rstrr Skrevet 26. mai 2008 Del Skrevet 26. mai 2008 (endret) Får en melding ved start av SAS fra AvastAntivirus: Malware: Win32:Trojan-gen(Other) Maltype: Virus/Orm VPS Versjon:080526-0 26.05.2008 Scanned med antivirusprogram og fikk fjernet 'ormen'. Men da jeg ville kjøre SAS på nytt fikk samme melding. Fikk installere SAS først på nytt. Dette har ikke skjedt før. Er det feil i SASen min? Endret 27. mai 2008 av rstrr Lenke til kommentar
snippsat Skrevet 26. mai 2008 Del Skrevet 26. mai 2008 Last Combofix ned ,legg på skrivebordet. Ikke klikk på vindu mens programet kjører. post logg C:\combofix.txt Lenke til kommentar
rstrr Skrevet 27. mai 2008 Forfatter Del Skrevet 27. mai 2008 Last Combofix ned ,legg på skrivebordet.Ikke klikk på vindu mens programet kjører. post logg C:\combofix.txt Så ser ut min XPm/Antivir. maskinen virker tre også. ComboFix 08-05-25.5 - Administrator 2008-05-27 11:15:47.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.458 [GMT 2:00] Running from: C:\Documents and Settings\Administrator\Mine dokumenter\Downloads\Programs\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-04-27 to 2008-05-27 ))))))))))))))))))))))))))))))) . 2008-05-26 10:05 . 2008-05-27 11:10 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste 2008-05-22 19:01 . 2008-05-22 19:07 <DIR> d-------- C:\Programfiler\foobar2000 2008-05-22 19:01 . 2008-05-23 00:29 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\foobar2000 2008-05-12 14:56 . 2008-02-15 17:12 206,256 --a------ C:\WINDOWS\system32\idmmbc.dll 2008-05-11 18:23 . 2008-05-12 11:52 <DIR> d-------- C:\Programfiler\uTorrent 2008-05-11 18:23 . 2008-05-26 03:41 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\uTorrent 2008-05-11 13:10 . 2008-05-11 13:13 <DIR> d-------- C:\WINDOWS\ServicePackFiles 2008-05-10 22:17 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\DNA 2008-05-10 22:05 . 2008-05-10 23:19 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE 2008-05-10 21:54 . 2008-05-10 23:20 <DIR> d-------- C:\Programfiler\FlashGet 2008-05-10 21:48 . 2008-05-25 11:17 <DIR> d-------- C:\Programfiler\Internet Download Manager 2008-05-10 21:48 . 2008-05-25 11:16 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\IDM 2008-05-10 21:48 . 2008-05-27 10:46 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\DMCache 2008-05-10 20:17 . 2008-05-10 20:17 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-05-10 16:22 . 2008-05-10 16:22 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe 2008-05-10 16:17 . 2008-05-10 16:20 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\AdobeUM 2008-05-07 14:35 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Microsoft CAPICOM 2.1.0.2 2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\no 2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\bits 2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\l2schemas 2008-05-07 12:34 . 2008-04-14 17:43 1,845,632 --a------ C:\WINDOWS\system32\win32k.sys 2008-05-07 12:33 . 2008-04-14 17:53 2,146,816 --a------ C:\WINDOWS\system32\ntoskrnl.exe 2008-05-07 12:22 . 2004-08-03 22:29 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys 2008-05-07 12:21 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty 2008-05-06 17:42 . 2008-05-22 10:04 <DIR> d-------- C:\Programfiler\Winamp Remote 2008-05-06 17:42 . 2008-05-16 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\OrbNetworks 2008-05-06 17:41 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\Winamp 2008-05-06 17:41 . 2008-05-09 10:49 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Winamp 2008-05-06 17:41 . 2007-03-08 01:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2008-05-06 17:41 . 2007-03-08 01:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2008-05-06 17:41 . 2007-03-08 01:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-05-06 16:41 . 2008-05-06 16:41 <DIR> d-------- C:\Programfiler\Thecus 2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Programfiler\SqueezeCenter 2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SqueezeCenter 2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Programfiler\COMODO 2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Comodo 2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Programfiler\Avira 2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Avira 2008-05-06 14:32 . 2008-05-08 12:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\VersionTracker Pro 2008-05-06 13:43 . 2008-05-24 20:02 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-05-06 13:43 . 2008-05-06 13:43 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-05-06 13:43 . 2008-05-10 20:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SUPERAntiSpyware.com 2008-05-06 00:18 . 2008-05-06 00:18 <DIR> d-------- C:\Programfiler\Trend Micro 2008-05-05 11:43 . 2008-05-05 11:43 <DIR> d--h----- C:\Documents and Settings\All Users\Programdata\CanonBJ 2008-05-05 11:43 . 2005-08-25 22:00 8,704 --a------ C:\WINDOWS\system32\CNMVS7L.DLL 2008-05-05 11:41 . 2005-08-25 22:00 140,288 --a------ C:\WINDOWS\system32\CNMLM7L.DLL 2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanWizard 2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanAppDataDir 2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\ScanSoft 2008-05-05 11:23 . 2008-05-05 11:23 528 --a------ C:\WINDOWS\MAXLINK.INI 2008-05-05 11:22 . 2008-05-05 11:22 <DIR> d-------- C:\Programfiler\ScanSoft 2008-05-05 11:22 . 2008-05-05 11:23 <DIR> d-------- C:\Programfiler\Fellesfiler\ScanSoft Shared 2008-05-05 11:19 . 2008-05-05 11:19 <DIR> d-------- C:\Programfiler\ArcSoft 2008-05-05 11:19 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL 2008-05-05 11:01 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d--h----- C:\WINDOWS\system32\CanonMP Uninstaller Information 2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d-------- C:\WINDOWS\StartHtmico 2008-05-05 10:59 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-05-05 10:59 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-05-05 10:59 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-05-05 10:58 . 2008-05-05 10:58 <DIR> d--h----- C:\CanonMP 2008-05-05 10:58 . 2005-08-30 06:22 221,184 --a------ C:\WINDOWS\system32\CNCC500.DLL 2008-05-05 10:58 . 2005-05-30 12:47 139,264 --a------ C:\WINDOWS\system32\CNCL500.DLL 2008-05-05 10:58 . 2005-08-30 06:22 69,632 --a------ C:\WINDOWS\system32\CNCI500.DLL 2008-05-05 10:58 . 2005-08-30 06:23 49,152 --a------ C:\WINDOWS\system32\cncisco.dll 2008-05-05 10:57 . 2008-05-05 11:07 <DIR> d-------- C:\Programfiler\Canon 2008-05-04 17:18 . 2008-05-10 23:31 <DIR> d-a------ C:\Documents and Settings\All Users\Programdata\TEMP 2008-05-04 17:13 . 2008-05-04 17:13 <DIR> d-------- C:\Programfiler\CCleaner 2008-05-04 17:01 . 2008-05-04 17:10 <DIR> d-------- C:\Documents and Settings\Administrator\Contacts 2008-05-04 17:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-05-04 17:00 . 2008-05-04 17:00 <DIR> d-------- C:\Programfiler\Microsoft SQL Server Compact Edition 2008-05-04 16:06 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Windows Live 2008-05-04 16:06 . 2008-05-04 16:58 <DIR> d--hsc--- C:\Programfiler\Fellesfiler\WindowsLiveInstaller 2008-05-04 16:06 . 