NOD32 Problem

[Cecilia]

Ja, cracks ställer lätt till med problem av ena eller andra slaget.

Se om det går bättre med att avinstallera i omvänd ordning eller om detta borttagningsprogram hjälper:

http://www.betterantivirus.com/nod32-antivirus-faqs/faqs/c1095623943.html#1170455686

 

Installera inte Avast innan Nod32 är helt borta.

 

[adde34]

Tyvärr så hjälper varken omvänd ordning eller som är beskrivet på http://www.betterantivirus.com/nod32-antivirus-faqs/faqs/c1095623943.html#1170455686.

Jag får hela tiden felmedelande " Felaktig komanosyntax "

 

 

 

[Cecilia]

Pga att filen du skrev om förut inte finns på I:?

Kan du ladda ner den igen och lägga på ett USB-minne som får enhetsbokstaven I?

 

Du kan också se om Revo Uninstaller lyckas bättre:

http://www.revouninstaller.com/index.html

 

Edit: Rättat länken

 

[inlägget ändrat 2009-10-26 23:07:01 av Cecilia]

[adde34]

Tack. Det är fixat. Jag har instalerat Antivir nu och hela tiden får jag upp ett meddelande( bifogar bilden ). Den filen finns alltid i temp mappen även när jag tar bort den så kommer den tillbaka.

 

[bild bifogad 2009-10-27 20:32:49 av adde34]

[Cecilia]

Det är den där ctv-filen vi höll på med för några dagar sedan.

 

Uppdatera MBAM och sök igenom datorn. Om något hittas så klistra in loggen.

Starta om datorn.

 

Kör sedan ComboFix på samma sätt som tidigare och klistra in loggen. Se till att ComboFix uppdateras i början. Kör Gmer också.

 

[adde34]

Gmer kan jag inte köra. Dator krashar vid Gmer körning

 

[log]Malwarebytes' Anti-Malware 1.41

Databasversion: 3045

Windows 5.1.2600 Service Pack 3

 

2009-10-28 09:13:09

mbam-log-2009-10-28 (09-13-09).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 96570

Förfluten tid: 7 minute(s), 39 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

(Inga illasinnade poster hittades)

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

(Inga illasinnade poster hittades)[/log]

 

 

[log]ComboFix 09-10-27.04 - Adnan 2009-10-28 9:30.10.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.255.90 [GMT 1:00]

Körs från: j:\programi\Programi za trzenje i sklanjanje virusa httpeforum.idg.seviewmsg.aspEntriesId=1166704\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

 

(((((((((((((((((((((((( Filer Skapade från 2009-09-28 till 2009-10-28 ))))))))))))))))))))))))))))))

.

 

2009-10-27 08:46 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-10-27 08:45 . 2009-10-27 08:54 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-10-27 08:45 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-10-27 08:45 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-10-26 18:46 . 2009-10-26 18:46 -------- d-----w- c:\windows\system32\wbem\Repository

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\program\Avira

2009-10-26 15:56 . 2009-10-26 18:44 -------- d-----w- c:\windows\system32\NtmsData

2009-10-26 15:23 . 2009-10-26 15:23 -------- d-----w- c:\program\Alwil Software

2009-10-26 15:13 . 2009-10-26 18:44 -------- d-----w- c:\program\CCleaner

2009-10-25 11:21 . 2008-05-09 10:56 90112 -c----w- c:\windows\system32\dllcache\wshext.dll

2009-10-25 11:21 . 2008-05-09 10:56 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll

2009-10-25 11:21 . 2008-05-08 11:24 155648 -c----w- c:\windows\system32\dllcache\wscript.exe

2009-10-25 11:21 . 2008-05-09 10:56 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll

2009-10-25 11:21 . 2008-05-07 09:07 135168 -c----w- c:\windows\system32\dllcache\cscript.exe

2009-10-25 11:21 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\sv

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\bits

2009-10-24 15:17 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\43691238.sys

2009-10-24 14:51 . 2009-10-24 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-10-24 01:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2009-10-24 01:59 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-10-24 01:58 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-10-24 01:58 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2009-10-23 22:44 . 2009-10-28 08:41 904693792 --sha-w- c:\windows\system32\drivers\fidbox.dat

2009-10-23 22:42 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\63411846.sys

2009-10-23 17:39 . 2009-10-23 17:39 -------- d-----w- c:\program\MSXML 4.0

2009-10-23 17:27 . 2009-10-23 17:27 -------- d-----w- c:\program\Trend Micro

2009-10-23 09:26 . 2009-10-23 19:52 -------- d-----w- c:\program\Spyware Doctor

2009-10-23 07:32 . 2009-10-24 02:09 -------- d-----w- c:\windows\system32\XPSViewer

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\MSBuild

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\Reference Assemblies

2009-10-23 07:13 . 2009-10-23 07:13 -------- d-----w- c:\program\MSXML 6.0

2009-10-22 20:28 . 2007-02-07 07:59 140824 ----a-w- c:\windows\system32\secman.dll

2009-10-22 20:28 . 2007-01-06 08:44 1444352 ----a-w- c:\windows\system32\Redemption.dll

2009-10-22 20:27 . 2009-10-22 20:28 -------- d-----w- c:\program\Outlook Recovery Toolbox

2009-10-22 20:25 . 2009-10-22 20:27 -------- d-----w- c:\program\MailNavigator

2009-10-22 16:01 . 2009-06-15 10:45 76800 -c----w- c:\windows\system32\dllcache\telnet.exe

2009-10-22 16:01 . 2009-06-15 10:45 80896 -c----w- c:\windows\system32\dllcache\tlntsess.exe

2009-10-22 16:00 . 2009-06-25 08:27 56832 -c----w- c:\windows\system32\dllcache\secur32.dll

2009-10-22 16:00 . 2009-03-21 14:09 1003520 -c----w- c:\windows\system32\dllcache\kernel32.dll

2009-10-22 16:00 . 2009-07-17 16:22 1438208 -c----w- c:\windows\system32\dllcache\query.dll

2009-10-22 15:59 . 2009-06-10 06:16 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll

2009-10-22 15:59 . 2009-06-10 14:16 85504 -c----w- c:\windows\system32\dllcache\avifil32.dll

2009-10-22 15:59 . 2009-07-29 04:37 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll

2009-10-22 15:59 . 2009-07-29 04:37 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

2009-10-22 15:59 . 2009-06-25 08:27 147456 -c----w- c:\windows\system32\dllcache\schannel.dll

2009-10-22 15:54 . 2008-04-14 16:04 136192 ------w- c:\windows\system32\aaclient.dll

2009-10-22 15:54 . 2008-04-14 16:04 7168 ------w- c:\windows\system32\bitsprx4.dll

2009-10-22 15:54 . 2008-04-14 16:04 233472 ------w- c:\windows\system32\azroles.dll

2009-10-22 15:52 . 2008-04-14 16:03 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll

2009-10-22 15:52 . 2008-04-14 16:03 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdpash.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdnepr.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdiultn.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdbhc.dll

2009-10-22 15:52 . 2008-04-14 16:04 61440 ------w- c:\windows\system32\kmsvc.dll

2009-10-22 15:52 . 2008-04-14 16:04 37376 ------w- c:\windows\system32\l2gpstore.dll

2009-10-22 15:52 . 2008-04-14 16:05 33792 ------w- c:\windows\system32\mmcperf.exe

2009-10-22 15:52 . 2008-04-14 16:04 397312 ------w- c:\windows\system32\mmcex.dll

2009-10-22 15:52 . 2008-04-14 16:04 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll

2009-10-22 15:52 . 2008-04-14 16:04 106496 ------w- c:\windows\system32\mmcfxcommon.dll

2009-10-22 15:50 . 2008-04-14 16:05 7680 ----a-w- c:\windows\system32\spdwnwxp.exe

2009-10-22 15:50 . 2008-04-14 16:05 20992 ------w- c:\windows\system32\spupdwxp.exe

2009-10-22 15:50 . 2008-04-14 16:04 53248 ------w- c:\windows\system32\tsgqec.dll

2009-10-22 15:50 . 2008-04-14 16:04 50688 ------w- c:\windows\system32\tspkg.dll

2009-10-22 15:50 . 2008-04-14 16:05 28672 ------w- c:\windows\system32\verclsid.exe

2009-10-22 15:50 . 2008-04-14 16:04 69120 ------w- c:\windows\system32\wlanapi.dll

2009-10-22 15:46 . 2004-08-03 20:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys

2009-10-22 15:46 . 2004-08-03 20:29 29455 ------w- c:\windows\system32\drivers\ati1xbxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 14336 ------w- c:\windows\system32\drivers\atinpdxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 13824 ------w- c:\windows\system32\drivers\atinttxx.sys

2009-10-22 15:39 . 2009-05-07 15:33 347648 -c----w- c:\windows\system32\dllcache\localspl.dll

2009-10-22 15:38 . 2008-06-12 14:25 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll

2009-10-22 15:38 . 2008-06-12 14:25 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll

2009-10-22 15:38 . 2008-06-12 14:25 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll

2009-10-22 15:38 . 2008-06-12 14:25 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll

2009-10-22 15:38 . 2008-06-12 14:25 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll

2009-10-22 15:38 . 2008-06-12 14:25 428032 -c----w- c:\windows\system32\dllcache\msdtcprx.dll

2009-10-22 15:37 . 2009-09-04 21:05 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll

2009-10-22 15:37 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2009-10-22 15:37 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys

2009-10-22 15:37 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

2009-10-22 15:36 . 2008-06-17 19:02 8468992 -c----w- c:\windows\system32\dllcache\shell32.dll

2009-10-22 15:36 . 2009-04-15 14:55 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll

2009-10-22 15:35 . 2008-12-16 12:33 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll

2009-10-22 15:35 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll

2009-10-22 15:35 . 2009-04-19 19:51 1847168 -c----w- c:\windows\system32\dllcache\win32k.sys

2009-10-22 15:35 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll

2009-10-22 15:34 . 2008-10-23 12:43 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll

2009-10-22 15:34 . 2008-04-21 21:16 217088 -c----w- c:\windows\system32\dllcache\wordpad.exe

2009-10-22 15:34 . 2008-05-05 05:25 3072 ------w- c:\windows\system32\xpsp4res.dll

2009-10-22 15:34 . 2009-09-11 14:19 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll

2009-10-22 15:34 . 2009-06-25 08:27 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll

2009-10-22 15:34 . 2009-06-25 08:27 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll

2009-10-22 15:34 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys

2009-10-21 21:29 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-21 21:29 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-21 21:00 . 2009-10-21 21:00 -------- d-----r- c:\documents and settings\NetworkService\Favoriter

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\Adnan\Application Data\Malwarebytes

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-10-21 19:04 . 2009-10-21 21:29 -------- d-----w- c:\program\Malwarebytes' Anti-Malware

2009-10-20 18:18 . 2009-10-21 20:19 -------- d-----w- c:\windows\$regcmp$

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-27 21:38 . 2009-10-23 22:44 10595504 --sha-w- c:\windows\system32\drivers\fidbox.idx

2009-10-27 21:37 . 2008-09-11 22:23 -------- d-----w- c:\documents and settings\Adnan\Application Data\uTorrent

2009-10-26 15:19 . 2008-10-11 21:12 75656 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT

2009-10-25 08:02 . 2001-09-28 14:00 582670 ----a-w- c:\windows\system32\perfh01D.dat

2009-10-25 08:02 . 2001-09-28 14:00 124238 ----a-w- c:\windows\system32\perfc01D.dat

2009-10-24 18:53 . 2009-10-24 18:53 0 ----atw- c:\windows\005566_.tmp

2009-10-23 17:33 . 2009-03-13 13:27 -------- d-----w- c:\program\Yahoo!

2009-10-23 17:32 . 2008-09-18 17:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-10-23 12:21 . 2008-09-12 19:05 -------- d-----w- c:\program\Java

2009-10-23 10:50 . 2008-09-11 07:52 -------- d-----w- c:\program\QuickTime Alternative

2009-10-23 10:50 . 2009-02-24 15:00 -------- d-----w- c:\program\TPTEST5

2009-10-23 10:50 . 2009-08-29 10:41 -------- d-----w- c:\program\Xvid

2009-10-23 10:50 . 2008-09-12 16:24 -------- d-----w- c:\program\Zoom Player

2009-10-23 10:50 . 2008-09-12 16:43 -------- d-----w- c:\program\Windows Media Connect 2

2009-10-21 20:19 . 2009-02-21 15:47 -------- d-----w- c:\program\TuneUp Utilities 2009

2009-10-16 15:57 . 2009-09-23 13:41 -------- d-----w- c:\documents and settings\Adnan\Application Data\Apple Computer

2009-09-25 05:37 . 2004-08-03 23:34 667648 ------w- c:\windows\system32\wininet.dll

2009-09-25 05:37 . 2004-08-03 23:33 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\program\iTunes

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-09-23 13:39 . 2009-09-23 13:39 -------- d-----w- c:\program\iPod

2009-09-23 13:39 . 2009-09-23 13:32 -------- d-----w- c:\program\Delade filer\Apple

2009-09-23 13:39 . 2008-09-11 07:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2009-09-23 13:38 . 2009-09-23 13:38 -------- d-----w- c:\program\Bonjour

2009-09-11 14:19 . 2004-08-03 23:33 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:05 . 2004-08-03 23:33 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-01 19:55 . 2009-08-29 10:42 -------- d-----w- c:\documents and settings\Adnan\Application Data\AVI ReComp

2009-08-29 10:41 . 2009-08-29 09:21 -------- d-----w- c:\program\AVI ReComp

2009-08-29 10:41 . 2009-08-29 10:41 -------- d-----w- c:\program\Gabest

2009-08-29 10:41 . 2009-08-29 10:41 -------- d-----w- c:\program\AviSynth 2.5

2009-08-26 08:02 . 2004-08-03 23:34 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-14 18:26 . 2008-10-18 18:28 34 ----a-w- c:\documents and settings\Adnan\jagex_runescape_preferences.dat

2009-08-06 18:24 . 2008-09-10 10:19 327896 ----a-w- c:\windows\system32\wucltui.dll

2009-08-06 18:24 . 2008-09-10 10:19 209632 ----a-w- c:\windows\system32\wuweb.dll

2009-08-06 18:24 . 2008-09-10 10:19 35552 ----a-w- c:\windows\system32\wups.dll

2009-08-06 18:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2.dll

2009-08-06 18:24 . 2008-09-10 10:19 53472 ----a-w- c:\windows\system32\wuauclt.exe

2009-08-06 18:24 . 2004-08-03 23:33 96480 ----a-w- c:\windows\system32\cdm.dll

2009-08-06 18:23 . 2008-09-10 10:19 575704 ----a-w- c:\windows\system32\wuapi.dll

2009-08-06 18:23 . 2008-09-10 10:19 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2009-08-05 09:01 . 2004-08-03 23:33 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-08-04 20:59 . 2004-08-03 23:25 2189952 ------w- c:\windows\system32\ntoskrnl.exe

2009-08-04 17:29 . 2004-08-04 01:24 2066816 ------w- c:\windows\system32\ntkrnlpa.exe

2009-07-30 15:31 . 2009-05-26 14:04 59 ----a-w- c:\windows\wpd99.drv

2009-06-14 08:05 . 2009-06-14 08:05 102 ----a-w- c:\program\DivFix.ini

2003-05-05 11:10 . 2009-06-11 14:41 190976 ----a-w- c:\program\DivFix.exe

.

 

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Nero\Lib\NMIndexStoreSvr.exe" [2008-12-12 1840424]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

"QuickTime Task"="c:\program\QuickTime Alternative\qttask.exe" [2009-09-04 417792]

"NeroFilterCheck"="c:\program\Delade filer\Nero\Lib\NeroCheck.exe" [2009-10-21 30208]

"NBKeyScan"="c:\program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]

"Malwarebytes Anti-Malware (reboot)"="c:\program\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2009-09-21 305440]

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

[HKLM\~\startupfolder\C:^Documents and Settings^Adnan^Start-meny^Program^Autostart^is-AEMBM.lnk]

path=c:\documents and settings\Adnan\Start-meny\Program\Autostart\is-AEMBM.lnk

backup=c:\windows\pss\is-AEMBM.lnkStartup

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"RegClean Expert Scheduler"="c:\program\Registry Clean Expert\RCHelper.exe" /startup

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"CTCheck"=c:\program\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe

"PD0620 STISvc"=RunDLL32.exe P0620Pin.dll,RunDLL32EP 513

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe"

"WinampAgent"=c:\program\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]

appsecdll REG_SZ c:\windows\system32\mscert.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 1

"DisableNotifications"= 1 (0x1)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Utorrent\\uTorrent.exe"=

"c:\\Program\\Messenger\\msmsgs.exe"=

"c:\\Program\\SightSpeed\\SightSpeed.exe"=

"j:\\PROGRAMI\\DCPlusPlus-0.707\\DCPlusPlus.exe"=

"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program\\ActiveGPS\\ActiveGPS.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

 

R1 is-AEMBMdrv;is-AEMBMdrv;c:\windows\system32\drivers\63411846.sys [2009-10-23 148496]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-10-27 108289]

S1 is-L5AN1drv;is-L5AN1drv;c:\windows\system32\drivers\43691238.sys [2009-10-24 148496]

 

--- Övriga tjänster/drivrutiner i minnet ---

 

*NewlyCreated* - MBR

*Deregistered* - mbr

.

Innehållet i mappen 'Schemalagda aktiviteter':

 

2009-10-14 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\OFFICE11\EXCEL.EXE/3000

DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-28 09:40

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]

"D140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLer som "laddats" under processer som körs ---------------------

 

- - - - - - - > 'winlogon.exe'(692)

c:\windows\system32\MrvGINA.dll

 

- - - - - - - > 'Explorer.exe'(3772)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

c:\program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

c:\program\Microsoft Office\OFFICE11\msohev.dll

c:\program\Delade filer\Nero\Lib\NeroDigitalExt.dll

c:\program\Delade filer\Adobe\Acrobat\ActiveX\PDFShell.dll

c:\program\Delade filer\Adobe\Acrobat\ActiveX\PDFShell.SVE

c:\windows\system32\wmpshell.dll

.

Sluttid: 2009-10-28 9:45

ComboFix-quarantined-files.txt 2009-10-28 08:45

 

Före genomsökningen: 36 941 598 720 byte ledigt

Efter genomsökningen: 36 907 479 040 byte ledigt

 

- - End Of File - - 9550C0A6CBFBF82F197AA3B451F84431[/log]

 

[Cecilia]

Gmer kunde du ju köra förut.

 

Kopiera alla rader i rutan (använd markera kod)

Registry::
[-HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]
Driver::
is-AEMBMdrv
is-L5AN1drv

och klistra in i Anteckningar.

Spara filen på Skrivbordet med namnet CFScript.

 

Ladda ner OTM till Skrivbordet:

http://oldtimer.geekstogo.com/OTM.exe

 

Kör följande i ett svep utan att använda Internet Explorer och internet under tiden.

 

Starta OTM (i Vista högerklicka och Kör som administratör).

Kopiera alla dessa rader (använd markera kod):

:processes
explorer.exe
:commands
[emptytemp]
[start explorer]
[reboot]

Klistra in dem i rutan Paste Instructions for Items to be Moved

Tryck på MoveIt!

Om du blir tillfrågad om att starta om datorn så gör det.

 

Nollställ inställningarna i Internet Explorer så som jag skrev 25 oktober 2009 18:32.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Klistra in loggen som kommer ut.

Gå till mappen c:\_OTM\MovedFiles och öppna loggfilen som skapades med dagens datum och klockslaget för körningen. Kopiera innehållet och klistra in här.

