0xF7256000 \SystemRoot\System32\Drivers\i2omgmt.SYS 0xF7252000 \SystemRoot\system32\DRIVERS\hidusb.sys 0xF7824000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0xF79D4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0xF724E000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0xF7246000 \SystemRoot\system32\DRIVERS\mouhid.sys 0xEE9A0000 \SystemRoot\system32\DRIVERS\MOBK.sys 0xF7B5E000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xF7CCA000 \SystemRoot\System32\Drivers\Null.SYS 0xF7B60000 \SystemRoot\System32\Drivers\Beep.SYS 0xF79E4000 \SystemRoot\System32\Drivers\DLARTL_M.SYS 0xF79EC000 \SystemRoot\System32\drivers\vga.sys 0xF7B62000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xF7B64000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xF79F4000 \SystemRoot\System32\Drivers\Msfs.SYS 0xF79FC000 \SystemRoot\System32\Drivers\Npfs.SYS 0xF6C83000 \SystemRoot\system32\DRIVERS\rasacd.sys 0xEE96D000 \SystemRoot\system32\DRIVERS\ipsec.sys 0xEE914000 \SystemRoot\system32\DRIVERS\tcpip.sys 0xEE901000 \SystemRoot\system32\drivers\mfetdi2k.sys 0xEE8B3000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xEE88B000 \SystemRoot\system32\DRIVERS\netbt.sys 0xF6C73000 \SystemRoot\System32\drivers\ws2ifsl.sys 0xEE869000 \SystemRoot\System32\drivers\afd.sys 0xF7844000 \SystemRoot\system32\DRIVERS\netbios.sys 0xEE83E000 \SystemRoot\system32\DRIVERS\rdbss.sys 0xEE7CE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xF7854000 \SystemRoot\System32\Drivers\Fips.SYS 0xF7864000 \SystemRoot\system32\DRIVERS\wanarp.sys 0xF7674000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xEE78E000 \SystemRoot\System32\Drivers\dump_atapi.sys 0xF7B70000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS 0xBF800000 \SystemRoot\System32\win32k.sys 0xF6BBC000 \SystemRoot\System32\drivers\Dxapi.sys 0xF789C000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xF7C4E000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF012000 \SystemRoot\System32\ati2dvag.dll 0xBF055000 \SystemRoot\System32\ati2cqag.dll 0xBF09D000 \SystemRoot\System32\atikvmag.dll 0xBF0E3000 \SystemRoot\System32\ati3duag.dll 0xBF331000 \SystemRoot\System32\ativvaxx.dll 0xF6AEE000 \SystemRoot\System32\Drivers\DRVNDDM.SYS 0xF7CFA000 \SystemRoot\System32\DLA\DLADResM.SYS 0xEC436000 \SystemRoot\System32\DLA\DLAIFS_M.SYS 0xF78CC000 \SystemRoot\System32\DLA\DLAOPIOM.SYS 0xF7B7E000 \SystemRoot\System32\DLA\DLAPoolM.SYS 0xF78D4000 \SystemRoot\System32\DLA\DLABMFSM.SYS 0xF78DC000 \SystemRoot\System32\DLA\DLABOIOM.SYS 0xEC420000 \SystemRoot\System32\DLA\DLAUDFAM.SYS 0xEC409000 \SystemRoot\System32\DLA\DLAUDF_M.SYS 0xEC472000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xEC0FC000 \SystemRoot\system32\drivers\wdmaud.sys 0xEC239000 \SystemRoot\system32\drivers\sysaudio.sys 0xEB8EB000 \SystemRoot\system32\DRIVERS\mrxdav.sys 0xEB664000 \SystemRoot\system32\DRIVERS\srv.sys 0xEC139000 \SystemRoot\system32\drivers\cfwids.sys 0xF7A04000 \??\C:\Program\Spyware Doctor\PCTSDInj32.sys 0xBA33E000 \SystemRoot\System32\Drivers\Fastfat.SYS 0xBA1E5000 \SystemRoot\System32\Drivers\HTTP.sys 0xF793C000 \??\C:\DOCUME~1\MARIE-~1\LOKALA~1\Temp\mbr.sys 0xB9B87000 \SystemRoot\system32\drivers\mfeapfk.sys 0xB9B5C000 \SystemRoot\system32\drivers\kmixer.sys 0x7C900000 \WINDOWS\system32\ntdll.dll Processes (total 58): 0 System Idle Process 4 System 960 C:\WINDOWS\system32\smss.exe 1012 C:\WINDOWS\system32\csrss.exe 1040 C:\WINDOWS\system32\winlogon.exe 1084 C:\WINDOWS\system32\services.exe 1096 C:\WINDOWS\system32\lsass.exe 1292 C:\WINDOWS\system32\ati2evxx.exe 1312 C:\WINDOWS\system32\svchost.exe 1412 C:\WINDOWS\system32\svchost.exe 1556 C:\WINDOWS\system32\svchost.exe 1596 C:\WINDOWS\system32\svchost.exe 1656 C:\WINDOWS\system32\svchost.exe 1840 C:\WINDOWS\system32\svchost.exe 1924 C:\WINDOWS\system32\ati2evxx.exe 156 C:\WINDOWS\system32\spoolsv.exe 588 C:\WINDOWS\explorer.exe 912 C:\Program\Analog Devices\Core\smax4pnp.exe 932 C:\Program\Delade filer\InstallShield\UpdateService\issch.exe 944 C:\Program\ATI Technologies\ATI.ACE\CLI.exe 948 C:\Program\CyberLink\PowerDVD DX\PDVDDXSrv.exe 984 C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe 1004 C:\Program\Delade filer\Real\Update_OB\realsched.exe 140 C:\Program\Roxio\Drag-to-Disc\DrgToDsc.exe 1164 C:\Program\Samsung\Samsung Media Studio 5\SMSTray.exe 204 C:\Program\MarkAny\ContentSafer\MaAgent.exe 1356 C:\Program\iTunes\iTunesHelper.exe 1364 C:\Program\McAfee.com\Agent\mcagent.exe 1320 C:\Program\Spyware Doctor\pctsTray.exe 1472 C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 1520 C:\Program\Halebop SMS i datorn för Outlook Express\eSMS Executive Windows.exe 1668 C:\Program\OLYMPUS\OLYMPUS Master 2\MMonitor.exe 1684 C:\Program\Microsoft ActiveSync\wcescomm.exe 1740 C:\WINDOWS\system32\ctfmon.exe 1812 C:\Program\Adobe\Acrobat 6.0\Distillr\acrotray.exe 2004 C:\Program\MI3AA1~1\rapimgr.exe 456 C:\Program\Personal\bin\Personal.exe 544 C:\Program Files\FinePixViewer\QuickDCF2.exe 892 C:\WINDOWS\system32\svchost.exe 2092 C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2128 C:\WINDOWS\system32\bgsvcgen.exe 2156 C:\Program\Bonjour\mDNSResponder.exe 2200 C:\Program\Spyware Doctor\BDT\BDTUpdateService.exe 2600 C:\Program\Java\jre6\bin\jqs.exe 2664 C:\Program\Delade filer\Mcafee\McSvcHost\McSvHost.exe 2928 C:\Program\Delade filer\Mcafee\SystemCore\mfevtps.exe 2940 C:\Program\McAfee Online Backup\MOBKbackup.exe 3020 C:\Program\Spyware Doctor\pctsAuxs.exe 3120 C:\Program\Spyware Doctor\pctsSvc.exe 3392 C:\WINDOWS\system32\svchost.exe 3556 C:\Program\Delade filer\Mcafee\SystemCore\mcshield.exe 3644 C:\Program\Delade filer\Mcafee\SystemCore\mfefire.exe 2540 C:\Program\ATI Technologies\ATI.ACE\CLI.exe 2060 C:\Program\iPod\bin\iPodService.exe 4152 C:\WINDOWS\system32\alg.exe 4576 C:\Program\Internet Explorer\iexplore.exe 1460 C:\WINDOWS\system32\wscntfy.exe 4780 C:\Documents and Settings\Marie-Louise\Skrivbord\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`04699200 (NTFS) PhysicalDrive0 Model Number: ST3160812AS, Rev: 3.ADJ Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 Windows XP MBR code detected SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A Done!