2008-05-04 16:57 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WLInstaller 2008-05-04 16:00 . 2008-05-04 16:00 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-04-28 15:41 . 2008-04-28 15:41 <DIR> d-------- C:\Programfiler\Pure Networks 2008-04-28 15:40 . 2008-05-04 17:00 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Programfiler\Fellesfiler\Pure Networks Shared 2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Pure Networks 2008-04-28 15:40 . 2008-01-08 17:16 25,272 --a------ C:\WINDOWS\system32\drivers\purendis.sys 2008-04-28 15:40 . 2008-01-08 17:16 23,992 --a------ C:\WINDOWS\system32\drivers\pnarp.sys 2008-04-27 02:17 . 2008-04-27 02:17 <DIR> d-------- C:\WINDOWS\i386 2008-04-27 02:17 . 2008-04-27 02:17 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-10 21:59 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared 2008-05-05 09:19 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2008-04-27 12:42 --------- d-----w C:\Programfiler\Google 2008-04-27 00:06 --------- d-----w C:\Programfiler\Windows Media Connect 2008-04-27 00:05 --------- d-----w C:\Programfiler\Synaptics 2008-04-27 00:05 --------- d-----w C:\Programfiler\Sonic 2008-04-27 00:05 --------- d-----w C:\Programfiler\microsoft frontpage 2008-04-27 00:04 --------- d-----w C:\Programfiler\Hp 2008-04-27 00:04 --------- d-----w C:\Programfiler\Hewlett-Packard 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fingerprint Sensor 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\TiVo Shared 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\SureThing Shared 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Sonic Shared 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\LightScribe 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Java 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield 2008-04-27 00:04 --------- d-----w C:\Programfiler\Elektroniske tjenester 2008-04-27 00:04 --------- d-----w C:\Programfiler\Analog Devices 2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\InstallShield 2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\hpqLog 2008-04-26 18:27 --------- d-----w C:\Programfiler\Java 2008-04-26 16:50 --------- d-----w C:\Programfiler\WIDCOMM 2008-04-26 16:49 --------- d-----w C:\Programfiler\InterVideo 2008-04-26 16:48 1,829 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_HP Compaq nx7400 (RH405EA#ABN)_YN_0U_QCNU72517M6_E410313093_46_I30A2_SHP_VKBC Version 40.17_B68YGU Ver. F.0B_T070418_WXP2_L414_M1016_J80_7Intel_8Core2 T5600_91.83_#080426_N14E4170C_(RH405EA#ABN).MRK 2008-04-26 16:47 --------- d-----w C:\Programfiler\Snarveier til programmer 2008-04-26 16:44 --------- d-----w C:\Programfiler\HPQ 2008-04-14 16:39 1,804 ----a-w C:\WINDOWS\system32\dcache.bin 2008-04-14 16:26 330,752 ----a-w C:\WINDOWS\system32\netsetup.exe 2008-04-14 16:22 996,352 ----a-w C:\WINDOWS\system32\msgina.dll 2008-04-14 16:21 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll 2008-04-14 16:20 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll 2008-04-14 16:19 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll 2008-04-14 16:19 568,320 ----a-w C:\WINDOWS\system32\gpedit.dll 2008-04-14 16:19 3,584 ----a-w C:\WINDOWS\system32\icmp.dll 2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll 2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll 2008-04-14 16:19 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll 2008-04-14 16:19 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll 2008-04-14 15:56 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys 2008-04-14 15:56 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys 2008-04-14 15:55 80,000 ----a-w C:\WINDOWS\system32\drivers\parport.sys 2008-04-14 15:55 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys 2008-04-14 15:55 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys 2008-04-14 15:53 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe 2008-04-14 15:52 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll 2008-04-14 15:50 799,872 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys 2008-04-14 15:50 24,448 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys 2008-04-14 15:50 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys 2008-04-14 15:50 14,592 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys 2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\msxml6r.dll 2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll 2008-04-14 15:49 37,376 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys 2008-04-14 15:48 77,312 ------w C:\WINDOWS\system32\msshavmsg.dll 2008-04-14 15:48 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys 2008-04-14 15:48 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys 2008-04-14 15:48 40,192 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys 2008-04-14 15:47 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll 2008-04-14 15:47 47,616 ----a-w C:\WINDOWS\system32\inetres.dll 2008-04-14 15:46 64,640 ----a-w C:\WINDOWS\system32\drivers\serial.sys 2008-04-14 15:45 51,840 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys 2008-04-14 15:44 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys 2008-04-14 15:43 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll 2008-04-14 15:43 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys 2008-04-14 15:43 273,152 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-04-14 15:42 65,024 ----a-w C:\WINDOWS\system32\browselc.dll 2008-04-14 15:41 52,480 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys 2008-04-14 15:41 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys 2008-04-14 15:41 39,680 ----a-w C:\WINDOWS\system32\drivers\processr.sys 2008-04-14 15:39 41,600 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys 2008-04-14 15:39 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys 2008-04-14 15:38 22,912 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys 2008-04-14 15:37 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys 2008-04-14 15:37 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys 2008-04-14 07:23 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe 2008-04-14 07:22 987,136 ----a-w C:\WINDOWS\system32\setupapi.dll 2008-04-14 07:22 423,936 ----a-w C:\WINDOWS\system32\licdll.dll 2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys 2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys 2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys 2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys 2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys 2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys 2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys 2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys 2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys 2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys 2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys 2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys 2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys 2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys 2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys 2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys 2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:22 15360] "swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-04 16:00 68856] "MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "Orb"="C:\Programfiler\Winamp Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-24 20:02 1510640] "IDMan"="C:\Programfiler\Internet Download Manager\IDMan.exe" [2008-05-12 15:03 2598320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="regsvr32 /s mqrt.dll" [] "SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [2005-05-20 10:11 925696] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "PTHOSTTR"="C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2006-02-14 11:56 122880] "HP Software Update"="C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-31 05:20 122940] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 20:04 761945] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 14:17 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 14:13 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 14:17 118784] "hpWirelessAssistant"="C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 10:49 454656] "CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 20:12 17920] "QlbCtrl"="C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 15:39 131072] "Cpqset"="C:\Programfiler\HPQ\Default Settings\cpqset.exe" [2006-02-22 08:03 40960] "Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 15:51 1187840] "Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-01-23 16:11 802816] "Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-02-15 15:43 892928] "WatchDog"="C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 11:59 184320] "nmctxth"="C:\Programfiler\Fellesfiler\Pure Networks Shared\Platform\nmctxth.exe" [2008-01-08 17:20 451896] "nmapp"="C:\Programfiler\Pure Networks\Network Magic\nmapp.exe" [2008-01-18 10:32 451896] "OpwareSE2"="C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152] "OPSE reminder"="C:\Programfiler\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [2003-07-07 09:29 729088] "avgnt"="C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-06 14:44 262401] "WinampAgent"="C:\Programfiler\Winamp\winampa.exe" [2008-04-01 20:49 36352] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 18:22 15360] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ BTTray.lnk - C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2006-02-15 16:16:02 581693] DVD Check.lnk - C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe [2008-04-26 18:49:05 184320] Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696] SqueezeCenter Tray Tool.lnk - C:\Programfiler\SqueezeCenter\SqueezeTray.exe [2008-05-06 16:18:34 1740887] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-24 20:02 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll 2005-07-25 20:41 40960 C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\mqsvc.exe"= "C:\\WINDOWS\\SMINST\\Scheduler.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\Messenger\\msmsgs.exe"= "C:\\Programfiler\\Winamp Remote\\bin\\Orb.exe"= "C:\\Programfiler\\Winamp Remote\\bin\\OrbTray.exe"= "C:\\Programfiler\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "C:\\Programfiler\\DNA\\btdna.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "C:\\Programfiler\\uTorrent\\uTorrent.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "67:UDP"= 67:UDP:DHCP Discovery Service "9000:TCP"= 9000:TCP:SqueezeCenter 9000 tcp "3483:UDP"= 3483:UDP:SqueezeCenter 3483 udp "3483:TCP"= 3483:TCP:SqueezeCenter 3483 tcp R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe [2008-04-14 18:23] R2 SqueezeMySQL;SqueezeMySQL;C:\PROGRA~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe [2008-03-03 10:49] S2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASChannel . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-27 11:17:08 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = C:\Programfiler\HPQ\Default Settings\cpqset.exe??????? ???@???????????????@??????[??????(?@???????@ scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-05-27 11:17:57 ComboFix-quarantined-files.txt 2008-05-27 09:17:54 Pre-Run: 52,039,839,744 byte ledig Post-Run: 52,038,377,472 byte ledig 290 Lenke til kommentar
rstrr Skrevet 27. mai 2008 Forfatter Del Skrevet 27. mai 2008 Last Combofix ned ,legg på skrivebordet.Ikke klikk på vindu mens programet kjører. post logg C:\combofix.txt Så ser ut min XPm/Antivir. maskinen virker tre også. ComboFix 08-05-25.5 - Administrator 2008-05-27 11:15:47.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.458 [GMT 2:00] Running from: C:\Documents and Settings\Administrator\Mine dokumenter\Downloads\Programs\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-04-27 to 2008-05-27 ))))))))))))))))))))))))))))))) . 2008-05-26 10:05 . 2008-05-27 11:10 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste 2008-05-22 19:01 . 2008-05-22 19:07 <DIR> d-------- C:\Programfiler\foobar2000 2008-05-22 19:01 . 2008-05-23 00:29 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\foobar2000 2008-05-12 14:56 . 2008-02-15 17:12 206,256 --a------ C:\WINDOWS\system32\idmmbc.dll 2008-05-11 18:23 . 2008-05-12 11:52 <DIR> d-------- C:\Programfiler\uTorrent 2008-05-11 18:23 . 2008-05-26 03:41 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\uTorrent 2008-05-11 13:10 . 2008-05-11 13:13 <DIR> d-------- C:\WINDOWS\ServicePackFiles 2008-05-10 22:17 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\DNA 2008-05-10 22:05 . 2008-05-10 23:19 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE 2008-05-10 21:54 . 2008-05-10 23:20 <DIR> d-------- C:\Programfiler\FlashGet 2008-05-10 21:48 . 2008-05-25 11:17 <DIR> d-------- C:\Programfiler\Internet Download Manager 2008-05-10 21:48 . 2008-05-25 11:16 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\IDM 2008-05-10 21:48 . 2008-05-27 10:46 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\DMCache 2008-05-10 20:17 . 2008-05-10 20:17 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-05-10 16:22 . 2008-05-10 16:22 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe 2008-05-10 16:17 . 2008-05-10 16:20 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\AdobeUM 2008-05-07 14:35 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Microsoft CAPICOM 2.1.0.2 2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\no 2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\system32\bits 2008-05-07 12:46 . 2008-05-11 13:12 <DIR> d-------- C:\WINDOWS\l2schemas 2008-05-07 12:34 . 2008-04-14 17:43 1,845,632 --a------ C:\WINDOWS\system32\win32k.sys 2008-05-07 12:33 . 2008-04-14 17:53 2,146,816 --a------ C:\WINDOWS\system32\ntoskrnl.exe 2008-05-07 12:22 . 2004-08-03 22:29 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys 2008-05-07 12:21 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty 2008-05-06 17:42 . 2008-05-22 10:04 <DIR> d-------- C:\Programfiler\Winamp Remote 2008-05-06 17:42 . 2008-05-16 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\OrbNetworks 2008-05-06 17:41 . 2008-05-10 23:40 <DIR> d-------- C:\Programfiler\Winamp 2008-05-06 17:41 . 2008-05-09 10:49 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Winamp 2008-05-06 17:41 . 