Just nu i M3-nätverket
Gå till innehåll
Eforum är stängt för nya inlägg och svar sedan 20 juni 2022. Klicka för att läsa vad som hände och om alternativ.

Problem med inloggning på internetbanken

spinnare357

Startad av spinnare357,
i Virus, skadliga program & botemedel

Rekommendera Poster

Laston

Laston

Postad
Postad

Hej! Kan du prova att skanna den där filen igen på virustotal?

Hur fungerar datorn nu då,kvarstår det några problem?

 

Mvh Laston

Länk till kommentar
Dela på andra webbplatser
  • Svars 99
  • Skapad
  • Senaste svar
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Menade du denna

 

 

SHA256:3ec2f2dd419602917eb6463944967df09e7ec92ae4b01c8ef8850ff1b0334b66SHA1:e338979b7770b178aaf1f0d2a742c7bb46ff843fMD5:d6ad6c1ffc4a1698a556d239dce27408File size:1.4 kB ( 1480 bytes ) File name:C:\WINDOWS\AUTOLNCH.REGFile type:unknownDetection ratio:0 / 42Analysis date:2012-04-08 18:42:16 UTC ( 13 timmar, 59 minuter ago

 

 

ssdeep

24:FxrkWE2++CaTzl/frSa5Gut+CaXuzl/SuxIUr5tOc+Ca+zl/i:FxmMEaEuEPIwR

First seen by VirusTotal

2012-04-08 18:42:16 UTC ( 13 timmar, 59 minuter ago )

Last seen by VirusTotal

2012-04-08 18:42:16 UTC ( 13 timmar, 59 minuter ago )

File names (max. 25)

  1. C:\WINDOWS\AUTOLNCH.REG

 

Ja fel kvarstår. Det går inte att ladda ner program. Ex: några av dom program som du har föreslagit

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Har uppdaterat och skannat igen med Anti-Malware.

 

 

 

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

 

Databasversion: v2012.04.09.02

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

User :: DEFAULT [administratör]

 

2012-04-09 11:07:07

mbam-log-2012-04-09 (11-07-07).txt

 

Skanningstyp: Snabbskanning

Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM

Inaktiverade skanningsalternativ: P2P

Antal skannade objekt: 237066

Förfluten tid: 3 minut(er), 6 sekund(er)

 

Upptäckta minnesprocesser: 0

(Inga skadliga poster hittades)

 

Upptäckta minnesmoduler: 0

(Inga skadliga poster hittades)

 

Upptäckta registernycklar: 0

(Inga skadliga poster hittades)

 

Upptäckta registervärden: 0

(Inga skadliga poster hittades)

 

Upptäckta registerdataposter: 0

(Inga skadliga poster hittades)

 

Upptäckta mappar: 0

(Inga skadliga poster hittades)

 

Upptäckta filer: 0

(Inga skadliga poster hittades)

 

(klar)

 

 

 

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Ok då kör vi vidare då!

1.Spara RougueKiller på Skrivbordet.

http://www.sur-la-to...om/RogueKiller/

Stäng av alla program.

 

Kör RogueKiller. Om det inte går att köra så pröva med att döpa om programmet till winlogon.

 

Vänta tills "Prescan" har avslutats.

Klicka på "Scan"-knappen uppe till höger.

Vänta tills skanningen är klar.

En rapport ska då ha skapats på Skrivbordet.

 

Om något har hittats så klicka på "Delete"-knappen.

En till rapport ska då ha skapats på Skrivbordet.

 

Klicka på "ShortcutsFix"-knappen.

En till rapport ska då ha skapats på Skrivbordet.

 

Klistra in innehållet i alla "RKreport.txt", som finns på Skrivbordet, i ditt svar!

 

2.Spara aswMBR på skrivbordet: http://public.avast.com/~gmerek/aswMBR.exe

Starta om datorn och låt bli att starta några program.

Dubbel-klicka på aswMBR.exe för att köra programmet.

Klicka på Scan-knappen för att börja genomsökningen.

När den är klar så spara (Save) loggen på skrivbordet.

Klistra in loggen i ditt svar här.

 

 

Mvh Laston

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Det kom inte upp någon rapport på skrivbordet

 

Om jag klickar på "Report" kommer detta

 

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo...13-roguekiller/

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Remove -- Date: 04/09/2012 12:30:40

 

¤¤¤ Bad processes: 0 ¤¤¤

 

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xF7B9918C)

SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xF7B99146)

SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xF7B99196)

SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xF7B9913C)

SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xF7B9914B)

SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xF7B99155)

SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xF7B99187)

SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xF7B9915A)

SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xF7B99128)

SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xF7B9912D)

SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xF7B99164)

SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xF7B9915F)

SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xF7B9919B)

SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xF7B99150)

SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xF7B99137)

S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B991A0)

S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B991A5)

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: Maxtor 6L250S0 +++++

--- User ---

[MBR] 560e532e962c35377a539b3329f8942e

[bSP] fc953d8d4a7525b310947b4a6e2f2172 : MBR Code unknown

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238474 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: WDC WD2500JS-60MHB1 +++++

--- User ---

[MBR] 97e14cd435d86ae8227da99e8d1e671a

[bSP] 535a9eb9bcfaa8632b74e207e22cb9bd : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

 

 

 

Hittade rapporterna. Här kommer dom.

 

 

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Scan -- Date: 04/09/2012 12:29:21

 

¤¤¤ Bad processes: 0 ¤¤¤

 

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xF7B9918C)

SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xF7B99146)

SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xF7B99196)

SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xF7B9913C)

SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xF7B9914B)

SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xF7B99155)

SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xF7B99187)

SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xF7B9915A)

SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xF7B99128)

SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xF7B9912D)

SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xF7B99164)

SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xF7B9915F)

SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xF7B9919B)

SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xF7B99150)

SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xF7B99137)

S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B991A0)

S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B991A5)

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: Maxtor 6L250S0 +++++

--- User ---

[MBR] 560e532e962c35377a539b3329f8942e

[bSP] fc953d8d4a7525b310947b4a6e2f2172 : MBR Code unknown

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238474 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: WDC WD2500JS-60MHB1 +++++

--- User ---

[MBR] 97e14cd435d86ae8227da99e8d1e671a

[bSP] 535a9eb9bcfaa8632b74e207e22cb9bd : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

 

 

 

1.

 

 

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Scan -- Date: 04/09/2012 12:29:21

 

¤¤¤ Bad processes: 0 ¤¤¤

 

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xF7B9918C)

SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xF7B99146)

SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xF7B99196)

SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xF7B9913C)

SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xF7B9914B)

SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xF7B99155)

SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xF7B99187)

SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xF7B9915A)

SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xF7B99128)

SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xF7B9912D)

SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xF7B99164)

SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xF7B9915F)

SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xF7B9919B)

SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xF7B99150)

SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xF7B99137)

S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B991A0)

S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B991A5)

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: Maxtor 6L250S0 +++++

--- User ---

[MBR] 560e532e962c35377a539b3329f8942e

[bSP] fc953d8d4a7525b310947b4a6e2f2172 : MBR Code unknown

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238474 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: WDC WD2500JS-60MHB1 +++++

--- User ---

[MBR] 97e14cd435d86ae8227da99e8d1e671a

[bSP] 535a9eb9bcfaa8632b74e207e22cb9bd : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

 

 

 

2.

 

 

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Remove -- Date: 04/09/2012 12:30:40

 

¤¤¤ Bad processes: 0 ¤¤¤

 

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xF7B9918C)

SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xF7B99146)

SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xF7B99196)

SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xF7B9913C)

SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xF7B9914B)

SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xF7B99155)

SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xF7B99187)

SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xF7B9915A)

SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xF7B99128)

SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xF7B9912D)

SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xF7B99164)

SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xF7B9915F)

SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xF7B9919B)

SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xF7B99150)

SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xF7B99137)

S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B991A0)

S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B991A5)

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: Maxtor 6L250S0 +++++

--- User ---

[MBR] 560e532e962c35377a539b3329f8942e

[bSP] fc953d8d4a7525b310947b4a6e2f2172 : MBR Code unknown

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238474 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: WDC WD2500JS-60MHB1 +++++

--- User ---

[MBR] 97e14cd435d86ae8227da99e8d1e671a

[bSP] 535a9eb9bcfaa8632b74e207e22cb9bd : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

 

 

 

3.

 

 

 

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Shortcuts HJfix -- Date: 04/09/2012 12:34:36

 

¤¤¤ Bad processes: 0 ¤¤¤

 

¤¤¤ Driver: [LOADED] ¤¤¤

 

¤¤¤ File attributes restored: ¤¤¤

Desktop: Success 0 / Fail 0

Quick launch: Success 0 / Fail 0

Programs: Success 4 / Fail 0

Start menu: Success 0 / Fail 0

User folder: Success 70 / Fail 0

My documents: Success 9 / Fail 0

My favorites: Success 0 / Fail 0

My pictures: Success 0 / Fail 0

My music: Success 0 / Fail 0

My videos: Success 0 / Fail 0

Local drives: Success 918 / Fail 0

Backup: [NOT FOUND]

 

Drives:

[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored

[D:] \Device\CdRom0 -- 0x5 --> Skipped

[E:] \Device\CdRom1 -- 0x5 --> Skipped

[F:] \Device\Harddisk2\DP(1)0-0+9 -- 0x2 --> Restored

[G:] \Device\Harddisk3\DP(1)0-0+a -- 0x2 --> Restored

[H:] \Device\Harddisk4\DP(1)0-0+b -- 0x2 --> Restored

[i:] \Device\Harddisk5\DP(1)0-0+c -- 0x2 --> Restored

[J:] \Device\HarddiskVolume2 -- 0x3 --> Restored

[K:] \Device\Harddisk6\DP(1)0-0+13 -- 0x2 --> Restored

 

¤¤¤ Infection : ¤¤¤

 

Finished : << RKreport[4].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

 

 

 

 

 

 

 

 

 

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Här kommer MBR loggen

 

 

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-04-09 19:13:26

-----------------------------

19:13:26.250 OS Version: Windows 5.1.2600 Service Pack 3

19:13:26.250 Number of processors: 2 586 0x403

19:13:26.250 ComputerName: DEFAULT UserName: User

19:13:26.890 Initialize success

19:17:10.500 AVAST engine defs: 12040901

19:17:40.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17

19:17:40.390 Disk 0 Vendor: Maxtor_6L250S0 BANC1G10 Size: 238475MB BusType: 3

19:17:40.390 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-22

19:17:40.406 Disk 1 Vendor: WDC_WD2500JS-60MHB1 10.02E01 Size: 238475MB BusType: 3

19:17:40.437 Disk 0 MBR read successfully

19:17:40.437 Disk 0 MBR scan

19:17:40.515 Disk 0 unknown MBR code

19:17:40.531 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238474 MB offset 63

19:17:40.531 Disk 0 scanning sectors +488395982

19:17:40.578 Disk 0 malicious Win32:MBRoot code @ sector 488395985 !

19:17:40.656 Disk 0 scanning C:\WINDOWS\system32\drivers

19:17:54.765 Service scanning

19:18:09.718 Modules scanning

19:18:13.859 Disk 0 trace - called modules:

19:18:13.890 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

19:18:13.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f7eab8]

19:18:13.890 3 CLASSPNP.SYS[f7570fd7] -> nt!IofCallDriver -> \Device\0000006b[0x86fa5a00]

19:18:13.906 5 ACPI.sys[f73e7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x86f8cd98]

19:18:14.687 AVAST engine scan C:\WINDOWS

19:18:30.421 AVAST engine scan C:\WINDOWS\system32

19:20:45.250 AVAST engine scan C:\WINDOWS\system32\drivers

19:21:04.109 AVAST engine scan C:\Documents and Settings\User

19:23:09.468 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Skrivbord\MBR.dat"

19:23:09.484 The log file has been saved successfully to "C:\Documents and Settings\User\Skrivbord\aswMBR.txt"

 

 

 

 

 

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Skanna igen med aswMBR och klicka sen på FixMBR när skanningen är färdig,posta den loggan när det är klart!

 

Kör sen TDSSkiller igen och posta den loggan!

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

På asvMBR är inte texten markerad i "FixMBR" utan bara i "Fix". Skall jag klicka Fix innan jag skickar loggen?

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Och här aswMBR loggen.

 

 

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-04-09 20:17:59

-----------------------------

20:17:59.343 OS Version: Windows 5.1.2600 Service Pack 3

20:17:59.343 Number of processors: 2 586 0x403

20:17:59.343 ComputerName: DEFAULT UserName: User

20:17:59.875 Initialize success

20:18:12.890 AVAST engine defs: 12040901

20:18:32.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17

20:18:32.890 Disk 0 Vendor: Maxtor_6L250S0 BANC1G10 Size: 238475MB BusType: 3

20:18:32.906 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-22

20:18:32.906 Disk 1 Vendor: WDC_WD2500JS-60MHB1 10.02E01 Size: 238475MB BusType: 3

20:18:32.937 Disk 0 MBR read successfully

20:18:32.937 Disk 0 MBR scan

20:18:33.093 Disk 0 unknown MBR code

20:18:33.093 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238474 MB offset 63

20:18:33.109 Disk 0 scanning sectors +488395982

20:18:33.156 Disk 0 malicious Win32:MBRoot code @ sector 488395985 !

