Adnan22

Hur ser det ut på datorn? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:09:55, on 2013-02-18 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\AVEO USB2.0 PC Camera(U2HGCV3P31048)\AveoSTI.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Rensare\rensaren.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3072253 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/11 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;??????????????????????;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file) R3 - URLSearchHook: (no name) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - (no file) R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bredbandsbolaget Servicecenter Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AveoSTI.exe] C:\Program Files (x86)\AVEO USB2.0 PC Camera(U2HGCV3P31048)\AveoSTI.exe O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKCU\..\Run: [L09AXLRD_16030506] "C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Adnan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Lokal tjänst') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Lokal tjänst') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Nätverkstjänst') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Nätverkstjänst') O4 - HKUS\S-1-5-18\..\Run: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" (User 'Default user') O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Veoh Giraffic Video Accelerator (Giraffic) - Unknown owner - C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13850 bytes

Tack! Men alla dessa file missing? Kan jag ta bort dem?

Undrar om allt är fint med datorn, har haft virus för ett tag sedan och undrar nu om allt fungerar. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:23:29, on 2011-09-08 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\rensare.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2653012 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/11 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file) R3 - URLSearchHook: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Veoh Web Player - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll O2 - BHO: Bredbandsbolaget Servicecenter Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O3 - Toolbar: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [L09AXLRD_3656070] "C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Lokal tjänst') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Lokal tjänst') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Nätverkstjänst') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Nätverkstjänst') O4 - HKUS\S-1-5-18\..\Run: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" (User 'Default user') O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Giraffic Video Accelerator (Giraffic) - Unknown owner - C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12376 bytes

Ok, tack så mycket alla för bra svar! Trevlig helg! MVH Adnan

Japp det är det.

Skönt! Tack för svar! Jag vet inte om Java, den poppar upp om uppdateringar och då uppdaterar jag. Jag vet inte vart jag kan kolla vilken version jag har dock.