2007-03-08 01:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2008-05-06 17:41 . 2007-03-08 01:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2008-05-06 17:41 . 2007-03-08 01:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-05-06 16:41 . 2008-05-06 16:41 <DIR> d-------- C:\Programfiler\Thecus 2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Programfiler\SqueezeCenter 2008-05-06 16:18 . 2008-05-06 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SqueezeCenter 2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Programfiler\COMODO 2008-05-06 14:50 . 2008-05-10 17:04 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Comodo 2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Programfiler\Avira 2008-05-06 14:37 . 2008-05-06 14:37 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Avira 2008-05-06 14:32 . 2008-05-08 12:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\VersionTracker Pro 2008-05-06 13:43 . 2008-05-24 20:02 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-05-06 13:43 . 2008-05-06 13:43 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-05-06 13:43 . 2008-05-10 20:17 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SUPERAntiSpyware.com 2008-05-06 00:18 . 2008-05-06 00:18 <DIR> d-------- C:\Programfiler\Trend Micro 2008-05-05 11:43 . 2008-05-05 11:43 <DIR> d--h----- C:\Documents and Settings\All Users\Programdata\CanonBJ 2008-05-05 11:43 . 2005-08-25 22:00 8,704 --a------ C:\WINDOWS\system32\CNMVS7L.DLL 2008-05-05 11:41 . 2005-08-25 22:00 140,288 --a------ C:\WINDOWS\system32\CNMLM7L.DLL 2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanWizard 2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SSScanAppDataDir 2008-05-05 11:23 . 2008-05-05 11:23 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\ScanSoft 2008-05-05 11:23 . 2008-05-05 11:23 528 --a------ C:\WINDOWS\MAXLINK.INI 2008-05-05 11:22 . 2008-05-05 11:22 <DIR> d-------- C:\Programfiler\ScanSoft 2008-05-05 11:22 . 2008-05-05 11:23 <DIR> d-------- C:\Programfiler\Fellesfiler\ScanSoft Shared 2008-05-05 11:19 . 2008-05-05 11:19 <DIR> d-------- C:\Programfiler\ArcSoft 2008-05-05 11:19 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL 2008-05-05 11:01 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d--h----- C:\WINDOWS\system32\CanonMP Uninstaller Information 2008-05-05 10:59 . 2008-05-05 10:59 <DIR> d-------- C:\WINDOWS\StartHtmico 2008-05-05 10:59 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-05-05 10:59 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-05-05 10:59 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-05-05 10:58 . 2008-05-05 10:58 <DIR> d--h----- C:\CanonMP 2008-05-05 10:58 . 2005-08-30 06:22 221,184 --a------ C:\WINDOWS\system32\CNCC500.DLL 2008-05-05 10:58 . 2005-05-30 12:47 139,264 --a------ C:\WINDOWS\system32\CNCL500.DLL 2008-05-05 10:58 . 2005-08-30 06:22 69,632 --a------ C:\WINDOWS\system32\CNCI500.DLL 2008-05-05 10:58 . 2005-08-30 06:23 49,152 --a------ C:\WINDOWS\system32\cncisco.dll 2008-05-05 10:57 . 2008-05-05 11:07 <DIR> d-------- C:\Programfiler\Canon 2008-05-04 17:18 . 2008-05-10 23:31 <DIR> d-a------ C:\Documents and Settings\All Users\Programdata\TEMP 2008-05-04 17:13 . 2008-05-04 17:13 <DIR> d-------- C:\Programfiler\CCleaner 2008-05-04 17:01 . 2008-05-04 17:10 <DIR> d-------- C:\Documents and Settings\Administrator\Contacts 2008-05-04 17:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-05-04 17:00 . 2008-05-04 17:00 <DIR> d-------- C:\Programfiler\Microsoft SQL Server Compact Edition 2008-05-04 16:06 . 2008-05-07 14:35 <DIR> d-------- C:\Programfiler\Windows Live 2008-05-04 16:06 . 2008-05-04 16:58 <DIR> d--hsc--- C:\Programfiler\Fellesfiler\WindowsLiveInstaller 2008-05-04 16:06 . 2008-05-04 16:57 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WLInstaller 2008-05-04 16:00 . 2008-05-04 16:00 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-04-28 15:41 . 2008-04-28 15:41 <DIR> d-------- C:\Programfiler\Pure Networks 2008-04-28 15:40 . 2008-05-04 17:00 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Programfiler\Fellesfiler\Pure Networks Shared 2008-04-28 15:40 . 2008-04-28 15:40 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Pure Networks 2008-04-28 15:40 . 2008-01-08 17:16 25,272 --a------ C:\WINDOWS\system32\drivers\purendis.sys 2008-04-28 15:40 . 2008-01-08 17:16 23,992 --a------ C:\WINDOWS\system32\drivers\pnarp.sys 2008-04-27 02:17 . 2008-04-27 02:17 <DIR> d-------- C:\WINDOWS\i386 2008-04-27 02:17 . 2008-04-27 02:17 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-10 21:59 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared 2008-05-05 09:19 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2008-04-27 12:42 --------- d-----w C:\Programfiler\Google 2008-04-27 00:06 --------- d-----w C:\Programfiler\Windows Media Connect 2008-04-27 00:05 --------- d-----w C:\Programfiler\Synaptics 2008-04-27 00:05 --------- d-----w C:\Programfiler\Sonic 2008-04-27 00:05 --------- d-----w C:\Programfiler\microsoft frontpage 2008-04-27 00:04 --------- d-----w C:\Programfiler\Hp 2008-04-27 00:04 --------- d-----w C:\Programfiler\Hewlett-Packard 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fingerprint Sensor 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\TiVo Shared 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\SureThing Shared 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Sonic Shared 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\LightScribe 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\Java 2008-04-27 00:04 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield 2008-04-27 00:04 --------- d-----w C:\Programfiler\Elektroniske tjenester 2008-04-27 00:04 --------- d-----w C:\Programfiler\Analog Devices 2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\InstallShield 2008-04-27 00:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\hpqLog 2008-04-26 18:27 --------- d-----w C:\Programfiler\Java 2008-04-26 16:50 --------- d-----w C:\Programfiler\WIDCOMM 2008-04-26 16:49 --------- d-----w C:\Programfiler\InterVideo 2008-04-26 16:48 1,829 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_HP Compaq nx7400 (RH405EA#ABN)_YN_0U_QCNU72517M6_E410313093_46_I30A2_SHP_VKBC Version 40.17_B68YGU Ver. F.0B_T070418_WXP2_L414_M1016_J80_7Intel_8Core2 T5600_91.83_#080426_N14E4170C_(RH405EA#ABN).MRK 2008-04-26 16:47 --------- d-----w C:\Programfiler\Snarveier til programmer 2008-04-26 16:44 --------- d-----w C:\Programfiler\HPQ 2008-04-14 16:39 1,804 ----a-w C:\WINDOWS\system32\dcache.bin 2008-04-14 16:26 330,752 ----a-w C:\WINDOWS\system32\netsetup.exe 2008-04-14 16:22 996,352 ----a-w C:\WINDOWS\system32\msgina.dll 2008-04-14 16:21 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll 2008-04-14 16:20 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll 2008-04-14 16:19 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll 2008-04-14 16:19 568,320 ----a-w C:\WINDOWS\system32\gpedit.dll 2008-04-14 16:19 3,584 ----a-w C:\WINDOWS\system32\icmp.dll 2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll 2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll 2008-04-14 16:19 