97 svar i den här tråden

[andcar]

ComboFix 09-01-21.04 - Nubben 2009-01-24 17:09:44.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1053.18.511.121 [GMT 1:00]
Körs från: c:\documents and settings\Nubben\Skrivbord\ComboFix.exe
AV: AVG 7.5.552 *On-access scanning enabled* (Updated)
FW: Sygate Personal Firewall Pro *enabled*
* Skapade en ny återställningspunkt
.

(((((((((((((((((((((((((((((((((((((((   Andra raderingar   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Nubben\Favoriter\Videos.url
c:\program files\AMV Converter\_desktop.ini
c:\program files\AMV Converter\skin\_desktop.ini
c:\program files\AMV Converter\skin\xpstyle\_desktop.ini
c:\windows\msettings.ini
c:\windows\system32\Drivers\UACuwjqbouq.sys
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\UACdetkllmx.dat
c:\windows\system32\UACswvcnupr.dll

.
(((((((((((((((((((((((((((((((((((((((   Drivrutiner/Tjänster   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys


((((((((((((((((((((((((   Filer Skapade från 2008-12-24 till 2009-01-24  ))))))))))))))))))))))))))))))
.

2009-01-24 15:54 . 2009-01-24 15:54 578,560 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-01-24 14:55 . 2009-01-24 14:55 <KAT> d-------- c:\program\Malwarebytes' Anti-Malware
2009-01-24 14:55 . 2009-01-24 14:55 <KAT> d-------- c:\documents and settings\Nubben\Application Data\Malwarebytes
2009-01-24 14:55 . 2009-01-24 14:55 <KAT> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-24 14:55 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-24 14:55 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-23 15:00 . 2009-01-23 15:00 <KAT> d-------- c:\program\Delade filer\SYMANT~1
2009-01-20 21:52 . 2009-01-20 21:52 <KAT> d-------- c:\windows\ERUNT
2009-01-20 21:10 . 2009-01-20 21:10 <KAT> d-------- c:\program\SDFix
2009-01-20 18:19 . 2009-01-22 10:15 <KAT> d--hs---- c:\windows\system32\twain32
2009-01-20 18:18 . 2009-01-20 18:19 94,208 --a------ c:\windows\system32\iestat.exe
2009-01-20 16:46 . 2009-01-20 16:46 <KAT> d-------- c:\program\CCleaner
2009-01-19 23:26 . 2009-01-19 23:30 <KAT> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-01-19 23:05 . 2009-01-21 14:11 <KAT> d-------- c:\program\SUPERAntiSpyware
2009-01-19 22:35 . 2009-01-19 22:35 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-19 22:35 . 2009-01-19 22:35 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-19 20:19 . 2009-01-23 15:00 <KAT> d-------- c:\program\Norton Security Scan
2009-01-19 19:29 . 2009-01-19 19:31 <KAT> d-------- c:\documents and settings\Nubben\.SunDownloadManager
2009-01-13 09:58 . 2009-01-18 15:53 <KAT> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NOS
2009-01-03 17:03 . 2009-01-03 17:03 <KAT> d-------- c:\windows\system32\sv
2009-01-03 17:03 . 2009-01-03 17:03 <KAT> d-------- c:\windows\l2schemas
2009-01-03 13:52 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-12-29 10:38 . 2009-01-22 10:51 7,680 --ahs---- c:\windows\Thumbs.db

