[LØST]Vista/AvastA. 4.8 pro/SAS - problem

rstrr · 26. mai 2008

Får en melding ved start av SAS fra AvastAntivirus:

Malware: Win32:Trojan-gen(Other)

Maltype: Virus/Orm

VPS Versjon:080526-0 26.05.2008

Scanned med antivirusprogram og fikk fjernet 'ormen'. Men da jeg ville kjøre SAS på nytt fikk samme melding. Fikk installere SAS først på nytt. Dette har ikke skjedt før. Er det feil i SASen min?

Endret 27. mai 2008 av rstrr

snippsat · 26. mai 2008

Last Combofix ned ,legg på skrivebordet.

Ikke klikk på vindu mens programet kjører.

post logg C:\combofix.txt

rstrr · 27. mai 2008

Last Combofix ned ,legg på skrivebordet.
Ikke klikk på vindu mens programet kjører.

post logg C:\combofix.txt

Så ser ut min XPm/Antivir. maskinen virker tre også.

ComboFix 08-05-25.5 - Administrator 2008-05-27 11:15:47.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.458 [GMT 2:00]

Running from: C:\Documents and Settings\Administrator\Mine dokumenter\Downloads\Programs\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2008-04-27 to 2008-05-27 )))))))))))))))))))))))))))))))

.

2008-05-26 10:05 . 2008-05-27 11:10 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste

2008-05-22 19:01 . 2008-05-22 19:07 <DIR> d-------- C:\Programfiler\foobar2000

2008-05-22 19:01 . 2008-05-23 00:29 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\foobar2000

2008-05-12 14:56 . 2008-02-15 17:12 206,256 --a------ C:\WINDOWS\system32\idmmbc.dll

2008-05-11 18:23 . 2008-05-12 11:52 <DIR> d-------- C:\Programfiler\uTorrent

2008-05-11 18:23 . 2008-05-26 03:41 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\uTorrent

2008-05-11 13:10 . 2008-05-11 13:13 <DIR> d-------- C:\WINDOWS\ServicePackFiles

2008-05-10 22:17 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\DNA

2008-05-10 22:05 . 2008-05-10 23:19 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE

2008-05-10 21:54 . 2008-05-10 23:20 <DIR> d-------- C:\Programfiler\FlashGet

2008-05-10 21:48 . 2008-05-25 11:17 <DIR> d-------- C:\Programfiler\Internet Download Manager

2008-05-10 21:48 . 2008-05-25 11:16 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\IDM

2008-05-10 21:48 . 2008-05-27 10:46 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\DMCache

2008-05-10 20:17 . 2008-05-10 20:17 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-05-10 16:22 . 2008-05-10 16:22 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe

2008-05-10 16:17 . 2008-05-10 16:20 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\AdobeUM

2008-05-07 14:35 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Microsoft CAPICOM 2.1.0.2

2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\no

2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\bits

2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\l2schemas

2008-05-07 12:34 . 2008-04-14 17:43 1,845,632 --a------ C:\WINDOWS\system32\win32k.sys

2008-05-07 12:33 . 2008-04-14 17:53 2,146,816 --a------ C:\WINDOWS\system32\ntoskrnl.exe

2008-05-07 12:22 . 2004-08-03 22:29 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys

2008-05-07 12:21 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty

2008-05-06 17:42 . 2008-05-22 10:04 <DIR> d-------- C:\Programfiler\Winamp Remote

2008-05-06 17:42 . 2008-05-16 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\OrbNetworks

2008-05-06 17:41 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\Winamp

2008-05-06 17:41 . 2008-05-09 10:49 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Winamp

2008-05-06 17:41 . 2007-03-08 01:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll

2008-05-06 17:41 . 2007-03-08 01:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys

2008-05-06 17:41 . 2007-03-08 01:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys

2008-05-06 16:41 . 2008-05-06 16:41 <DIR> d-------- C:\Programfiler\Thecus

2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Programfiler\SqueezeCenter

2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SqueezeCenter

2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Programfiler\COMODO

2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Comodo

2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Programfiler\Avira

2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Avira

2008-05-06 14:32 . 2008-05-08 12:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\VersionTracker Pro

2008-05-06 13:43 . 2008-05-24 20:02 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware

2008-05-06 13:43 . 2008-05-06 13:43 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com

2008-05-06 13:43 . 2008-05-10 20:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SUPERAntiSpyware.com

2008-05-06 00:18 . 2008-05-06 00:18 <DIR> d-------- C:\Programfiler\Trend Micro

2008-05-05 11:43 . 2008-05-05 11:43 <DIR> d--h----- C:\Documents and Settings\All Users\Programdata\CanonBJ

2008-05-05 11:43 . 2005-08-25 22:00 8,704 --a------ C:\WINDOWS\system32\CNMVS7L.DLL

2008-05-05 11:41 . 2005-08-25 22:00 140,288 --a------ C:\WINDOWS\system32\CNMLM7L.DLL

2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanWizard

2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanAppDataDir

2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\ScanSoft

2008-05-05 11:23 . 2008-05-05 11:23 528 --a------ C:\WINDOWS\MAXLINK.INI

2008-05-05 11:22 . 2008-05-05 11:22 <DIR> d-------- C:\Programfiler\ScanSoft

2008-05-05 11:22 . 2008-05-05 11:23 <DIR> d-------- C:\Programfiler\Fellesfiler\ScanSoft Shared

2008-05-05 11:19 . 2008-05-05 11:19 <DIR> d-------- C:\Programfiler\ArcSoft

2008-05-05 11:19 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL

2008-05-05 11:01 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe

2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d--h----- C:\WINDOWS\system32\CanonMP Uninstaller Information

2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d-------- C:\WINDOWS\StartHtmico

2008-05-05 10:59 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-05-05 10:59 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-05-05 10:59 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-05-05 10:58 . 2008-05-05 10:58 <DIR> d--h----- C:\CanonMP

2008-05-05 10:58 . 2005-08-30 06:22 221,184 --a------ C:\WINDOWS\system32\CNCC500.DLL

2008-05-05 10:58 . 2005-05-30 12:47 139,264 --a------ C:\WINDOWS\system32\CNCL500.DLL

2008-05-05 10:58 . 2005-08-30 06:22 69,632 --a------ C:\WINDOWS\system32\CNCI500.DLL

2008-05-05 10:58 . 2005-08-30 06:23 49,152 --a------ C:\WINDOWS\system32\cncisco.dll