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll 2008-04-14 16:19 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll 2008-04-14 15:56 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys 2008-04-14 15:56 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys 2008-04-14 15:55 80,000 ----a-w C:\WINDOWS\system32\drivers\parport.sys 2008-04-14 15:55 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys 2008-04-14 15:55 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys 2008-04-14 15:53 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe 2008-04-14 15:52 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll 2008-04-14 15:50 799,872 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys 2008-04-14 15:50 24,448 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys 2008-04-14 15:50 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys 2008-04-14 15:50 14,592 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys 2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\msxml6r.dll 2008-04-14 15:49 79,360 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll 2008-04-14 15:49 37,376 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys 2008-04-14 15:48 77,312 ------w C:\WINDOWS\system32\msshavmsg.dll 2008-04-14 15:48 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys 2008-04-14 15:48 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys 2008-04-14 15:48 40,192 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys 2008-04-14 15:47 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll 2008-04-14 15:47 47,616 ----a-w C:\WINDOWS\system32\inetres.dll 2008-04-14 15:46 64,640 ----a-w C:\WINDOWS\system32\drivers\serial.sys 2008-04-14 15:45 51,840 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys 2008-04-14 15:44 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys 2008-04-14 15:43 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll 2008-04-14 15:43 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys 2008-04-14 15:43 273,152 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-04-14 15:42 65,024 ----a-w C:\WINDOWS\system32\browselc.dll 2008-04-14 15:41 52,480 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys 2008-04-14 15:41 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys 2008-04-14 15:41 39,680 ----a-w C:\WINDOWS\system32\drivers\processr.sys 2008-04-14 15:39 41,600 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys 2008-04-14 15:39 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys 2008-04-14 15:38 22,912 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys 2008-04-14 15:37 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys 2008-04-14 15:37 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys 2008-04-14 07:23 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe 2008-04-14 07:22 987,136 ----a-w C:\WINDOWS\system32\setupapi.dll 2008-04-14 07:22 423,936 ----a-w C:\WINDOWS\system32\licdll.dll 2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys 2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys 2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys 2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys 2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys 2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys 2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys 2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys 2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys 2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys 2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys 2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys 2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys 2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys 2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys 2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys 2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:22 15360] "swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-04 16:00 68856] "MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "Orb"="C:\Programfiler\Winamp Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-24 20:02 1510640] "IDMan"="C:\Programfiler\Internet Download Manager\IDMan.exe" [2008-05-12 15:03 2598320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="regsvr32 /s mqrt.dll" [] "SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [2005-05-20 10:11 925696] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "PTHOSTTR"="C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2006-02-14 11:56 122880] "HP Software Update"="C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-31 05:20 122940] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 20:04 761945] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 14:17 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 14:13 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 14:17 118784] "hpWirelessAssistant"="C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 10:49 454656] "CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 20:12 17920] "QlbCtrl"="C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 15:39 131072] "Cpqset"="C:\Programfiler\HPQ\Default Settings\cpqset.exe" [2006-02-22 08:03 40960] "Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 15:51 1187840] "Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-01-23 16:11 802816] "Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-02-15 15:43 892928] "WatchDog"="C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 11:59 184320] "nmctxth"="C:\Programfiler\Fellesfiler\Pure Networks Shared\Platform\nmctxth.exe" [2008-01-08 17:20 451896] "nmapp"="C:\Programfiler\Pure Networks\Network Magic\nmapp.exe" [2008-01-18 10:32 451896] "OpwareSE2"="C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152] "OPSE reminder"="C:\Programfiler\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [2003-07-07 09:29 729088] "avgnt"="C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-06 14:44 262401] "WinampAgent"="C:\Programfiler\Winamp\winampa.exe" [2008-04-01 20:49 36352] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 18:22 15360] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ BTTray.lnk - C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2006-02-15 16:16:02 581693] DVD Check.lnk - C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe [2008-04-26 18:49:05 184320] Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696] SqueezeCenter Tray Tool.lnk - C:\Programfiler\SqueezeCenter\SqueezeTray.exe [2008-05-06 16:18:34 1740887] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-24 20:02 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll 2005-07-25 20:41 40960 C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\mqsvc.exe"= "C:\\WINDOWS\\SMINST\\Scheduler.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\Messenger\\msmsgs.exe"= "C:\\Programfiler\\Winamp Remote\\bin\\Orb.exe"= "C:\\Programfiler\\Winamp Remote\\bin\\OrbTray.exe"= "C:\\Programfiler\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "C:\\Programfiler\\DNA\\btdna.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "C:\\Programfiler\\uTorrent\\uTorrent.