DDS (Ver_10-11-10.01) - NTFS_AMD64 Run by Adnan at 9:16:07,74 on 2010-11-20 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.46.1053.18.4095.2141 [GMT 1:00] SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\Windows\system32\lsm.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Windows\system32\taskeng.exe C:\Windows\SysWOW64\svchost.exe -k netsvcs c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TightVNC\tvnserver.exe C:\Program Files (x86)\AVG\AVG9\avgam.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\wbem\unsecapp.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\TightVNC\tvnserver.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Adnan\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = www.google.com uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll mWinlogon: Userinit=C:\Windows\system32\userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW uRun: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent uRun: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: HideFastUserSwitching = 0 (0x0) mPolicies-system: SoftwareSASGeneration = 1 (0x1) IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} {9030D464-4C02-4ABF-8ECC-5164760863C6} {32099AAC-C132-4136-9E9A-4E364A424E17} TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background mRun-x64: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe mRun-x64: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe AppInit_DLLs-X64: avgrssta.dll ================= FIREFOX =================== FF - ProfilePath - C:\Users\Adnan\AppData\Roaming\Mozilla\Firefox\Profiles\37b3ij8j.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=en_US&q= FF - component: C:\Program Files (x86)\AVG\AVG9\Firefox\components\avgssff.dll FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - component: C:\Users\Adnan\AppData\Roaming\Mozilla\Firefox\Profiles\37b3ij8j.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Sony\Media Go\npmediago.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Adnan\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll FF - plugin: C:\Users\Adnan\AppData\Roaming\Mozilla\Firefox\Profiles\37b3ij8j.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B"); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask"); ============= SERVICES / DRIVERS =============== R0 AvgRkx64;avgrkx64.sys;C:\Windows\System32\drivers\avgrkx64.sys [2010-5-12 56008] R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-6-7 69152] R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2010-5-12 269904] R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2010-5-12 35536] R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2010-5-12 317520] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-29 203264] R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-6-22 308136] R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-14 27136] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-7-12 1375992] R2 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2010-5-7 90112] R2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2010-6-30 815704] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-9-29 7883264] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-9-29 285696] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-8-16 116240] R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-8-12 17440] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-12-30 239616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-11 136176] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832] S3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\PFC027.SYS [2006-12-5 572416] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);C:\Windows\System32\drivers\s0017bus.sys [2010-5-7 113704] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);C:\Windows\System32\drivers\s1018bus.sys [2010-5-7 113704] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;C:\Windows\System32\drivers\s1018mdfl.sys [2010-5-7 19496] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;C:\Windows\System32\drivers\s1018mdm.sys [2010-5-7 153128] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s1018mgmt.sys [2010-5-7 133160] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);C:\Windows\System32\drivers\s1018nd5.sys [2010-5-7 34856] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;C:\Windows\System32\drivers\s1018obex.sys [2010-5-7 128552] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);C:\Windows\System32\drivers\s1018unic.sys [2010-5-7 146472] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-19 1255736] =============== Created Last 30 ================ 2010-11-20 07:24:43 -------- d-----w- C:\Program Files (x86)\Rensare 2010-11-17 15:55:18 15256 ----a-w- C:\Users\Adnan\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll 2010-11-13 07:08:43 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2010-11-10 16:11:44 -------- d-----w- C:\1042b72057b888ae8a 2010-11-06 14:09:41 -------- d-----w- C:\Program Files (x86)\Mount&Blade - Warband 2010-11-06 13:21:56 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2010-11-06 13:21:55 -------- d-----w- C:\Program Files (x86)\Steam 2010-11-06 08:28:51 -------- d-----w- C:\Users\Adnan\AppData\Roaming\Mount&Blade Warband 2010-10-28 04:47:52 -------- d-sh--w- C:\found.000 2010-10-27 06:36:13 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2010-10-27 06:36:13 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2010-10-27 06:36:13 552960 ----a-w- C:\Windows\System32\msdri.dll 2010-10-27 06:36:13 288256 ----a-w- C:\Windows\System32\MSNP.ax 2010-10-27 06:36:13 258560 ----a-w- C:\Windows\System32\mpg2splt.ax 2010-10-27 06:36:13 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax 2010-10-27 06:36:13 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2010-10-27 06:36:09 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2010-10-26 17:07:55 -------- d-----w- C:\Program Files (x86)\Microsoft Student 2010-10-26 17:07:21 -------- d-----w- C:\Program Files (x86)\Learning Essentials 2010-10-25 15:22:26 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys 2010-10-24 10:58:39 -------- d-----w- C:\Program Files (x86)\Microsoft 2010-10-24 10:58:21 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive 2010-10-24 10:57:57 -------- d-----w- C:\Windows\PCHEALTH 2010-10-24 10:57:38 83806056 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlcD5F7.tmp 2010-10-23 14:39:03 -------- d-----w- C:\Program Files (x86)\ATI Stream 2010-10-23 14:37:05 -------- d-----w- C:\ATI 2010-10-23 12:37:45 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\177014ee1cb72af23\MeshBetaRemover.exe 2010-10-23 12:37:29 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e0c0e621cb72af1b\DSETUP.dll 2010-10-23 12:37:29 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e0c0e621cb72af1b\DXSETUP.exe 2010-10-23 12:37:29 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e0c0e621cb72af1b\dsetup32.dll 2010-10-23 12:37:27 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cba12d31cb72af1a\DSETUP.dll 2010-10-23 12:37:27 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cba12d31cb72af1a\DXSETUP.exe 2010-10-23 12:37:27 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cba12d31cb72af1a\dsetup32.dll 2010-10-23 12:36:31 -------- d-----w- C:\Users\Adnan\AppData\Local\Windows Live 2010-10-23 12:35:55 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll 2010-10-23 12:35:55 206848 ----a-w- C:\Windows\System32\mfps.dll 2010-10-23 12:35:55 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll 2010-10-23 12:35:54 4068864 ----a-w- C:\Windows\System32\mf.dll 2010-10-23 12:35:54 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2010-10-23 12:35:54 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2010-10-23 12:35:53 3181568 ----a-w- C:\Windows\SysWow64\mf.dll 2010-10-21 12:50:33 -------- d-----w- C:\Users\Adnan\AppData\Local\FalloutNV ==================== Find3M ==================== 2010-11-04 15:19:32 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2010-10-14 00:36:52 15451288 ----a-w- C:\Windows\SysWow64\xlive.dll 2010-10-14 00:36:50 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll 2010-09-29 02:26:12 7883264 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2010-09-29 02:13:38 21344256 ----a-w- C:\Windows\System32\atio6axx.dll 2010-09-29 01:56:14 16201728 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2010-09-29 01:55:12 143360 ----a-w- C:\Windows\System32\atiapfxx.exe 2010-09-29 01:55:02 536576 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2010-09-29 01:54:02 628224 ----a-w- C:\Windows\System32\aticfx64.dll 2010-09-29 01:51:52 450560 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2010-09-29 01:51:46 462336 ----a-w- C:\Windows\System32\atieclxx.exe 2010-09-29 01:51:08 203264 ----a-w- C:\Windows\System32\atiesrxx.exe 2010-09-29 01:49:58 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2010-09-29 01:49:42 421376 ----a-w- C:\Windows\System32\atipdl64.dll 2010-09-29 01:49:34 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll 2010-09-29 01:49:24 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll 2010-09-29 01:49:18 12288 ----a-w- C:\Windows\System32\atimuixx.dll 2010-09-29 01:49:14 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2010-09-29 01:49:08 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2010-09-29 01:46:06 3953152 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2010-09-29 01:37:28 4660224 ----a-w- C:\Windows\System32\atidxx64.dll 2010-09-29 01:30:02 3222016 ----a-w- C:\Windows\System32\atiumd6a.dll 2010-09-29 01:28:00 4077568 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2010-09-29 01:27:22 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2010-09-29 01:27:20 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2010-09-29 01:27:12 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2010-09-29 01:27:10 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2010-09-29 01:27:00 5470720 ----a-w- C:\Windows\System32\aticaldd64.dll 2010-09-29 01:26:04 4407808 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2010-09-29 01:23:00 58880 ----a-w- C:\Windows\System32\coinst.dll 2010-09-29 01:22:56 3460096 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2010-09-29 01:21:54 5240832 ----a-w- C:\Windows\System32\atiumd64.dll 2010-09-29 01:15:20 340480 ----a-w- C:\Windows\System32\atiadlxx.dll 2010-09-29 01:15:12 241664 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2010-09-29 01:15:02 14848 ----a-w- C:\Windows\System32\atig6pxx.dll 2010-09-29 01:14:58 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2010-09-29 01:14:58 12800 ----a-w- C:\Windows\System32\atiglpxx.dll 2010-09-29 01:14:56 21504 ----a-w- C:\Windows\System32\atig6txx.dll 2010-09-29 01:14:52 19968 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2010-09-29 01:14:48 285696 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2010-09-29 01:14:06 39936 ----a-w- C:\Windows\System32\atiuxp64.dll 2010-09-29 01:14:00 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2010-09-29 01:13:54 37888 ----a-w- C:\Windows\System32\atiu9p64.dll 2010-09-29 01:13:44 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2010-09-29 01:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2010-09-29 01:09:32 53760 ----a-w- C:\Windows\System32\atimpc64.dll 2010-09-29 01:09:32 53760 ----a-w- C:\Windows\System32\amdpcom64.dll 2010-09-29 01:09:24 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2010-09-29 01:09:24 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2010-09-15 03:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll 2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec 2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec 2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys 2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll 2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll 2010-08-27 18:33:08 332800 ----a-w- C:\Windows\System32\ATIODE.exe 2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll 2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll 2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys 2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys 2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll 2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll ============= FINISH: 9:16:55,71 =============== Attach.txt

Jag har inte kört HJT sedan jag köpt den nya datorn med Windows 7, så jag tänkte kolla om allt är som det ska, jag scannar regelbundet för Spyware/Virus men vill ändå vara säker då jag har en hel del arbeten på HDn samt viktiga filer. Tacksam för svar. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:35:14, on 2010-11-20 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\TightVNC\tvnserver.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Rensare\Rensar.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/11 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Lokal tjänst') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Lokal tjänst') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Nätverkstjänst') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Nätverkstjänst') O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASP.NET tillståndstjänst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files (x86)\TightVNC\tvnserver.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13269 bytes

Hej igen! Jag skaffade en helt ny PC, denna kändes som att köra en skrothög.......tack för hjälpen Malou som vanligt!