20:18:33.234 Disk 0 scanning C:\WINDOWS\system32\drivers

20:18:47.312 Service scanning

20:19:02.015 Modules scanning

20:19:06.312 Disk 0 trace - called modules:

20:19:06.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

20:19:06.359 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f7eab8]

20:19:06.359 3 CLASSPNP.SYS[f7570fd7] -> nt!IofCallDriver -> \Device\0000006b[0x86fa5a00]

20:19:06.375 5 ACPI.sys[f73e7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x86f8cd98]

20:19:07.109 AVAST engine scan C:\WINDOWS

20:19:23.796 AVAST engine scan C:\WINDOWS\system32

20:21:43.953 AVAST engine scan C:\WINDOWS\system32\drivers

20:22:02.687 AVAST engine scan C:\Documents and Settings\User

20:26:06.593 AVAST engine scan C:\Documents and Settings\All Users

20:27:32.921 Scan finished successfully

21:06:19.187 Disk 0 MBR read successfully

21:06:19.218 Disk 0 scanning sectors +488395982

21:06:19.265 Disk 0 malicious Win32:MBRoot code @ sector 488395985 !

21:06:19.281 Disk 0 sector 488395985 cleaned

21:06:19.281 Verifying disinfection

21:06:29.328 Infection fixed successfully - please reboot ASAP

21:07:10.984 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Skrivbord\MBR.dat"

21:07:10.984 The log file has been saved successfully to "C:\Documents and Settings\User\Skrivbord\aswMBR.txt"

21:08:09.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Skrivbord\MBR.dat"

21:08:09.625 The log file has been saved successfully to "C:\Documents and Settings\User\Skrivbord\aswMBR 2.txt"

 

 

Och TDSSKiller loggen

 

 

22:12:45.0125 3872 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02

22:12:50.0265 3872 ============================================================

22:12:50.0265 3872 Current date / time: 2012/04/09 22:12:50.0265

22:12:50.0265 3872 SystemInfo:

22:12:50.0265 3872

22:12:50.0265 3872 OS Version: 5.1.2600 ServicePack: 3.0

22:12:50.0265 3872 Product type: Workstation

22:12:50.0265 3872 ComputerName: DEFAULT

22:12:50.0265 3872 UserName: User

22:12:50.0265 3872 Windows directory: C:\WINDOWS

22:12:50.0265 3872 System windows directory: C:\WINDOWS

22:12:50.0265 3872 Processor architecture: Intel x86

22:12:50.0265 3872 Number of processors: 2

22:12:50.0265 3872 Page size: 0x1000

22:12:50.0265 3872 Boot type: Normal boot

22:12:50.0265 3872 ============================================================

22:12:52.0375 3872 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

22:12:52.0375 3872 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054

22:12:52.0500 3872 Drive \Device\Harddisk6\DR8 - Size: 0x3A9440000 (14.64 Gb), SectorSize: 0x200, Cylinders: 0x777, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

22:12:52.0500 3872 \Device\Harddisk0\DR0:

22:12:52.0500 3872 MBR used

22:12:52.0500 3872 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C548F

22:12:52.0500 3872 \Device\Harddisk1\DR1:

22:12:52.0500 3872 MBR used

22:12:52.0500 3872 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4191

22:12:52.0500 3872 \Device\Harddisk6\DR8:

22:12:52.0500 3872 MBR used

22:12:52.0500 3872 \Device\Harddisk6\DR8\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1D48280

22:12:52.0625 3872 Initialize success

22:12:52.0625 3872 ============================================================

22:12:55.0343 3920 ============================================================

22:12:55.0343 3920 Scan started

22:12:55.0343 3920 Mode: Manual;

22:12:55.0343 3920 ============================================================

22:12:56.0046 3920 97fnb7o.sys - ok

22:12:56.0093 3920 Abiosdsk - ok

22:12:56.0125 3920 abp480n5 - ok

22:12:56.0218 3920 ACPI (48547e29772befe3c554ff5e4855bf51) C:\WINDOWS\system32\DRIVERS\ACPI.sys

22:12:56.0218 3920 ACPI - ok

22:12:56.0265 3920 ACPIEC (decedc736cef3c0fff6e981b31e73a61) C:\WINDOWS\system32\drivers\ACPIEC.sys

22:12:56.0265 3920 ACPIEC - ok

22:12:56.0312 3920 adpu160m - ok

22:12:56.0390 3920 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

22:12:56.0390 3920 aec - ok

22:12:56.0468 3920 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

22:12:56.0468 3920 AFD - ok

22:12:56.0578 3920 AgereSoftModem (593aefc67283d409f34cc1245d00a509) C:\WINDOWS\system32\DRIVERS\AGRSM.sys

22:12:56.0593 3920 AgereSoftModem - ok

22:12:56.0609 3920 Aha154x - ok

22:12:56.0640 3920 aic78u2 - ok

22:12:56.0671 3920 aic78xx - ok

22:12:56.0734 3920 Alerter (7e3c83703327499d0b98ae392ff07ede) C:\WINDOWS\system32\alrsvc.dll

22:12:56.0734 3920 Alerter - ok

22:12:56.0781 3920 ALG (5df46f9ad9c1d611a38af2abb9365b5b) C:\WINDOWS\System32\alg.exe

22:12:56.0781 3920 ALG - ok

22:12:56.0812 3920 AliIde - ok

22:12:56.0828 3920 amsint - ok

22:12:56.0968 3920 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program\Avira\AntiVir Desktop\sched.exe

22:12:56.0968 3920 AntiVirSchedulerService - ok

22:12:57.0000 3920 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program\Avira\AntiVir Desktop\avguard.exe

22:12:57.0000 3920 AntiVirService - ok

22:12:57.0062 3920 AppMgmt - ok

22:12:57.0125 3920 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

22:12:57.0125 3920 Arp1394 - ok

22:12:57.0156 3920 asc - ok

22:12:57.0187 3920 asc3350p - ok

22:12:57.0203 3920 asc3550 - ok

22:12:57.0265 3920 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

22:12:57.0265 3920 AsyncMac - ok

22:12:57.0312 3920 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

22:12:57.0312 3920 atapi - ok

22:12:57.0328 3920 Atdisk - ok

22:12:57.0375 3920 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

22:12:57.0375 3920 Atmarpc - ok

22:12:57.0406 3920 AudioSrv (73f7604cfb13a066a93442f431c62c4a) C:\WINDOWS\System32\audiosrv.dll

22:12:57.0406 3920 AudioSrv - ok

22:12:57.0453 3920 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

22:12:57.0453 3920 audstub - ok

22:12:57.0484 3920 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program\Avira\AntiVir Desktop\avgio.sys

22:12:57.0484 3920 avgio - ok

22:12:57.0546 3920 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

22:12:57.0546 3920 avgntflt - ok

22:12:57.0578 3920 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys

22:12:57.0578 3920 avipbb - ok

22:12:57.0609 3920 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

22:12:57.0609 3920 Beep - ok

22:12:57.0656 3920 BITS (9741942a86e579231d3c41aa51de042f) C:\WINDOWS\system32\qmgr.dll

22:12:57.0656 3920 BITS - ok

22:12:57.0687 3920 Browser (e0d4a1cc49efb58a32b5e9d35798c9dd) C:\WINDOWS\System32\browser.dll

22:12:57.0687 3920 Browser - ok

22:12:57.0796 3920 Cap7134 (2f6c4370cddeb9108c91e34210035fe8) C:\WINDOWS\system32\DRIVERS\Cap7134.sys

22:12:57.0796 3920 Cap7134 - ok

22:12:57.0828 3920 catchme - ok

22:12:57.0890 3920 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

22:12:57.0890 3920 cbidf2k - ok

22:12:57.0953 3920 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

22:12:57.0953 3920 CCDECODE - ok

22:12:58.0000 3920 cd20xrnt - ok

22:12:58.0031 3920 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

22:12:58.0031 3920 Cdaudio - ok

22:12:58.0046 3920 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

22:12:58.0046 3920 Cdfs - ok

22:12:58.0093 3920 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

22:12:58.0093 3920 Cdrom - ok

22:12:58.0109 3920 Changer - ok

22:12:58.0171 3920 CiSvc (359c676391504438f334478585fd6465) C:\WINDOWS\system32\cisvc.exe

22:12:58.0171 3920 CiSvc - ok

22:12:58.0234 3920 ClipSrv (b8345830c5d789d3da21b91c0c94d086) C:\WINDOWS\system32\clipsrv.exe

22:12:58.0234 3920 ClipSrv - ok

22:12:58.0296 3920 CmdIde - ok

22:12:58.0343 3920 COMSysApp - ok

22:12:58.0375 3920 Cpqarray - ok

22:12:58.0406 3920 CryptSvc (04fd6585508a7320b2c7453ced231d6b) C:\WINDOWS\System32\cryptsvc.dll

22:12:58.0406 3920 CryptSvc - ok

22:12:58.0500 3920 ctac32k (a5e67327b49e1f4341d470d8bbcbc401) C:\WINDOWS\system32\drivers\ctac32k.sys

22:12:58.0500 3920 ctac32k - ok

22:12:58.0546 3920 ctaud2k (dd2367251d8aa9315d71023e541048c9) C:\WINDOWS\system32\drivers\ctaud2k.sys

22:12:58.0546 3920 ctaud2k - ok

22:12:58.0593 3920 ctdvda2k (29f78d59b053cb8778f8426e4e24099c) C:\WINDOWS\system32\drivers\ctdvda2k.sys

22:12:58.0609 3920 ctdvda2k - ok

22:12:58.0671 3920 ctprxy2k (c7fc5d87b06207a5d34697b627826618) C:\WINDOWS\system32\drivers\ctprxy2k.sys

22:12:58.0671 3920 ctprxy2k - ok

22:12:58.0718 3920 ctsfm2k (2c0af71cf0e1224a2dfc2b67e63b02b1) C:\WINDOWS\system32\drivers\ctsfm2k.sys

22:12:58.0718 3920 ctsfm2k - ok

22:12:58.0812 3920 dac2w2k - ok

22:12:58.0843 3920 dac960nt - ok

22:12:58.0921 3920 DcomLaunch (87dadc3f6e6cd5aaeb913e19cbff922c) C:\WINDOWS\system32\rpcss.dll

22:12:58.0921 3920 DcomLaunch - ok

22:12:58.0984 3920 Dhcp (0ce3fa1c1a6803b34022d6c47273930d) C:\WINDOWS\System32\dhcpcsvc.dll

22:12:58.0984 3920 Dhcp - ok

22:12:59.0062 3920 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

22:12:59.0062 3920 Disk - ok

22:12:59.0078 3920 dmadmin - ok

22:12:59.0156 3920 dmboot (80008bd0c19d97b0b3f4d1d9cbf190a8) C:\WINDOWS\system32\drivers\dmboot.sys

22:12:59.0156 3920 dmboot - ok

22:12:59.0234 3920 dmio (41862731f82be80f0cfba5d0da36b683) C:\WINDOWS\system32\drivers\dmio.sys

22:12:59.0234 3920 dmio - ok

22:12:59.0296 3920 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

22:12:59.0296 3920 dmload - ok

22:12:59.0375 3920 dmserver (77db107fd2d8de42b3adc7fce084f653) C:\WINDOWS\System32\dmserver.dll

22:12:59.0375 3920 dmserver - ok

22:12:59.0437 3920 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

22:12:59.0437 3920 DMusic - ok

22:12:59.0468 3920 Dnscache (efac4d4c80ccd725cc5bd7d3dbf18c74) C:\WINDOWS\System32\dnsrslvr.dll

22:12:59.0484 3920 Dnscache - ok

22:12:59.0578 3920 Dot3svc (c3c6cf67796acdd8329cb0e44367a1eb) C:\WINDOWS\System32\dot3svc.dll

22:12:59.0578 3920 Dot3svc - ok

22:12:59.0625 3920 dpti2o - ok

22:12:59.0671 3920 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

22:12:59.0671 3920 drmkaud - ok

22:12:59.0781 3920 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys

22:12:59.0781 3920 E100B - ok

22:12:59.0828 3920 EapHost (d9cabe63af4bc951302d9e508cb5599a) C:\WINDOWS\System32\eapsvc.dll

22:12:59.0828 3920 EapHost - ok

22:12:59.0937 3920 emupia (091d37e0f5193f708c9006b1f2e23ee4) C:\WINDOWS\system32\drivers\emupia2k.sys

22:12:59.0937 3920 emupia - ok

22:13:00.0015 3920 ERSvc (bc5287dc6dc7ebb13aa825caa6482f94) C:\WINDOWS\System32\ersvc.dll

22:13:00.0015 3920 ERSvc - ok

22:13:00.0125 3920 esgiguard - ok

22:13:00.0203 3920 Eventlog (8870b0c4a094c1ce80cea6f85fa38ff2) C:\WINDOWS\system32\services.exe

22:13:00.0203 3920 Eventlog - ok

22:13:00.0281 3920 EventSystem (01cec6de315f1a06ce5aa70009c6979e) C:\WINDOWS\system32\es.dll