.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-24 10:07 --------- d-----w c:\documents and settings\Nubben\Application Data\AVG7
2009-01-22 10:40 --------- d--h--w c:\program\InstallShield Installation Information
2009-01-22 09:51 --------- d-----w c:\program\Windows Media Connect 2
2009-01-22 09:51 --------- d-----w c:\program\DivX
2009-01-22 09:51 --------- d-----w c:\program\Avanquest update
2009-01-22 09:15 --------- d-----w c:\program\Unlocker
2009-01-21 13:11 --------- d-----w c:\program\Delade filer\Wise Installation Wizard
2009-01-21 10:18 --------- d-----w c:\program\Java
2009-01-20 19:06 --------- d-----w c:\program\anders scan
2009-01-20 16:12 --------- d-----w c:\program\Winamp
2009-01-20 15:52 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-01-19 22:26 --------- d-----w c:\program\Lavasoft
2009-01-19 10:42 --------- d-----w c:\program\Windows Live Safety Center
2009-01-13 09:15 --------- d-----w c:\program\Delade filer\Adobe
2009-01-09 18:12 --------- d-----w c:\program\EA GAMES
2009-01-03 16:21 --------- d-----w c:\program\MSN Messenger
2008-12-03 21:31 --------- d-----w c:\documents and settings\Nubben\Application Data\uTorrent
2008-10-21 19:37 21,528 ----a-w c:\documents and settings\Nubben\Application Data\GDIPFONTCACHEV1.DAT
2007-09-25 15:49 32 ----a-r c:\documents and settings\All Users\hash.dat
.

(((((((((((((((((((((((((((((((((((((((((((((   AWF   ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w            15,360 2004-08-04 00:34:16  c:\windows\system32\bak\ctfmon.exe
----a-w            15,360 2008-04-14 16:05:02  c:\windows\system32\ctfmon.exe

----a-w           411,648 2007-03-01 08:27:54  d:\avg free\bak\avgcc.exe
----a-w           416,256 2007-04-28 11:23:53  d:\avg free\avgcc.exe

.
((((((((((((((((((((((((((((((((((   Startpunkter i registret   )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not*  Tomma poster & legitima standardposter visas inte.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"msnmsgr"="c:\program\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"Sony Ericsson PC Suite"="c:\program\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="c:\program\Grisoft\AVGFRE~1\avgcc.exe" [2008-11-04 590848]
"SmcService"="c:\program\Sygate\SPF\smc.exe" [2005-09-27 2635472]
"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2006-09-01 282624]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016]
"Sony Ericsson PC Suite"="c:\program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 593920]
"Adobe Photo Downloader"="c:\program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-01-19 136600]
"nwiz"="nwiz.exe" [2005-08-02 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"AVG7_Run"="c:\program\Grisoft\AVGFRE~1\avgw.exe" [2007-10-23 219136]
"DWQueuedReporting"="c:\program\DELADE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

c:\documents and settings\All Users.WINDOWS\Start-meny\Program\Autostart\
Personal.lnk - c:\program\Personal\bin\Personal.exe [2007-01-01 438272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.vp31"= vp31vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ   msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Program^Autostart^Microsoft Office.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start-meny\Program\Autostart\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 c:\program\MSN Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program\\Grisoft\\AVG Free\\avginet.exe"=
"c:\\Program\\Grisoft\\AVG Free\\avgamsvr.exe"=
"c:\\Program\\Grisoft\\AVG Free\\avgcc.exe"=
"c:\\Program\\uTorrent\\utorrent.exe"=
"d:\\Db\\Db\\Skins\\Anders\\DC++\\DCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program\\MSN Messenger\\livecall.exe"=
"c:\\Program\\Java\\jre6\\bin\\java.exe"=

R4 WinDefend;Windows Defender;c:\program\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 a016bus;Sony Ericsson Device A016 driver (WDM);c:\windows\system32\drivers\a016bus.sys [2008-10-04 83880]
S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter;c:\windows\system32\drivers\a016mdfl.sys [2008-10-04 15016]
S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver;c:\windows\system32\drivers\a016mdm.sys [2008-10-04 110504]
S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\a016mgmt.sys [2008-10-04 104488]
S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface;c:\windows\system32\drivers\a016obex.sys [2008-10-04 100648]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{030EE0AC-0F33-50E9-0307-070300010406}]
c:\windows\System32\xp-clean.exe
.
Innehållet i mappen 'Schemalagda aktiviteter':

2009-01-24 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-01-23 c:\windows\Tasks\Norton Security Scan for Nubben.job
- c:\program\Norton Security Scan\Nss.exe [2008-09-19 04:18]
.
.
------- Extra genomsökning -------
.
uStart Page = hxxp://www.aftonbladet.se/
Trusted Zone: adobe.com\www
Trusted Zone: bilddagboken.se
Trusted Zone: google.se\www
Trusted Zone: ignames.net\en10.ds
Trusted Zone: internetkassan.nu\www
Trusted Zone: kingsofchaos.com\www
Trusted Zone: lunarstorm.se\www
Trusted Zone: spela.se\www
Trusted Zone: svenskfotboll.se\www
Trusted Zone: tradera.com\www
Trusted Zone: tribalwars.net\www
Trusted Zone: vildawebben.se\www
Trusted Zone: www.dn.se
TCP: {F725B5B2-C8C6-4299-9A49-AC36782EA4BD} = 208.67.220.220 208.67.222.222
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.extrafilm.se/ImageUploader5.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-24 17:23:03
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ...

