Reinfektion av virus

[Cecilia]

Kopiera alla rader i rutan:

Killall::
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\config\\systemprofile\\Lokala inställningar\\Application Data\\Application Policy Service\\svchost.exe"=-
"c:\\WINDOWS\\system32\\config\\systemprofile\\Lokala inställningar\\Application Data\\Windows Internet Name Service\\wins.exe"=-
DDS::
mStart Page = hxxp://www.shareware-sw.com/sv/index.php?rvs=hompag
uInternet Settings,ProxyServer = http=127.0.0.1:56061
Driver::
Application Policy Service
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
File::
c:\documents and settings\ägaren\application data\dwm.exe
c:\documents and settings\ägaren\application data\save\Save.exe
c:\windows\system32\config\systemprofile\lokala inställningar\application data\windows internet name service\wins.exe

och klistra in i Anteckningar. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.

Spara filen på Skrivbordet med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Klistra in loggen som kommer ut.

 

Starta om datorn och kör DDS samt klistra in de loggarna.

[frasse67]

Här kommer combofixloggen efter CFScript:

 

ComboFix 11-05-25.01 - Ägaren 2011-05-29 0:34.3.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.510.173 [GMT 2:00]

Körs från: c:\documents and settings\Ägaren\Skrivbord\ComboFix.exe

Använda kommandoväxlar :: c:\documents and settings\Ägaren\Skrivbord\CFScript.txt

AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

FILE ::

"c:\documents and settings\ägaren\application data\dwm.exe"

"c:\documents and settings\ägaren\application data\save\Save.exe"

"c:\windows\system32\config\systemprofile\lokala inställningar\application data\windows internet name service\wins.exe"

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_APPLICATION_POLICY_SERVICE

-------\Service_Application Policy Service

.

.

(((((((((((((((((((((((( Filer Skapade från 2011-04-28 till 2011-05-28 ))))))))))))))))))))))))))))))

.

.

2011-05-23 20:02 . 2011-05-23 20:05 -------- d-----w- C:\DDS-loggar

2011-05-23 18:29 . 2011-05-23 18:29 -------- d-----w- c:\documents and settings\Oscar\Application Data\Avira

2011-05-21 09:59 . 2011-05-21 10:02 -------- d-----w- C:\Jonas Musik

2011-05-18 21:35 . 2011-05-18 21:35 -------- d-----w- c:\documents and settings\Oscar\Application Data\BeatportDownloader.EE670286545758FAB4A69D4439CF6054F83E0AC2.1

2011-05-18 19:13 . 2011-05-18 19:13 -------- d-----w- c:\program\Delade filer\Wise Installation Wizard

2011-05-17 17:29 . 2011-05-17 17:29 -------- d-----w- c:\documents and settings\Ägaren\Application Data\SUPERAntiSpyware.com

2011-05-17 15:20 . 2011-05-17 15:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-01 20:55 . 2011-05-01 20:55 -------- d-----w- c:\documents and settings\Ägaren\Application Data\Cycling '74

2011-05-01 20:02 . 2011-05-01 20:02 -------- d-----w- c:\program\Cycling '74

2011-04-30 21:42 . 2011-04-30 21:42 -------- d-----w- c:\program\iPod

2011-04-30 21:38 . 2011-04-30 21:38 -------- d-----w- c:\program\Bonjour

2011-04-30 21:35 . 2011-04-30 21:35 159744 ----a-w- c:\program\Internet Explorer\PLUGINS\npqtplugin7.dll

2011-04-30 21:35 . 2011-04-30 21:35 159744 ----a-w- c:\program\Internet Explorer\PLUGINS\npqtplugin6.dll

2011-04-30 21:35 . 2011-04-30 21:35 159744 ----a-w- c:\program\Internet Explorer\PLUGINS\npqtplugin5.dll

2011-04-30 21:35 . 2011-04-30 21:35 159744 ----a-w- c:\program\Internet Explorer\PLUGINS\npqtplugin4.dll

2011-04-30 21:35 . 2011-04-30 21:35 159744 ----a-w- c:\program\Internet Explorer\PLUGINS\npqtplugin3.dll

2011-04-30 21:35 . 2011-04-30 21:35 159744 ----a-w- c:\program\Internet Explorer\PLUGINS\npqtplugin2.dll

2011-04-30 21:35 . 2011-04-30 21:35 159744 ----a-w- c:\program\Internet Explorer\PLUGINS\npqtplugin.dll

2011-04-30 21:35 . 2011-04-30 21:35 -------- d-----w- c:\program\QuickTime

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-24 14:51 . 2009-05-08 20:42 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe

2011-03-07 05:33 . 2009-05-06 12:10 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-04 06:36 . 2004-08-04 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll

2011-03-03 13:53 . 2004-08-04 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys

2010-12-21 21:30 . 2009-05-08 20:36 58794264 ----a-w- c:\program\avira_antivir_personal_en.exe

2010-11-18 19:54 . 2010-11-18 19:54 3023984 ----a-w- c:\program\UsenetNLSetup_1.18.exe

2010-10-11 19:43 . 2010-06-07 20:01 567808 ----a-w- c:\program\googleupdatesetup.exe

2010-09-10 14:58 . 2010-09-10 14:57 3389035 ----a-w- c:\program\eMule0.50a-Installer.exe

2010-05-04 16:29 . 2010-05-04 16:29 77738888 ----a-w- c:\program\ExcelViewer.exe

2010-04-12 15:19 . 2010-01-07 18:00 20841968 ----a-w- c:\program\RealPlayerSPGold.exe

2010-02-14 19:27 . 2010-02-14 19:27 4172430 ----a-w- c:\program\IZArc4.1.exe

2010-02-14 19:10 . 2010-02-14 19:10 2405168 ----a-w- c:\program\ParetoLogic FileCure_rar_.exe

2010-02-14 19:05 . 2010-02-14 19:05 3053448 ----a-w- c:\program\SpeedyPC Installer.exe

