[Løst]2 problemer jeg vil bli kvitt uten å måtte formatere

[znace]

nå har jeg hatt 2 problemer(virus\spamwears\problemer)over lengere tid som jeg jærne vill bli kvitt, dette enne er windows uppdatate som sier dette:

log:

 

Automatiske oppdateringer (gjør det mulig for området å søke etter, laste ned og installere høyt prioriterte oppdateringer for datamaskinen)

BITS (Background Intelligent Transfer Service) (bidrar til at oppdateringer lastes ned raskere og uten problemer hvis nedlastingsprosessen avbrytes)

Event Log (inneholder en oversikt over oppdateringsaktiviteter, som du kan bruke ved feilsøking)

Slik kontrollerer du at disse tjenestene kjører:

1. Klikk Start, og klikk deretter Kjør.

2. Skriv inn services.msc, og klikk deretter OK.

3. Dobbeltklikk Automatiske oppdateringer i listen over tjenester, og klikk deretter Egenskaper.

4. Velg Automatisk i listen Oppstartstype, og klikk Bruk.

5. Kontroller at tjenestestatusen er Startet. Hvis tjenestestatusen er Stoppet, klikker du Start.

6. Dobbeltklikk BITS (Background Intelligent Transfer Service) i listen over tjenester, og klikk deretter Egenskaper.

7. Velg Manuelt i listen Oppstartstype, og klikk Bruk.

8. Kontroller at tjenestestatusen er Startet. Hvis tjenestestatusen er Stoppet, klikker du Start.

9. Dobbeltklikk Event Log i listen over tjenester, og klikk deretter Egenskaper.

10. Velg Automatisk i listen Oppstartstype, og klikk Bruk.

11. Kontroller at tjenestestatusen er Startet. Hvis tjenestestatusen er Stoppet, klikker du Start.

Hvis dette ikke løser problemet, kan du bruke en av ressursene nedenfor.

 

 

dette har jeg gjort og det men vil fremdeles ikke oppdatere :@

 

 

det andre probleme mitt er dette

vær gang jeg kommer inn i IE kommer denne, jeg trykker nei men kommer fremdeles inn på den. jeg hadde og opp opp probler før men den ser ut til å ha gitt seg

 

http://e.imagehost.org/0613/feil_1.jpg

 

har vert borti problemene før å deg fikset seg med en formatering. vil veldig gjærne slippe dette nå.

 

kan noen hjelpe meg?

[BudweiserMan]

Prøv Spybot

CCleaner

Ad-Aware 2008 Plus

 

og hvis du ikke har no antivirus program annbefaler jeg deg Avast Antivirus

[snippsat]

Ja antivirus 2009 er kjent malware infeksjon.

 

Last ned MBAM til skrivebordet.

Velg Norsk språkdrakt-->kjør hurtig systemskann.

Når MBAM er ferdig åpner den en logg,den poster du.

---

Last Combofix ned ,legg på skrivebordet.

Ikke klikk på vindu mens programmet kjører.

post logg C:\combofix.txt

[znace]

combofix log:

ComboFix 09-01-06.02 - turboseng 2009-01-07 15:42:50.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.2047.1470 [GMT 1:00]

Kjører fra: c:\documents and settings\turboseng\Lokale innstillinger\Programdata\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe

* Opprettet nytt gjenopprettingspunkt

.

 

