Just nu i M3-nätverket
Gå till innehåll
spinnare357

Problem med inloggning på internetbanken

Rekommendera Poster

Har samma problem med inloggning på internetbanken. Jag kan inte ladda ner från internet någon av föreslagna progrm. Har kört mitt antivirusprogram, som inte hittade något. (givetvis uppdaterat). Har också kört Stinger (hjälp vid tidigare problem), som inte hittade något, och kört Trojan Hunter som hittade trojaner men det går inte att ta bort utan att betala först. Vad göra?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

spinnare357 kan du ladda ner verktygen på en annan dator och föra över till den infekterade,har du provat att ladda ner i felsäkert läge med nätverk?Annars kan vi testa ett annat verktyg!

 

Spara OTL på Skrivbordet. http://oldtimer.geekstogo.com/OTL.exe

Stäng alla program.

Kör OTL (i Vista och Windows 7 högerklicka och Kör som administratör).

 

I rutan Custom scan's and fixes klistra in följande rader (kolla att du verkligen får med alla raderna och att varje rad här blir en egen rad i rutan):

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Tryck på Quick Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt. Medan du bifogar Extras.txt som en fil.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Inläggen utbrutna från denna tråd: //eforum.idg.se/topic/335558-problem/page__gopid__1574956#entry1574956

Så det inte blir så rörigt i den tråden.

 

Mvh, Flyfisherman / Moderator

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Postad (redigerade)

Tack för hjälpen! Har hämtat hem föreslagna program på annan dator. Här kommer loggfilerna

 

 

 

OTL logfile created on: 2012-04-07 11:14:25 - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = K:\OTL

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1022,41 Mb Total Physical Memory | 570,53 Mb Available Physical Memory | 55,80% Memory free

2,40 Gb Paging File | 1,89 Gb Available in Paging File | 78,61% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 232,89 Gb Total Space | 211,08 Gb Free Space | 90,64% Space Free | Partition Type: NTFS

Drive J: | 232,88 Gb Total Space | 225,69 Gb Free Space | 96,91% Space Free | Partition Type: NTFS

Drive K: | 14,64 Gb Total Space | 6,79 Gb Free Space | 46,40% Space Free | Partition Type: FAT32

 

Computer Name: DEFAULT | User Name: User | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012-04-07 10:32:32 | 000,593,920 | ---- | M] (OldTimer Tools) -- K:\OTL\OTL.exe

PRC - [2011-11-07 10:26:14 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program\Uniblue\RegistryBooster\rbmonitor.exe

PRC - [2011-09-02 15:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2011-08-27 19:37:22 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2011-08-23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program\Ask.com\Updater\Updater.exe

PRC - [2011-07-01 11:25:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program\Avira\AntiVir Desktop\avguard.exe

PRC - [2011-04-30 11:45:37 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program\Avira\AntiVir Desktop\sched.exe

PRC - [2011-02-15 14:07:48 | 001,086,288 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

PRC - [2011-01-10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010-11-07 11:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Program\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe

PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program\Avira\AntiVir Desktop\avshadow.exe

PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-12-18 11:48:40 | 000,196,704 | ---- | M] (OptionNV) -- C:\Program\Option\Telenor Mobilt Bredband\GtDetectSc.exe

PRC - [2006-06-01 13:32:12 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe

PRC - [2004-09-02 16:51:50 | 000,221,184 | ---- | M] (ACD Systems, Ltd.) -- C:\Program\Delade filer\ACD Systems\EN\DevDetect.exe

PRC - [2003-11-13 18:18:38 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE

PRC - [2002-01-17 10:40:10 | 000,040,448 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hplampc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012-02-05 14:41:50 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll

MOD - [2012-02-05 14:41:48 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll

MOD - [2011-10-05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSPTLS.DLL

MOD - [2011-06-28 13:19:50 | 000,430,568 | ---- | M] () -- C:\Program\Lavasoft\Ad-Aware\VipreBridge.dll

MOD - [2011-06-28 13:19:49 | 000,589,184 | ---- | M] () -- C:\Program\Lavasoft\Ad-Aware\RPAPI.dll

MOD - [2011-06-16 17:32:06 | 000,308,560 | ---- | M] () -- C:\Program\Lavasoft\Ad-Aware\Vipre.dll

MOD - [2011-06-07 11:44:50 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw

MOD - [2010-06-17 14:27:22 | 000,355,688 | ---- | M] () -- C:\Program\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2008-09-17 09:55:00 | 001,503,232 | ---- | M] () -- C:\WINDOWS\system32\nview.dll

MOD - [2008-09-17 09:55:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll

MOD - [2006-06-29 01:24:26 | 000,681,496 | ---- | M] () -- C:\Program\Delade filer\Microsoft Shared\PROOF\1053\MSGRSW32.DLL

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2011-09-02 15:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [On_Demand | Running] -- C:\Program\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2011-07-01 11:25:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011-04-30 11:45:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2007-12-18 11:48:40 | 000,196,704 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program\Option\Telenor Mobilt Bredband\GtDetectSc.exe -- (GtDetectSc)

SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2005-04-04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\xpsec.sys -- (xpsec)

DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\xcpip.sys -- (xcpip)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\97fnb7o.sys -- (97fnb7o.sys)

DRV - [2011-07-01 11:25:51 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2011-07-01 11:25:51 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011-05-19 20:35:20 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2011-04-20 19:38:40 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)

DRV - [2010-08-12 14:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)

DRV - [2010-06-17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010-06-17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008-02-18 16:14:38 | 000,106,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)

DRV - [2008-02-08 12:00:22 | 000,059,648 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)

DRV - [2007-03-30 12:38:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)

DRV - [2005-01-06 17:08:46 | 000,449,920 | ---- | M] (Liteon Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wn5401.sys -- (WN5401)

DRV - [2004-10-27 13:40:30 | 000,335,360 | ---- | M] (ASUSTek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)

DRV - [2004-10-24 08:35:00 | 000,024,544 | ---- | M] (ASUSTek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)

DRV - [2004-06-29 10:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2004-02-06 10:37:04 | 000,366,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2003-11-13 18:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)

DRV - [2003-11-13 18:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2003-11-13 18:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV - [2003-11-13 18:01:02 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2003-11-13 17:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)

DRV - [2003-11-13 17:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)

DRV - [2003-11-13 17:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)

DRV - [2003-11-12 20:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)

DRV - [2001-02-18 10:09:56 | 000,009,312 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hp4200c.sys -- (hp4200c)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylo...s=1&affID=17393

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...referrer:source?}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A6 84 15 23 01 39 CA 01 [binary data]

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...88-6B5C40C0354E&

IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylo...s=1&affID=17393

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

 

[2011-04-19 23:26:04 | 000,002,428 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\babylon.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Bing (Enabled)

CHR - default_search_provider: search_url = http://www.bing.com/...&q={searchTerms}

CHR - default_search_provider: suggest_url = http://api.bing.com/...guage={language}

CHR - Extension: Babylon Chrome OCR = C:\Documents and Settings\User\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\

 

O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Download Guard for Internet Explorer) - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - C:\Program\Lavasoft\Download Guard for Internet Explorer\DownloadGuardBHO.dll (Lavasoft AB )

O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)

O3 - HKLM\..\Toolbar: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\WebBrowser: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ApnUpdater] C:\Program\Ask.com\Updater\Updater.exe (Ask)

O4 - HKLM..\Run: [avgnt] C:\Program\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [babylonToolbar] C:\Program\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)

O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)

O4 - HKLM..\Run: [Device Detector] C:\Program\Delade filer\ACD Systems\EN\DevDetect.exe (ACD Systems, Ltd.)

O4 - HKLM..\Run: [hplampc] C:\WINDOWS\system32\hplampc.exe (Hewlett-Packard)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe" File not found

O4 - HKLM..\Run: [THGuard] K:\Trojan Hunter\TrojanHunter 5.5\THGuard.exe (Mischel Internet Security)

O4 - HKCU..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe (Nero AG)

O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra 'Tools' menuitem : Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.c...oft_webscan.cab (Emsisoft Web Malware Scan)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{697BC429-1AA8-4827-9B74-6F19234DBBA3}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\Antiwpa: DllName - (antiwpa.dll) - File not found

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\User\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-08-05 12:32:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010-04-14 22:54:30 | 000,000,166 | ---- | M] () - K:\autorun.inf -- [ FAT32 ]

O33 - MountPoints2\K\Shell - "" = AutoRun

O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\setup.exe AUTORUN=1

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (lsdelete)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: VIDC.ACDV - C:\WINDOWS\System32\ACDV.dll (ACD Systems)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012-04-05 22:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\TrojanHunter

[2012-04-05 19:46:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\TrojanHunter

[2012-04-05 19:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter

[2012-04-05 16:55:37 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.676a.deleteme

[2012-04-05 16:46:50 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\stinger.sys

[2012-04-05 16:46:30 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.6101.deleteme

[2012-04-05 16:46:13 | 000,000,000 | ---D | C] -- C:\Program\stinger

[2012-04-04 15:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\f-secure

[2012-04-04 15:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\F-Secure

[2012-04-04 12:26:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Personal

[2012-04-03 20:02:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2012-04-03 20:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Uniblue

[2012-04-03 01:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Personal

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012-04-07 11:07:20 | 000,000,952 | ---- | M] () -- C:\Documents and Settings\User\Skrivbord\Continue FoxTab PDF Creator Installation.lnk

[2012-04-07 11:07:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-04-07 11:01:00 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2012-04-07 09:30:03 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2012-04-07 09:30:02 | 000,000,514 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Scan (vanlig koll).job

[2012-04-07 00:05:00 | 000,000,368 | ---- | M] () -- C:\WINDOWS\tasks\SpyHunter4.job

[2012-04-06 15:53:48 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-04-06 15:53:46 | 000,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2012-04-06 15:53:44 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job

[2012-04-06 15:53:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-04-06 15:37:43 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-04-06 15:35:22 | 000,030,888 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000004-00001102-00000004-20051102}.rfx

[2012-04-06 15:35:22 | 000,030,888 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000004-00001102-00000004-20051102}.rfx

[2012-04-06 15:35:22 | 000,029,952 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000004-00001102-00000004-20051102}.rfx

[2012-04-06 15:35:22 | 000,029,952 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000004-00001102-00000004-20051102}.rfx