2010-01-24 15:01 . 2010-01-24 15:01 563696 ----a-w- c:\program\GoogleEarthSetup.exe

2009-12-21 18:56 . 2009-10-11 11:38 28868320 ----a-w- c:\program\FileFormatConverters.exe

2009-10-15 19:50 . 2009-05-24 09:18 27024112 ----a-w- c:\program\PowerPointViewer.exe

2009-10-15 17:52 . 2009-10-15 17:52 3518896 ----a-w- c:\program\DriverCure Installer.exe

2009-10-14 19:47 . 2009-10-14 19:47 6243704 ----a-w- c:\program\Registry-Mechanic-8.0.0.900j.exe

2009-09-30 16:54 . 2009-09-30 16:53 1109398 ----a-w- c:\program\FreeMP3Converter20.exe

2009-09-30 16:50 . 2009-09-30 16:50 205721 ----a-w- c:\program\installer_free_mp3_wma_converter_1_8_0_Svenska_Swedish.exe

2009-09-30 12:49 . 2009-09-30 12:49 45958976 ----a-w- c:\program\AVSVideoConverter.exe

2009-09-06 17:55 . 2009-09-06 17:55 57187288 ----a-w- c:\program\Nero-9.4.12.3_free.exe

2009-09-03 22:08 . 2009-09-03 22:08 15839536 ----a-w- c:\program\AdobeAIRInstaller.exe

2009-06-28 18:34 . 2009-06-28 18:34 2069088 ----a-w- c:\program\RegCureSetup_RW.exe

2009-06-27 21:43 . 2009-06-27 21:43 2228534 ----a-w- c:\program\audacity-win-1.2.6.exe

2009-06-07 09:42 . 2009-06-07 09:42 95992680 ----a-w- c:\program\col18696.exe

2009-06-02 19:59 . 2009-06-02 19:59 16510368 ----a-w- c:\program\LimeWireWin.exe

2009-05-25 21:34 . 2009-05-08 00:29 74302760 ----a-w- c:\program\iTunesSetup.exe

2009-05-14 16:13 . 2009-05-14 16:13 950415 ----a-w- c:\program\xls-converter.exe

2009-05-13 09:56 . 2009-05-13 09:56 24866816 ----a-w- c:\program\mp220svst100ea24.exe

2009-05-08 17:20 . 2009-05-08 17:20 24872264 ----a-w- c:\program\mp220svst100aea24.exe

2009-05-07 23:19 . 2009-05-07 23:19 2804282 ----a-w- c:\program\emule049c.exe

2009-05-06 17:14 . 2009-05-06 17:14 54662512 ----a-w- c:\program\DUBA090408_DOWN_ENU_330920_0.exe

2009-05-06 17:12 . 2009-05-06 17:04 2967800 ----a-w- c:\program\mbam-setup.exe

2009-05-06 16:17 . 2009-05-06 16:17 17436560 ----a-w- c:\program\OutpostFreeInstall.exe

.

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-07 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]

"RTHDCPL"="RTHDCPL.EXE" [2005-03-23 14202368]

"StartCCC"="c:\program\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"CanonSolutionMenu"="c:\program\Canon\SolutionMenu\CNSLMAIN.exe" [2007-04-03 644696]

"CanonMyPrinter"="c:\program\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]

"SSBkgdUpdate"="c:\program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"OpwareSE4"="c:\program\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]

"HP Software Update"="c:\program\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]

"AppleSyncNotifier"="c:\program\Delade filer\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"Net iD"="c:\program\Net iD\iid.exe" [2009-01-09 95472]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"TkBellExe"="c:\program\real\realplayer\update\realsched.exe" [2010-11-25 274608]

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2011-04-14 421160]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Start-meny\Program\Autostart\

HP Digital Imaging Monitor.lnk - c:\program\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\eMule\\emule.exe"=

"c:\\Program\\uTorrent\\uTorrent.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"7176:TCP"= 7176:TCP:Tornado

"7176:UDP"= 7176:UDP:Tornado

"7179:TCP"= 7179:TCP:Tornado

"7179:UDP"= 7179:UDP:Tornado

"21594:TCP"= 21594:TCP:Tornado

"21594:UDP"= 21594:UDP:Tornado

"21597:TCP"= 21597:TCP:Tornado

"21597:UDP"= 21597:UDP:Tornado

.

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-05-08 136360]

R2 emaudsv;E-MU Audio Service;c:\windows\system32\emaudsv.exe [2006-11-20 10240]

R3 emusba10;E-MU USB-Audio 1.0 Driver;c:\windows\system32\drivers\emusba10.sys [2006-11-20 142208]

S1 SASDIFSV;SASDIFSV;\??\c:\program\SUPERAntiSpyware\SASDIFSV.SYS --> c:\program\SUPERAntiSpyware\SASDIFSV.SYS [?]

S1 SASKUTIL;SASKUTIL;\??\c:\program\SUPERAntiSpyware\SASKUTIL.SYS --> c:\program\SUPERAntiSpyware\SASKUTIL.SYS [?]

S2 gupdate1ca8fc3af2e0e4a;Tjänsten Google Update (gupdate1ca8fc3af2e0e4a);c:\program\Google\Update\GoogleUpdate.exe [2010-01-07 133104]

S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program\Google\Update\GoogleUpdate.exe [2010-01-07 133104]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Innehållet i mappen 'Schemalagda aktiviteter':

.

2011-05-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

2011-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program\Google\Update\GoogleUpdate.exe [2010-01-07 18:03]

.

2011-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program\Google\Update\GoogleUpdate.exe [2010-01-07 18:03]

.

2011-05-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1606980848-839522115-1003.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

2011-05-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1606980848-839522115-1006.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

2011-05-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1606980848-839522115-1007.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

2011-05-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1606980848-839522115-1008.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

2011-05-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1606980848-839522115-1003.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

2011-05-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1606980848-839522115-1006.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

2011-05-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1606980848-839522115-1007.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

2011-05-23 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1606980848-839522115-1008.job

- c:\program\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/webhp?sourceid=navclient&hl=sv&ie=UTF-8

uInternet Settings,ProxyOverride = *.local

Trusted Zone: beatport.com\ak-media

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-05-29 00:47

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]

"D140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLer som "laddats" under processer som körs ---------------------

.