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ؕ€|ÿÿÿÿ•€|ù•6~*]
"D140510900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"
.
------------------------ Andra processer som körs ------------------------
.
c:\program\Lavasoft\Ad-Aware\aawservice.exe
c:\program\Grisoft\AVGFRE~1\avgamsvr.exe
c:\program\Grisoft\AVGFRE~1\avgupsvc.exe
c:\program\Java\jre6\bin\jqs.exe
c:\program\Delade filer\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe
c:\program\Delade filer\Teleca Shared\Generic.exe
c:\program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Sluttid: 2009-01-24 17:29:53 - datorn startades om. [Nubben]
ComboFix-quarantined-files.txt  2009-01-24 16:29:42

Före genomsökningen: 5 198 413 824 byte ledigt
Efter genomsökningen: 5,271,498,752 byte ledigt

WindowsXP-KB310994-SP2-Pro-BootDisk-SVE.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

207

[andcar]

Hej!
jag har inte märkt av några problem alls  

[andcar]

Hej

det låg i en mapp i windows och i mappen fin det en DS fil som heter  wiatwain.ds.
Jag högerklickade o följande finns...
version © Microsoft Corporation. All rights reserved. Beskrivning WIATWAIN

Antivirus Version Senaste Uppdatering Resultat
a-squared 4.0.0.73 2009.01.24 -
AhnLab-V3 5.0.0.2 2009.01.24 -
AntiVir 7.9.0.60 2009.01.23 -
Authentium 5.1.0.4 2009.01.24 -
Avast 4.8.1281.0 2009.01.23 Win32:Ups
AVG 8.0.0.229 2009.01.23 -
BitDefender 7.2 2009.01.24 Trojan.FakeAntivirus.Gen
CAT-QuickHeal 10.00 2009.01.24 -
ClamAV 0.94.1 2009.01.24 -
Comodo 944 2009.01.24 -
DrWeb 4.44.0.09170 2009.01.24 -
eSafe 7.0.17.0 2009.01.22 -
eTrust-Vet 31.6.6325 2009.01.24 -
F-Prot 4.4.4.56 2009.01.23 -
F-Secure 8.0.14470.0 2009.01.24 -
Fortinet 3.117.0.0 2009.01.24 -
GData 19 2009.01.24 Trojan.FakeAntivirus.Gen
Ikarus T3.1.1.45.0 2009.01.24 -
K7AntiVirus 7.10.604 2009.01.24 -
Kaspersky 7.0.0.125 2009.01.24 -
McAfee 5505 2009.01.24 -
McAfee+Artemis 5504 2009.01.23 -
Microsoft 1.4205 2009.01.24 Trojan:Win32/Zbot.BX
NOD32 3796 2009.01.24 a variant of Win32/Kryptik.FL
Norman 5.93.01 2009.01.23 -
nProtect 2009.1.8.0 2009.01.23 -
Panda 9.5.1.2 2009.01.24 -
PCTools 4.4.2.0 2009.01.24 -
Prevx1 V2 2009.01.24 -
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.24 -
Sophos 4.37.0 2009.01.24 -
Sunbelt 3.2.1835.2 2009.01.16 VIPRE.Suspicious
Symantec 10 2009.01.24 -
TheHacker 6.3.1.5.227 2009.01.24 -
TrendMicro 8.700.0.1004 2009.01.24 -
VBA32 3.12.8.11 2009.01.23 -
ViRobot 2009.1.23.1576 2009.01.23 -
VirusBuster 4.5.11.0 2009.01.24 -

[andcar]

Hej Malou!