2008-05-05 10:57 . 2008-05-05 11:07 <DIR> d-------- C:\Programfiler\Canon

2008-05-04 17:18 . 2008-05-10 23:31 <DIR> d-a------ C:\Documents and Settings\All Users\Programdata\TEMP

2008-05-04 17:13 . 2008-05-04 17:13 <DIR> d-------- C:\Programfiler\CCleaner

2008-05-04 17:01 . 2008-05-04 17:10 <DIR> d-------- C:\Documents and Settings\Administrator\Contacts

2008-05-04 17:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2008-05-04 17:00 . 2008-05-04 17:00 <DIR> d-------- C:\Programfiler\Microsoft SQL Server Compact Edition

2008-05-04 16:06 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Windows Live

2008-05-04 16:06 . 2008-05-04 16:58 <DIR> d--hsc--- C:\Programfiler\Fellesfiler\WindowsLiveInstaller

2008-05-04 16:06 . 2008-05-04 16:57 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WLInstaller

2008-05-04 16:00 . 2008-05-04 16:00 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2008-04-28 15:41 . 2008-04-28 15:41 <DIR> d-------- C:\Programfiler\Pure Networks

2008-04-28 15:40 . 2008-05-04 17:00 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE

2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Programfiler\Fellesfiler\Pure Networks Shared

2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Pure Networks

2008-04-28 15:40 . 2008-01-08 17:16 25,272 --a------ C:\WINDOWS\system32\drivers\purendis.sys

2008-04-28 15:40 . 2008-01-08 17:16 23,992 --a------ C:\WINDOWS\system32\drivers\pnarp.sys

2008-04-27 02:17 . 2008-04-27 02:17 <DIR> d-------- C:\WINDOWS\i386

2008-04-27 02:17 . 2008-04-27 02:17 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-10 21:59 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared

2008-05-05 09:19 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-04-27 12:42 --------- d-----w C:\Programfiler\Google

2008-04-27 00:06 --------- d-----w C:\Programfiler\Windows Media Connect

2008-04-27 00:05 --------- d-----w C:\Programfiler\Synaptics

2008-04-27 00:05 --------- d-----w C:\Programfiler\Sonic

2008-04-27 00:05 --------- d-----w C:\Programfiler\microsoft frontpage

2008-04-27 00:04 --------- d-----w C:\Programfiler\Hp

2008-04-27 00:04 --------- d-----w C:\Programfiler\Hewlett-Packard

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fingerprint Sensor

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\TiVo Shared

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\SureThing Shared

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Sonic Shared

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\LightScribe

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Java

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield

2008-04-27 00:04 --------- d-----w C:\Programfiler\Elektroniske tjenester

2008-04-27 00:04 --------- d-----w C:\Programfiler\Analog Devices

2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\InstallShield

2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\hpqLog

2008-04-26 18:27 --------- d-----w C:\Programfiler\Java

2008-04-26 16:50 --------- d-----w C:\Programfiler\WIDCOMM

2008-04-26 16:49 --------- d-----w C:\Programfiler\InterVideo

2008-04-26 16:48 1,829 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_HP Compaq nx7400 (RH405EA#ABN)_YN_0U_QCNU72517M6_E410313093_46_I30A2_SHP_VKBC Version 40.17_B68YGU Ver. F.0B_T070418_WXP2_L414_M1016_J80_7Intel_8Core2 T5600_91.83_#080426_N14E4170C_(RH405EA#ABN).MRK

2008-04-26 16:47 --------- d-----w C:\Programfiler\Snarveier til programmer

2008-04-26 16:44 --------- d-----w C:\Programfiler\HPQ

2008-04-14 16:39 1,804 ----a-w C:\WINDOWS\system32\dcache.bin

2008-04-14 16:26 330,752 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 16:22 996,352 ----a-w C:\WINDOWS\system32\msgina.dll

2008-04-14 16:21 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll

2008-04-14 16:20 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll

2008-04-14 16:19 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll

2008-04-14 16:19 568,320 ----a-w C:\WINDOWS\system32\gpedit.dll

2008-04-14 16:19 3,584 ----a-w C:\WINDOWS\system32\icmp.dll

2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll

2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll

2008-04-14 16:19 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll

2008-04-14 16:19 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll

2008-04-14 15:56 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys

2008-04-14 15:56 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys

2008-04-14 15:55 80,000 ----a-w C:\WINDOWS\system32\drivers\parport.sys

2008-04-14 15:55 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys

2008-04-14 15:55 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys

2008-04-14 15:53 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 15:52 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 15:50 799,872 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys

2008-04-14 15:50 24,448 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys

2008-04-14 15:50 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys

2008-04-14 15:50 14,592 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys

2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll

2008-04-14 15:49 37,376 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys

2008-04-14 15:48 77,312 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 15:48 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys

2008-04-14 15:48 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys

2008-04-14 15:48 40,192 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys

2008-04-14 15:47 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 15:47 47,616 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 15:46 64,640 ----a-w C:\WINDOWS\system32\drivers\serial.sys

2008-04-14 15:45 51,840 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys

2008-04-14 15:44 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys

2008-04-14 15:43 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 15:43 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys

2008-04-14 15:43 273,152 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-04-14 15:42 65,024 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-14 15:41 52,480 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys

2008-04-14 15:41 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys

2008-04-14 15:41 39,680 ----a-w C:\WINDOWS\system32\drivers\processr.sys

2008-04-14 15:39 41,600 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys

2008-04-14 15:39 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys

2008-04-14 15:38 22,912 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys

2008-04-14 15:37 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys

2008-04-14 15:37 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys

2008-04-14 07:23 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe

2008-04-14 07:22 987,136 ----a-w C:\WINDOWS\system32\setupapi.dll

2008-04-14 07:22 423,936 ----a-w C:\WINDOWS\system32\licdll.dll

2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys

2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys

2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys

2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys

2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys

2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys

2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys

2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys

2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys

2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys

2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys

2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys

2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys

2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys

2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys

2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys

2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys

2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys

2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys

2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:22 15360]

"swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-04 16:00 68856]

"MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

"Orb"="C:\Programfiler\Winamp Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904]

"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-24 20:02 1510640]

"IDMan"="C:\Programfiler\Internet Download Manager\IDMan.exe" [2008-05-12 15:03 2598320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="regsvr32 /s mqrt.dll" []

"SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [2005-05-20 10:11 925696]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"PTHOSTTR"="C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2006-02-14 11:56 122880]

"HP Software Update"="C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]

"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-31 05:20 122940]

"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 20:04 761945]

"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 14:17 94208]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 14:13 77824]

"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 14:17 118784]

"hpWirelessAssistant"="C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 10:49 454656]

"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 20:12 17920]

"QlbCtrl"="C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 15:39 131072]

"Cpqset"="C:\Programfiler\HPQ\Default Settings\cpqset.exe" [2006-02-22 08:03 40960]

"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 15:51 1187840]

"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-01-23 16:11 802816]

"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-02-15 15:43 892928]

"WatchDog"="C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 11:59 184320]

"nmctxth"="C:\Programfiler\Fellesfiler\Pure Networks Shared\Platform\nmctxth.exe" [2008-01-08 17:20 451896]

"nmapp"="C:\Programfiler\Pure Networks\Network Magic\nmapp.exe" [2008-01-18 10:32 451896]

"OpwareSE2"="C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]

"OPSE reminder"="C:\Programfiler\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [2003-07-07 09:29 729088]

"avgnt"="C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-06 14:44 262401]

"WinampAgent"="C:\Programfiler\Winamp\winampa.exe" [2008-04-01 20:49 36352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 18:22 15360]

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2006-02-15 16:16:02 581693]

DVD Check.lnk - C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe [2008-04-26 18:49:05 184320]

Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]

SqueezeCenter Tray Tool.lnk - C:\Programfiler\SqueezeCenter\SqueezeTray.exe [2008-05-06 16:18:34 1740887]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-24 20:02 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll 2005-07-25 20:41 40960 C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\WINDOWS\\system32\\mqsvc.exe"=

"C:\\WINDOWS\\SMINST\\Scheduler.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\Messenger\\msmsgs.exe"=

"C:\\Programfiler\\Winamp Remote\\bin\\Orb.exe"=

"C:\\Programfiler\\Winamp Remote\\bin\\OrbTray.exe"=

"C:\\Programfiler\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

"C:\\Programfiler\\DNA\\btdna.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Programfiler\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"67:UDP"= 67:UDP:DHCP Discovery Service

"9000:TCP"= 9000:TCP:SqueezeCenter 9000 tcp

"3483:UDP"= 3483:UDP:SqueezeCenter 3483 udp

"3483:TCP"= 3483:TCP:SqueezeCenter 3483 tcp

R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe [2008-04-14 18:23]

R2 SqueezeMySQL;SqueezeMySQL;C:\PROGRA~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe [2008-03-03 10:49]

S2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASChannel

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-27 11:17:08

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = C:\Programfiler\HPQ\Default Settings\cpqset.exe??????? ???@???????????????@??????[??????(?@???????@

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-05-27 11:17:57

ComboFix-quarantined-files.txt 2008-05-27 09:17:54

Pre-Run: 52,039,839,744 byte ledig

Post-Run: 52,038,377,472 byte ledig

290

rstrr · 27. mai 2008

Last Combofix ned ,legg på skrivebordet.
Ikke klikk på vindu mens programet kjører.

post logg C:\combofix.txt

Så ser ut min XPm/Antivir. maskinen virker tre også.

ComboFix 08-05-25.5 - Administrator 2008-05-27 11:15:47.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.458 [GMT 2:00]

Running from: C:\Documents and Settings\Administrator\Mine dokumenter\Downloads\Programs\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2008-04-27 to 2008-05-27 )))))))))))))))))))))))))))))))

.

2008-05-26 10:05 . 2008-05-27 11:10 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste

2008-05-22 19:01 . 2008-05-22 19:07 <DIR> d-------- C:\Programfiler\foobar2000

2008-05-22 19:01 . 2008-05-23 00:29 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\foobar2000

2008-05-12 14:56 . 2008-02-15 17:12 206,256 --a------ C:\WINDOWS\system32\idmmbc.dll

2008-05-11 18:23 . 2008-05-12 11:52 <DIR> d-------- C:\Programfiler\uTorrent

2008-05-11 18:23 . 2008-05-26 03:41 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\uTorrent

2008-05-11 13:10 . 2008-05-11 13:13 <DIR> d-------- C:\WINDOWS\ServicePackFiles

2008-05-10 22:17 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\DNA

2008-05-10 22:05 . 2008-05-10 23:19 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE

2008-05-10 21:54 . 2008-05-10 23:20 <DIR> d-------- C:\Programfiler\FlashGet

2008-05-10 21:48 . 2008-05-25 11:17 <DIR> d-------- C:\Programfiler\Internet Download Manager

2008-05-10 21:48 . 2008-05-25 11:16 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\IDM

2008-05-10 21:48 . 2008-05-27 10:46 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\DMCache

2008-05-10 20:17 . 2008-05-10 20:17 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-05-10 16:22 . 2008-05-10 16:22 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe

2008-05-10 16:17 . 2008-05-10 16:20 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\AdobeUM

2008-05-07 14:35 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Microsoft CAPICOM 2.1.0.2

2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\no

2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\bits

2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\l2schemas

2008-05-07 12:34 . 2008-04-14 17:43 1,845,632 --a------ C:\WINDOWS\system32\win32k.sys

2008-05-07 12:33 . 2008-04-14 17:53 2,146,816 --a------ C:\WINDOWS\system32\ntoskrnl.exe

2008-05-07 12:22 . 2004-08-03 22:29 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys

2008-05-07 12:21 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty

2008-05-06 17:42 . 2008-05-22 10:04 <DIR> d-------- C:\Programfiler\Winamp Remote

2008-05-06 17:42 . 2008-05-16 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\OrbNetworks

2008-05-06 17:41 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\Winamp

2008-05-06 17:41 . 2008-05-09 10:49 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Winamp

2008-05-06 17:41 . 2007-03-08 01:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll

2008-05-06 17:41 . 2007-03-08 01:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys

2008-05-06 17:41 . 2007-03-08 01:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys

2008-05-06 16:41 . 2008-05-06 16:41 <DIR> d-------- C:\Programfiler\Thecus

2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Programfiler\SqueezeCenter

2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SqueezeCenter

2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Programfiler\COMODO

2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Comodo

2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Programfiler\Avira

2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Avira

2008-05-06 14:32 . 2008-05-08 12:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\VersionTracker Pro

2008-05-06 13:43 . 2008-05-24 20:02 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware

2008-05-06 13:43 . 2008-05-06 13:43 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com

2008-05-06 13:43 . 2008-05-10 20:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SUPERAntiSpyware.com

2008-05-06 00:18 . 2008-05-06 00:18 <DIR> d-------- C:\Programfiler\Trend Micro

2008-05-05 11:43 . 2008-05-05 11:43 <DIR> d--h----- C:\Documents and Settings\All Users\Programdata\CanonBJ

2008-05-05 11:43 . 2005-08-25 22:00 8,704 --a------ C:\WINDOWS\system32\CNMVS7L.DLL

2008-05-05 11:41 . 2005-08-25 22:00 140,288 --a------ C:\WINDOWS\system32\CNMLM7L.DLL

2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanWizard

2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanAppDataDir

2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\ScanSoft

2008-05-05 11:23 . 2008-05-05 11:23 528 --a------ C:\WINDOWS\MAXLINK.INI

2008-05-05 11:22 . 2008-05-05 11:22 <DIR> d-------- C:\Programfiler\ScanSoft

2008-05-05 11:22 . 2008-05-05 11:23 <DIR> d-------- C:\Programfiler\Fellesfiler\ScanSoft Shared

2008-05-05 11:19 . 2008-05-05 11:19 <DIR> d-------- C:\Programfiler\ArcSoft

2008-05-05 11:19 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL

2008-05-05 11:01 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe

2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d--h----- C:\WINDOWS\system32\CanonMP Uninstaller Information

2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d-------- C:\WINDOWS\StartHtmico

2008-05-05 10:59 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-05-05 10:59 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-05-05 10:59 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-05-05 10:58 . 2008-05-05 10:58 <DIR> d--h----- C:\CanonMP

2008-05-05 10:58 . 2005-08-30 06:22 221,184 --a------ C:\WINDOWS\system32\CNCC500.DLL

2008-05-05 10:58 . 2005-05-30 12:47 139,264 --a------ C:\WINDOWS\system32\CNCL500.DLL

2008-05-05 10:58 . 2005-08-30 06:22 69,632 --a------ C:\WINDOWS\system32\CNCI500.DLL

2008-05-05 10:58 . 2005-08-30 06:23 49,152 --a------ C:\WINDOWS\system32\cncisco.dll

2008-05-05 10:57 . 2008-05-05 11:07 <DIR> d-------- C:\Programfiler\Canon

2008-05-04 17:18 . 2008-05-10 23:31 <DIR> d-a------ C:\Documents and Settings\All Users\Programdata\TEMP

2008-05-04 17:13 . 2008-05-04 17:13 <DIR> d-------- C:\Programfiler\CCleaner

2008-05-04 17:01 . 2008-05-04 17:10 <DIR> d-------- C:\Documents and Settings\Administrator\Contacts

2008-05-04 17:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2008-05-04 17:00 . 2008-05-04 17:00 <DIR> d-------- C:\Programfiler\Microsoft SQL Server Compact Edition

2008-05-04 16:06 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Windows Live

2008-05-04 16:06 . 2008-05-04 16:58 <DIR> d--hsc--- C:\Programfiler\Fellesfiler\WindowsLiveInstaller

2008-05-04 16:06 . 2008-05-04 16:57 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WLInstaller

2008-05-04 16:00 . 2008-05-04 16:00 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2008-04-28 15:41 . 2008-04-28 15:41 <DIR> d-------- C:\Programfiler\Pure Networks

2008-04-28 15:40 . 2008-05-04 17:00 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE

2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Programfiler\Fellesfiler\Pure Networks Shared

2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Pure Networks

2008-04-28 15:40 . 2008-01-08 17:16 25,272 --a------ C:\WINDOWS\system32\drivers\purendis.sys

2008-04-28 15:40 . 2008-01-08 17:16 23,992 --a------ C:\WINDOWS\system32\drivers\pnarp.sys

2008-04-27 02:17 . 2008-04-27 02:17 <DIR> d-------- C:\WINDOWS\i386

2008-04-27 02:17 . 2008-04-27 02:17 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-10 21:59 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared

2008-05-05 09:19 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-04-27 12:42 --------- d-----w C:\Programfiler\Google

2008-04-27 00:06 --------- d-----w C:\Programfiler\Windows Media Connect

2008-04-27 00:05 --------- d-----w C:\Programfiler\Synaptics

2008-04-27 00:05 --------- d-----w C:\Programfiler\Sonic

2008-04-27 00:05 --------- d-----w C:\Programfiler\microsoft frontpage

2008-04-27 00:04 --------- d-----w C:\Programfiler\Hp

2008-04-27 00:04 --------- d-----w C:\Programfiler\Hewlett-Packard

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fingerprint Sensor

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\TiVo Shared

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\SureThing Shared

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Sonic Shared

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\LightScribe

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Java

2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield

2008-04-27 00:04 --------- d-----w C:\Programfiler\Elektroniske tjenester

2008-04-27 00:04 --------- d-----w C:\Programfiler\Analog Devices

2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\InstallShield

2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\hpqLog

2008-04-26 18:27 --------- d-----w C:\Programfiler\Java

2008-04-26 16:50 --------- d-----w C:\Programfiler\WIDCOMM

2008-04-26 16:49 --------- d-----w C:\Programfiler\InterVideo

2008-04-26 16:48 1,829 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_HP Compaq nx7400 (RH405EA#ABN)_YN_0U_QCNU72517M6_E410313093_46_I30A2_SHP_VKBC Version 40.17_B68YGU Ver. F.0B_T070418_WXP2_L414_M1016_J80_7Intel_8Core2 T5600_91.83_#080426_N14E4170C_(RH405EA#ABN).MRK

2008-04-26 16:47 --------- d-----w C:\Programfiler\Snarveier til programmer

2008-04-26 16:44 --------- d-----w C:\Programfiler\HPQ

2008-04-14 16:39 1,804 ----a-w C:\WINDOWS\system32\dcache.bin

2008-04-14 16:26 330,752 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 16:22 996,352 ----a-w C:\WINDOWS\system32\msgina.dll

2008-04-14 16:21 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll

2008-04-14 16:20 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll

2008-04-14 16:19 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll

2008-04-14 16:19 568,320 ----a-w C:\WINDOWS\system32\gpedit.dll

2008-04-14 16:19 3,584 ----a-w C:\WINDOWS\system32\icmp.dll

2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll

2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll

2008-04-14 16:19 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll

2008-04-14 16:19 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll

2008-04-14 15:56 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys

2008-04-14 15:56 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys

2008-04-14 15:55 80,000 ----a-w C:\WINDOWS\system32\drivers\parport.sys

2008-04-14 15:55 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys

2008-04-14 15:55 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys

2008-04-14 15:53 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 15:52 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 15:50 799,872 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys

2008-04-14 15:50 24,448 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys

2008-04-14 15:50 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys

2008-04-14 15:50 14,592 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys

2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll

2008-04-14 15:49 37,376 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys

2008-04-14 15:48 77,312 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 15:48 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys

2008-04-14 15:48 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys

2008-04-14 15:48 40,192 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys

2008-04-14 15:47 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 15:47 47,616 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 15:46 64,640 ----a-w C:\WINDOWS\system32\drivers\serial.sys

2008-04-14 15:45 51,840 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys

2008-04-14 15:44 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys

2008-04-14 15:43 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 15:43 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys

2008-04-14 15:43 273,152 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-04-14 15:42 65,024 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-14 15:41 52,480 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys

2008-04-14 15:41 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys

2008-04-14 15:41 39,680 ----a-w C:\WINDOWS\system32\drivers\processr.sys

2008-04-14 15:39 41,600 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys

2008-04-14 15:39 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys

2008-04-14 15:38 22,912 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys

2008-04-14 15:37 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys

2008-04-14 15:37 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys

2008-04-14 07:23 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe

2008-04-14 07:22 987,136 ----a-w C:\WINDOWS\system32\setupapi.dll

2008-04-14 07:22 423,936 ----a-w C:\WINDOWS\system32\licdll.dll

2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys

2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys

2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys

2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys

2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys

2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys

2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys

2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys

2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys

2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys

2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys

2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys

2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys

2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys

2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys

2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys

2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys

2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys

2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys

2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:22 15360]

"swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-04 16:00 68856]

"MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

"Orb"="C:\Programfiler\Winamp Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904]

"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-24 20:02 1510640]

"IDMan"="C:\Programfiler\Internet Download Manager\IDMan.exe" [2008-05-12 15:03 2598320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="regsvr32 /s mqrt.dll" []

"SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [2005-05-20 10:11 925696]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"PTHOSTTR"="C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2006-02-14 11:56 122880]

"HP Software Update"="C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]

"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-31 05:20 122940]

"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 20:04 761945]

"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 14:17 94208]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 14:13 77824]

"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 14:17 118784]

"hpWirelessAssistant"="C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 10:49 454656]

"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 20:12 17920]

"QlbCtrl"="C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 15:39 131072]

"Cpqset"="C:\Programfiler\HPQ\Default Settings\cpqset.exe" [2006-02-22 08:03 40960]

"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 15:51 1187840]

"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-01-23 16:11 802816]

"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-02-15 15:43 892928]

"WatchDog"="C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 11:59 184320]

"nmctxth"="C:\Programfiler\Fellesfiler\Pure Networks Shared\Platform\nmctxth.exe" [2008-01-08 17:20 451896]

"nmapp"="C:\Programfiler\Pure Networks\Network Magic\nmapp.exe" [2008-01-18 10:32 451896]

"OpwareSE2"="C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]

"OPSE reminder"="C:\Programfiler\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [2003-07-07 09:29 729088]

"avgnt"="C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-06 14:44 262401]

"WinampAgent"="C:\Programfiler\Winamp\winampa.exe" [2008-04-01 20:49 36352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 18:22 15360]

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2006-02-15 16:16:02 581693]

DVD Check.lnk - C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe [2008-04-26 18:49:05 184320]

Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]

SqueezeCenter Tray Tool.lnk - C:\Programfiler\SqueezeCenter\SqueezeTray.exe [2008-05-06 16:18:34 1740887]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-24 20:02 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll 2005-07-25 20:41 40960 C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\WINDOWS\\system32\\mqsvc.exe"=

"C:\\WINDOWS\\SMINST\\Scheduler.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\Messenger\\msmsgs.exe"=

"C:\\Programfiler\\Winamp Remote\\bin\\Orb.exe"=

"C:\\Programfiler\\Winamp Remote\\bin\\OrbTray.exe"=

"C:\\Programfiler\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

"C:\\Programfiler\\DNA\\btdna.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Programfiler\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"67:UDP"= 67:UDP:DHCP Discovery Service

"9000:TCP"= 9000:TCP:SqueezeCenter 9000 tcp

"3483:UDP"= 3483:UDP:SqueezeCenter 3483 udp

"3483:TCP"= 3483:TCP:SqueezeCenter 3483 tcp

R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe [2008-04-14 18:23]

R2 SqueezeMySQL;SqueezeMySQL;C:\PROGRA~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe [2008-03-03 10:49]

S2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASChannel

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-27 11:17:08

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = C:\Programfiler\HPQ\Default Settings\cpqset.exe??????? ???@???????????????@??????[??????(?@???????@

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-05-27 11:17:57

ComboFix-quarantined-files.txt 2008-05-27 09:17:54

Pre-Run: 52,039,839,744 byte ledig

Post-Run: 52,038,377,472 byte ledig

290

Og her er Vista

ComboFix 08-05-25.5 - lINNEA04 2008-05-27 11:45:50.1 - NTFSx86

Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1044.18.152 [GMT 2:00]

Running from: C:\Users\lINNEA04\Desktop\ComboFix.exe

* Created a new restore point

.

((((((((((((((((((((((((( Files Created from 2008-04-27 to 2008-05-27 )))))))))))))))))))))))))))))))

.