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "67:UDP"= 67:UDP:DHCP Discovery Service "9000:TCP"= 9000:TCP:SqueezeCenter 9000 tcp "3483:UDP"= 3483:UDP:SqueezeCenter 3483 udp "3483:TCP"= 3483:TCP:SqueezeCenter 3483 tcp R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe [2008-04-14 18:23] R2 SqueezeMySQL;SqueezeMySQL;C:\PROGRA~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe [2008-03-03 10:49] S2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASChannel . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-27 11:17:08 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = C:\Programfiler\HPQ\Default Settings\cpqset.exe??????? ???@???????????????@??????[??????(?@???????@ scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-05-27 11:17:57 ComboFix-quarantined-files.txt 2008-05-27 09:17:54 Pre-Run: 52,039,839,744 byte ledig Post-Run: 52,038,377,472 byte ledig 290 Og her er Vista ComboFix 08-05-25.5 - lINNEA04 2008-05-27 11:45:50.1 - NTFSx86 Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1044.18.152 [GMT 2:00] Running from: C:\Users\lINNEA04\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2008-04-27 to 2008-05-27 ))))))))))))))))))))))))))))))) . No new files created in this timespan . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-27 08:43 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\OpenOffice.org2 2008-05-26 08:59 --------- d-----w C:\Program Files\SUPERAntiSpyware 2008-05-26 07:33 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-05-26 07:29 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\foobar2000 2008-05-26 02:51 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\uTorrent 2008-05-26 02:01 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Mp3tag 2008-05-25 20:40 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\AccurateRip 2008-05-25 20:11 --------- d-----w C:\Program Files\foobar2000 2008-05-24 20:14 --------- d-----w C:\Program Files\Uniblue 2008-05-22 07:46 --------- d-----w C:\Program Files\SqueezeCenter 2008-05-22 06:42 --------- d-----w C:\Program Files\Windows Live Safety Center 2008-05-21 11:19 --------- d-----w C:\ProgramData\SqueezeCenter 2008-05-21 06:15 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\AD ON Multimedia 2008-05-21 06:15 --------- d-----w C:\Program Files\Exact Audio Copy 2008-05-20 08:04 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-05-17 22:25 --------- d-----w C:\Program Files\uTorrent 2008-05-17 14:28 0 ----a-w C:\Windows\system32\drivers\lvuvc.hs 2008-05-16 13:57 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Comodo 2008-05-16 13:57 --------- d-----w C:\Program Files\COMODO 2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys 2008-05-14 13:55 --------- d-----w C:\Program Files\Windows Mail 2008-05-11 05:57 --------- d-----w C:\Program Files\Mp3tag 2008-05-10 23:45 --------- d---a-w C:\ProgramData\TEMP 2008-05-06 23:54 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\SUPERAntiSpyware.com 2008-05-06 23:54 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com 2008-05-05 19:57 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Copernic 2008-05-05 19:57 --------- d-----w C:\Program Files\Copernic Agent 2008-05-05 19:57 --------- d-----w C:\Program Files\Common Files\Copernic 2008-05-05 07:58 --------- d-----w C:\ProgramData\Installations 2008-05-02 16:23 --------- d-----w C:\Program Files\CCleaner 2008-04-28 14:05 --------- d-----w C:\ProgramData\PC Suite 2008-04-28 04:42 --------- d-----w C:\Users\Gjest\AppData\Roaming\PC Suite 2008-04-26 22:21 --------- d-----w C:\ProgramData\eSellerate 2008-04-26 16:38 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Winamp 2008-04-26 16:00 --------- d-----w C:\Program Files\Nokia 2008-04-26 15:35 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-26 15:35 --------- d-----w C:\Program Files\Google 2008-04-24 08:13 --------- d-----w C:\ProgramData\Bluetooth 2008-04-24 07:20 --------- d-----w C:\Program Files\Common Files\PCSuite 2008-04-24 07:20 --------- d-----w C:\Program Files\Common Files\Nokia 2008-04-24 07:06 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Nokia 2008-04-23 18:45 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\PC Suite 2008-04-23 17:53 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Nokia Multimedia Player 2008-04-23 13:59 --------- d-----w C:\Program Files\DIFX 2008-04-23 13:58 --------- d-----w C:\Program Files\PC Connectivity Solution 2008-04-23 13:44 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-04-20 11:54 --------- d-----w C:\ProgramData\Dell 2008-04-20 11:47 --------- d-----w C:\ProgramData\SupportSoft 2008-04-20 11:46 --------- d-----w C:\Program Files\Dell Support Center 2008-04-20 11:45 --------- d-----w C:\Program Files\Common Files\supportsoft 2008-04-20 10:38 --------- d-----w C:\ProgramData\PC Drivers HeadQuarters 2008-04-15 14:35 --------- d-----w C:\ProgramData\Symantec 2008-04-15 13:37 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Symantec 2008-04-15 05:58 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\Uniblue 2008-04-14 23:19 --------- d-----w C:\ProgramData\CheckPoint 2008-04-14 22:29 --------- d-----w C:\Program Files\Alwil Software 2008-04-11 18:49 --------- d-----w C:\Program Files\Java 2008-04-11 06:32 --------- d-----w C:\Users\lINNEA04\AppData\Roaming\TVU Networks 2008-04-11 06:32 --------- d-----w C:\ProgramData\TVU Networks 2008-04-04 19:02 --------- d-----w C:\Program Files\Winamp 2008-03-06 09:14 831,048 ----a-w C:\Windows\System32\WudfUpdate_01005.dll 2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll 2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll 2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll 2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe 2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe 2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll 2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll 2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys 2008-02-10 11:49 32 ----a-w C:\Users\All Users\ezsid.dat 2008-02-10 11:49 32 ----a-w C:\ProgramData\ezsid.dat 2007-10-09 14:50 174 --sha-w C:\Program Files\desktop.ini . ------- Sigcheck ------- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 12:44 202544] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:34 201728] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [ ] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-04-17 19:31 159744] "SigmatelSysTrayApp"="sttray.exe" [2007-03-06 12:37 303104 C:\Windows\sttray.exe] "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 11:22 221184] "RoxioDragToDisc"="C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 09:00 1116920] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 11:35 221184] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 11:37 81920] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352] "Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2007-10-09 20:18 3444736] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-01-20 09:05 217088] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832] "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224] "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 12:44 16384] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 