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\system32\bshbykgn.dll

c:\windows\system32\bzdnud.dll

c:\windows\system32\cbXRHyaY.dll

c:\windows\system32\cenmps.dll

c:\windows\system32\chvdct.dll

c:\windows\system32\cvcjtaoy.dll

c:\windows\system32\dnvjre.dll

c:\windows\system32\dtbrkhur.dll

c:\windows\system32\edtiyq.dll

c:\windows\system32\enkprd.dll

c:\windows\system32\eugwmqyl.ini

c:\windows\system32\fccAQgDW.dll

c:\windows\system32\hgjarjga.dll

c:\windows\system32\htrkflmi.dll

c:\windows\system32\hwfldyhy.dll

c:\windows\system32\ibqapgar.ini

c:\windows\system32\irdequaa.dll

c:\windows\system32\jetfrs.dll

c:\windows\system32\jihuxfty.ini

c:\windows\system32\jlfoqoxj.dll

c:\windows\system32\jsesqw.dll

c:\windows\system32\khfFULDw.dll

c:\windows\system32\kzkion.dll

c:\windows\system32\leodqeme.ini

c:\windows\system32\lyqmwgue.dll

c:\windows\system32\mlJDtrSm.dll

c:\windows\system32\ngkybhsb.ini

c:\windows\system32\nvxrhw.dll

c:\windows\system32\oalwpvvb.dll

c:\windows\system32\obchrhrx.dll

c:\windows\system32\pdsyrvvd.dll

c:\windows\system32\perpfi.dll

c:\windows\system32\prdibsdn.dll

c:\windows\system32\prsgrc.dll

c:\windows\system32\puignkiu.dll

c:\windows\system32\qwlylrtv.ini

c:\windows\system32\rbcdid.dll

c:\windows\system32\rvzliy.dll

c:\windows\system32\ssprs.dll

c:\windows\system32\ssqnMFvs.dll

c:\windows\system32\tmjhsvwv.dll

c:\windows\system32\trhehlpq.dll

c:\windows\system32\ugijbk.dll

c:\windows\system32\uxtuavac.ini

c:\windows\system32\vpjvhrmx.dll

c:\windows\system32\vtrlylwq.dll

c:\windows\system32\wDLUFfhk.ini

c:\windows\system32\wDLUFfhk.ini2

c:\windows\system32\wphtyx.dll

c:\windows\system32\wvUoMfgF.dll

c:\windows\system32\xjlhahod.dll

c:\windows\system32\xmrhvjpv.ini

c:\windows\system32\xtokxljv.dll

c:\windows\system32\yqsnbcta.ini

c:\windows\system32\aauqedri.ini

 

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2008-12-07 til 2009-01-07 )))))))))))))))))))))))))))))))))

.

 

2009-01-07 15:47 . 2009-01-07 15:47 <DIR> d-------- c:\windows\system32\xircom

2009-01-07 15:47 . 2009-01-07 15:47 <DIR> d-------- c:\programfiler\microsoft frontpage

2009-01-07 15:33 . 2009-01-07 15:33 <DIR> dr-h----- c:\documents and settings\turboseng\Siste

2009-01-06 14:57 . 2009-01-06 16:08 <DIR> d-------- c:\documents and settings\turboseng\Programdata\Graphisoft

2009-01-06 14:57 . 2009-01-06 20:40 <DIR> d-------- c:\documents and settings\turboseng\Graphisoft

2009-01-06 14:55 . 2009-01-06 14:55 <DIR> d-------- c:\programfiler\WIBUKEY

2009-01-06 14:55 . 2009-01-06 14:55 <DIR> d-------- c:\programfiler\WIBU-SYSTEMS

2009-01-06 14:53 . 2009-01-06 14:55 <DIR> d-------- c:\programfiler\QuickTime

2009-01-06 14:53 . 2009-01-06 14:53 <DIR> d-------- c:\documents and settings\All Users\Programdata\Apple Computer

2009-01-06 14:53 . 2006-05-11 09:00 339,968 --a------ c:\windows\system32\cdintf.dll

2009-01-06 14:52 . 2009-01-06 14:52 8,052 --a------ c:\windows\vpd.properties

2009-01-06 14:51 . 2009-01-06 14:51 <DIR> d-------- c:\programfiler\Graphisoft

2009-01-05 18:55 . 2009-01-05 18:55 <DIR> d-------- c:\documents and settings\All Users\Programdata\hps

2009-01-05 18:40 . 2009-01-05 18:40 <DIR> d-------- c:\programfiler\CeWe Color

2009-01-04 12:32 . 2009-01-04 12:46 <DIR> d-------- c:\documents and settings\turboseng\Programdata\Winamp

2009-01-04 02:14 . 2009-01-04 02:16 <DIR> d-------- c:\programfiler\IrfanView

2009-01-03 15:52 . 2009-01-03 23:52 <DIR> d-------- c:\programfiler\DExposE2

2009-01-03 13:37 . 2009-01-03 13:50 <DIR> d----c--- c:\windows\Tango Patcher 2600

2009-01-03 13:35 . 2009-01-03 13:35 <DIR> d-------- c:\programfiler\Stardock

2009-01-03 13:35 . 2009-01-03 13:35 <DIR> d-------- c:\programfiler\Fellesfiler\Stardock

2009-01-03 13:35 . 2009-01-03 13:36 163,712 --a------ c:\windows\system32\drivers\vidstub.sys

2009-01-03 13:10 . 2003-12-13 00:40 202,763 --a--c--- c:\windows\system32\dllcache\uxtheme.dll

2009-01-02 17:13 . 2009-01-02 17:17 <DIR> d-------- c:\programfiler\Photomatix

2009-01-02 17:13 . 1998-07-29 04:01 1,062,704 --a------ c:\windows\system32\MSCOMCTL.OCX

2009-01-02 17:13 . 2004-06-04 22:22 782,336 --a------ c:\windows\system32\IlmImf.dll

2009-01-02 17:13 . 2007-06-28 15:09 446,464 --a------ c:\windows\system32\Photomatix_jpg.dll

2009-01-02 17:13 . 2006-02-05 16:27 353,280 --a------ c:\windows\system32\pmtf2.dll

2009-01-02 17:13 . 2007-01-02 14:13 274,432 --a------ c:\windows\system32\lcms.dll

2009-01-02 17:13 . 2007-07-09 13:51 266,240 --a------ c:\windows\system32\Photomatix25Lib.dll

2009-01-02 17:13 . 2007-07-15 13:09 249,856 --a------ c:\windows\system32\Photomatix25Lib2.dll