No new files created in this timespan

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-27 08:43 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\OpenOffice.org2

2008-05-26 08:59 --------- d-----w C:\Program Files\SUPERAntiSpyware

2008-05-26 07:33 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2008-05-26 07:29 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\foobar2000

2008-05-26 02:51 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\uTorrent

2008-05-26 02:01 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Mp3tag

2008-05-25 20:40 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\AccurateRip

2008-05-25 20:11 --------- d-----w C:\Program Files\foobar2000

2008-05-24 20:14 --------- d-----w C:\Program Files\Uniblue

2008-05-22 07:46 --------- d-----w C:\Program Files\SqueezeCenter

2008-05-22 06:42 --------- d-----w C:\Program Files\Windows Live Safety Center

2008-05-21 11:19 --------- d-----w C:\ProgramData\SqueezeCenter

2008-05-21 06:15 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\AD ON Multimedia

2008-05-21 06:15 --------- d-----w C:\Program Files\Exact Audio Copy

2008-05-20 08:04 --------- d-----w C:\Program Files\Microsoft Silverlight

2008-05-17 22:25 --------- d-----w C:\Program Files\uTorrent

2008-05-17 14:28 0 ----a-w C:\Windows\system32\drivers\lvuvc.hs

2008-05-16 13:57 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Comodo

2008-05-16 13:57 --------- d-----w C:\Program Files\COMODO

2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys

2008-05-14 13:55 --------- d-----w C:\Program Files\Windows Mail

2008-05-11 05:57 --------- d-----w C:\Program Files\Mp3tag

2008-05-10 23:45 --------- d---a-w C:\ProgramData\TEMP

2008-05-06 23:54 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\SUPERAntiSpyware.com

2008-05-06 23:54 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com

2008-05-05 19:57 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Copernic

2008-05-05 19:57 --------- d-----w C:\Program Files\Copernic Agent

2008-05-05 19:57 --------- d-----w C:\Program Files\Common Files\Copernic

2008-05-05 07:58 --------- d-----w C:\ProgramData\Installations

2008-05-02 16:23 --------- d-----w C:\Program Files\CCleaner

2008-04-28 14:05 --------- d-----w C:\ProgramData\PC Suite

2008-04-28 04:42 --------- d-----w C:\Users\Gjest\AppData\Roaming\PC Suite

2008-04-26 22:21 --------- d-----w C:\ProgramData\eSellerate

2008-04-26 16:38 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Winamp

2008-04-26 16:00 --------- d-----w C:\Program Files\Nokia

2008-04-26 15:35 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-04-26 15:35 --------- d-----w C:\Program Files\Google

2008-04-24 08:13 --------- d-----w C:\ProgramData\Bluetooth

2008-04-24 07:20 --------- d-----w C:\Program Files\Common Files\PCSuite

2008-04-24 07:20 --------- d-----w C:\Program Files\Common Files\Nokia

2008-04-24 07:06 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Nokia

2008-04-23 18:45 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\PC Suite

2008-04-23 17:53 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Nokia Multimedia Player

2008-04-23 13:59 --------- d-----w C:\Program Files\DIFX

2008-04-23 13:58 --------- d-----w C:\Program Files\PC Connectivity Solution

2008-04-23 13:44 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

2008-04-20 11:54 --------- d-----w C:\ProgramData\Dell

2008-04-20 11:47 --------- d-----w C:\ProgramData\SupportSoft

2008-04-20 11:46 --------- d-----w C:\Program Files\Dell Support Center

2008-04-20 11:45 --------- d-----w C:\Program Files\Common Files\supportsoft

2008-04-20 10:38 --------- d-----w C:\ProgramData\PC Drivers HeadQuarters

2008-04-15 14:35 --------- d-----w C:\ProgramData\Symantec

2008-04-15 13:37 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Symantec

2008-04-15 05:58 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Uniblue

2008-04-14 23:19 --------- d-----w C:\ProgramData\CheckPoint

2008-04-14 22:29 --------- d-----w C:\Program Files\Alwil Software

2008-04-11 18:49 --------- d-----w C:\Program Files\Java

2008-04-11 06:32 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\TVU Networks

2008-04-11 06:32 --------- d-----w C:\ProgramData\TVU Networks

2008-04-04 19:02 --------- d-----w C:\Program Files\Winamp

2008-03-06 09:14 831,048 ----a-w C:\Windows\System32\WudfUpdate_01005.dll

2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll

2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll

2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll

2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe

2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe

2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll

2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll

2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys

2008-02-10 11:49 32 ----a-w C:\Users\All Users\ezsid.dat

2008-02-10 11:49 32 ----a-w C:\ProgramData\ezsid.dat

2007-10-09 14:50 174 --sha-w C:\Program Files\desktop.ini

.

------- Sigcheck -------

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896]

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 12:44 202544]

"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:34 201728]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [ ]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-04-17 19:31 159744]

"SigmatelSysTrayApp"="sttray.exe" [2007-03-06 12:37 303104 C:\Windows\sttray.exe]

"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 11:22 221184]

"RoxioDragToDisc"="C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 09:00 1116920]

"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 11:35 221184]

"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 11:37 81920]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]

"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2007-10-09 20:18 3444736]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-01-20 09:05 217088]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]

"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 12:44 16384]

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 12:44 202544]

C:\Users\lINNEA04\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 22:57:56 393216]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-09-25 19:29:53 45056]

SqueezeCenter Tray Tool.lnk - C:\Program Files\SqueezeCenter\SqueezeTray.exe [2008-05-21 13:18:35 1728599]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"LogonHoursAction"= 2 (0x2)

"DontDisplayLogonHoursWarnings"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UacDisableNotify"=dword:00000001

"InternetSettingsDisableNotify"=dword:00000001

"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"TCP Query User{10F1C0BC-0927-4235-BFD8-C9DBB1455F67}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent

"UDP Query User{375273A2-E306-45C7-A898-75FD5227B43B}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent

"{E65D2F2D-C1C9-4130-8379-48A1A25F68B8}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{8802A574-290A-443A-97D6-BD1819EBBF11}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{5E158BE1-360F-418B-A9FA-41F517F37405}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{35434D01-283A-4B2E-9DB4-58C77F8D566E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{F18CAFD7-A072-433D-AA32-52633699A987}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"{7C0F684A-39C2-433F-8A07-077940CDCB01}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"TCP Query User{C82D9089-8F19-43BD-9908-CA98D0820A6C}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{09F8F275-0F9C-4CFC-A917-73EFD878EC7A}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer

"TCP Query User{D22DD093-44D2-46B1-AC24-3A7142946FC7}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent

"UDP Query User{E96C03F4-03EE-4B23-BDF4-C1331839AF4E}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent

"TCP Query User{ED6F55B1-02A3-4DC1-A11B-5E216B3FC108}C:\\program files\\opera\\opera.exe"= UDP:C:\program files\opera\opera.exe:Opera Internet Browser

"UDP Query User{6DE6CD45-63EF-46F7-833C-067066F81316}C:\\program files\\opera\\opera.exe"= TCP:C:\program files\opera\opera.exe:Opera Internet Browser

