|
| |||||||
 |
 |
| | Thread Tools |
|
#1
3 juli 2009 00:31
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus Jeg hadde microsoft pop up fortelle meg jeg hadde et virus Ran malwarebyts ingenting. Ran super anti virus viste 16 problem. Deretter husket at jeg hadde Drweb skanneren på datamaskinen og drev det. Men jeg la merke til at de samme såkalte trojanske stadig kommer opp. aolcinst.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ Programfiler \ Fellesfiler \ aolback \ Comps \ buss \ aolcinst.exe; Adware.Gdow n;; aolcinst.exe; C: \ Programfiler \ Fellesfiler \ aolback \ Comps \ coach; Arkiv inneholder infiserte objekter; flyttet.; TSSetup.exe \ data002; C: \ Programfiler \ Fellesfiler \ aolback \ Comps \ tpspd \ TSSetup.exe; Sannsynligvis DLOADER.Trojan;; TSSetup.exe; C: \ Programfiler \ Fellesfiler \ aolback \ Comps \ tpspd; Arkiv inneholder infiserte objekter; flyttet.; ppctl.dll; C: \ Programfiler \ Fellesfiler \ Scanner; Sannsynligvis DLOADER.Trojan; flyttet.; AIM.exe \ data090; C: \ AOL Instant Messenger \ AIM.exe; Adware.Aws;; AIM.exe; C: \ AOL Instant Messenger; Arkiv inneholder infiserte objekter; flyttet.; setup.exe; C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4; Sannsynligvis BACKDOOR.Trojan; flyttet.; A0089111.ocx; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Adware.Gdown; flyttet.; A0089113.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Sannsynligvis BACKDOOR.Trojan; flyttet.; A0101519.exe \ data090; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217 \ A0101519.exe; Adware.Aws;; A0101519.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217; Arkiv inneholder infiserte objekter; flyttet.; A0122098.bat; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP257; Sannsynligvis BATCH.Virus; flyttet.; A0122542.bat; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Sannsynligvis BATCH.Virus; flyttet.; A0122632.bat; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Sannsynligvis BATCH.Virus; flyttet.; A0138379.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292 \ A0138379.exe; Adware.Gdown;; A0138379.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292; Arkiv inneholder infiserte objekter; flyttet.; A0139338.exe \ data090; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139338.exe; Adware.Aws;; A0139338.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arkiv inneholder infiserte objekter; flyttet.; A0139364.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139364.exe; Adware.Gdown;; A0139364.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arkiv inneholder infiserte objekter; flyttet.; A0139386.exe \ data002; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139386.exe; Sannsynligvis DLOADER.Trojan;; A0139386.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arkiv inneholder infiserte objekter; flyttet.; A0139531.DLL; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP296; Sannsynligvis DLOADER.Trojan; flyttet.; A0156077.exe \ data090; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156077.exe; Adware.Aws;; A0156077.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arkiv inneholder infiserte objekter; flyttet.; A0156103.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156103.exe; Adware.Gdown;; A0156103.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arkiv inneholder infiserte objekter; flyttet.; A0156125.exe \ data002; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156125.exe; Sannsynligvis DLOADER.Trojan;; A0156125.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arkiv inneholder infiserte objekter; flyttet.; A0156545.DLL; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP317; Sannsynligvis DLOADER.Trojan; flyttet.; A0157937.exe \ core.cab \ GTDOWNAO_106.ocx; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157937.exe; Adware.Gdown;; A0157937.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arkiv inneholder infiserte objekter; flyttet.; A0157938.exe \ data002; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157938.exe; Sannsynligvis DLOADER.Trojan;; A0157938.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arkiv inneholder infiserte objekter; flyttet.; A0157939.exe \ data090; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157939.exe; Adware.Aws;; A0157939.exe; C: \ System Volume Information \ _Restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arkiv inneholder infiserte objekter; flyttet.; Og det vil ikke løse problemet bare flytte den. Hva bør jeg bruke for å få den trojanske av datamaskinen gang for alle? Akkurat nå har jeg ikke noe anti virus kjører derfor alle jeg tryed uansett om betalt eller gratis holder trekke Aol. (Min ISP) som et virus. |
|
#2
3 juli 2009 10:09
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus Oppdater Malwarebytes og kjøre en full scan deretter legge loggen takk.
__________________  |
|
#3
3 juli 2009 13:29
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus oppdatert malwarebytes Malwarebytes' Anti-Malware 1.38 Database versjon: 2297 Windows 5.1.2600 Service Pack 2 7/2/2009 3:06:04 PM mbam-log-2009-07-02 (15-06-04). txt Scan type: Full Scan (C: \ |) Objekter skannet: 168556 Tid brukt: 17 minutt (er), 16 sekund (er) Memory Processes Infected: 0 Memory Modules Infected: 0 Registernøkler Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (Ingen skadelige eks oppdaget) Memory Modules Infected: (Ingen skadelige eks oppdaget) Registernøkler Infected: (Ingen skadelige eks oppdaget) Registry Values Infected: (Ingen skadelige eks oppdaget) Registry Data Items Infected: (Ingen skadelige eks oppdaget) Folders Infected: (Ingen skadelige eks oppdaget) Files Infected: (Ingen skadelige eks oppdaget) Men etter denne skanningen var over et vindu poped opp fortelle meg det var en feil og vinduer nødvendig lukkes. |
|
#4
3 juli 2009 14:52
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus Nedlasting DDS fra | Her | eller | Her | eller | Her | og lagre den på skrivebordet. Vista-brukere høyreklikk på DDS og velg Kjør som administrator (du mottar en UAC-melding, kan du tillater det) * XP-brukere Dobbeltklikk på DDS å kjøre den. * Hvis antivirusprogrammet eller brannmuren forsøker å blokkere DDS kan du tillate den å løpe. * Når du er ferdig DDS vil åpne to (2) loggene. 1) DDS.txt 2) Attach.txt * Lagre begge loggene til skrivebordet ditt. * Vennligst kopier og lim inn hele innholdet på begge loggene i neste svaret. Merk: DDS vil veilede deg til å legge inn Attach.txt logg som et vedlegg. Bare legge det slik du vil andre loggen ved å kopiere og lime den inn i svaret. ---------- Laste ned Rooter.exe til skrivebordet * Dobbeltklikk Rooter.exe å starte verktøyet .* En DOS-vinduet og vise skanningen pågår. * Når en notepad fil som inneholder rapporten vil åpne. * Kopier og lim resultatene i neste svaret. * Lukk Notisblokk og Rooter vil lukkes. En logg skal også lagre ved % systemdrive% \ Rooter.txt (Hvor% systemdrive% er vanligvis C: eller den stasjonen du har Windows installert).
__________________ |
|
#5
3 juli 2009 17:13
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus DDS (Ver_09-06-26,01) - FAT32x86 Kjør Windows-bruker på 19:43:32.90 på fredag 07/03/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.788 [GMT -4:00] ============== Running Prosesser =============== C: \ WINDOWS \ system32 \ svchost-k DcomLaunch Svchost.exe C: \ WINDOWS \ system32 \ Svchost.exe-k netsvcs Svchost.exe Svchost.exe C: \ WINDOWS \ system32 \ Spoolsv.exe Svchost.exe C: \ Programfiler \ Fellesfiler \ AOL \ ACS \ AOLAcsd.exe C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe C: \ WINDOWS \ system32 \ snmp.exe C: \ WINDOWS \ system32 \ Svchost.exe-k imgsvc C: \ WINDOWS \ Explorer.exe C: \ Program Files \ Lexmark 5200 Series \ lxbtbmgr.exe C: \ Programfiler \ Java \ jre6 \ bin \ jusched.exe C: \ Program Files \ Lexmark 5200 Series \ lxbtbmon.exe C: \ Programfiler \ Fellesfiler \ AOL \ 1246084174 \ ee \ AOLSoftware.exe C: \ Programfiler \ Fellesfiler \ AOL \ ACS \ AOLDial.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ Jet Skjermbilde \ jetScreenshot.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Programfiler \ America Online 9.0 \ waol.exe C: \ Programfiler \ America Online 9.0 \ shellmon.