[2012-04-06 15:35:22 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm

[2012-04-06 15:35:22 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm

[2012-04-06 15:35:22 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000004-00001102-00000004-20051102}.dat

[2012-04-06 15:35:22 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000004-00001102-00000004-20051102}.dat

[2012-04-06 15:34:48 | 004,932,268 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000004-00001102-00000004-20051102}.CDF

[2012-04-06 13:09:57 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Google Chrome.lnk

[2012-04-05 21:30:26 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\User\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-04-05 19:46:37 | 000,059,392 | R--- | M] () -- C:\WINDOWS\System32\streamhlp.dll

[2012-04-05 19:46:25 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk

[2012-04-05 16:55:49 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\stinger.sys

[2012-04-05 16:55:34 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.676a.deleteme

[2012-04-05 16:46:26 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.6101.deleteme

[2012-04-04 08:34:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2012-04-03 21:01:02 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat

[2012-04-03 21:01:02 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat

[2012-04-03 20:02:20 | 000,001,451 | ---- | M] () -- C:\Documents and Settings\User\Skrivbord\Uniblue RegistryBooster.lnk

[2012-04-03 20:02:20 | 000,001,435 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk

[2012-03-25 18:51:05 | 000,318,158 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2012-03-25 18:51:05 | 000,314,644 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012-03-25 18:51:05 | 000,049,112 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2012-03-25 18:51:05 | 000,040,972 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012-03-22 21:09:55 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012-03-22 17:54:38 | 000,001,480 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG

[2012-03-14 04:20:29 | 000,352,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-03-14 04:02:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012-04-07 11:07:19 | 000,000,952 | ---- | C] () -- C:\Documents and Settings\User\Skrivbord\Continue FoxTab PDF Creator Installation.lnk

[2012-04-05 19:46:25 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk

[2012-04-05 19:46:04 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll

[2012-04-03 20:02:20 | 000,001,451 | ---- | C] () -- C:\Documents and Settings\User\Skrivbord\Uniblue RegistryBooster.lnk

[2012-04-03 20:02:20 | 000,001,435 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk

[2012-04-03 19:16:44 | 000,000,368 | ---- | C] () -- C:\WINDOWS\tasks\SpyHunter4.job

[2012-02-15 04:59:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-01-27 19:03:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\User\Lokala inställningar\Application Data\keyfile3.drm

[2011-07-01 16:05:30 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll

[2011-07-01 16:05:30 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll

[2011-07-01 16:03:25 | 000,014,960 | ---- | C] () -- C:\WINDOWS\HPSETUP.INI

[2011-06-10 11:05:20 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2011-04-20 19:50:55 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe

[2011-04-20 19:39:06 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat

[2011-04-20 19:39:06 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat

[2011-04-19 17:51:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010-08-23 23:16:57 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010-06-10 17:09:32 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\User\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 

========== LOP Check ==========

 

[2011-05-19 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems

[2012-04-04 15:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure

[2012-04-05 19:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter

[2012-04-03 20:02:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2011-08-24 18:06:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CCE9E666-4D7C-4946-A98B-CFDE0A0C1706}

[2011-04-20 19:29:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}

[2011-05-19 20:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ACD Systems

[2011-04-19 23:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BabylonToolbar

[2012-04-04 15:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\f-secure

[2009-09-15 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OpenOffice.org

[2009-10-30 16:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Personal

[2011-04-20 19:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Sammsoft

[2012-02-27 20:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Spotify

[2009-10-26 18:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TeamViewer

[2012-04-05 22:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TrojanHunter

[2011-04-20 02:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Uniblue

[2012-04-07 09:30:02 | 000,000,514 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (vanlig koll).job

[2012-04-07 09:30:03 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[2012-04-06 15:53:44 | 000,000,250 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job

[2012-04-07 11:01:00 | 000,000,220 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

[2012-04-07 00:05:00 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\SpyHunter4.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

< %SYSTEMDRIVE%\*.* >

[2012-04-06 15:53:34 | 000,035,971 | ---- | M] () -- C:\aaw7boot.log

[2009-08-05 12:32:19 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2012-04-04 08:34:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2004-08-04 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2009-08-05 12:32:19 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2011-04-19 17:35:45 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp

[2009-08-05 12:32:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009-08-05 12:32:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004-08-04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2009-08-20 11:48:41 | 000,250,560 | RHS- | M] () -- C:\ntldr

[2012-04-06 15:53:34 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys

 

< %systemroot%\system32\*.wt >

 

< %systemroot%\system32\*.ruy >

 

< %systemroot%\Fonts\*.com >

 

< %systemroot%\Fonts\*.dll >

 

< %systemroot%\Fonts\*.ini >

[2009-08-05 12:31:59 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

 

< %systemroot%\Fonts\*.ini2 >

 

< %systemroot%\Fonts\*.exe >

 

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2006-10-26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll

 

< %systemroot%\REPAIR\*.bak1 >

 

< %systemroot%\REPAIR\*.ini >

 

< %systemroot%\system32\*.jpg >

 

< %systemroot%\*.jpg >

 

< %systemroot%\*.png >

 

< %systemroot%\*.scr >

 

< %systemroot%\*._sy >

 

< %APPDATA%\Adobe\Update\*.* >

 

< %ALLUSERSPROFILE%\Favorites\*.* >

 

< %APPDATA%\Microsoft\*.* >

 

< %PROGRAMFILES%\*.* >

 

< %APPDATA%\Update\*.* >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\System32\config\*.sav >

[2009-08-05 14:17:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2009-08-05 14:17:43 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2009-08-05 14:17:43 | 000,434,176 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-03-14 02:04:20

 

< End of report >

 

 

 

 

hjälp. Vet inte hur jag bifogar fil (Extras.txt)

Redigerad av spinnare357

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Postad (redigerade)
hjälp. Vet inte hur jag bifogar fil (Extras.txt)

Klicka på röda knappen "Skriv nytt inlägg i tråden" eller klicka på "Använd full redigerare" under inlägget.

 

Under rutan du skriver i så finns en knapp "Klicka för att bifoga filer" och navigera dit du har din fil och ladda upp.

Sedan ställer du mus pekaren i redigeraren på det ställe i inlägget där du vill att filen skall lägga sig och klickar på "Lägg till i inlägg" till höger, annars lägger sig den bifogade filen längst ned i inlägget - vilket också är ok.

post-73434-0-05151100-1333792523_thumb.png

Redigerad av Flyfisherman

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej! Avinstallera Babylon Toolbar och Ask Toolbar,ta även bort dom som sökmotorer i IE!!

Avinstallera även C:\Program\Ask.com\Updater\Updater.exe!

 

Spara TDSSKiller på Skrivbordet:

http://support.kaspersky.com/downloads/utils/tdsskiller.zip

 

Högerklicka och välj Extrahera alla. Kom ihåg var du packar upp filen.

Stäng av dina vanliga program, men du kan lämna antivirusprogram och liknande igång.

Kör programmet TDSSKiller.exe som finns i mappen där du packade upp filerna.

 

Klicka på Start Scan.

 

Om några hot hittas så välj Cure och klicka på Continue. Om inte Cure finns så välj Skip. Välj INTE Delete. Eventuellt behöver datorn startas om.

 

Klistra in innehållet i loggen som du hittar i C:\ med namnet TDSSKiller följt av version och tidpunkt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag hämtar hem program från annan dator. Skall jag spara ComboFix på USB-minnet för att kunna lägga in i min dator? Enl. "Laston" skall ComboFix sparas på skrivbordet. Denna dator (lånad) säger att det kan skada datorn. Hur göra?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Postad (redigerade)

Hmm jag har inte bett dig att köra ComboFix utan TDSS killer,sen reagerar många antivirusprogram på ComboFix men detta är ett säkert verktyg om det körs under övervakan av nån som kan ge rätt instruktioner och kan läsa loggarna!!

 

Mvh Laston

Redigerad av Laston

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

OK! Nej du har inte bett mig ladda ner ComboFix. Jag ville bara vara förberedd. Ber om överseende med detta. Virusprogrammet hittade detta också.

 

2012-04-06

 

Virus or unwanted program 'TR/Agent.280576.7 [trojan]'

detected in file 'C:\WINDOWS\Temp\SBS_VE_AMBR_20120306193618.781_ 62359.

Action performed: Allow access

 

 

2012-04-04

 

The file 'C:\Documents and Settings\User\Lokala inställningar\Temp\Main.class'

contained a virus or unwanted program 'EXP/2011-3544.EE' [exploit]

Action(s) taken:

The file was moved to the quarantine directory under the name '4ba99483.qua'.

 

 

2012-04-04

 

The file 'C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\5f87a7dc-54991e0e'

contained a virus or unwanted program 'EXP/2012-0507.B' [exploit]

Action(s) taken:

The file was moved to the quarantine directory under the name '4bf8b9cf.qua'.

 

201204-03

 

Virus or unwanted program 'TR/Agent.280576.7 [trojan]'

detected in file 'C:\WINDOWS\Temp\SBS_VE_AMBR_20120303233742.390_ 62348.

Action performed: Allow access

 

 

2012-04-03

 

 

A virus or

unwanted program 'BOO/Mebrot.A' [virus] was found in Boot sector of drive 'C:'.

Action executed: Deny access

 

 

2012-04-03

 

Virus or unwanted program 'TR/Rootkit.Gen3 [trojan]'

detected in file 'C:\WINDOWS\system32\drivers\97fnb7o.sys.