- - - - - - - > 'winlogon.exe'(720)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(2520)

c:\program\ScanSoft\OmniPageSE4\OpHookSE4.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andra processer som körs ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\System32\SCardSvr.exe

c:\program\Avira\AntiVir Desktop\avguard.exe

c:\program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program\Bonjour\mDNSResponder.exe

c:\program\Avira\AntiVir Desktop\avshadow.exe

c:\program\Java\jre6\bin\jqs.exe

c:\program\Delade filer\Nero\Nero BackItUp 4\NBService.exe

c:\windows\RTHDCPL.EXE

c:\program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

c:\windows\system32\wscntfy.exe

c:\program\iPod\bin\iPodService.exe

.

**************************************************************************

.

Sluttid: 2011-05-29 00:50:57 - datorn startades om.

ComboFix-quarantined-files.txt 2011-05-28 22:50

ComboFix2.txt 2011-05-25 22:36

ComboFix3.txt 2011-05-25 22:09

ComboFix4.txt 2008-08-26 15:34

ComboFix5.txt 2011-05-28 22:29

.

Före genomsökningen: 806 281 109 504 byte ledigt

Efter genomsökningen: 806 908 526 592 byte ledigt

.

- - End Of File - - 49BB2AB63929B1EB0DFCDDEFE7A410F5

[frasse67]

DDS-log:

 

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by Ägaren at 1:02:56,15 on 2011-05-29

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.510.103 [GMT 2:00]

 

AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

 

============== Running Processes ===============

 

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\Avira\AntiVir Desktop\sched.exe

svchost.exe

C:\Program\Avira\AntiVir Desktop\avguard.exe

C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\emaudsv.exe

C:\Program\Avira\AntiVir Desktop\avshadow.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\RTHDCPL.EXE

C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program\Canon\MyPrinter\BJMyPrt.exe

C:\Program\ScanSoft\OmniPageSE4\OpwareSE4.exe

C:\Program\Avira\AntiVir Desktop\avgnt.exe

C:\Program\HP\HP Software Update\HPWuSchd2.exe

C:\Program\Net iD\iid.exe

C:\program\real\realplayer\update\realsched.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program\iPod\bin\iPodService.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Ägaren\Skrivbord\dds.scr

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.google.se/webhp?sourceid=navclient&hl=sv&ie=UTF-8

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar_32.dll

uRun: [swg] "c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [startCCC] "c:\program\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [CanonSolutionMenu] c:\program\canon\solutionmenu\CNSLMAIN.exe /logon

mRun: [CanonMyPrinter] c:\program\canon\myprinter\BJMyPrt.exe /logon

mRun: [sSBkgdUpdate] "c:\program\delade filer\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [OpwareSE4] "c:\program\scansoft\omnipagese4\OpwareSE4.exe"

mRun: [avgnt] "c:\program\avira\antivir desktop\avgnt.exe" /min

mRun: [HP Software Update] c:\program\hp\hp software update\HPWuSchd2.exe

mRun: [AppleSyncNotifier] c:\program\delade filer\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Net iD] "c:\program\net id\iid.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"

mRun: [TkBellExe] "c:\program\real\realplayer\update\realsched.exe" -osboot

mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program\itunes\iTunesHelper.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\hpdigi~1.lnk - c:\program\hp\digital imaging\bin\hpqtra08.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} - c:\program\java\jre6\bin\npjpi160_24.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~3\office11\REFIEBAR.DLL

Trusted Zone: beatport.com\ak-media

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241614017984

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241614073953

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxps://mail.sll.se/dwa8W.cab

DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

 

============= SERVICES / DRIVERS ===============

 

R1 avgio;avgio;c:\program\avira\antivir desktop\avgio.sys [2009-5-8 11608]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\avira\antivir desktop\sched.exe [2009-5-8 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program\avira\antivir desktop\avguard.exe [2009-5-8 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-8 61960]

R2 emaudsv;E-MU Audio Service;c:\windows\system32\emaudsv.exe [2006-11-20 10240]

R3 emusba10;E-MU USB-Audio 1.0 Driver;c:\windows\system32\drivers\emusba10.sys [2006-11-20 142208]

S1 SASDIFSV;SASDIFSV;\??\c:\program\superantispyware\sasdifsv.sys --> c:\program\superantispyware\SASDIFSV.SYS [?]

S1 SASKUTIL;SASKUTIL;\??\c:\program\superantispyware\saskutil.sys --> c:\program\superantispyware\SASKUTIL.SYS [?]

S2 gupdate1ca8fc3af2e0e4a;Tjänsten Google Update (gupdate1ca8fc3af2e0e4a);c:\program\google\update\GoogleUpdate.exe [2010-1-7 133104]

S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program\google\update\GoogleUpdate.exe [2010-1-7 133104]

 

=============== Created Last 30 ================

 

2011-05-23 20:02:35 0 d-----w- C:\DDS-loggar

2011-05-23 19:02:37 0 d-sha-r- C:\cmdcons

2011-05-23 18:39:39 98816 ----a-w- c:\windows\sed.exe

2011-05-23 18:39:39 89088 ----a-w- c:\windows\MBR.exe

2011-05-23 18:39:39 256512 ----a-w- c:\windows\PEV.exe

2011-05-23 18:39:39 161792 ----a-w- c:\windows\SWREG.exe

2011-05-21 09:59:04 0 d-----w- C:\Jonas Musik

2011-05-18 19:13:08 0 d-----w- c:\program\delade filer\Wise Installation Wizard

2011-05-18 18:09:53 99 ----a-w- c:\windows\system32\queries-03.cache

2011-05-18 18:09:53 217 ----a-w- c:\windows\system32\queries-01.cache

2011-05-18 18:09:39 223 ----a-w- c:\windows\system32\queries-02.cache

2011-05-18 17:59:24 20454 ----a-w- C:\xpnetdiag.xml

2011-05-17 17:29:34 0 d-----w- c:\docume~1\garen~1\applic~1\SUPERAntiSpyware.com

2011-05-17 15:20:16 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-01 20:55:03 0 d-----w- c:\docume~1\garen~1\applic~1\Cycling '74