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ MYDOCU ~ 1 \ dds.scr ============== Pseudo HJT Rapport =============== uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = (searchTerms) & sourceid = ie7 & rls = com.micros ofte: en-US & ie = utf8 & oe = utf8 uStart Page = hxxp: / / www.aol.com/ uWindow Tittel = Internet Explorer levert av epix ® mWindow Tittel = Internet Explorer levert av epix ® BHO: AskBar BHO: (201f27d4-3704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll BHO: Java (tm) Plug-in 2 SSV Helper: (dbc80044-a445-435b-bc74-9c25c1c588a9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll BHO: JQSIEStartDetectorImpl Klassifikasjon: (e7e6f031-17ce-4c07-bc86-eabfe594f69c) - C: \ Program Files \ Java \ jre6 \ lib \ distribuere \ jqs \ ie \ jqs_plugin.dll TB: AIM Søk: (40d41a8b-d79b-43d7-99a7-9ee0f344c385) -- TB: AOL Toolbar: (4982d40a-c53b-4615-b15b-b5b5e98d167c) - C: \ Program Files \ AOL Toolbar \ toolbar.dll TB: Ask Toolbar: (3041d03e-fd4b-44e0-b742-2d9b88305f98) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll EB: Real.com: (fe54fa40-d68c-11d2-98fa-00c0f0318afe) - c: \ windows \ system32 \ Shdocvw.dll uRun: [Ctfmon.exe] c: \ windows \ system32 \ Ctfmon.exe uRun: [AOL Fast Start] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-b uRun: [Jet Skjermbilde] "C: \ Program Files \ Jet skjermbilde \ jetScreenshot.exe" mRun: [Lexmark 5200 series] "C: \ Program Files \ Lexmark 5200 Series \ lxbtbmgr.exe" mRun: [LXBTCATS] rundll32 C: \ Windows \ system32 \ Spool \ drivers \ w32x86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16 mRun: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" mRun: [HostManager] C: \ Programfiler \ Fellesfiler \ AOL \ 1246084174 \ ee \ AOLSoftware.exe mRun: [AOLDialer] C: \ Programfiler \ Fellesfiler \ AOL \ ACS \ AOLDial.exe mRun: [Pure Networks Port Magic] "c: \ progra ~ 1 \ purene ~ 1 \ portma ~ 1 \ PortAOL.exe"-Run mRun: [QuickTime Task] "c: \ Programfiler \ QuickTime \ qttask.exe"-atboottime IE: & Legg animasjon IncrediMail Style Box - c: \ Programfiler \ incredimail \ bin \ ressurser \ WebMenuImg.htm IE: & AIM Søk IE: & AOL Toolbar Search - C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML IE: (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe IE: (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe IE: (4982D40A-C53B-4615-B15B-B5B5E98D167C) - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll IE: (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - (FE54FA40-D68C-11d2-98FA-00C0F0318AFE) - c: \ windows \ system32 \ Shdocvw.dll LSP: FarLsp.dll Trusted Zone: 88sears.com \ www Trusted Zone: aol.com \ www Trusted Zone: comodo.com \ www Trusted Zone: PC-juice.com \ www Trusted Zone: giveawayoftheday.com \ www Trusted Zone: newegg.com \ www Trusted Zone: pchelpforum.com \ www Trusted Zone: searscard.com \ www Trusted Zone: statefarm.com \ www Trusted Zone: winpatrol.com \ www DPF: DirectAnimation Java Classes DPF: Internet Explorer Klasser for Java DPF: Microsoft XML Parser for Java DPF: Win32 Classes DPF: (05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8) - hxxp: / / download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab DPF: (15589FA1-C456-11CE-BF01-00AA0055595A) - hxxp: / / w4s2.work4sure.com/c/ge/w4sgeen9.exe DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) - hxxp: / / download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) - hxxp: / / update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1181748806125 DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) - hxxp: / / update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab? 1223016488385 DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) - hxxp: / / www.crucial.com / kontroller / cpcScanner.cab DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) - hxxp: / / www.superadblocker.com / activex / sabspx.cab DPF: (CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: (CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) - hxxp: / / download.macromedia.com / pub / Shockwave / cabs / flash / swflash.cab DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) - hxxp: / / plugin.driveragent.com / filer / driveragent.cab AppInit_DLLs: C: \ WINDOWS \ system32 \ cssdll32.dll LSA: Notification Packages = scecli ============= SERVICES / DRIVERS =============== R1 SASDIFSV; SASDIFSV; C: \ Program Files \ superantispyware \ sasdifsv.sys [2006-10-10 5632] R1 SASKUTIL; SASKUTIL; C: \ Program Files \ superantispyware \ SASKUTIL.SYS [2007-2-27 32256] R3 Winacusb; Winacusb; c: \ windows \ system32 \ drivers \ wina cusb.sys [2008-3-25 902860] S2 ioloFileInfoList; iolo FileInfoList Service; C: \ Program Files \ iolo \ felles \ lib \ ioloservicemanager.exe -> c: \ Programfiler \ iolo \ felles \ lib \ ioloServiceManager.exe [?] S2 ioloSystemService; iolo System Service; C: \ Program Files \ iolo \ felles \ lib \ ioloservicemanager.exe -> c: \ Programfiler \ iolo \ felles \ lib \ ioloServiceManager.exe [?] S3 FarStoneFireWallDrive; FarStoneFireWallDrive; c: \ seier Windows \ system32 \ drivers \ FarDrive.sys [2003-4-2 140256] S3 ousb2hub; OrangeWare USB 2.0 Hub Support; c: \ windows \ system32 \ drivers \ ousb2hub.sys [2008-2-27 53248] S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ pavs rk.sys -> c: \ windows \ system32 \ PavSRK.sys [?] S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ pavt pk.sys -> c: \ windows \ system32 \ PavTPK.sys [?] S3 SASENUM; SASENUM; C: \ Program Files \ superantispyware \ SASENUM.SYS [2006-2-16 4096] S3 SIVDRIVER; SIV Kernel Driver; c: \ windows \ system32 \ drivers \ SIVX32.sys [2008-4-9 48480] ============== Filtilknytninger =============== JSEFile = Notepad.exe% 1 VBEFile = Notepad.exe% 1 VBSFile = Notepad.exe% 1 =============== Opprettet Siste 30 ================ 2009-07-03 02:49 <DIR> - d ----- C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ lisenser 2009-07-03 02:49 <DIR> - d ----- C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ PCMM2009 2009-07-03 02:48 <DIR> - d ----- C: \ Program Files \ PC MightyMax 2009 2009-07-01 09:43 <DIR> - d ----- C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ ArcticLine 2009-07-01 09:43 <DIR> - d ----- C: \ Program Files \ Jet Skjermbilde 2009-06-27 02:36 <DIR> - d ----- c: \ windows \ system32 \ CatRoot_bak 2009-06-27 02:30 <DIR> - d ----- C: \ Installer iTunes 2009-06-27 02:30 <DIR> - d ----- C: \ Installer ICQ 2009-06-27 02:30 <DIR> - d ----- C: \ AOL Instant Messenger 2009-06-27 02:30 <DIR> - d ----- C: \ MAV 2009-06-27 02:29 <DIR> - d ----- C: \ Programfiler \ Fellesfiler \ aolshare 2009-06-27 02:29 <DIR> - d ----- C: \ Program Files \ America Online 9.0 2009-06-24 22:33 221.184 en ------- c: \ windows \ system32 \ wmpns.dll 2009-06-24 22:05 <DIR> - d ----- c: \ windows \ system32 \ scripting 2009-06-24 22:05 <DIR> - d ----- c: \ windows \ l2schemas 2009-06-24 22:05 <DIR> - d ----- c: \ windows \ system32 \ no 2009-06-24 22:05 <DIR> - d ----- c: \ windows \ system32 \ bits 2009-06-24 21:56 67.584 en ------- c: \ windows \ system32 \ drivers \ sdbus.sys 2009-06-24 21:56 36.096 en ------- c: \ windows \ system32 \ drivers \ intelppm.sys 2009-06-24 21:56 15.488 en ------- c: \ windows \ system32 \ drivers \ mssmbios.sys 2009-06-24 21:56 12.416 en ------- c: \ windows \ system32 \ drivers \ tunmp.sys 2009-06-24 21:56 11.136 en ------- c: \ windows \ system32 \ drivers \ sffdisk.sys 2009-06-24 21:56 10.240 en ------- c: \ windows \ system32 \ drivers \ sffp_sd.sys 2009-06-24 21:56 262.784 en ------- c: \ windows \ system32 \ drivers \ http.sys 2009-06-24 21:54 2.012.670 en ------- c: \ windows \ system32 \ dllcache \ nt5.cat 2009-06-24 21:53 114.688 en ------- c: \ windows \ system32 \ dllcache \ WScript.exe 2009-06-24 21:50 <DIR> - d ----- c: \ windows \ EHome 2009-06-24 02:10 <DIR> - d ----- C: \ Program Files \ SNSafe & Software 2009-06-24 02:10 <DIR> - d ----- C: \ DOCUME ~ 1 \ alluse ~ 1 \ PROGRAMMER ~ 1 \ SNSafe & Software 2009-06-20 20:46 246.272 -------- C: \ Windows \ system32 \ dllcache \ ieproxy.dll 2009-06-20 20:46 12.800 -------- C: \ Windows \ system32 \ dllcache \ xpshims.dll 2009-06-17 20:32 <DIR> - dsh --- C: \ FOUND.020 2009-06-17 10:03 <DIR> - DH --- c: \ windows \ ie8 2009-06-16 19:54 <DIR> - d ----- C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ AVS4YOU 2009-06-16 19:54 <DIR> - d ----- C: \ DOCUME ~ 1 \ alluse ~ 1 \ PROGRAMMER ~ 1 \ AVS4YOU 2009-06-16 19:53 <DIR> - d ----- C: \ Programfiler \ Fellesfiler \ AVSMedia 2009-06-16 19:53 1.700.352 en ------- c: \ windows \ system32 \ Gdiplus.dll 2009-06-16 19:53 974.848 en ------- c: \ windows \ system32 \ mfc70.dll 2009-06-16 19:53 487.424 en ------- c: \ windows \ system32 \ msvcp70.dll 2009-06-16 19:53 344.064 en ------- c: \ windows \ system32 \ msvcr70.dll 2009-06-16 19:53 <DIR> - d ----- C: \ Program Files \ AVS4YOU 2009-06-12 21:45 3.120 en ------- c: \ windows \ MF_C426.lfa 2009-06-11 16:27 <DIR> - d ----- C: \ Program Files \ Fresh RAM 2009-06-11 16:21 <DIR> - dsh --- C: \ FOUND.019 2009-06-11 11:55 5.465.088 en ------- C: \ Fresh RAM.msi 2009-06-09 02:29 <DIR> - d ----- C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ Blitware 2009-06-09 02:29 <DIR> - d ----- C: \ Program Files \ Driver Robot 2009-06-08 22:24 <DIR> - d ----- C: \ DOCUME ~ 1 \ alluse ~ 1 \ PROGRAMMER ~ 1 \ PC Drivers Headquarters 2009-06-07 23:00 <DIR> - d ----- C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ GetRightToGo 2009-06-07 19:38 7.680 en ------- c: \ windows \ system32 \ spdwnwxp.exe 2009-06-07 19:38 19.569 en ------- c: \ windows \ 002865_.tmp 2009-06-06 23:57 <DIR> - dsh --- C: \ Resirkulert 2009-06-06 10:46 <DIR> - d ----- C: \ Program Files \ filehippo.com 2009-06-04 23:59 <DIR> - d ----- C: \ Program Files \ DrWeb 2009-06-03 23:57 <DIR> a-dshr - C: \ cmdcons 2009-06-03 23:28 161.792 en ------- c: \ windows \ SWREG.exe 2009-06-03 23:28 98.816 en ------- c: \ windows \ sed.exe ==================== Find3M ==================== 2009-06-27 02:16 76.487 en ------- c: \ windows \ PCHealth \ helpctr \ offlinecache \ index.dat 2009-06-17 11:27 38.160 en ------- c: \ windows \ system32 \ drivers \ mbamswissarmy.sys 2009-06-17 11:27 19.096 en ------- c: \ windows \ system32 \ drivers \ mbam.sys 2009-06-11 18:43 1.744 en ------- c: \ windows \ system32 \ d3d9caps.dat 2009-05-27 11:21 372 en ------- C: \ Program Files \ ujhonz.txt 2009-05-21 11:33 410.984 en ------- c: \ windows \ system32 \ deploytk.dll 2009-05-13 01:15 5.936.128 en ------- c: \ windows \ system32 \ dllcache \ mshtml.dll 2009-05-13 01:15 915.456 en ------- c: \ windows \ system32 \ Wininet.dll 2009-05-13 01:15 915.456 en ------- c: \ windows \ system32 \ dllcache \ Wininet.dll 2009-05-12 01:11 102.912 -------- C: \ Windows \ system32 \ dllcache \ iecompat.dll 2009-05-07 11:44 344.064 en ------- c: \ windows \ system32 \ Localspl.dll 2009-05-07 11:44 344.064 en ------- c: \ windows \ system32 \ dllcache \ Localspl.dll 2009-04-30 17:22 1.985.024 en ------- c: \ windows \ system32 \ dllcache \ iertutil.dll 2009-04-30 17:22 11.064.832 en ------- c: \ windows \ system32 \ dllcache \ ieframe.dll 2009-04-30 17:22 1.207.808 en ------- c: \ windows \ system32 \ dllcache \ urlmon.dll 2009-04-30 17:22 385.536 en ------- c: \ windows \ system32 \ dllcache \ iedkcs32.dll 2009-04-30 17:22 25.600 en ------- c: \ windows \ system32 \ dllcache \ jsproxy.dll 2009-04-30 07:21 173.056 en ------- c: \ windows \ system32 \ dllcache \ ie4uinit.exe 2009-04-22 00:07 253.688 en ------- c: \ windows \ system32 \ cssdll32.dll 2009-04-17 05:58 1.846.656 en ------- c: \ windows \ system32 \ Win32k.sys 2009-04-17 05:58 1.846.656 en ------- c: \ windows \ system32 \ dllcache \ Win32k.sys 2009-04-15 11:26 583.168 en ------- c: \ windows \ system32 \ Rpcrt4.dll 2009-04-15 11:26 583.168 en ------- c: \ windows \ system32 \ dllcache \ Rpcrt4.dll 2008-03-18 03:11 332 en ------- C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ wklnhst.dat 2007-06-10 23:19 11.079 en ------- C: \ Program Files \ Folder.htt 2007-06-10 23:19 266 --- sh --- C: \ Program Files \ Desktop.ini ============= FINISH: 19:43:58.97 =============== Med mindre annet er oppgitt instruert, IKKE POST Denne loggen. Dersom det er ønskelig, ZIP den opp og legg det DDS (Ver_09-06-26,01) Microsoft Windows XP Home Edition Boot Device: \ Device \ HarddiskVolume1 Install Date: 6/13/2007 12:27:51 AM System Oppetid: 7/3/2009 6:50:56 PM (1 timer siden) Hovedkort: ECS | | K7S5A Prosessor: AMD Athlon (tm) XP 1900 + | Socket-A | 1593/66mhz ==== Disk Rekkverk ========================= A: er Avtakbart C: er løst (FAT32) - 112 GiB totalt 90.479 GiB gratis. D: er CD-ROM () ==== Funksjonshemmede Enhetsbehandling Eks ============= ==== Systemgjenoppretting Points =================== RP205: 3/27/2009 3:00:16 AM - Software Distribution Service 3.0 RP206: 3/27/2009 3:38:07 AM - Software Distribution Service 3.0 RP207: 3/28/2009 3:52:35 AM - systemkontrollpunkt RP208: 3/29/2009 10:01:09 PM - Software Distribution Service 3.0 RP209: 6/6/2009 10:52:13 PM - Installed Mavis Beacon Lærer Typing 15 RP210: 6/6/2009 10:52:30 PM - Fjernet Mavis Beacon Lærer Typing 15 RP211: 6/6/2009 10:52:49 PM - Installed Panda Internet Security 2007 RP212: 6/6/2009 10:53:06 PM - Fjernet Panda Internet Security 2007 RP213: 5/16/2009 12:48:17 PM - Software Distribution Service 3.0 RP214: 5/17/2009 4:49:29 PM - Software Distribution Service 3.0 RP215: 5/17/2009 5:35:08 PM - Software Distribution Service 3.0 RP216: 5/18/2009 8:44:14 AM - Software Distribution Service 3.0 RP217: 5/18/2009 8:51:46 AM - Software Distribution Service 3.0 RP218: 5/19/2009 12:10:32 PM - Software Distribution Service 3.0 RP219: 5/19/2009 1:35:25 PM - Software Distribution Service 3.0 RP220: 5/20/2009 8:09:36 AM - Software Distribution Service 3.0 RP221: 5/20/2009 9:17:11 AM - Software Distribution Service 3.0 RP222: 5/21/2009 8:36:45 AM - Software Distribution Service 3.0 RP223: 5/21/2009 9:24:15 AM - Software Distribution Service 3.0 RP224: 5/21/2009 3:40:47 PM - Software Distribution Service 3.0 RP225: 5/21/2009 11:38:45 PM - Software Distribution Service 3.0 RP226: 5/22/2009 7:54:23 PM - Software Distribution Service 3.0 RP227: 5/22/2009 10:48:21 PM - Software Distribution Service 3.0 RP228: 5/23/2009 7:15:10 PM - Software Distribution Service 3.0 RP229: 5/24/2009 4:32:34 PM - Software Distribution Service 3.0 RP230: 5/24/2009 6:46:46 PM - Software Distribution Service 3.0 RP231: 5/24/2009 8:21:48 PM - Software Distribution Service 3.0 RP232: 5/24/2009 11:47:56 PM - Software Distribution Service 3.0 RP233: 5/25/2009 8:18:22 AM - Software Distribution Service 3.0 RP234: 5/25/2009 8:39:45 AM - Software Distribution Service 3.0 RP235: 5/25/2009 11:41:13 PM - Software Distribution Service 3.0 RP236: 5/26/2009 10:33:23 AM - Software Distribution Service 3.0 RP237: 5/27/2009 8:13:50 AM - Software Distribution Service 3.0 RP238: 5/27/2009 8:45:24 AM - Software Distribution Service 3.0 RP239: 5/27/2009 7:16:04 PM - Software Distribution Service 3.0 RP240: 5/28/2009 4:52:25 PM - Software Distribution Service 3.0 RP241: 5/28/2009 4:58:56 PM - Software Distribution Service 3.0 RP242: 5/28/2009 5:05:35 PM - Installed Windows Internet Explorer 8. RP243: 5/28/2009 5:06:37 PM - Software Distribution Service 3.0 RP244: 5/29/2009 8:39:44 AM - Software Distribution Service 3.0 RP245: 5/29/2009 8:52:41 AM - Software Distribution Service 3.0 RP246: 5/30/2009 5:01:53 AM - Software Distribution Service 3.0 RP247: 5/31/2009 9:08:55 PM - Software Distribution Service 3.0 RP248: 6/1/2009 12:30:50 AM - Installed Windows Internet Explorer 8. RP249: 6/1/2009 12:31:29 AM - Software Distribution Service 3.0 RP250: 6/1/2009 1:01:01 AM - Software Distribution Service 3.0 RP251: 6/1/2009 9:59:00 AM - Software Distribution Service 3.0 RP252: 6/2/2009 1:25:10 AM - Software Distribution Service 3.0 RP253: 6/2/2009 1:44:44 PM - Software Distribution Service 3.0 RP254: 6/2/2009 9:42:45 PM - Software Distribution Service 3.0 RP255: 6/3/2009 2:52:20 AM - Software Distribution Service 3.0 RP256: 6/3/2009 10:07:30 AM - Software Distribution Service 3.0 RP257: 6/3/2009 9:03:54 PM - Software Distribution Service 3.0 RP258: 6/4/2009 1:16:16 AM - Installed MSXML 4.0 SP2 (KB925672) RP259: 6/4/2009 3:00:13 AM - Software Distribution Service 3.0 RP260: 6/4/2009 3:13:34 AM - Software Distribution Service 3.0 RP261: 6/4/2009 11:59:13 PM - Installed Dr.Web anti-virus for Windows 5.0. RP262: 6/5/2009 12:36:30 AM - Fjernet Dr.Web anti-virus for Windows 5.0. RP263: 6/5/2009 12:38:54 AM - Fjernet Dr.Web anti-virus for Windows 5.0. RP264: 6/5/2009 2:22:38 AM - Software Distribution Service 3.0 RP265: 6/6/2009 3:00:14 AM - Software Distribution Service 3.0 RP266: 6.6.2009 10:51:09 - Software Distribution Service 3.0 RP267: 6/7/2009 12:10:12 AM - Software Distribution Service 3.0 RP268: 6/8/2009 12:20:37 AM - Software Distribution Service 3.0 RP269: 6/8/2009 10:03:39 AM - Software Distribution Service 3.0 RP270: 6/8/2009 10:23:28 PM - Installed Driver Detective RP271: 6/8/2009 10:41:57 PM - Software Distribution Service 3.0 RP272: 6/9/2009 2:32:24 AM - Software Distribution Service 3.0 RP273: 6/9/2009 8:29:05 AM - Software Distribution Service 3.0 RP274: 6/9/2009 1:25:29 PM - Software Distribution Service 3.0 RP275: 6/9/2009 11:06:13 PM - Software Distribution Service 3.0 RP276: 6/10/2009 8:56:06 AM - Software Distribution Service 3.0 RP277: 6/10/2009 9:40:44 AM - Software Distribution Service 3.0 RP278: 6/11/2009 1:45:31 AM - Software Distribution Service 3.0 RP279: 6/11/2009 4:27:14 PM - Installed Fresh RAM RP280: 6/11/2009 6:45:39 PM - Konfigurert Driver Detective RP281: 6/12/2009 1:51:36 AM - Software Distribution Service 3.0 RP282: 6/12/2009 8:55:19 AM - Software Distribution Service 3.0 RP283: 6/13/2009 11:02:27 AM - Software Distribution Service 3.0 RP284: 6/13/2009 11:13:50 AM - Software Distribution Service 3.0 RP285: 6/14/2009 10:49:45 PM - Software Distribution Service 3.0 RP286: 6/15/2009 9:16:53 AM - Software Distribution Service 3.0 RP287: 6/15/2009 11:09:18 PM - Software Distribution Service 3.0 RP288: 6/16/2009 10:07:34 AM - Software Distribution Service 3.0 RP289: 6/17/2009 9:01:20 AM - Software Distribution Service 3.0 RP290: 6/17/2009 10:05:33 AM - Installed Windows Internet Explorer 8. RP291: 6/18/2009 10:16:10 AM - Software Distribution Service 3.0 RP292: 6/18/2009 10:41:06 AM - Installed Windows Media Format 9 Series Runtime Setup RP293: 6/18/2009 1:11:48 PM - Installed Windows Media Format 9 Series Runtime Setup RP294: 6/18/2009 1:29:13 PM - Software Distribution Service 3.0 RP295: 6/19/2009 3:01:54 AM - Software Distribution Service 3.0 RP296: 6/19/2009 9:29:35 AM - Software Distribution Service 3.0 RP297: 6/19/2009 5:47:01 PM - Software Distribution Service 3.0 RP298: 6/20/2009 6:59:50 PM - Software Distribution Service 3.0 RP299: 6/20/2009 7:05:46 PM - Java (TM) 6 Update 14 RP300: 6/21/2009 4:07:26 PM - Software Distribution Service 3.0 RP301: 6/21/2009 4:14:22 PM - Software Distribution Service 3.0 RP302: 6/22/2009 9:44:00 AM - Software Distribution Service 3.0 RP303: 6/22/2009 11:31:38 AM - Software Distribution Service 3.0 RP304: 6/23/2009 3:00:23 AM - Software Distribution Service 3.0 RP305: 6/24/2009 9:44:31 AM - Software Distribution Service 3.0 RP306: 6/24/2009 9:55:45 AM - Software Distribution Service 3.0 RP307: 6/24/2009 10:14:50 AM - Software Distribution Service 