2009-01-02 17:13 . 2006-02-05 17:23 205,824 --a------ c:\windows\system32\pmtf1.dll

2009-01-02 17:13 . 2006-11-29 12:55 204,288 --a------ c:\windows\system32\pmtf3.dll

2009-01-02 17:13 . 2007-07-12 15:17 167,936 --a------ c:\windows\system32\Photomatix25Lib3.dll

2009-01-02 17:13 . 2004-12-14 13:19 53,248 --a------ c:\windows\system32\pmexr.dll

2009-01-02 17:13 . 2003-11-26 11:47 11,776 --a------ c:\windows\system32\pmbm.dll

2008-12-29 20:26 . 2008-12-29 20:26 <DIR> d-------- c:\programfiler\Vampire The Masquerade - Redemption

2008-12-29 18:44 . 2008-12-29 18:44 291 --a------ c:\windows\vtmb.ini

2008-12-29 18:32 . 2008-12-29 18:32 <DIR> d-------- c:\programfiler\Activision

2008-12-29 11:46 . 2008-12-29 12:46 673 --a------ c:\windows\VAMPIRE.INI

2008-12-27 17:01 . 2008-12-27 17:04 <DIR> d-------- c:\programfiler\SystemRequirementsLab

2008-12-27 17:01 . 2008-12-27 17:01 <DIR> d-------- c:\documents and settings\turboseng\SystemRequirementsLab

2008-12-27 13:49 . 2008-12-27 13:49 <DIR> d-------- c:\programfiler\CCleaner

2008-12-27 13:47 . 2008-12-27 13:53 <DIR> d-------- c:\programfiler\Error Repair Professional

2008-12-24 19:31 . 2008-12-24 19:31 278,728 --a------ c:\windows\system32\drivers\atksgt.sys

2008-12-24 19:31 . 2008-12-24 19:31 25,416 --a------ c:\windows\system32\drivers\lirsgt.sys

2008-12-24 19:25 . 2008-12-24 19:25 <DIR> d-------- c:\programfiler\Nobilis

2008-12-24 14:52 . 2008-12-24 14:52 268 --ah----- C:\sqmdata00.sqm

2008-12-24 14:52 . 2008-12-24 14:52 244 --ah----- C:\sqmnoopt00.sqm

2008-12-23 23:15 . 2008-12-27 14:52 <DIR> d-------- c:\programfiler\Rockstar Games

2008-12-23 14:16 . 2008-12-23 14:16 <DIR> dr-h----- c:\documents and settings\Administrator\Siste

2008-12-23 14:11 . 2008-12-23 14:11 <DIR> d-------- c:\windows\system32\Atheros_L1

2008-12-23 14:11 . 2007-12-20 01:53 37,376 --a------ c:\windows\system32\drivers\l151x86.sys

2008-12-23 13:50 . 2004-08-03 22:08 26,624 --a------ c:\windows\system32\drivers\usbehci.sys

2008-12-23 13:50 . 2004-08-04 00:03 7,168 --a------ c:\windows\system32\hccoin.dll

2008-12-23 13:49 . 2004-08-03 22:08 142,976 --a------ c:\windows\system32\drivers\usbport.sys

2008-12-23 13:49 . 2004-08-03 21:59 95,360 --a------ c:\windows\system32\drivers\atapi.sys

2008-12-23 13:49 . 2004-08-04 01:03 74,240 --a------ c:\windows\system32\usbui.dll

2008-12-23 13:49 . 2004-08-03 22:08 57,600 --a------ c:\windows\system32\drivers\usbhub.sys

2008-12-23 13:49 . 2004-08-03 21:59 25,088 --a------ c:\windows\system32\drivers\pciidex.sys

2008-12-23 13:49 . 2004-08-03 22:08 20,480 --a------ c:\windows\system32\drivers\usbuhci.sys

2008-12-23 13:49 . 2001-10-09 12:00 3,328 --a------ c:\windows\system32\drivers\pciide.sys

2008-12-23 13:48 . 2008-12-23 13:48 <DIR> d-------- c:\programfiler\Intel

2008-12-23 13:48 . 2008-12-23 13:48 <DIR> d-------- C:\Intel

2008-12-23 13:48 . 2004-08-03 23:53 68,224 --a------ c:\windows\system32\drivers\pci.sys

2008-12-23 13:48 . 2001-10-09 12:00 35,968 --a------ c:\windows\system32\drivers\isapnp.sys

2008-12-23 13:32 . 2008-12-23 13:32 48,579 --a------ c:\windows\BS_DEF.sys

2008-12-23 13:31 . 2008-12-23 13:31 <DIR> d-------- c:\windows\OPTIONS

2008-12-23 13:31 . 2008-12-23 13:31 <DIR> d-------- c:\programfiler\Realtek RTL8187 Wireless Network Driver and Utility

2008-12-23 13:31 . 2005-10-27 07:32 157,568 --------- c:\windows\system32\drivers\RTL8187.SYS