  5. Du har en ängels tålamod Här är rapporten: 2010/08/18 19:11:28.0703 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23 2010/08/18 19:11:28.0703 ================================================================================ 2010/08/18 19:11:28.0703 SystemInfo: 2010/08/18 19:11:28.0703 2010/08/18 19:11:28.0703 OS Version: 5.1.2600 ServicePack: 3.0 2010/08/18 19:11:28.0703 Product type: Workstation 2010/08/18 19:11:28.0703 ComputerName: DHF7B03J 2010/08/18 19:11:28.0703 UserName: Marie-Louise 2010/08/18 19:11:28.0703 Windows directory: C:\WINDOWS 2010/08/18 19:11:28.0703 System windows directory: C:\WINDOWS 2010/08/18 19:11:28.0703 Processor architecture: Intel x86 2010/08/18 19:11:28.0703 Number of processors: 2 2010/08/18 19:11:28.0703 Page size: 0x1000 2010/08/18 19:11:28.0703 Boot type: Normal boot 2010/08/18 19:11:28.0703 ================================================================================ 2010/08/18 19:11:28.0984 Initialize success 2010/08/18 19:11:32.0656 ================================================================================ 2010/08/18 19:11:32.0656 Scan started 2010/08/18 19:11:32.0656 Mode: Manual; 2010/08/18 19:11:32.0656 ================================================================================ 2010/08/18 19:11:33.0437 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 2010/08/18 19:11:33.0531 ACPI (48547e29772befe3c554ff5e4855bf51) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/08/18 19:11:33.0562 ACPIEC (decedc736cef3c0fff6e981b31e73a61) C:\WINDOWS\system32\drivers\ACPIEC.sys 2010/08/18 19:11:33.0640 ADIHdAudAddService (f959f333a01f5c109e9d644c3bd8301c) C:\WINDOWS\system32\drivers\ADIHdAud.sys 2010/08/18 19:11:33.0718 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 2010/08/18 19:11:33.0781 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/08/18 19:11:33.0843 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/08/18 19:11:33.0906 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 2010/08/18 19:11:33.0921 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 2010/08/18 19:11:33.0953 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 2010/08/18 19:11:33.0968 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 2010/08/18 19:11:34.0000 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 2010/08/18 19:11:34.0031 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 2010/08/18 19:11:34.0046 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 2010/08/18 19:11:34.0078 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 2010/08/18 19:11:34.0125 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 2010/08/18 19:11:34.0187 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 2010/08/18 19:11:34.0218 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 2010/08/18 19:11:34.0281 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 2010/08/18 19:11:34.0375 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/08/18 19:11:34.0406 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/08/18 19:11:34.0546 ati2mtag (6733656c24f4c6a29317c3dd9ac5980a) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2010/08/18 19:11:34.0640 atiide (1842b56b3d3f195c36f62708d266b95e) C:\WINDOWS\system32\DRIVERS\atiide.sys 2010/08/18 19:11:34.0687 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/08/18 19:11:34.0750 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/08/18 19:11:34.0796 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys 2010/08/18 19:11:34.0828 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/08/18 19:11:34.0906 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 2010/08/18 19:11:34.0921 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/08/18 19:11:34.0984 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 2010/08/18 19:11:35.0031 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/08/18 19:11:35.0109 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/08/18 19:11:35.0125 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/08/18 19:11:35.0234 cfwids (44e4a7dded054dd55ae995c3aed719ae) C:\WINDOWS\system32\drivers\cfwids.sys 2010/08/18 19:11:35.0328 CmdIde (4c36a458153f8d7329e96192e653cb01) C:\WINDOWS\system32\DRIVERS\cmdide.sys 2010/08/18 19:11:35.0406 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 2010/08/18 19:11:35.0562 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 2010/08/18 19:11:35.0687 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 2010/08/18 19:11:35.0765 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/08/18 19:11:35.0828 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS 2010/08/18 19:11:35.0843 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 2010/08/18 19:11:35.0875 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 2010/08/18 19:11:35.0890 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS 2010/08/18 19:11:35.0921 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 2010/08/18 19:11:35.0953 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 2010/08/18 19:11:35.0984 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 2010/08/18 19:11:36.0015 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS 2010/08/18 19:11:36.0046 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 2010/08/18 19:11:36.0078 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 2010/08/18 19:11:36.0171 dmboot (80008bd0c19d97b0b3f4d1d9cbf190a8) C:\WINDOWS\system32\drivers\dmboot.sys 2010/08/18 19:11:36.0234 dmio (41862731f82be80f0cfba5d0da36b683) C:\WINDOWS\system32\drivers\dmio.sys 2010/08/18 19:11:36.0250 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/08/18 19:11:36.0343 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/08/18 19:11:36.0453 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 2010/08/18 19:11:36.0500 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/08/18 19:11:36.0562 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 2010/08/18 19:11:36.0593 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 2010/08/18 19:11:36.0687 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program\Dell Support\GTAction\triggers\DSproct.sys 2010/08/18 19:11:36.0765 E100B (c6a2dc3ae99c7a462fbfd9d302d4d190) C:\WINDOWS\system32\DRIVERS\e100b325.sys 2010/08/18 19:11:36.0875 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/08/18 19:11:36.0921 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2010/08/18 19:11:36.0984 Fips (b66ddb75642f6722468707840c67a394) C:\WINDOWS\system32\drivers\Fips.sys 2010/08/18 19:11:37.0015 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2010/08/18 19:11:37.0046 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2010/08/18 19:11:37.0062 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/08/18 19:11:37.0093 Ftdisk (45fc410cfe68ff036ad232a141e69c19) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/08/18 19:11:37.0156 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 2010/08/18 19:11:37.0218 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/08/18 19:11:37.0265 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2010/08/18 19:11:37.0359 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/08/18 19:11:37.0406 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 2010/08/18 19:11:37.0484 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/08/18 19:11:37.0546 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 2010/08/18 19:11:37.0609 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 2010/08/18 19:11:37.0640 i8042prt (82e56cd09b2ce1edec3fba9111c7ee3a) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/08/18 19:11:37.0687 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/08/18 19:11:37.0718 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 2010/08/18 19:11:37.0781 IntelIde (3012ee13f357a99361ad8b0d93e13c45) C:\WINDOWS\system32\DRIVERS\intelide.sys 2010/08/18 19:11:37.0843 intelppm (02431778e84a525d29929d14bab71d53) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/08/18 19:11:37.0890 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2010/08/18 19:11:37.0953 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/08/18 19:11:38.0015 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/08/18 19:11:38.0046 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/08/18 19:11:38.0109 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/08/18 19:11:38.0156 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/08/18 19:11:38.0187 isapnp (48f97c77daf8811598cfae21368eacb6) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/08/18 19:11:38.0234 Kbdclass (d655ca94c8e2e0223c1bc28bcd95723a) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/08/18 19:11:38.0265 kbdhid (e1e28876fe7602b0a1d040354de35c06) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2010/08/18 19:11:38.0296 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/08/18 19:11:38.0359 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/08/18 19:11:38.0562 mfeapfk (b77e959e1c50d3e3a9d9ef423be62e09) C:\WINDOWS\system32\drivers\mfeapfk.sys 2010/08/18 19:11:38.0625 mfeavfk (e84596fcb591117f5597498a5f82ad97) C:\WINDOWS\system32\drivers\mfeavfk.sys 2010/08/18 19:11:38.0703 mfebopk (d40ce01e2d3fe0c079cd2d6b3e4b823b) C:\WINDOWS\system32\drivers\mfebopk.sys 2010/08/18 19:11:38.0781 mfefirek (3962c6a9e35c4319dcdab0497614fd69) C:\WINDOWS\system32\drivers\mfefirek.sys 2010/08/18 19:11:38.0875 mfehidk (e7ecf7872bf8f2897ae5a696d908c2f7) C:\WINDOWS\system32\drivers\mfehidk.sys 2010/08/18 19:11:38.0953 mfendisk (554dbbdc8c3b4f380b21269239bd29bb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 2010/08/18 19:11:38.0968 mfendiskmp (554dbbdc8c3b4f380b21269239bd29bb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 2010/08/18 19:11:39.0015 mferkdet (e411594ac94baef7f8ea991cc8f47fd1) C:\WINDOWS\system32\drivers\mferkdet.sys 2010/08/18 19:11:39.0046 mfetdi2k (1bfe4c4ccf8cd2d7deaffb424e691196) C:\WINDOWS\system32\drivers\mfetdi2k.sys 2010/08/18 19:11:39.0093 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/08/18 19:11:39.0171 MOBKFilter (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\MOBK.sys 2010/08/18 19:11:39.0218 Modem (42ce19726d9c410dff75d3ff1cc79db2) C:\WINDOWS\system32\drivers\Modem.sys 2010/08/18 19:11:39.0265 Mouclass (e0c4c36573bcf0c0d2a1578caa791f7d) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/08/18 19:11:39.0328 mouhid (98e474ecf11f1db62fb072157a95ea83) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/08/18 19:11:39.0375 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/08/18 19:11:39.0406 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 2010/08/18 19:11:39.0437 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/08/18 19:11:39.0515 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/08/18 19:11:39.0562 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/08/18 19:11:39.0609 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/08/18 19:11:39.0625 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/08/18 19:11:39.0671 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/08/18 19:11:39.0750 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/08/18 19:11:39.0765 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/08/18 19:11:39.0812 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/08/18 19:11:39.0828 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/08/18 19:11:39.0859 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/08/18 19:11:39.0906 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/08/18 19:11:39.0937 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/08/18 19:11:40.0000 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/08/18 19:11:40.0031 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/08/18 19:11:40.0062 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/08/18 19:11:40.0109 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/08/18 19:11:40.0140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/08/18 19:11:40.0234 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2010/08/18 19:11:40.0343 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/08/18 19:11:40.0390 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/08/18 19:11:40.0453 Parport (19e28ed86e7244d76fda792c2810188e) C:\WINDOWS\system32\DRIVERS\parport.sys 2010/08/18 19:11:40.0578 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/08/18 19:11:40.0625 ParVdm (5cf71e14a108c492c1fb07543d579af5) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/08/18 19:11:40.0640 PCI (8a185f0112cf5b42ff1aaff31b8b3091) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/08/18 19:11:40.0906 PCIIde (239de4275ee40fdf9912761467025244) C:\WINDOWS\system32\DRIVERS\pciide.sys 2010/08/18 19:11:41.0015 Pcmcia (904053aa6e251c77cf85371ce644cfd7) C:\WINDOWS\system32\drivers\Pcmcia.sys 2010/08/18 19:11:41.0078 PCTCore (807ff1dd6e1bdf8e7d2062fca0daecaf) C:\WINDOWS\system32\drivers\PCTCore.sys 2010/08/18 19:11:41.0328 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 2010/08/18 19:11:41.0390 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 2010/08/18 19:11:41.0484 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/08/18 19:11:41.0531 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/08/18 19:11:41.0562 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/08/18 19:11:41.0656 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2010/08/18 19:11:41.0687 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 2010/08/18 19:11:41.0718 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 2010/08/18 19:11:41.0765 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 2010/08/18 19:11:41.0812 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 2010/08/18 19:11:41.0843 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 2010/08/18 19:11:41.0890 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/08/18 19:11:41.0968 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/08/18 19:11:41.0984 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/08/18 19:11:42.0031 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/08/18 19:11:42.0109 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/08/18 19:11:42.0203 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/08/18 19:11:42.0234 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2010/08/18 19:11:42.0296 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/08/18 19:11:42.0343 redbook (97130d37842819fa39fd5f1e90a5d676) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/08/18 19:11:42.0437 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/08/18 19:11:42.0500 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys 2010/08/18 19:11:42.0593 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2010/08/18 19:11:42.0609 Serial (f7d35464062edc08909e568bcd8ae77d) C:\WINDOWS\system32\DRIVERS\serial.sys 2010/08/18 19:11:42.0640 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2010/08/18 19:11:42.0750 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 2010/08/18 19:11:42.0828 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 2010/08/18 19:11:42.0859 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/08/18 19:11:42.0906 sr (1193ef00869f6367367e6e7cb96be325) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/08/18 19:11:42.0984 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/08/18 19:11:43.0062 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/08/18 19:11:43.0125 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/08/18 19:11:43.0187 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 2010/08/18 19:11:43.0218 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 2010/08/18 19:11:43.0250 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 2010/08/18 19:11:43.0281 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 2010/08/18 19:11:43.0343 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/08/18 19:11:43.0421 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/08/18 19:11:43.0468 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/08/18 19:11:43.0500 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/08/18 19:11:43.0546 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/08/18 19:11:43.0609 TosIde (67b0bb00b577d37e54497e5fdfcaadc0) C:\WINDOWS\system32\DRIVERS\toside.sys 2010/08/18 19:11:43.0656 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/08/18 19:11:43.0718 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 2010/08/18 19:11:43.0796 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/08/18 19:11:43.0875 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys 2010/08/18 19:11:43.0937 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/08/18 19:11:43.0968 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/08/18 19:11:44.0000 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2010/08/18 19:11:44.0062 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/08/18 19:11:44.0093 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/08/18 19:11:44.0125 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2010/08/18 19:11:44.0171 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys 2010/08/18 19:11:44.0234 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/08/18 19:11:44.0265 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 2010/08/18 19:11:44.0328 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 2010/08/18 19:11:44.0359 VolSnap (57187ec04878147e1f4f2d9224b12205) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/08/18 19:11:44.0437 w800bus (731ee7f3e635ee060ede1bb26c90d231) C:\WINDOWS\system32\DRIVERS\w800bus.sys 2010/08/18 19:11:44.0484 w800mdfl (ea5fd1aa88ea436bc6218282507ef450) C:\WINDOWS\system32\DRIVERS\w800mdfl.sys 2010/08/18 19:11:44.0515 w800mdm (806eced80c80ee07dd32ff720ca9d8d6) C:\WINDOWS\system32\DRIVERS\w800mdm.sys 2010/08/18 19:11:44.0593 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/08/18 19:11:44.0671 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys 2010/08/18 19:11:44.0750 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 2010/08/18 19:11:44.0812 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/08/18 19:11:44.0937 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2010/08/18 19:11:44.0953 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 2010/08/18 19:11:45.0031 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/08/18 19:11:45.0078 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/08/18 19:11:45.0125 ================================================================================ 2010/08/18 19:11:45.0125 Scan finished 2010/08/18 19:11:45.0125 ================================================================================
  6. Det går inte att klistra i något i fältet. Det finns två rutor ibockade 1) Services and drivers 2) Boot sectors Under en pil att klicka på för att starta scan men det går inte att klistra in någonstans.
  7. Jag tror att allt är gjort nu men det tog flera minuter innan Explorer öppnade någon web-sida. Kan jag ta bort THC bara genom "ta bort" för jag hittar den inte på lägg till/ta bort program?
  8. Jag har Windows Xp och jag får inte upp skapa systemåterställningspunkt som du anger. I tillbehör - systemverktyg osv så kommer det upp att jag kan skapa en systemåterställningpunkt men sen händer inget. Jag vet därför inte om det skapats någon sådan. Om jag klickar på återställning så finns det med där så jag antar att det måste ha skapats.
  9. Du är en pärla, smartare än Lisbeth Salander och Pleuge . Jag har iaf inte märkt att det skulle vara något fel nu. Några sista frågor bara: 1) Kan jag fortsätta köra Mozilla Firefox som webläsare? 2) Skall jag ta bort programmen combifix ml och loggar som jag laddat ner? 3) Om jag någon gång skall göra systemåterställning, skall jag då välja tidigast dagens datum?