3.0 RP308: 6/24/2009 9:41:13 PM - Software Distribution Service 3.0 RP309: 6/25/2009 2:52:04 AM - Software Distribution Service 3.0 RP310: 6/25/2009 12:17:49 PM - Software Distribution Service 3.0 RP311: 6/26/2009 9:27:47 PM - Software Distribution Service 3.0 RP312: 6/27/2009 12:41:14 AM - gjenopprettingsoperasjonen RP313: 6/27/2009 1:35:40 AM - gjenopprettingsoperasjonen RP314: 6/27/2009 2:25:58 AM - Software Distribution Service 3.0 RP315: 6/27/2009 2:30:41 AM - Installed Windows Media Format 9 Series Runtime Setup RP316: 6/28/2009 8:31:27 AM - Software Distribution Service 3.0 RP317: 6/29/2009 10:03:24 AM - Software Distribution Service 3.0 RP318: 6/29/2009 6:35:12 PM - Software Distribution Service 3.0 RP319: 6/29/2009 9:00:14 PM - Software Distribution Service 3.0 RP320: 6/30/2009 3:32:09 AM - Software Distribution Service 3.0 RP321: 6/30/2009 11:45:20 AM - Software Distribution Service 3.0 RP322: 7/1/2009 9:15:52 AM - Software Distribution Service 3.0 RP323: 7/1/2009 11:21:44 AM - Software Distribution Service 3.0 RP324: 7/1/2009 10:38:39 PM - Software Distribution Service 3.0 RP325: 7/2/2009 3:16:53 AM - Software Distribution Service 3.0 RP326: 7/2/2009 12:22:35 PM - Software Distribution Service 3.0 RP327: 7/2/2009 7:09:25 PM - Software Distribution Service 3.0 RP328: 7/3/2009 4:04:54 AM - Software Distribution Service 3.0 ==== Installerte programmer ====================== ABBYY FineReader 5.0 Sprint Plus Adobe Flash Player 10 ActiveX AOL Coach Version 2.0 (Build: 20041026,5 no) AOL Connectivity Services AOL oppgavefeltet AOL Toolbar AOL Uninstaller (Velg hvilke produkter til fjern) AOL har du Pictures Screensaver C-Media Audio C-Media WDM Audio Driver COMODO SafeSurf Compatibility Pack for 2007 Office system Cool PDF Reader 1.0 Driver Robot 1.0.6.0 filehippo.com Update Checker Fresh RAM HackerSmacker HijackThis 2.0.2 Hurtigreparasjonen for Windows XP (KB896344) Hurtigreparasjonen for Windows XP (KB914440) Hurtigreparasjonen for Windows XP (KB915865) Hurtigreparasjonen for Windows XP (KB952287) IncrediMail XE Java (TM) 6 Update 14 Jet Skjermbilde v 2.0 Lexmark 5200 Series Macromedia Shockwave Player Magentic Malwarebytes' Anti-Malware Microsoft. NET Framework 1.1 Microsoft. NET Framework 2.0 Microsoft internasjonalt domenenavn Mitigation APIene Microsoft National Language Support Downlevel APIene Microsoft Office PowerPoint Viewer 2007 (engelsk) Microsoft Visual C + + 2005 Redistributable Microsoft Web Publishing Wizard 1.52 Microsoft Works MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 6 Service Pack 2 (KB954459) Pure Networks Port Magic QuickTime RealPlayer Basic Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB933566) Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB937143) Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB938127) Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB939653) Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB942615) Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB944533) Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB963027) Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB969897) Sikkerhetsoppdatering for Windows Media Player (KB911564) Sikkerhetsoppdatering for Windows Media Player (KB952069) Sikkerhetsoppdatering for Windows Media Player 6.4 (KB925398) Sikkerhetsoppdatering for Windows Media Player 9 (KB917734) Sikkerhetsoppdatering for Windows Media Player 9 (KB936782) Sikkerhetsoppdatering for Windows XP (KB893756) Sikkerhetsoppdatering for Windows XP (KB896358) Sikkerhetsoppdatering for Windows XP (KB896423) Sikkerhetsoppdatering for Windows XP (KB896428) Sikkerhetsoppdatering for Windows XP (KB899587) Sikkerhetsoppdatering for Windows XP (KB899591) Sikkerhetsoppdatering for Windows XP (KB900725) Sikkerhetsoppdatering for Windows XP (KB901017) Sikkerhetsoppdatering for Windows XP (KB901214) Sikkerhetsoppdatering for Windows XP (KB902400) Sikkerhetsoppdatering for Windows XP (KB904706) Sikkerhetsoppdatering for Windows XP (KB905414) Sikkerhetsoppdatering for Windows XP (KB905749) Sikkerhetsoppdatering for Windows XP (KB908519) Sikkerhetsoppdatering for Windows XP (KB911562) Sikkerhetsoppdatering for Windows XP (KB911927) Sikkerhetsoppdatering for Windows XP (KB913580) Sikkerhetsoppdatering for Windows XP (KB914388) Sikkerhetsoppdatering for Windows XP (KB914389) Sikkerhetsoppdatering for Windows XP (KB917344) Sikkerhetsoppdatering for Windows XP (KB917953) Sikkerhetsoppdatering for Windows XP (KB918118) Sikkerhetsoppdatering for Windows XP (KB918439) Sikkerhetsoppdatering for Windows XP (KB919007) Sikkerhetsoppdatering for Windows XP (KB920213) Sikkerhetsoppdatering for Windows XP (KB920670) Sikkerhetsoppdatering for Windows XP (KB920683) Sikkerhetsoppdatering for Windows XP (KB920685) Sikkerhetsoppdatering for Windows XP (KB921503) Sikkerhetsoppdatering for Windows XP (KB922819) Sikkerhetsoppdatering for Windows XP (KB923191) Sikkerhetsoppdatering for Windows XP (KB923414) Sikkerhetsoppdatering for Windows XP (KB923561) Sikkerhetsoppdatering for Windows XP (KB923689) Sikkerhetsoppdatering for Windows XP (KB923980) Sikkerhetsoppdatering for Windows XP (KB924191) Sikkerhetsoppdatering for Windows XP (KB924270) Sikkerhetsoppdatering for Windows XP (KB924496) Sikkerhetsoppdatering for Windows XP (KB924667) Sikkerhetsoppdatering for Windows XP (KB925902) Sikkerhetsoppdatering for Windows XP (KB926247) Sikkerhetsoppdatering for Windows XP (KB926255) Sikkerhetsoppdatering for Windows XP (KB926436) Sikkerhetsoppdatering for Windows XP (KB927779) Sikkerhetsoppdatering for Windows XP (KB927802) Sikkerhetsoppdatering for Windows XP (KB928255) Sikkerhetsoppdatering for Windows XP (KB928843) Sikkerhetsoppdatering for Windows XP (KB929123) Sikkerhetsoppdatering for Windows XP (KB930178) Sikkerhetsoppdatering for Windows XP (KB931261) Sikkerhetsoppdatering for Windows XP (KB931784) Sikkerhetsoppdatering for Windows XP (KB932168) Sikkerhetsoppdatering for Windows XP (KB933566) Sikkerhetsoppdatering for Windows XP (KB933729) Sikkerhetsoppdatering for Windows XP (KB935839) Sikkerhetsoppdatering for Windows XP (KB935840) Sikkerhetsoppdatering for Windows XP (KB936021) Sikkerhetsoppdatering for Windows XP (KB938464) Sikkerhetsoppdatering for Windows XP (KB938829) Sikkerhetsoppdatering for Windows XP (KB941202) Sikkerhetsoppdatering for Windows XP (KB941568) Sikkerhetsoppdatering for Windows XP (KB941569) Sikkerhetsoppdatering for Windows XP (KB941644) Sikkerhetsoppdatering for Windows XP (KB941693) Sikkerhetsoppdatering for Windows XP (KB943055) Sikkerhetsoppdatering for Windows XP (KB943460) Sikkerhetsoppdatering for Windows XP (KB943485) Sikkerhetsoppdatering for Windows XP (KB944653) Sikkerhetsoppdatering for Windows XP (KB945553) Sikkerhetsoppdatering for Windows XP (KB946026) Sikkerhetsoppdatering for Windows XP (KB946648) Sikkerhetsoppdatering for Windows XP (KB948590) Sikkerhetsoppdatering for Windows XP (KB948881) Sikkerhetsoppdatering for Windows XP (KB950749) Sikkerhetsoppdatering for Windows XP (KB950760) Sikkerhetsoppdatering for Windows XP (KB950762) Sikkerhetsoppdatering for Windows XP (KB950974) Sikkerhetsoppdatering for Windows XP (KB951066) Sikkerhetsoppdatering for Windows XP (KB951376-v2) Sikkerhetsoppdatering for Windows XP (KB951376) Sikkerhetsoppdatering for Windows XP (KB951698) Sikkerhetsoppdatering for Windows XP (KB951748) Sikkerhetsoppdatering for Windows XP (KB952004) Sikkerhetsoppdatering for Windows XP (KB952954) Sikkerhetsoppdatering for Windows XP (KB953839) Sikkerhetsoppdatering for Windows XP (KB954211) Sikkerhetsoppdatering for Windows XP (KB954600) Sikkerhetsoppdatering for Windows XP (KB955069) Sikkerhetsoppdatering for Windows XP (KB956391) Sikkerhetsoppdatering for Windows XP (KB956572) Sikkerhetsoppdatering for Windows XP (KB956802) Sikkerhetsoppdatering for Windows XP (KB956803) Sikkerhetsoppdatering for Windows XP (KB956841) Sikkerhetsoppdatering for Windows XP (KB957095) Sikkerhetsoppdatering for Windows XP (KB957097) Sikkerhetsoppdatering for Windows XP (KB958644) Sikkerhetsoppdatering for Windows XP (KB958687) Sikkerhetsoppdatering for Windows XP (KB958690) Sikkerhetsoppdatering for Windows XP (KB959426) Sikkerhetsoppdatering for Windows XP (KB960225) Sikkerhetsoppdatering for Windows XP (KB960715) Sikkerhetsoppdatering for Windows XP (KB960803) Sikkerhetsoppdatering for Windows XP (KB961373) Sikkerhetsoppdatering for Windows XP (KB961501) Sikkerhetsoppdatering for Windows XP (KB968537) Sikkerhetsoppdatering for Windows XP (KB969898) Sikkerhetsoppdatering for Windows XP (KB970238) SiS 900 PCI Fast Ethernet Adapter Driver SIW versjon 2008-04-02 SUPERAntiSpyware Free Edition The Print Shop 21 US Robotics 56K Faxmodem USB Oppdatering for Windows XP (KB894391) Oppdatering for Windows XP (KB898461) Oppdatering for Windows XP (KB900485) Oppdatering for Windows XP (KB904942) Oppdatering for Windows XP (KB908531) Oppdatering for Windows XP (KB910437) Oppdatering for Windows XP (KB911280) Oppdatering for Windows XP (KB916595) Oppdatering for Windows XP (KB920342) Oppdatering for Windows XP (KB920872) Oppdatering for Windows XP (KB922582) Oppdatering for Windows XP (KB927891) Oppdatering for Windows XP (KB930916) Oppdatering for Windows XP (KB931836) Oppdatering for Windows XP (KB932823-v3) Oppdatering for Windows XP (KB933360) Oppdatering for Windows XP (KB938828) Oppdatering for Windows XP (KB942763) Oppdatering for Windows XP (KB955839) Oppdatering for Windows XP (KB967715) Viewpoint Media Player WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Internet Explorer 8 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885836 Windows XP hurtigreparasjon - kb886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Windows XP Uninstall WinPatrol 2009 Zoom V.92 PCI Voice Faxmodem Zoom V92 PC Card Voice Faxmodem ==== Hendelsesliste Meldinger fra Past Week ======== 7/3/2009 4:23:49 PM, feil: Systemfeil [1003] - Feilkode 00000077, parameter1 c000000e, parameter2 c000000e, parameter3 00000000, parameter4 01.422.000. 