Action performed: Allow access

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Här kommer loggen från TDSSKiller. Datorn har nu blivit 3ggr så snabb,minst

 

 

16:12:42.0312 3172 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02

16:12:42.0328 3172 ============================================================

16:12:42.0328 3172 Current date / time: 2012/04/07 16:12:42.0328

16:12:42.0328 3172 SystemInfo:

16:12:42.0328 3172

16:12:42.0328 3172 OS Version: 5.1.2600 ServicePack: 3.0

16:12:42.0328 3172 Product type: Workstation

16:12:42.0328 3172 ComputerName: DEFAULT

16:12:42.0328 3172 UserName: User

16:12:42.0328 3172 Windows directory: C:\WINDOWS

16:12:42.0328 3172 System windows directory: C:\WINDOWS

16:12:42.0328 3172 Processor architecture: Intel x86

16:12:42.0328 3172 Number of processors: 2

16:12:42.0328 3172 Page size: 0x1000

16:12:42.0328 3172 Boot type: Normal boot

16:12:42.0328 3172 ============================================================

16:12:44.0671 3172 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

16:12:44.0687 3172 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054

16:12:44.0812 3172 Drive \Device\Harddisk6\DR12 - Size: 0x3A9440000 (14.64 Gb), SectorSize: 0x200, Cylinders: 0x777, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

16:12:44.0812 3172 \Device\Harddisk0\DR0:

16:12:44.0812 3172 MBR used

16:12:44.0812 3172 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C548F

16:12:44.0812 3172 \Device\Harddisk1\DR1:

16:12:44.0812 3172 MBR used

16:12:44.0812 3172 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4191

16:12:44.0812 3172 \Device\Harddisk6\DR12:

16:12:44.0812 3172 MBR used

16:12:44.0812 3172 \Device\Harddisk6\DR12\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1D48280

16:12:44.0859 3172 Initialize success

16:12:44.0859 3172 ============================================================

16:13:01.0406 2328 ============================================================

16:13:01.0406 2328 Scan started

16:13:01.0406 2328 Mode: Manual;

16:13:01.0406 2328 ============================================================

16:13:02.0656 2328 97fnb7o.sys - ok

16:13:02.0718 2328 Abiosdsk - ok

16:13:02.0750 2328 abp480n5 - ok

16:13:02.0843 2328 ACPI (48547e29772befe3c554ff5e4855bf51) C:\WINDOWS\system32\DRIVERS\ACPI.sys

16:13:02.0843 2328 ACPI - ok

16:13:02.0906 2328 ACPIEC (decedc736cef3c0fff6e981b31e73a61) C:\WINDOWS\system32\drivers\ACPIEC.sys

16:13:02.0906 2328 ACPIEC - ok

16:13:02.0953 2328 adpu160m - ok

16:13:02.0984 2328 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

16:13:03.0000 2328 aec - ok

16:13:03.0062 2328 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

16:13:03.0078 2328 AFD - ok

16:13:03.0218 2328 AgereSoftModem (593aefc67283d409f34cc1245d00a509) C:\WINDOWS\system32\DRIVERS\AGRSM.sys

16:13:03.0265 2328 AgereSoftModem - ok

16:13:03.0296 2328 Aha154x - ok

16:13:03.0312 2328 aic78u2 - ok

16:13:03.0343 2328 aic78xx - ok

16:13:03.0406 2328 Alerter (7e3c83703327499d0b98ae392ff07ede) C:\WINDOWS\system32\alrsvc.dll

16:13:03.0406 2328 Alerter - ok

16:13:03.0453 2328 ALG (5df46f9ad9c1d611a38af2abb9365b5b) C:\WINDOWS\System32\alg.exe

16:13:03.0453 2328 ALG - ok

16:13:03.0468 2328 AliIde - ok

16:13:03.0500 2328 amsint - ok

16:13:03.0656 2328 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program\Avira\AntiVir Desktop\sched.exe

16:13:03.0656 2328 AntiVirSchedulerService - ok

16:13:03.0687 2328 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program\Avira\AntiVir Desktop\avguard.exe

16:13:03.0703 2328 AntiVirService - ok

16:13:03.0718 2328 AppMgmt - ok

16:13:03.0765 2328 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

16:13:03.0765 2328 Arp1394 - ok

16:13:03.0796 2328 asc - ok

16:13:03.0812 2328 asc3350p - ok

16:13:03.0843 2328 asc3550 - ok

16:13:03.0890 2328 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

16:13:03.0890 2328 AsyncMac - ok

16:13:03.0937 2328 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

16:13:03.0937 2328 atapi - ok

16:13:03.0984 2328 Atdisk - ok

16:13:04.0031 2328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

16:13:04.0031 2328 Atmarpc - ok

16:13:04.0078 2328 AudioSrv (73f7604cfb13a066a93442f431c62c4a) C:\WINDOWS\System32\audiosrv.dll

16:13:04.0078 2328 AudioSrv - ok

16:13:04.0156 2328 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

16:13:04.0156 2328 audstub - ok

16:13:04.0171 2328 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program\Avira\AntiVir Desktop\avgio.sys

16:13:04.0171 2328 avgio - ok

16:13:04.0250 2328 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

16:13:04.0265 2328 avgntflt - ok

16:13:04.0312 2328 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys

16:13:04.0328 2328 avipbb - ok

16:13:04.0359 2328 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

16:13:04.0359 2328 Beep - ok

16:13:04.0421 2328 BITS (9741942a86e579231d3c41aa51de042f) C:\WINDOWS\system32\qmgr.dll

16:13:04.0500 2328 BITS - ok

16:13:04.0578 2328 Browser (e0d4a1cc49efb58a32b5e9d35798c9dd) C:\WINDOWS\System32\browser.dll

16:13:04.0578 2328 Browser - ok

16:13:04.0703 2328 Cap7134 (2f6c4370cddeb9108c91e34210035fe8) C:\WINDOWS\system32\DRIVERS\Cap7134.sys

16:13:04.0718 2328 Cap7134 - ok

16:13:04.0765 2328 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

16:13:04.0765 2328 cbidf2k - ok

16:13:04.0843 2328 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

16:13:04.0843 2328 CCDECODE - ok

16:13:04.0890 2328 cd20xrnt - ok

16:13:04.0937 2328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

16:13:04.0937 2328 Cdaudio - ok

16:13:04.0968 2328 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

16:13:04.0968 2328 Cdfs - ok

16:13:05.0000 2328 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

16:13:05.0000 2328 Cdrom - ok

16:13:05.0015 2328 Changer - ok

16:13:05.0062 2328 CiSvc (359c676391504438f334478585fd6465) C:\WINDOWS\system32\cisvc.exe

16:13:05.0062 2328 CiSvc - ok

16:13:05.0125 2328 ClipSrv (b8345830c5d789d3da21b91c0c94d086) C:\WINDOWS\system32\clipsrv.exe

16:13:05.0125 2328 ClipSrv - ok

16:13:05.0171 2328 CmdIde - ok

16:13:05.0203 2328 COMSysApp - ok

16:13:05.0234 2328 Cpqarray - ok

16:13:05.0265 2328 CryptSvc (04fd6585508a7320b2c7453ced231d6b) C:\WINDOWS\System32\cryptsvc.dll

16:13:05.0265 2328 CryptSvc - ok

16:13:05.0312 2328 ctac32k (a5e67327b49e1f4341d470d8bbcbc401) C:\WINDOWS\system32\drivers\ctac32k.sys

16:13:05.0343 2328 ctac32k - ok

16:13:05.0375 2328 ctaud2k (dd2367251d8aa9315d71023e541048c9) C:\WINDOWS\system32\drivers\ctaud2k.sys

16:13:05.0390 2328 ctaud2k - ok

16:13:05.0437 2328 ctdvda2k (29f78d59b053cb8778f8426e4e24099c) C:\WINDOWS\system32\drivers\ctdvda2k.sys

16:13:05.0453 2328 ctdvda2k - ok

16:13:05.0500 2328 ctprxy2k (c7fc5d87b06207a5d34697b627826618) C:\WINDOWS\system32\drivers\ctprxy2k.sys

16:13:05.0500 2328 ctprxy2k - ok

16:13:05.0531 2328 ctsfm2k (2c0af71cf0e1224a2dfc2b67e63b02b1) C:\WINDOWS\system32\drivers\ctsfm2k.sys

16:13:05.0531 2328 ctsfm2k - ok

16:13:05.0546 2328 dac2w2k - ok

16:13:05.0640 2328 dac960nt - ok

16:13:05.0750 2328 DcomLaunch (87dadc3f6e6cd5aaeb913e19cbff922c) C:\WINDOWS\system32\rpcss.dll

16:13:05.0765 2328 DcomLaunch - ok

16:13:05.0796 2328 Dhcp (0ce3fa1c1a6803b34022d6c47273930d) C:\WINDOWS\System32\dhcpcsvc.dll

16:13:05.0812 2328 Dhcp - ok

16:13:05.0875 2328 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

16:13:05.0875 2328 Disk - ok

16:13:05.0953 2328 dmadmin - ok

16:13:06.0015 2328 dmboot (80008bd0c19d97b0b3f4d1d9cbf190a8) C:\WINDOWS\system32\drivers\dmboot.sys

16:13:06.0031 2328 dmboot - ok

16:13:06.0109 2328 dmio (41862731f82be80f0cfba5d0da36b683) C:\WINDOWS\system32\drivers\dmio.sys

16:13:06.0109 2328 dmio - ok

16:13:06.0171 2328 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

16:13:06.0171 2328 dmload - ok

16:13:06.0250 2328 dmserver (77db107fd2d8de42b3adc7fce084f653) C:\WINDOWS\System32\dmserver.dll

16:13:06.0250 2328 dmserver - ok

16:13:06.0312 2328 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

16:13:06.0312 2328 DMusic - ok

16:13:06.0343 2328 Dnscache (efac4d4c80ccd725cc5bd7d3dbf18c74) C:\WINDOWS\System32\dnsrslvr.dll

16:13:06.0359 2328 Dnscache - ok

16:13:06.0437 2328 Dot3svc (c3c6cf67796acdd8329cb0e44367a1eb) C:\WINDOWS\System32\dot3svc.dll

16:13:06.0453 2328 Dot3svc - ok

16:13:06.0484 2328 dpti2o - ok

16:13:06.0531 2328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

16:13:06.0531 2328 drmkaud - ok

16:13:06.0640 2328 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys

16:13:06.0640 2328 E100B - ok

16:13:06.0687 2328 EapHost (d9cabe63af4bc951302d9e508cb5599a) C:\WINDOWS\System32\eapsvc.dll

16:13:06.0687 2328 EapHost - ok

16:13:06.0796 2328 emupia (091d37e0f5193f708c9006b1f2e23ee4) C:\WINDOWS\system32\drivers\emupia2k.sys

16:13:06.0812 2328 emupia - ok

16:13:06.0890 2328 ERSvc (bc5287dc6dc7ebb13aa825caa6482f94) C:\WINDOWS\System32\ersvc.dll

16:13:06.0890 2328 ERSvc - ok

16:13:07.0000 2328 esgiguard - ok

16:13:07.0109 2328 Eventlog (8870b0c4a094c1ce80cea6f85fa38ff2) C:\WINDOWS\system32\services.exe