22:13:00.0281 3920 EventSystem - ok

22:13:00.0359 3920 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

22:13:00.0359 3920 Fastfat - ok

22:13:00.0437 3920 FastUserSwitchingCompatibility (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll

22:13:00.0437 3920 FastUserSwitchingCompatibility - ok

22:13:00.0500 3920 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

22:13:00.0500 3920 Fdc - ok

22:13:00.0578 3920 Fips (b66ddb75642f6722468707840c67a394) C:\WINDOWS\system32\drivers\Fips.sys

22:13:00.0578 3920 Fips - ok

22:13:00.0609 3920 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

22:13:00.0609 3920 Flpydisk - ok

22:13:00.0640 3920 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

22:13:00.0640 3920 FltMgr - ok

22:13:00.0671 3920 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

22:13:00.0671 3920 Fs_Rec - ok

22:13:00.0703 3920 Ftdisk (45fc410cfe68ff036ad232a141e69c19) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

22:13:00.0703 3920 Ftdisk - ok

22:13:00.0781 3920 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

22:13:00.0781 3920 Gpc - ok

22:13:00.0843 3920 GT72NDISIPXP (20a940d96e69be65f9b6e4695baac6dc) C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys

22:13:00.0843 3920 GT72NDISIPXP - ok

22:13:00.0921 3920 GT72UBUS (1678d49ea3e76ccabde89d7b26d5061c) C:\WINDOWS\system32\DRIVERS\gt72ubus.sys

22:13:00.0921 3920 GT72UBUS - ok

22:13:00.0968 3920 GtDetectSc (4a58b52e866bc50f81f63fe181384982) C:\Program\Option\Telenor Mobilt Bredband\GtDetectSc.exe

22:13:00.0968 3920 GtDetectSc - ok

22:13:01.0015 3920 GTPTSER (346ddaefa04e49ad804ee12d4baa0ed3) C:\WINDOWS\system32\DRIVERS\gtptser.sys

22:13:01.0015 3920 GTPTSER - ok

22:13:01.0125 3920 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program\Google\Update\GoogleUpdate.exe

22:13:01.0125 3920 gupdate - ok

22:13:01.0140 3920 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program\Google\Update\GoogleUpdate.exe

22:13:01.0140 3920 gupdatem - ok

22:13:01.0171 3920 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

22:13:01.0171 3920 gusvc - ok

22:13:01.0265 3920 ha10kx2k (1ad88bcf3d043baa58c15eb262625f9b) C:\WINDOWS\system32\drivers\ha10kx2k.sys

22:13:01.0265 3920 ha10kx2k - ok

22:13:01.0343 3920 hap16v2k (8ff42f63c722a1dd4c91ff6a497fd6b2) C:\WINDOWS\system32\drivers\hap16v2k.sys

22:13:01.0343 3920 hap16v2k - ok

22:13:01.0406 3920 helpsvc (202c95f334c53a5a8bd0d8465512b3f4) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

22:13:01.0406 3920 helpsvc - ok

22:13:01.0437 3920 HidServ - ok

22:13:01.0500 3920 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

22:13:01.0500 3920 hidusb - ok

22:13:01.0578 3920 hkmsvc (98580e101404565700fd12e03f7ee056) C:\WINDOWS\System32\kmsvc.dll

22:13:01.0578 3920 hkmsvc - ok

22:13:01.0687 3920 hp4200c (9add235b564d7b3d27d97cb13ede8c0a) C:\WINDOWS\system32\DRIVERS\hp4200c.sys

22:13:01.0687 3920 hp4200c - ok

22:13:01.0703 3920 hpn - ok

22:13:01.0812 3920 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

22:13:01.0812 3920 HTTP - ok

22:13:01.0875 3920 HTTPFilter (f504d07cb25d62ab8d079c1f868651ae) C:\WINDOWS\System32\w3ssl.dll

22:13:01.0875 3920 HTTPFilter - ok

22:13:01.0906 3920 i2omgmt - ok

22:13:01.0937 3920 i2omp - ok

22:13:02.0015 3920 i8042prt (82e56cd09b2ce1edec3fba9111c7ee3a) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

22:13:02.0015 3920 i8042prt - ok

22:13:02.0078 3920 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

22:13:02.0078 3920 IDriverT - ok

22:13:02.0125 3920 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

22:13:02.0125 3920 Imapi - ok

22:13:02.0203 3920 ImapiService (891b69c3de6c55a7868b3bb52bc131aa) C:\WINDOWS\system32\imapi.exe

22:13:02.0203 3920 ImapiService - ok

22:13:02.0234 3920 ini910u - ok

22:13:02.0250 3920 IntelIde - ok

22:13:02.0312 3920 intelppm (02431778e84a525d29929d14bab71d53) C:\WINDOWS\system32\DRIVERS\intelppm.sys

22:13:02.0312 3920 intelppm - ok

22:13:02.0359 3920 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

22:13:02.0359 3920 Ip6Fw - ok

22:13:02.0453 3920 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

22:13:02.0453 3920 IpFilterDriver - ok

22:13:02.0531 3920 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

22:13:02.0531 3920 IpInIp - ok

22:13:02.0593 3920 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

22:13:02.0593 3920 IpNat - ok

22:13:02.0609 3920 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

22:13:02.0609 3920 IPSec - ok

22:13:02.0656 3920 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

22:13:02.0656 3920 IRENUM - ok

22:13:02.0765 3920 isapnp (48f97c77daf8811598cfae21368eacb6) C:\WINDOWS\system32\DRIVERS\isapnp.sys

22:13:02.0765 3920 isapnp - ok

22:13:02.0921 3920 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program\Java\jre6\bin\jqs.exe

22:13:02.0921 3920 JavaQuickStarterService - ok

22:13:03.0000 3920 Kbdclass (d655ca94c8e2e0223c1bc28bcd95723a) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

22:13:03.0015 3920 Kbdclass - ok

22:13:03.0031 3920 kbdhid (e1e28876fe7602b0a1d040354de35c06) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

22:13:03.0031 3920 kbdhid - ok

22:13:03.0078 3920 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

22:13:03.0078 3920 kmixer - ok

22:13:03.0125 3920 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

22:13:03.0125 3920 KSecDD - ok

22:13:03.0203 3920 lanmanserver (2c633a578d5adaaa821c675d65f959c5) C:\WINDOWS\System32\srvsvc.dll

22:13:03.0218 3920 lanmanserver - ok

22:13:03.0250 3920 lanmanworkstation (eaa41d225b9da1314e0977c774864430) C:\WINDOWS\System32\wkssvc.dll

22:13:03.0250 3920 lanmanworkstation - ok

22:13:03.0359 3920 Lavasoft Ad-Aware Service (ed60ffd305ac0424920d146db9f9ed78) C:\Program\Lavasoft\Ad-Aware\AAWService.exe

22:13:03.0359 3920 Lavasoft Ad-Aware Service - ok

22:13:03.0421 3920 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program\Lavasoft\Ad-Aware\KernExplorer.sys

22:13:03.0421 3920 Lavasoft Kernexplorer - ok

22:13:03.0500 3920 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys

22:13:03.0500 3920 Lbd - ok

22:13:03.0546 3920 lbrtfdc - ok

22:13:03.0578 3920 LmHosts (ee155cf65cdc8be1b4effa24a69fc924) C:\WINDOWS\System32\lmhsvc.dll

22:13:03.0578 3920 LmHosts - ok

22:13:03.0640 3920 Messenger (363e8ebae26bb8b4987c91b4d3ce0f54) C:\WINDOWS\System32\msgsvc.dll

22:13:03.0640 3920 Messenger - ok

22:13:03.0812 3920 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program\Microsoft Office\Office12\GrooveAuditService.exe

22:13:03.0812 3920 Microsoft Office Groove Audit Service - ok

22:13:03.0921 3920 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

22:13:03.0921 3920 mnmdd - ok

22:13:03.0984 3920 mnmsrvc (2bc41300b822562ac0a524dcdd2da027) C:\WINDOWS\system32\mnmsrvc.exe

22:13:03.0984 3920 mnmsrvc - ok

22:13:04.0078 3920 Modem (42ce19726d9c410dff75d3ff1cc79db2) C:\WINDOWS\system32\drivers\Modem.sys

22:13:04.0078 3920 Modem - ok

22:13:04.0109 3920 Mouclass (e0c4c36573bcf0c0d2a1578caa791f7d) C:\WINDOWS\system32\DRIVERS\mouclass.sys

22:13:04.0109 3920 Mouclass - ok

22:13:04.0156 3920 mouhid (98e474ecf11f1db62fb072157a95ea83) C:\WINDOWS\system32\DRIVERS\mouhid.sys

22:13:04.0171 3920 mouhid - ok

22:13:04.0218 3920 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

22:13:04.0218 3920 MountMgr - ok

22:13:04.0234 3920 mraid35x - ok

22:13:04.0265 3920 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

22:13:04.0265 3920 MRxDAV - ok

22:13:04.0343 3920 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

22:13:04.0343 3920 MRxSmb - ok

22:13:04.0375 3920 MSDTC (7a73fdeef6cf45d27edd73220eaf1c8f) C:\WINDOWS\system32\msdtc.exe

22:13:04.0375 3920 MSDTC - ok

22:13:04.0406 3920 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

22:13:04.0406 3920 Msfs - ok

22:13:04.0421 3920 MSIServer - ok

22:13:04.0484 3920 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

22:13:04.0484 3920 MSKSSRV - ok

22:13:04.0546 3920 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

22:13:04.0546 3920 MSPCLOCK - ok

22:13:04.0593 3920 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

22:13:04.0593 3920 MSPQM - ok

22:13:04.0625 3920 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

22:13:04.0625 3920 mssmbios - ok

22:13:04.0671 3920 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

22:13:04.0671 3920 MSTEE - ok

22:13:04.0750 3920 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

22:13:04.0750 3920 Mup - ok

22:13:04.0843 3920 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

22:13:04.0843 3920 NABTSFEC - ok

22:13:04.0906 3920 napagent (28d11a2ecdfcb280624bd7006d85c38e) C:\WINDOWS\System32\qagentrt.dll

22:13:04.0906 3920 napagent - ok

22:13:04.0953 3920 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

22:13:04.0953 3920 NDIS - ok

22:13:05.0000 3920 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

22:13:05.0000 3920 NdisIP - ok

22:13:05.0078 3920 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

22:13:05.0078 3920 NdisTapi - ok

22:13:05.0171 3920 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

22:13:05.0171 3920 Ndisuio - ok

22:13:05.0203 3920 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

22:13:05.0203 3920 NdisWan - ok

22:13:05.0250 3920 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

22:13:05.0250 3920 NDProxy - ok

22:13:05.0296 3920 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

22:13:05.0296 3920 NetBIOS - ok

22:13:05.0328 3920 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

22:13:05.0328 3920 NetBT - ok

22:13:05.0390 3920 NetDDE (5a922c8e35bf372f3dd3ec61345634b7) C:\WINDOWS\system32\netdde.exe

22:13:05.0390 3920 NetDDE - ok

22:13:05.0406 3920 NetDDEdsdm (5a922c8e35bf372f3dd3ec61345634b7) C:\WINDOWS\system32\netdde.exe

22:13:05.0406 3920 NetDDEdsdm - ok

22:13:05.0500 3920 Netlogon (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

22:13:05.0500 3920 Netlogon - ok

22:13:05.0546 3920 Netman (7f791c1c9d3fec5d3f519c9db19465d3) C:\WINDOWS\System32\netman.dll

22:13:05.0546 3920 Netman - ok

22:13:05.0625 3920 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

22:13:05.0625 3920 NIC1394 - ok

22:13:05.0703 3920 Nla (d080a76f42dfe1e7af0c069ae5bad8fc) C:\WINDOWS\System32\mswsock.dll

22:13:05.0703 3920 Nla - ok

22:13:05.0765 3920 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

22:13:05.0765 3920 Npfs - ok

22:13:05.0812 3920 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

22:13:05.0812 3920 Ntfs - ok

22:13:05.0843 3920 NtLmSsp (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

22:13:05.0843 3920 NtLmSsp - ok

22:13:05.0890 3920 NtmsSvc (5fd9f539baf23288d131f1b709a62807) C:\WINDOWS\system32\ntmssvc.dll

22:13:05.0890 3920 NtmsSvc - ok

22:13:05.0906 3920 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

22:13:05.0921 3920 Null - ok

22:13:06.0125 3920 nv (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

22:13:06.0156 3920 nv - ok

22:13:06.0203 3920 NVSvc (f96df45cfbdc670584293e03c2ab602a) C:\WINDOWS\system32\nvsvc32.exe

22:13:06.0203 3920 NVSvc - ok

22:13:06.0250 3920 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

22:13:06.0250 3920 NwlnkFlt - ok

22:13:06.0312 3920 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

22:13:06.0312 3920 NwlnkFwd - ok

22:13:06.0421 3920 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE

22:13:06.0421 3920 odserv - ok

22:13:06.0484 3920 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

22:13:06.0484 3920 ohci1394 - ok

22:13:06.0531 3920 ose (5a432a042dae460abe7199b758e8606c) C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE

22:13:06.0531 3920 ose - ok

22:13:06.0578 3920 ossrv (04fd6d19435b7b192a29428a2f60ac31) C:\WINDOWS\system32\drivers\ctoss2k.sys

22:13:06.0578 3920 ossrv - ok

22:13:06.0640 3920 Parport (19e28ed86e7244d76fda792c2810188e) C:\WINDOWS\system32\DRIVERS\parport.sys

22:13:06.0640 3920 Parport - ok

22:13:06.0671 3920 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

22:13:06.0671 3920 PartMgr - ok

22:13:06.0734 3920 ParVdm (5cf71e14a108c492c1fb07543d579af5) C:\WINDOWS\system32\drivers\ParVdm.sys

22:13:06.0734 3920 ParVdm - ok

22:13:06.0796 3920 PCI (8a185f0112cf5b42ff1aaff31b8b3091) C:\WINDOWS\system32\DRIVERS\pci.sys

22:13:06.0796 3920 PCI - ok

22:13:06.0828 3920 PCIDump - ok

22:13:06.0875 3920 PCIIde (239de4275ee40fdf9912761467025244) C:\WINDOWS\system32\DRIVERS\pciide.sys

22:13:06.0875 3920 PCIIde - ok

22:13:06.0937 3920 Pcmcia (904053aa6e251c77cf85371ce644cfd7) C:\WINDOWS\system32\drivers\Pcmcia.sys

22:13:06.0937 3920 Pcmcia - ok

22:13:06.0984 3920 PDCOMP - ok

22:13:07.0015 3920 PDFRAME - ok

22:13:07.0031 3920 PDRELI - ok

22:13:07.0062 3920 PDRFRAME - ok

22:13:07.0078 3920 perc2 - ok

22:13:07.0109 3920 perc2hib - ok

22:13:07.0187 3920 pfc (5903fa75200807ad739286bbf40c4904) C:\WINDOWS\system32\drivers\pfc.sys

22:13:07.0187 3920 pfc - ok

22:13:07.0234 3920 PhTVTune (b76a595d928b519a739a80d2695b29b3) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys

22:13:07.0234 3920 PhTVTune - ok

22:13:07.0296 3920 PlugPlay (8870b0c4a094c1ce80cea6f85fa38ff2) C:\WINDOWS\system32\services.exe

22:13:07.0296 3920 PlugPlay - ok

22:13:07.0359 3920 PolicyAgent (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

22:13:07.0359 3920 PolicyAgent - ok

22:13:07.0390 3920 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

22:13:07.0390 3920 PptpMiniport - ok

22:13:07.0406 3920 ProtectedStorage (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

22:13:07.0406 3920 ProtectedStorage - ok

22:13:07.0437 3920 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

22:13:07.0437 3920 PSched - ok

22:13:07.0468 3920 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

22:13:07.0468 3920 Ptilink - ok

22:13:07.0484 3920 ql1080 - ok

22:13:07.0515 3920 Ql10wnt - ok

22:13:07.0531 3920 ql12160 - ok

22:13:07.0562 3920 ql1240 - ok

22:13:07.0593 3920 ql1280 - ok

22:13:07.0609 3920 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

22:13:07.0609 3920 RasAcd - ok

22:13:07.0656 3920 RasAuto (15d787dffce46cfc4c7f567095ce8323) C:\WINDOWS\System32\rasauto.dll

22:13:07.0656 3920 RasAuto - ok

22:13:07.0703 3920 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

22:13:07.0703 3920 Rasl2tp - ok

22:13:07.0765 3920 RasMan (1e86de6b0df33953cf9ce449dd6e8442) C:\WINDOWS\System32\rasmans.dll

22:13:07.0781 3920 RasMan - ok

22:13:07.0812 3920 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

22:13:07.0812 3920 RasPppoe - ok

22:13:07.0843 3920 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

22:13:07.0843 3920 Raspti - ok

22:13:07.0890 3920 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

22:13:07.0890 3920 Rdbss - ok

22:13:07.0937 3920 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

22:13:07.0937 3920 RDPCDD - ok

22:13:08.0031 3920 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

22:13:08.0031 3920 RDPWD - ok

22:13:08.0093 3920 RDSessMgr (fe7c16fa5cbc560579c9728534fbaf6f) C:\WINDOWS\system32\sessmgr.exe

22:13:08.0093 3920 RDSessMgr - ok

22:13:08.0171 3920 redbook (97130d37842819fa39fd5f1e90a5d676) C:\WINDOWS\system32\DRIVERS\redbook.sys

22:13:08.0171 3920 redbook - ok

22:13:08.0250 3920 RemoteAccess (fcd42d82c6f5e0e1506eca01d692dde7) C:\WINDOWS\System32\mprdim.dll

22:13:08.0250 3920 RemoteAccess - ok

22:13:08.0312 3920 RpcLocator (2cfb81b412a5d3cbd55cefaccb5e2cee) C:\WINDOWS\system32\locator.exe

22:13:08.0312 3920 RpcLocator - ok

22:13:08.0375 3920 RpcSs (87dadc3f6e6cd5aaeb913e19cbff922c) C:\WINDOWS\System32\rpcss.dll

22:13:08.0390 3920 RpcSs - ok

22:13:08.0437 3920 RSVP (72407e48f912ed57213ae474b8a6798b) C:\WINDOWS\system32\rsvp.exe

22:13:08.0437 3920 RSVP - ok

22:13:08.0484 3920 SamSs (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe

22:13:08.0484 3920 SamSs - ok

22:13:08.0531 3920 SCardSvr (d339f34d824a7d42ff4d61f1d9d06029) C:\WINDOWS\System32\SCardSvr.exe

22:13:08.0531 3920 SCardSvr - ok

22:13:08.0625 3920 Schedule (c7dc69a9d8c9ab2fbca3238c989d598f) C:\WINDOWS\system32\schedsvc.dll

22:13:08.0625 3920 Schedule - ok

22:13:08.0687 3920 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

22:13:08.0687 3920 Secdrv - ok

22:13:08.0781 3920 seclogon (ed70eb06f13062366b126b1c7475c127) C:\WINDOWS\System32\seclogon.dll

22:13:08.0781 3920 seclogon - ok

22:13:08.0796 3920 SENS (ea7b436a948c875dc94c6062fcbbc2d9) C:\WINDOWS\system32\sens.dll

22:13:08.0812 3920 SENS - ok

22:13:08.0843 3920 Serial (f7d35464062edc08909e568bcd8ae77d) C:\WINDOWS\system32\drivers\Serial.sys

22:13:08.0843 3920 Serial - ok

22:13:08.0859 3920 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

22:13:08.0875 3920 Sfloppy - ok

22:13:08.0890 3920 SharedAccess (30e1a46734bdf836c8770949c86b42a4) C:\WINDOWS\System32\ipnathlp.dll

22:13:08.0890 3920 SharedAccess - ok

22:13:08.0968 3920 ShellHWDetection (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll

22:13:08.0968 3920 ShellHWDetection - ok

22:13:09.0015 3920 Simbad - ok

22:13:09.0093 3920 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

22:13:09.0093 3920 SLIP - ok

22:13:09.0125 3920 Sparrow - ok

22:13:09.0171 3920 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

22:13:09.0171 3920 splitter - ok

22:13:09.0203 3920 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

22:13:09.0218 3920 Spooler - ok

22:13:09.0312 3920 sr (1193ef00869f6367367e6e7cb96be325) C:\WINDOWS\system32\DRIVERS\sr.sys

22:13:09.0312 3920 sr - ok

22:13:09.0359 3920 srservice (25edb60132f9d82cb1b7961c1d0d13f2) C:\WINDOWS\system32\srsvc.dll

22:13:09.0359 3920 srservice - ok

22:13:09.0437 3920 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

22:13:09.0437 3920 Srv - ok

22:13:09.0484 3920 SSDPSRV (53ffc29dc150e0107f28f0a622ff8d1a) C:\WINDOWS\System32\ssdpsrv.dll

22:13:09.0500 3920 SSDPSRV - ok

22:13:09.0546 3920 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

22:13:09.0562 3920 ssmdrv - ok

22:13:09.0640 3920 stisvc (5835d4ad35905215e1059a973b022ea1) C:\WINDOWS\system32\wiaservc.dll

22:13:09.0656 3920 stisvc - ok

22:13:09.0703 3920 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

22:13:09.0703 3920 streamip - ok

22:13:09.0765 3920 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

22:13:09.0765 3920 swenum - ok

22:13:09.0796 3920 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

22:13:09.0796 3920 swmidi - ok

22:13:09.0812 3920 SwPrv - ok

22:13:09.0843 3920 symc810 - ok

22:13:09.0859 3920 symc8xx - ok

22:13:09.0890 3920 sym_hi - ok

22:13:09.0906 3920 sym_u3 - ok

22:13:09.0953 3920 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

22:13:09.0953 3920 sysaudio - ok

22:13:10.0000 3920 SysmonLog (71a08eec00a703445a2cbc0e91ef0952) C:\WINDOWS\system32\smlogsvc.exe

22:13:10.0000 3920 SysmonLog - ok

22:13:10.0046 3920 TapiSrv (18261106524f7a93ceceacdc03a5b989) C:\WINDOWS\System32\tapisrv.dll

22:13:10.0062 3920 TapiSrv - ok

22:13:10.0140 3920 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

22:13:10.0140 3920 Tcpip - ok

22:13:10.0203 3920 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

22:13:10.0203 3920 TDPIPE - ok

22:13:10.0250 3920 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

22:13:10.0250 3920 TDTCP - ok

22:13:10.0265 3920 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

22:13:10.0281 3920 TermDD - ok

22:13:10.0312 3920 TermService (f89c53d455420df4d66e45842fb3a46e) C:\WINDOWS\System32\termsrv.dll

22:13:10.0312 3920 TermService - ok

22:13:10.0390 3920 Themes (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll

22:13:10.0390 3920 Themes - ok

22:13:10.0406 3920 TosIde - ok

22:13:10.0437 3920 TrkWks (548867e040cb81a82b5df09d074f95f8) C:\WINDOWS\system32\trkwks.dll

22:13:10.0437 3920 TrkWks - ok

22:13:10.0500 3920 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

22:13:10.0500 3920 Udfs - ok

22:13:10.0546 3920 ultra - ok

22:13:10.0593 3920 UMWdf (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe

22:13:10.0593 3920 UMWdf - ok

22:13:10.0656 3920 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

22:13:10.0671 3920 Update - ok

22:13:10.0750 3920 upnphost (b1222a2302480d56a32c5343150bb16d) C:\WINDOWS\System32\upnphost.dll

22:13:10.0750 3920 upnphost - ok

22:13:10.0828 3920 UPS (7b07af3d4545ad6fee34b5f2eb247c8f) C:\WINDOWS\System32\ups.exe

22:13:10.0828 3920 UPS - ok

22:13:10.0906 3920 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

22:13:10.0906 3920 usbehci - ok

22:13:10.0953 3920 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

22:13:10.0953 3920 usbhub - ok

22:13:11.0031 3920 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

22:13:11.0031 3920 usbscan - ok

22:13:11.0078 3920 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

22:13:11.0078 3920 USBSTOR - ok

22:13:11.0093 3920 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

22:13:11.0109 3920 usbuhci - ok

22:13:11.0125 3920 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

22:13:11.0125 3920 VgaSave - ok

22:13:11.0156 3920 ViaIde - ok

22:13:11.0187 3920 VolSnap (57187ec04878147e1f4f2d9224b12205) C:\WINDOWS\system32\drivers\VolSnap.sys

22:13:11.0187 3920 VolSnap - ok

22:13:11.0234 3920 VSS (940950dc9e34b05986bbbb1d1a33b74f) C:\WINDOWS\System32\vssvc.exe

22:13:11.0234 3920 VSS - ok

22:13:11.0265 3920 W32Time (4bf06a1dcd6a91c482e79340fee527ca) C:\WINDOWS\system32\w32time.dll

22:13:11.0281 3920 W32Time - ok

22:13:11.0328 3920 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

22:13:11.0328 3920 Wanarp - ok

22:13:11.0359 3920 WDICA - ok

22:13:11.0406 3920 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

22:13:11.0406 3920 wdmaud - ok

22:13:11.0421 3920 WebClient (e6dfcadf5089a68ecd288e9a803a892c) C:\WINDOWS\System32\webclnt.dll

22:13:11.0421 3920 WebClient - ok

22:13:11.0500 3920 winmgmt (cf4e2a27495f7ea6b3128d9a731b3716) C:\WINDOWS\system32\wbem\WMIsvc.dll

22:13:11.0500 3920 winmgmt - ok

22:13:11.0640 3920 WmdmPmSN (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\mspmsnsv.dll

22:13:11.0640 3920 WmdmPmSN - ok

22:13:11.0687 3920 WmiApSrv (9bfadc02a9e27bfdff59e61302f92517) C:\WINDOWS\system32\wbem\wmiapsrv.exe

22:13:11.0687 3920 WmiApSrv - ok

22:13:11.0812 3920 WN5401 (f87497cf86995df3b075234235682647) C:\WINDOWS\system32\DRIVERS\wn5401.sys