2011-05-01 20:02:48 0 d-----w- c:\program\Cycling '74

2011-04-30 21:42:22 0 d-----w- c:\program\iPod

2011-04-30 21:38:27 0 d-----w- c:\program\Bonjour

 

==================== Find3M ====================

 

2011-04-24 22:43:22 84182 ----a-w- c:\windows\system32\perfc01D.dat

2011-04-24 22:43:22 446164 ----a-w- c:\windows\system32\perfh01D.dat

2011-04-06 14:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 14:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe

2011-03-07 05:33:37 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-04 06:36:56 420864 ----a-w- c:\windows\system32\vbscript.dll

2011-03-03 13:53:40 1857920 ----a-w- c:\windows\system32\win32k.sys

2010-12-21 21:30:31 58794264 ----a-w- c:\program\avira_antivir_personal_en.exe

2010-11-18 19:54:37 3023984 ----a-w- c:\program\UsenetNLSetup_1.18.exe

2010-10-11 19:43:37 567808 ----a-w- c:\program\googleupdatesetup.exe

2010-09-10 14:58:00 3389035 ----a-w- c:\program\eMule0.50a-Installer.exe

2010-05-04 16:29:12 77738888 ----a-w- c:\program\ExcelViewer.exe

2010-04-12 15:19:32 20841968 ----a-w- c:\program\RealPlayerSPGold.exe

2010-02-14 19:27:13 4172430 ----a-w- c:\program\IZArc4.1.exe

2010-02-14 19:10:30 2405168 ----a-w- c:\program\ParetoLogic FileCure_rar_.exe

2010-02-14 19:05:08 3053448 ----a-w- c:\program\SpeedyPC Installer.exe

2010-01-24 15:01:06 563696 ----a-w- c:\program\GoogleEarthSetup.exe

2009-12-21 18:56:03 28868320 ----a-w- c:\program\FileFormatConverters.exe

2009-10-15 19:50:08 27024112 ----a-w- c:\program\PowerPointViewer.exe

2009-10-15 17:52:45 3518896 ----a-w- c:\program\DriverCure Installer.exe

2009-10-14 19:47:31 6243704 ----a-w- c:\program\Registry-Mechanic-8.0.0.900j.exe

2009-09-30 16:54:03 1109398 ----a-w- c:\program\FreeMP3Converter20.exe

2009-09-30 16:50:21 205721 ----a-w- c:\program\installer_free_mp3_wma_converter_1_8_0_Svenska_Swedish.exe

2009-09-30 15:16:49 9297881 ----a-w- c:\program\fmrprosetup.zip

2009-09-30 12:49:07 45958976 ----a-w- c:\program\AVSVideoConverter.exe

2009-09-30 12:48:34 562069 ----a-w- c:\program\lame3.98.2.zip

2009-09-06 17:55:17 57187288 ----a-w- c:\program\Nero-9.4.12.3_free.exe

2009-09-06 15:25:08 17355 ----a-w- c:\program\Nero_9.4_Lite.5077677.TPB.torrent

2009-09-03 22:08:35 15839536 ----a-w- c:\program\AdobeAIRInstaller.exe

2009-06-28 18:42:43 189810 ----a-w- c:\program\libmp3lame-win-3.98.2.zip

2009-06-28 18:34:13 2069088 ----a-w- c:\program\RegCureSetup_RW.exe

2009-06-27 21:43:12 2228534 ----a-w- c:\program\audacity-win-1.2.6.exe

2009-06-07 09:42:50 95992680 ----a-w- c:\program\col18696.exe

2009-06-02 19:59:43 16510368 ----a-w- c:\program\LimeWireWin.exe

2009-05-25 21:35:12 2030104 ----a-w- c:\program\CopyTransv3d.zip

2009-05-25 21:34:16 74302760 ----a-w- c:\program\iTunesSetup.exe

2009-05-14 16:13:43 950415 ----a-w- c:\program\xls-converter.exe

2009-05-13 09:56:00 24866816 ----a-w- c:\program\mp220svst100ea24.exe

2009-05-08 19:42:51 2065753 ----a-w- c:\program\FTS_SoundBlasterAudigy2ZS_512010443_1001830.zip

2009-05-08 17:20:05 24872264 ----a-w- c:\program\mp220svst100aea24.exe

2009-05-08 16:30:50 203 ----a-w- c:\program\Genväg till CD-enhet.lnk

2009-05-07 23:19:18 2804282 ----a-w- c:\program\emule049c.exe

2009-05-06 17:14:29 54662512 ----a-w- c:\program\DUBA090408_DOWN_ENU_330920_0.exe

2009-05-06 17:12:29 2967800 ----a-w- c:\program\mbam-setup.exe

2009-05-06 16:17:54 17436560 ----a-w- c:\program\OutpostFreeInstall.exe

2009-06-12 18:52:50 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat

 

============= FINISH: 1:03:20,26 ===============

[frasse67]

Attach till DDS:

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-03-17.01)

 

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 2009-05-06 14:17:30

System Uptime: 2011-05-29 00:44:46 (1 hours ago)

 

Motherboard: FUJITSU SIEMENS | | D2175-A1

Processor: Intel® Pentium® 4 CPU 3.20GHz | CPU | 3192/800mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 932 GiB total, 751,51 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is FIXED (NTFS) - 186 GiB total, 75,458 GiB free.