16:13:07.0125 2328 Eventlog - ok

16:13:07.0187 2328 EventSystem (01cec6de315f1a06ce5aa70009c6979e) C:\WINDOWS\system32\es.dll

16:13:07.0203 2328 EventSystem - ok

16:13:07.0281 2328 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

16:13:07.0296 2328 Fastfat - ok

16:13:07.0359 2328 FastUserSwitchingCompatibility (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll

16:13:07.0375 2328 FastUserSwitchingCompatibility - ok

16:13:07.0453 2328 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

16:13:07.0453 2328 Fdc - ok

16:13:07.0484 2328 Fips (b66ddb75642f6722468707840c67a394) C:\WINDOWS\system32\drivers\Fips.sys

16:13:07.0484 2328 Fips - ok

16:13:07.0500 2328 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

16:13:07.0500 2328 Flpydisk - ok

16:13:07.0531 2328 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

16:13:07.0546 2328 FltMgr - ok

16:13:07.0578 2328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

16:13:07.0578 2328 Fs_Rec - ok

16:13:07.0640 2328 Ftdisk (45fc410cfe68ff036ad232a141e69c19) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

16:13:07.0640 2328 Ftdisk - ok

16:13:07.0718 2328 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

16:13:07.0718 2328 Gpc - ok

16:13:07.0781 2328 GT72NDISIPXP (20a940d96e69be65f9b6e4695baac6dc) C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys

16:13:07.0781 2328 GT72NDISIPXP - ok

16:13:07.0859 2328 GT72UBUS (1678d49ea3e76ccabde89d7b26d5061c) C:\WINDOWS\system32\DRIVERS\gt72ubus.sys

16:13:07.0859 2328 GT72UBUS - ok

16:13:07.0953 2328 GtDetectSc (4a58b52e866bc50f81f63fe181384982) C:\Program\Option\Telenor Mobilt Bredband\GtDetectSc.exe

16:13:07.0953 2328 GtDetectSc - ok

16:13:08.0015 2328 GTPTSER (346ddaefa04e49ad804ee12d4baa0ed3) C:\WINDOWS\system32\DRIVERS\gtptser.sys

16:13:08.0015 2328 GTPTSER - ok

16:13:08.0062 2328 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program\Google\Update\GoogleUpdate.exe

16:13:08.0062 2328 gupdate - ok

16:13:08.0125 2328 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program\Google\Update\GoogleUpdate.exe

16:13:08.0125 2328 gupdatem - ok

16:13:08.0140 2328 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

16:13:08.0156 2328 gusvc - ok

16:13:08.0265 2328 ha10kx2k (1ad88bcf3d043baa58c15eb262625f9b) C:\WINDOWS\system32\drivers\ha10kx2k.sys

16:13:08.0281 2328 ha10kx2k - ok

16:13:08.0312 2328 hap16v2k (8ff42f63c722a1dd4c91ff6a497fd6b2) C:\WINDOWS\system32\drivers\hap16v2k.sys

16:13:08.0328 2328 hap16v2k - ok

16:13:08.0406 2328 helpsvc (202c95f334c53a5a8bd0d8465512b3f4) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

16:13:08.0406 2328 helpsvc - ok

16:13:08.0484 2328 HidServ - ok

16:13:08.0531 2328 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

16:13:08.0531 2328 hidusb - ok

16:13:08.0625 2328 hkmsvc (98580e101404565700fd12e03f7ee056) C:\WINDOWS\System32\kmsvc.dll

16:13:08.0625 2328 hkmsvc - ok

16:13:08.0703 2328 hp4200c (9add235b564d7b3d27d97cb13ede8c0a) C:\WINDOWS\system32\DRIVERS\hp4200c.sys

16:13:08.0703 2328 hp4200c - ok

16:13:08.0750 2328 hpn - ok

16:13:08.0843 2328 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

16:13:08.0859 2328 HTTP - ok

16:13:08.0921 2328 HTTPFilter (f504d07cb25d62ab8d079c1f868651ae) C:\WINDOWS\System32\w3ssl.dll

16:13:08.0921 2328 HTTPFilter - ok

16:13:08.0953 2328 i2omgmt - ok

16:13:08.0984 2328 i2omp - ok

16:13:09.0062 2328 i8042prt (82e56cd09b2ce1edec3fba9111c7ee3a) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

16:13:09.0062 2328 i8042prt - ok

16:13:09.0171 2328 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

16:13:09.0171 2328 IDriverT - ok

16:13:09.0218 2328 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

16:13:09.0218 2328 Imapi - ok

16:13:09.0296 2328 ImapiService (891b69c3de6c55a7868b3bb52bc131aa) C:\WINDOWS\system32\imapi.exe

16:13:09.0312 2328 ImapiService - ok

16:13:09.0343 2328 ini910u - ok

16:13:09.0359 2328 IntelIde - ok

16:13:09.0390 2328 intelppm (02431778e84a525d29929d14bab71d53) C:\WINDOWS\system32\DRIVERS\intelppm.sys

16:13:09.0390 2328 intelppm - ok

16:13:09.0437 2328 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

16:13:09.0437 2328 Ip6Fw - ok

16:13:09.0515 2328 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

16:13:09.0515 2328 IpFilterDriver - ok

16:13:09.0609 2328 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

16:13:09.0609 2328 IpInIp - ok

16:13:09.0656 2328 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

16:13:09.0671 2328 IpNat - ok

16:13:09.0703 2328 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

16:13:09.0703 2328 IPSec - ok

16:13:09.0796 2328 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

16:13:09.0796 2328 IRENUM - ok

16:13:09.0843 2328 isapnp (48f97c77daf8811598cfae21368eacb6) C:\WINDOWS\system32\DRIVERS\isapnp.sys

16:13:09.0859 2328 isapnp - ok

16:13:09.0984 2328 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program\Java\jre6\bin\jqs.exe

16:13:10.0000 2328 JavaQuickStarterService - ok

16:13:10.0031 2328 Kbdclass (d655ca94c8e2e0223c1bc28bcd95723a) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

16:13:10.0046 2328 Kbdclass - ok

16:13:10.0125 2328 kbdhid (e1e28876fe7602b0a1d040354de35c06) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

16:13:10.0125 2328 kbdhid - ok

16:13:10.0156 2328 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

16:13:10.0187 2328 kmixer - ok

16:13:10.0265 2328 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

16:13:10.0265 2328 KSecDD - ok

16:13:10.0343 2328 lanmanserver (2c633a578d5adaaa821c675d65f959c5) C:\WINDOWS\System32\srvsvc.dll

16:13:10.0343 2328 lanmanserver - ok

16:13:10.0390 2328 lanmanworkstation (eaa41d225b9da1314e0977c774864430) C:\WINDOWS\System32\wkssvc.dll

16:13:10.0390 2328 lanmanworkstation - ok

16:13:10.0515 2328 Lavasoft Ad-Aware Service (ed60ffd305ac0424920d146db9f9ed78) C:\Program\Lavasoft\Ad-Aware\AAWService.exe

16:13:10.0625 2328 Lavasoft Ad-Aware Service - ok

16:13:10.0687 2328 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program\Lavasoft\Ad-Aware\KernExplorer.sys

16:13:10.0687 2328 Lavasoft Kernexplorer - ok

16:13:10.0750 2328 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys

16:13:10.0750 2328 Lbd - ok

16:13:10.0812 2328 lbrtfdc - ok

16:13:10.0937 2328 LmHosts (ee155cf65cdc8be1b4effa24a69fc924) C:\WINDOWS\System32\lmhsvc.dll

16:13:10.0937 2328 LmHosts - ok

16:13:11.0000 2328 Messenger (363e8ebae26bb8b4987c91b4d3ce0f54) C:\WINDOWS\System32\msgsvc.dll

16:13:11.0000 2328 Messenger - ok

16:13:11.0156 2328 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program\Microsoft Office\Office12\GrooveAuditService.exe

16:13:11.0156 2328 Microsoft Office Groove Audit Service - ok

16:13:11.0234 2328 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

16:13:11.0234 2328 mnmdd - ok

16:13:11.0296 2328 mnmsrvc (2bc41300b822562ac0a524dcdd2da027) C:\WINDOWS\system32\mnmsrvc.exe

16:13:11.0296 2328 mnmsrvc - ok

16:13:11.0390 2328 Modem (42ce19726d9c410dff75d3ff1cc79db2) C:\WINDOWS\system32\drivers\Modem.sys

16:13:11.0390 2328 Modem - ok

16:13:11.0421 2328 Mouclass (e0c4c36573bcf0c0d2a1578caa791f7d) C:\WINDOWS\system32\DRIVERS\mouclass.sys

16:13:11.0421 2328 Mouclass - ok

16:13:11.0484 2328 mouhid (98e474ecf11f1db62fb072157a95ea83) C:\WINDOWS\system32\DRIVERS\mouhid.sys

16:13:11.0484 2328 mouhid - ok

16:13:11.0531 2328 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

16:13:11.0531 2328 MountMgr - ok

16:13:11.0546 2328 mraid35x - ok

16:13:11.0625 2328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

16:13:11.0625 2328 MRxDAV - ok

16:13:11.0718 2328 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

16:13:11.0734 2328 MRxSmb - ok

16:13:11.0750 2328 MSDTC (7a73fdeef6cf45d27edd73220eaf1c8f) C:\WINDOWS\system32\msdtc.exe

16:13:11.0765 2328 MSDTC - ok

16:13:11.0781 2328 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

16:13:11.0781 2328 Msfs - ok

16:13:11.0812 2328 MSIServer - ok

16:13:11.0859 2328 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

16:13:11.0859 2328 MSKSSRV - ok

16:13:11.0937 2328 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

16:13:11.0937 2328 MSPCLOCK - ok

16:13:11.0984 2328 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

16:13:11.0984 2328 MSPQM - ok

16:13:12.0015 2328 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

16:13:12.0015 2328 mssmbios - ok

16:13:12.0062 2328 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

16:13:12.0062 2328 MSTEE - ok

16:13:12.0125 2328 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

16:13:12.0125 2328 Mup - ok

16:13:12.0203 2328 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

16:13:12.0203 2328 NABTSFEC - ok

16:13:12.0281 2328 napagent (28d11a2ecdfcb280624bd7006d85c38e) C:\WINDOWS\System32\qagentrt.dll