22:13:11.0812 3920 WN5401 - ok

22:13:11.0890 3920 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

22:13:11.0890 3920 WS2IFSL - ok

22:13:11.0968 3920 wscsvc (4ac32513fa47c8219448269bf895fc34) C:\WINDOWS\system32\wscsvc.dll

22:13:11.0984 3920 wscsvc - ok

22:13:12.0046 3920 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

22:13:12.0046 3920 WSTCODEC - ok

22:13:12.0078 3920 wuauserv (4ceaf29d35c2608c6463e80574ddca10) C:\WINDOWS\system32\wuauserv.dll

22:13:12.0093 3920 wuauserv - ok

22:13:12.0171 3920 WZCSVC (5ec7d7f83640a921b5c616d9650520fd) C:\WINDOWS\System32\wzcsvc.dll

22:13:12.0171 3920 WZCSVC - ok

22:13:12.0203 3920 xmlprov (5b3d475aa8629320686fbffbe67ab492) C:\WINDOWS\System32\xmlprov.dll

22:13:12.0203 3920 xmlprov - ok

22:13:12.0218 3920 xpsec - ok

22:13:12.0296 3920 MBR (0x1B8) (c9bf916068238d16f510107a5ad6b482) \Device\Harddisk0\DR0

22:13:12.0437 3920 \Device\Harddisk0\DR0 - ok

22:13:12.0453 3920 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

22:13:12.0453 3920 \Device\Harddisk1\DR1 - ok

22:13:12.0468 3920 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk6\DR8

22:13:15.0062 3920 \Device\Harddisk6\DR8 - ok

22:13:15.0093 3920 Boot (0x1200) (4d1d2663618049dea5e6d32b637a7972) \Device\Harddisk0\DR0\Partition0

22:13:15.0093 3920 \Device\Harddisk0\DR0\Partition0 - ok

22:13:15.0109 3920 Boot (0x1200) (a73406fbd63abcf32175f4d271b7fe42) \Device\Harddisk1\DR1\Partition0

22:13:15.0109 3920 \Device\Harddisk1\DR1\Partition0 - ok

22:13:15.0125 3920 Boot (0x1200) (3eddc0dc8a77fd6f5167d8542e1e13f3) \Device\Harddisk6\DR8\Partition0

22:13:15.0125 3920 \Device\Harddisk6\DR8\Partition0 - ok

22:13:15.0125 3920 ============================================================

22:13:15.0125 3920 Scan finished

22:13:15.0125 3920 ============================================================

22:13:15.0156 0612 Detected object count: 0

22:13:15.0156 0612 Actual detected object count: 0

 

 

 

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Mycket bra,kör ComboFix igen enl tidigare instruktioner och om den vill uppdatera sig till nyare version så låt den göra det!!

 

Mvh Laston

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Ok Här kommer ComboFix loggen.

 

 

ComboFix 12-04-07.04 - User 2012-04-09 23:19:36.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1022.477 [GMT 2:00]

Körs från: c:\documents and settings\User\Skrivbord\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\User\Recent\Thumbs.db

.

.

(((((((((((((((((((((((( Filer skapade från 2012-03-09 till 2012-04-09 ))))))))))))))))))))))))))))))

.

.

2012-04-08 19:27 . 2012-04-08 19:27 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes

2012-04-08 19:27 . 2012-04-08 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-04-08 19:27 . 2012-04-08 19:27 -------- d-----w- c:\program\Malwarebytes' Anti-Malware

2012-04-08 19:27 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-08 18:28 . 2012-04-08 18:28 -------- d-----w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

2012-04-07 14:15 . 2012-04-07 14:15 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 20:00 . 2012-04-05 20:00 -------- d-----w- c:\documents and settings\User\Application Data\TrojanHunter

2012-04-05 17:46 . 2012-04-05 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\TrojanHunter

2012-04-05 14:55 . 2012-04-05 14:55 159608 ----a-w- c:\windows\system32\mfevtps.exe.676a.deleteme

2012-04-05 14:46 . 2012-04-05 14:55 14664 ----a-w- c:\windows\stinger.sys

2012-04-05 14:46 . 2012-04-05 14:46 159608 ----a-w- c:\windows\system32\mfevtps.exe.6101.deleteme

2012-04-05 14:46 . 2012-04-05 17:34 -------- d-----w- c:\program\stinger

2012-04-04 13:48 . 2012-04-04 13:48 -------- d-----w- c:\documents and settings\User\Application Data\f-secure

2012-04-04 13:47 . 2012-04-04 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

2012-04-04 10:26 . 2012-04-04 10:31 -------- d-----w- c:\documents and settings\LocalService\Application Data\Personal

2012-04-02 23:38 . 2012-04-02 23:38 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Personal

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-22 15:54 . 2011-07-01 14:05 1480 ----a-w- c:\windows\AUTOLNCH.REG

2012-02-28 07:50 . 2011-06-17 09:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:57 . 2004-08-04 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-11 19:07 . 2012-02-15 02:59 3072 ------w- c:\windows\system32\iacenc.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-04-08_16.09.33 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-04-09 18:16 . 2012-04-09 18:16 16384 c:\windows\Temp\Perflib_Perfdata_588.dat

- 2009-08-05 10:35 . 2012-04-07 07:28 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Tidigare\History.IE5\index.dat

+ 2009-08-05 10:35 . 2012-04-08 16:25 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Tidigare\History.IE5\index.dat

+ 2009-08-05 10:35 . 2012-04-08 16:25 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat

- 2009-08-05 10:35 . 2012-04-07 07:28 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat

+ 2012-04-08 16:22 . 2012-04-08 16:25 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2009-08-05 10:35 . 2012-04-07 07:28 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RemoteControl"="c:\program\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"nwiz"="nwiz.exe" [2008-09-17 1657376]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]

"NeroFilterCheck"="c:\program\Delade filer\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]

"GrooveMonitor"="c:\program\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"CTHelper"="CTHELPER.EXE" [2003-11-13 24576]

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]

"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2011-05-19 155648]

"Device Detector"="c:\program\Delade filer\ACD Systems\EN\DevDetect.exe" [2004-09-02 221184]

"hplampc"="c:\windows\system32\hplampc.exe" [2002-01-17 40448]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"THGuard"="k:\trojan hunter\TrojanHunter 5.5\THGuard.exe" [2011-12-06 1088280]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SetDefaultMidi"="MIDIDEF.EXE" [2003-06-20 49152]

.

c:\documents and settings\User\Start-meny\Program\Autostart\

Skärmurklipp och start för OneNote 2007.lnk - c:\program\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\All Users\Start-meny\Program\Autostart\

BankID säkerhetsprogram.lnk - c:\program\Personal\bin\Personal.exe [2011-2-15 1086288]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Telenor Mobilt Bredband.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Telenor Mobilt Bredband.lnk

backup=c:\windows\pss\Telenor Mobilt Bredband.lnkCommon Startup

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program\\Spotify\\spotify.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-04-20 64288]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-08-20 136360]

R2 GtDetectSc;GtDetectSc;c:\program\Option\Telenor Mobilt Bredband\GtDetectSc.exe [2007-12-18 196704]

R3 hp4200c;%usbscan.SvcDesc%;c:\windows\system32\drivers\hp4200c.sys [2011-07-01 9312]

R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-10-24 24544]

R3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [2005-01-06 449920]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 135664]

S3 97fnb7o.sys;97fnb7o.sys;\??\c:\windows\system32\drivers\97fnb7o.sys --> c:\windows\system32\drivers\97fnb7o.sys [?]

S3 esgiguard;esgiguard;\??\c:\program\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program\Enigma Software Group\SpyHunter\esgiguard.sys [?]

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-02-18 106624]

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-02-08 59648]

S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 135664]

S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program\Lavasoft\Ad-Aware\AAWService.exe [2010-08-12 2152152]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program\Lavasoft\Ad-Aware\kernexplorer.sys [2010-08-12 15232]

S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

.

--- Övriga tjänster/drivrutiner i minnet ---

.

*NewlyCreated* - 17045160

*NewlyCreated* - 28424554

*NewlyCreated* - 40417682

*Deregistered* - 17045160

*Deregistered* - 28424554

*Deregistered* - 40417682

*Deregistered* - aswMBR

*Deregistered* - TrueSight

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2012-04-08 c:\windows\Tasks\Ad-Aware Scan (vanlig koll).job

- c:\program\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:40]

.

2012-04-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:40]

.

2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 13:10]

.

2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 13:10]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.67.199.27 195.67.199.28 195.67.199.29

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-04-09 23:24

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_USERS\S-1-5-21-1192121602-2435800650-3057968084-1007\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

Sluttid: 2012-04-09 23:26:38

ComboFix-quarantined-files.txt 2012-04-09 21:26

ComboFix2.txt 2012-04-08 16:12

.

Före genomsökningen: 228 106 813 440 byte ledigt

Efter genomsökningen: 228 157 595 648 byte ledigt

.

- - End Of File - - 95C64F0BBA0434C5F6C679D4C25D9806

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Ok hur fungerar datorn nu då?

 

Spara TFC av OldTimer på Skrivbordet.

http://oldtimer.geekstogo.com/TFC.exe

 

Stäng alla program och fönster.

Kör TFC (om du har Vista eller Windows 7 så högerklicka på filen och välj Kör som administratör).

Klicka på Start-knappen för att starta städningen.

Det kan ta några minuter och låt datorn vara ifred under tiden.

 

När det är klart är det meningen att datorn ska startas om automatiskt. Om den inte gör det så startar du om datorn själv.

 

Mvh Laston

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Det blir bättre och bättre men det går inte att ladda ner program. Förut försvann nerladdningsrutan efter ca 10 sek (efter 2 sek om jag klickar på spara). Jag för hela tiden gå till en vän och ladda ner på den datorn. Skall göra detta nu.

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Ja nu har jag kört TFC med detta resultat.

 

 

Logg 10/4 2012

 

 

 

Getting user folders.

 

 

Stopping running processes.

 

 

Emptying Temp folders.

 

 

 

User: -

 

->Temp folder emptied: 0 bytes

 

->Temporary Internet Files folder emptied: 67 bytes

 

->Flash cache emptied: 321 bytes

 

 

User: Administratör

 

->Temp folder emptied: 0 bytes

 

->Temporary Internet Files folder emptied: 67 bytes

 

 

User: All Users

 

 

User: Användaren

 

->Temp folder emptied: 0 bytes

 

->Temporary Internet Files folder emptied: 67 bytes

 

 

User: Default User

 

->Temp folder emptied: 0 bytes

 

->Temporary Internet Files folder emptied: 67 bytes

 

 

User: LocalService

 

->Temp folder emptied: 0 bytes

 

->Temporary Internet Files folder emptied: 32902 bytes

 

 

User: NetworkService

 

->Temp folder emptied: 0 bytes

 

->Temporary Internet Files folder emptied: 67 bytes

 

 

User: User

 

->Temp folder emptied: 247956 bytes

 

->Temporary Internet Files folder emptied: 15935529 bytes

 

->Java cache emptied: 22178823 bytes

 

->Flash cache emptied: 37280 bytes

 

 

%systemdrive% .tmp files removed: 0 bytes

 

%systemroot% .tmp files removed: 3223311 bytes

 

%systemroot%\System32 .tmp files removed: 2578 bytes

 

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

 

%systemroot%\System32\drivers .tmp files removed: 0 bytes

 

Windows Temp folder emptied: 0 bytes

 

 

Emptying RecycleBin. Do not interrupt.

 

 

RecycleBin emptied: 15874 bytes

 

Process complete!

 

 

Total Files Cleaned = 40,00 mb

 

 

 

Vill bara lägga till att det fortfarande inte går att ladda ner program

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Ok det var trist,bara att leta vidare då!

 

Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet "Remove found threats"

Bocka för "Scan Archives

 

Klicka på "Advanced Settings"

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Tryck på Scan

 

När skanningen är klar skapas loggfilen C:\Program\Eset\Eset Online Scanner\log.txt. Öppna den i Anteckningar och klistra sedan in innehållet i ditt svar.

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Ok här kommer loggen från ESET.

 

 

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=e418fc66284c164ea68239fe53d60a38

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-04-10 11:54:52

# local_time=2012-04-10 01:54:52 (+0100, Västeuropa, sommartid)

# country="Sweden"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1797 16775141 100 100 6439 108952428 0 0

# compatibility_mode=8192 67108863 100 0 163 163 0 0

# scanned=73268

# found=17

# cleaned=0

# scan_time=3031

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP249\A0027770.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP249\A0027774.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP249\A0027775.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP249\A0027776.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP249\A0027777.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP249\A0027778.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP249\A0027779.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP255\A0032422.dll a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP255\A0032425.exe probably a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP256\A0032699.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP256\A0032703.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP256\A0032704.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP256\A0032705.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP256\A0032706.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP256\A0032707.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

C:\System Volume Information\_restore{16E12A65-5BD2-4E05-B061-D74329270BA6}\RP256\A0032708.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I

J:\kent\installationer\Virusskydd\avira_antivir_personal_en.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I

 

 

Ser ut så här. Vad göra?