 

==== Disabled Device Manager Items =============

 

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}

Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

Device ID: ACPI\PNP0303\1

Manufacturer: (Standardtangentbord)

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

PNP Device ID: ACPI\PNP0303\1

Service: i8042prt

 

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}

Description: PS/2-kompatibel mus

Device ID: ACPI\PNP0F13\1

Manufacturer: Microsoft

Name: PS/2-kompatibel mus

PNP Device ID: ACPI\PNP0F13\1

Service: i8042prt

 

==== System Restore Points ===================

 

RP471: 2011-04-26 20:00:36 - Virusvarning efter Indien

RP472: 2011-04-27 20:40:48 - Systemkontrollpunkt

RP473: 2011-04-28 00:28:40 - Software Distribution Service 3.0

RP474: 2011-04-29 00:29:10 - Systemkontrollpunkt

RP475: 2011-04-30 00:46:52 - Systemkontrollpunkt

RP476: 2011-04-30 13:54:20 - Removed SUPERAntiSpyware Free Edition

RP477: 2011-05-01 14:42:45 - Systemkontrollpunkt

RP478: 2011-05-01 22:02:33 - Installed Max 5.1.8

RP479: 2011-05-02 22:23:30 - Systemkontrollpunkt

RP480: 2011-05-03 23:12:29 - Systemkontrollpunkt

RP481: 2011-05-05 14:27:23 - Systemkontrollpunkt

RP482: 2011-05-06 17:54:26 - Systemkontrollpunkt

RP483: 2011-05-07 18:53:02 - Systemkontrollpunkt

RP484: 2011-05-08 21:46:41 - Systemkontrollpunkt

RP485: 2011-05-09 22:52:47 - Systemkontrollpunkt

RP486: 2011-05-11 19:56:39 - Systemkontrollpunkt

RP487: 2011-05-12 00:07:43 - Software Distribution Service 3.0

RP488: 2011-05-13 18:01:53 - Systemkontrollpunkt

RP489: 2011-05-14 23:47:44 - Systemkontrollpunkt

RP490: 2011-05-16 19:02:21 - Systemkontrollpunkt

RP491: 2011-05-17 19:55:49 - Systemkontrollpunkt

RP492: 2011-05-18 20:43:00 - Systemkontrollpunkt

RP493: 2011-05-19 21:23:21 - Systemkontrollpunkt

RP494: 2011-05-21 11:39:48 - Removed Dealio Toolbar v4.1.

RP495: 2011-05-22 13:50:49 - Systemkontrollpunkt

RP496: 2011-05-23 19:03:26 - Systemkontrollpunkt

RP497: 2011-05-24 20:40:17 - Systemkontrollpunkt

RP498: 2011-05-24 22:59:05 - J2SE Runtime Environment 5.0 togs bort

RP499: 2011-05-26 00:13:05 - ComboFix created restore point

RP500: 2011-05-26 00:50:31 - Software Distribution Service 3.0

RP501: 2011-05-27 16:05:20 - Systemkontrollpunkt

RP502: 2011-05-28 17:14:19 - Systemkontrollpunkt

 

==== Installed Programs ======================

 

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.4.4 - Svenska

Adobe Shockwave Player 11.5

Advertising Center

AmpliTube LE

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI - Software Uninstall Utility

ATI Catalyst Control Center

ATI Display Driver

µTorrent

Audacity 1.2.6

Avira AntiVir Personal - Free Antivirus

BeatportDownloader

Bonjour

BufferChm

CameraDrivers

CameraReadme

Canon MP Navigator EX 1.0

Canon MP220 series

Canon My Printer

Canon Utilities Easy-PhotoPrint EX

Canon Utilities Solution Menu

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center HydraVision Full

ccc-core-preinstall

ccc-core-static

ccc-utility

CCC Help English

Citrix XenApp Web Plugin

Compatibility Pack for the 2007 Office system

Contextual Tool Lightspeedincome

DeviceDiscovery

DeviceManagementQFolder

E-MU USB Audio

eMule

eSupportQFolder

Focus MP3 Recorder Pro 3.4

Free MP3 Converter 2.0

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB976002-v5)

HP Imaging Device Functions 9.0

HP Photosmart-kameror 9.0

HP Photosmart Essential 2.01

HP Photosmart Essential2.01

HP Product Assistant

HP Solution Center 9.0

HP Update

hpicamDrvQFolder

HPProductAssistant

InstantShareDevicesMFC

iTunes

IZArc 4.1

Java Auto Updater

Java 6 Update 24

Live 8.2.1

Live 8.2.2

Max 5.1.8

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 1.1 Swedish Language Pack

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - SVE

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - SVE

Microsoft .NET Framework 3.5 Language Pack SP1 - sve

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Standard Edition 2003

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mirar

MobileMe Control Panel

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 9 Essentials

Nero ControlCenter

Nero Installer

Nero Online Upgrade

Nero StartSmart

Nero StartSmart OEM

neroxml

Net iD 5.0

PanoStandAlone

PSSWCORE

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.0

Reason 4.0

Safari

ScanSoft OmniPage SE 4

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Skins

Snabbkorrigering för Windows Media Player 11 (KB939683)

Snabbkorrigering för Windows XP (KB2158563)

Snabbkorrigering för Windows XP (KB2443685)

Snabbkorrigering för Windows XP (KB952287)

Snabbkorrigering för Windows XP (KB961118)

Snabbkorrigering för Windows XP (KB970653-v3)

Snabbkorrigering för Windows XP (KB976098-v2)

Snabbkorrigering för Windows XP (KB979306)

Snabbkorrigering för Windows XP (KB981793)

SoftV92 Data Fax Modem with SmartCP

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2183461)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2360131)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2416400)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2497640)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2510531)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB969897)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB971961)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB972260)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB974455)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB976325)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB978207)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB981332)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB982381)

Säkerhetsuppdatering för Windows Media Player (KB2378111)

Säkerhetsuppdatering för Windows Media Player (KB952069)

Säkerhetsuppdatering för Windows Media Player (KB954155)

Säkerhetsuppdatering för Windows Media Player (KB968816)