7/3/2009 2:33:40 PM, feil: Systemfeil [1003] - Feilkode 000000f4, parameter1 00000003, parameter2 86cdb430, parameter3 86cdb5a4, parameter4 805fa1f0. 7/1/2009 10:39:09 PM, feil: Service Control Manager [7034] - AOL TopSpeed Monitor tjenesten avsluttes uventet. Det har gjort dette 6 gang (er). 6/30/2009 5:05:18 PM, feil: Print [6161] - Dokumentet Syslog - Notepad eid av Windows Bruker ikke klarte å skrive ut på skriveren Lexmark 5200 Series. Data type: LEMF. Størrelsen på filmrull filen i byte: 1.208.022. Antall byte trykt: 1.208.022. Totalt antall sider i dokumentet: 3. Antall sider trykt: 0. Klientdatamaskinen: \ \ SUNPORCH. Win32 feilkoden som returneres av utskriftsprosessoren: 126 (0x7e). 6/29/2009 11:36:01 PM, feil: Service Control Manager [7000] - Det SASDIFSV tjenesten startet ikke på grunn av følgende feil: Kan ikke opprette en fil når denne filen allerede eksisterer. 6/27/2009 2:24:45 AM, feil: Service Control Manager [7000] - Det Opplastingsadministrator tjenesten startet ikke på grunn av følgende feil: Kontoen er angitt for denne tjenesten er forskjellig fra kontoen angitt for andre tjenester kjører i samme prosess. 6/27/2009 2:24:37 AM, feil: BITS [16391] - BITS jobblisten er ikke i et anerkjent format. Den kan ha blitt skapt av en annen versjon av BITS. Jobben listen er blitt slettet. 6/27/2009 2:08:32 AM, feil: SnsCore [20] -- 6/27/2009 2:08:24 AM, feil: Service Control Manager [7000] - Det iolo FileInfoList Service tjenesten startet ikke på grunn av følgende feil: Systemet finner ikke den angitte filen. 6/27/2009 1:41:24 AM, feil: Service Control Manager [7023] - Det HID Input Service service avsluttet med følgende feil: Systemet finner ikke den angitte filen. 6/27/2009 1:41:24 AM, feil: Service Control Manager [7000] - Det iolo System Service tjenesten startet ikke på grunn av følgende feil: Systemet finner ikke den angitte filen. 6/27/2009 1:36:19 AM, feil: Service Control Manager [7034] - AOL TopSpeed Monitor tjenesten avsluttes uventet. Det har gjort dette 5 gang (er). 6/27/2009 1:36:09 AM, feil: Service Control Manager [7031] - AOL TopSpeed Monitor tjenesten avsluttes uventet. Det har gjort dette 4 gang (er). Følgende korrigerende tiltak vil bli iverksatt i 1000 millisekunder: Start tjenesten. 6/27/2009 1:36:01 AM, feil: Service Control Manager [7031] - AOL TopSpeed Monitor tjenesten avsluttes uventet. Det har gjort dette 3 gang (er). Følgende korrigerende tiltak vil bli iverksatt i 1000 millisekunder: Start tjenesten. 6/27/2009 1:35:53 AM, feil: Service Control Manager [7031] - AOL TopSpeed Monitor tjenesten avsluttes uventet. Det har gjort dette 2 gang (er). Følgende korrigerende tiltak vil bli iverksatt i 1000 millisekunder: Start tjenesten. 6/27/2009 1:35:35 AM, feil: Service Control Manager [7031] - AOL TopSpeed Monitor tjenesten avsluttes uventet. Det har gjort dette 1 time (r). Følgende korrigerende tiltak vil bli iverksatt i 1000 millisekunder: Start tjenesten. 6/27/2009 1:32:44 AM, feil: DCOM [10005] - DCOM fikk feilen "% 1084" forsøker å starte tjenesten EventSystem med argumentene "" for å kjøre serveren: (1BE1F766-5536-11D1 - B726-00C04FB926AF) 6/27/2009 1:30:38 AM, feil: Service Control Manager [7026] - Følgende boot-start-eller system-start driver (s) Lastingen: AFD AmdK7 FIPS IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SnsCore Tcpip WS2IFSL 6/27/2009 1:30:38 AM, feil: Service Control Manager [7001] - TCP / IP NetBIOS Helper service avhenger av AFD tjeneste som startet ikke på grunn av følgende feil: En enhet koblet til systemet ikke fungerer. 6/27/2009 1:30:38 AM, feil: Service Control Manager [7001] - Det IPSEC Services avhenger av IPSEC driver tjenesten som startet ikke på grunn av følgende feil: En enhet koblet til systemet fungerer ikke . 6/27/2009 1:30:38 AM, feil: Service Control Manager [7001] - DNS Client service avhenger av TCP / IP-protokoll Driver tjeneste som startet ikke på grunn av følgende feil: En enhet koblet til systemet fungerer ikke. 6/27/2009 1:30:38 AM, feil: Service Control Manager [7001] - DHCP-klienttjenesten avhenger av NetBIOS over Tcpip tjeneste som startet ikke på grunn av følgende feil: En enhet koblet til systemet ikke fungerer. 6/27/2009 1:29:52 AM, feil: DCOM [10005] - DCOM fikk feilen "% 1084" forsøker å starte tjenesten NETMAN med argumentene "" for å kjøre serveren: (BA126AE5-2166-11D1 - B1D0-00805FC1270E) 6/27/2009 1:19:01 AM, feil: Service Control Manager [7009] - Tidsavbrudd (30000 millisekunder) venter på IMAPI CD-Burning COM Service tjeneste for å koble. 6/27/2009 1:19:01 AM, feil: Service Control Manager [7000] - IMAPI CD-Burning COM Service tjenesten startet ikke på grunn av følgende feil: Tjenesten svarte ikke til starten eller kontroll i det tide. 6/27/2009 1:16:56 AM, feil: Service Control Manager [7023] - Terminal Services avsluttet med følgende feil: Ugyldig tilgang til minneplassering. 6/27/2009 1:16:56 AM, feil: Service Control Manager [7023] - Automatiske oppdateringer avsluttet med følgende feil:%% 3228369023 6/27/2009 1:16:56 AM, feil: Service Control Manager [7001] - Det Raskt brukerbytte Kompatibilitet service avhenger av Terminal Services som startet ikke på grunn av følgende feil: Ugyldig tilgang til minneplassering. 6/27/2009 1:05:23 AM, feil: DCOM [10005] - DCOM fikk feilen "% 1084" forsøker å starte tjenesten wuauserv med argumentene "" for å kjøre serveren: (E60687F7-01A1-40AA - 86AC-DB1CBF673334) 6/26/2009 9:29:28 PM, feil: Windows Update Agent [20] - Installasjon Failure: Vinduer mislykkes å installere denne oppdateringen med feil 0x80070643: Microsoft. NET Framework 1.1 Service Pack 1. ==== Slutten av filen =========================== Rooter.exe (v1.0.2) ved Eric_71 . SeDebugPrivilege gitt suksess ... . Windows XP Home Edition (5.1.2600) Service Pack 2 [32_bits] - x86 Family 6 Modell 6 Stepping 2, AuthenticAMD . [wscsvc] (Sikkerhetssenter) RUNNING (fylke: 4) [SharedAccess] RUNNING (fylke: 4) Windows Firewall -> Aktivert . Internet Explorer 8.0.6001.18702 . A: \ [Demonterbar] C: \ [Fixed-FAT32] .. (Totalt: 112 Go - Gratis: 90 Go) D: \ [CD_Rom] . Scan: 19:57.51 Path: C: \ Documents and Settings \ Windows \ Lokale innstillinger \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ Rooter [1]. Exe Bruker: Windows Bruker (Administrator -> JA) . ---------------------- \ \ Prosesser . Lukket [systemprosessen] (0) ______ System (4) ______ \ SystemRoot \ System32 \ smss.exe (292) ______ \? \ C: \ WINDOWS \ system32 \ Csrss.exe (348) ______ \? \ C: \ WINDOWS \ system32 \ Winlogon.exe (372) ______ C: \ WINDOWS \ system32 \ Services.exe (416) ______ C: \ WINDOWS \ system32 \ Lsass.exe (428) ______ C: \ WINDOWS \ system32 \ Svchost.exe (576) ______ C: \ WINDOWS \ system32 \ Svchost.exe (620) ______ C: \ WINDOWS \ system32 \ Svchost.exe (664) ______ C: \ WINDOWS \ system32 \ Svchost.exe (708) ______ C: \ WINDOWS \ system32 \ Svchost.exe (804) ______ C: \ WINDOWS \ system32 \ Spoolsv.exe (900) ______ C: \ WINDOWS \ system32 \ Svchost.exe (980) ______ C: \ Programfiler \ Fellesfiler \ AOL \ ACS \ AOLAcsd.exe (1012) ______ C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe (1056) ______ C: \ WINDOWS \ system32 \ snmp.exe (1148) ______ C: \ WINDOWS \ system32 \ Svchost.exe (1180) ______ C: \ WINDOWS \ System32 \ alg.exe (1900) ______ C: \ WINDOWS \ Explorer.exe (1124) ______ C: \ Program Files \ Lexmark 5200 Series \ lxbtbmgr.exe (528) ______ C: \ Programfiler \ Java \ jre6 \ bin \ jusched.exe (1736) ______ C: \ Program Files \ Lexmark 5200 Series \ lxbtbmon.exe (1468) ______ C: \ Programfiler \ Fellesfiler \ AOL \ 1246084174 \ ee \ AOLSoftware.exe (1316) ______ C: \ Programfiler \ Fellesfiler \ AOL \ ACS \ AOLDial.exe (1572) ______ C: \ WINDOWS \ system32 \ Ctfmon.exe (1648) ______ C: \ Program Files \ Jet Skjermbilde \ jetScreenshot.exe (1216) ______ C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe (2148) ______ C: \ WINDOWS \ system32 \ wuauclt.exe (2428) ______ C: \ Programfiler \ America Online 9.0 \ waol.exe (596) ______ C: \ Programfiler \ America Online 9.0 \ shellmon.exe (756) ______ C: \ Documents and Settings \ Windows \ Lokale innstillinger \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ Rooter [1]. EXE (3388) . ---------------------- \ \ Device \ HardDisk0 \ . \ Device \ HardDisk0 [sektorer: 63 x 512 Bytes] . \ Device \ HardDisk0 \ Partition1 - [MBR] - (Start_Offset: 32256 | Lengde: 120681275904) . ---------------------- \ \ Planlagte oppgaver . C: \ WINDOWS \ Tasks \ SA.DAT C: \ WINDOWS \ Tasks \ Desktop.ini C: \ WINDOWS \ Tasks \ Driver Robot.job . ---------------------- \ \ Registry . . ---------------------- \ \ Filer og mapper . C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ PROGRAMMER ~ 1 \ PrivacyControl ==> Rogues <== . ---------------------- \ \ Scan fullført 19:57.56 . C: \ Rooter $ \ Rooter_1.txt - (03/07/2009 | 19:57.56) |