12:44 202544] C:\Users\lINNEA04\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 22:57:56 393216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-09-25 19:29:53 45056] SqueezeCenter Tray Tool.lnk - C:\Program Files\SqueezeCenter\SqueezeTray.exe [2008-05-21 13:18:35 1728599] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "TCP Query User{10F1C0BC-0927-4235-BFD8-C9DBB1455F67}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{375273A2-E306-45C7-A898-75FD5227B43B}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent "{E65D2F2D-C1C9-4130-8379-48A1A25F68B8}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{8802A574-290A-443A-97D6-BD1819EBBF11}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{5E158BE1-360F-418B-A9FA-41F517F37405}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{35434D01-283A-4B2E-9DB4-58C77F8D566E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{F18CAFD7-A072-433D-AA32-52633699A987}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{7C0F684A-39C2-433F-8A07-077940CDCB01}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "TCP Query User{C82D9089-8F19-43BD-9908-CA98D0820A6C}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{09F8F275-0F9C-4CFC-A917-73EFD878EC7A}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{D22DD093-44D2-46B1-AC24-3A7142946FC7}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{E96C03F4-03EE-4B23-BDF4-C1331839AF4E}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent "TCP Query User{ED6F55B1-02A3-4DC1-A11B-5E216B3FC108}C:\\program files\\opera\\opera.exe"= UDP:C:\program files\opera\opera.exe:Opera Internet Browser "UDP Query User{6DE6CD45-63EF-46F7-833C-067066F81316}C:\\program files\\opera\\opera.exe"= TCP:C:\program files\opera\opera.exe:Opera Internet Browser "{89874320-78E9-4CCD-A95C-F524A93EEBEA}"= TCP:67:DHCP Discovery Service "{142F2918-2F5E-4A9C-9333-B221B76EC4BA}"= TCP:67:DHCP Discovery Service "TCP Query User{92AD084E-F041-454E-8F1B-D90496ABA907}C:\\program files\\thecus\\thecus setup wizard v1.1.7\\setupwizard.exe"= UDP:C:\program files\thecus\thecus setup wizard v1.1.7\setupwizard.exe: "UDP Query User{B986CA26-4C8E-4483-84FE-D63C7B557410}C:\\program files\\thecus\\thecus setup wizard v1.1.7\\setupwizard.exe"= TCP:C:\program files\thecus\thecus setup wizard v1.1.7\setupwizard.exe: "{B9561652-32C6-4959-901C-00C641D6FA8E}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{231CDA3A-0EF9-4BDA-823F-F7076876BE0F}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{8CCF707A-5E94-45A3-AEE8-10B1D6A43E8C}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{7274FA3F-EBB9-4AD5-B221-E8B87499E3BD}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{7B2093C1-C92E-41D6-8275-37398E38AC7F}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{EC3049CF-FF18-42D0-81E6-81308FB27664}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{38499FB4-D095-464D-A3DD-41A7885BC400}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent "{C9E71283-C034-4665-9748-3BCFD08BD730}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent "{3281427C-8D2F-458A-8F00-CAC2805FA758}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent "{8B576D34-7368-4B7C-A134-6964C35B25BD}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent "{5BEFD1D2-206D-48D7-882D-EA9F18C4FBF6}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{CE33BC94-6FDC-41DD-8DD3-890664789745}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{949380BD-3BDE-4309-AD8F-7680C754E72A}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "TCP Query User{197022E9-789D-4EAA-8FE0-8D389881F138}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer "UDP Query User{8B04F469-918E-4B0D-804E-13EC31A30239}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer "{DB3067BC-1EF0-461D-A691-A1BB19FC98FF}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{5D8E18F4-1273-407E-A3F9-9ED004718D7E}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{B1C6FF8A-4980-4E6E-B828-682387E23332}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{BCFBBE47-0D4A-4EEC-93DC-DB3DE7E8993F}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{996E173A-4120-4F78-8728-FCE81E36DDA7}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "TCP Query User{D2780BD0-9F0E-432E-9D0E-C2E9B659A227}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{A62293FD-7F43-429A-8DEC-956BC00B038D}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath "TCP Query User{A5FCA9D1-39A4-4C18-BD22-4777D32F7FBE}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{0466ABEF-2C27-4278-8B23-0D8444F5477A}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath "{979881F1-0AD6-47BB-B817-0AA3C6F00697}"= UDP:C:\Program Files\DNA\btdna.exe:DNA "{F4DEB0BE-A89F-40C3-8014-EF44EFB290F0}"= TCP:C:\Program Files\DNA\btdna.exe:DNA "{DF5C6EFB-F2ED-415F-A6F3-938118175AE9}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{226BAC38-AA12-4471-BD23-09CBCECFF1AD}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{C00BA0C9-EA8D-4E40-80F4-1E766FC90B83}"= UDP:C:\Program Files\DNA\btdna.exe:DNA "{1D797C26-C332-40BC-B9E7-F1FB21CBC7AE}"= TCP:C:\Program Files\DNA\btdna.exe:DNA "TCP Query User{6EC19D55-D737-4693-8FAB-4818E2D6AAF6}C:\\users\\linnea04\\program files\\dna\\btdna.exe"= UDP:C:\users\linnea04\program files\dna\btdna.exe:btdna.exe "UDP Query User{07595378-52C4-46AB-84DA-CD318B44FE37}C:\\users\\linnea04\\program files\\dna\\btdna.exe"= TCP:C:\users\linnea04\program files\dna\btdna.exe:btdna.exe "{3A10C13F-0018-473E-BCF9-E211F7EC7473}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{7F6A914F-BF33-4D35-9D1F-24FE9BD8C885}C:\\users\\linnea04\\program files\\utorrent\\utorrent.exe"= UDP:C:\users\linnea04\program files\utorrent\utorrent.exe:utorrent.exe "UDP Query User{37A869B3-74D0-4875-8BFA-65C6733C3276}C:\\users\\linnea04\\program files\\utorrent\\utorrent.exe"= TCP:C:\users\linnea04\program files\utorrent\utorrent.exe:utorrent.exe "{FC20F055-E413-41D1-8169-6540DC734D7E}"= C:\Program Files\SlimServer\server\slim.exe:SlimServer "{CDF31612-48F8-4A9C-B6AC-7F0963A5EB31}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{64DE1803-F094-4645-88AD-CCCBCCB113ED}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{519C4BD9-035A-444A-A37B-61DBC5DE78DC}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{1D9FD661-78EB-43C8-80EE-242FB1091E8E}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{B873B46A-BF62-4EAA-A16F-9F7A75AFAA3C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{9A525FE0-C8A1-4359-ACFC-97E3167FA816}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{1B74B75E-AEB3-426F-B650-8E1418BD851B}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{13F6FD66-E16F-4E8B-B312-13D874E47C5E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{632E14CF-C868-499E-88EB-0809BBDF321C}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "TCP Query User{70A08E16-2796-4BF8-A506-3F85663BD1DE}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{BA7C019A-D124-45E3-8C1D-73E058297EA6}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox "TCP Query User{6E448850-59BD-409C-818B-DB33DB4FE225}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater "UDP Query