 

[adde34]

[log]ComboFix 09-10-27.04 - Adnan 2009-10-28 20:28.11.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.255.73 [GMT 1:00]

Körs från: c:\documents and settings\Adnan\Skrivbord\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

 

(((((((((((((((((((((((( Filer Skapade från 2009-09-28 till 2009-10-28 ))))))))))))))))))))))))))))))

.

 

2009-10-28 19:28 . 2008-04-13 18:40 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys

2009-10-28 19:28 . 2008-04-13 18:40 96512 ----a-w- c:\windows\system32\drivers\atapi.sys

2009-10-28 19:11 . 2009-10-28 19:11 -------- d-----w- C:\_OTM

2009-10-27 08:46 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-10-27 08:45 . 2009-10-27 08:54 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-10-27 08:45 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-10-27 08:45 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-10-26 18:46 . 2009-10-26 18:46 -------- d-----w- c:\windows\system32\wbem\Repository

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\program\Avira

2009-10-26 15:56 . 2009-10-26 18:44 -------- d-----w- c:\windows\system32\NtmsData

2009-10-26 15:23 . 2009-10-26 15:23 -------- d-----w- c:\program\Alwil Software

2009-10-26 15:13 . 2009-10-26 18:44 -------- d-----w- c:\program\CCleaner

2009-10-25 11:21 . 2008-05-09 10:56 90112 -c----w- c:\windows\system32\dllcache\wshext.dll

2009-10-25 11:21 . 2008-05-09 10:56 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll

2009-10-25 11:21 . 2008-05-08 11:24 155648 -c----w- c:\windows\system32\dllcache\wscript.exe

2009-10-25 11:21 . 2008-05-09 10:56 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll

2009-10-25 11:21 . 2008-05-07 09:07 135168 -c----w- c:\windows\system32\dllcache\cscript.exe

2009-10-25 11:21 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\sv

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\bits

2009-10-24 15:17 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\43691238.sys

2009-10-24 14:51 . 2009-10-24 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-10-24 01:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2009-10-24 01:59 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-10-24 01:58 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-10-24 01:58 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2009-10-23 22:44 . 2009-10-28 19:38 907223072 --sha-w- c:\windows\system32\drivers\fidbox.dat

2009-10-23 22:42 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\63411846.sys

2009-10-23 17:39 . 2009-10-23 17:39 -------- d-----w- c:\program\MSXML 4.0

2009-10-23 17:27 . 2009-10-23 17:27 -------- d-----w- c:\program\Trend Micro

2009-10-23 09:26 . 2009-10-23 19:52 -------- d-----w- c:\program\Spyware Doctor

2009-10-23 07:32 . 2009-10-24 02:09 -------- d-----w- c:\windows\system32\XPSViewer

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\MSBuild

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\Reference Assemblies

2009-10-23 07:13 . 2009-10-23 07:13 -------- d-----w- c:\program\MSXML 6.0

2009-10-22 20:28 . 2007-02-07 07:59 140824 ----a-w- c:\windows\system32\secman.dll

2009-10-22 20:28 . 2007-01-06 08:44 1444352 ----a-w- c:\windows\system32\Redemption.dll

2009-10-22 20:27 . 2009-10-22 20:28 -------- d-----w- c:\program\Outlook Recovery Toolbox

2009-10-22 20:25 . 2009-10-22 20:27 -------- d-----w- c:\program\MailNavigator

2009-10-22 16:01 . 2009-06-15 10:45 76800 -c----w- c:\windows\system32\dllcache\telnet.exe

2009-10-22 16:01 . 2009-06-15 10:45 80896 -c----w- c:\windows\system32\dllcache\tlntsess.exe

2009-10-22 16:00 . 2009-06-25 08:27 56832 -c----w- c:\windows\system32\dllcache\secur32.dll

2009-10-22 16:00 . 2009-03-21 14:09 1003520 -c----w- c:\windows\system32\dllcache\kernel32.dll

2009-10-22 16:00 . 2009-07-17 16:22 1438208 -c----w- c:\windows\system32\dllcache\query.dll

2009-10-22 15:59 . 2009-06-10 06:16 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll

2009-10-22 15:59 . 2009-06-10 14:16 85504 -c----w- c:\windows\system32\dllcache\avifil32.dll

2009-10-22 15:59 . 2009-07-29 04:37 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll

2009-10-22 15:59 . 2009-07-29 04:37 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

2009-10-22 15:59 . 2009-06-25 08:27 147456 -c----w- c:\windows\system32\dllcache\schannel.dll

2009-10-22 15:54 . 2008-04-14 16:04 136192 ------w- c:\windows\system32\aaclient.dll

2009-10-22 15:54 . 2008-04-14 16:04 7168 ------w- c:\windows\system32\bitsprx4.dll

2009-10-22 15:54 . 2008-04-14 16:04 233472 ------w- c:\windows\system32\azroles.dll

2009-10-22 15:52 . 2008-04-14 16:03 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll

2009-10-22 15:52 . 2008-04-14 16:03 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdpash.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdnepr.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdiultn.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdbhc.dll

2009-10-22 15:52 . 2008-04-14 16:04 61440 ------w- c:\windows\system32\kmsvc.dll

2009-10-22 15:52 . 2008-04-14 16:04 37376 ------w- c:\windows\system32\l2gpstore.dll

2009-10-22 15:52 . 2008-04-14 16:05 33792 ------w- c:\windows\system32\mmcperf.exe

2009-10-22 15:52 . 2008-04-14 16:04 397312 ------w- c:\windows\system32\mmcex.dll

2009-10-22 15:52 . 2008-04-14 16:04 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll

2009-10-22 15:52 . 2008-04-14 16:04 106496 ------w- c:\windows\system32\mmcfxcommon.dll

2009-10-22 15:50 . 2008-04-14 16:05 7680 ----a-w- c:\windows\system32\spdwnwxp.exe

2009-10-22 15:50 . 2008-04-14 16:05 20992 ------w- c:\windows\system32\spupdwxp.exe

2009-10-22 15:50 . 2008-04-14 16:04 53248 ------w- c:\windows\system32\tsgqec.dll

2009-10-22 15:50 . 2008-04-14 16:04 50688 ------w- c:\windows\system32\tspkg.dll

2009-10-22 15:50 . 2008-04-14 16:05 28672 ------w- c:\windows\system32\verclsid.exe

2009-10-22 15:50 . 2008-04-14 16:04 69120 ------w- c:\windows\system32\wlanapi.dll

2009-10-22 15:46 . 2004-08-03 20:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys

2009-10-22 15:46 . 2004-08-03 20:29 29455 ------w- c:\windows\system32\drivers\ati1xbxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 14336 ------w- c:\windows\system32\drivers\atinpdxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 13824 ------w- c:\windows\system32\drivers\atinttxx.sys

2009-10-22 15:39 . 2009-05-07 15:33 347648 -c----w- c:\windows\system32\dllcache\localspl.dll

2009-10-22 15:38 . 2008-06-12 14:25 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll

2009-10-22 15:38 . 2008-06-12 14:25 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll

2009-10-22 15:38 . 2008-06-12 14:25 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll

2009-10-22 15:38 . 2008-06-12 14:25 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll

2009-10-22 15:38 . 2008-06-12 14:25 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll

2009-10-22 15:38 . 2008-06-12 14:25 428032 -c----w- c:\windows\system32\dllcache\msdtcprx.dll

2009-10-22 15:37 . 2009-09-04 21:05 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll

2009-10-22 15:37 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2009-10-22 15:37 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys

2009-10-22 15:37 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

2009-10-22 15:36 . 2008-06-17 19:02 8468992 -c----w- c:\windows\system32\dllcache\shell32.dll

2009-10-22 15:36 . 2009-04-15 14:55 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll

2009-10-22 15:35 . 2008-12-16 12:33 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll

2009-10-22 15:35 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll

2009-10-22 15:35 . 2009-04-19 19:51 1847168 -c----w- c:\windows\system32\dllcache\win32k.sys

2009-10-22 15:35 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll

2009-10-22 15:34 . 2008-10-23 12:43 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll

2009-10-22 15:34 . 2008-04-21 21:16 217088 -c----w- c:\windows\system32\dllcache\wordpad.exe

2009-10-22 15:34 . 2008-05-05 05:25 3072 ------w- c:\windows\system32\xpsp4res.dll

2009-10-22 15:34 . 2009-09-11 14:19 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll

2009-10-22 15:34 . 2009-06-25 08:27 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll

2009-10-22 15:34 . 2009-06-25 08:27 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll

2009-10-22 15:34 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys

2009-10-21 21:29 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-21 21:29 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-21 21:00 . 2009-10-21 21:00 -------- d-----r- c:\documents and settings\NetworkService\Favoriter

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\Adnan\Application Data\Malwarebytes

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-10-21 19:04 . 2009-10-21 21:29 -------- d-----w- c:\program\Malwarebytes' Anti-Malware

2009-10-20 18:18 . 2009-10-21 20:19 -------- d-----w- c:\windows\$regcmp$

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-28 19:13 . 2009-10-23 22:44 10624208 --sha-w- c:\windows\system32\drivers\fidbox.idx

2009-10-27 21:37 . 2008-09-11 22:23 -------- d-----w- c:\documents and settings\Adnan\Application Data\uTorrent

2009-10-26 15:19 . 2008-10-11 21:12 75656 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT

2009-10-25 08:02 . 2001-09-28 14:00 582670 ----a-w- c:\windows\system32\perfh01D.dat

2009-10-25 08:02 . 2001-09-28 14:00 124238 ----a-w- c:\windows\system32\perfc01D.dat

2009-10-23 17:33 . 2009-03-13 13:27 -------- d-----w- c:\program\Yahoo!

