[Strange boot]

I have run a deep scan now and it seems to be cleaned. I also searched in the places in regedit. Should I assume that it is cleaned and can continue using the computer?

[Strange boot]

Hi guys,

I recently booted windows and I say windows update running.

Since I have it controlled (no automatic updates) I thought this was strange.

I thought that it might be some forced update from MS or something so I went to the controllpanel inorder to check what was installed.

It says silverlight.

But I know that I do not have silverlight on my computer, so why would it update something..it does not have.

So I ran eset (swedish version)

I found this:

 

Logg
C:\Documents and Settings\All Users\Piriform Ltd\CCleaner\2.0.0.0\اسم  مجلد اختار  اي  اسم  لا  يهم\windowsupdate.vbs - VBS/Kryptik.ET trojan - rensad genom borttagning [1]
C:\Documents and Settings\All Users\Piriform Ltd\CCleaner\2.0.0.0\اسم  مجلد اختار  اي  اسم  لا  يهم\ccsetup500.exe = NSIS = PF-Toolbar-W78.exe - är OK

I manually removed Piriform Ltd and sub dictonaries after that.

I used google translate inorder to translate "اسم مجلد اختار اي اسم لا يهم" and it turns out that it is "Chose any folder name does not matter \ name"

So my suspension is that a script kid used a tool for the infection. Somebody in a rush since they did not name the folder either.

How can this been transmitted? I have never seen anything like it. Have you?