ComboFix 09-01-21.04 - Nubben 2009-01-24 18:55:24.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1053.18.511.136 [GMT 1:00]
Körs från: c:\documents and settings\Nubben\Skrivbord\ComboFix.exe
Använda kommandoväxlar :: c:\documents and settings\Nubben\Skrivbord\CFScript.txt
AV: AVG 7.5.552 *On-access scanning enabled* (Updated)
FW: Sygate Personal Firewall Pro *enabled*
* Skapade en ny återställningspunkt

FILE ::
c:\windows\system32\iestat.exe
.

(((((((((((((((((((((((((((((((((((((((   Andra raderingar   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\iestat.exe

.
((((((((((((((((((((((((   Filer Skapade från 2008-12-24 till 2009-01-24  ))))))))))))))))))))))))))))))
.

2009-01-24 15:54 . 2009-01-24 15:54 578,560 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-01-24 14:55 . 2009-01-24 14:55 <KAT> d-------- c:\program\Malwarebytes' Anti-Malware
2009-01-24 14:55 . 2009-01-24 14:55 <KAT> d-------- c:\documents and settings\Nubben\Application Data\Malwarebytes
2009-01-24 14:55 . 2009-01-24 14:55 <KAT> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-24 14:55 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-24 14:55 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-23 15:00 . 2009-01-23 15:00 <KAT> d-------- c:\program\Delade filer\SYMANT~1
2009-01-20 21:52 . 2009-01-20 21:52 <KAT> d-------- c:\windows\ERUNT
2009-01-20 21:10 . 2009-01-20 21:10 <KAT> d-------- c:\program\SDFix
2009-01-20 18:19 . 2009-01-22 10:15 <KAT> d--hs---- c:\windows\system32\twain32
2009-01-20 16:46 . 2009-01-20 16:46 <KAT> d-------- c:\program\CCleaner
2009-01-19 23:26 . 2009-01-19 23:30 <KAT> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-01-19 23:05 . 2009-01-21 14:11 <KAT> d-------- c:\program\SUPERAntiSpyware
2009-01-19 22:35 . 2009-01-19 22:35 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-19 22:35 . 2009-01-19 22:35 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-19 20:19 . 2009-01-23 15:00 <KAT> d-------- c:\program\Norton Security Scan
2009-01-19 19:29 . 2009-01-19 19:31 <KAT> d-------- c:\documents and settings\Nubben\.SunDownloadManager
2009-01-13 09:58 . 2009-01-18 15:53 <KAT> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NOS
2009-01-03 17:03 . 2009-01-03 17:03 <KAT> d-------- c:\windows\system32\sv
2009-01-03 17:03 . 2009-01-03 17:03 <KAT> d-------- c:\windows\l2schemas
2009-01-03 13:52 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-12-29 10:38 . 2009-01-22 10:51 7,680 --ahs---- c:\windows\Thumbs.db

.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-24 10:07 --------- d-----w c:\documents and settings\Nubben\Application Data\AVG7
2009-01-22 10:40 --------- d--h--w c:\program\InstallShield Installation Information
2009-01-22 09:51 --------- d-----w c:\program\Windows Media Connect 2
2009-01-22 09:51 --------- d-----w c:\program\DivX
2009-01-22 09:51 --------- d-----w c:\program\Avanquest update
2009-01-22 09:15 --------- d-----w c:\program\Unlocker
2009-01-21 13:11 --------- d-----w c:\program\Delade filer\Wise Installation Wizard
2009-01-21 10:18 --------- d-----w c:\program\Java
2009-01-20 19:06 --------- d-----w c:\program\anders scan
2009-01-20 16:12 --------- d-----w c:\program\Winamp
2009-01-20 15:52 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-01-19 22:26 --------- d-----w c:\program\Lavasoft
2009-01-19 10:42 --------- d-----w c:\program\Windows Live Safety Center
2009-01-13 09:15 --------- d-----w c:\program\Delade filer\Adobe
2009-01-09 18:12 --------- d-----w c:\program\EA GAMES
2009-01-03 16:21 --------- d-----w c:\program\MSN Messenger
2008-12-03 21:31 --------- d-----w c:\documents and settings\Nubben\Application Data\uTorrent
2008-10-21 19:37 21,528 ----a-w c:\documents and settings\Nubben\Application Data\GDIPFONTCACHEV1.DAT
2007-09-25 15:49 32 ----a-r c:\documents and settings\All Users\hash.dat
.