2009-10-23 17:32 . 2008-09-18 17:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-10-23 12:21 . 2008-09-12 19:05 -------- d-----w- c:\program\Java

2009-10-23 10:50 . 2008-09-11 07:52 -------- d-----w- c:\program\QuickTime Alternative

2009-10-23 10:50 . 2009-02-24 15:00 -------- d-----w- c:\program\TPTEST5

2009-10-23 10:50 . 2009-08-29 10:41 -------- d-----w- c:\program\Xvid

2009-10-23 10:50 . 2008-09-12 16:24 -------- d-----w- c:\program\Zoom Player

2009-10-23 10:50 . 2008-09-12 16:43 -------- d-----w- c:\program\Windows Media Connect 2

2009-10-21 20:19 . 2009-02-21 15:47 -------- d-----w- c:\program\TuneUp Utilities 2009

2009-10-16 15:57 . 2009-09-23 13:41 -------- d-----w- c:\documents and settings\Adnan\Application Data\Apple Computer

2009-09-25 05:37 . 2004-08-03 23:34 667648 ------w- c:\windows\system32\wininet.dll

2009-09-25 05:37 . 2004-08-03 23:33 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\program\iTunes

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-09-23 13:39 . 2009-09-23 13:39 -------- d-----w- c:\program\iPod

2009-09-23 13:39 . 2009-09-23 13:32 -------- d-----w- c:\program\Delade filer\Apple

2009-09-23 13:39 . 2008-09-11 07:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2009-09-23 13:38 . 2009-09-23 13:38 -------- d-----w- c:\program\Bonjour

2009-09-11 14:19 . 2004-08-03 23:33 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:05 . 2004-08-03 23:33 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-01 19:55 . 2009-08-29 10:42 -------- d-----w- c:\documents and settings\Adnan\Application Data\AVI ReComp

2009-08-26 08:02 . 2004-08-03 23:34 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-14 18:26 . 2008-10-18 18:28 34 ----a-w- c:\documents and settings\Adnan\jagex_runescape_preferences.dat

2009-08-06 18:24 . 2008-09-10 10:19 327896 ----a-w- c:\windows\system32\wucltui.dll

2009-08-06 18:24 . 2008-09-10 10:19 209632 ----a-w- c:\windows\system32\wuweb.dll

2009-08-06 18:24 . 2008-09-10 10:19 35552 ----a-w- c:\windows\system32\wups.dll

2009-08-06 18:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2.dll

2009-08-06 18:24 . 2008-09-10 10:19 53472 ------w- c:\windows\system32\wuauclt.exe

2009-08-06 18:24 . 2004-08-03 23:33 96480 ----a-w- c:\windows\system32\cdm.dll

2009-08-06 18:23 . 2008-09-10 10:19 575704 ----a-w- c:\windows\system32\wuapi.dll

2009-08-06 18:23 . 2008-09-10 10:19 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2009-08-05 09:01 . 2004-08-03 23:33 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-08-04 20:59 . 2004-08-03 23:25 2189952 ------w- c:\windows\system32\ntoskrnl.exe

2009-08-04 17:29 . 2004-08-04 01:24 2066816 ------w- c:\windows\system32\ntkrnlpa.exe

2009-06-14 08:05 . 2009-06-14 08:05 102 ----a-w- c:\program\DivFix.ini

2003-05-05 11:10 . 2009-06-11 14:41 190976 ----a-w- c:\program\DivFix.exe

.

 

((((((((((((((((((((((((((((( SnapShot@2009-10-28_08.41.05 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-10-28 15:53 . 2009-10-28 15:53 29926 c:\windows\Installer\{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}\MsblIco.Exe

- 2009-03-16 19:01 . 2009-03-16 19:01 29926 c:\windows\Installer\{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}\MsblIco.Exe

+ 2009-10-28 15:53 . 2009-10-28 15:53 804864 c:\windows\Installer\f60c5.msi

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Nero\Lib\NMIndexStoreSvr.exe" [2008-12-12 1840424]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

"QuickTime Task"="c:\program\QuickTime Alternative\qttask.exe" [2009-09-04 417792]

"NeroFilterCheck"="c:\program\Delade filer\Nero\Lib\NeroCheck.exe" [2009-10-21 30208]

"NBKeyScan"="c:\program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]

"Malwarebytes Anti-Malware (reboot)"="c:\program\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2009-09-21 305440]

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

[HKLM\~\startupfolder\C:^Documents and Settings^Adnan^Start-meny^Program^Autostart^is-AEMBM.lnk]

path=c:\documents and settings\Adnan\Start-meny\Program\Autostart\is-AEMBM.lnk

backup=c:\windows\pss\is-AEMBM.lnkStartup

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"RegClean Expert Scheduler"="c:\program\Registry Clean Expert\RCHelper.exe" /startup

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"CTCheck"=c:\program\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe

"PD0620 STISvc"=RunDLL32.exe P0620Pin.dll,RunDLL32EP 513

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe"

"WinampAgent"=c:\program\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]

appsecdll REG_SZ c:\windows\system32\mscert.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 1

"DisableNotifications"= 1 (0x1)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Utorrent\\uTorrent.exe"=

"c:\\Program\\Messenger\\msmsgs.exe"=

"c:\\Program\\SightSpeed\\SightSpeed.exe"=

"j:\\PROGRAMI\\DCPlusPlus-0.707\\DCPlusPlus.exe"=

"c:\\Program\\ActiveGPS\\ActiveGPS.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=

 

R1 is-AEMBMdrv;is-AEMBMdrv;c:\windows\system32\drivers\63411846.sys [2009-10-23 148496]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-10-27 108289]

S1 is-L5AN1drv;is-L5AN1drv;c:\windows\system32\drivers\43691238.sys [2009-10-24 148496]

 

--- Övriga tjänster/drivrutiner i minnet ---

 

*Deregistered* - mbr

.

Innehållet i mappen 'Schemalagda aktiviteter':

 

2009-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\OFFICE11\EXCEL.EXE/3000

DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-28 20:38

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]

"D140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLer som "laddats" under processer som körs ---------------------

 

- - - - - - - > 'winlogon.exe'(668)

c:\windows\system32\MrvGINA.dll

 

- - - - - - - > 'Explorer.exe'(2024)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Sluttid: 2009-10-28 20:43

ComboFix-quarantined-files.txt 2009-10-28 19:43

ComboFix2.txt 2009-10-28 08:45

 

Före genomsökningen: 37 024 915 456 byte ledigt

Efter genomsökningen: 36 985 856 000 byte ledigt

 

- - End Of File - - D542B7E128E98EB5F5D98B84D8E0F389[/log]

 

 

 

[log]All processes killed

========== PROCESSES ==========

No active process named explorer.exe was found!

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Adnan

->Temp folder emptied: 6958 bytes

->Temporary Internet Files folder emptied: 46318654 bytes

->Java cache emptied: 42434094 bytes

->FireFox cache emptied: 85633590 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

File delete failed. C:\Documents and Settings\LocalService\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

->Temporary Internet Files folder emptied: 32902 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2133229 bytes

%systemroot%\System32 .tmp files removed: 5528082 bytes

Windows Temp folder emptied: 2479 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 173,69 mb

 

 

OTM by OldTimer - Version 3.0.0.6 log created on 10282009_201137

 

Files moved on Reboot...

 

Registry entries deleted on Reboot...[/log]

 

[Cecilia]

ComboFix uppfattade inte att du släppte CFScript-filen på den. Försök igen.

 

Surfa till http://www.virustotal.com (fungerar bäst med Internet Explorer) klistra in ett av följande filnamn i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här. Upprepa med nästa filnamn.

c:\windows\Installer\{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}\

MsblIco.Exe

c:\windows\Installer\f60c5.msi

 

[adde34]

Nu har jag försökt köra Combofix 2 ggr. Först med att släppa filen innan jag startar Combofix och att släppa filen strax efter starten

 

 

[log]ComboFix 09-10-27.04 - 2009-10-28 21:41.12.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.255.107 [GMT 1:00]

Körs från: c:\documents and settings\Adnan\Skrivbord\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

 

(((((((((((((((((((((((( Filer Skapade från 2009-09-28 till 2009-10-28 ))))))))))))))))))))))))))))))

.

 

2009-10-28 20:41 . 2008-04-13 18:40 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys

2009-10-28 20:41 . 2008-04-13 18:40 96512 ----a-w- c:\windows\system32\drivers\atapi.sys

2009-10-28 19:11 . 2009-10-28 19:11 -------- d-----w- C:\_OTM

2009-10-27 08:46 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-10-27 08:45 . 2009-10-27 08:54 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-10-27 08:45 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-10-27 08:45 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-10-26 18:46 . 2009-10-26 18:46 -------- d-----w- c:\windows\system32\wbem\Repository

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\program\Avira

2009-10-26 15:56 . 2009-10-26 18:44 -------- d-----w- c:\windows\system32\NtmsData

2009-10-26 15:23 . 2009-10-26 15:23 -------- d-----w- c:\program\Alwil Software

2009-10-26 15:13 . 2009-10-26 18:44 -------- d-----w- c:\program\CCleaner

2009-10-25 11:21 . 2008-05-09 10:56 90112 -c----w- c:\windows\system32\dllcache\wshext.dll

2009-10-25 11:21 . 2008-05-09 10:56 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll

2009-10-25 11:21 . 2008-05-08 11:24 155648 -c----w- c:\windows\system32\dllcache\wscript.exe

2009-10-25 11:21 . 2008-05-09 10:56 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll

2009-10-25 11:21 . 2008-05-07 09:07 135168 -c----w- c:\windows\system32\dllcache\cscript.exe

2009-10-25 11:21 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\sv

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\bits

2009-10-24 15:17 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\43691238.sys

2009-10-24 14:51 . 2009-10-24 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-10-24 01:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2009-10-24 01:59 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-10-24 01:58 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-10-24 01:58 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2009-10-23 22:44 . 2009-10-28 20:52 908933152 --sha-w- c:\windows\system32\drivers\fidbox.dat

2009-10-23 22:42 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\63411846.sys

2009-10-23 17:39 . 2009-10-23 17:39 -------- d-----w- c:\program\MSXML 4.0

2009-10-23 17:27 . 2009-10-23 17:27 -------- d-----w- c:\program\Trend Micro

2009-10-23 09:26 . 2009-10-23 19:52 -------- d-----w- c:\program\Spyware Doctor

2009-10-23 07:32 . 2009-10-24 02:09 -------- d-----w- c:\windows\system32\XPSViewer

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\MSBuild

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\Reference Assemblies

2009-10-23 07:13 . 2009-10-23 07:13 -------- d-----w- c:\program\MSXML 6.0

2009-10-22 20:28 . 2007-02-07 07:59 140824 ----a-w- c:\windows\system32\secman.dll

2009-10-22 20:28 . 2007-01-06 08:44 1444352 ----a-w- c:\windows\system32\Redemption.dll

2009-10-22 20:27 . 2009-10-22 20:28 -------- d-----w- c:\program\Outlook Recovery Toolbox

2009-10-22 20:25 . 2009-10-22 20:27 -------- d-----w- c:\program\MailNavigator

2009-10-22 16:01 . 2009-06-15 10:45 76800 -c----w- c:\windows\system32\dllcache\telnet.exe

2009-10-22 16:01 . 2009-06-15 10:45 80896 -c----w- c:\windows\system32\dllcache\tlntsess.exe

2009-10-22 16:00 . 2009-06-25 08:27 56832 -c----w- c:\windows\system32\dllcache\secur32.dll

2009-10-22 16:00 . 2009-03-21 14:09 1003520 -c----w- c:\windows\system32\dllcache\kernel32.dll

2009-10-22 16:00 . 2009-07-17 16:22 1438208 -c----w- c:\windows\system32\dllcache\query.dll

2009-10-22 15:59 . 2009-06-10 06:16 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll

2009-10-22 15:59 . 2009-06-10 14:16 85504 -c----w- c:\windows\system32\dllcache\avifil32.dll

2009-10-22 15:59 . 2009-07-29 04:37 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll

2009-10-22 15:59 . 2009-07-29 04:37 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

2009-10-22 15:59 . 2009-06-25 08:27 147456 -c----w- c:\windows\system32\dllcache\schannel.dll

2009-10-22 15:54 . 2008-04-14 16:04 136192 ------w- c:\windows\system32\aaclient.dll

2009-10-22 15:54 . 2008-04-14 16:04 7168 ------w- c:\windows\system32\bitsprx4.dll

2009-10-22 15:54 . 2008-04-14 16:04 233472 ------w- c:\windows\system32\azroles.dll

2009-10-22 15:52 . 2008-04-14 16:03 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll

2009-10-22 15:52 . 2008-04-14 16:03 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdpash.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdnepr.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdiultn.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdbhc.dll

2009-10-22 15:52 . 2008-04-14 16:04 61440 ------w- c:\windows\system32\kmsvc.dll

2009-10-22 15:52 . 2008-04-14 16:04 37376 ------w- c:\windows\system32\l2gpstore.dll

2009-10-22 15:52 . 2008-04-14 16:05 33792 ------w- c:\windows\system32\mmcperf.exe

2009-10-22 15:52 . 2008-04-14 16:04 397312 ------w- c:\windows\system32\mmcex.dll

2009-10-22 15:52 . 2008-04-14 16:04 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll

2009-10-22 15:52 . 2008-04-14 16:04 106496 ------w- c:\windows\system32\mmcfxcommon.dll

2009-10-22 15:50 . 2008-04-14 16:05 7680 ----a-w- c:\windows\system32\spdwnwxp.exe

2009-10-22 15:50 . 2008-04-14 16:05 20992 ------w- c:\windows\system32\spupdwxp.exe

2009-10-22 15:50 . 2008-04-14 16:04 53248 ------w- c:\windows\system32\tsgqec.dll

2009-10-22 15:50 . 2008-04-14 16:04 50688 ------w- c:\windows\system32\tspkg.dll

2009-10-22 15:50 . 2008-04-14 16:05 28672 ------w- c:\windows\system32\verclsid.exe

2009-10-22 15:50 . 2008-04-14 16:04 69120 ------w- c:\windows\system32\wlanapi.dll

2009-10-22 15:46 . 2004-08-03 20:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys

2009-10-22 15:46 . 2004-08-03 20:29 29455 ------w- c:\windows\system32\drivers\ati1xbxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 14336 ------w- c:\windows\system32\drivers\atinpdxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 13824 ------w- c:\windows\system32\drivers\atinttxx.sys

2009-10-22 15:39 . 2009-05-07 15:33 347648 -c----w- c:\windows\system32\dllcache\localspl.dll

2009-10-22 15:38 . 2008-06-12 14:25 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll

2009-10-22 15:38 . 2008-06-12 14:25 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll

2009-10-22 15:38 . 2008-06-12 14:25 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll

2009-10-22 15:38 . 2008-06-12 14:25 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll

2009-10-22 15:38 . 2008-06-12 14:25 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll

2009-10-22 15:38 . 2008-06-12 14:25 428032 -c----w- c:\windows\system32\dllcache\msdtcprx.dll

2009-10-22 15:37 . 2009-09-04 21:05 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll

2009-10-22 15:37 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2009-10-22 15:37 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys

2009-10-22 15:37 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

2009-10-22 15:36 . 2008-06-17 19:02 8468992 -c----w- c:\windows\system32\dllcache\shell32.dll

2009-10-22 15:36 . 2009-04-15 14:55 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll

2009-10-22 15:35 . 2008-12-16 12:33 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll

2009-10-22 15:35 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll

2009-10-22 15:35 . 2009-04-19 19:51 1847168 -c----w- c:\windows\system32\dllcache\win32k.sys

2009-10-22 15:35 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll

2009-10-22 15:34 . 2008-10-23 12:43 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll

2009-10-22 15:34 . 2008-04-21 21:16 217088 -c----w- c:\windows\system32\dllcache\wordpad.exe

2009-10-22 15:34 . 2008-05-05 05:25 3072 ------w- c:\windows\system32\xpsp4res.dll

2009-10-22 15:34 . 2009-09-11 14:19 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll

2009-10-22 15:34 . 2009-06-25 08:27 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll

2009-10-22 15:34 . 2009-06-25 08:27 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll

2009-10-22 15:34 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys

2009-10-21 21:29 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-21 21:29 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-21 21:00 . 2009-10-21 21:00 -------- d-----r- c:\documents and settings\NetworkService\Favoriter

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\Adnan\Application Data\Malwarebytes

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-10-21 19:04 . 2009-10-21 21:29 -------- d-----w- c:\program\Malwarebytes' Anti-Malware

2009-10-20 18:18 . 2009-10-21 20:19 -------- d-----w- c:\windows\$regcmp$

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-28 19:13 . 2009-10-23 22:44 10624208 --sha-w- c:\windows\system32\drivers\fidbox.idx

2009-10-27 21:37 . 2008-09-11 22:23 -------- d-----w- c:\documents and settings\Adnan\Application Data\uTorrent

2009-10-26 15:19 . 2008-10-11 21:12 75656 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT

2009-10-25 08:02 . 2001-09-28 14:00 582670 ----a-w- c:\windows\system32\perfh01D.dat

2009-10-25 08:02 . 2001-09-28 14:00 124238 ----a-w- c:\windows\system32\perfc01D.dat

2009-10-23 17:33 . 2009-03-13 13:27 -------- d-----w- c:\program\Yahoo!

2009-10-23 17:32 . 2008-09-18 17:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-10-23 12:21 . 2008-09-12 19:05 -------- d-----w- c:\program\Java

2009-10-23 10:50 . 2008-09-11 07:52 -------- d-----w- c:\program\QuickTime Alternative

2009-10-23 10:50 . 2009-02-24 15:00 -------- d-----w- c:\program\TPTEST5

2009-10-23 10:50 . 2009-08-29 10:41 -------- d-----w- c:\program\Xvid

2009-10-23 10:50 . 2008-09-12 16:24 -------- d-----w- c:\program\Zoom Player

2009-10-23 10:50 . 2008-09-12 16:43 -------- d-----w- c:\program\Windows Media Connect 2

2009-10-21 20:19 . 2009-02-21 15:47 -------- d-----w- c:\program\TuneUp Utilities 2009

2009-10-16 15:57 . 2009-09-23 13:41 -------- d-----w- c:\documents and settings\Adnan\Application Data\Apple Computer

2009-09-25 05:37 . 2004-08-03 23:34 667648 ------w- c:\windows\system32\wininet.dll

2009-09-25 05:37 . 2004-08-03 23:33 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\program\iTunes

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-09-23 13:39 . 2009-09-23 13:39 -------- d-----w- c:\program\iPod

2009-09-23 13:39 . 2009-09-23 13:32 -------- d-----w- c:\program\Delade filer\Apple

2009-09-23 13:39 . 2008-09-11 07:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2009-09-23 13:38 . 2009-09-23 13:38 -------- d-----w- c:\program\Bonjour

2009-09-11 14:19 . 2004-08-03 23:33 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:05 . 2004-08-03 23:33 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-01 19:55 . 2009-08-29 10:42 -------- d-----w- c:\documents and settings\Adnan\Application Data\AVI ReComp

2009-08-26 08:02 . 2004-08-03 23:34 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-14 18:26 . 2008-10-18 18:28 34 ----a-w- c:\documents and settings\Adnan\jagex_runescape_preferences.dat

2009-08-06 18:24 . 2008-09-10 10:19 327896 ----a-w- c:\windows\system32\wucltui.dll

2009-08-06 18:24 . 2008-09-10 10:19 209632 ----a-w- c:\windows\system32\wuweb.dll

2009-08-06 18:24 . 2008-09-10 10:19 35552 ----a-w- c:\windows\system32\wups.dll

2009-08-06 18:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2.dll

2009-08-06 18:24 . 2008-09-10 10:19 53472 ------w- c:\windows\system32\wuauclt.exe

2009-08-06 18:24 . 2004-08-03 23:33 96480 ----a-w- c:\windows\system32\cdm.dll

2009-08-06 18:23 . 2008-09-10 10:19 575704 ----a-w- c:\windows\system32\wuapi.dll

2009-08-06 18:23 . 2008-09-10 10:19 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2009-08-05 09:01 . 2004-08-03 23:33 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-08-04 20:59 . 2004-08-03 23:25 2189952 ------w- c:\windows\system32\ntoskrnl.exe

2009-08-04 17:29 . 2004-08-04 01:24 2066816 ------w- c:\windows\system32\ntkrnlpa.exe

2009-06-14 08:05 . 2009-06-14 08:05 102 ----a-w- c:\program\DivFix.ini

2003-05-05 11:10 . 2009-06-11 14:41 190976 ----a-w- c:\program\DivFix.exe

.