"{89874320-78E9-4CCD-A95C-F524A93EEBEA}"= TCP:67:DHCP Discovery Service

"{142F2918-2F5E-4A9C-9333-B221B76EC4BA}"= TCP:67:DHCP Discovery Service

"TCP Query User{92AD084E-F041-454E-8F1B-D90496ABA907}C:\\program files\\thecus\\thecus setup wizard v1.1.7\\setupwizard.exe"= UDP:C:\program files\thecus\thecus setup wizard v1.1.7\setupwizard.exe:

"UDP Query User{B986CA26-4C8E-4483-84FE-D63C7B557410}C:\\program files\\thecus\\thecus setup wizard v1.1.7\\setupwizard.exe"= TCP:C:\program files\thecus\thecus setup wizard v1.1.7\setupwizard.exe:

"{B9561652-32C6-4959-901C-00C641D6FA8E}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{231CDA3A-0EF9-4BDA-823F-F7076876BE0F}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{8CCF707A-5E94-45A3-AEE8-10B1D6A43E8C}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{7274FA3F-EBB9-4AD5-B221-E8B87499E3BD}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{7B2093C1-C92E-41D6-8275-37398E38AC7F}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{EC3049CF-FF18-42D0-81E6-81308FB27664}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{38499FB4-D095-464D-A3DD-41A7885BC400}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent

"{C9E71283-C034-4665-9748-3BCFD08BD730}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent

"{3281427C-8D2F-458A-8F00-CAC2805FA758}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent

"{8B576D34-7368-4B7C-A134-6964C35B25BD}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent

"{5BEFD1D2-206D-48D7-882D-EA9F18C4FBF6}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{CE33BC94-6FDC-41DD-8DD3-890664789745}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{949380BD-3BDE-4309-AD8F-7680C754E72A}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"TCP Query User{197022E9-789D-4EAA-8FE0-8D389881F138}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer

"UDP Query User{8B04F469-918E-4B0D-804E-13EC31A30239}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer

"{DB3067BC-1EF0-461D-A691-A1BB19FC98FF}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{5D8E18F4-1273-407E-A3F9-9ED004718D7E}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil

"{B1C6FF8A-4980-4E6E-B828-682387E23332}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil

"{BCFBBE47-0D4A-4EEC-93DC-DB3DE7E8993F}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil

"{996E173A-4120-4F78-8728-FCE81E36DDA7}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil

"TCP Query User{D2780BD0-9F0E-432E-9D0E-C2E9B659A227}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"UDP Query User{A62293FD-7F43-429A-8DEC-956BC00B038D}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"TCP Query User{A5FCA9D1-39A4-4C18-BD22-4777D32F7FBE}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"UDP Query User{0466ABEF-2C27-4278-8B23-0D8444F5477A}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"{979881F1-0AD6-47BB-B817-0AA3C6F00697}"= UDP:C:\Program Files\DNA\btdna.exe:DNA

"{F4DEB0BE-A89F-40C3-8014-EF44EFB290F0}"= TCP:C:\Program Files\DNA\btdna.exe:DNA

"{DF5C6EFB-F2ED-415F-A6F3-938118175AE9}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{226BAC38-AA12-4471-BD23-09CBCECFF1AD}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{C00BA0C9-EA8D-4E40-80F4-1E766FC90B83}"= UDP:C:\Program Files\DNA\btdna.exe:DNA

"{1D797C26-C332-40BC-B9E7-F1FB21CBC7AE}"= TCP:C:\Program Files\DNA\btdna.exe:DNA

"TCP Query User{6EC19D55-D737-4693-8FAB-4818E2D6AAF6}C:\\users\\linnea04\\program files\\dna\\btdna.exe"= UDP:C:\users\linnea04\program files\dna\btdna.exe:btdna.exe

"UDP Query User{07595378-52C4-46AB-84DA-CD318B44FE37}C:\\users\\linnea04\\program files\\dna\\btdna.exe"= TCP:C:\users\linnea04\program files\dna\btdna.exe:btdna.exe

"{3A10C13F-0018-473E-BCF9-E211F7EC7473}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{7F6A914F-BF33-4D35-9D1F-24FE9BD8C885}C:\\users\\linnea04\\program files\\utorrent\\utorrent.exe"= UDP:C:\users\linnea04\program files\utorrent\utorrent.exe:utorrent.exe

"UDP Query User{37A869B3-74D0-4875-8BFA-65C6733C3276}C:\\users\\linnea04\\program files\\utorrent\\utorrent.exe"= TCP:C:\users\linnea04\program files\utorrent\utorrent.exe:utorrent.exe

"{FC20F055-E413-41D1-8169-6540DC734D7E}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer

"{CDF31612-48F8-4A9C-B6AC-7F0963A5EB31}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{64DE1803-F094-4645-88AD-CCCBCCB113ED}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{519C4BD9-035A-444A-A37B-61DBC5DE78DC}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{1D9FD661-78EB-43C8-80EE-242FB1091E8E}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{B873B46A-BF62-4EAA-A16F-9F7A75AFAA3C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{9A525FE0-C8A1-4359-ACFC-97E3167FA816}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{1B74B75E-AEB3-426F-B650-8E1418BD851B}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"{13F6FD66-E16F-4E8B-B312-13D874E47C5E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"{632E14CF-C868-499E-88EB-0809BBDF321C}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"TCP Query User{70A08E16-2796-4BF8-A506-3F85663BD1DE}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox

"UDP Query User{BA7C019A-D124-45E3-8C1D-73E058297EA6}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox

"TCP Query User{6E448850-59BD-409C-818B-DB33DB4FE225}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater

"UDP Query User{6098B0D7-FEF2-42A5-8CB7-A11172F87D92}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater

"TCP Query User{72F28C89-D3F6-4797-B13E-12C946265FD6}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process

"UDP Query User{A76D289D-5A9E-4164-B6E2-DCE8AC289F21}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process

"{DA14BF19-5F4C-459F-9394-4299008684F9}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{0645AFFB-471A-4265-A410-38F8815F5A6F}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{F6D24580-7F37-474A-9825-E214C685F55F}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{C5C07344-B2AE-4C0A-B036-05AD4AA4F946}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{4D806A88-FD0D-4408-9C56-C9470B9EA692}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{00C0A38B-6D76-4079-B0DB-199F69D22E7A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{B481C25C-0E77-4A97-945F-D3A724A988E5}E:\\d-link.exe"= UDP:E:\d-link.exe:Setup Wizard Template

"UDP Query User{87864A59-5293-41A0-9E44-6C4F37601F0C}E:\\d-link.exe"= TCP:E:\d-link.exe:Setup Wizard Template

"{42CE0E7D-AC61-47A2-91C7-9DFFA8D720C7}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{5C7623F7-F5C2-45BD-8FBE-C58F18C57916}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

"{556554D3-BE2C-4ADB-90A7-057AF8D14390}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\GloballyOpenPorts\List]

"9000:TCP"= 9000:TCP:*:Enabled:SqueezeCenter 9000 tcp

"3483:UDP"= 3483:UDP:*:Enabled:SqueezeCenter 3483 udp

"3483:TCP"= 3483:TCP:*:Enabled:SqueezeCenter 3483 tcp

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]

R1 DLARTL_M;DLARTL_M;C:\Windows\system32\Drivers\DLARTL_M.SYS [2006-08-11 10:35]

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080407.003\IDSvix86.sys [2008-02-15 14:56]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]

R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-03-11 12:44]

R2 SqueezeMySQL;SqueezeMySQL;C:\PROGRA~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe [2008-05-14 19:43]

R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 16:39]

R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-20 23:13]

S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-09 20:18]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsu.sys [2008-02-01 15:17]

S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsuc.sys [2008-02-01 15:17]

S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 15:53]

S3 upperdev;upperdev;C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 10:39]

S3 UsbserFilt;UsbserFilt;C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 10:39]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

*Newly Created Service* - CATCHME

.

Contents of the 'Scheduled Tasks' folder

"2008-05-26 06:40:36 C:\Windows\Tasks\AdwareAlert Scheduled Scan.job"

- C:\Program Files\AdwareAlert\AdwareAlert.ex

- C:\Program Files\AdwareAlert

"2008-03-03 00:59:31 C:\Windows\Tasks\Se etter oppdateringer for Windows Live Toolbar.job"

- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE

"2008-05-19 13:40:35 C:\Windows\Tasks\Uniblue SpeedUpMyPC Nag.job"

- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe

"2007-11-10 12:20:50 C:\Windows\Tasks\Uniblue SpeedUpMyPC.job"

- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-27 11:51:19

Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

.

Completion time: 2008-05-27 11:54:03

ComboFix-quarantined-files.txt 2008-05-27 09:52:52

Finner ikke meldingstekst for melding nummer 0x2379 i meldingsfilen for Application.

269 --- E O F --- 2008-05-22 23:39:12

snippsat · 27. mai 2008

Ser bra ut dette.

Kan du gjøre dette.

Kjør CCleaner sånn.

Last ned kjør CCleaner

'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t.

Kjør register-renser og"svar ja til og reparere"

Da er det og oppdatere og kjør full scan med sas.

Post loggen fra SAS (preferences->statistics/logs)

rstrr · 27. mai 2008

Ser bra ut dette.

Kan du gjøre dette.

Kjør CCleaner sånn.

Last ned kjør CCleaner

'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t.

Kjør register-renser og"svar ja til og reparere"

Da er det og oppdatere og kjør full scan med sas.

Post loggen fra SAS (preferences->statistics/logs)

Skal prøve det. Takk SNIPPSAT

rstrr · 27. mai 2008

Ser bra ut dette.

Kan du gjøre dette.

Kjør CCleaner sånn.

Last ned kjør CCleaner

'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t.

Kjør register-renser og"svar ja til og reparere"

Da er det og oppdatere og kjør full scan med sas.

Post loggen fra SAS (preferences->statistics/logs)

Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics. Mener du at jeg bruker den eller CCleaner som jeg har fra før?

Endret 27. mai 2008 av rstrr

snippsat · 27. mai 2008

Du skal bruke CCleaner ja.

Det jeg vil er at du kjører den som beskrivet.

Slette filer eldere enn 48 timer og du kjører register-renser svar ja til og reparer.

Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics

Den kobling fører til CCleaner ikke Registry mechanics.

Endret 27. mai 2008 av SNIPPSAT

rstrr · 27. mai 2008

Du skal bruke CCleaner ja.
Det jeg vil er at du kjører den som beskrivet.

Slette filer eldere enn 48 timer og du kjører register-renser svar ja til og reparer.

Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics

Den kobling fører til CCleaner ikke Registry mechanics.

Loggen ser sånnt ut

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 05/27/2008 at 04:31 PM

Application Version : 4.0.1154

Core Rules Database Version : 3468

Trace Rules Database Version: 1459

Scan type : Quick Scan

Total Scan Time : 00:18:35

Memory items scanned : 790

Memory threats detected : 0

Registry items scanned : 445

Registry threats detected : 0

File items scanned : 13483

File threats detected : 0

Måtte fjerne Avast før jeg kjørte SAS. Den tutet der igen. Installerer nå Avira. mvh rstrr

Endret 27. mai 2008 av rstrr

rstrr · 27. mai 2008

Du skal bruke CCleaner ja.
Det jeg vil er at du kjører den som beskrivet.

Slette filer eldere enn 48 timer og du kjører register-renser svar ja til og reparer.

Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics

Den kobling fører til CCleaner ikke Registry mechanics.

Loggen ser sånnt ut

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 05/27/2008 at 04:31 PM

Det ser ut nå at maskinen er bra. Takk for det: rstrr

Application Version : 4.0.1154

Core Rules Database Version : 3468

Trace Rules Database Version: 1459

Scan type : Quick Scan

Total Scan Time : 00:18:35

Memory items scanned : 790

Memory threats detected : 0

Registry items scanned : 445

Registry threats detected : 0

File items scanned : 13483

File threats detected : 0

Måtte fjerne Avast før jeg kjørte SAS. Den tutet der igen. Installerer nå Avira. mvh rstrr

snippsat · 27. mai 2008

Ja ser jo bra ut nå.

SAS finner ingen ting.

Logg inn

[LØST]Vista/AvastA. 4.8 pro/SAS - problem

Anbefalte innlegg

rstrr

Lenke til kommentar

Videoannonse

snippsat

Lenke til kommentar

rstrr

Lenke til kommentar

rstrr

Lenke til kommentar

snippsat

Lenke til kommentar

rstrr

Lenke til kommentar

rstrr

Lenke til kommentar

snippsat

Lenke til kommentar

rstrr

Lenke til kommentar

rstrr

Lenke til kommentar

snippsat

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Populær nå

Woke i moderne underholdningsindustri 1 2 3 4 506

Russlands invasjon av Ukraina [Ny tråd, les førstepost] 1 2 3 4 3571

Hvem er aktive 0 medlemmer