Kopia av Eset online.docx

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Ok dom flesta av dom skadliga filerna ligger i systeminformationen och är inte farliga om man inte försöker köra en systemåterställning!Är antivirusprogrammet crackat?

 

Kör RogueKiller igen och så vill jag se en logga från DDS

 

Hämta hem DDS:

http://download.bleepingcomputer.com/sUBs/dds.scr

 

1: Spara den till skrivbordet

2: Dubbelklicka på dds.scr för att starta verktyget.

3: Klicka Yes/Ja på frågan om Optional Scan

4: När DDS har scannat klart kommer där att dyka upp två textfiler DSS.txt och Attach.txt

5: Spara dessa till ditt skrivbord

4: Kopiera/Klistra in de båda loggarna DSS.txt och Attach.txt hit till din tråd.

 

OBS:

Kopiera INTE in loggan (textfilen) som bifogad fil ej heller inom code-taggar eller annat.

Kopiera/klistra in loggan DIREKT i ditt inlägg.

 

Mvh Laston

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

RogueKiller hittade inget.

 

 

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Scan -- Date: 04/10/2012 14:54:19

 

¤¤¤ Bad processes: 0 ¤¤¤

 

¤¤¤ Registry Entries: 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xF7B3522C)

SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xF7B351E6)

SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xF7B35236)

SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xF7B351DC)

SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xF7B351EB)

SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xF7B351F5)

SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xF7B35227)

SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xF7B351FA)

SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xF7B351C8)

SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xF7B351CD)

SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xF7B35204)

SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xF7B351FF)

SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xF7B3523B)

SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xF7B351F0)

SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xF7B351D7)

S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B35240)

S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B35245)

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: Maxtor 6L250S0 +++++

--- User ---

[MBR] 560e532e962c35377a539b3329f8942e

[bSP] fc953d8d4a7525b310947b4a6e2f2172 : MBR Code unknown

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238474 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: WDC WD2500JS-60MHB1 +++++

--- User ---

[MBR] 97e14cd435d86ae8227da99e8d1e671a

[bSP] 535a9eb9bcfaa8632b74e207e22cb9bd : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[1].txt >>

RKreport[1].txt

 

 

 

Och här är DDS loggarna.

 

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by User at 15:00:35 on 2012-04-10

Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1022.250 [GMT 2:00]

.

AV: Lavasoft Ad-Watch Live! Antivirus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Avira\AntiVir Desktop\sched.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Delade filer\ACD Systems\EN\DevDetect.exe

C:\WINDOWS\system32\hplampc.exe

C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program\Avira\AntiVir Desktop\avguard.exe

C:\Program\Option\Telenor Mobilt Bredband\GtDetectSc.exe

C:\Program\Avira\AntiVir Desktop\avshadow.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program\Lavasoft\Ad-Aware\AAWService.exe

C:\Program\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program\internet explorer\iexplore.exe

C:\Program\internet explorer\iexplore.exe

C:\Program\internet explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Download Guard for Internet Explorer: {20c1a7f0-528e-444f-bac5-5804a61cca7f} - c:\program\lavasoft\download guard for internet explorer\DownloadGuardBHO.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program\java\jre6\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar_32.dll

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program\delade filer\ahead\lib\NMBgMonitor.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RemoteControl] c:\program\cyberlink\powerdvd\PDVDServ.exe

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NeroFilterCheck] c:\program\delade filer\ahead\lib\NeroCheck.exe

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [GrooveMonitor] "c:\program\microsoft office\office12\GrooveMonitor.exe"

mRun: [CTHelper] CTHELPER.EXE

mRun: [avgnt] "c:\program\avira\antivir desktop\avgnt.exe" /min

mRun: [AGRSMMSG] AGRSMMSG.exe

mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime

mRun: [Device Detector] "c:\program\delade filer\acd systems\en\DevDetect.exe" -autorun

mRun: [hplampc] c:\windows\system32\hplampc.exe

mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"

mRun: [THGuard] "k:\trojan hunter\trojanhunter 5.5\THGuard.exe"

dRunOnce: [setDefaultMidi] MIDIDEF.EXE

StartupFolder: c:\docume~1\user\start-~1\program\autost~1\skrmur~1.lnk - c:\program\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe

IE: E&xportera till Microsoft Excel - c:\program\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} - c:\program\java\jre6\bin\jp2iexp.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~2\office12\REFIEBAR.DLL

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/emsisoft_webscan.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 195.67.199.27 195.67.199.28 195.67.199.29

TCP: Interfaces\{697BC429-1AA8-4827-9B74-6F19234DBBA3} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{93E7A0DB-87EC-498E-91C1-D9044196A42E} : DhcpNameServer = 195.67.199.27 195.67.199.28 195.67.199.29

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program\microsoft office\office12\GrooveSystemServices.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-4-20 64288]

R1 avgio;avgio;c:\program\avira\antivir desktop\avgio.sys [2009-8-20 11608]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\avira\antivir desktop\sched.exe [2009-8-20 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program\avira\antivir desktop\avguard.exe [2009-8-20 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-8-20 66616]

R2 GtDetectSc;GtDetectSc;c:\program\option\telenor mobilt bredband\GtDetectSc.exe [2007-12-18 196704]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program\lavasoft\ad-aware\AAWService.exe [2010-8-12 2152152]

R3 hp4200c;%usbscan.SvcDesc%;c:\windows\system32\drivers\hp4200c.sys [2011-7-1 9312]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program\lavasoft\ad-aware\kernexplorer.sys [2010-8-12 15232]

R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-10-24 24544]

R3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [2005-1-6 449920]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program\google\update\GoogleUpdate.exe [2010-2-13 135664]

S3 97fnb7o.sys;97fnb7o.sys;\??\c:\windows\system32\drivers\97fnb7o.sys --> c:\windows\system32\drivers\97fnb7o.sys [?]

S3 esgiguard;esgiguard;\??\c:\program\enigma software group\spyhunter\esgiguard.sys --> c:\program\enigma software group\spyhunter\esgiguard.sys [?]

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-2-18 106624]

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-2-8 59648]

S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program\google\update\GoogleUpdate.exe [2010-2-13 135664]

S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

.

=============== Created Last 30 ================

.

2012-04-10 11:01:41 -------- d-----w- c:\program\ESET

2012-04-09 21:18:15 -------- d-----w- C:\ComboFix

2012-04-08 19:27:48 -------- d-----w- c:\documents and settings\user\application data\Malwarebytes

2012-04-08 19:27:37 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-04-08 19:27:35 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-08 19:27:35 -------- d-----w- c:\program\Malwarebytes' Anti-Malware

2012-04-08 18:28:16 -------- d-----w- c:\documents and settings\all users\application data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

2012-04-08 16:01:26 -------- d-sha-r- C:\cmdcons

2012-04-08 15:55:08 98816 ----a-w- c:\windows\sed.exe

2012-04-08 15:55:08 518144 ----a-w- c:\windows\SWREG.exe

2012-04-08 15:55:08 256000 ----a-w- c:\windows\PEV.exe

2012-04-08 15:55:08 208896 ----a-w- c:\windows\MBR.exe

2012-04-07 14:15:05 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 20:00:10 -------- d-----w- c:\documents and settings\user\application data\TrojanHunter

2012-04-05 17:46:23 -------- d-----w- c:\documents and settings\all users\application data\TrojanHunter

2012-04-05 14:55:37 159608 ----a-w- c:\windows\system32\mfevtps.exe.676a.deleteme

2012-04-05 14:46:50 14664 ----a-w- c:\windows\stinger.sys

2012-04-05 14:46:30 159608 ----a-w- c:\windows\system32\mfevtps.exe.6101.deleteme

2012-04-05 14:46:13 -------- d-----w- c:\program\stinger

2012-04-04 13:48:00 -------- d-----w- c:\documents and settings\user\application data\f-secure

2012-04-04 13:47:41 -------- d-----w- c:\documents and settings\all users\application data\F-Secure

.

==================== Find3M ====================

.

2012-03-22 15:54:38 1480 ----a-w- c:\windows\AUTOLNCH.REG

2012-02-28 07:50:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:57:40 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-11 19:07:15 3072 ------w- c:\windows\system32\iacenc.dll

.

============= FINISH: 15:01:16,77 ===============

 

 

 

 

Och nästa.

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 2009-08-20 11:09:02

System Uptime: 2012-04-10 10:20:46 (5 hours ago)

.

Motherboard: ASUSTek Computer INC. | | LITHIUM

Processor: Intel® Pentium® 4 CPU 3.60GHz | Socket 775 | 3601/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 233 GiB total, 212,305 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is FIXED (NTFS) - 233 GiB total, 225,697 GiB free.

K: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP173: 2012-01-11 21:39:00 - Systemkontrollpunkt

RP174: 2012-01-12 01:26:49 - Software Distribution Service 3.0

RP175: 2012-01-13 01:28:46 - Systemkontrollpunkt

RP176: 2012-01-14 14:59:12 - Systemkontrollpunkt

RP177: 2012-01-15 15:19:37 - Systemkontrollpunkt

RP178: 2012-01-16 15:32:04 - Systemkontrollpunkt

RP179: 2012-01-17 15:57:00 - Systemkontrollpunkt

RP180: 2012-01-18 16:54:20 - Systemkontrollpunkt

RP181: 2012-01-19 17:19:50 - Systemkontrollpunkt

RP182: 2012-01-20 18:05:56 - Systemkontrollpunkt

RP183: 2012-01-21 19:06:00 - Systemkontrollpunkt

RP184: 2012-01-22 20:05:56 - Systemkontrollpunkt

RP185: 2012-01-23 22:33:17 - Systemkontrollpunkt

RP186: 2012-01-24 23:24:41 - Systemkontrollpunkt

RP187: 2012-01-26 00:24:41 - Systemkontrollpunkt

RP188: 2012-01-26 19:03:14 - Software Distribution Service 3.0

RP189: 2012-01-27 19:42:12 - Systemkontrollpunkt

RP190: 2012-01-28 19:57:54 - Systemkontrollpunkt

RP191: 2012-01-29 20:57:56 - Systemkontrollpunkt

RP192: 2012-01-30 21:57:54 - Systemkontrollpunkt

RP193: 2012-02-02 13:42:51 - Systemkontrollpunkt

RP194: 2012-02-03 15:27:21 - Systemkontrollpunkt

RP195: 2012-02-04 15:36:54 - Systemkontrollpunkt

RP196: 2012-02-05 16:27:50 - Systemkontrollpunkt

RP197: 2012-02-06 16:47:40 - Systemkontrollpunkt

RP198: 2012-02-07 17:36:51 - Systemkontrollpunkt

RP199: 2012-02-08 18:36:53 - Systemkontrollpunkt

RP200: 2012-02-09 19:36:53 - Systemkontrollpunkt

RP201: 2012-02-10 20:36:53 - Systemkontrollpunkt

RP202: 2012-02-11 21:36:53 - Systemkontrollpunkt

RP203: 2012-02-12 22:36:51 - Systemkontrollpunkt

RP204: 2012-02-13 23:36:51 - Systemkontrollpunkt

RP205: 2012-02-15 00:36:51 - Systemkontrollpunkt

RP206: 2012-02-15 12:06:19 - Software Distribution Service 3.0

RP207: 2012-02-16 14:06:12 - Systemkontrollpunkt

RP208: 2012-02-17 03:00:15 - Software Distribution Service 3.0

RP209: 2012-02-18 03:25:05 - Systemkontrollpunkt

RP210: 2012-02-19 13:37:14 - Systemkontrollpunkt

RP211: 2012-02-20 15:01:06 - Systemkontrollpunkt

RP212: 2012-02-21 15:22:35 - Systemkontrollpunkt

RP213: 2012-02-22 18:14:12 - Systemkontrollpunkt

RP214: 2012-02-23 18:54:27 - Systemkontrollpunkt

RP215: 2012-02-24 20:45:13 - Systemkontrollpunkt

RP216: 2012-02-25 21:25:03 - Systemkontrollpunkt

RP217: 2012-02-26 22:25:03 - Systemkontrollpunkt

RP218: 2012-02-27 23:06:10 - Systemkontrollpunkt

RP219: 2012-02-28 23:37:15 - Systemkontrollpunkt

RP220: 2012-03-01 01:29:19 - Systemkontrollpunkt

RP221: 2012-03-02 01:37:15 - Systemkontrollpunkt

RP222: 2012-03-03 02:37:13 - Systemkontrollpunkt

RP223: 2012-03-04 03:37:13 - Systemkontrollpunkt

RP224: 2012-03-05 03:49:15 - Systemkontrollpunkt

RP225: 2012-03-06 04:37:13 - Systemkontrollpunkt

RP226: 2012-03-07 03:00:18 - Software Distribution Service 3.0

RP227: 2012-03-08 03:46:32 - Systemkontrollpunkt

RP228: 2012-03-09 03:51:00 - Systemkontrollpunkt

RP229: 2012-03-10 04:15:47 - Systemkontrollpunkt

RP230: 2012-03-11 05:15:48 - Systemkontrollpunkt

RP231: 2012-03-12 06:15:49 - Systemkontrollpunkt

RP232: 2012-03-13 07:15:46 - Systemkontrollpunkt

RP233: 2012-03-14 03:00:17 - Software Distribution Service 3.0

RP234: 2012-03-15 03:24:19 - Systemkontrollpunkt

RP235: 2012-03-16 04:24:18 - Systemkontrollpunkt

RP236: 2012-03-17 05:24:19 - Systemkontrollpunkt

RP237: 2012-03-19 07:47:28 - Systemkontrollpunkt

RP238: 2012-03-20 08:35:05 - Systemkontrollpunkt

RP239: 2012-03-21 09:35:00 - Systemkontrollpunkt

RP240: 2012-03-22 10:35:02 - Systemkontrollpunkt

RP241: 2012-03-25 19:27:58 - Systemkontrollpunkt

RP242: 2012-03-26 19:50:40 - Systemkontrollpunkt

RP243: 2012-03-27 20:17:27 - Systemkontrollpunkt

RP244: 2012-03-28 20:52:22 - Systemkontrollpunkt

RP245: 2012-03-29 21:52:23 - Systemkontrollpunkt

RP246: 2012-03-30 22:52:23 - Systemkontrollpunkt

RP247: 2012-03-31 23:52:25 - Systemkontrollpunkt

RP248: 2012-04-02 00:52:22 - Systemkontrollpunkt

RP249: 2012-04-03 02:05:54 - Systemkontrollpunkt

RP250: 2012-04-04 02:07:49 - Systemkontrollpunkt

RP251: 2012-04-04 15:38:43 - SpyHunter togs bort

RP252: 2012-04-05 16:02:33 - Systemkontrollpunkt

RP253: 2012-04-06 19:07:09 - Systemkontrollpunkt

RP254: 2012-04-06 23:17:50 - Ad-Aware Checkpoint

RP255: 2012-04-07 11:17:43 - OTL Restore Point - 2012-04-07 11:17:38

RP256: 2012-04-08 11:01:06 - Removed Support.com Toolbar.