|
#6
3 juli 2009 19:01
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus Slett disse filer / mapper som følger: 1. Gå til Start > Løpe > Type Notepad.exe og klikk OK å åpne Notisblokk. Det må være Notisblokk ikke Wordpad. 2. Kopier teksten i under kode boksen ved å markere all teksten og trykke Ctrl + C Code: KillAll:: DDS:: BHO: AskBar BHO: (201f27d4-3704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll TB: Ask Toolbar: (3041d03e-fd4b-44e0 - b742-2d9b88305f98) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll IE: (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Folder:: C: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ lisenser c: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ PCMM2009 C: \ Program Files \ PC MightyMax 2009 C: \ Program Files \ askbardis c: \ programfiler files \ messenger 4. Deretter klikker du Fil > Lagre 5. Navn filen CFScript.txt - Lagre filen på skrivebordet 6. Dra CFScript (hold venstre museknapp mens du dra filen) og slipp den (release venstre museknapp) i ComboFix.exe som du ser i skjermbildet nedenfor. Viktig: Utføre denne instruksjonen nøye!  ComboFix begynner å kjøre, bare følg instruksjonene. Etter reboot (i tilfelle den ber om å reboot), vil det generere en loggfil for deg. Innlegg som log (Combofix.txt) i neste svaret. Merk: Ikke mouseclick ComboFix's vinduet mens den kjører. Som kan føre til systemet ditt til å fryse
__________________ |
|
#7
5 juli 2009, 14:04
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus Må bare laste ComboFix. Det synes at filen Wes delrtrd Alt jeg har er tekstfiler av combofix. |
|
#8
5 juli 2009, 14:28
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus
__________________ |
|
#9
5 juli 2009, 21:33
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus Beklager det tok så lang tid. Ble bitt av edderkopper og brukte mesteparten av tiden søker å se om jeg kunne finne ut hva som bet meg. Her er skanningen. ComboFix 09-07-05.01 - Windows Bruker 07/06/2009 0:04.4 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.742 [GMT -4:00] Running from: C: \ Documents and settings \ Windows \ Skrivebord \ ComboFix.exe Command brytere brukes:: C: \ Documents and Settings \ Windows \ Skrivebord \ CFScript.txt . ((((((((((((((((((((((((((((((((((((((( Other slettingene ))))))))) )))))))))))))))))))))))))))))))))))))))) . c: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ lisenser c: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ lisenser \ PCMightyMax c27fe264-0186-4910-8a97-50c383296a11 c: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ PCMM2009 c: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ PCMM2009 \ diagnoseinformasjon \ siste skanning c: \ DOCUME ~ 1 \ vindu ~ 1 \ PROGRAMMER ~ 1 \ PCMM2009 \ pcmm2009-konfigurasjon C: \ Program Files \ askbardis C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll C: \ Program Files \ askbardis \ bar \ bin \ askPopStp.dll C: \ Program Files \ askbardis \ bar \ bin \ psvince.dll C: \ Program Files \ askbardis \ bar \ Cache \ files.ini C: \ Program Files \ askbardis \ bar \ History \ søk C: \ Program Files \ askbardis \ bar \ Settings \ config.dat C: \ Program Files \ askbardis \ bar \ Settings \ config.dat.bak C: \ Program Files \ askbardis \ unins000.dat C: \ Program Files \ askbardis \ unins000.exe C: \ Program Files \ Messenger C: \ Program Files \ Messenger \ custsat.dll C: \ Program Files \ Messenger \ logowin.gif C: \ Program Files \ Messenger \ lvback.gif C: \ Program Files \ Messenger \ msgsc.dll C: \ Program Files \ Messenger \ msgslang.dll C: \ Program Files \ Messenger \ msmsgs.exe C: \ Program Files \ Messenger \ newalert.wav C: \ Program Files \ Messenger \ newemail.wav C: \ Program Files \ Messenger \ online.wav C: \ Program Files \ Messenger \ type.wav C: \ Program Files \ Messenger \ xpmsgr.chm C: \ Program Files \ PC MightyMax 2009 C: \ Program Files \ PC MightyMax 2009 \ pcmm2009.error.log . ((((((((((((((((((((((((( Files Created fra 2009-06-06 til 2009-07-06 ))))))))))) )))))))))))))))))))) . 2009-07-06 02:18. 2008-12-03 16:09 59184 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ toolbarsud.exe 2009-07-06 02:18. 2006-04-06 15:33 81000 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ ProgUpd.dll 2009-07-06 02:18. 2006-04-06 15:33 33896 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ postproc.exe 2009-07-06 02:18. 2006-04-06 15:33 156264 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ setup.exe 2009-07-06 02:18. 2008-12-02 18:34 2316392 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ ocpinst.exe 2009-07-06 02:18. 2008-11-12 21:12 1370528 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ msvc9rt.exe 2009-07-06 02:18. 2008-11-06 14:42 2100984 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ aol_toolbar_dual.exe 2009-07-06 02:18. 2008-07-23 18:35 62248 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ ocpgc.exe 2009-07-06 02:18. 2008-07-23 18:35 15144 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ ocpchk.dll 2009-07-06 02:18. 2008-07-23 18:35 74536 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ instSup.dll 2009-07-06 02:18. 2006-07-31 18:41 474184 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ gui.dll 2009-07-06 02:18. 2006-04-06 15:33 25088 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ CACHE \ 4381.3.4 \ EEStart.exe 2009-07-03 23:57. 2009-07-03 23:57 -------- d ----- w-C: \ Rooter $ 2009-07-01 13:43. 2009-07-01 13:43 -------- d ----- w-c: \ Documents and Settings \ Windows \ Application Data \ ArcticLine 2009-07-01 13:43. 2009-07-01 13:43 -------- d ----- w-c: \ Programfiler \ Jet Skjermbilde 2009-06-30 03:17. 2006-10-12 16:29 83504 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ såpeskum \ Temp \ ProgUpd.dll 2009-06-30 03:11. 2009-06-30 03:11 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ AOL OCP 2009-06-30 03:11. 2009-06-30 03:11 -------- d ----- w-c: \ Documents and Settings \ Windows \ Lokale innstillinger \ Programdata \ AOL OCP 2009-06-30 03:05. 2009-06-30 03:07 370496 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ CC UInst.exe 2009-06-30 03:05. 2009-06-30 03:05 94256 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ i stph.dll 2009-06-30 02:57. 2009-06-30 03:05 2439824 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ OC pinsti.exe 2009-06-30 02:56. 2009-06-30 02:57 260040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uinst.exe 2009-06-30 02:55. 2009-06-30 02:56 237616 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ gu i.dll 2009-06-30 02:55. 2009-06-30 02:55 127224 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixlang.exe 2009-06-30 02:55. 2009-06-30 02:55 83504 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ Pr ogUpd.dll 2009-06-30 02:54. 2009-06-30 02:55 223152 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ var finst.exe 2009-06-30 02:53. 2009-06-30 02:54 355592 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixinst.exe 2009-06-30 02:52. 2009-06-30 02:52 11056 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ CC NdInst.dll 2009-06-30 02:52. 2009-06-30 02:52 11312 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uchk.dll 2009-06-30 02:52. 2009-06-30 02:52 11568 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ tb inst.dll 2009-06-30 02:52. 2009-06-30 02:52 170544 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ se tup.exe 2009-06-30 02:51. 2009-06-30 02:52 98992 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ sm instlp.exe 2009-06-30 02:51. 2009-06-30 02:51 11568 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ OC fcheck.dll 2009-06-30 02:51. 2009-06-30 02:51 15920 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ OC pchk.dll 2009-06-30 02:49. 2009-06-30 02:51 580136 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ mu inst.exe 2009-06-30 02:48. 2009-06-30 02:49 282056 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ cc ulang.exe 2009-06-30 02:48. 2009-06-30 02:48 36912 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ po stproc.exe 2009-06-30 02:47. 2009-06-30 02:48 359184 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ tb setup.exe 2009-06-30 02:36. 2009-06-30 02:47 3147256 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ OC pinsts.exe 2009-06-30 02:36. 2009-06-30 02:36 10800 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ var fixchk.dll 2009-06-30 02:35. 2009-06-30 02:36 174752 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ st mninst.exe 2009-06-30 02:35. 2009-06-30 02:35 142040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ al setup.exe 2009-06-30 02:34. 2009-06-30 02:34 67120 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ i stSup.dll 2009-06-27 06:36. 