Säkerhetsuppdatering för Windows Media Player (KB973540)

Säkerhetsuppdatering för Windows Media Player (KB975558)

Säkerhetsuppdatering för Windows Media Player (KB978695)

Säkerhetsuppdatering för Windows Media Player 11 (KB936782)

Säkerhetsuppdatering för Windows Media Player 11 (KB954154)

Säkerhetsuppdatering för Windows XP (KB2079403)

Säkerhetsuppdatering för Windows XP (KB2115168)

Säkerhetsuppdatering för Windows XP (KB2121546)

Säkerhetsuppdatering för Windows XP (KB2160329)

Säkerhetsuppdatering för Windows XP (KB2229593)

Säkerhetsuppdatering för Windows XP (KB2259922)

Säkerhetsuppdatering för Windows XP (KB2279986)

Säkerhetsuppdatering för Windows XP (KB2286198)

Säkerhetsuppdatering för Windows XP (KB2296011)

Säkerhetsuppdatering för Windows XP (KB2296199)

Säkerhetsuppdatering för Windows XP (KB2347290)

Säkerhetsuppdatering för Windows XP (KB2360937)

Säkerhetsuppdatering för Windows XP (KB2387149)

Säkerhetsuppdatering för Windows XP (KB2393802)

Säkerhetsuppdatering för Windows XP (KB2412687)

Säkerhetsuppdatering för Windows XP (KB2419632)

Säkerhetsuppdatering för Windows XP (KB2423089)

Säkerhetsuppdatering för Windows XP (KB2436673)

Säkerhetsuppdatering för Windows XP (KB2440591)

Säkerhetsuppdatering för Windows XP (KB2443105)

Säkerhetsuppdatering för Windows XP (KB2476687)

Säkerhetsuppdatering för Windows XP (KB2478960)

Säkerhetsuppdatering för Windows XP (KB2478971)

Säkerhetsuppdatering för Windows XP (KB2479943)

Säkerhetsuppdatering för Windows XP (KB2481109)

Säkerhetsuppdatering för Windows XP (KB2483185)

Säkerhetsuppdatering för Windows XP (KB2485663)

Säkerhetsuppdatering för Windows XP (KB2503658)

Säkerhetsuppdatering för Windows XP (KB2506212)

Säkerhetsuppdatering för Windows XP (KB2506223)

Säkerhetsuppdatering för Windows XP (KB2507618)

Säkerhetsuppdatering för Windows XP (KB2508272)

Säkerhetsuppdatering för Windows XP (KB2508429)

Säkerhetsuppdatering för Windows XP (KB2509553)

Säkerhetsuppdatering för Windows XP (KB2511455)

Säkerhetsuppdatering för Windows XP (KB2524375)

Säkerhetsuppdatering för Windows XP (KB923561)

Säkerhetsuppdatering för Windows XP (KB923789)

Säkerhetsuppdatering för Windows XP (KB938464-v2)

Säkerhetsuppdatering för Windows XP (KB941569)

Säkerhetsuppdatering för Windows XP (KB946648)

Säkerhetsuppdatering för Windows XP (KB950760)

Säkerhetsuppdatering för Windows XP (KB950762)

Säkerhetsuppdatering för Windows XP (KB950974)

Säkerhetsuppdatering för Windows XP (KB951066)

Säkerhetsuppdatering för Windows XP (KB951376-v2)

Säkerhetsuppdatering för Windows XP (KB951748)

Säkerhetsuppdatering för Windows XP (KB952004)

Säkerhetsuppdatering för Windows XP (KB952954)

Säkerhetsuppdatering för Windows XP (KB954459)

Säkerhetsuppdatering för Windows XP (KB954600)

Säkerhetsuppdatering för Windows XP (KB955069)

Säkerhetsuppdatering för Windows XP (KB956572)

Säkerhetsuppdatering för Windows XP (KB956744)

Säkerhetsuppdatering för Windows XP (KB956802)

Säkerhetsuppdatering för Windows XP (KB956803)

Säkerhetsuppdatering för Windows XP (KB956844)

Säkerhetsuppdatering för Windows XP (KB957097)

Säkerhetsuppdatering för Windows XP (KB958644)

Säkerhetsuppdatering för Windows XP (KB958687)

Säkerhetsuppdatering för Windows XP (KB958690)

Säkerhetsuppdatering för Windows XP (KB958869)

Säkerhetsuppdatering för Windows XP (KB959426)

Säkerhetsuppdatering för Windows XP (KB960225)

Säkerhetsuppdatering för Windows XP (KB960715)

Säkerhetsuppdatering för Windows XP (KB960803)

Säkerhetsuppdatering för Windows XP (KB960859)

Säkerhetsuppdatering för Windows XP (KB961371)

Säkerhetsuppdatering för Windows XP (KB961373)

Säkerhetsuppdatering för Windows XP (KB961501)

Säkerhetsuppdatering för Windows XP (KB963027)

Säkerhetsuppdatering för Windows XP (KB968537)

Säkerhetsuppdatering för Windows XP (KB969059)

Säkerhetsuppdatering för Windows XP (KB969898)

Säkerhetsuppdatering för Windows XP (KB969947)

Säkerhetsuppdatering för Windows XP (KB970238)

Säkerhetsuppdatering för Windows XP (KB970430)

Säkerhetsuppdatering för Windows XP (KB971468)

Säkerhetsuppdatering för Windows XP (KB971486)

Säkerhetsuppdatering för Windows XP (KB971557)

Säkerhetsuppdatering för Windows XP (KB971633)

Säkerhetsuppdatering för Windows XP (KB971657)

Säkerhetsuppdatering för Windows XP (KB972270)

Säkerhetsuppdatering för Windows XP (KB973346)

Säkerhetsuppdatering för Windows XP (KB973354)

Säkerhetsuppdatering för Windows XP (KB973507)

Säkerhetsuppdatering för Windows XP (KB973525)

Säkerhetsuppdatering för Windows XP (KB973869)