RP257: 2012-04-09 11:48:14 - Systemkontrollpunkt

RP258: 2012-04-10 14:40:01 - Systemkontrollpunkt

.

==== Installed Programs ======================

.

ACDSee for PENTAX 2.0

Acrobat.com

Ad-Aware

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.5.0

Agere Systems PCI Soft Modem

Avira AntiVir Personal - Free Antivirus

BankID säkerhetsprogram 4.17.0

Creative Driver

Download Guard for Internet Explorer

ESET Online Scanner v3

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Windows XP (KB976002-v5)

HP PrecisionScan LT Software

Intel® PRO Network Connections Drivers

Japanese Fonts Support For Adobe Reader 9

Java Auto Updater

Java 6 Update 29

Kartex

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Swedish) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Swedish) 2007

Microsoft Office InfoPath MUI (Swedish) 2007

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook MUI (Swedish) 2007

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Swedish) 2007

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word MUI (Swedish) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (Swedish) 12

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Nero 7 Essentials

NVIDIA Drivers

OpenOffice.org 3.0

PowerDVD

QuickTime

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Snabbkorrigering för Windows XP (KB2158563)

Snabbkorrigering för Windows XP (KB2443685)

Snabbkorrigering för Windows XP (KB2570791)

Snabbkorrigering för Windows XP (KB2633952)

Snabbkorrigering för Windows XP (KB952287)

Snabbkorrigering för Windows XP (KB970653-v3)

Snabbkorrigering för Windows XP (KB976098-v2)

Snabbkorrigering för Windows XP (KB979306)

Snabbkorrigering för Windows XP (KB981793)

SoftOne Business

Säkerhetsuppdatering för Microsoft Windows (KB2564958)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2183461)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2360131)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2416400)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2482017)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2497640)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2510531)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2530548)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2559049)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2586448)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2618444)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2647516)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB971961)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB972260)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB974455)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB976325)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB978207)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB981332)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB982381)

Säkerhetsuppdatering för Windows Media Player (KB2378111)

Säkerhetsuppdatering för Windows Media Player (KB952069)

Säkerhetsuppdatering för Windows Media Player (KB954155)

Säkerhetsuppdatering för Windows Media Player (KB968816)

Säkerhetsuppdatering för Windows Media Player (KB973540)

Säkerhetsuppdatering för Windows Media Player (KB975558)

Säkerhetsuppdatering för Windows Media Player (KB978695)

Säkerhetsuppdatering för Windows Media Player (KB979402)

Säkerhetsuppdatering för Windows XP (KB2079403)

Säkerhetsuppdatering för Windows XP (KB2115168)

Säkerhetsuppdatering för Windows XP (KB2121546)

Säkerhetsuppdatering för Windows XP (KB2160329)

Säkerhetsuppdatering för Windows XP (KB2229593)

Säkerhetsuppdatering för Windows XP (KB2259922)

Säkerhetsuppdatering för Windows XP (KB2279986)

Säkerhetsuppdatering för Windows XP (KB2286198)

Säkerhetsuppdatering för Windows XP (KB2296011)

Säkerhetsuppdatering för Windows XP (KB2296199)

Säkerhetsuppdatering för Windows XP (KB2347290)

Säkerhetsuppdatering för Windows XP (KB2360937)

Säkerhetsuppdatering för Windows XP (KB2387149)

Säkerhetsuppdatering för Windows XP (KB2393802)

Säkerhetsuppdatering för Windows XP (KB2412687)

Säkerhetsuppdatering för Windows XP (KB2419632)

Säkerhetsuppdatering för Windows XP (KB2423089)

Säkerhetsuppdatering för Windows XP (KB2436673)

Säkerhetsuppdatering för Windows XP (KB2440591)

Säkerhetsuppdatering för Windows XP (KB2443105)

Säkerhetsuppdatering för Windows XP (KB2476490)

Säkerhetsuppdatering för Windows XP (KB2476687)

Säkerhetsuppdatering för Windows XP (KB2478960)

Säkerhetsuppdatering för Windows XP (KB2478971)

Säkerhetsuppdatering för Windows XP (KB2479628)

Säkerhetsuppdatering för Windows XP (KB2479943)

Säkerhetsuppdatering för Windows XP (KB2481109)

Säkerhetsuppdatering för Windows XP (KB2483185)

Säkerhetsuppdatering för Windows XP (KB2485376)

Säkerhetsuppdatering för Windows XP (KB2485663)

Säkerhetsuppdatering för Windows XP (KB2503658)

Säkerhetsuppdatering för Windows XP (KB2503665)

Säkerhetsuppdatering för Windows XP (KB2506212)

Säkerhetsuppdatering för Windows XP (KB2506223)

Säkerhetsuppdatering för Windows XP (KB2507618)

Säkerhetsuppdatering för Windows XP (KB2507938)

Säkerhetsuppdatering för Windows XP (KB2508272)

Säkerhetsuppdatering för Windows XP (KB2508429)

Säkerhetsuppdatering för Windows XP (KB2509553)

Säkerhetsuppdatering för Windows XP (KB2511455)

Säkerhetsuppdatering för Windows XP (KB2524375)

Säkerhetsuppdatering för Windows XP (KB2535512)

Säkerhetsuppdatering för Windows XP (KB2536276-v2)

Säkerhetsuppdatering för Windows XP (KB2536276)

Säkerhetsuppdatering för Windows XP (KB2544893-v2)

Säkerhetsuppdatering för Windows XP (KB2544893)

Säkerhetsuppdatering för Windows XP (KB2555917)

Säkerhetsuppdatering för Windows XP (KB2562937)

Säkerhetsuppdatering för Windows XP (KB2566454)

Säkerhetsuppdatering för Windows XP (KB2567053)

Säkerhetsuppdatering för Windows XP (KB2567680)

Säkerhetsuppdatering för Windows XP (KB2570222)

Säkerhetsuppdatering för Windows XP (KB2570947)

Säkerhetsuppdatering för Windows XP (KB2584146)

Säkerhetsuppdatering för Windows XP (KB2585542)

Säkerhetsuppdatering för Windows XP (KB2592799)

Säkerhetsuppdatering för Windows XP (KB2598479)

Säkerhetsuppdatering för Windows XP (KB2603381)

Säkerhetsuppdatering för Windows XP (KB2618451)

Säkerhetsuppdatering för Windows XP (KB2619339)

Säkerhetsuppdatering för Windows XP (KB2620712)

Säkerhetsuppdatering för Windows XP (KB2621440)

Säkerhetsuppdatering för Windows XP (KB2624667)

Säkerhetsuppdatering för Windows XP (KB2631813)

Säkerhetsuppdatering för Windows XP (KB2633171)

Säkerhetsuppdatering för Windows XP (KB2639417)

Säkerhetsuppdatering för Windows XP (KB2641653)

Säkerhetsuppdatering för Windows XP (KB2646524)

Säkerhetsuppdatering för Windows XP (KB2647518)

Säkerhetsuppdatering för Windows XP (KB2660465)

Säkerhetsuppdatering för Windows XP (KB2661637)

Säkerhetsuppdatering för Windows XP (KB923561)

Säkerhetsuppdatering för Windows XP (KB923689)

Säkerhetsuppdatering för Windows XP (KB923789)

Säkerhetsuppdatering för Windows XP (KB938464-v2)

Säkerhetsuppdatering för Windows XP (KB941569)

Säkerhetsuppdatering för Windows XP (KB946648)

Säkerhetsuppdatering för Windows XP (KB950762)

Säkerhetsuppdatering för Windows XP (KB950974)

Säkerhetsuppdatering för Windows XP (KB951066)

Säkerhetsuppdatering för Windows XP (KB951376-v2)

Säkerhetsuppdatering för Windows XP (KB951748)

Säkerhetsuppdatering för Windows XP (KB952004)

Säkerhetsuppdatering för Windows XP (KB952954)

Säkerhetsuppdatering för Windows XP (KB954459)

Säkerhetsuppdatering för Windows XP (KB954600)

Säkerhetsuppdatering för Windows XP (KB955069)

Säkerhetsuppdatering för Windows XP (KB956572)

Säkerhetsuppdatering för Windows XP (KB956744)

Säkerhetsuppdatering för Windows XP (KB956802)

Säkerhetsuppdatering för Windows XP (KB956803)

Säkerhetsuppdatering för Windows XP (KB956844)

Säkerhetsuppdatering för Windows XP (KB957097)

Säkerhetsuppdatering för Windows XP (KB958644)

Säkerhetsuppdatering för Windows XP (KB958687)

Säkerhetsuppdatering för Windows XP (KB958869)

Säkerhetsuppdatering för Windows XP (KB959426)

Säkerhetsuppdatering för Windows XP (KB960225)

Säkerhetsuppdatering för Windows XP (KB960803)

Säkerhetsuppdatering för Windows XP (KB960859)

Säkerhetsuppdatering för Windows XP (KB961371-v2)

Säkerhetsuppdatering för Windows XP (KB961501)

Säkerhetsuppdatering för Windows XP (KB968537)

Säkerhetsuppdatering för Windows XP (KB969059)

Säkerhetsuppdatering för Windows XP (KB969947)

Säkerhetsuppdatering för Windows XP (KB970238)

Säkerhetsuppdatering för Windows XP (KB970430)

Säkerhetsuppdatering för Windows XP (KB971468)

Säkerhetsuppdatering för Windows XP (KB971486)

Säkerhetsuppdatering för Windows XP (KB971557)

Säkerhetsuppdatering för Windows XP (KB971633)

Säkerhetsuppdatering för Windows XP (KB971657)

Säkerhetsuppdatering för Windows XP (KB972260)

Säkerhetsuppdatering för Windows XP (KB972270)

Säkerhetsuppdatering för Windows XP (KB973346)

Säkerhetsuppdatering för Windows XP (KB973354)

Säkerhetsuppdatering för Windows XP (KB973507)

Säkerhetsuppdatering för Windows XP (KB973525)

Säkerhetsuppdatering för Windows XP (KB973869)

Säkerhetsuppdatering för Windows XP (KB973904)

Säkerhetsuppdatering för Windows XP (KB974112)

Säkerhetsuppdatering för Windows XP (KB974318)

Säkerhetsuppdatering för Windows XP (KB974392)

Säkerhetsuppdatering för Windows XP (KB974571)

Säkerhetsuppdatering för Windows XP (KB975025)

Säkerhetsuppdatering för Windows XP (KB975467)

Säkerhetsuppdatering för Windows XP (KB975560)

Säkerhetsuppdatering för Windows XP (KB975561)

Säkerhetsuppdatering för Windows XP (KB975562)

Säkerhetsuppdatering för Windows XP (KB975713)

Säkerhetsuppdatering för Windows XP (KB977165)

Säkerhetsuppdatering för Windows XP (KB977816)

Säkerhetsuppdatering för Windows XP (KB977914)

Säkerhetsuppdatering för Windows XP (KB978037)

Säkerhetsuppdatering för Windows XP (KB978251)

Säkerhetsuppdatering för Windows XP (KB978262)

Säkerhetsuppdatering för Windows XP (KB978338)

Säkerhetsuppdatering för Windows XP (KB978542)

Säkerhetsuppdatering för Windows XP (KB978601)

Säkerhetsuppdatering för Windows XP (KB978706)

Säkerhetsuppdatering för Windows XP (KB979309)

Säkerhetsuppdatering för Windows XP (KB979482)

Säkerhetsuppdatering för Windows XP (KB979559)

Säkerhetsuppdatering för Windows XP (KB979683)

Säkerhetsuppdatering för Windows XP (KB979687)

Säkerhetsuppdatering för Windows XP (KB980195)

Säkerhetsuppdatering för Windows XP (KB980218)

Säkerhetsuppdatering för Windows XP (KB980232)

Säkerhetsuppdatering för Windows XP (KB980436)

Säkerhetsuppdatering för Windows XP (KB981322)

Säkerhetsuppdatering för Windows XP (KB981852)

Säkerhetsuppdatering för Windows XP (KB981957)

Säkerhetsuppdatering för Windows XP (KB981997)

Säkerhetsuppdatering för Windows XP (KB982132)

Säkerhetsuppdatering för Windows XP (KB982214)

Säkerhetsuppdatering för Windows XP (KB982665)

Säkerhetsuppdatering för Windows XP (KB982802)

Spotify

Telenor Mobilt Bredband

TrojanHunter 5.5

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Uppdatering för Windows Internet Explorer 8 (KB972636)

Uppdatering för Windows Internet Explorer 8 (KB976662)

Uppdatering för Windows Internet Explorer 8 (KB976749)

Uppdatering för Windows Internet Explorer 8 (KB980182)

Uppdatering för Windows XP (KB2141007)

Uppdatering för Windows XP (KB2345886)

Uppdatering för Windows XP (KB2467659)

Uppdatering för Windows XP (KB2541763)

Uppdatering för Windows XP (KB2607712)

Uppdatering för Windows XP (KB2616676)

Uppdatering för Windows XP (KB2641690)

Uppdatering för Windows XP (KB951978)

Uppdatering för Windows XP (KB955759)

Uppdatering för Windows XP (KB955839)

Uppdatering för Windows XP (KB967715)

Uppdatering för Windows XP (KB968389)

Uppdatering för Windows XP (KB971029)

Uppdatering för Windows XP (KB971737)

Uppdatering för Windows XP (KB973687)

Uppdatering för Windows XP (KB973815)

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format Runtime

Windows Rights Management-klient bakåtkompatibilitet SP2

Windows Rights Management-klient med Service Pack 2

Windows XP Service Pack 3

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

.

==== End Of File ===========================

 

 

 

 

 

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Ok avinstallera TrojanHunter 5.5

 

 

Kopiera alla rader i rutan (använd markera kod)

DDS::
S3 97fnb7o.sys;97fnb7o.sys;\??\c:\windows\system32\drivers\97fnb7o.sys --> c:\windows\system32\drivers\97fnb7o.sys [?]
S3 esgiguard;esgiguard;\??\c:\program\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program\Enigma Software Group\SpyHunter\esgiguard.sys [?]

och klistra in i Anteckningar.

Spara filen på Skrivbordet med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Länk till kommentar
Dela på andra webbplatser
spinnare357

spinnare357

Postad
  • Trådskapare
Postad

Har avinstallerat Trojan Hunter och kört ComboFix

 

 

ComboFix 12-04-07.04 - User 2012-04-10 17:42:13.3.2 - x86

 

Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1022.292 [GMT 2:00]

 

Körs från: c:\documents and settings\User\Skrivbord\ComboFix.exe

 

Kommandoväxlar som använts :: c:\documents and settings\User\Skrivbord\CFScript..txt

 

AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

 

AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

 

.

 

.

 

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

 

.

 

.

 

c:\documents and settings\User\Recent\Thumbs.db

 

.

 

.

 

(((((((((((((((((((((((( Filer skapade från 2012-03-10 till 2012-04-10 ))))))))))))))))))))))))))))))

 

.

 

.

 

2012-04-10 11:01 . 2012-04-10 11:01 -------- d-----w- c:\program\ESET

 

2012-04-08 19:27 . 2012-04-08 19:27 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes

 

2012-04-08 19:27 . 2012-04-08 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

 

2012-04-08 19:27 . 2012-04-08 19:27 -------- d-----w- c:\program\Malwarebytes' Anti-Malware

 

2012-04-08 19:27 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

 

2012-04-08 18:28 . 2012-04-08 18:28 -------- d-----w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

 

2012-04-07 14:15 . 2012-04-07 14:15 -------- d-----w- C:\TDSSKiller_Quarantine

 

2012-04-05 20:00 . 2012-04-05 20:00 -------- d-----w- c:\documents and settings\User\Application Data\TrojanHunter

 

2012-04-05 14:55 . 2012-04-05 14:55 159608 ----a-w- c:\windows\system32\mfevtps.exe.676a.deleteme

 

2012-04-05 14:46 . 2012-04-05 14:55 14664 ----a-w- c:\windows\stinger.sys

 

2012-04-05 14:46 . 2012-04-05 14:46 159608 ----a-w- c:\windows\system32\mfevtps.exe.6101.deleteme

 

2012-04-05 14:46 . 2012-04-05 17:34 -------- d-----w- c:\program\stinger

 

2012-04-04 13:48 . 2012-04-04 13:48 -------- d-----w- c:\documents and settings\User\Application Data\f-secure

 

2012-04-04 13:47 . 2012-04-04 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

 

2012-04-04 10:26 . 2012-04-04 10:31 -------- d-----w- c:\documents and settings\LocalService\Application Data\Personal

 

2012-04-02 23:38 . 2012-04-02 23:38 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Personal

 

.

 

.

 

.

 

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

 

.

 

2012-03-22 15:54 . 2011-07-01 14:05 1480 ----a-w- c:\windows\AUTOLNCH.REG

 

2012-02-28 07:50 . 2011-06-17 09:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

 

2012-02-03 09:57 . 2004-08-04 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys

 

2012-01-11 19:07 . 2012-02-15 02:59 3072 ------w- c:\windows\system32\iacenc.dll

 

.

 

.

 

((((((((((((((((((((((((((((( SnapShot@2012-04-08_16.09.33 )))))))))))))))))))))))))))))))))))))))))

 

.

 

+ 2012-04-10 08:21 . 2012-04-10 08:21 16384 c:\windows\Temp\Perflib_Perfdata_5e4.dat

 

- 2009-08-05 10:35 . 2012-04-07 07:28 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Tidigare\History.IE5\index.dat

 

+ 2009-08-05 10:35 . 2012-04-10 09:53 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Tidigare\History.IE5\index.dat

 

+ 2009-08-05 10:35 . 2012-04-10 09:53 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat

 

- 2009-08-05 10:35 . 2012-04-07 07:28 32768 c:\windows\system32\config\systemprofile\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat

 

+ 2012-04-10 09:23 . 2012-04-10 09:53 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

 

- 2009-08-05 10:35 . 2012-04-07 07:28 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

 

.

 

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

 

.

 

.

 

*Not* tomma poster & legitima standardposter visas inte.

 

REGEDIT4

 

.

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]

 

.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

"RemoteControl"="c:\program\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]

 

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

 

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

 

"nwiz"="nwiz.exe" [2008-09-17 1657376]

 

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]

 

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]

 

"NeroFilterCheck"="c:\program\Delade filer\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

 

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]

 

"GrooveMonitor"="c:\program\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

 

"CTHelper"="CTHELPER.EXE" [2003-11-13 24576]

 

"avgnt"="c:\program\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]

 

"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]

 

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2011-05-19 155648]

 

"Device Detector"="c:\program\Delade filer\ACD Systems\EN\DevDetect.exe" [2004-09-02 221184]

 

"hplampc"="c:\windows\system32\hplampc.exe" [2002-01-17 40448]

 

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

 

"Adobe ARM"="c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

 

.

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

 

"SetDefaultMidi"="MIDIDEF.EXE" [2003-06-20 49152]

 

.

 

c:\documents and settings\User\Start-meny\Program\Autostart\

 

Skärmurklipp och start för OneNote 2007.lnk - c:\program\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

 

.

 

c:\documents and settings\All Users\Start-meny\Program\Autostart\

 

BankID säkerhetsprogram.lnk - c:\program\Personal\bin\Personal.exe [2011-2-15 1086288]

 

.

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

@="Service"

 

.

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Telenor Mobilt Bredband.lnk]

 

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Telenor Mobilt Bredband.lnk

 

backup=c:\windows\pss\Telenor Mobilt Bredband.lnkCommon Startup

 

.

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

 

"%windir%\\system32\\sessmgr.exe"=

 

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

 

"c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

 

"c:\\Program\\Microsoft Office\\Office12\\GROOVE.EXE"=

 

"c:\\Program\\Microsoft Office\\Office12\\ONENOTE.EXE"=

 

"c:\\Program\\Spotify\\spotify.exe"=

 

.

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

 

"3389:TCP"= 3389:TCP:Remote Desktop

 

"65533:TCP"= 65533:TCP:Services

 

"52344:TCP"= 52344:TCP:Services

 

.

 

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-04-20 64288]

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\Avira\AntiVir Desktop\sched.exe [2009-08-20 136360]

 

R2 GtDetectSc;GtDetectSc;c:\program\Option\Telenor Mobilt Bredband\GtDetectSc.exe [2007-12-18 196704]

 

R3 hp4200c;%usbscan.SvcDesc%;c:\windows\system32\drivers\hp4200c.sys [2011-07-01 9312]

 

R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program\Lavasoft\Ad-Aware\AAWService.exe [2010-08-12 2152152]

 

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program\Lavasoft\Ad-Aware\kernexplorer.sys [2010-08-12 15232]

 

R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-10-24 24544]

 

R3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [2005-01-06 449920]

 

S2 gupdate;Tjänsten Google Update (gupdate);c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 135664]

 

S3 97fnb7o.sys;97fnb7o.sys;\??\c:\windows\system32\drivers\97fnb7o.sys --> c:\windows\system32\drivers\97fnb7o.sys [?]

 

S3 esgiguard;esgiguard;\??\c:\program\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program\Enigma Software Group\SpyHunter\esgiguard.sys [?]

 

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-02-18 106624]

 

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-02-08 59648]

 

S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 135664]

 

S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

 

.

 

--- Övriga tjänster/drivrutiner i minnet ---

 

.

 

*NewlyCreated* - LAVASOFT_KERNEXPLORER

 

*Deregistered* - TrueSight

 

.

 

Innehåll i mappen 'Schemalagda aktiviteter':

 

.

 

2012-04-10 c:\windows\Tasks\Ad-Aware Scan (vanlig koll).job

 

- c:\program\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:40]

 

.

 

2012-04-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job

 

- c:\program\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:40]

 

.

 

2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

 

- c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 13:10]

 

.

 

2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

 

- c:\program\Google\Update\GoogleUpdate.exe [2010-02-13 13:10]

 

.

 

.

 

------- Extra genomsökning -------

 

.

 

uStart Page = hxxp://www.google.se/

 

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\Office12\EXCEL.EXE/3000

 

TCP: DhcpNameServer = 195.67.199.27 195.67.199.28 195.67.199.29

 

.

 

.

 

**************************************************************************

 

.

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

 

Rootkit scan 2012-04-10 17:48

 

Windows 5.1.2600 Service Pack 3 NTFS

 

.

 

scanning hidden processes ...

 

.

 

scanning hidden autostart entries ...

 

.

 

scanning hidden files ...

 

.

 

scan completed successfully

 

hidden files: 0

 

.

 

**************************************************************************

 

.

 

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

 

.

 

[HKEY_USERS\S-1-5-21-1192121602-2435800650-3057968084-1007\Software\Microsoft\SystemCertificates\AddressBook*]

 

@Allowed: (Read) (RestrictedCode)

 

@Allowed: (Read) (RestrictedCode)

 

.

 

Sluttid: 2012-04-10 17:50:41

 

ComboFix-quarantined-files.txt 2012-04-10 15:50

 

ComboFix2.txt 2012-04-09 21:26

 

ComboFix3.txt 2012-04-08 16:12

 

.

 

Före genomsökningen: 227 915 202 560 byte ledigt

 

Efter genomsökningen: 227 946 577 920 byte ledigt

 

.

 

- - End Of File - - 411198D383B31638E1F76DE27D334CF0

 

 

Länk till kommentar
Dela på andra webbplatser
Laston

Laston

Postad
Postad

Hmm fick du med allt som du skulle av scriptet för det verkar inte ha fungerat!Se till att alla 3 kommer på varsin rad!! OBS viktigt!!

 

Kopiera alla rader i rutan (använd markera kod)

DDS::
S3 97fnb7o.sys;97fnb7o.sys;\??\c:\windows\system32\drivers\97fnb7o.sys --> c:\windows\system32\drivers\97fnb7o.sys [?]
S3 esgiguard;esgiguard;\??\c:\program\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

och klistra in i Anteckningar.

Spara filen på Skrivbordet med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Du bara drar med musen medan vänster musknapp är nedtryckt. Det är viktigt att du just använder Windows-programmet Anteckningar så att det inte kommer med någon konstig formatering. Anledningen till att ComboFix-loggen är svårläst är att varje rad innehåller kod för att visa den med ett annat typsnitt och storlek samt att det mellan varje rad finns en tomrad och så borde det inte vara om du kopierade den från Anteckningar.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

Gå till ämneslista


×
×
  • Skapa nytt...