2009-06-27 06:36 -------- d ----- w-c: \ windows \ system32 \ CatRoot_bak 2009-06-27 06:31. 2009-06-27 06:31 167999 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9.0 \ aolEULanPack \ cswitch.exe 2009-06-27 06:31. 2009-06-27 06:31 3298040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9.0 \ aolEULanPack \ langpack.exe 2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ Installer iTunes 2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ Installer ICQ 2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ AOL Instant Messenger 2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ MAV 2009-06-27 06:29. 2009-06-27 06:29 -------- d ----- w-c: \ Programfiler \ Fellesfiler \ aolshare 2009-06-27 06:29. 2009-06-27 06:29 -------- d ----- w-c: \ Programfiler \ America Online 9.0 2009-06-27 05:04. 2009-06-27 05:04 -------- d-sh - w-c: \ Documents and Settings \ Administrator \ IETldCache 2009-06-27 05:03. 2007-12-04 03:49 487323 ---- aw-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro \ prosetup.exe 2009-06-27 05:03. 2007-12-04 03:43 -------- d --- aw-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro 2009-06-27 05:03. 2009-06-27 05:03 -------- d ----- w-c: \ Documents and Settings \ Administrator 2009-06-27 05:03. 2007-12-04 03:43 -------- d ----- w-c: \ Documents and Settings \ Administrator \ Lokale innstillinger \ Programdata \ SITEguard 2009-06-27 05:03. 2007-06-13 04:19 -------- d ----- w-c: \ Documents and Settings \ Administrator \ Lokale innstillinger \ Programdata \ Microsoft 2009-06-25 02:33. 2008-04-14 00:12 221184 ---- aw-c: \ windows \ system32 \ wmpns.dll 2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ scripting 2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ l2schemas 2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ no 2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ bits 2009-06-25 01:56. 2006-02-28 16:00 67584 ---- aw-c: \ windows \ system32 \ drivers \ sdbus.sys 2009-06-25 01:56. 2006-02-28 16:00 36096 ---- aw-c: \ windows \ system32 \ drivers \ intelppm.sys 2009-06-25 01:56. 2006-02-28 16:00 15488 ---- aw-c: \ windows \ system32 \ drivers \ mssmbios.sys 2009-06-25 01:56. 2006-02-28 16:00 12416 ---- aw-c: \ windows \ system32 \ drivers \ tunmp.sys 2009-06-25 01:56. 2006-02-28 16:00 11136 ---- aw-c: \ windows \ system32 \ drivers \ sffdisk.sys 2009-06-25 01:56. 2006-02-28 16:00 10240 ---- aw-c: \ windows \ system32 \ drivers \ sffp_sd.sys 2009-06-25 01:56. 2006-03-17 00:33 262784 ---- aw-c: \ windows \ system32 \ drivers \ http.sys 2009-06-25 01:54. 2006-02-28 16:00 15360 ---- aw-c: \ windows \ system32 \ dllcache \ nppagent.exe 2009-06-25 01:53. 2006-02-28 16:00 82944 ---- aw-c: \ windows \ system32 \ dllcache \ ws2_32.dll 2009-06-25 01:50. 2009-06-25 01:51 -------- d ----- w-c: \ windows \ EHome 2009-06-24 06:11. 2009-06-24 06:11 -------- d-sh - w-c: \ Documents and Settings \ LocalService \ IETldCache 2009-06-24 06:10. 2009-06-24 06:10 -------- d ----- w-c: \ Programfiler \ SNSafe & Software 2009-06-24 06:10. 2009-06-24 06:10 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ SNSafe & Software 2009-06-21 00:46. 2009-04-30 21:22 12800 ------ w-c: \ windows \ system32 \ dllcache \ xpshims.dll 2009-06-21 00:46. 2009-04-30 21:22 246272 ------ w-c: \ windows \ system32 \ dllcache \ ieproxy.dll 2009-06-20 23:05. 2009-06-20 23:05 152576 ---- aw-c: \ Documents and Settings \ Windows \ Application Data \ søndag \ Java \ jre1.6.0_14 \ lzma.dll 2009-06-18 00:32. 2009-06-18 00:32 -------- d-sh - w-C: \ FOUND.020 2009-06-17 14:03. 2009-06-17 14:03 -------- d - h - w-c: \ windows \ ie8 2009-06-16 23:54. 2009-06-16 23:54 -------- d ----- w-c: \ Documents and Settings \ Windows \ Application Data \ AVS4YOU 2009-06-16 23:54. 2009-06-16 23:54 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ AVS4YOU 2009-06-16 23:53. 2009-06-16 23:53 -------- d ----- w-c: \ Programfiler \ Fellesfiler \ AVSMedia 2009-06-16 23:53. 2007-02-27 22:36 974848 ---- aw-c: \ windows \ system32 \ mfc70.dll 2009-06-16 23:53. 2007-02-27 22:36 487424 ---- aw-c: \ windows \ system32 \ msvcp70.dll 2009-06-16 23:53. 2007-02-27 22:36 344064 ---- aw-c: \ windows \ system32 \ msvcr70.dll 2009-06-16 23:53. 2007-02-27 22:36 1700352 ---- aw-c: \ windows \ system32 \ Gdiplus.dll 2009-06-16 23:53. 2009-06-16 23:53 -------- d ----- w-c: \ Programfiler \ AVS4YOU 2009-06-12 05:15. 2009-06-12 05:15 -------- d ----- w-c: \ Programfiler \ Alwil Software 2009-06-11 20:27. 2009-06-11 20:27 18942 ---- ar-c: \ Documents and Settings \ Windows \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2ce7ed6.exe 2009-06-11 20:27. 2009-06-11 20:27 18942 ---- ar-c: \ Documents and Settings \ Windows \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2447235c.exe 2009-06-11 20:27. 2009-06-11 20:27 -------- d ----- w-c: \ Programfiler \ Fresh RAM 2009-06-11 20:21. 2009-06-11 20:21 -------- d-sh - w-C: \ FOUND.019 2009-06-11 15:55. 2009-06-10 17:39 5465088 ---- aw-C: \ Fresh RAM.msi 2009-06-09 06:29. 2009-06-09 06:29 -------- d ----- w-c: \ Documents and Settings \ Windows \ Application Data \ Blitware 2009-06-09 06:29. 2009-06-09 06:29 -------- d ----- w-c: \ Programfiler \ Driver Robot 2009-06-09 02:24. 2009-06-09 02:24 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ PC Drivers Headquarters 2009-06-09 02:23. 2009-06-09 02:23 -------- d ----- w-c: \ Documents and Settings \ Windows \ Lokale innstillinger \ Programdata \ Downloaded Installations 2009-06-08 03:00. 2009-06-08 03:00 -------- d ----- w-c: \ Documents and Settings \ Windows \ Application Data \ GetRightToGo 2009-06-07 23:38. 2008-04-14 00:12 7680 ---- aw-c: \ windows \ system32 \ spdwnwxp.exe 2009-06-06 14:46. 2009-06-06 14:46 -------- d ----- w-c: \ Programfiler \ filehippo.com . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2009-07-03 06:49. 2007-06-16 18:55 302080 ---- aw-c: \ Documents and Settings \ Windows \ Lokale innstillinger \ Programdata \ GDIPFONTCACHEV1.DAT 2009-06-30 03:32. 2009-05-21 02:29 3561743 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes \ Malwarebytes' Anti-Malware \ mbam-setup.exe 2009-06-27 06:16. 2007-06-13 04:18 76487 ---- aw-c: \ windows \ PCHealth \ helpctr \ OfflineCache \ index.dat 2009-06-17 15:27. 2009-05-21 02:17 38160 ---- aw-c: \ windows \ system32 \ drivers \ mbamswissarmy.sys 2009-06-17 15:27. 2009-05-21 02:17 19096 ---- aw-c: \ windows \ system32 \ drivers \ mbam.sys 2009-06-11 22:43. 2007-06-21 02:45 1744 ---- aw-c: \ windows \ system32 \ d3d9caps.dat 2009-06-05 03:59. 2009-06-05 03:59 -------- d ----- w-c: \ Programfiler \ DrWeb 2009-05-28 23:14. 2009-05-28 23:14 -------- d ----- w-c: \ Programfiler \ Java 2009-05-28 23:14. 2009-05-28 23:14 152576 ---- aw-c: \ Documents and Settings \ Windows \ Application Data \ søndag \ Java \ jre1.6.0_13 \ lzma.dll 2009-05-27 15:21. 2009-05-27 15:21 372 ---- aw-c: \ Programfiler \ ujhonz.txt 2009-05-21 15:33. 2009-05-28 23:15 410984 ---- aw-c: \ windows \ system32 \ deploytk.dll 2009-05-21 02:17. 2009-05-21 02:17 -------- d ----- w-c: \ Programfiler \ Malwarebytes' Anti-Malware 2009-05-17 00:04. 2009-05-17 00:04 -------- d ----- w-c: \ Documents and Settings \ Windows \ Application Data \ WinPatrol 2009-05-17 00:03. 2009-05-17 00:03 -------- d ----- w-c: \ Programfiler \ BillP Studios 2009-05-13 05:15. 2007-06-13 03:56 915456 ---- aw-c: \ windows \ system32 \ Wininet.dll 2009-05-07 15:44. 2009-06-25 01:53 344064 ---- aw-c: \ windows \ system32 \ Localspl.dll 2009-04-22 04:07. 2009-04-22 04:07 253688 ---- aw-c: \ windows \ system32 \ cssdll32.dll 2009-04-17 09:58. 2009-06-25 01:53 1846656 ---- aw-c: \ windows \ system32 \ Win32k.sys 2009-04-15 15:26. 2007-06-13 03:55 583168 ---- aw-c: \ windows \ system32 \ Rpcrt4.dll 2007-06-11 03:19. 2007-06-07 04:37 11079 ---- aw-c: \ Programfiler \ Folder.htt . ((((((((((((((((((((((((((((( SnapShot_2009-07-06_03.59.12 )))))))))))))) ))))))))))))))))))))))))))) . + 2009-07-06 04:08. 2009-07-06 04:08 16384 c: \ windows \ temp \ Perflib_Perfdata_468.dat + 2009-07-06 04:08. 2009-07-06 04:08 16384 c: \ windows \ temp \ Perflib_Perfdata_430.