 

((((((((((((((((((((((((((((( SnapShot@2009-10-28_08.41.05 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-10-28 20:52 . 2009-10-28 20:52 53248 c:\windows\temp\catchme.dll

+ 2009-10-28 15:53 . 2009-10-28 15:53 29926 c:\windows\Installer\{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}\MsblIco.Exe

- 2009-03-16 19:01 . 2009-03-16 19:01 29926 c:\windows\Installer\{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}\MsblIco.Exe

+ 2009-10-28 15:53 . 2009-10-28 15:53 804864 c:\windows\Installer\f60c5.msi

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Nero\Lib\NMIndexStoreSvr.exe" [2008-12-12 1840424]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

"QuickTime Task"="c:\program\QuickTime Alternative\qttask.exe" [2009-09-04 417792]

"NeroFilterCheck"="c:\program\Delade filer\Nero\Lib\NeroCheck.exe" [2009-10-21 30208]

"NBKeyScan"="c:\program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]

"Malwarebytes Anti-Malware (reboot)"="c:\program\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2009-09-21 305440]

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

[HKLM\~\startupfolder\C:^Documents and Settings^Adnan^Start-meny^Program^Autostart^is-AEMBM.lnk]

path=c:\documents and settings\Adnan\Start-meny\Program\Autostart\is-AEMBM.lnk

backup=c:\windows\pss\is-AEMBM.lnkStartup

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"RegClean Expert Scheduler"="c:\program\Registry Clean Expert\RCHelper.exe" /startup

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"CTCheck"=c:\program\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe

"PD0620 STISvc"=RunDLL32.exe P0620Pin.dll,RunDLL32EP 513

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe"

"WinampAgent"=c:\program\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]

appsecdll REG_SZ c:\windows\system32\mscert.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 1

"DisableNotifications"= 1 (0x1)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Utorrent\\uTorrent.exe"=

"c:\\Program\\Messenger\\msmsgs.exe"=

"c:\\Program\\SightSpeed\\SightSpeed.exe"=

"j:\\PROGRAMI\\DCPlusPlus-0.707\\DCPlusPlus.exe"=

"c:\\Program\\ActiveGPS\\ActiveGPS.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=

 

R1 is-AEMBMdrv;is-AEMBMdrv;c:\windows\system32\drivers\63411846.sys [2009-10-23 148496]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-10-27 108289]

S1 is-L5AN1drv;is-L5AN1drv;c:\windows\system32\drivers\43691238.sys [2009-10-24 148496]

 

--- Övriga tjänster/drivrutiner i minnet ---

 

*Deregistered* - mbr

.

Innehållet i mappen 'Schemalagda aktiviteter':

 

2009-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\OFFICE11\EXCEL.EXE/3000

DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-28 21:52

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]

"D140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLer som "laddats" under processer som körs ---------------------

 

- - - - - - - > 'winlogon.exe'(668)

c:\windows\system32\MrvGINA.dll

 

- - - - - - - > 'Explorer.exe'(3784)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program\Delade filer\Nero\Lib\NeroDigitalExt.dll

c:\program\Delade filer\Adobe\Acrobat\ActiveX\PDFShell.dll

c:\program\Delade filer\Adobe\Acrobat\ActiveX\PDFShell.SVE

.

Sluttid: 2009-10-28 21:57

ComboFix-quarantined-files.txt 2009-10-28 20:57

ComboFix2.txt 2009-10-28 19:43

ComboFix3.txt 2009-10-28 08:45

 

Före genomsökningen: 37 180 743 680 byte ledigt

Efter genomsökningen: 37 169 774 592 byte ledigt

 

- - End Of File - - E804F6AD60BB64C6E0E8E675F4F17390[/log]

 

 

[log]Fil f60c5.msi mottagen 2009.10.28 20:34:44 (UTC)

Närvarande status: Laddar ... köad väntar söker genomförd EJ FUNNEN STOPPAD

 

 

Resultat: 0/41 (0%)

Laddar server information...

Din fil är köad i position: 3.

Uppskattat starttid är mellan 61 och 87 sekunder.

Stäng inte ner detta fönster förens sökningen är genomförd.

Scannern som arbetade med din fil har stoppat, vi kommer att vänta ett par sekunder för att försöka återställa ditt resultat.

Om du väntar i mer än 5 minuter måste du skicka in din fil igen.

Din fil blir genomsökt av VirusTotal för tillfället,

resultat kommer att visas när de är klara.

Compact Skriv ut resultat

Din fil har upphört eller existerar inte.

Tjänsten är stoppad för tillfället, din fil väntar på att bli genomsökt (position: ) för en obestämd tid.

 

Du kan vänta på ett svar (automatisk uppdatering) eller ange din email i formuläret nedan och klicka "begär" så kommer systemet att skicka dig ett email när sökningen är genomförd.

Email:

 

 

Antivirus Version Senaste Uppdatering Resultat

a-squared 4.5.0.41 2009.10.28 -

AhnLab-V3 5.0.0.2 2009.10.28 -

AntiVir 7.9.1.50 2009.10.28 -

Antiy-AVL 2.0.3.7 2009.10.27 -

Authentium 5.1.2.4 2009.10.28 -

Avast 4.8.1351.0 2009.10.28 -

AVG 8.5.0.423 2009.10.28 -

BitDefender 7.2 2009.10.28 -

CAT-QuickHeal 10.00 2009.10.28 -

ClamAV 0.94.1 2009.10.28 -

Comodo 2760 2009.10.28 -

DrWeb 5.0.0.12182 2009.10.28 -

eSafe 7.0.17.0 2009.10.28 -

eTrust-Vet 35.1.7088 2009.10.28 -

F-Prot 4.5.1.85 2009.10.28 -

F-Secure 9.0.15370.0 2009.10.27 -

Fortinet 3.120.0.0 2009.10.28 -

GData 19 2009.10.28 -

Ikarus T3.1.1.72.0 2009.10.28 -

Jiangmin 11.0.800 2009.10.26 -

K7AntiVirus 7.10.881 2009.10.27 -

Kaspersky 7.0.0.125 2009.10.28 -

McAfee 5785 2009.10.28 -

McAfee+Artemis 5785 2009.10.28 -

McAfee-GW-Edition 6.8.5 2009.10.28 -

Microsoft 1.5202 2009.10.28 -

NOD32 4553 2009.10.28 -

Norman 6.03.02 2009.10.27 -

nProtect 2009.1.8.0 2009.10.28 -

Panda 10.0.2.2 2009.10.27 -

PCTools 4.4.2.0 2009.10.19 -

Prevx 3.0 2009.10.28 -

Rising 21.53.24.00 2009.10.28 -

Sophos 4.46.0 2009.10.28 -

Sunbelt 3.2.1858.2 2009.10.27 -

Symantec 1.4.4.12 2009.10.28 -

TheHacker 6.5.0.2.056 2009.10.28 -

TrendMicro 8.950.0.1094 2009.10.28 -

VBA32 3.12.10.11 2009.10.27 -

ViRobot 2009.10.28.2009 2009.10.28 -

VirusBuster 4.6.5.0 2009.10.28 - [/log]

 

 

 

[log]Fil MsblIco.Exe mottagen 2009.10.28 20:36:16 (UTC)

Närvarande status: Laddar ... köad väntar söker genomförd EJ FUNNEN STOPPAD

 

 

Resultat: 0/41 (0%)

Laddar server information...

Din fil är köad i position: 2.

Uppskattat starttid är mellan 52 och 75 sekunder.

Stäng inte ner detta fönster förens sökningen är genomförd.

Scannern som arbetade med din fil har stoppat, vi kommer att vänta ett par sekunder för att försöka återställa ditt resultat.

Om du väntar i mer än 5 minuter måste du skicka in din fil igen.

Din fil blir genomsökt av VirusTotal för tillfället,

resultat kommer att visas när de är klara.

Compact Skriv ut resultat

Din fil har upphört eller existerar inte.

Tjänsten är stoppad för tillfället, din fil väntar på att bli genomsökt (position: ) för en obestämd tid.

 

Du kan vänta på ett svar (automatisk uppdatering) eller ange din email i formuläret nedan och klicka "begär" så kommer systemet att skicka dig ett email när sökningen är genomförd.

Email:

 

 

Antivirus Version Senaste Uppdatering Resultat

a-squared 4.5.0.41 2009.10.28 -

AhnLab-V3 5.0.0.2 2009.10.28 -

AntiVir 7.9.1.50 2009.10.28 -

Antiy-AVL 2.0.3.7 2009.10.27 -

Authentium 5.1.2.4 2009.10.28 -

Avast 4.8.1351.0 2009.10.28 -

AVG 8.5.0.423 2009.10.28 -

BitDefender 7.2 2009.10.28 -

CAT-QuickHeal 10.00 2009.10.28 -

ClamAV 0.94.1 2009.10.28 -

Comodo 2760 2009.10.28 -

DrWeb 5.0.0.12182 2009.10.28 -

eSafe 7.0.17.0 2009.10.28 -

eTrust-Vet 35.1.7088 2009.10.28 -

F-Prot 4.5.1.85 2009.10.28 -

F-Secure 9.0.15370.0 2009.10.27 -

Fortinet 3.120.0.0 2009.10.28 -

GData 19 2009.10.28 -

Ikarus T3.1.1.72.0 2009.10.28 -

Jiangmin 11.0.800 2009.10.26 -

K7AntiVirus 7.10.881 2009.10.27 -

Kaspersky 7.0.0.125 2009.10.28 -

McAfee 5785 2009.10.28 -

McAfee+Artemis 5785 2009.10.28 -

McAfee-GW-Edition 6.8.5 2009.10.28 -

Microsoft 1.5202 2009.10.28 -

NOD32 4553 2009.10.28 -

Norman 6.03.02 2009.10.27 -

nProtect 2009.1.8.0 2009.10.28 -

Panda 10.0.2.2 2009.10.27 -

PCTools 4.4.2.0 2009.10.19 -

Prevx 3.0 2009.10.28 -

Rising 21.53.24.00 2009.10.28 -

Sophos 4.46.0 2009.10.28 -

Sunbelt 3.2.1858.2 2009.10.27 -

Symantec 1.4.4.12 2009.10.28 -

TheHacker 6.5.0.2.056 2009.10.28 -

TrendMicro 8.950.0.1094 2009.10.28 -

VBA32 3.12.10.11 2009.10.27 -

ViRobot 2009.10.28.2009 2009.10.28 -

VirusBuster 4.6.5.0 2009.10.28 - [/log]

 

[Cecilia]

Det är meningen att ComboFix ska starta när du släpper CFScript-filen på ikonen för ComboFix. Menar du att det inte blir så?

 

Resultatet för de två filerna såg ju bra ut. Det ser ut som att de kom in i datorn idag klockan 15:53. Installerade du något då?

 

Kolla upp datorn igen antingen med engångsskannern som förut (måste alltså laddas ner på nytt) eller deras online-skanner:

http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html

Om något hitta så spara loggen och klistra in i ditt svar.

 

[adde34]

Bra. Det är fixat. Det kommer inte några fler varningar från Antivirus programet

 

[Cecilia]

Kan du klistra in den logg som ComboFix skapade så att jag kan se att registerposten är borta?

 

[adde34]

[log]ComboFix 09-10-27.04 - Adnan 2009-10-29 12:11.13.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.255.113 [GMT 1:00]

Körs från: c:\documents and settings\Adnan\Skrivbord\ComboFix.exe

Använda kommandoväxlar :: c:\documents and settings\Adnan\Skrivbord\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

 

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

.

((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_IS-AEMBMDRV

-------\Service_is-AEMBMdrv

-------\Service_is-L5AN1drv

 

 

(((((((((((((((((((((((( Filer Skapade från 2009-09-28 till 2009-10-29 ))))))))))))))))))))))))))))))

.

 

2009-10-28 20:41 . 2008-04-13 18:40 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys

2009-10-28 20:41 . 2008-04-13 18:40 96512 ----a-w- c:\windows\system32\drivers\atapi.sys

2009-10-28 19:11 . 2009-10-28 19:11 -------- d-----w- C:\_OTM

2009-10-27 08:46 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-10-27 08:45 . 2009-10-27 08:54 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-10-27 08:45 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-10-27 08:45 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-10-26 18:46 . 2009-10-26 18:46 -------- d-----w- c:\windows\system32\wbem\Repository

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2009-10-26 17:14 . 2009-10-26 17:14 -------- d-----w- c:\program\Avira

2009-10-26 15:56 . 2009-10-26 18:44 -------- d-----w- c:\windows\system32\NtmsData

2009-10-26 15:23 . 2009-10-26 15:23 -------- d-----w- c:\program\Alwil Software

2009-10-26 15:13 . 2009-10-26 18:44 -------- d-----w- c:\program\CCleaner

2009-10-25 11:21 . 2008-05-09 10:56 90112 -c----w- c:\windows\system32\dllcache\wshext.dll

2009-10-25 11:21 . 2008-05-09 10:56 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll

2009-10-25 11:21 . 2008-05-08 11:24 155648 -c----w- c:\windows\system32\dllcache\wscript.exe

2009-10-25 11:21 . 2008-05-09 10:56 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll

2009-10-25 11:21 . 2008-05-07 09:07 135168 -c----w- c:\windows\system32\dllcache\cscript.exe

2009-10-25 11:21 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\sv

2009-10-24 19:38 . 2009-10-24 19:38 -------- d-----w- c:\windows\system32\bits

2009-10-24 15:17 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\43691238.sys

2009-10-24 14:51 . 2009-10-24 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-10-24 01:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2009-10-24 01:59 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-10-24 01:58 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-10-24 01:58 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2009-10-24 01:58 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2009-10-23 22:44 . 2009-10-29 11:22 914014240 --sha-w- c:\windows\system32\drivers\fidbox.dat

2009-10-23 22:42 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\63411846.sys

2009-10-23 17:39 . 2009-10-23 17:39 -------- d-----w- c:\program\MSXML 4.0

2009-10-23 17:27 . 2009-10-23 17:27 -------- d-----w- c:\program\Trend Micro

2009-10-23 09:26 . 2009-10-23 19:52 -------- d-----w- c:\program\Spyware Doctor

2009-10-23 07:32 . 2009-10-24 02:09 -------- d-----w- c:\windows\system32\XPSViewer

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\MSBuild

2009-10-23 07:32 . 2009-10-23 07:32 -------- d-----w- c:\program\Reference Assemblies

2009-10-23 07:13 . 2009-10-23 07:13 -------- d-----w- c:\program\MSXML 6.0

2009-10-22 20:28 . 2007-02-07 07:59 140824 ----a-w- c:\windows\system32\secman.dll

2009-10-22 20:28 . 2007-01-06 08:44 1444352 ----a-w- c:\windows\system32\Redemption.dll

2009-10-22 20:27 . 2009-10-22 20:28 -------- d-----w- c:\program\Outlook Recovery Toolbox

2009-10-22 20:25 . 2009-10-22 20:27 -------- d-----w- c:\program\MailNavigator

2009-10-22 16:01 . 2009-06-15 10:45 76800 -c----w- c:\windows\system32\dllcache\telnet.exe

2009-10-22 16:01 . 2009-06-15 10:45 80896 -c----w- c:\windows\system32\dllcache\tlntsess.exe

2009-10-22 16:00 . 2009-06-25 08:27 56832 -c----w- c:\windows\system32\dllcache\secur32.dll

2009-10-22 16:00 . 2009-03-21 14:09 1003520 -c----w- c:\windows\system32\dllcache\kernel32.dll

2009-10-22 16:00 . 2009-07-17 16:22 1438208 -c----w- c:\windows\system32\dllcache\query.dll

2009-10-22 15:59 . 2009-06-10 06:16 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll

2009-10-22 15:59 . 2009-06-10 14:16 85504 -c----w- c:\windows\system32\dllcache\avifil32.dll

2009-10-22 15:59 . 2009-07-29 04:37 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll

2009-10-22 15:59 . 2009-07-29 04:37 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

2009-10-22 15:59 . 2009-06-25 08:27 147456 -c----w- c:\windows\system32\dllcache\schannel.dll

2009-10-22 15:54 . 2008-04-14 16:04 136192 ------w- c:\windows\system32\aaclient.dll

2009-10-22 15:54 . 2008-04-14 16:04 7168 ------w- c:\windows\system32\bitsprx4.dll

2009-10-22 15:54 . 2008-04-14 16:04 233472 ------w- c:\windows\system32\azroles.dll

2009-10-22 15:52 . 2008-04-14 16:03 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll

2009-10-22 15:52 . 2008-04-14 16:03 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdpash.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdnepr.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdiultn.dll

2009-10-22 15:52 . 2008-04-14 16:03 6144 ------w- c:\windows\system32\kbdbhc.dll

2009-10-22 15:52 . 2008-04-14 16:04 61440 ------w- c:\windows\system32\kmsvc.dll

2009-10-22 15:52 . 2008-04-14 16:04 37376 ------w- c:\windows\system32\l2gpstore.dll

2009-10-22 15:52 . 2008-04-14 16:05 33792 ------w- c:\windows\system32\mmcperf.exe

2009-10-22 15:52 . 2008-04-14 16:04 397312 ------w- c:\windows\system32\mmcex.dll

2009-10-22 15:52 . 2008-04-14 16:04 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll

2009-10-22 15:52 . 2008-04-14 16:04 106496 ------w- c:\windows\system32\mmcfxcommon.dll

2009-10-22 15:50 . 2008-04-14 16:05 7680 ----a-w- c:\windows\system32\spdwnwxp.exe

2009-10-22 15:50 . 2008-04-14 16:05 20992 ------w- c:\windows\system32\spupdwxp.exe

2009-10-22 15:50 . 2008-04-14 16:04 53248 ------w- c:\windows\system32\tsgqec.dll

2009-10-22 15:50 . 2008-04-14 16:04 50688 ------w- c:\windows\system32\tspkg.dll

2009-10-22 15:50 . 2008-04-14 16:05 28672 ------w- c:\windows\system32\verclsid.exe

2009-10-22 15:50 . 2008-04-14 16:04 69120 ------w- c:\windows\system32\wlanapi.dll

2009-10-22 15:46 . 2004-08-03 20:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys

2009-10-22 15:46 . 2004-08-03 20:29 29455 ------w- c:\windows\system32\drivers\ati1xbxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 14336 ------w- c:\windows\system32\drivers\atinpdxx.sys

2009-10-22 15:46 . 2004-08-03 20:29 13824 ------w- c:\windows\system32\drivers\atinttxx.sys

2009-10-22 15:39 . 2009-05-07 15:33 347648 -c----w- c:\windows\system32\dllcache\localspl.dll

2009-10-22 15:38 . 2008-06-12 14:25 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll

2009-10-22 15:38 . 2008-06-12 14:25 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll

2009-10-22 15:38 . 2008-06-12 14:25 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll

2009-10-22 15:38 . 2008-06-12 14:25 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll

2009-10-22 15:38 . 2008-06-12 14:25 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll

2009-10-22 15:38 . 2008-06-12 14:25 428032 -c----w- c:\windows\system32\dllcache\msdtcprx.dll

2009-10-22 15:37 . 2009-09-04 21:05 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll

2009-10-22 15:37 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2009-10-22 15:37 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys

2009-10-22 15:37 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

2009-10-22 15:36 . 2008-06-17 19:02 8468992 -c----w- c:\windows\system32\dllcache\shell32.dll

2009-10-22 15:36 . 2009-04-15 14:55 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll

2009-10-22 15:35 . 2008-12-16 12:33 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll

2009-10-22 15:35 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll

2009-10-22 15:35 . 2009-04-19 19:51 1847168 -c----w- c:\windows\system32\dllcache\win32k.sys

2009-10-22 15:35 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll

2009-10-22 15:34 . 2008-10-23 12:43 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll

2009-10-22 15:34 . 2008-04-21 21:16 217088 -c----w- c:\windows\system32\dllcache\wordpad.exe

2009-10-22 15:34 . 2008-05-05 05:25 3072 ------w- c:\windows\system32\xpsp4res.dll

2009-10-22 15:34 . 2009-09-11 14:19 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll

2009-10-22 15:34 . 2009-06-25 08:27 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll

2009-10-22 15:34 . 2009-06-25 08:27 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll

2009-10-22 15:34 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys

2009-10-21 21:29 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-21 21:29 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-21 21:00 . 2009-10-21 21:00 -------- d-----r- c:\documents and settings\NetworkService\Favoriter

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\Adnan\Application Data\Malwarebytes

2009-10-21 19:05 . 2009-10-21 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-10-21 19:04 . 2009-10-21 21:29 -------- d-----w- c:\program\Malwarebytes' Anti-Malware

2009-10-20 18:18 . 2009-10-21 20:19 -------- d-----w- c:\windows\$regcmp$

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-29 11:22 . 2009-10-23 22:44 10715312 --sha-w- c:\windows\system32\drivers\fidbox.idx

2009-10-27 21:37 . 2008-09-11 22:23 -------- d-----w- c:\documents and settings\Adnan\Application Data\uTorrent

2009-10-26 15:19 . 2008-10-11 21:12 75656 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT

2009-10-25 08:02 . 2001-09-28 14:00 582670 ----a-w- c:\windows\system32\perfh01D.dat

2009-10-25 08:02 . 2001-09-28 14:00 124238 ----a-w- c:\windows\system32\perfc01D.dat

2009-10-23 17:33 . 2009-03-13 13:27 -------- d-----w- c:\program\Yahoo!

2009-10-23 17:32 . 2008-09-18 17:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-10-23 12:21 . 2008-09-12 19:05 -------- d-----w- c:\program\Java

2009-10-23 10:50 . 2008-09-11 07:52 -------- d-----w- c:\program\QuickTime Alternative

2009-10-23 10:50 . 2009-02-24 15:00 -------- d-----w- c:\program\TPTEST5

2009-10-23 10:50 . 2009-08-29 10:41 -------- d-----w- c:\program\Xvid

2009-10-23 10:50 . 2008-09-12 16:24 -------- d-----w- c:\program\Zoom Player

2009-10-23 10:50 . 2008-09-12 16:43 -------- d-----w- c:\program\Windows Media Connect 2

2009-10-21 20:19 . 2009-02-21 15:47 -------- d-----w- c:\program\TuneUp Utilities 2009

2009-10-16 15:57 . 2009-09-23 13:41 -------- d-----w- c:\documents and settings\Adnan\Application Data\Apple Computer

2009-09-25 05:37 . 2004-08-03 23:34 667648 ------w- c:\windows\system32\wininet.dll

2009-09-25 05:37 . 2004-08-03 23:33 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\program\iTunes

2009-09-23 13:40 . 2009-09-23 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-09-23 13:39 . 2009-09-23 13:39 -------- d-----w- c:\program\iPod

2009-09-23 13:39 . 2009-09-23 13:32 -------- d-----w- c:\program\Delade filer\Apple

2009-09-23 13:39 . 2008-09-11 07:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2009-09-23 13:38 . 2009-09-23 13:38 -------- d-----w- c:\program\Bonjour

2009-09-11 14:19 . 2004-08-03 23:33 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:05 . 2004-08-03 23:33 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-01 19:55 . 2009-08-29 10:42 -------- d-----w- c:\documents and settings\Adnan\Application Data\AVI ReComp

2009-08-26 08:02 . 2004-08-03 23:34 247326 ----a-w- c:\windows\system32\strmdll.dll

2009-08-14 18:26 . 2008-10-18 18:28 34 ----a-w- c:\documents and settings\Adnan\jagex_runescape_preferences.dat

2009-08-06 18:24 . 2008-09-10 10:19 327896 ----a-w- c:\windows\system32\wucltui.dll

2009-08-06 18:24 . 2008-09-10 10:19 209632 ----a-w- c:\windows\system32\wuweb.dll

2009-08-06 18:24 . 2008-09-10 10:19 35552 ----a-w- c:\windows\system32\wups.dll

2009-08-06 18:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2.dll

2009-08-06 18:24 . 2008-09-10 10:19 53472 ------w- c:\windows\system32\wuauclt.exe

2009-08-06 18:24 . 2004-08-03 23:33 96480 ----a-w- c:\windows\system32\cdm.dll

2009-08-06 18:23 . 2008-09-10 10:19 575704 ----a-w- c:\windows\system32\wuapi.dll

2009-08-06 18:23 . 2008-09-10 10:19 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2009-08-05 09:01 . 2004-08-03 23:33 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-08-04 20:59 . 2004-08-03 23:25 2189952 ------w- c:\windows\system32\ntoskrnl.exe

2009-08-04 17:29 . 2004-08-04 01:24 2066816 ------w- c:\windows\system32\ntkrnlpa.exe

2009-06-14 08:05 . 2009-06-14 08:05 102 ----a-w- c:\program\DivFix.ini

2003-05-05 11:10 . 2009-06-11 14:41 190976 ----a-w- c:\program\DivFix.exe

.

 

((((((((((((((((((((((((((((( SnapShot@2009-10-28_08.41.05 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-10-29 11:25 . 2009-10-29 11:25 16384 c:\windows\temp\Perflib_Perfdata_5f8.dat

+ 2009-10-28 15:53 . 2009-10-28 15:53 29926 c:\windows\Installer\{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}\MsblIco.Exe

- 2009-03-16 19:01 . 2009-03-16 19:01 29926 c:\windows\Installer\{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}\MsblIco.Exe

+ 2009-10-28 15:53 . 2009-10-28 15:53 804864 c:\windows\Installer\f60c5.msi

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

[HKLM\~\startupfolder\C:^Documents and Settings^Adnan^Start-meny^Program^Autostart^is-AEMBM.lnk]

path=c:\documents and settings\Adnan\Start-meny\Program\Autostart\is-AEMBM.lnk

backup=c:\windows\pss\is-AEMBM.lnkStartup

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"RegClean Expert Scheduler"="c:\program\Registry Clean Expert\RCHelper.exe" /startup

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"CTCheck"=c:\program\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe

"PD0620 STISvc"=RunDLL32.exe P0620Pin.dll,RunDLL32EP 513

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe"

"WinampAgent"=c:\program\Winamp\winampa.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 1

"DisableNotifications"= 1 (0x1)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Utorrent\\uTorrent.exe"=

"c:\\Program\\Messenger\\msmsgs.exe"=

"c:\\Program\\SightSpeed\\SightSpeed.exe"=

"j:\\PROGRAMI\\DCPlusPlus-0.707\\DCPlusPlus.exe"=

"c:\\Program\\ActiveGPS\\ActiveGPS.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-10-27 108289]

 

--- Övriga tjänster/drivrutiner i minnet ---

 

*Deregistered* - mbr

.

Innehållet i mappen 'Schemalagda aktiviteter':

 

2009-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

c:\windows\Tasks\At22.job

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\OFFICE11\EXCEL.EXE/3000

DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-29 12:31

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]

"D140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLer som "laddats" under processer som körs ---------------------

 

- - - - - - - > 'winlogon.exe'(628)

c:\windows\system32\MrvGINA.dll

 

- - - - - - - > 'Explorer.exe'(1180)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andra processer som körs ------------------------

.

c:\program\Avira\AntiVir Desktop\avguard.exe

c:\program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program\Bonjour\mDNSResponder.exe

c:\windows\system32\CTsvcCDA.exe

c:\program\Java\jre6\bin\jqs.exe

c:\program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\system32\IoctlSvc.exe

c:\windows\system32\wscntfy.exe

c:\combofix\CF14955.exe

c:\windows\system32\devldr32.exe

c:\combofix\PEV.cfxxe

.

**************************************************************************

.

Sluttid: 2009-10-29 12:36 - datorn startades om.

ComboFix-quarantined-files.txt 2009-10-29 11:36

ComboFix2.txt 2009-10-28 20:57

ComboFix3.txt 2009-10-28 19:43

ComboFix4.txt 2009-10-28 08:45

 

Före genomsökningen: 37 111 504 896 byte ledigt

Efter genomsökningen: 37 121 347 584 byte ledigt

 

- - End Of File - - 9126F9D470E554FA36721CC8C068B398[/log]

 

[Cecilia]

Ta bort filen c:\windows\Tasks\At22.job

 

Kollade du datorn med Kaspersky under natten eller fm?

 

[adde34]

Kan inte köra Kaspersky. Har problem med java på datorn. Försökte instalera om den men går inte. bifogar bild

 

 

[bild bifogad 2009-10-29 14:20:59 av adde34]

[Cecilia]

Hur är det med den där engångsskannern du använder förut? Går den att ladda ner och installera på nytt?

 

[adde34]

Jag vet inte faktiskt. Den sidan är inte som förrut. Vet inte vilken ska jag välja

 

[Cecilia]

Länken under Download skulle jag tro.

 

[adde34]

Jag har hittat Kaspersky men då måste jag ta bort min Antivirus program och jag orkar inte längre med det här. Det blir formatering definitivt. Tack för all hjälp:thumbsup:

 

[Cecilia]

Okej, här kommer mina vanliga råd för en säkrare dator, men det är så klart viktigt att man använder sitt förnuft också.

http://ceblstockholm.googlepages.com/home