Säkerhetsuppdatering för Windows XP (KB973904)

Säkerhetsuppdatering för Windows XP (KB974112)

Säkerhetsuppdatering för Windows XP (KB974318)

Säkerhetsuppdatering för Windows XP (KB974392)

Säkerhetsuppdatering för Windows XP (KB974571)

Säkerhetsuppdatering för Windows XP (KB975025)

Säkerhetsuppdatering för Windows XP (KB975467)

Säkerhetsuppdatering för Windows XP (KB975560)

Säkerhetsuppdatering för Windows XP (KB975561)

Säkerhetsuppdatering för Windows XP (KB975562)

Säkerhetsuppdatering för Windows XP (KB975713)

Säkerhetsuppdatering för Windows XP (KB977165)

Säkerhetsuppdatering för Windows XP (KB977816)

Säkerhetsuppdatering för Windows XP (KB977914)

Säkerhetsuppdatering för Windows XP (KB978037)

Säkerhetsuppdatering för Windows XP (KB978251)

Säkerhetsuppdatering för Windows XP (KB978262)

Säkerhetsuppdatering för Windows XP (KB978338)

Säkerhetsuppdatering för Windows XP (KB978542)

Säkerhetsuppdatering för Windows XP (KB978601)

Säkerhetsuppdatering för Windows XP (KB978706)

Säkerhetsuppdatering för Windows XP (KB979309)

Säkerhetsuppdatering för Windows XP (KB979482)

Säkerhetsuppdatering för Windows XP (KB979559)

Säkerhetsuppdatering för Windows XP (KB979683)

Säkerhetsuppdatering för Windows XP (KB979687)

Säkerhetsuppdatering för Windows XP (KB980195)

Säkerhetsuppdatering för Windows XP (KB980218)

Säkerhetsuppdatering för Windows XP (KB980232)

Säkerhetsuppdatering för Windows XP (KB980436)

Säkerhetsuppdatering för Windows XP (KB981322)

Säkerhetsuppdatering för Windows XP (KB981852)

Säkerhetsuppdatering för Windows XP (KB981957)

Säkerhetsuppdatering för Windows XP (KB981997)

Säkerhetsuppdatering för Windows XP (KB982132)

Säkerhetsuppdatering för Windows XP (KB982214)

Säkerhetsuppdatering för Windows XP (KB982665)

Säkerhetsuppdatering för Windows XP (KB982802)

SolutionCenter

Spelling Dictionaries Support For Adobe Reader 9

Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve

Status

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Uppdatering för Windows Internet Explorer 8 (KB968220)

Uppdatering för Windows Internet Explorer 8 (KB976662)

Uppdatering för Windows Internet Explorer 8 (KB976749)

Uppdatering för Windows Internet Explorer 8 (KB980182)

Uppdatering för Windows XP (KB2141007)

Uppdatering för Windows XP (KB2345886)

Uppdatering för Windows XP (KB2467659)

Uppdatering för Windows XP (KB951978)

Uppdatering för Windows XP (KB955759)

Uppdatering för Windows XP (KB955839)

Uppdatering för Windows XP (KB967715)

Uppdatering för Windows XP (KB968389)

Uppdatering för Windows XP (KB971029)

Uppdatering för Windows XP (KB971737)

Uppdatering för Windows XP (KB973687)

Uppdatering för Windows XP (KB973815)

WebFldrs XP

WebReg

VideoToolkit01

Viktig uppdatering för Windows Media Player 11 (KB959772)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

XLS Converter 1.7.2

XML Paper Specification Shared Components Language Pack 1.0

 

==== End Of File ===========================

[Cecilia]

Hur tycker du att datorn fungerar nu?

 

Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar skapas loggfilen C:\Program\Eset\Eset Online Scanner\log.txt. Öppna den i Anteckningar och klistra sedan in innehållet i ditt svar.

 

Kontrollera att du verkligen har Avira Antivir version 10.0.0.648. Om inte uppgradera till den versionen http://www.avira.com/en/support-download-free-antivirus

Sök igenom datorn med Avira Antivir. Om något hittas klistra in den loggen också.

[frasse67]

Här kommer loggen:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6522

# api_version=3.0.2

# EOSSerial=11e84bd108b9494e9ace63e7eea4a006

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-05-29 09:45:34

# local_time=2011-05-29 11:45:34 (+0100, Västeuropa, sommartid)

# country="Sweden"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1797 16775141 100 93 583 43241553 0 0

# compatibility_mode=6912 16777215 100 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 144 144 0 0

# scanned=4133

# found=0

# cleaned=0

# scan_time=532

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6522

# api_version=3.0.2

# EOSSerial=11e84bd108b9494e9ace63e7eea4a006

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-05-30 07:05:33

# local_time=2011-05-30 09:05:33 (+0100, Västeuropa, sommartid)

# country="Sweden"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1797 16775141 100 93 1297 43306794 58605 0

# compatibility_mode=6912 16777215 100 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 65385 65385 0 0

# scanned=228913

# found=96

# cleaned=0

# scan_time=12090

C:\Documents and Settings\Ägaren\Application Data\Sun\Java\Deployment\cache\6.0\19\560822d3-4021716a a variant of Java/Agent.BR trojan (unable to clean) 00000000000000000000000000000000 I

C:\Documents and Settings\Ägaren\Application Data\Sun\Java\Deployment\cache\6.0\58\22f2cfa-3a392efe multiple threats (unable to clean) 00000000000000000000000000000000 I

C:\Program\FreeMP3Converter20.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I

C:\Program\IZArc4.1.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I

C:\Program\Nero-9.4.12.3_free.exe Win32/Toolbar.AskSBar application (unable to clean) 00000000000000000000000000000000 I

C:\Program\eMule\Incoming\PSP Vintage Warmer for Mac.exe Win32/TrojanDownloader.Agent.QQD trojan (unable to clean) 00000000000000000000000000000000 I

C:\Program\eMule\Incoming\psp.audioware.vintage.warmer.vst.rtas.v2.1.rar Win32/TrojanDownloader.Agent.QQD trojan (unable to clean) 00000000000000000000000000000000 I

C:\Program\eMule\Incoming\pspaudioware psp vintage warmer 2 vst rtas v2.5.0.x86_x64.zip Win32/TrojanDownloader.Agent.QQD trojan (unable to clean) 00000000000000000000000000000000 I

C:\Program\eMule\Incoming\[vst audio plugin][vst effect] psp audioware vintage warmer presets.zip Win32/TrojanDownloader.Agent.QQD trojan (unable to clean) 00000000000000000000000000000000 I

C:\Program\eMule\Incoming\pspaudioware psp vintage warmer 2 vst rtas v2.5.0.x86_x64\Setup.exe Win32/TrojanDownloader.Agent.QQD trojan (unable to clean) 00000000000000000000000000000000 I

C:\Program\eMule\Incoming\[vst audio plugin][vst effect] psp audioware vintage warmer presets\Setup.exe Win32/TrojanDownloader.Agent.QQD trojan (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL.vir Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir Win32/Toolbar.MyWebSearch.G application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.vir a variant of Win32/Toolbar.MyWebSearch.B application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3IMSTUB.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir Win32/Toolbar.MyWebSearch.G application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir Win32/Toolbar.MyWebSearch.D application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir Win32/FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir a variant of Win32/Toolbar.MyWebSearch.H application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir a variant of Win32/Toolbar.MyWebSearch.I application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3HTML.DLL.vir a variant of Win32/Toolbar.MyWebSearch.F application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3MSG.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir Win32/Toolbar.MyWebSearch.J application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir Win32/Toolbar.MyWebSearch.J application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir Win32/Toolbar.MyWebSearch.I application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\M3TPINST.DLL.vir a variant of Win32/Toolbar.MyWebSearch.I application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir a variant of Win32/Toolbar.MyWebSearch.K application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSMLBTN.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir a variant of Win32/Toolbar.MyWebSearch.J application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir probably a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\MWSUABTN.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\WINDOWS\system32\phcpv1j0e95c.bmp.vir Win32/TrojanDownloader.FakeAlert.GS trojan (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP485\A0058311.exe a variant of Win32/Toolbar.MyWebSearch.O application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP485\A0058313.DLL a variant of Win32/Toolbar.MyWebSearch.M application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP485\A0058314.DLL a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP485\A0058315.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP494\A0058710.rbf Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP494\A0058712.rbf a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP494\A0058713.rbf probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP497\A0059831.exe Win32/Adware.CashTitan application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060093.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060094.DLL Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060095.DLL Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060096.DLL Win32/Toolbar.MyWebSearch.G application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060097.DLL a variant of Win32/Toolbar.MyWebSearch.B application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060098.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060099.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060100.DLL Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060101.SCR Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060102.DLL Win32/Toolbar.MyWebSearch.G application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060103.DLL Win32/Toolbar.MyWebSearch.D application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060104.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060105.EXE Win32/Adware.FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060107.DLL Win32/FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060108.DLL a variant of Win32/Toolbar.MyWebSearch.H application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060109.DLL a variant of Win32/Toolbar.MyWebSearch.I application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060111.DLL a variant of Win32/Toolbar.MyWebSearch.F application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060116.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060117.DLL Win32/Toolbar.MyWebSearch.J application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060118.DLL a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060121.EXE Win32/Toolbar.MyWebSearch.J application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060122.EXE Win32/Toolbar.MyWebSearch.I application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060123.DLL a variant of Win32/Toolbar.MyWebSearch.I application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060124.DLL a variant of Win32/Toolbar.MyWebSearch.K application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060125.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060126.EXE Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060127.DLL a variant of Win32/Toolbar.MyWebSearch.J application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060128.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060129.DLL probably a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060130.EXE Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060131.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060132.DLL Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{66C1E9C7-A534-4068-B6DD-88CDC11E18B5}\RP498\A0060139.scr Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Application Data\Sun\Java\Deployment\cache\6.0\17\299e4e91-44016cf5 Java/TrojanDownloader.OpenStream.NAC trojan (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Application Data\Sun\Java\Deployment\cache\6.0\51\25d09bb3-5a26feb3 Java/TrojanDownloader.OpenStream.NAC trojan (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\animan.class-142469c0-28908cc3.class Java/TrojanDownloader.OpenStream.NAC trojan (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\animan.class-3465a4db-41df313c.class Java/TrojanDownloader.OpenStream.NAC trojan (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Skrivbord\CrossOver.kg\All NI kg\absynth 2 keygen.exe a variant of Win32/Keygen.AA application (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Skrivbord\CrossOver.kg\Keygenerators\Absynth 2 Mac_PC(KeyGen).exe a variant of Win32/Keygen.AA application (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Skrivbord\CrossOver.kg\Keygenerators\artist_drums_keygen.exe a variant of Win32/Keygen.AA application (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Skrivbord\CrossOver.kg\Keygenerators\gpokg-tnc.exe a variant of Win32/Keygen.AA application (unable to clean) 00000000000000000000000000000000 I

F:\Documents and Settings\Jonas\Skrivbord\CrossOver.kg\Keygenerators\Artist Drums Keygen Folder\artist_drums_keygen.exe a variant of Win32/Keygen.AA application (unable to clean) 00000000000000000000000000000000 I

F:\Program\eMule\Incoming\Sony SoundForge v9.0.297a + Serial + Patch + Manual.rar a variant of Win32/Keygen.AQ application (unable to clean) 00000000000000000000000000000000 I

[Cecilia]

C:\Program\eMule\Incoming\PSP Vintage Warmer for Mac.exe Win32/TrojanDownloader.Agent.QQD trojan (unable to clean)

Infekterade program sprids mycket via fildelningsprogram.

 

Ta själv bort de filer i eMule och på Skrivbordet som Esets skanner klagade på. De andra filerna tas om hand under slutstädningen.

 

Hur fungerar datorn nu?