  10. Förlåt, jag gjorde så först men trodde att jag gjort fel så jag redigerade och skickade som en bifogad fil istället:blush:
  11. Här är DDS logs som bifogad fil DDS 100818.txt
  12. Tredje gången gillt: ComboFix 10-08-17.03 - Marie-Louise 2010-08-18 12:41:27.6.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.1022.590 [GMT 2:00] Körs från: c:\documents and settings\Marie-Louise\Mina dokument\Hämtade filer\ComboFix.exe Använda kommandoväxlar :: c:\documents and settings\Marie-Louise\Skrivbord\CFScript.txt AV: McAfee Anti-Virus och Anti-Spyware *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . (((((((((((((((((((((((( Filer Skapade från 2010-07-18 till 2010-08-18 )))))))))))))))))))))))))))))) . 2010-08-17 18:22 . 2010-08-17 18:22 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\Malwarebytes 2010-08-17 18:21 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-17 18:21 . 2010-08-17 18:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-17 18:21 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-17 18:21 . 2010-08-17 20:39 -------- d-----w- c:\program\Malwarebytes' Anti-Malware 2010-08-17 13:27 . 2010-08-17 13:27 -------- d-----w- c:\program\McAfeeMOBK 2010-08-17 13:26 . 2010-04-13 18:10 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys 2010-08-17 13:26 . 2010-08-17 13:26 -------- d-----w- c:\program\McAfee Online Backup 2010-08-17 13:24 . 2010-05-31 18:32 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-08-17 13:24 . 2010-05-31 18:32 88480 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2010-08-17 13:24 . 2010-05-31 18:32 83496 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-08-17 13:24 . 2010-05-31 18:32 82952 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2010-08-17 13:24 . 2010-05-31 18:32 312616 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-08-17 13:24 . 2010-05-31 18:32 51688 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-08-17 13:24 . 2010-05-31 18:32 152320 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-08-17 13:24 . 2010-05-31 18:32 55456 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-08-17 13:24 . 2010-08-17 13:25 -------- d-----w- c:\program\Delade filer\Mcafee 2010-08-17 13:24 . 2010-08-17 13:24 -------- d-----w- c:\program\McAfee.com 2010-08-17 13:09 . 2010-08-17 13:09 3060208 ----a-w- c:\program\DMSetup.exe 2010-08-17 00:05 . 2010-01-27 11:51 767952 ----a-w- c:\windows\BDTSupport.dll 2010-08-17 00:05 . 2010-01-22 06:56 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-08-17 00:05 . 2008-11-26 09:08 131 ----a-w- c:\windows\IDB.zip 2010-08-17 00:05 . 2010-01-22 06:56 165840 ----a-w- c:\windows\PCTBDRes.dll 2010-08-17 00:05 . 2010-01-22 06:56 1652688 ----a-w- c:\windows\PCTBDCore.dll 2010-08-17 00:05 . 2009-10-27 22:36 1152444 ----a-w- c:\windows\UDB.zip 2010-08-16 23:58 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-08-16 23:58 . 2010-03-29 08:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-08-16 23:58 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-08-16 23:58 . 2010-04-08 12:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-08-16 23:58 . 2010-08-18 10:32 -------- d-----w- c:\program\Spyware Doctor 2010-08-16 23:58 . 2010-08-17 00:06 -------- d-----w- c:\program\Delade filer\PC Tools 2010-08-16 23:58 . 2010-08-16 23:58 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\PC Tools 2010-08-16 23:58 . 2010-08-16 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2010-08-16 23:57 . 2010-08-18 10:52 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-08-16 23:23 . 2010-08-16 23:23 -------- d-----w- c:\windows\system32\wbem\Repository . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-17 20:34 . 2010-07-10 20:11 -------- d-----w- c:\program\McAfee 2010-08-17 16:25 . 2007-10-18 18:07 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-08-17 00:43 . 2007-07-23 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-16 19:16 . 2004-09-15 11:18 14336 ----a-w- c:\windows\system32\svchost.exe 2010-08-14 08:49 . 2010-03-16 21:15 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\Spotify 2010-07-16 19:34 . 2010-07-16 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-07-16 19:34 . 2007-07-16 13:00 -------- d-----w- c:\program\iTunes 2010-07-16 19:32 . 2010-07-16 19:32 -------- d-----w- c:\program\iPod 2010-07-16 19:32 . 2007-07-16 12:59 -------- d-----w- c:\program\Delade filer\Apple 2010-07-16 19:26 . 2010-07-16 19:25 -------- d-----w- c:\program\QuickTime 2010-07-16 19:20 . 2010-07-16 19:20 -------- d-----w- c:\program\Bonjour 2010-07-16 19:09 . 2010-03-15 19:42 -------- d-----w- c:\program\Safari 2010-07-07 20:10 . 2010-07-07 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software 2010-07-07 20:08 . 2010-07-07 20:08 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\NCH Software 2010-07-07 20:08 . 2007-11-28 20:15 -------- d-----w- c:\program\NCH Software 2010-07-04 19:29 . 2007-11-28 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2010-07-04 19:29 . 2007-08-31 07:48 -------- d-----w- c:\program\NCH Swift Sound 2010-06-30 12:33 . 2004-09-15 11:18 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:19 . 2004-09-15 11:18 832512 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 12:19 . 2004-09-15 11:18 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-06-24 12:19 . 2004-09-15 11:18 17408 ----a-w- c:\windows\system32\corpol.dll 2010-06-24 09:02 . 2004-09-15 11:18 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 16:08 . 2008-10-03 08:14 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore 2010-06-21 15:27 . 2004-09-15 11:18 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-09-15 11:18 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 07:43 . 2004-09-15 11:18 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-05-31 18:32 . 2010-05-31 18:32 95568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-05-31 18:32 . 2010-05-31 18:32 385880 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2009-07-31 22:00 . 2009-07-31 22:00 8198368 ----a-w- c:\program\Firefox Setup 3.5.1.exe 2007-10-22 17:29 . 2007-10-22 17:29 774144 ----a-w- c:\program\RngInterstitial.dll 2007-08-07 08:24 . 2007-08-07 08:24 956344 ----a-w- c:\program\SaveAsPDFandXPS.exe 2007-07-16 20:50 . 2007-07-16 15:39 87990 ----a-w- c:\program\GoogleCalendar.gg 2007-07-16 19:26 . 2007-07-16 19:26 3645968 ----a-w- c:\program\123freesolitaire.exe 2004-09-16 17:36 . 2007-07-28 16:48 1717652 ----a-w- c:\program\DCPlusPlus-0.401.exe 2010-06-27 09:08 . 2009-12-02 20:35 119808 ----a-w- c:\program\mozilla firefox\components\GoogleDesktopMozilla.dll 2010-05-31 18:32 . 2010-08-17 13:24 24376 ----a-w- c:\program\mozilla firefox\components\Scriptff.dll . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* Tomma poster & legitima standardposter visas inte. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK] @="{3c3f3c1a-9153-7c05-f938-622e7003894d}" [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2] @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}" [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3] @="{b4caf489-1eec-c617-49ad-8d7088598c06}" [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-21 68856] "Halebop SMS i datorn för Outlook Express"="c:\program\Halebop SMS i datorn för Outlook Express\eSMS Executive Windows.exe" [2005-04-18 1032192] "OM2_Monitor"="c:\program\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 95800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-05-22 148888] "SoundMAXPnP"="c:\program\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776] "ATICCC"="c:\program\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112] "ISUSPM Startup"="c:\program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program\Delade filer\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PDVDDXSrv"="c:\program\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Google Desktop Search"="c:\program\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-27 30192] "Adobe Photo Downloader"="c:\program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344] "REGSHAVE"="c:\program\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248] "TkBellExe"="c:\program\Delade filer\Real\Update_OB\realsched.exe" [2007-09-10 185632] "RoxioDragToDisc"="c:\program\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920] "SMSTray"="c:\program\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976] "MAAgent"="c:\program\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344] "AppleSyncNotifier"="c:\program\Delade filer\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904] "QuickTime Task"="c:\program\QuickTime\QTTask.exe" [2010-03-18 421888] "iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2010-06-15 141624] "mcui_exe"="c:\program\McAfee.com\Agent\mcagent.exe" [2010-06-30 1193848] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start-meny\Program\Autostart\ Acrobat Assistant.lnk - c:\program\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193] Adobe Reader Speed Launch.lnk - c:\program\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Adobe Reader Synchronizer.lnk - c:\program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872] BankID s„kerhetsprogram.lnk - c:\program\Personal\bin\Personal.exe [2010-3-10 939920] Exif Launcher 2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2007-8-11 294912] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program\\Messenger\\msmsgs.exe"= "c:\\Program\\uTorrent\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\program\Microsoft ActiveSync\rapimgr.exe"= c:\program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program\Microsoft ActiveSync\wcescomm.exe"= c:\program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program\Microsoft ActiveSync\WCESMgr.exe"= c:\program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program\\Spotify\\spotify.exe"= "c:\\Program\\Bonjour\\mDNSResponder.exe"= "c:\\Program\\iTunes\\iTunes.exe"= "c:\\Program\\Delade filer\\Mcafee\\McSvcHost\\McSvHost.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-07-03 3456] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-17 218592] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-08-17 82952] R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-08-17 54776] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program\Spyware Doctor\BDT\BDTUpdateService.exe [2010-08-17 112592] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 mfefire;McAfee Firewall Core Service;c:\program\Delade filer\Mcafee\SystemCore\mfefire.exe [2010-08-17 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program\Delade filer\Mcafee\SystemCore\mfevtps.exe [2010-08-17 141792] R2 MOBKbackup;1%;c:\program\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-08-17 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-08-17 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-08-17 88480] S2 gupdate;Tjänsten Google Update (gupdate);c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 135664] S3 GoogleDesktopManager-051210-111108;Google Desktop-hanteraren 5.9.1005.12335;c:\program\Google\Google Desktop Search\GoogleDesktop.exe [2007-07-03 30192] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-08-17 38224] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-08-17 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-08-17 83496] S3 sdAuxService;PC Tools Auxiliary Service;c:\program\Spyware Doctor\pctsAuxs.exe [2010-08-17 366840] --- Övriga tjänster/drivrutiner i minnet --- *Deregistered* - mfeavfk01 . Innehållet i mappen 'Schemalagda aktiviteter': 2010-07-16 c:\windows\Tasks\classicftpShakeIcon.job - c:\program\NCH Software\ClassicFTP\classicftp.exe [2010-07-07 20:08] 2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 18:49] 2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 18:49] 2010-08-18 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . . ------- Extra genomsökning ------- . uStart Page = hxxp://www.aftonbladet.se/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: Add to AMV Video Converter... - c:\program\Media Player Utilities 4.24\AMVConverter\grab.html IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html LSP: c:\program\Delade filer\PC Tools\Lsp\PCTLsp.dll Trusted Zone: mcafee.com DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} - hxxp://fika-web.ifolor.net/OrderingGeneral/LowRes/app_support/ActiveX/IfolorUploader_fika.cab FF - ProfilePath - c:\documents and settings\Marie-Louise\Application Data\Mozilla\Firefox\Profiles\10e7zmj2.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.aftonbladet.se FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - component: c:\program\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\program\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program\McAfee\Supportability\MVT\NPMVTPlugin.dll FF - plugin: c:\program\Personal\bin\np_prsnl.dll FF - plugin: c:\program\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - plugin: c:\program\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICY ---- c:\program\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-18 12:53 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLer som "laddats" under processer som körs --------------------- - - - - - - - > 'winlogon.exe'(1040) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(1096) c:\program\Delade filer\PC Tools\Lsp\PCTLsp.dll - - - - - - - > 'explorer.exe'(2972) c:\program\McAfee Online Backup\MOBKshell.dll c:\program\MarkAny\ContentSafer\MaCSProHook.DLL c:\program\iTunes\iTunesMiniPlayer.dll c:\program\iTunes\iTunesMiniPlayer.Resources\sv.lproj\iTunesMiniPlayerLocalized.dll c:\program\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\WPDShServiceObj.dll c:\program\Roxio\Drag-to-Disc\Shellex.dll c:\windows\system32\DLAAPI_W.DLL c:\windows\system32\CDRTC.DLL c:\program\Roxio\Drag-to-Disc\ShellRes.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andra processer som körs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program\ATI Technologies\ATI.ACE\CLI.EXE c:\program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\bgsvcgen.exe c:\program\Bonjour\mDNSResponder.exe c:\program\Microsoft ActiveSync\wcescomm.exe c:\program\MI3AA1~1\rapimgr.exe c:\program\Java\jre6\bin\jqs.exe c:\program\Delade filer\McAfee\SystemCore\mcshield.exe c:\windows\system32\wscntfy.exe c:\windows\System32\vssvc.exe c:\program\iPod\bin\iPodService.exe c:\program\ATI Technologies\ATI.ACE\cli.exe c:\program\Java\jre6\bin\jucheck.exe . ************************************************************************** . Sluttid: 2010-08-18 13:03:00 - datorn startades om. ComboFix-quarantined-files.txt 2010-08-18 11:02 ComboFix2.txt 2010-08-18 09:40 ComboFix3.txt 2010-08-18 08:13 ComboFix4.txt 2010-08-17 23:20 ComboFix5.txt 2010-08-18 10:39 Före genomsökningen: 119 038 377 984 byte ledigt Efter genomsökningen: 119 015 968 768 byte ledigt - - End Of File - - CD396752E7750D59F18A20941AD3B325
  13. Hoppas det blir rätt nu: ComboFix 10-08-17.03 - Marie-Louise 2010-08-18 11:18:18.5.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.1022.542 [GMT 2:00] Körs från: c:\documents and settings\Marie-Louise\Mina dokument\Hämtade filer\ComboFix.exe Använda kommandoväxlar :: c:\documents and settings\Marie-Louise\Skrivbord\CFScript.txt AV: McAfee Anti-Virus och Anti-Spyware *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . (((((((((((((((((((((((( Filer Skapade från 2010-07-18 till 2010-08-18 )))))))))))))))))))))))))))))) . 2010-08-17 18:22 . 2010-08-17 18:22 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\Malwarebytes 2010-08-17 18:21 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-17 18:21 . 2010-08-17 18:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-17 18:21 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-17 18:21 . 2010-08-17 20:39 -------- d-----w- c:\program\Malwarebytes' Anti-Malware 2010-08-17 13:27 . 2010-08-17 13:27 -------- d-----w- c:\program\McAfeeMOBK 2010-08-17 13:26 . 2010-04-13 18:10 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys 2010-08-17 13:26 . 2010-08-17 13:26 -------- d-----w- c:\program\McAfee Online Backup 2010-08-17 13:24 . 2010-05-31 18:32 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-08-17 13:24 . 2010-05-31 18:32 88480 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2010-08-17 13:24 . 2010-05-31 18:32 83496 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-08-17 13:24 . 2010-05-31 18:32 82952 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2010-08-17 13:24 . 2010-05-31 18:32 312616 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-08-17 13:24 . 2010-05-31 18:32 51688 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-08-17 13:24 . 2010-05-31 18:32 152320 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-08-17 13:24 . 2010-05-31 18:32 55456 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-08-17 13:24 . 2010-08-17 13:25 -------- d-----w- c:\program\Delade filer\Mcafee 2010-08-17 13:24 . 2010-08-17 13:24 -------- d-----w- c:\program\McAfee.com 2010-08-17 13:09 . 2010-08-17 13:09 3060208 ----a-w- c:\program\DMSetup.exe 2010-08-17 00:05 . 2010-01-27 11:51 767952 ----a-w- c:\windows\BDTSupport.dll 2010-08-17 00:05 . 2010-01-22 06:56 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-08-17 00:05 . 2008-11-26 09:08 131 ----a-w- c:\windows\IDB.zip 2010-08-17 00:05 . 2010-01-22 06:56 165840 ----a-w- c:\windows\PCTBDRes.dll 2010-08-17 00:05 . 2010-01-22 06:56 1652688 ----a-w- c:\windows\PCTBDCore.dll 2010-08-17 00:05 . 2009-10-27 22:36 1152444 ----a-w- c:\windows\UDB.zip 2010-08-16 23:58 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-08-16 23:58 . 2010-03-29 08:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-08-16 23:58 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-08-16 23:58 . 2010-04-08 12:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-08-16 23:58 . 2010-08-18 09:13 -------- d-----w- c:\program\Spyware Doctor 2010-08-16 23:58 . 2010-08-17 00:06 -------- d-----w- c:\program\Delade filer\PC Tools 2010-08-16 23:58 . 2010-08-16 23:58 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\PC Tools 2010-08-16 23:58 . 2010-08-16 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2010-08-16 23:57 . 2010-08-18 09:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-08-16 23:23 . 2010-08-16 23:23 -------- d-----w- c:\windows\system32\wbem\Repository . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-17 20:34 . 2010-07-10 20:11 -------- d-----w- c:\program\McAfee 2010-08-17 16:25 . 2007-10-18 18:07 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-08-17 00:43 . 2007-07-23 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-16 19:16 . 2004-09-15 11:18 14336 ----a-w- c:\windows\system32\svchost.exe 2010-08-14 08:49 . 2010-03-16 21:15 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\Spotify 2010-07-16 19:34 . 2010-07-16 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-07-16 19:34 . 2007-07-16 13:00 -------- d-----w- c:\program\iTunes 2010-07-16 19:32 . 2010-07-16 19:32 -------- d-----w- c:\program\iPod 2010-07-16 19:32 . 2007-07-16 12:59 -------- d-----w- c:\program\Delade filer\Apple 2010-07-16 19:26 . 2010-07-16 19:25 -------- d-----w- c:\program\QuickTime 2010-07-16 19:20 . 2010-07-16 19:20 -------- d-----w- c:\program\Bonjour 2010-07-16 19:09 . 2010-03-15 19:42 -------- d-----w- c:\program\Safari 2010-07-07 20:10 . 2010-07-07 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software 2010-07-07 20:08 . 2010-07-07 20:08 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\NCH Software 2010-07-07 20:08 . 2007-11-28 20:15 -------- d-----w- c:\program\NCH Software 2010-07-04 19:29 . 2007-11-28 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2010-07-04 19:29 . 2007-08-31 07:48 -------- d-----w- c:\program\NCH Swift Sound 2010-06-30 12:33 . 2004-09-15 11:18 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:19 . 2004-09-15 11:18 832512 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 12:19 . 2004-09-15 11:18 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-06-24 12:19 . 2004-09-15 11:18 17408 ----a-w- c:\windows\system32\corpol.dll 2010-06-24 09:02 . 2004-09-15 11:18 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 16:08 . 2008-10-03 08:14 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore 2010-06-21 15:27 . 2004-09-15 11:18 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-09-15 11:18 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 07:43 . 2004-09-15 11:18 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-05-31 18:32 . 2010-05-31 18:32 95568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-05-31 18:32 . 2010-05-31 18:32 385880 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2009-07-31 22:00 . 2009-07-31 22:00 8198368 ----a-w- c:\program\Firefox Setup 3.5.1.exe 2007-10-22 17:29 . 2007-10-22 17:29 774144 ----a-w- c:\program\RngInterstitial.dll 2007-08-07 08:24 . 2007-08-07 08:24 956344 ----a-w- c:\program\SaveAsPDFandXPS.exe 2007-07-16 20:50 . 2007-07-16 15:39 87990 ----a-w- c:\program\GoogleCalendar.gg 2007-07-16 19:26 . 2007-07-16 19:26 3645968 ----a-w- c:\program\123freesolitaire.exe 2004-09-16 17:36 . 2007-07-28 16:48 1717652 ----a-w- c:\program\DCPlusPlus-0.401.exe 2010-06-27 09:08 . 2009-12-02 20:35 119808 ----a-w- c:\program\mozilla firefox\components\GoogleDesktopMozilla.dll 2010-05-31 18:32 . 2010-08-17 13:24 24376 ----a-w- c:\program\mozilla firefox\components\Scriptff.dll . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* Tomma poster & legitima standardposter visas inte. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK] @="{3c3f3c1a-9153-7c05-f938-622e7003894d}" [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2] @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}" [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3] @="{b4caf489-1eec-c617-49ad-8d7088598c06}" [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-21 68856] "Halebop SMS i datorn för Outlook Express"="c:\program\Halebop SMS i datorn för Outlook Express\eSMS Executive Windows.exe" [2005-04-18 1032192] "OM2_Monitor"="c:\program\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 95800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-05-22 148888] "SoundMAXPnP"="c:\program\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776] "ATICCC"="c:\program\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112] "ISUSPM Startup"="c:\program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program\Delade filer\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PDVDDXSrv"="c:\program\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Google Desktop Search"="c:\program\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-27 30192] "Adobe Photo Downloader"="c:\program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344] "REGSHAVE"="c:\program\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248] "TkBellExe"="c:\program\Delade filer\Real\Update_OB\realsched.exe" [2007-09-10 185632] "RoxioDragToDisc"="c:\program\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920] "SMSTray"="c:\program\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976] "MAAgent"="c:\program\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344] "AppleSyncNotifier"="c:\program\Delade filer\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904] "QuickTime Task"="c:\program\QuickTime\QTTask.exe" [2010-03-18 421888] "iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2010-06-15 141624] "mcui_exe"="c:\program\McAfee.com\Agent\mcagent.exe" [2010-06-30 1193848] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start-meny\Program\Autostart\ Acrobat Assistant.lnk - c:\program\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193] Adobe Reader Speed Launch.lnk - c:\program\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Adobe Reader Synchronizer.lnk - c:\program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872] BankID s„kerhetsprogram.lnk - c:\program\Personal\bin\Personal.exe [2010-3-10 939920] Exif Launcher 2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2007-8-11 294912] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program\\Messenger\\msmsgs.exe"= "c:\\Program\\uTorrent\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\program\Microsoft ActiveSync\rapimgr.exe"= c:\program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program\Microsoft ActiveSync\wcescomm.exe"= c:\program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program\Microsoft ActiveSync\WCESMgr.exe"= c:\program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program\\Spotify\\spotify.exe"= "c:\\Program\\Bonjour\\mDNSResponder.exe"= "c:\\Program\\iTunes\\iTunes.exe"= "c:\\Program\\Delade filer\\Mcafee\\McSvcHost\\McSvHost.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-07-03 3456] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-17 218592] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-08-17 82952] R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-08-17 54776] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program\Spyware Doctor\BDT\BDTUpdateService.exe [2010-08-17 112592] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 mfefire;McAfee Firewall Core Service;c:\program\Delade filer\Mcafee\SystemCore\mfefire.exe [2010-08-17 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program\Delade filer\Mcafee\SystemCore\mfevtps.exe [2010-08-17 141792] R2 MOBKbackup;1%;c:\program\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-08-17 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-08-17 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-08-17 88480] S2 gupdate;Tjänsten Google Update (gupdate);c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 135664] S3 GoogleDesktopManager-051210-111108;Google Desktop-hanteraren 5.9.1005.12335;c:\program\Google\Google Desktop Search\GoogleDesktop.exe [2007-07-03 30192] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-08-17 38224] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-08-17 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-08-17 83496] S3 sdAuxService;PC Tools Auxiliary Service;c:\program\Spyware Doctor\pctsAuxs.exe [2010-08-17 366840] --- Övriga tjänster/drivrutiner i minnet --- *Deregistered* - mfeavfk01 . Innehållet i mappen 'Schemalagda aktiviteter': 2010-07-16 c:\windows\Tasks\classicftpShakeIcon.job - c:\program\NCH Software\ClassicFTP\classicftp.exe [2010-07-07 20:08] 2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 18:49] 2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 18:49] 2010-08-18 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . . ------- Extra genomsökning ------- . uStart Page = hxxp://www.aftonbladet.se/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: Add to AMV Video Converter... - c:\program\Media Player Utilities 4.24\AMVConverter\grab.html IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html LSP: c:\program\Delade filer\PC Tools\Lsp\PCTLsp.dll Trusted Zone: mcafee.com DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} - hxxp://fika-web.ifolor.net/OrderingGeneral/LowRes/app_support/ActiveX/IfolorUploader_fika.cab FF - ProfilePath - c:\documents and settings\Marie-Louise\Application Data\Mozilla\Firefox\Profiles\10e7zmj2.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.aftonbladet.se FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - component: c:\program\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\program\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program\McAfee\Supportability\MVT\NPMVTPlugin.dll FF - plugin: c:\program\Personal\bin\np_prsnl.dll FF - plugin: c:\program\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - plugin: c:\program\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICY ---- c:\program\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-18 11:30 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLer som "laddats" under processer som körs --------------------- - - - - - - - > 'winlogon.exe'(1040) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(1096) c:\program\Delade filer\PC Tools\Lsp\PCTLsp.dll - - - - - - - > 'explorer.exe'(308) c:\program\McAfee Online Backup\MOBKshell.dll c:\program\MarkAny\ContentSafer\MaCSProHook.DLL c:\program\iTunes\iTunesMiniPlayer.dll c:\program\iTunes\iTunesMiniPlayer.Resources\sv.lproj\iTunesMiniPlayerLocalized.dll c:\program\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\WPDShServiceObj.dll c:\program\Roxio\Drag-to-Disc\Shellex.dll c:\windows\system32\DLAAPI_W.DLL c:\windows\system32\CDRTC.DLL c:\program\Roxio\Drag-to-Disc\ShellRes.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andra processer som körs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\bgsvcgen.exe c:\program\Bonjour\mDNSResponder.exe c:\program\Java\jre6\bin\jqs.exe c:\program\ATI Technologies\ATI.ACE\CLI.EXE c:\program\Delade filer\McAfee\SystemCore\mcshield.exe c:\program\Microsoft ActiveSync\wcescomm.exe c:\program\MI3AA1~1\rapimgr.exe c:\windows\system32\wscntfy.exe c:\windows\System32\vssvc.exe c:\program\iPod\bin\iPodService.exe c:\program\ATI Technologies\ATI.ACE\cli.exe c:\program\Java\jre6\bin\jucheck.exe c:\program\mcafee\msc\mcupdmgr.exe . ************************************************************************** . Sluttid: 2010-08-18 11:40:01 - datorn startades om. ComboFix-quarantined-files.txt 2010-08-18 09:39 ComboFix2.txt 2010-08-18 08:13 ComboFix3.txt 2010-08-17 23:20 ComboFix4.txt 2010-08-17 13:02 Före genomsökningen: 119 055 650 816 byte ledigt Efter genomsökningen: 119 030 841 344 byte ledigt - - End Of File - - 9FD29B5D4A2D227D94569C5BD67657FE
  14. Combofix tar med sig anteckningarna så de finns inte kvar, iaf inte på skrivbordet. När jag laddade ner programmet Combofix så fick jag inte in den på skrivbordet så jag lade det som en genväg. Kanske det blev fel! Jag gör om igen!
  15. Här är senaste logg från Combofix: ComboFix 10-08-17.03 - Marie-Louise 2010-08-18 9:55.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.1022.527 [GMT 2:00] Körs från: c:\documents and settings\Marie-Louise\Mina dokument\Hämtade filer\ComboFix.exe Använda kommandoväxlar :: c:\documents and settings\Marie-Louise\Skrivbord\CFScript.txt AV: McAfee Anti-Virus och Anti-Spyware *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . (((((((((((((((((((((((( Filer Skapade från 2010-07-18 till 2010-08-18 )))))))))))))))))))))))))))))) . 2010-08-17 18:22 . 2010-08-17 18:22 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\Malwarebytes 2010-08-17 18:21 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-17 18:21 . 2010-08-17 18:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-17 18:21 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-17 18:21 . 2010-08-17 20:39 -------- d-----w- c:\program\Malwarebytes' Anti-Malware 2010-08-17 13:27 . 2010-08-17 13:27 -------- d-----w- c:\program\McAfeeMOBK 2010-08-17 13:26 . 2010-04-13 18:10 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys 2010-08-17 13:26 . 2010-08-17 13:26 -------- d-----w- c:\program\McAfee Online Backup 2010-08-17 13:24 . 2010-05-31 18:32 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-08-17 13:24 . 2010-05-31 18:32 88480 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2010-08-17 13:24 . 2010-05-31 18:32 83496 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-08-17 13:24 . 2010-05-31 18:32 82952 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2010-08-17 13:24 . 2010-05-31 18:32 312616 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-08-17 13:24 . 2010-05-31 18:32 51688 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-08-17 13:24 . 2010-05-31 18:32 152320 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-08-17 13:24 . 2010-05-31 18:32 55456 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-08-17 13:24 . 2010-08-17 13:25 -------- d-----w- c:\program\Delade filer\Mcafee 2010-08-17 13:24 . 2010-08-17 13:24 -------- d-----w- c:\program\McAfee.com 2010-08-17 13:09 . 2010-08-17 13:09 3060208 ----a-w- c:\program\DMSetup.exe 2010-08-17 00:05 . 2010-01-27 11:51 767952 ----a-w- c:\windows\BDTSupport.dll 2010-08-17 00:05 . 2010-01-22 06:56 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-08-17 00:05 . 2008-11-26 09:08 131 ----a-w- c:\windows\IDB.zip 2010-08-17 00:05 . 2010-01-22 06:56 165840 ----a-w- c:\windows\PCTBDRes.dll 2010-08-17 00:05 . 2010-01-22 06:56 1652688 ----a-w- c:\windows\PCTBDCore.dll 2010-08-17 00:05 . 2009-10-27 22:36 1152444 ----a-w- c:\windows\UDB.zip 2010-08-16 23:58 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-08-16 23:58 . 2010-03-29 08:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-08-16 23:58 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-08-16 23:58 . 2010-04-08 12:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-08-16 23:58 . 2010-08-17 22:03 -------- d-----w- c:\program\Spyware Doctor 2010-08-16 23:58 . 2010-08-17 00:06 -------- d-----w- c:\program\Delade filer\PC Tools 2010-08-16 23:58 . 2010-08-16 23:58 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\PC Tools 2010-08-16 23:58 . 2010-08-16 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2010-08-16 23:57 . 2010-08-18 08:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-08-16 23:23 . 2010-08-16 23:23 -------- d-----w- c:\windows\system32\wbem\Repository . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-17 20:34 . 2010-07-10 20:11 -------- d-----w- c:\program\McAfee 2010-08-17 16:25 . 2007-10-18 18:07 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-08-17 08:30 . 2010-08-17 08:30 300384 ----a-w- c:\documents and settings\All Users\Application Data\McAfee\Supportability\Content\MVT\XMLFiles\detect.dll 2010-08-17 08:30 . 2010-01-05 14:18 300384 ----a-w- c:\documents and settings\Marie-Louise\Application Data\McAfee\Supportability\MVTLogs\Results\detect.dll 2010-08-17 00:43 . 2007-07-23 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-16 19:16 . 2004-09-15 11:18 14336 ----a-w- c:\windows\system32\svchost.exe 2010-08-14 08:49 . 2010-03-16 21:15 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\Spotify 2010-08-02 16:22 . 2010-08-02 16:22 452104 ----a-w- c:\documents and settings\Marie-Louise\Application Data\Real\Update\setup3.12\setup.exe 2010-07-16 19:34 . 2010-07-16 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-07-16 19:34 . 2007-07-16 13:00 -------- d-----w- c:\program\iTunes 2010-07-16 19:32 . 2010-07-16 19:32 -------- d-----w- c:\program\iPod 2010-07-16 19:32 . 2007-07-16 12:59 -------- d-----w- c:\program\Delade filer\Apple 2010-07-16 19:26 . 2010-07-16 19:25 -------- d-----w- c:\program\QuickTime 2010-07-16 19:20 . 2010-07-16 19:20 -------- d-----w- c:\program\Bonjour 2010-07-16 19:13 . 2010-07-16 19:13 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe 2010-07-16 19:09 . 2010-03-15 19:42 -------- d-----w- c:\program\Safari 2010-07-16 19:04 . 2010-07-16 19:04 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe 2010-07-07 20:10 . 2010-07-07 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software 2010-07-07 20:08 . 2010-07-07 20:08 -------- d-----w- c:\documents and settings\Marie-Louise\Application Data\NCH Software 2010-07-07 20:08 . 2007-11-28 20:15 -------- d-----w- c:\program\NCH Software 2010-07-07 20:06 . 2009-10-16 08:39 766 ----a-r- c:\documents and settings\Marie-Louise\Application Data\Microsoft\Installer\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}\_6FEFF9B68218417F98F549.exe 2010-07-07 20:06 . 2009-10-16 08:39 2550 ----a-r- c:\documents and settings\Marie-Louise\Application Data\Microsoft\Installer\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}\_7D3513599EB4CC9F0C6E1E.exe 2010-07-07 20:06 . 2009-10-16 08:39 16262 ----a-r- c:\documents and settings\Marie-Louise\Application Data\Microsoft\Installer\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}\_9298C8278A202BDA601A42.exe 2010-07-07 20:06 . 2009-10-16 08:39 1518 ----a-r- c:\documents and settings\Marie-Louise\Application Data\Microsoft\Installer\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}\_1D762A7FE0D5E5AECF4B45.exe 2010-07-07 20:06 . 2009-10-16 08:39 1078 ----a-r- c:\documents and settings\Marie-Louise\Application Data\Microsoft\Installer\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}\_883F8AF5BE841F96BF1DEC.exe 2010-07-07 20:06 . 2009-10-16 08:39 1078 ----a-r- c:\documents and settings\Marie-Louise\Application Data\Microsoft\Installer\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}\_76C8E46611167406F0A192.exe 2010-07-07 20:06 . 2009-10-16 08:39 10134 ----a-r- c:\documents and settings\Marie-Louise\Application Data\Microsoft\Installer\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}\_24D6DAE72059FEF96053FD.exe 2010-07-04 19:29 . 2007-11-28 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2010-07-04 19:29 . 2007-08-31 07:48 -------- d-----w- c:\program\NCH Swift Sound 2010-06-30 12:33 . 2004-09-15 11:18 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:19 . 2004-09-15 11:18 832512 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 12:19 . 2004-09-15 11:18 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-06-24 12:19 . 2004-09-15 11:18 17408 ----a-w- c:\windows\system32\corpol.dll 2010-06-24 09:02 . 2004-09-15 11:18 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 16:08 . 2008-10-03 08:14 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore 2010-06-21 15:27 . 2004-09-15 11:18 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-09-15 11:18 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2004-09-15 11:30 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2004-09-15 11:18 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-05-31 18:32 . 2010-05-31 18:32 95568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-05-31 18:32 . 2010-05-31 18:32 385880 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-05-27 20:27 . 2010-05-27 20:27 655360 ----a-w- c:\documents and settings\Marie-Louise\Application Data\Spotify\Gracenote\gnsdk_sdkmanager.dll 2010-05-27 20:27 . 2010-05-27 20:27 282624 ----a-w- c:\documents and settings\Marie-Louise\Application Data\Spotify\Gracenote\gnsdk_musicid_file.dll 2010-05-27 20:27 . 2010-05-27 20:27 208896 ----a-w- c:\documents and settings\Marie-Louise\Application Data\Spotify\Gracenote\gnsdk_dsp.dll 2010-05-25 19:18 . 2010-05-25 19:18 503808 ----a-w- c:\documents and settings\Marie-Louise\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-3aca93e7-n\msvcp71.dll 2010-05-25 19:18 . 2010-05-25 19:18 499712 ----a-w- c:\documents and settings\Marie-Louise\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-3aca93e7-n\jmc.dll 2010-05-25 19:18 . 2010-05-25 19:18 348160 ----a-w- c:\documents and settings\Marie-Louise\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-3aca93e7-n\msvcr71.dll 2009-07-31 22:00 . 2009-07-31 22:00 8198368 ----a-w- c:\program\Firefox Setup 3.5.1.exe 2007-10-22 17:29 . 2007-10-22 17:29 774144 ----a-w- c:\program\RngInterstitial.dll 2007-08-07 08:24 . 2007-08-07 08:24 956344 ----a-w- c:\program\SaveAsPDFandXPS.exe 2007-07-16 20:50 . 