(((((((((((((((((((((((((((((   snapshot@2009-01-24_17.25.34.23   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-01-24 18:03:32 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_124.dat
.
(((((((((((((((((((((((((((((((((((((((((((((   AWF   ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w            15,360 2004-08-04 00:34:16  c:\windows\system32\bak\ctfmon.exe
----a-w            15,360 2008-04-14 16:05:02  c:\windows\system32\ctfmon.exe

----a-w           411,648 2007-03-01 08:27:54  d:\avg free\bak\avgcc.exe
----a-w           416,256 2007-04-28 11:23:53  d:\avg free\avgcc.exe

.
((((((((((((((((((((((((((((((((((   Startpunkter i registret   )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not*  Tomma poster & legitima standardposter visas inte.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"msnmsgr"="c:\program\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"Sony Ericsson PC Suite"="c:\program\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="c:\program\Grisoft\AVGFRE~1\avgcc.exe" [2008-11-04 590848]
"SmcService"="c:\program\Sygate\SPF\smc.exe" [2005-09-27 2635472]
"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2006-09-01 282624]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016]
"Sony Ericsson PC Suite"="c:\program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 593920]
"Adobe Photo Downloader"="c:\program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-01-19 136600]
"nwiz"="nwiz.exe" [2005-08-02 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"AVG7_Run"="c:\program\Grisoft\AVGFRE~1\avgw.exe" [2007-10-23 219136]
"DWQueuedReporting"="c:\program\DELADE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

c:\documents and settings\All Users.WINDOWS\Start-meny\Program\Autostart\
Personal.lnk - c:\program\Personal\bin\Personal.exe [2007-01-01 438272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.vp31"= vp31vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ   msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Program^Autostart^Microsoft Office.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start-meny\Program\Autostart\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 c:\program\MSN Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program\\Grisoft\\AVG Free\\avginet.exe"=
"c:\\Program\\Grisoft\\AVG Free\\avgamsvr.exe"=
"c:\\Program\\Grisoft\\AVG Free\\avgcc.exe"=
"c:\\Program\\uTorrent\\utorrent.exe"=
"d:\\Db\\Db\\Skins\\Anders\\DC++\\DCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program\\MSN Messenger\\livecall.exe"=
"c:\\Program\\Java\\jre6\\bin\\java.exe"=

R4 WinDefend;Windows Defender;c:\program\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 a016bus;Sony Ericsson Device A016 driver (WDM);c:\windows\system32\drivers\a016bus.sys [2008-10-04 83880]
S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter;c:\windows\system32\drivers\a016mdfl.sys [2008-10-04 15016]
S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver;c:\windows\system32\drivers\a016mdm.sys [2008-10-04 110504]
S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\a016mgmt.sys [2008-10-04 104488]
S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface;c:\windows\system32\drivers\a016obex.sys [2008-10-04 100648]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{030EE0AC-0F33-50E9-0307-070300010406}]
c:\windows\System32\xp-clean.exe
.
Innehållet i mappen 'Schemalagda aktiviteter':

2009-01-24 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-01-23 c:\windows\Tasks\Norton Security Scan for Nubben.job
- c:\program\Norton Security Scan\Nss.exe [2008-09-19 04:18]
.
.
------- Extra genomsökning -------
.
uStart Page = hxxp://www.aftonbladet.se/
Trusted Zone: adobe.com\www
Trusted Zone: bilddagboken.se
Trusted Zone: google.se\www
Trusted Zone: ignames.net\en10.ds
Trusted Zone: internetkassan.nu\www
Trusted Zone: kingsofchaos.com\www
Trusted Zone: lunarstorm.se\www
Trusted Zone: spela.se\www
Trusted Zone: svenskfotboll.se\www
Trusted Zone: tradera.com\www
Trusted Zone: tribalwars.net\www
Trusted Zone: vildawebben.se\www
Trusted Zone: www.dn.se
TCP: {F725B5B2-C8C6-4299-9A49-AC36782EA4BD} = 208.67.220.220 208.67.222.222
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.extrafilm.se/ImageUploader5.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-24 19:03:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ...

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ؕ€|ÿÿÿÿ•€|ù•6~*]
"D140510900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"
.
------------------------ Andra processer som körs ------------------------
.
c:\program\Lavasoft\Ad-Aware\aawservice.exe
c:\program\Grisoft\AVGFRE~1\avgamsvr.exe
c:\program\Grisoft\AVGFRE~1\avgupsvc.exe
c:\program\Java\jre6\bin\jqs.exe
c:\program\Delade filer\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe
c:\program\Delade filer\Teleca Shared\Generic.exe
c:\program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Sluttid: 2009-01-24 19:13:11 - datorn startades om.
ComboFix-quarantined-files.txt  2009-01-24 18:13:01
ComboFix2.txt  2009-01-24 16:29:58

Före genomsökningen: 5 494 026 240 byte ledigt
Efter genomsökningen: 5,877,202,944 byte ledigt

195

_______________________________________________________________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:26, on 2009-01-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\MSN Messenger\msnmsgr.exe
C:\Program\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Teleca Shared\Generic.exe
C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\Program\internet explorer\iexplore.exe
C:\Program\anders scan\Anders HijackThis\This.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\Program\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.adobe.com
O15 - Trusted Zone: http://www.lunarstorm.se
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm...geUploader5.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1230987003140
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1230986939281
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.co...iaSmartScan.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - https://ssl.extrafil...geUploader3.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadbl...ivex/sabspx.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.on...e/en/crlocx.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{F725B5B2-C8C6-4299-9A49-AC36782EA4BD}: NameServer = 208.67.220.220 208.67.222.222
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program\Delade filer\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

--
End of file - 8243 bytes

[andcar]

Hej!
Tack! men det är du som har haft stort tålamod!!!

ja en router,vi är två som delar. men den andra datorn funkar som den ska o används nästan aldrig.

http://www.mediateknik.com är den leverantör jag alltid haft

datornfunkar jätte bra!

[andcar]

Hej Malou!

Du har gjort et bra jobb också!
Hade ju aldrig klarat det utan dig!

Dator&IT-Säkerhet: har jag lagt som favorit =)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:20, on 2009-01-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe
C:\Program\MSN Messenger\msnmsgr.exe
C:\Program\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Teleca Shared\Generic.exe
C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\internet explorer\iexplore.exe
C:\Program\anders scan\Anders HijackThis\This.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\Program\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.adobe.com
O15 - Trusted Zone: http://www.lunarstorm.se
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm...geUploader5.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1230987003140
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1230986939281
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.co...iaSmartScan.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - https://ssl.extrafil...geUploader3.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadbl...ivex/sabspx.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.on...e/en/crlocx.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{F725B5B2-C8C6-4299-9A49-AC36782EA4BD}: NameServer = 208.67.220.220 208.67.222.222
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program\Delade filer\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

--
End of file - 8243 bytes

[andcar]

Hej Malou!

Så lite så! det jobb du har lagt ner är värt mycket för mig

Den mår bara bra. Uppdateringarna fungerade.
Allt utan problem
Dagens ----[--[-@ till dig

Anders

[Kent]

andcar, den January 25, 2009, 13:43, skrev:

Hej Malou!

Så lite så! det jobb du har lagt ner är värt mycket för mig

Den mår bara bra. Uppdateringarna fungerade.
Allt utan problem
Dagens ----[--[-@ till dig

Anders

Jadu Anders, nu har Malou lärt dej en hel del, spara walk-trough-guiden från malou i denna tråd.
Vet du vad du gör nu i sista steget? Lägger om hela datorn från början med nya drivers.

kentan.

[Kent]

Ger malou en ros också.
Det är imponerande att se hur du formulerar dina how-to-guider, det går inte att missa,
väl avvägda även för folk som har noll-koll. Få som klarar vara så pedagogiska
Så nu i efterhand/efterklok borde jag begripit att malou är en tjej - annat mot oss slarviga/kortfattade killar.

kent