16:13:12.0296 2328 napagent - ok

16:13:12.0343 2328 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

16:13:12.0359 2328 NDIS - ok

16:13:12.0390 2328 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

16:13:12.0406 2328 NdisIP - ok

16:13:12.0484 2328 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

16:13:12.0484 2328 NdisTapi - ok

16:13:12.0531 2328 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

16:13:12.0531 2328 Ndisuio - ok

16:13:12.0625 2328 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:13:12.0625 2328 NdisWan - ok

16:13:12.0671 2328 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

16:13:12.0671 2328 NDProxy - ok

16:13:12.0718 2328 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

16:13:12.0718 2328 NetBIOS - ok

16:13:12.0750 2328 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

16:13:12.0765 2328 NetBT - ok

16:13:12.0828 2328 NetDDE (5a922c8e35bf372f3dd3ec61345634b7) C:\WINDOWS\system32\netdde.exe

16:13:12.0828 2328 NetDDE - ok

16:13:12.0828 2328 NetDDEdsdm (5a922c8e35bf372f3dd3ec61345634b7) C:\WINDOWS\system32\netdde.exe

16:13:12.0843 2328 NetDDEdsdm - ok

16:13:12.0921 2328 Netlogon (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

16:13:12.0921 2328 Netlogon - ok

16:13:12.0968 2328 Netman (7f791c1c9d3fec5d3f519c9db19465d3) C:\WINDOWS\System32\netman.dll

16:13:12.0968 2328 Netman - ok

16:13:13.0015 2328 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

16:13:13.0015 2328 NIC1394 - ok

16:13:13.0109 2328 Nla (d080a76f42dfe1e7af0c069ae5bad8fc) C:\WINDOWS\System32\mswsock.dll

16:13:13.0156 2328 Nla - ok

16:13:13.0187 2328 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

16:13:13.0187 2328 Npfs - ok

16:13:13.0234 2328 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

16:13:13.0265 2328 Ntfs - ok

16:13:13.0312 2328 NtLmSsp (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

16:13:13.0312 2328 NtLmSsp - ok

16:13:13.0359 2328 NtmsSvc (5fd9f539baf23288d131f1b709a62807) C:\WINDOWS\system32\ntmssvc.dll

16:13:13.0375 2328 NtmsSvc - ok

16:13:13.0406 2328 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

16:13:13.0406 2328 Null - ok

16:13:13.0781 2328 nv (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

16:13:14.0125 2328 nv - ok

16:13:14.0156 2328 NVSvc (f96df45cfbdc670584293e03c2ab602a) C:\WINDOWS\system32\nvsvc32.exe

16:13:14.0171 2328 NVSvc - ok

16:13:14.0234 2328 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

16:13:14.0234 2328 NwlnkFlt - ok

16:13:14.0312 2328 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

16:13:14.0312 2328 NwlnkFwd - ok

16:13:14.0406 2328 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE

16:13:14.0437 2328 odserv - ok

16:13:14.0500 2328 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

16:13:14.0500 2328 ohci1394 - ok

16:13:14.0562 2328 ose (5a432a042dae460abe7199b758e8606c) C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE

16:13:14.0625 2328 ose - ok

16:13:14.0671 2328 ossrv (04fd6d19435b7b192a29428a2f60ac31) C:\WINDOWS\system32\drivers\ctoss2k.sys

16:13:14.0671 2328 ossrv - ok

16:13:14.0750 2328 Parport (19e28ed86e7244d76fda792c2810188e) C:\WINDOWS\system32\DRIVERS\parport.sys

16:13:14.0750 2328 Parport - ok

16:13:14.0812 2328 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

16:13:14.0812 2328 PartMgr - ok

16:13:14.0890 2328 ParVdm (5cf71e14a108c492c1fb07543d579af5) C:\WINDOWS\system32\drivers\ParVdm.sys

16:13:14.0890 2328 ParVdm - ok

16:13:14.0937 2328 PCI (8a185f0112cf5b42ff1aaff31b8b3091) C:\WINDOWS\system32\DRIVERS\pci.sys

16:13:14.0937 2328 PCI - ok

16:13:14.0968 2328 PCIDump - ok

16:13:15.0015 2328 PCIIde (239de4275ee40fdf9912761467025244) C:\WINDOWS\system32\DRIVERS\pciide.sys

16:13:15.0015 2328 PCIIde - ok

16:13:15.0078 2328 Pcmcia (904053aa6e251c77cf85371ce644cfd7) C:\WINDOWS\system32\drivers\Pcmcia.sys

16:13:15.0078 2328 Pcmcia - ok

16:13:15.0125 2328 PDCOMP - ok

16:13:15.0140 2328 PDFRAME - ok

16:13:15.0171 2328 PDRELI - ok

16:13:15.0187 2328 PDRFRAME - ok

16:13:15.0218 2328 perc2 - ok

16:13:15.0250 2328 perc2hib - ok

16:13:15.0312 2328 pfc (5903fa75200807ad739286bbf40c4904) C:\WINDOWS\system32\drivers\pfc.sys

16:13:15.0312 2328 pfc - ok

16:13:15.0421 2328 PhTVTune (b76a595d928b519a739a80d2695b29b3) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys

16:13:15.0421 2328 PhTVTune - ok

16:13:15.0484 2328 PlugPlay (8870b0c4a094c1ce80cea6f85fa38ff2) C:\WINDOWS\system32\services.exe

16:13:15.0484 2328 PlugPlay - ok

16:13:15.0531 2328 PolicyAgent (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

16:13:15.0531 2328 PolicyAgent - ok

16:13:15.0640 2328 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

16:13:15.0640 2328 PptpMiniport - ok

16:13:15.0671 2328 ProtectedStorage (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

16:13:15.0671 2328 ProtectedStorage - ok

16:13:15.0703 2328 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

16:13:15.0703 2328 PSched - ok

16:13:15.0734 2328 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

16:13:15.0734 2328 Ptilink - ok

16:13:15.0765 2328 ql1080 - ok

16:13:15.0781 2328 Ql10wnt - ok

16:13:15.0812 2328 ql12160 - ok

16:13:15.0843 2328 ql1240 - ok

16:13:15.0859 2328 ql1280 - ok

16:13:15.0890 2328 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

16:13:15.0890 2328 RasAcd - ok

16:13:15.0968 2328 RasAuto (15d787dffce46cfc4c7f567095ce8323) C:\WINDOWS\System32\rasauto.dll

16:13:15.0968 2328 RasAuto - ok

16:13:16.0015 2328 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

16:13:16.0015 2328 Rasl2tp - ok

16:13:16.0093 2328 RasMan (1e86de6b0df33953cf9ce449dd6e8442) C:\WINDOWS\System32\rasmans.dll

16:13:16.0093 2328 RasMan - ok

16:13:16.0125 2328 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

16:13:16.0125 2328 RasPppoe - ok

16:13:16.0140 2328 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

16:13:16.0140 2328 Raspti - ok

16:13:16.0187 2328 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

16:13:16.0203 2328 Rdbss - ok

16:13:16.0218 2328 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

16:13:16.0234 2328 RDPCDD - ok

16:13:16.0328 2328 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

16:13:16.0328 2328 RDPWD - ok

16:13:16.0390 2328 RDSessMgr (fe7c16fa5cbc560579c9728534fbaf6f) C:\WINDOWS\system32\sessmgr.exe

16:13:16.0406 2328 RDSessMgr - ok

16:13:16.0468 2328 redbook (97130d37842819fa39fd5f1e90a5d676) C:\WINDOWS\system32\DRIVERS\redbook.sys

16:13:16.0468 2328 redbook - ok

16:13:16.0531 2328 RemoteAccess (fcd42d82c6f5e0e1506eca01d692dde7) C:\WINDOWS\System32\mprdim.dll

16:13:16.0546 2328 RemoteAccess - ok

16:13:16.0625 2328 RpcLocator (2cfb81b412a5d3cbd55cefaccb5e2cee) C:\WINDOWS\system32\locator.exe

16:13:16.0625 2328 RpcLocator - ok

16:13:16.0687 2328 RpcSs (87dadc3f6e6cd5aaeb913e19cbff922c) C:\WINDOWS\system32\rpcss.dll

16:13:16.0687 2328 RpcSs - ok

16:13:16.0750 2328 RSVP (72407e48f912ed57213ae474b8a6798b) C:\WINDOWS\system32\rsvp.exe

16:13:16.0765 2328 RSVP - ok

16:13:16.0812 2328 SamSs (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

16:13:16.0812 2328 SamSs - ok

16:13:16.0859 2328 SCardSvr (d339f34d824a7d42ff4d61f1d9d06029) C:\WINDOWS\System32\SCardSvr.exe

16:13:16.0859 2328 SCardSvr - ok

16:13:16.0968 2328 Schedule (c7dc69a9d8c9ab2fbca3238c989d598f) C:\WINDOWS\system32\schedsvc.dll

16:13:16.0984 2328 Schedule - ok

16:13:17.0062 2328 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

16:13:17.0062 2328 Secdrv - ok

16:13:17.0109 2328 seclogon (ed70eb06f13062366b126b1c7475c127) C:\WINDOWS\System32\seclogon.dll

16:13:17.0125 2328 seclogon - ok

16:13:17.0140 2328 SENS (ea7b436a948c875dc94c6062fcbbc2d9) C:\WINDOWS\system32\sens.dll

16:13:17.0140 2328 SENS - ok

16:13:17.0171 2328 Serial (f7d35464062edc08909e568bcd8ae77d) C:\WINDOWS\system32\drivers\Serial.sys

16:13:17.0171 2328 Serial - ok

16:13:17.0203 2328 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

16:13:17.0203 2328 Sfloppy - ok

16:13:17.0234 2328 SharedAccess (30e1a46734bdf836c8770949c86b42a4) C:\WINDOWS\System32\ipnathlp.dll

16:13:17.0234 2328 SharedAccess - ok

16:13:17.0296 2328 ShellHWDetection (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll

16:13:17.0312 2328 ShellHWDetection - ok

16:13:17.0359 2328 Simbad - ok

16:13:17.0437 2328 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

16:13:17.0437 2328 SLIP - ok

16:13:17.0500 2328 Sparrow - ok

16:13:17.0546 2328 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

16:13:17.0546 2328 splitter - ok

16:13:17.0640 2328 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

16:13:17.0640 2328 Spooler - ok

16:13:17.0703 2328 sr (1193ef00869f6367367e6e7cb96be325) C:\WINDOWS\system32\DRIVERS\sr.sys

16:13:17.0703 2328 sr - ok

16:13:17.0718 2328 srservice (25edb60132f9d82cb1b7961c1d0d13f2) C:\WINDOWS\system32\srsvc.dll

16:13:17.0734 2328 srservice - ok

16:13:17.0781 2328 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

16:13:17.0812 2328 Srv - ok

16:13:17.0843 2328 SSDPSRV (53ffc29dc150e0107f28f0a622ff8d1a) C:\WINDOWS\System32\ssdpsrv.dll

16:13:17.0859 2328 SSDPSRV - ok

16:13:17.0937 2328 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

16:13:17.0937 2328 ssmdrv - ok

16:13:18.0015 2328 stisvc (5835d4ad35905215e1059a973b022ea1) C:\WINDOWS\system32\wiaservc.dll

16:13:18.0015 2328 stisvc - ok

16:13:18.0109 2328 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

16:13:18.0109 2328 streamip - ok

16:13:18.0156 2328 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

16:13:18.0156 2328 swenum - ok

16:13:18.0171 2328 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

16:13:18.0171 2328 swmidi - ok

16:13:18.0203 2328 SwPrv - ok

16:13:18.0218 2328 symc810 - ok

16:13:18.0250 2328 symc8xx - ok

16:13:18.0265 2328 sym_hi - ok

16:13:18.0296 2328 sym_u3 - ok

16:13:18.0343 2328 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

16:13:18.0343 2328 sysaudio - ok

16:13:18.0406 2328 SysmonLog (71a08eec00a703445a2cbc0e91ef0952) C:\WINDOWS\system32\smlogsvc.exe

16:13:18.0406 2328 SysmonLog - ok

16:13:18.0468 2328 TapiSrv (18261106524f7a93ceceacdc03a5b989) C:\WINDOWS\System32\tapisrv.dll

16:13:18.0484 2328 TapiSrv - ok

16:13:18.0562 2328 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

16:13:18.0625 2328 Tcpip - ok

16:13:18.0718 2328 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

16:13:18.0718 2328 TDPIPE - ok

16:13:18.0812 2328 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

16:13:18.0812 2328 TDTCP - ok

16:13:18.0843 2328 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

16:13:18.0843 2328 TermDD - ok

16:13:18.0875 2328 TermService (f89c53d455420df4d66e45842fb3a46e) C:\WINDOWS\System32\termsrv.dll

16:13:18.0937 2328 TermService - ok

16:13:19.0000 2328 Themes (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll

16:13:19.0000 2328 Themes - ok

16:13:19.0031 2328 TosIde - ok

16:13:19.0062 2328 TrkWks (548867e040cb81a82b5df09d074f95f8) C:\WINDOWS\system32\trkwks.dll

16:13:19.0062 2328 TrkWks - ok

16:13:19.0125 2328 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

16:13:19.0125 2328 Udfs - ok

16:13:19.0156 2328 ultra - ok

16:13:19.0203 2328 UMWdf (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe

16:13:19.0218 2328 UMWdf - ok

16:13:19.0265 2328 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

16:13:19.0281 2328 Update - ok

16:13:19.0328 2328 upnphost (b1222a2302480d56a32c5343150bb16d) C:\WINDOWS\System32\upnphost.dll

16:13:19.0343 2328 upnphost - ok

16:13:19.0406 2328 UPS (7b07af3d4545ad6fee34b5f2eb247c8f) C:\WINDOWS\System32\ups.exe

16:13:19.0406 2328 UPS - ok

16:13:19.0500 2328 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

16:13:19.0500 2328 usbehci - ok

16:13:19.0546 2328 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

16:13:19.0546 2328 usbhub - ok

16:13:19.0640 2328 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

16:13:19.0640 2328 usbscan - ok

16:13:19.0687 2328 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

16:13:19.0687 2328 USBSTOR - ok

16:13:19.0734 2328 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

16:13:19.0734 2328 usbuhci - ok

16:13:19.0750 2328 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

16:13:19.0750 2328 VgaSave - ok

16:13:19.0781 2328 ViaIde - ok

16:13:19.0812 2328 VolSnap (57187ec04878147e1f4f2d9224b12205) C:\WINDOWS\system32\drivers\VolSnap.sys

16:13:19.0812 2328 VolSnap - ok

16:13:19.0843 2328 VSS (940950dc9e34b05986bbbb1d1a33b74f) C:\WINDOWS\System32\vssvc.exe

16:13:19.0859 2328 VSS - ok

16:13:19.0953 2328 W32Time (4bf06a1dcd6a91c482e79340fee527ca) C:\WINDOWS\system32\w32time.dll

16:13:19.0953 2328 W32Time - ok

16:13:20.0031 2328 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:13:20.0031 2328 Wanarp - ok

16:13:20.0078 2328 WDICA - ok

16:13:20.0140 2328 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

16:13:20.0140 2328 wdmaud - ok

16:13:20.0156 2328 WebClient (e6dfcadf5089a68ecd288e9a803a892c) C:\WINDOWS\System32\webclnt.dll

16:13:20.0171 2328 WebClient - ok

16:13:20.0234 2328 winmgmt (cf4e2a27495f7ea6b3128d9a731b3716) C:\WINDOWS\system32\wbem\WMIsvc.dll

16:13:20.0250 2328 winmgmt - ok

16:13:20.0343 2328 WmdmPmSN (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\mspmsnsv.dll

16:13:20.0343 2328 WmdmPmSN - ok

16:13:20.0390 2328 WmiApSrv (9bfadc02a9e27bfdff59e61302f92517) C:\WINDOWS\system32\wbem\wmiapsrv.exe

16:13:20.0390 2328 WmiApSrv - ok

16:13:20.0484 2328 WN5401 (f87497cf86995df3b075234235682647) C:\WINDOWS\system32\DRIVERS\wn5401.sys

16:13:20.0500 2328 WN5401 - ok

16:13:20.0578 2328 wscsvc (4ac32513fa47c8219448269bf895fc34) C:\WINDOWS\system32\wscsvc.dll

16:13:20.0578 2328 wscsvc - ok

16:13:20.0671 2328 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

16:13:20.0671 2328 WSTCODEC - ok

16:13:20.0718 2328 wuauserv (4ceaf29d35c2608c6463e80574ddca10) C:\WINDOWS\system32\wuauserv.dll

16:13:20.0718 2328 wuauserv - ok

16:13:20.0796 2328 WZCSVC (5ec7d7f83640a921b5c616d9650520fd) C:\WINDOWS\System32\wzcsvc.dll

16:13:20.0812 2328 WZCSVC - ok

16:13:20.0843 2328 xcpip - ok

16:13:20.0875 2328 xmlprov (5b3d475aa8629320686fbffbe67ab492) C:\WINDOWS\System32\xmlprov.dll

16:13:20.0921 2328 xmlprov - ok

16:13:20.0953 2328 xpsec - ok

16:13:21.0031 2328 MBR (0x1B8) (32ea511f84f0d7e8c9aaa572369bf0a5) \Device\Harddisk0\DR0

16:13:21.0031 2328 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

16:13:21.0031 2328 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

16:13:21.0046 2328 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

16:13:21.0046 2328 \Device\Harddisk1\DR1 - ok

16:13:21.0046 2328 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk6\DR12

16:13:23.0750 2328 \Device\Harddisk6\DR12 - ok

16:13:23.0750 2328 Boot (0x1200) (4d1d2663618049dea5e6d32b637a7972) \Device\Harddisk0\DR0\Partition0

16:13:23.0750 2328 \Device\Harddisk0\DR0\Partition0 - ok

16:13:23.0765 2328 Boot (0x1200) (a73406fbd63abcf32175f4d271b7fe42) \Device\Harddisk1\DR1\Partition0

16:13:23.0765 2328 \Device\Harddisk1\DR1\Partition0 - ok

16:13:23.0781 2328 Boot (0x1200) (3eddc0dc8a77fd6f5167d8542e1e13f3) \Device\Harddisk6\DR12\Partition0

16:13:23.0781 2328 \Device\Harddisk6\DR12\Partition0 - ok

16:13:23.0781 2328 ============================================================

16:13:23.0781 2328 Scan finished

16:13:23.0781 2328 ============================================================

16:13:23.0812 2292 Detected object count: 1

16:13:23.0812 2292 Actual detected object count: 1

16:15:05.0859 2292 \Device\Harddisk0\DR0\# - copied to quarantine

16:15:05.0859 2292 \Device\Harddisk0\DR0 - copied to quarantine

16:15:05.0859 2292 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot

16:15:05.0859 2292 \Device\Harddisk0\DR0 - ok

16:15:05.0859 2292 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure

16:15:30.0109 1024 Deinitialize success

 

 

 

 

och nästa

 

 

 

16:18:00.0812 3860 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02

16:18:00.0875 3860 ============================================================

16:18:00.0875 3860 Current date / time: 2012/04/07 16:18:00.0875

16:18:00.0875 3860 SystemInfo:

16:18:00.0875 3860

16:18:00.0875 3860 OS Version: 5.1.2600 ServicePack: 3.0

16:18:00.0875 3860 Product type: Workstation

16:18:00.0875 3860 ComputerName: DEFAULT

16:18:00.0875 3860 UserName: User

16:18:00.0875 3860 Windows directory: C:\WINDOWS

16:18:00.0875 3860 System windows directory: C:\WINDOWS

16:18:00.0875 3860 Processor architecture: Intel x86

16:18:00.0875 3860 Number of processors: 2

16:18:00.0875 3860 Page size: 0x1000

16:18:00.0875 3860 Boot type: Normal boot

16:18:00.0875 3860 ============================================================

16:18:03.0921 3860 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

16:18:03.0921 3860 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054

16:18:04.0046 3860 Drive \Device\Harddisk6\DR8 - Size: 0x3A9440000 (14.64 Gb), SectorSize: 0x200, Cylinders: 0x777, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

16:18:04.0046 3860 \Device\Harddisk0\DR0:

16:18:04.0046 3860 MBR used

16:18:04.0046 3860 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C548F

16:18:04.0046 3860 \Device\Harddisk1\DR1:

16:18:04.0046 3860 MBR used

16:18:04.0046 3860 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4191

16:18:04.0046 3860 \Device\Harddisk6\DR8:

16:18:04.0046 3860 MBR used

16:18:04.0046 3860 \Device\Harddisk6\DR8\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1D48280

16:18:04.0109 3860 Initialize success

16:18:04.0109 3860 ============================================================

16:26:44.0078 3836 Deinitialize success

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Ok så bra att ditt antivirusprogram hittar och åtgärdar fulingar också,TDSSkiller hittade också en riktig fuling som var bra att få bort!

 

Avinstallera då C:\Program\Ask.com!

 

Vi får köra en vända med ComboFix också :)

 

ComboFix för Windows XP och Windows Vista:

 

Skriv ut nedanstående eller kopiera det till ett textdokument och spara det till skrivbordet:

Läs/Följ Instruktionerna mycket noga

 

Hämta hem ComboFix från nedanstående länk

=> ComboFix.exe

 

1: Spara ComboFix till skrivbordet "Mycket viktigt"

Stäng av alla program du ser inklusive antivirusprogram, antispionprogram. Men låt brandväggen vara på.

Information om hur du stänger av ditt antivirusprogram finns Här

 

2: Dubbelklicka på ComboFix för att starta den

(För Vista-användare: Högerklicka och välj Kör som Administratör:)

3: Följ anvisningarna som visas på skärmen.

 

t_abNETLpMZ.gif

4: Om du får förfrågan om du vill installera återställningskonsolen så svara ja.

Denna gör det möjligt att starta datorn i ett särskild återställningsläge vilket kan vara bra om något händer med datorn under de kommande procedurerna.

5: När den är färdig så skall en text-logg komma upp, kopiera och klistra in den hit till din tråd

Kan även hittas här => (C:\ComboFix.txt)

 

VIKTIGT! Klicka INTE på Combofix-fönstret med musen när ComboFix körs annars kan scanningen hänga upp sig.

 

VIKTIGT: Kontrollera att antivirusprogram/antispionprogram mm är återaktiverade innan du ansluter till Internet.

 

OBSERVERA:

Verktyget/Programmet kan ge problem med uppkopplingen (tex trådlös).

Om problem uppstår prova då nedanstående.

Gå till => Kontrollpanelen => Nätverksanslutningar => högerklicka på din Internetanslutning => välj Reparera

Och/Eller

Starta om datorn.

 

OBS:

Kopiera INTE in loggan (textfilen) som bifogad fil ej heller inom code-taggar eller annat.

Kopiera/klistra in loggan DIREKT i ditt inlägg.

 

Lycka till

 

MVH/Laston

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

När jag skall hämta ComboFix och klickar på länken så kommer jag till nerladdningssidan först. Jag hinner då markera spara till skrivbordet sedan försvinner nerladdningsrutan och när jag klickar på länken igen blinkar den till i 2 sec ca. Det går inte att ladda ner på min dator av någon anledning. Det var därför jag tänkte ladda ner från annan dator till USB. Hur göra?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Postad (redigerade)

Ok det är otrevligheterna som spärrar nedladdningen,antingen laddar du ner den på annan dator och för över med usb-minne till den infekterade datorn eller så provar du att döpa om ComboFix till tex Explorer.exe när den skall sparas istället!!

Redigerad av Laston

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag antar att du med datorn menar att ditt antivirusprogram säger att ComboFix är skadligt för datorn men välj bara att godkänna eller ignorera larmet för du ska ju ändå inte köra ComboFix på den datorn!!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Här är loggen från ComboFix

 

 

ComboFix 12-04-07.04 - User 2012-04-08 18:02:33.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1022.504 [GMT 2:00]

Körs från: c:\documents and settings\User\Skrivbord\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\User\Recent\Thumbs.db

c:\documents and settings\User\WINDOWS

.

.

((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_xcpip

.

.

(((((((((((((((((((((((( Filer skapade från 2012-03-08 till 2012-04-08 ))))))))))))))))))))))))))))))

.

.

2012-04-07 14:15 . 2012-04-07 14:15 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 20:00 . 2012-04-05 20:00 -------- d-----w- c:\documents and settings\User\Application Data\TrojanHunter

2012-04-05 17:46 . 2012-04-05 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\TrojanHunter

2012-04-05 14:55 . 2012-04-05 14:55 159608 ----a-w- c:\windows\system32\mfevtps.exe.676a.deleteme

2012-04-05 14:46 . 2012-04-05 14:55 14664 ----a-w- c:\windows\stinger.sys

2012-04-05 14:46 . 2012-04-05 14:46 159608 ----a-w- c:\windows\system32\mfevtps.exe.6101.deleteme

2012-04-05 14:46 . 2012-04-05 17:34 -------- d-----w- c:\program\stinger

2012-04-04 13:48 . 2012-04-04 13:48 -------- d-----w- c:\documents and settings\User\Application Data\f-secure

2012-04-04 13:47 . 2012-04-04 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

2012-04-04 10:26 . 2012-04-04 10:31 -------- d-----w- c:\documents and settings\LocalService\Application Data\Personal

2012-04-03 18:02 . 2012-04-03 18:02 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

2012-04-02 23:38 . 2012-04-02 23:38 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Personal

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-22 15:54 . 2011-07-01 14:05 1480 ----a-w- c:\windows\AUTOLNCH.REG

2012-02-28 07:50 . 2011-06-17 09:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:57 . 2004-08-04 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-11 19:07 . 2012-02-15 02:59 3072 ------w- c:\windows\system32\iacenc.dll

2012-01-09 16:20 . 2009-08-05 10:27 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RemoteControl"="c:\program\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"nwiz"="nwiz.exe" [2008-09-17 1657376]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]

"NeroFilterCheck"="c:\program\Delade filer\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]

"GrooveMonitor"="c:\program\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"CTHelper"="CTHELPER.EXE" [2003-11-13 24576]

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]

"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2011-05-19 155648]

"Device Detector"="c:\program\Delade filer\ACD Systems\EN\DevDetect.exe" [2004-09-02 221184]

"hplampc"="c:\windows\system32\hplampc.exe" [2002-01-17 40448]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"THGuard"="k:\trojan hunter\TrojanHunter 5.5\THGuard.exe" [2011-12-06 1088280]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SetDefaultMidi"="MIDIDEF.EXE" [2003-06-20 49152]

.

c:\documents and settings\User\Start-meny\Program\Autostart\

Skärmurklipp och start för OneNote 2007.lnk - c:\program\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\All Users\Start-meny\Program\Autostart\

BankID säkerhetsprogram.lnk - c:\program\Personal\bin\Personal.exe [2011-2-15 1086288]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Telenor Mobilt Bredband.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Telenor Mobilt Bredband.lnk

backup=c:\windows\pss\Telenor Mobilt Bredband.lnkCommon Startup

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program\\Spotify\\spotify.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-04-20 64288]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-08-20 136360]

R2 GtDetectSc;GtDetectSc;c:\program\Option\Telenor Mobilt Bredband\GtDetectSc.exe [2007-12-18 196704]

R3 hp4200c;%usbscan.SvcDesc%;c:\windows\system32\drivers\hp4200c.sys [2011-07-01 9312]

R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-10-24 24544]

R3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [2005-01-06 449920]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 135664]

S3 97fnb7o.sys;97fnb7o.sys;\??\c:\windows\system32\drivers\97fnb7o.sys --> c:\windows\system32\drivers\97fnb7o.sys [?]

S3 esgiguard;esgiguard;\??\c:\program\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program\Enigma Software Group\SpyHunter\esgiguard.sys [?]

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-02-18 106624]

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-02-08 59648]

S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 135664]

S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program\Lavasoft\Ad-Aware\AAWService.exe [2010-08-12 2152152]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program\Lavasoft\Ad-Aware\kernexplorer.sys [2010-08-12 15232]

S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

.

--- Övriga tjänster/drivrutiner i minnet ---

.

*NewlyCreated* - WS2IFSL

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2012-04-07 c:\windows\Tasks\Ad-Aware Scan (vanlig koll).job

- c:\program\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:40]

.

2012-04-07 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:40]

.

2012-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 13:10]

.

2012-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 13:10]

.

2012-04-08 c:\windows\Tasks\RegistryBooster.job

- c:\program\Uniblue\RegistryBooster\rbmonitor.exe [2012-04-03 08:26]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.67.199.27 195.67.199.28 195.67.199.29

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-Run-SunJavaUpdateSched - c:\program\Java\jre6\bin\jusched.exe

MSConfigStartUp-SpyHunter Security Suite - c:\program\Enigma Software Group\SpyHunter\SpyHunter4.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-04-08 18:10

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_USERS\S-1-5-21-1192121602-2435800650-3057968084-1007\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

--------------------- DLL'er som "laddats" under processer som körs ---------------------

.

- - - - - - - > 'explorer.exe'(412)

c:\windows\system32\nview.dll

c:\program\Delade filer\Ahead\Lib\NeroSearchBar.dll

c:\program\Delade filer\Ahead\Lib\NeroSearchTrayHook.dll

c:\program\Delade filer\Ahead\Lib\MFC71U.DLL

c:\program\Delade filer\Ahead\Lib\BCGCBPRO800u.dll

c:\windows\system32\webcheck.dll

.

------------------------ Andra processer som körs ------------------------

.

c:\program\Avira\AntiVir Desktop\avguard.exe

c:\program\Java\jre6\bin\jqs.exe

c:\program\Avira\AntiVir Desktop\avshadow.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\RUNDLL32.EXE

c:\windows\system32\rundll32.exe

c:\windows\AGRSMMSG.exe

c:\windows\system32\wdfmgr.exe

.

**************************************************************************

.

Sluttid: 2012-04-08 18:12:27 - datorn startades om.

ComboFix-quarantined-files.txt 2012-04-08 16:12

.

Före genomsökningen: 226 509 737 984 byte ledigt

Efter genomsökningen: 228 204 621 824 byte ledigt

.

WindowsXP-KB310994-SP2-Home-BootDisk-SVE.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - CE28FF5020523DDFC98F532E35305044

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Härligt där försvann lite mer otrevligheter!!

Avinstallera Registry Booster,detta program ger jag inte mycket för!!

 

Gå till nedanstående sida:

http://www.virustotal.com/

 

t_LgwChUDoT.gif

1: Kopiera/Klistra in ett av följande filnamn i text-fältet bredvid Bläddra-knappen

(ELLER använd Bläddra-knappen och navigera dig fram enligt nedanstående sökväg/sökvägar)

 

c:\windows\AUTOLNCH.REG

 

t_SyNnkiqad.gif

2: Klicka på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd).

3: Klistra in resultatet från de olika antivirusprogrammen (inkl. filstorlek) här till din tråd (dock ej Övrig information)

 

Vad finns i denna mapp??

c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

 

 

Hämta hem Malwarebytes Anti-Malware:

http://www.malwarebytes.org/index.php

 

1: Spara installationsfilen till skrivbordet

2: För att påbörja installationen dubbelklicka på mbam-setup.exe

3: Bocka för nedanstående

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

4: Klicka på Slutför

Om där finns uppdateringar kommer dessa att installeras.

 

Då ovanstående är gjort gå vidare med nedanstående procedur:

 

1: När programmet startar så välj Utför snabb scanning

2: Klicka på knappen Scanna

3: Scanningen kommer nu att ta en stund

3: När programmet scannat klart klicka Ok och sedan Visa resultat

4: Bocka för allt och klicka på Remove Selected

5: Då borttagningen är klar kommer en textfil i Anteckningar att öppnas upp med en logg. Kopiera/klistra in den loggan hit till din tråd.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det kom inte upp någon info i raden under Resultat

 

 

Övrig info enl nedan

 

 

 

ssdeep

24:FxrkWE2++CaTzl/frSa5Gut+CaXuzl/SuxIUr5tOc+Ca+zl/i:FxmMEaEuEPIwR

First seen by VirusTotal

2012-04-08 18:42:16 UTC ( 1 minut ago )

Last seen by VirusTotal

2012-04-08 18:42:16 UTC ( 1 minut ago )

File names (max. 25)

  1. C:\WINDOWS\AUTOLNCH.REG

 

 

 

 

Vad finns i denna mapp??

c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

 

 

1st tom mapp och 4 st textdokument enl nedan

 

 

1.

 

 

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

Win32

 

 

2.

 

 

-2147483646,"SOFTWARE\Uniblue\Registry Booster2",LANG

C:\Program\Uniblue\RegistryBooster\settings.ini

"C:\Documents and Settings\All Users\Start-meny\Program\Uniblue\RegistryBooster","C:\Documents and Settings\All Users\Start-meny\Program\Uniblue"

"C:\Documents and Settings\All Users\Start-meny\Program\Uniblue\RegistryBooster\Avinstallera RegistryBooster.lnk"

-2147483646,"SOFTWARE\Uniblue\Registry Booster2",LANG

"C:\Documents and Settings\All Users\Start-meny\Program\Uniblue\RegistryBooster\Avinstallera RegistryBooster.lnk"

"C:\Documents and Settings\All Users\Start-meny\Program\Uniblue\RegistryBooster\RegistryBooster.lnk"

"C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk"

"C:\Documents and Settings\User\Skrivbord\Uniblue RegistryBooster.lnk"

-2147483646,"SOFTWARE\Uniblue\Registry Booster2",set_scan

-2147483646,"SOFTWARE\Uniblue\Registry Booster2",InstalledLocation

C:\Program\Uniblue\RegistryBooster\locale\br\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\br

C:\Program\Uniblue\RegistryBooster\locale\br\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\br\br.dll

C:\Program\Uniblue\RegistryBooster\locale\de\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\de

C:\Program\Uniblue\RegistryBooster\locale\de\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\de\de.dll

C:\Program\Uniblue\RegistryBooster\locale\dk\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\dk

C:\Program\Uniblue\RegistryBooster\locale\dk\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\dk\dk.dll

C:\Program\Uniblue\RegistryBooster\locale\en\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\en

C:\Program\Uniblue\RegistryBooster\locale\en\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\en\en.dll

C:\Program\Uniblue\RegistryBooster\locale\es\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\es

C:\Program\Uniblue\RegistryBooster\locale\es\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\es\es.dll

C:\Program\Uniblue\RegistryBooster\locale\fi\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\fi

C:\Program\Uniblue\RegistryBooster\locale\fi\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\fi\fi.dll

C:\Program\Uniblue\RegistryBooster\locale\fr\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\fr

C:\Program\Uniblue\RegistryBooster\locale\fr\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\fr\fr.dll

C:\Program\Uniblue\RegistryBooster\locale\gr\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\gr

C:\Program\Uniblue\RegistryBooster\locale\gr\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\gr\gr.dll

C:\Program\Uniblue\RegistryBooster\locale\it\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\it

C:\Program\Uniblue\RegistryBooster\locale\it\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\it\it.dll

C:\Program\Uniblue\RegistryBooster\locale\jp\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\jp

C:\Program\Uniblue\RegistryBooster\locale\jp\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\jp\jp.dll

C:\Program\Uniblue\RegistryBooster\locale\nl\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\nl

C:\Program\Uniblue\RegistryBooster\locale\nl\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\nl\nl.dll

C:\Program\Uniblue\RegistryBooster\locale\no\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\no

C:\Program\Uniblue\RegistryBooster\locale\no\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\no\no.dll

C:\Program\Uniblue\RegistryBooster\locale\pl\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\pl

C:\Program\Uniblue\RegistryBooster\locale\pl\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\pl\pl.dll

C:\Program\Uniblue\RegistryBooster\locale\pt\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\pt

C:\Program\Uniblue\RegistryBooster\locale\pt\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\pt\pt.dll

C:\Program\Uniblue\RegistryBooster\locale\ru\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\ru

C:\Program\Uniblue\RegistryBooster\locale\ru\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\ru\ru.dll

C:\Program\Uniblue\RegistryBooster\locale\se\LC_MESSAGES

C:\Program\Uniblue\RegistryBooster\locale\se\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\se\se.dll

C:\Program\Uniblue\RegistryBooster\locale\tr\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\tr

C:\Program\Uniblue\RegistryBooster\locale\tr\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\tr\tr.dll

C:\Program\Uniblue\RegistryBooster\locale\xs\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\xs

C:\Program\Uniblue\RegistryBooster\locale\xs\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\xs\xs.dll

C:\Program\Uniblue\RegistryBooster\locale\xt\LC_MESSAGES,C:\Program\Uniblue\RegistryBooster\locale\xt

C:\Program\Uniblue\RegistryBooster\locale\xt\LC_MESSAGES\messages.mo

C:\Program\Uniblue\RegistryBooster\locale\xt\xt.dll

"C:\Program\Uniblue\RegistryBooster\Third Party Terms"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\comtypes.txt"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\cwebpage.dll.html"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\decorator.py.txt"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\ordereddict.py.txt"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\py2exe.txt"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\python-changes.txt"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\python.txt"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\simplejson.txt"

"C:\Program\Uniblue\RegistryBooster\Third Party Terms\wmi.txt"

C:\Program\Uniblue\RegistryBooster\cwebpage.dll

C:\Program\Uniblue\RegistryBooster\InstallerExtensions.dll

C:\Program\Uniblue\RegistryBooster\intermediate_views.dat

C:\Program\Uniblue\RegistryBooster\latest_scan_results.xsl

C:\Program\Uniblue\RegistryBooster\Launcher.exe

C:\Program\Uniblue\RegistryBooster\library.dat

C:\Program\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program\Uniblue\RegistryBooster\rbnotifier.exe

C:\Program\Uniblue\RegistryBooster\rb_move_serial.exe

C:\Program\Uniblue\RegistryBooster\rb_ubm.exe

C:\Program\Uniblue\RegistryBooster\registrybooster.exe

C:\Program\Uniblue\RegistryBooster\repair_transform.xsl

C:\Program\Uniblue\RegistryBooster\views.dat

C:\Program\Uniblue\RegistryBooster\Microsoft.VC90.CRT.manifest

C:\Program\Uniblue\RegistryBooster\msvcp90.dll

C:\Program\Uniblue\RegistryBooster\msvcr90.dll

-2147483646,"Software\Uniblue\Registry Booster2",LatestDownloadUrl

-2147483646,"Software\Uniblue\Registry Booster2",CampaignDownloadUrl

-2147483646,"Software\Uniblue\Registry Booster2",PurchaseUrl

-2147483646,"Software\Uniblue\Registry Booster2",SuppressPurchaseParams

-2147483646,"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster",NoModify

 

 

3.

 

 

 

 

Delete Registry

Delete File

Delete Folder

Delete File

Delete Registry

Delete File

Delete File

Delete File

Delete File

Delete Registry

Delete Registry

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete Folder

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete File

Delete Registry

Delete Registry

Delete Registry

Delete Registry

Delete Registry

 

 

 

4.

 

 

512

1024

2048

1024

512

1024

1024

1024

1024

512

512

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

1024

1024

1024

2048

1024

1024

2048

1024

1024

2048

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

1024

512

512

512

512

512

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skanningen från Anti-Malware

 

 

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

 

Databasversion: v2012.04.08.06

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

User :: DEFAULT [administratör]

 

2012-04-08 21:29:39

mbam-log-2012-04-08 (21-29-39).txt

 

Skanningstyp: Snabbskanning

Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM

Inaktiverade skanningsalternativ: P2P

Antal skannade objekt: 237093

Förfluten tid: 5 minut(er), 6 sekund(er)

 

Upptäckta minnesprocesser: 0

(Inga skadliga poster hittades)

 

Upptäckta minnesmoduler: 0

(Inga skadliga poster hittades)

 

Upptäckta registernycklar: 0

(Inga skadliga poster hittades)

 

Upptäckta registervärden: 0

(Inga skadliga poster hittades)

 

Upptäckta registerdataposter: 0

(Inga skadliga poster hittades)

 

Upptäckta mappar: 0

(Inga skadliga poster hittades)

 

Upptäckta filer: 0

(Inga skadliga poster hittades)

 

(klar)

 

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Cecilia! Det var ovana i hanteringen av inlägg som gjorde att jag inte fortsatte på den första tråden. Ber hämed om ursäkt för detta. Är överväldigad av all hjälp jag fått. Trodde inte att sådan fanns att tillgå. Tack för att ni finns. Önskar fortsatt trevlig helg Mvh Spinnaren 357.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...