2008-12-23 13:31 . 2002-10-02 09:57 13,532 --a------ c:\windows\system32\drivers\SjyPkt.sys

2008-12-23 13:21 . 2008-12-23 13:21 664 --a------ c:\windows\system32\d3d9caps.dat

2008-12-23 13:18 . 2008-12-23 13:18 <DIR> d-------- c:\documents and settings\Administrator\Contacts

2008-12-23 13:17 . 2008-12-23 13:17 45,056 --a------ c:\windows\system32\cbXnlMGA.dll

2008-12-23 13:16 . 2008-12-09 13:10 <DIR> dr------- c:\documents and settings\Administrator\Start-meny

2008-12-23 13:16 . 2008-12-09 13:10 <DIR> d--h----- c:\documents and settings\Administrator\Skrivere

2008-12-23 13:16 . 2008-12-23 14:15 <DIR> d-------- c:\documents and settings\Administrator\Skrivebord

2008-12-23 13:16 . 2008-12-09 13:10 <DIR> dr-h----- c:\documents and settings\Administrator\Programdata

2008-12-23 13:16 . 2008-12-23 13:42 <DIR> d-------- c:\documents and settings\Administrator\Mine dokumenter

2008-12-23 13:16 . 2008-12-09 12:30 <DIR> d--h----- c:\documents and settings\Administrator\Maler

2008-12-23 13:16 . 2008-12-09 13:10 <DIR> d--h----- c:\documents and settings\Administrator\Lokale innstillinger

2008-12-23 13:16 . 2008-12-09 13:10 <DIR> d-------- c:\documents and settings\Administrator\Favoritter

2008-12-23 13:16 . 2008-12-09 13:10 <DIR> d--h----- c:\documents and settings\Administrator\AndrMask

2008-12-23 13:16 . 2008-12-23 14:16 <DIR> d-------- c:\documents and settings\Administrator

2008-12-23 13:10 . 2008-12-23 13:10 <DIR> d-------- c:\windows\system32\AGEIA

2008-12-23 13:10 . 2008-12-23 13:10 <DIR> d-------- c:\programfiler\AGEIA Technologies

2008-12-23 13:10 . 2008-12-09 14:48 204,064 --a------ c:\windows\IxoVMRmv.exe

2008-12-23 13:10 . 2008-12-22 23:48 181 --a------ c:\windows\IxoVM.INF

2008-12-22 23:42 . 2008-12-27 13:28 153 --a------ c:\windows\wininit.ini

2008-12-22 00:57 . 2008-12-22 00:57 <DIR> dr-h----- c:\documents and settings\turboseng\Programdata\SecuROM

2008-12-22 00:53 . 2008-12-22 00:53 <DIR> d-------- c:\windows\system32\LogFiles

2008-12-22 00:53 . 2008-12-22 00:53 <DIR> d-------- c:\windows\system32\drivers\umdf

2008-12-21 23:55 . 2008-12-21 23:55 <DIR> d-------- c:\programfiler\MSBuild

2008-12-21 23:50 . 2008-12-21 23:50 <DIR> d-------- c:\windows\system32\XPSViewer

2008-12-21 23:49 . 2008-12-21 23:49 <DIR> d-------- c:\programfiler\Reference Assemblies

2008-12-21 23:49 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll

2008-12-21 21:33 . 2004-01-12 00:00 348,160 --a------ c:\windows\system\msvcr71.dll

2008-12-21 21:17 . 2008-12-21 21:17 <DIR> d-------- c:\windows\system32\xlive

2008-12-21 21:17 . 2008-12-22 01:02 <DIR> d-------- c:\programfiler\Microsoft Games for Windows - LIVE

2008-12-19 17:57 . 2008-12-20 00:05 <DIR> d-------- c:\windows\system32\CatRoot_bak

2008-12-19 00:45 . 2009-01-06 21:10 <DIR> d-------- c:\documents and settings\turboseng\Programdata\dvdcss

2008-12-17 20:09 . 2008-12-17 20:09 69 --a------ c:\windows\NeroDigital.ini

2008-12-17 19:59 . 2008-12-17 19:59 <DIR> d-------- c:\programfiler\Java

2008-12-17 19:59 . 2008-12-17 19:59 73,728 --a------ c:\windows\system32\javacpl.cpl

2008-12-16 18:27 . 2004-08-04 00:03 221,184 --a------ c:\windows\system32\wmpns.dll

2008-12-16 14:48 . 2008-12-16 16:09 <DIR> d-------- c:\programfiler\EA GAMES

2008-12-16 14:48 . 2008-03-13 00:38 445,504 -ra------ c:\windows\system32\vp6vfw.dll

2008-12-16 14:44 . 2008-12-16 16:16 32 --a------ c:\windows\CD_Start.INI

2008-12-15 22:23 . 2008-12-15 22:23 <DIR> d-------- c:\windows\Windows Service Pack Blocker Tool Kit