Aj aj, råkade klicka väck SDfix loggan men jag vet att den inte hittade några trojaner. Här är en HJT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:12:30 PM, on 10/26/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:ProgramLavasoftAd-Awareaawservice.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32LEXBCES.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSsystem32LEXPPS.EXE C:ProgramAVGAVG8avgwdsvc.exe C:ProgramCyberLinkPowerCinemaKernelTVCLCapSvc.exe C:WINDOWSsystem32CTsvcCDA.exe C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLServer.exe C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLService.exe C:WINDOWSsystem32PnkBstrA.exe C:ProgramSpyware DoctorpctsAuxs.exe C:WINDOWSSystem32svchost.exe C:ProgramAVGAVG8avgrsx.exe C:ProgramCyberLinkPowerCinemaKernelTVCLSched.exe C:ProgramCyberLinkPowerCinemaPCMService.exe C:ProgramJavajre1.6.0_07binjusched.exe C:ProgramDelade filerRealUpdate_OBrealsched.exe C:ProgramMicrosoft OfficeOffice12GrooveMonitor.exe C:ProgramAVGAVG8avgtray.exe C:WINDOWSsystem32ctfmon.exe C:ProgramMicrosoft ActiveSyncWCESCOMM.EXE C:ProgramATI TechnologiesATI.ACECore-StaticMOM.EXE C:ProgramWindows LiveMessengermsnmsgr.exe C:ProgramATI TechnologiesATI.ACECore-Staticccc.exe C:ProgramWindows LiveMessengerusnsvc.exe C:ProgramMozilla Firefoxfirefox.exe C:ProgramTrend MicroHijackThisRensare.exe.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.bredbandsbolaget.se/mittkonto R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramDelade filerAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:ProgramAVGAVG8avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre1.6.0_07binssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgramWindows Live Toolbarmsntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:ProgramFree Download Manageriefdm2.dll O2 - BHO: (no name) - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgramWindows Live Toolbarmsntb.dll O4 - HKLM..Run: [ATICCC] "C:ProgramATI TechnologiesATI.ACECLIStart.exe" O4 - HKLM..Run: [PCMService] "C:ProgramCyberLinkPowerCinemaPCMService.exe" O4 - HKLM..Run: [sunJavaUpdateSched] "C:ProgramJavajre1.6.0_07binjusched.exe" O4 - HKLM..Run: [AtiPTA] atiptaxx.exe O4 - HKLM..Run: [TkBellExe] "C:ProgramDelade filerRealUpdate_OBrealsched.exe" -osboot O4 - HKLM..Run: [GrooveMonitor] "C:ProgramMicrosoft OfficeOffice12GrooveMonitor.exe" O4 - HKLM..Run: [AVG8_TRAY] C:ProgramAVGAVG8avgtray.exe O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [startCCC] C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe O4 - HKCU..Run: [H/PC Connection Agent] "C:ProgramMicrosoft ActiveSyncWCESCOMM.EXE" O4 - HKCU..Run: [msnmsgr] "C:ProgramWindows LiveMessengermsnmsgr.exe" /background O4 - HKCU..Run: [sony Ericsson PC Suite] "C:ProgramSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:ProgramWindows Live Toolbarmsntb.dll/search.htm O8 - Extra context menu item: Download all with Free Download Manager - file://C:ProgramFree Download Managerdlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:ProgramFree Download Managerdlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:ProgramFree Download Managerdlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:ProgramFree Download Managerdllink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:ProgramMICROS~3Office12EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:ProgramWindows Live ToolbarComponentsen-gbmsntabres.dll.mui/229?478aef9e5494442eb73b7b681ebd6796 O8 - Extra context menu item: Open in new foreground tab - res://C:ProgramWindows Live ToolbarComponentsen-gbmsntabres.dll.mui/230?478aef9e5494442eb73b7b681ebd6796 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_07binssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_07binssv.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:ProgramMICROS~3Office12ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:ProgramMICROS~3Office12ONBttnIE.dll O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMICROS~3Office12REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe O10 - Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:ProgramAVGAVG8avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: Antiwpa - C:WINDOWSSYSTEM32antiwpa.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:ProgramLavasoftAd-Awareaawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:ProgramDelade filerAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:ProgramAVGAVG8avgwdsvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:ProgramCyberLinkPowerCinemaKernelTVCLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:ProgramCyberLinkPowerCinemaKernelTVCLSched.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLServer.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:ProgramiPodbiniPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE O23 - Service: NBService - Nero AG - C:ProgramNeroNero 7Nero BackItUpNBService.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:ProgramSpyware DoctorpctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:ProgramSpyware DoctorpctsSvc.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:WINDOWSSYSTEM32slserv.exe -- End of file - 9792 bytes

Nu funkar allt som vanligt! Tack Malou du är en pärla som vanligt. Här är combofix loggan. ComboFix 08-10-25.01 - adnan 2008-10-26 15:10:32.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1053.18.527 [GMT 1:00] Running from: C:Documents and SettingsadnanSkrivbordComboFix.exe * Created a new restore point . ADS - WINDOWS: deleted 33809 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:Documents and SettingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat C:Documents and SettingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat C:ProgramINSTALL.LOG C:WINDOWSsystem32AIRsrBeg.ini C:WINDOWSsystem32AIRsrBeg.ini2 C:WINDOWSsystem32exec1.exe C:WINDOWSsystem32geBrsRIA.dll ----- BITS: Possible infected sites ----- hxxp://wzporn.com . ((((((((((((((((((((((((( Files Created from 2008-09-26 to 2008-10-26 ))))))))))))))))))))))))))))))) . 2008-10-26 14:00 . 2008-10-26 15:04 <KAT> d--h----- C:$AVG8.VAULT$ 2008-10-26 13:55 . 2008-10-26 13:55 <KAT> d-------- C:ProgramAVG 2008-10-26 13:55 . 2008-10-26 13:55 97,928 --a------ C:WINDOWSsystem32driversavgldx86.sys 2008-10-26 13:55 . 2008-10-26 13:55 10,520 --a------ C:WINDOWSsystem32avgrsstx.dll 2008-10-26 13:37 . 2008-08-29 03:49 102,664 --a------ C:WINDOWSsystem32driverstmcomm.sys 2008-10-26 09:50 . 2008-10-26 13:57 <KAT> d-------- C:WINDOWSsystem32driversAvg 2008-10-26 09:48 . 2008-10-26 10:13 <KAT> d-------- C:ProgramAVG(2) 2008-10-26 09:47 . 2008-10-26 13:55 <KAT> d-------- C:Documents and SettingsAll UsersApplication Dataavg8 2008-10-26 08:20 . 2008-10-26 09:43 54,156 --ah----- C:WINDOWSQTFont.qfn 2008-10-26 08:20 . 2008-10-26 08:20 1,409 --a------ C:WINDOWSQTFont.for 2008-10-24 03:48 . 2008-10-15 17:38 337,408 -----c--- C:WINDOWSsystem32dllcachenetapi32.dll 2008-10-15 15:54 . 2008-09-15 16:27 1,846,400 -----c--- C:WINDOWSsystem32dllcachewin32k.sys 2008-10-15 15:43 . 2008-09-08 11:41 333,824 -----c--- C:WINDOWSsystem32dllcachesrv.sys 2008-10-15 15:41 . 2008-08-14 14:27 2,189,952 -----c--- C:WINDOWSsystem32dllcachentoskrnl.exe 2008-10-15 15:41 . 2008-08-14 14:27 2,146,304 -----c--- C:WINDOWSsystem32dllcachentkrnlmp.exe 2008-10-15 15:41 . 2008-08-14 14:27 2,066,816 -----c--- C:WINDOWSsystem32dllcachentkrnlpa.exe 2008-10-15 15:41 . 2008-08-14 14:27 2,024,960 -----c--- C:WINDOWSsystem32dllcachentkrpamp.exe 2008-10-08 06:32 . 2008-10-08 06:32 268 --ah----- C:sqmdata12.sqm 2008-10-08 06:32 . 2008-10-08 06:32 244 --ah----- C:sqmnoopt12.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-26 14:26 --------- d---a-w C:Documents and SettingsAll UsersApplication DataTEMP 2008-10-26 09:56 --------- d-----w C:ProgramSpyware Doctor 2008-10-26 08:34 --------- d-----w C:Documents and SettingsadnanApplication DatauTorrent 2008-10-25 12:46 --------- d-----w C:Documents and SettingsadnanApplication Datadvdcss 2008-10-19 01:57 --------- d-----w C:ProgramTVUPlayer 2008-10-18 11:14 --------- d-----w C:ProgrammIRC 2008-10-15 16:31 --------- d-----w C:Documents and SettingsAll UsersApplication DataMicrosoft Help 2008-10-08 13:42 --------- d-----w C:Documents and SettingsAll UsersApplication DataDVD Shrink 2008-10-01 11:57 --------- d--h--w C:ProgramInstallShield Installation Information 2008-10-01 11:38 --------- d-----w C:ProgramFiraxis Games 2008-09-25 14:25 --------- d-----w C:Documents and SettingsadnanApplication DataBearShare 2008-09-25 14:24 --------- d-----w C:ProgramBearShare Applications 2008-09-24 15:01 --------- d-----w C:ProgramESET 2008-09-24 15:01 --------- d-----w C:Documents and SettingsAll UsersApplication DataESET 2008-09-24 14:06 --------- d-----w C:ProgramLimeWire 2008-09-22 19:38 81,288 ----a-w C:WINDOWSsystem32driversiksyssec.sys 2008-09-22 19:38 66,952 ----a-w C:WINDOWSsystem32driversiksysflt.sys 2008-09-22 19:38 40,840 ----a-w C:WINDOWSsystem32driversikfilesec.sys 2008-09-22 18:52 279,712 ----a-w C:WINDOWSsystem32driversatksgt.sys 2008-09-22 18:52 25,888 ----a-w C:WINDOWSsystem32driverslirsgt.sys 2008-09-22 18:32 --------- d-----w C:ProgramDeep Silver 2008-09-22 13:55 --------- d-----w C:Documents and SettingsadnanApplication DataXRay Engine 2008-09-22 05:26 --------- d-----w C:ProgramStarcraft 2008-09-20 13:53 --------- d-----w C:ProgramAGEIA Technologies 2008-09-20 13:52 --------- d-----w C:ProgramDelade filerWise Installation Wizard 2008-09-17 12:31 --------- d-----w C:ProgramMount&Blade 2008-09-15 19:37 --------- d-----w C:ProgramEidos Interactive 2008-09-14 13:17 --------- d-----w C:ProgramDriver Cleaner 2008-09-14 09:36 --------- d-----w C:ProgramTHQ 2008-09-13 19:10 98,304 ----a-w C:WINDOWSDUMPc18a.tmp 2008-09-12 12:09 --------- d-----w C:ProgramInfogrames 2008-09-12 03:58 --------- d-----w C:ProgramSystemRequirementsLab 2008-09-12 03:58 --------- d-----w C:Documents and SettingsadnanApplication DataSystemRequirementsLab 2008-09-11 18:43 --------- d-----w C:Documents and SettingsadnanApplication DataMount&Blade 2008-09-08 10:41 333,824 ----a-w C:WINDOWSsystem32driverssrv.sys 2008-09-06 12:58 --------- d-----w C:ProgramElectronic Arts 2008-09-06 11:25 --------- d-----w C:ProgramHogs of War 2008-09-01 18:43 --------- d-----w C:ProgramSony 2008-08-26 16:32 --------- d-----w C:Documents and SettingsadnanApplication DataFree Download Manager 2008-03-13 20:22 72 ----a-w C:ProgramUNWISE.INI 2008-03-01 21:49 22,328 ----a-w C:Documents and SettingsadnanApplication DataPnkBstrK.sys 1999-06-25 09:55 149,504 ----a-w C:ProgramUNWISE.EXE . ------- Sigcheck ------- 2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:WINDOWS$hf_mig$KB917953SP2QFEtcpip.sys 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:WINDOWS$hf_mig$KB941644SP2QFEtcpip.sys 2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 C:WINDOWS$hf_mig$KB951748SP2QFEtcpip.sys 2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:WINDOWS$hf_mig$KB951748SP3GDRtcpip.sys 2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e C:WINDOWS$hf_mig$KB951748SP3QFEtcpip.sys 2008-07-29 16:52 360320 3adce4790f591bf160a94f6f08039577 C:WINDOWS$NtServicePackUninstall$tcpip.sys 2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c C:WINDOWS$NtUninstallKB917953$tcpip.sys 2006-12-26 18:27 359808 de891ad282e856acfd40990094a63b6f C:WINDOWS$NtUninstallKB941644$tcpip.sys 2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 C:WINDOWS$NtUninstallKB951748$tcpip.sys 2008-04-10 18:02 360064 8283a4d489b207991efdc8328733d0bc C:WINDOWS$NtUninstallKB951748_0$tcpip.sys 2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 C:WINDOWSServicePackFilesi386TCPIP.SYS 2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c C:WINDOWSSoftwareDistributionDownloadS-1-5-18d007e13692a595ee07f03a4ed81aa336backupsp2gdrtcpip.sys 2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c C:WINDOWSSoftwareDistributionDownloadS-1-5-18d007e13692a595ee07f03a4ed81aa336backupsp2qfetcpip.sys 2008-08-05 09:51 361600 d24ea301e2b36c4e975fd216ca85d8e7 C:WINDOWSsystem32dllcacheTCPIP.SYS 2008-08-05 09:51 361600 d24ea301e2b36c4e975fd216ca85d8e7 C:WINDOWSsystem32driversTCPIP.SYS . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "CTFMON.EXE"="C:WINDOWSsystem32ctfmon.exe" [2008-04-14 15360] "StartCCC"="C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2006-11-10 90112] "H/PC Connection Agent"="C:ProgramMicrosoft ActiveSyncWCESCOMM.EXE" [2004-02-24 401491] "msnmsgr"="C:ProgramWindows LiveMessengermsnmsgr.exe" [2007-10-18 5724184] "Sony Ericsson PC Suite"="C:ProgramSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" [2008-02-20 356352] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "ATICCC"="C:ProgramATI TechnologiesATI.ACECLIStart.exe" [2006-09-25 90112] "PCMService"="C:ProgramCyberLinkPowerCinemaPCMService.exe" [2005-05-23 127118] "SunJavaUpdateSched"="C:ProgramJavajre1.6.0_07binjusched.exe" [2008-06-10 144784] "TkBellExe"="C:ProgramDelade filerRealUpdate_OBrealsched.exe" [2007-03-25 185896] "GrooveMonitor"="C:ProgramMicrosoft OfficeOffice12GrooveMonitor.exe" [2007-08-24 33648] "ISTray"="C:ProgramSpyware DoctorpctsTray.exe" [2008-09-22 1168264] "AVG8_TRAY"="C:ProgramAVGAVG8avgtray.exe" [2008-10-26 1234712] "LexPPS.exe"="C:WINDOWSsystem32lexpps.exe" [2003-07-25 174592] "AtiPTA"="atiptaxx.exe" [2006-02-22 C:WINDOWSsystem32atiptaxx.exe] [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun] "CTFMON.EXE"="C:WINDOWSSystem32CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32] "MSACM.CEGSM"= mobilev.acm [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "C:ProgramMicrosoft ActiveSyncwcescomm.exe"= "C:ProgramuTorrentutorrent.exe"= "C:ProgramMicrosoft OfficeOffice12OUTLOOK.EXE"= "C:ProgramMicrosoft OfficeOffice12GROOVE.EXE"= "C:ProgramMicrosoft OfficeOffice12ONENOTE.EXE"= "C:ProgramEA GamesCommand & Conquer The First DecadeCommand & Conquer Red Alert IIRA2gamemd.exe"= "C:ProgramEA GamesCommand & Conquer The First DecadeCommand & Conquer Red Alert IIRA2mphmd.exe"= "C:ProgramEA GamesCommand & Conquer The First DecadeCommand & Conquer RenegadeRenegadeGame.exe"= "C:ProgramValvehl.exe"= "C:ProgrammIRCmirc.exe"= "C:ProgramValveSteamSteamAppsadnan22counter-strikehl.exe"= "C:ProgramMozilla Firefoxfirefox.exe"= "C:ProgramSopCastSopCast.exe"= "C:Documents and SettingsadnanApplication DataSopCastadvSopAdver.exe"= "C:ProgramMessengermsmsgs.exe"= "C:ProgramValveSteamSteamAppsadnan22condition zerohl.exe"= "C:ProgramGameSpy ArcadeAphex.exe"= "C:ProgramEA GamesBattlefield 1942BF1942.exe"= "C:WINDOWSsystem32PnkBstrA.exe"= "C:WINDOWSsystem32PnkBstrB.exe"= "C:ProgramMicrosoft ActiveSyncWCESMgr.exe"= "C:ProgramSoulseekslsk.exe"= "C:ProgramProxy Switcher StandardProxySwitcher.exe"= "C:ProgramTHQDawn of WarW40k.exe"= "C:ProgramTHQDawn of War - Dark CrusadeDarkCrusade.exe"= "C:ProgramTHQDawn of War - SoulstormSoulstorm.exe"= "C:ProgramiTunesiTunes.exe"= "%windir%Network Diagnosticxpnetdiag.exe"= "%windir%system32sessmgr.exe"= "C:ProgramWindows LiveMessengermsnmsgr.exe"= "C:ProgramWindows LiveMessengerlivecall.exe"= "C:ProgramSonyStationLaunchpadLaunchPad.exe"= "C:ProgramSonyStationLaunchpad_aunchPad.exe"= "C:ProgramLimeWireLimeWire.exe"= "C:ProgramBearShare ApplicationsBearShareBearShare.exe"= "C:ProgramAVGAVG8avgupd.exe"= [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList] "16699:UDP"= 16699:UDP:port "55641:TCP"= 55641:TCP:torrent S1 AvgLdx86;AVG Free AVI Loader Driver x86;C:WINDOWSsystem32Driversavgldx86.sys [2008-10-26 97928] S1 pctfw2;pctfw2;C:WINDOWSsystem32driverspctfw2.sys [2008-06-02 159880] S2 avg8wd;AVG Free8 WatchDog;C:ProgramAVGAVG8avgwdsvc.exe [2008-10-26 231704] S2 DLPortIO;DriverLINX Port I/O Driver;C:WINDOWSsystem32DRIVERSDLPortIO.SYS [1999-01-10 3584] S2 EZUSB;Cypress GPD (ezloader.sys);C:WINDOWSsystem32Driversezloader.sys [2004-07-22 17536] S2 EZUSBDEV;Cypress GPD (ezusb.sys);C:WINDOWSsystem32Driversezusb.sys [2004-07-22 12307] S3 a016bus;Sony Ericsson Device A016 driver (WDM);C:WINDOWSsystem32DRIVERSa016bus.sys [2008-01-18 83880] S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter;C:WINDOWSsystem32DRIVERSa016mdfl.sys [2008-01-18 15016] S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver;C:WINDOWSsystem32DRIVERSa016mdm.sys [2008-01-18 110504] S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM);C:WINDOWSsystem32DRIVERSa016mgmt.sys [2008-01-18 104488] S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface;C:WINDOWSsystem32DRIVERSa016obex.sys [2008-01-18 100648] S3 STAC97NA;SigmaTel 3D Environmental Audio;C:WINDOWSsystem32driversstac97na.sys [2002-09-20 296179] S3 STAC97NH;STAC97NH;C:WINDOWSsystem32driversstac97nh.sys [2002-09-20 231983] *Newly Created Service* - EZUSB *Newly Created Service* - EZUSBDEV [HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{DDE9D8F8-7939-0C02-2F56-385F01DC566F}] C:WINDOWS:windows32.exe . Contents of the 'Scheduled Tasks' folder 2008-10-20 C:WINDOWSTasksAppleSoftwareUpdate.job - C:ProgramApple Software UpdateSoftwareUpdate.exe [2006-10-10 17:13] 2008-10-26 C:WINDOWSTasksCheck Updates for Windows Live Toolbar.job - C:ProgramWindows Live ToolbarMSNTBUP.EXE [2007-10-19 11:20] . - - - - ORPHANS REMOVED - - - - BHO-{2D18BFED-B6AE-45A8-93A0-6E9E0D419D1B} - C:WINDOWSsystem32geBrsRIA.dll BHO-{DD153FDB-E2FB-40D2-8E36-F21C36B51DAD} - C:WINDOWSsystem32jkkIAQKD.dll HKLM-Run-BVRPLiveUpdate - C:ProgramAvanquest updateEngineSetup.exe ShellExecuteHooks-{DD153FDB-E2FB-40D2-8E36-F21C36B51DAD} - C:WINDOWSsystem32jkkIAQKD.dll Notify-jkkIAQKD - jkkIAQKD.dll . ------- Supplementary Scan ------- . FireFox -: Profile - C:Documents and SettingsadnanApplication DataMozillaFirefoxProfiles1xxvpbv4.default FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT189560&SearchSource=3&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://search.conduit.com/?ctid=CT189560&SearchSource=13 FF -: plugin - C:ProgramDivXDivX Content UploadernpUpload.dll FF -: plugin - C:ProgramMozilla Firefoxpluginsnpbittorrent.dll FF -: plugin - C:ProgramRealRhapsodyPlayerEnginenprhapengine.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-26 15:27:05 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:WINDOWSsystem32winlogon.exe -> C:WINDOWSsystem32tsd32.dll -> C:WINDOWSsystem32mobilev.acm . ------------------------ Other Running Processes ------------------------ . C:ProgramLavasoftAd-Awareaawservice.exe C:ProgramSpyware DoctorpctsAuxs.exe C:ProgramSpyware DoctorpctsSvc.exe C:ProgramMozilla Firefoxfirefox.exe . ************************************************************************** . Completion time: 2008-10-26 15:40:41 - machine was rebooted ComboFix-quarantined-files.txt 2008-10-26 14:40:36 Pre-Run: 3,971,641,344 byte ledigt Post-Run: 3,969,159,168 byte ledigt WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS [operating systems] C:CMDCONSBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn 245 --- E O F --- 2008-10-24 02:52:10

Hmmm det där programmet hittar ingenting och ger mig ingen logga. Explorer crashar fortfarande non stop och jag måste ta mig fram med aktivitetshanteraren alternativt snabbklick när den kommer tillbaka. Här är en ny HJT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:25:58 PM, on 10/26/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:ProgramLavasoftAd-Awareaawservice.exe C:WINDOWSsystem32LEXBCES.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSsystem32LEXPPS.EXE C:ProgramAVGAVG8avgwdsvc.exe C:ProgramCyberLinkPowerCinemaKernelTVCLCapSvc.exe C:WINDOWSsystem32CTsvcCDA.exe C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLServer.exe C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLService.exe C:WINDOWSsystem32PnkBstrA.exe C:ProgramSpyware DoctorpctsAuxs.exe C:ProgramSpyware DoctorpctsSvc.exe C:ProgramAVGAVG8avgrsx.exe C:WINDOWSsystem32slserv.exe C:WINDOWSSystem32svchost.exe C:ProgramSpyware DoctorpctsTray.exe C:ProgramCyberLinkPowerCinemaKernelTVCLSched.exe C:WINDOWSSystem32alg.exe C:WINDOWSsystem32taskmgr.exe C:WINDOWSsystem32imapi.exe C:ProgramMozilla Firefoxfirefox.exe C:ProgramTrend MicroHijackThisRensare.exe.exe C:WINDOWSSystem32wbemwmiprvse.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.bredbandsbolaget.se/mittkonto R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramDelade filerAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: (no name) - {2D18BFED-B6AE-45A8-93A0-6E9E0D419D1B} - C:WINDOWSsystem32geBrsRIA.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:ProgramAVGAVG8avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre1.6.0_07binssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgramWindows Live Toolbarmsntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:ProgramFree Download Manageriefdm2.dll O2 - BHO: (no name) - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - (no file) O2 - BHO: (no name) - {DD153FDB-E2FB-40D2-8E36-F21C36B51DAD} - C:WINDOWSsystem32jkkIAQKD.dll (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgramWindows Live Toolbarmsntb.dll O4 - HKLM..Run: [ATICCC] "C:ProgramATI TechnologiesATI.ACECLIStart.exe" O4 - HKLM..Run: [PCMService] "C:ProgramCyberLinkPowerCinemaPCMService.exe" O4 - HKLM..Run: [sunJavaUpdateSched] "C:ProgramJavajre1.6.0_07binjusched.exe" O4 - HKLM..Run: [AtiPTA] atiptaxx.exe O4 - HKLM..Run: [TkBellExe] "C:ProgramDelade filerRealUpdate_OBrealsched.exe" -osboot O4 - HKLM..Run: [GrooveMonitor] "C:ProgramMicrosoft OfficeOffice12GrooveMonitor.exe" O4 - HKLM..Run: [bVRPLiveUpdate] C:ProgramAvanquest updateEngineSetup.exe -s /PATCH,/SRCUPDATEC:DOCUME~1ALLUSE~1APPLIC~1SONYER~1SONYER~1LIVEUP~1LISTOF~1.DAT O4 - HKLM..Run: [windows32] C:WINDOWS:windows32.exe O4 - HKLM..Run: [iSTray] "C:ProgramSpyware DoctorpctsTray.exe" O4 - HKLM..Run: [AVG8_TRAY] C:ProgramAVGAVG8avgtray.exe O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [startCCC] C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe O4 - HKCU..Run: [H/PC Connection Agent] "C:ProgramMicrosoft ActiveSyncWCESCOMM.EXE" O4 - HKCU..Run: [msnmsgr] "C:ProgramWindows LiveMessengermsnmsgr.exe" /background O4 - HKCU..Run: [sony Ericsson PC Suite] "C:ProgramSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:ProgramWindows Live Toolbarmsntb.dll/search.htm O8 - Extra context menu item: Download all with Free Download Manager - file://C:ProgramFree Download Managerdlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:ProgramFree Download Managerdlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:ProgramFree Download Managerdlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:ProgramFree Download Managerdllink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:ProgramMICROS~3Office12EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:ProgramWindows Live ToolbarComponentsen-gbmsntabres.dll.mui/229?478aef9e5494442eb73b7b681ebd6796 O8 - Extra context menu item: Open in new foreground tab - res://C:ProgramWindows Live ToolbarComponentsen-gbmsntabres.dll.mui/230?478aef9e5494442eb73b7b681ebd6796 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_07binssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_07binssv.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:ProgramMICROS~3Office12ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:ProgramMICROS~3Office12ONBttnIE.dll O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMICROS~3Office12REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe O10 - Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:ProgramAVGAVG8avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: Antiwpa - C:WINDOWSSYSTEM32antiwpa.dll O20 - Winlogon Notify: jkkIAQKD - jkkIAQKD.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:ProgramLavasoftAd-Awareaawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:ProgramDelade filerAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:ProgramAVGAVG8avgwdsvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:ProgramCyberLinkPowerCinemaKernelTVCLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:ProgramCyberLinkPowerCinemaKernelTVCLSched.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLServer.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:ProgramiPodbiniPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE O23 - Service: NBService - Nero AG - C:ProgramNeroNero 7Nero BackItUpNBService.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:ProgramSpyware DoctorpctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:ProgramSpyware DoctorpctsSvc.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:WINDOWSSYSTEM32slserv.exe -- End of file - 10441 bytes

Jag använde NOD ett tag och avinstallerade idag då licensen löpt ut.......när detta hände precis efter.

********************************************* 2009-01-08: Tråden är nu låst. Tycker du att den är felaktigt låst, var god kontakta Malou ********************************************* Min explorer crashar hela tiden non stop och startas om........dvs alla ikoner försvinner och kommer tillbaka konstant. Jag undrar om något angripit datan? Här är en HJT logga. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:10:50 PM, on 10/26/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:ProgramLavasoftAd-Awareaawservice.exe C:WINDOWSsystem32LEXBCES.EXE C:WINDOWSsystem32LEXPPS.EXE C:WINDOWSsystem32spoolsv.exe C:ProgramCyberLinkPowerCinemaPCMService.exe C:ProgramJavajre1.6.0_07binjusched.exe C:ProgramDelade filerRealUpdate_OBrealsched.exe C:ProgramMicrosoft OfficeOffice12GrooveMonitor.exe C:ProgramSpyware DoctorpctsTray.exe C:ProgramCyberLinkPowerCinemaKernelTVCLCapSvc.exe C:WINDOWSsystem32CTsvcCDA.exe C:WINDOWSsystem32ctfmon.exe C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLServer.exe C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLService.exe C:ProgramATI TechnologiesATI.ACECore-StaticMOM.EXE C:ProgramMicrosoft ActiveSyncWCESCOMM.EXE C:WINDOWSsystem32PnkBstrA.exe C:ProgramSpyware DoctorpctsAuxs.exe C:ProgramSpyware DoctorpctsSvc.exe C:ProgramATI TechnologiesATI.ACECore-Staticccc.exe C:WINDOWSSystem32svchost.exe C:ProgramCyberLinkPowerCinemaKernelTVCLSched.exe C:WINDOWSSystem32alg.exe C:WINDOWSsystem32taskmgr.exe C:ProgramSpyware DoctorpctsGui.exe C:ProgramTrend MicroHijackThisRensare.exe.exe C:WINDOWSsystem32wuauclt.exe C:ProgramMozilla Firefoxfirefox.exe C:WINDOWSSystem32wbemwmiprvse.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.bredbandsbolaget.se/mittkonto R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramDelade filerAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre1.6.0_07binssv.dll O2 - BHO: (no name) - {790F939F-D269-421E-97CB-6B3017A90427} - C:WINDOWSsystem32geBrsRIA.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgramWindows Live Toolbarmsntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:ProgramFree Download Manageriefdm2.dll O2 - BHO: (no name) - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - (no file) O2 - BHO: (no name) - {DD153FDB-E2FB-40D2-8E36-F21C36B51DAD} - C:WINDOWSsystem32jkkIAQKD.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgramWindows Live Toolbarmsntb.dll O4 - HKLM..Run: [ATICCC] "C:ProgramATI TechnologiesATI.ACECLIStart.exe" O4 - HKLM..Run: [PCMService] "C:ProgramCyberLinkPowerCinemaPCMService.exe" O4 - HKLM..Run: [sunJavaUpdateSched] "C:ProgramJavajre1.6.0_07binjusched.exe" O4 - HKLM..Run: [AtiPTA] atiptaxx.exe O4 - HKLM..Run: [TkBellExe] "C:ProgramDelade filerRealUpdate_OBrealsched.exe" -osboot O4 - HKLM..Run: [GrooveMonitor] "C:ProgramMicrosoft OfficeOffice12GrooveMonitor.exe" O4 - HKLM..Run: [bVRPLiveUpdate] C:ProgramAvanquest updateEngineSetup.exe -s /PATCH,/SRCUPDATEC:DOCUME~1ALLUSE~1APPLIC~1SONYER~1SONYER~1LIVEUP~1LISTOF~1.DAT O4 - HKLM..Run: [windows32] C:WINDOWS:windows32.exe O4 - HKLM..Run: [iSTray] "C:ProgramSpyware DoctorpctsTray.exe" O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [startCCC] C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe O4 - HKCU..Run: [H/PC Connection Agent] "C:ProgramMicrosoft ActiveSyncWCESCOMM.EXE" O4 - HKCU..Run: [msnmsgr] "C:ProgramWindows LiveMessengermsnmsgr.exe" /background O4 - HKCU..Run: [sony Ericsson PC Suite] "C:ProgramSony EricssonSony Ericsson PC SuiteSEPCSuite.exe" /systray /nologon O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:ProgramWindows Live Toolbarmsntb.dll/search.htm O8 - Extra context menu item: Download all with Free Download Manager - file://C:ProgramFree Download Managerdlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:ProgramFree Download Managerdlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:ProgramFree Download Managerdlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:ProgramFree Download Managerdllink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:ProgramMICROS~3Office12EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:ProgramWindows Live ToolbarComponentsen-gbmsntabres.dll.mui/229?478aef9e5494442eb73b7b681ebd6796 O8 - Extra context menu item: Open in new foreground tab - res://C:ProgramWindows Live ToolbarComponentsen-gbmsntabres.dll.mui/230?478aef9e5494442eb73b7b681ebd6796 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_07binssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_07binssv.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:ProgramMICROS~3Office12ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:ProgramMICROS~3Office12ONBttnIE.dll O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgramMicrosoft ActiveSyncinetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMICROS~3Office12REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe O10 - Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O20 - AppInit_DLLs: O20 - Winlogon Notify: Antiwpa - C:WINDOWSSYSTEM32antiwpa.dll O20 - Winlogon Notify: jkkIAQKD - C:WINDOWSSYSTEM32jkkIAQKD.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:ProgramLavasoftAd-Awareaawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:ProgramDelade filerAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:ProgramCyberLinkPowerCinemaKernelTVCLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:ProgramCyberLinkPowerCinemaKernelTVCLSched.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:ProgramCyberLinkShared FilesCLML_NTServiceCLMLServer.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:ProgramiPodbiniPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE O23 - Service: NBService - Nero AG - C:ProgramNeroNero 7Nero BackItUpNBService.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:ProgramSpyware DoctorpctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:ProgramSpyware DoctorpctsSvc.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:WINDOWSSYSTEM32slserv.exe -- End of file - 10361 bytes

Jag städade datan i ordets rätta bemärkelse, nämligen tog min dammsugare ställde den på lagom och tog väck all damm och skit innuti. Har faktiskt märkt att den går märkbart snabbare nu. Tog väck en hel kolloni med damm från kylflänsarna på venten och nu är processorn glad och pigg. Fast du kanske bör tanka hem Spywaredoctor och AdAware och göra ett par scans.