2007-07-16 15:39 87990 ----a-w- c:\program\GoogleCalendar.gg 2007-07-16 19:26 . 2007-07-16 19:26 3645968 ----a-w- c:\program\123freesolitaire.exe 2004-09-16 17:36 . 2007-07-28 16:48 1717652 ----a-w- c:\program\DCPlusPlus-0.401.exe 2010-06-27 09:08 . 2009-12-02 20:35 119808 ----a-w- c:\program\mozilla firefox\components\GoogleDesktopMozilla.dll 2010-05-31 18:32 . 2010-08-17 13:24 24376 ----a-w- c:\program\mozilla firefox\components\Scriptff.dll . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* Tomma poster & legitima standardposter visas inte. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK] @="{3c3f3c1a-9153-7c05-f938-622e7003894d}" [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2] @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}" [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3] @="{b4caf489-1eec-c617-49ad-8d7088598c06}" [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}] 2010-04-13 18:11 2872120 ----a-w- c:\program\McAfee Online Backup\MOBKshell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-21 68856] "Halebop SMS i datorn för Outlook Express"="c:\program\Halebop SMS i datorn för Outlook Express\eSMS Executive Windows.exe" [2005-04-18 1032192] "OM2_Monitor"="c:\program\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 95800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-05-22 148888] "SoundMAXPnP"="c:\program\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776] "ATICCC"="c:\program\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112] "ISUSPM Startup"="c:\program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program\Delade filer\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PDVDDXSrv"="c:\program\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Google Desktop Search"="c:\program\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-27 30192] "Adobe Photo Downloader"="c:\program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344] "REGSHAVE"="c:\program\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248] "TkBellExe"="c:\program\Delade filer\Real\Update_OB\realsched.exe" [2007-09-10 185632] "RoxioDragToDisc"="c:\program\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920] "SMSTray"="c:\program\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976] "MAAgent"="c:\program\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344] "AppleSyncNotifier"="c:\program\Delade filer\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904] "QuickTime Task"="c:\program\QuickTime\QTTask.exe" [2010-03-18 421888] "iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2010-06-15 141624] "mcui_exe"="c:\program\McAfee.com\Agent\mcagent.exe" [2010-06-30 1193848] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start-meny\Program\Autostart\ Acrobat Assistant.lnk - c:\program\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193] Adobe Reader Speed Launch.lnk - c:\program\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Adobe Reader Synchronizer.lnk - c:\program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872] BankID s„kerhetsprogram.lnk - c:\program\Personal\bin\Personal.exe [2010-3-10 939920] Exif Launcher 2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2007-8-11 294912] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program\\Messenger\\msmsgs.exe"= "c:\\Program\\uTorrent\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\program\Microsoft ActiveSync\rapimgr.exe"= c:\program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program\Microsoft ActiveSync\wcescomm.exe"= c:\program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program\Microsoft ActiveSync\WCESMgr.exe"= c:\program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program\\Spotify\\spotify.exe"= "c:\\Program\\Bonjour\\mDNSResponder.exe"= "c:\\Program\\iTunes\\iTunes.exe"= "c:\\Program\\Delade filer\\Mcafee\\McSvcHost\\McSvHost.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-07-03 3456] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-17 218592] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-08-17 82952] R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-08-17 54776] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program\Spyware Doctor\BDT\BDTUpdateService.exe [2010-08-17 112592] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program\Delade filer\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-08-17 271480] R2 mfefire;McAfee Firewall Core Service;c:\program\Delade filer\Mcafee\SystemCore\mfefire.exe [2010-08-17 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program\Delade filer\Mcafee\SystemCore\mfevtps.exe [2010-08-17 141792] R2 MOBKbackup;1%;c:\program\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688] R2 sdAuxService;PC Tools Auxiliary Service;c:\program\Spyware Doctor\pctsAuxs.exe [2010-08-17 366840] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-08-17 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-08-17 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-08-17 88480] S2 gupdate;Tjänsten Google Update (gupdate);c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 135664] S3 GoogleDesktopManager-051210-111108;Google Desktop-hanteraren 5.9.1005.12335;c:\program\Google\Google Desktop Search\GoogleDesktop.exe [2007-07-03 30192] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-08-17 38224] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-08-17 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-08-17 83496] --- Övriga tjänster/drivrutiner i minnet --- *Deregistered* - mfeavfk01 . Innehållet i mappen 'Schemalagda aktiviteter': 2010-07-16 c:\windows\Tasks\classicftpShakeIcon.job - c:\program\NCH Software\ClassicFTP\classicftp.exe [2010-07-07 20:08] 2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 18:49] 2010-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program\Google\Update\GoogleUpdate.exe [2010-03-22 18:49] 2010-08-18 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . . ------- Extra genomsökning ------- . uStart Page = hxxp://www.aftonbladet.se/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: Add to AMV Video Converter... - c:\program\Media Player Utilities 4.24\AMVConverter\grab.html IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html LSP: c:\program\Delade filer\PC Tools\Lsp\PCTLsp.dll Trusted Zone: mcafee.com DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} - hxxp://fika-web.ifolor.net/OrderingGeneral/LowRes/app_support/ActiveX/IfolorUploader_fika.cab FF - ProfilePath - c:\documents and settings\Marie-Louise\Application Data\Mozilla\Firefox\Profiles\10e7zmj2.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.aftonbladet.se FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - component: c:\program\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\program\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program\McAfee\Supportability\MVT\NPMVTPlugin.dll FF - plugin: c:\program\Personal\bin\np_prsnl.dll FF - plugin: c:\program\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - plugin: c:\program\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICY ---- c:\program\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-18 10:06 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\docume~1\MARIE-~1\LOKALA~1\Temp\catchme.dll 53248 bytes executable scan completed successfully hidden files: 1 ************************************************************************** . --------------------- DLLer som "laddats" under processer som körs --------------------- - - - - - - - > 'winlogon.exe'(1040) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(1096) c:\program\Delade filer\PC Tools\Lsp\PCTLsp.dll - - - - - - - > 'explorer.exe'(2152) c:\program\McAfee Online Backup\MOBKshell.dll c:\program\MarkAny\ContentSafer\MaCSProHook.DLL c:\program\iTunes\iTunesMiniPlayer.dll c:\program\iTunes\iTunesMiniPlayer.Resources\sv.lproj\iTunesMiniPlayerLocalized.dll c:\program\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\WPDShServiceObj.dll c:\program\Roxio\Drag-to-Disc\Shellex.dll c:\windows\system32\DLAAPI_W.DLL c:\windows\system32\CDRTC.DLL c:\program\Roxio\Drag-to-Disc\ShellRes.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andra processer som körs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program\ATI Technologies\ATI.ACE\CLI.EXE c:\program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\bgsvcgen.exe c:\program\Bonjour\mDNSResponder.exe c:\program\Microsoft ActiveSync\wcescomm.exe c:\program\Java\jre6\bin\jqs.exe c:\program\MI3AA1~1\rapimgr.exe c:\program\Delade filer\McAfee\SystemCore\mcshield.exe c:\program\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe c:\windows\System32\vssvc.exe c:\program\ATI Technologies\ATI.ACE\cli.exe c:\program\Java\jre6\bin\jucheck.exe . ************************************************************************** . Sluttid: 2010-08-18 10:13:53 - datorn startades om. ComboFix-quarantined-files.txt 2010-08-18 08:13 ComboFix2.txt 2010-08-17 23:20 ComboFix3.txt 2010-08-17 13:02 Före genomsökningen: 119 071 166 464 byte ledigt Efter genomsökningen: 119 049 383 936 byte ledigt - - End Of File - - A79563B2C834DA4B74B8521E6984CBB0
×