2008-12-15 15:48 . 2008-12-15 15:48 <DIR> d-------- c:\programfiler\Fellesfiler\Nero

2008-12-15 15:43 . 2008-12-15 15:43 <DIR> d-------- c:\programfiler\Fellesfiler\Ahead

2008-12-15 15:43 . 2008-12-15 15:43 <DIR> d-------- c:\programfiler\Ahead

2008-12-15 15:43 . 2004-07-26 17:16 1,568,768 --------- c:\windows\system32\ImagX7.dll

2008-12-15 15:43 . 2004-07-26 17:16 476,320 --------- c:\windows\system32\ImagXpr7.dll

2008-12-15 15:43 . 2004-07-26 17:16 471,040 --------- c:\windows\system32\ImagXRA7.dll

2008-12-15 15:43 . 2004-07-26 17:16 262,144 --------- c:\windows\system32\ImagXR7.dll

2008-12-15 15:43 . 2001-07-09 11:50 155,648 --a------ c:\windows\system32\NeroCheck.exe

2008-12-15 15:43 . 2000-06-26 11:45 106,496 --a------ c:\windows\system32\TwnLib20.dll

2008-12-15 02:19 . 2008-12-15 02:19 <DIR> d-------- c:\programfiler\Logitech

2008-12-15 02:11 . 2006-06-14 06:56 12,288 -ra------ c:\windows\system32\drivers\EIO.sys

2008-12-14 13:08 . 2008-12-14 13:08 <DIR> d-------- c:\windows\system32\nb-no

2008-12-14 13:06 . 2006-10-16 16:10 23,856 --a------ c:\windows\system32\spupdsvc.exe

2008-12-14 13:03 . 2008-10-16 21:33 6,242,304 --a--c--- c:\windows\system32\dllcache\ieframe.dll

2008-12-14 13:03 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat

2008-12-14 13:03 . 2007-03-08 06:11 999,424 --a--c--- c:\windows\system32\dllcache\ieframe.dll.mui

2008-12-14 13:03 . 2008-10-16 21:33 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-07 11:32 --------- d-----w c:\documents and settings\turboseng\Programdata\uTorrent

2009-01-06 13:55 --------- d--h--w c:\programfiler\InstallShield Installation Information

2009-01-04 11:33 --------- d-----w c:\programfiler\Winamp

2008-12-27 20:08 11,973 ----a-w c:\windows\system32\drivers\secdrv.sys

2008-12-27 12:53 --------- d-----w c:\documents and settings\All Users\Programdata\Spybot - Search & Destroy

2008-12-23 13:21 98,304 ----a-w c:\windows\DUMP43cf.tmp

2008-12-23 12:14 98,304 ----a-w c:\windows\DUMP44f8.tmp

2008-12-23 12:10 --------- d-----w c:\programfiler\Fellesfiler\Wise Installation Wizard

2008-12-22 00:53 --------- d-----w c:\programfiler\MSN Messenger

2008-12-12 13:56 --------- d-----w c:\programfiler\Fellesfiler\InstallShield

2008-12-09 13:14 --------- d-----w c:\programfiler\Spybot - Search & Destroy

2008-12-09 12:52 --------- d-----w c:\programfiler\uTorrent

2008-12-09 12:39 --------- d-----w c:\programfiler\Creative

2008-12-09 12:28 --------- d-----w c:\documents and settings\All Users\Programdata\Lavasoft

2008-12-09 12:27 --------- d-----w c:\programfiler\Lavasoft

2008-12-09 12:21 --------- d-----w c:\programfiler\VideoLAN

2008-12-09 12:19 --------- d-----w c:\programfiler\Sygate

2008-12-09 12:06 --------- d-----w c:\programfiler\Opera

2008-12-09 11:58 21,275 ----a-w c:\windows\system32\drivers\AegisP.sys

2008-12-09 11:57 --------- d-----w c:\programfiler\RALINK

2008-12-09 11:33 --------- d-----w c:\programfiler\Elektroniske tjenester

2008-12-09 11:32 --------- d-----w c:\programfiler\Fellesfiler\Tjenester

.

 

------- Sigcheck -------

 

2008-04-14 17:22 578560 b8415b9580a5dcaa9abcc639d0a911af c:\windows\SoftwareDistribution\Download\cd62ef3ee4f9db0ae17e694ed1451f62\user32.dll

2006-02-15 18:46 548352 b26f42911ad36c42a90ca30cb1981c5a c:\windows\system32\user32.dll

2006-02-15 18:46 577024 734af317dbb41621d52e2bd2d03ab96f c:\windows\Tango Patcher 2600\Backup\user32.dll

 

2008-08-14 14:27 2067840 e5a25bed1df98e6f8274e9ce357d4a26 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe

2008-08-14 19:28 2067840 9fb08d3eac41e7cdf0c1f5ad39f8e691 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe

2006-02-15 18:55 2016768 6f873a52988e35265f6e1a796b3e72fe c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe

2008-08-14 14:27 2067840 e5a25bed1df98e6f8274e9ce357d4a26 c:\windows\Driver Cache\i386\ntkrnlpa.exe

2008-08-14 14:48 2059520 703a1c32ecda09c2c8e42d5c7eb509e2 c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP2GDR\ntkrnlpa.exe

2008-08-14 14:41 2064768 eb70cfbc33b2ca74a46a8ae6cdd5cda8 c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP2QFE\ntkrnlpa.exe

2008-08-14 14:27 2067840 e5a25bed1df98e6f8274e9ce357d4a26 c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP3GDR\ntkrnlpa.exe

2008-08-14 19:28 2067840 9fb08d3eac41e7cdf0c1f5ad39f8e691 c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP3QFE\ntkrnlpa.exe

2008-04-14 16:53 2067584 4f49d85bcc90a2298b820a3f8af033fc c:\windows\SoftwareDistribution\Download\cd62ef3ee4f9db0ae17e694ed1451f62\ntkrnlpa.exe

2009-01-03 13:40 2196480 fbc2607a49fc42555452d80a33e6a548 c:\windows\system32\ntkrnlpa.exe

2008-08-14 14:27 2196480 54e7719c767bfc44f1f5a1efddfbe35d c:\windows\system32\dllcache\ntkrnlpa.exe

2008-08-14 14:27 2025984 47c908ee474fd30b06ce5dfcc6d23b88 c:\windows\Tango Patcher 2600\Backup\ntkrnlpa.exe

 

2008-08-14 14:27 2190976 9338a52be6f5e080f03b9deecc6ea3c6 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe

2008-08-14 19:28 2190976 ccceaccdf603068fb5fea158356d1ec8 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe

2006-02-15 18:46 2137088 49406d0319926950f071f25fc7a06102 c:\windows\$NtUninstallKB956841$\ntoskrnl.exe

2008-08-14 14:27 2190976 9338a52be6f5e080f03b9deecc6ea3c6 c:\windows\Driver Cache\i386\ntoskrnl.exe

2008-08-14 14:48 2182144 9ccac6fa990d7303cac9e662093a4552 c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP2GDR\ntoskrnl.exe

2008-08-14 14:41 2187776 7a4c75cb308f31d1a5fec623ff2e6fbc c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP2QFE\ntoskrnl.exe

2008-08-14 14:27 2190976 9338a52be6f5e080f03b9deecc6ea3c6 c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP3GDR\ntoskrnl.exe

2008-08-14 19:28 2190976 ccceaccdf603068fb5fea158356d1ec8 c:\windows\SoftwareDistribution\Download\5c603d7d1822fa8f9e01a1deade10678\SP3QFE\ntoskrnl.exe

2008-04-14 16:53 2190720 c4702e299690c718c0d4e5dca0db314c c:\windows\SoftwareDistribution\Download\cd62ef3ee4f9db0ae17e694ed1451f62\ntoskrnl.exe

2009-01-03 13:40 2317824 cb1e39143233f3c688b42fa8b6f2a0cc c:\windows\system32\ntoskrnl.exe

2008-08-14 14:27 2317824 0a7e72350d700a9beec2f88584ee8fc5 c:\windows\system32\dllcache\ntoskrnl.exe

2008-08-14 14:27 2147328 8517c5c6ed0846c09c92788cdf6155b9 c:\windows\Tango Patcher 2600\Backup\ntoskrnl.exe

 

2006-02-15 18:44 997888 d4b3a7ab674e538b1022d1d05d84212d c:\windows\explorer.exe

2008-04-14 17:22 1033728 8059c34b6f4758f678e975665eadfd87 c:\windows\SoftwareDistribution\Download\cd62ef3ee4f9db0ae17e694ed1451f62\explorer.exe

2006-02-15 18:44 1032192 d68a5079c4ec19dc191721b48527bce5 c:\windows\Tango Patcher 2600\Backup\explorer.exe

 

2008-04-14 17:23 111616 c0b59be000b7cedbf84a88f958e492db c:\windows\SoftwareDistribution\Download\cd62ef3ee4f9db0ae17e694ed1451f62\wuauclt.exe

2008-10-16 14:09 66584 7e6e47a4df80869bcdd9d10199ead853 c:\windows\system32\wuauclt.exe

2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\Tango Patcher 2600\Backup\wuauclt.exe

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="c:\programfiler\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]

"Creative Detector"="c:\programfiler\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]

"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-12-10 216520]

"Skype"="c:\programfiler\Skype\Phone\Skype.exe" [2008-11-07 21633320]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"MSMSGS"="c:\programfiler\Messenger\msmsgs.exe" [2004-08-04 1694208]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-19 13500416]

"CTSysVol"="c:\programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-02-15 57344]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"Adobe Photo Downloader"="c:\programfiler\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe" [2008-03-06 61440]

"LogitechCommunicationsManager"="c:\programfiler\Fellesfiler\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]

"LogitechQuickCamRibbon"="c:\programfiler\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2008-12-17 136600]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-19 86016]

"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"BootSkin Startup Jobs"="c:\progra~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [2004-04-26 270336]

"QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2009-01-06 155648]

"nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe]

"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nlsf"="move" [X]

"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-03 44544]

 

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

Ralink Wireless Utility.lnk - c:\programfiler\RALINK\Common\RaUI.exe [2008-12-09 618496]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=edtiyq.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Realtek RTL8187 Wireless Network Driver and Utility.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\Realtek RTL8187 Wireless Network Driver and Utility.lnk

backup=c:\windows\pss\Realtek RTL8187 Wireless Network Driver and Utility.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Tango Patcher 2600 Reloader.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\Tango Patcher 2600 Reloader.lnk

backup=c:\windows\pss\Tango Patcher 2600 Reloader.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\uTorrent\\uTorrent.exe"=

"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

"c:\\Programfiler\\Microsoft Games\\Age of Empires III\\age3.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\MSN Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\MSN Messenger\\livecall.exe"=

"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=

 

R4 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\programfiler\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]

S0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys --> \SystemRoot\\SystemRoot\System32\drivers\vidstub.sys [?]

.

- - - - TOMME PEKERE FJERNET - - - -

 

BHO-{0e8724d6-94b5-46e7-9210-93b9f5d95ac9} - c:\windows\system32\edtiyq.dll

BHO-{4846BDDF-13FF-4EC7-9048-4D190C452D0B} - c:\windows\system32\khfFULDw.dll

 

 

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.daemon-search.com/startpage

uInternet Settings,ProxyOverride = *.local

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-07 15:47:59

Windows 5.1.2600 Service Pack 3 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vsdatant]

"ImagePath"=""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-1957994488-1303643608-839522115-1003\Software\SecuROM\License information*NULL*]

"datasecu"=hex:34,7f,90,71,10,c2,f6,9f,59,a1,9c,28,c8,a5,72,18,ba,3f,be,8a,4b,\

19,8c,07,01,ac,38,f5,db,6f,1f,5c,d6,a0,f5,f4,1a,19,86,f5,b2,05,0a,98,52,4d,\

ca,6a,28,d7,ee,80,76,7f,10,d3,06,23,56,db,dc,55,24,fb,3e,68,2d,03,66,9d,97,\

0c,d4,0b,f7,98,bf,c6,fd,69,81,2c,c2,51,be,f3,d7,f2,47,a0,3b,50,3a,1f,97,c0,\

6f,71,ce,b3,93,ea,2e,ae,2f,12,87,b0,bc,c0,c7,78,d0,87,51,8c,60,ef,8b,97,60,\

df,ef,01,48,a5,b4,4f,98,20,cd,62,93,91,57,d6,f3,fb,68,03,80,68,f8,f6,de,d7,\

6d,19,5d,2a,36,61,f7,10,82,9c,70,10,ff,b9,25,1c,5c,8a,30,18,85,6b,ef,85,a8,\

ce,a3,3a,0f,04,8c,b4,b2,d8,f9,e1,a4,67,79,80,73,d1,d7,1d,06,ce,23,0c,38,ad,\

04,07,cd,c5,39,21,2e,30,c2,92,47,db,1d,53,f7,4d,eb,17,c5,83,c0,cb,c3,c7,df,\

f3,fa,b3,02,b9,a4,b0,0a,98,70,57,5b,e0,40,5b,60,d8,38,a0,55,94,26,4c,db,92,\

aa,0f,8d,e2,a1,49,a8,0c,27,80,04,ad,73,c9,95,23,f3,13,a2,c7,fe,9a,25,53,ea,\

bc,b9,d5,f5,5a,cd,ff,71,1e,6a,c4,33,e7,0f,f1,54,b3,9d,22,3e,02,39,03,05,52,\

4b,17,1d,85,0f,1a,12,1c,ec,f2,ef,47,d6,9b,6f,6b,d1,3e,69,51,c9,48,68,26,63,\

12,86,03,07,4a,20,64,3d,40,f6,b5,46,24,75,48,84,2e,38,46,c7,0c,9b,b8,43,24,\

30,93,be,d4,e7,38,dd,5d,31,d6,02,cd,92,b5,23,79,20,a9,0b,72,db,84,da,c3,5f,\

56,f7,3d,0b,86,2c,b5,82,7c,a8,39,f0,ec,7f,b6,b5,1d,d1,fe,9f,13,ae,1b,db,b2,\

fc,88,da,16,2f,d7,9c,9e,f9,0f,3c,ac,df,ae,5b,f0,0d,ef,02,54,24,28,0d,15,b7,\

71,69,6a,37,16,03,48,21,c7,70,5c,08,44,25,22,11,eb,02,72,10,e1,4b,3b,6e,38,\

b5,90,4e,12,21,21,a1,7f,18,95,c9,ce,68,f0,75,35,13,c2,ae,8c,e5,7a,3c,ed,24,\

8e,5e,c1,33,8c,f2,2d,fe,b7,3d,91,d0,c9,c2,f3,d5,d8,49,d3,e3,c4,44,43,b3,cd,\

75,de,cb,e9,6b,17,77,0f,90,b9,f5,c7,8c,77,e0,a0,e0,b0,ec,c7,b6,b4,cf,60,b1,\

c0,a9,3c,f8,13,b6,89,42,2d,39,3b,ed,34,3e,e0,2d,ba,d2,16,67,71,c3,e6,f6,9e,\

13,55,54,b5,b7,b2,bb,b0,b3,fc,53,9b,0b,04,93,ab,c9,14,3c,34,72,31,b7,42,4e,\

70,ad,80,9b,e7,a4,b6,c3,3a,81,60,c0,38,18,9c,db,45,75,be,c9,94,78,f5,31,39,\

37,49,95,bd,65,37,32,8f,29,ca,ee,f4,e1,fd,e3,ee,41,7e,b5,b2,a8,df,cf,45,fc,\

1c,4d,15,31,71,cd,92,3d,63,34,02,b9,bd,a3,03,47,77,c6,ec,0c,a6,3a,20,dd,87,\

89,47,04,28,13,77,c6,36,d6,3e,74,19,34,46,7a,96,42,43,f8,45,84,95,7d,c7,70,\

b4,8d,80,b7,05,b4,f2,78,bf,9a,83,9e,60,97,f5,82,2a,2b,1f,c1,bd,03,0f,d0,34,\

b2,a1,33,c4,e3,3a,df,20,4f,66,96,fd,e0,ee,32,66,a1,79,98,84,34,80,4a,bc,2b,\

1b,83,33,fc,2b,a5,67,9a,81,1c,87,fd,03,0e,fd,e0,67,3b,50,83,17,2e,f6,fd,6b,\

3a,96,1f,2b,af,e9,b8,cf,e7,c2,47,a0,20,91,cf,a5,02,b4,8a,7f,6f,67,1f,8a,43,\

9d,e1,cd,b4,07,e3,cb,79,ba,a3,87,29,a8,38,25,dc,3d,87,07,d7,4c,7d,7d,43,65,\

d1,46,f9,b6,a6,5b,52,4f,a5,12,5a,03,90,46,87,56,f0,64,20,2f,26,0f,f3,9d,bc,\

78,82,78,fd,b0,5d,ae,70,68,9e,c2,1f,61,26,07,7f,e7,65,db,fc,3c,24,fd,0b,7e,\

c2,8c,cb,ac,ce,3f,cb,a4,c6,37,fb

"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

.

------------------------ Andre Kjørende Prosesser ------------------------

.

c:\windows\system32\savedump.exe

c:\programfiler\Sygate\SPF\Smc.exe

c:\programfiler\Lavasoft\Ad-Aware\aawservice.exe

c:\programfiler\Fellesfiler\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\programfiler\Bonjour\mDNSResponder.exe

c:\windows\system32\CTSVCCDA.EXE

c:\programfiler\Java\jre6\bin\jqs.exe

c:\programfiler\Fellesfiler\LogiShrd\LVCOMSER\LVComSer.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\rundll32.exe

c:\programfiler\Fellesfiler\LogiShrd\LVCOMSER\LVComSer.exe

c:\programfiler\Fellesfiler\LogiShrd\LQCVFX\COCIManager.exe

c:\programfiler\Skype\Plugin Manager\skypePM.exe

.

**************************************************************************

.

Tidspunkt ferdig: 2009-01-07 15:51:30 - maskinen ble startet på nytt

ComboFix-quarantined-files.txt 2009-01-07 14:51:27

 

Pre-Run: 233 178 525 696 byte ledig

Post-Run: 235,095,568,384 byte ledig

 

WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

401 --- E O F --- 2008-12-22 00:59:33

[raWrz]

fant Mbam noe?

hvis den fant noe ville det hvert fint med den loggen den lager

[znace]

tokk en HijackThis test og fikk en logg jeg sendte te en kamerat. han ba meg slette en del så nå fungerer alt som det skal:)

 

sak løst

[snippsat]

tokk en HijackThis test og fikk en logg jeg sendte te en kamerat. han ba meg slette en del så nå fungerer alt som det skal:)

 

sak løst

Nei hadde han skjønt noe av dette hadde han bett det fortsette her.

Combofix slett over 50 filer og du har noe mere som må sjekkes opp.

Vi må også avinnstalere combofix etter bruk.

 

Scann denne filen her Virustotal

c:\windows\IxoVMRmv.exe

 

Kopiere fet tekst under bildet->åpne notisblokk og lim inn.

Lagre på skrivebordet som CFScript.txt

Gjør som på bildet combofix vil starte,Post logg c:\combofix.txt

 

File::

c:\windows\DUMP43cf.tmp

c:\windows\DUMP44f8.tmp

 

Registry::

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=-

Endret 7. januar 2009 av SNIPPSAT