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Note * empty entries & legit default entries ikke vises REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ curr entversion \ Explorer \ shelliconoverlayidentifiers \ Sl owFile Icon Overlegg] @ = "(7D688A77-C613-11D0-999B-00C04FD655E1)" [HKEY_CLASSES_ROOT \ CLSID \ (7D688A77-C613-11D0-999B-00C04FD655E1)] 2008-07-03 13:03 8460800 ---- aw-c: \ windows \ system32 \ Shell32.dll [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] "Ctfmon.exe" = "c: \ windows \ system32 \ Ctfmon.exe" [2006-02-28 15360] "AOL Fast Start" = "C: \ Program Files \ America Online 9.0 \ AOL.EXE" [2005-07-12 50776] "Jet Skjermbilde" = "C: \ Program Files \ Jet Skjermbilde \ jetScreenshot.exe" [2009-05-10 3804160] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "Lexmark 5200 Series" = "C: \ Program Files \ Lexmark 5200 Series \ lxbtbmgr.exe" [2004-06-04 57344] "LXBTCATS" = "c: \ windows \ system32 \ Spool \ drivers \ W32X 86 \ 3 \ LXBTtime.dll" [2004-03-17 65536] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2009-05-21 148888] "HostManager" = "C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe" [2007-04-12 42032] "AOLDialer" = "C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe" [2004-10-20 34904] "Pure Networks Port Magic" = "c: \ progra ~ 1 \ PURENE ~ 1 \ PORTMA ~ 1 \ PortAOL.exe" [2004-04-05 99480] "QuickTime Task" = "c: \ Programfiler \ QuickTime \ qttask.exe" [2008-02-20 98304] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ windows] "AppInit_DLLs" = c: \ windows \ system32 \ cssdll32.dl l [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ Session Manager] BootExecute REG_MULTI_SZ AutoCheck Autochk * \ 0autocheck smrgdf c: \ Documents and Settings \ Windows \ Application Data \ iolo \ [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ curr entversion \ setup \ disabledrunkeys] "Cmaudio" = rundll32 cmicnfg.cpl, CMICtrlWnd "NvCplDaemon" = rundll32.exe NvQTwk, NvCplDaemon initialisere "nwiz" = nwiz.exe / install "RegistrySmart" = "C: \ Program Files \ RegistrySmart \ RegistrySmart.exe"-boot "<NO Navn>" = "LoadPowerProfile" = rundll32.exe powrprof.dll, LoadCurrentPwrScheme [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center] "AntiVirusOverride" = dword: 00000001 [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List] "c: \ \ WINDOWS \ \ system32 \ \ sessmgr.exe" = "c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImApp.exe" = "c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ IncMail.exe" = "c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImpCnt.exe" = "c: \ \ Program Files \ \ Magentic \ \ bin \ \ MgImp.exe" = "c: \ \ Program Files \ \ Magentic \ \ bin \ \ Magentic.exe" = "c: \ \ Program Files \ \ Magentic \ \ bin \ \ MgApp.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AOL \ \ Loader \ \ aolload.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AOL \ \ ACS \ \ AOLDial.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "c: \ \ Programfiler \ \ America Online 9.0 \ \ waol.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AOL \ \ System Information \ \ sinf.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" = "c: \ \ Program Files \ \ Malwarebytes' Anti-Malware \ \ mbam.exe" = "c: \ \ Program Files \ \ BillP Studios \ WinPatrol \ \ WinPatrol.exe" = "c: \ \ WINDOWS \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ system32 \ \ sessmgr.exe" = "c: \ \ Programfiler \ \ Fellesfiler \ \ AOL \ \ 1246084174 \ \ EE \ \ AOLServiceHost.exe" = R1 SASDIFSV; SASDIFSV; C: \ Program Files \ SUPERAntiSpyware \ sasdifsv.sys [10.10.2006 1:53 5632] R1 SASKUTIL; SASKUTIL; C: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.SYS [2/27/2007 12:39 PM 32256] R3 Winacusb; Winacusb; c: \ windows \ system32 \ drivers \ wina cusb.sys [3/25/2008 6:57 AM 902860] S2 ioloFileInfoList; iolo FileInfoList Service; C: \ Program Files \ iolo \ felles \ lib \ ioloServiceManager.exe -> c: \ Programfiler \ iolo \ felles \ lib \ ioloServiceManager.exe [?] S2 ioloSystemService; iolo System Service; C: \ Program Files \ iolo \ felles \ lib \ ioloServiceManager.exe -> c: \ Programfiler \ iolo \ felles \ lib \ ioloServiceManager.exe [?] S3 FarStoneFireWallDrive; FarStoneFireWallDrive; c: \ seier Windows \ system32 \ drivers \ FarDrive.sys [4/2/2003 2:36 PM 140256] S3 ousb2hub; OrangeWare USB 2.0 Hub Support; c: \ windows \ system32 \ drivers \ ousb2hub.sys [2/27/2008 7:17 AM 53248] S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ PavS RK.sys -> c: \ windows \ system32 \ PavSRK.sys [?] S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ PavT PK.sys -> c: \ windows \ system32 \ PavTPK.sys [?] S3 SASENUM; SASENUM; C: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS [2/16/2006 5:51 PM 4096] S3 SIVDRIVER; SIV Kernel Driver; c: \ windows \ system32 \ drivers \ SIVX32.sys [4/9/2008 9:47 AM 48,480] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Active Setup \ Installed Components \> (60B49E34-C7CC-11D0-8953-00A0C90347FF)] "c: \ windows \ system32 \ rundll32.exe" "c: \ windows \ system32 \ iedkcs32.dll", BrandIEActiveSe tup Påmelding [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Active Setup \ Installed Components \ (9EF0045A-CDD9-438e-95E6-02B9AFEC8E11)] c: \ windows \ system32 \ updcrl.exe-e-uc: \ WINDOWS \ SYSTEM \ verisignpub1.crl . Innholdet i "Scheduled Tasks"-mappen 2009-06-09 C: \ Windows \ Tasks \ Driver Robot.job - C: \ Program Files \ Driver Robot \ 1.0.6.0 \ DriverRobot.exe [2009-06-09 13:02] . - - - - Orphans fjernet - - - -- BHO-(201f27d4-3704-41d6-89c1-aa35e39143ed) - (no file) . ------- Tilleggsavtale Scan ------- . uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = (searchTerms) & sourceid = ie7 & rls = com.micros ofte: en-US & ie = utf8 & oe = utf8 uStart Page = hxxp: / / www.aol.com/ mWindow Tittel = Internet Explorer levert av epix IE: & Legg animasjon IncrediMail Style Box - c: \ Programfiler \ IncrediMail \ bin \ ressurser \ WebMenuImg.htm IE: & AIM Søk IE: & AOL Toolbar Search - C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML LSP: FarLsp.dll Trusted Zone: 88sears.com \ www Trusted Zone: aol.com \ www Trusted Zone: comodo.com \ www Trusted Zone: PC-juice.com \ www Trusted Zone: giveawayoftheday.com \ www Trusted Zone: newegg.com \ www Trusted Zone: pchelpforum.com \ www Trusted Zone: searscard.com \ www Trusted Zone: statefarm.com \ www Trusted Zone: winpatrol.com \ www TCP: (68589BEF-2503-4090-B404-9FB7D2105BB4) = 205.188.146.145 DPF: DirectAnimation Java Classes DPF: Internet Explorer Klasser for Java DPF: Microsoft XML Parser for Java DPF: Win32 Classes . ************************************************** ************************ CatchMe 0.3.1398 W2K/XP/Vista - rootkit / skjulemodus malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-06 00:08 Windows 5.1.2600 Service Pack 2 FAT NTAPI skanning skjulte prosesser ... scanning hidden autostart entries ... HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run LXBTCATS = rundll32 C: \ Windows \ System32 \ Spool \ drivers \ W32X86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? skanning skjulte filer ... skanning er fullført skjulte filer: 0 ************************************************** ************************ . --------------------- Lukket registernøklene --------------------- [HKEY_USERS \ $ $ $ \ Software \ Microsoft \ SystemCertificat es \ AddressBook *] @ Tillatt (Les) (RestrictedCode) @ Tillatt (Les) (RestrictedCode) . --------------------- DLLer Loaded Under Running Processes --------------------- - - - - - - -> 'Lsass.exe' (428) c: \ windows \ system32 \ FarLsp.dll - - - - - - -> "Explorer.exe" (2420) c: \ windows \ system32 \ Wininet.dll c: \ Programfiler \ Fellesfiler \ AOL \ ACS \ WLHook.dll C: \ Program Files \ AOL oppgavefeltet \ deskbar.dll c: \ Programfiler \ Fellesfiler \ AOL \ AOL Toolbar \ AOLHelper.dll c: \ windows \ system32 \ ieframe.dll c: \ windows \ system32 \ Webcheck.dll . ------------------------ Other Running Prosesser ----------------------- -- . C: \ Programfiler \ Fellesfiler \ AOL \ ACS \ AOLACSD.EXE C: \ Program Files \ JAVA \ JRE6 \ bin \ JQS.EXE c: \ windows \ system32 \ SNMP.EXE C: \ Program Files \ LEXMARK 5200 SERIES \ LXBTBMON.EXE C: \ Program Files \ America Online 9.0 \ WAOL.EXE C: \ Program Files \ America Online 9.0 \ SHELLMON.EXE . ************************************************** ************************ . Fullføringstidspunkt: 2009-07-06 0:10 - maskinen ble startet på nytt ComboFix-karantene-files.txt 2009-07-06 04:10 ComboFix2.txt 2009-07-06 04:01 ComboFix3.txt 2009-06-06 14:20 ComboFix4.txt 2009-06-04 04:03 Pre-Run: 97549156352 bytes gratis Post-Run: 97532772352 bytes gratis 320 --- EOF --- 2009-07-05 21:28 |
|
#10
6 juli 2009, 09:43
| |||
| |||
| Microsoft Pop Up fortelle meg Jeg har et virus Scan Mistenkelige fil (er) Vennligst gå til VirusTotal.com (Hvis flere filer må skannes de må lages separat og logger postet for hver) 1. Kopier filbanen i nedenfor Code boksen: Code: c: \ Documents and Settings \ Windows \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2ce7ed6.exe 3. Trykk Ctrl + V på tastaturet (begge samtidig) for å lime inn filbanen i vinduet. 4. Neste Klikk Send fil Filen vil muligens bli inngått en kø som normalt tar mindre enn et minutt å fjerne. Dette vil utføre en skanning på tvers av flere ulike virussøk motorer. Viktig: Vent til alle de skanning motorer å fullføre. 5. Kopier og lim linken til resultatene i de neste svar
__________________ |
|
| |
| Hugseliste |
Lignende Tråder | ||||
| Tråd | Tråd startet | Forum | Svar | Siste innlegg |
| Flytte fra Microsoft Office 2007 Outlook på PC 2 Microsoft Office X Entoutage på Mac | jjuli | Office Suites & Applications | 0 | 11 juni 2009 15:52 |
| Virus Spørsmål - Kan noen fortelle meg om jeg har et virus | billozz | Virus, spionprogrammer og sikkerhet | 1 | 2 april 2009 13:58 |
| $ 250.000 (£ 172.000) Har fått tilbud av Microsoft for å Finn Hvem står bak Downadup / Conficker Virus | Hybr! D | Virus, spionprogrammer og sikkerhet | 1 | 17 februar 2009 11:03 |
| Mine venner MAC har et virus ... Umm ... yeah ... et virus ... | cheesepuff | Virus, spionprogrammer og sikkerhet | 3 | 29 oktober 2008 12:58 |
| Microsoft gir opp på Vista | philthomas | Windows-operativsystemer | 2 | 8 april 2008 16:09 |
| Thread Tools | |
| |