User{6098B0D7-FEF2-42A5-8CB7-A11172F87D92}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater "TCP Query User{72F28C89-D3F6-4797-B13E-12C946265FD6}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process "UDP Query User{A76D289D-5A9E-4164-B6E2-DCE8AC289F21}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process "{DA14BF19-5F4C-459F-9394-4299008684F9}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{0645AFFB-471A-4265-A410-38F8815F5A6F}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{F6D24580-7F37-474A-9825-E214C685F55F}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{C5C07344-B2AE-4C0A-B036-05AD4AA4F946}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{4D806A88-FD0D-4408-9C56-C9470B9EA692}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{00C0A38B-6D76-4079-B0DB-199F69D22E7A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{B481C25C-0E77-4A97-945F-D3A724A988E5}E:\\d-link.exe"= UDP:E:\d-link.exe:Setup Wizard Template "UDP Query User{87864A59-5293-41A0-9E44-6C4F37601F0C}E:\\d-link.exe"= TCP:E:\d-link.exe:Setup Wizard Template "{42CE0E7D-AC61-47A2-91C7-9DFFA8D720C7}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{5C7623F7-F5C2-45BD-8FBE-C58F18C57916}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter "{556554D3-BE2C-4ADB-90A7-057AF8D14390}"= C:\Program Files\SqueezeCenter\server\squeezecenter.exe:SqueezeCenter [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\GloballyOpenPorts\List] "9000:TCP"= 9000:TCP:*:Enabled:SqueezeCenter 9000 tcp "3483:UDP"= 3483:UDP:*:Enabled:SqueezeCenter 3483 udp "3483:TCP"= 3483:TCP:*:Enabled:SqueezeCenter 3483 tcp R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20] R1 DLARTL_M;DLARTL_M;C:\Windows\system32\Drivers\DLARTL_M.SYS [2006-08-11 10:35] R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080407.003\IDSvix86.sys [2008-02-15 14:56] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18] R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-03-11 12:44] R2 SqueezeMySQL;SqueezeMySQL;C:\PROGRA~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe [2008-05-14 19:43] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 16:39] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-20 23:13] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-09 20:18] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsu.sys [2008-02-01 15:17] S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsuc.sys [2008-02-01 15:17] S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 15:53] S3 upperdev;upperdev;C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 10:39] S3 UsbserFilt;UsbserFilt;C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 10:39] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2008-05-26 06:40:36 C:\Windows\Tasks\AdwareAlert Scheduled Scan.job" - C:\Program Files\AdwareAlert\AdwareAlert.ex - C:\Program Files\AdwareAlert "2008-03-03 00:59:31 C:\Windows\Tasks\Se etter oppdateringer for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE "2008-05-19 13:40:35 C:\Windows\Tasks\Uniblue SpeedUpMyPC Nag.job" - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe "2007-11-10 12:20:50 C:\Windows\Tasks\Uniblue SpeedUpMyPC.job" - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-27 11:51:19 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . Completion time: 2008-05-27 11:54:03 ComboFix-quarantined-files.txt 2008-05-27 09:52:52 Finner ikke meldingstekst for melding nummer 0x2379 i meldingsfilen for Application. Finner ikke meldingstekst for melding nummer 0x2379 i meldingsfilen for Application. 269 --- E O F --- 2008-05-22 23:39:12 Lenke til kommentar
snippsat Skrevet 27. mai 2008 Del Skrevet 27. mai 2008 Ser bra ut dette. Kan du gjøre dette. Kjør CCleaner sånn. Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t. Kjør register-renser og"svar ja til og reparere" Da er det og oppdatere og kjør full scan med sas. Post loggen fra SAS (preferences->statistics/logs) Lenke til kommentar
rstrr Skrevet 27. mai 2008 Forfatter Del Skrevet 27. mai 2008 Ser bra ut dette. Kan du gjøre dette. Kjør CCleaner sånn. Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t. Kjør register-renser og"svar ja til og reparere" Da er det og oppdatere og kjør full scan med sas. Post loggen fra SAS (preferences->statistics/logs) Skal prøve det. Takk SNIPPSAT Lenke til kommentar
rstrr Skrevet 27. mai 2008 Forfatter Del Skrevet 27. mai 2008 (endret) Ser bra ut dette. Kan du gjøre dette. Kjør CCleaner sånn. Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t. Kjør register-renser og"svar ja til og reparere" Da er det og oppdatere og kjør full scan med sas. Post loggen fra SAS (preferences->statistics/logs) Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics. Mener du at jeg bruker den eller CCleaner som jeg har fra før? Endret 27. mai 2008 av rstrr Lenke til kommentar
snippsat Skrevet 27. mai 2008 Del Skrevet 27. mai 2008 (endret) Du skal bruke CCleaner ja. Det jeg vil er at du kjører den som beskrivet. Slette filer eldere enn 48 timer og du kjører register-renser svar ja til og reparer. Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics Den kobling fører til CCleaner ikke Registry mechanics. Endret 27. mai 2008 av SNIPPSAT Lenke til kommentar
rstrr Skrevet 27. mai 2008 Forfatter Del Skrevet 27. mai 2008 (endret) Du skal bruke CCleaner ja.Det jeg vil er at du kjører den som beskrivet. Slette filer eldere enn 48 timer og du kjører register-renser svar ja til og reparer. Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics Den kobling fører til CCleaner ikke Registry mechanics. Loggen ser sånnt ut SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 05/27/2008 at 04:31 PM Application Version : 4.0.1154 Core Rules Database Version : 3468 Trace Rules Database Version: 1459 Scan type : Quick Scan Total Scan Time : 00:18:35 Memory items scanned : 790 Memory threats detected : 0 Registry items scanned : 445 Registry threats detected : 0 File items scanned : 13483 File threats detected : 0 Måtte fjerne Avast før jeg kjørte SAS. Den tutet der igen. Installerer nå Avira. mvh rstrr Endret 27. mai 2008 av rstrr Lenke til kommentar
rstrr Skrevet 27. mai 2008 Forfatter Del Skrevet 27. mai 2008 Du skal bruke CCleaner ja.Det jeg vil er at du kjører den som beskrivet. Slette filer eldere enn 48 timer og du kjører register-renser svar ja til og reparer. Din kopling http://www.filehippo.com/download_ccleaner/ viser til Registry mechanics Den kobling fører til CCleaner ikke Registry mechanics. Loggen ser sånnt ut SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 05/27/2008 at 04:31 PM Det ser ut nå at maskinen er bra. Takk for det: rstrr Application Version : 4.0.1154 Core Rules Database Version : 3468 Trace Rules Database Version: 1459 Scan type : Quick Scan Total Scan Time : 00:18:35 Memory items scanned : 790 Memory threats detected : 0 Registry items scanned : 445 Registry threats detected : 0 File items scanned : 13483 File threats detected : 0 Måtte fjerne Avast før jeg kjørte SAS. Den tutet der igen. Installerer nå Avira. mvh rstrr Lenke til kommentar
snippsat Skrevet 27. mai 2008 Del Skrevet 27. mai 2008 Ja ser jo bra ut nå. SAS finner ingen ting. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå