XP Dude

Förstår inte dina ord? Logga? Pastefunktion?

Berätta.

Hej Mutex, ber om ursäkt för att jag var otydlig, Jag vill alltså ha ett program som kan infoga en logotype på 1000-2000 bilder.

Som ett Macro i photoshop.

Vet inte om det finns program för detta.. annars kanske det går att skapa sig ett macro som sköter detta i PS som sagt.

Någon som vet?

Tacksam för svar!

MVH

// XP Dude

Hej!

Jag söker ett program som kan utföra en paste-funktion då jag ska lägga till en logga på mellan 1000-2000 bilder...

Undrar om någon har ett tips på nåt bra sådant program gärna en freeware, men kan även tänka mig att betala en liten slant.

Tack på förhand!

MVH

// XP Dude

*********************************************

2009-06-06:

Tråden är låst då problemet är löst.

Tycker du att den är felaktigt låst, var god kontakta

Malou

*********************************************

Hej!

Postar en kompis logga efter att internet betätt sig märkligt, tappar anslutningen med jämna mellanrum

Tacksam om någon kunde kolla?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:36:08, on 2009-04-15

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\ASScrPro.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\NETGEAR\WG111T\wlan111t.exe

C:\Program Files\RALINK\Common\RaUI.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Media Player\wmplayer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.finspangshk.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL

O1 - Hosts: ::1 localhost

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe"

O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe

O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini

O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ?

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZUxdm556YYSE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PartyPoker\RunApp.exe

O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe

O13 - Gopher Prefix:

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...etup1.0.1.1.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--

End of file - 10653 bytes

Ok, det visste jag faktist inte, men då vet jag nu

Tackar aok

// XP Dude

Hej!

Har installerat om mitt PS CS 3 när jag öppnar en bildfil dvs. vilken som helst, .jpg, .tif .psd m.m

Så kan jag inte spara dem som .jpg (det är flera andra format som också är borta)

Har dokumentet inställt på 32-bitar. jag vet inte vad detta filproblem beror på.

Någon som kan hjälpa?

Tacksam för svar!

// XP Dude

Hej MrO

Oj då, det var ju precis som du sa det är ju mitt antivirusprogram.

Vad bra att allt skit är borta nu, ska ta det försiktigt i fortsättningen med att "acceptera" downloads..

Tack för hjälpen!

// XP Dude

Hej igen!

En ny HJT Logga:

Scan saved at 19:34:06, on 2009-03-11

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Alwil Software\Avast4\aswUpdSv.exe

C:\Program\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Sunbelt Software\Personal Firewall\SbPFLnch.exe

C:\Program\Sunbelt Software\Personal Firewall\SbPFSvc.exe

C:\Program\Alwil Software\Avast4\ashMaiSv.exe

C:\Program\Alwil Software\Avast4\ashWebSv.exe

C:\Program\Sunbelt Software\Personal Firewall\SbPFCl.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program\Sunbelt Software\Personal Firewall\SbPFLnch.exe

O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--

End of file - 3919 bytes

Går jag dock in på processer så hittar jag ett antal som heter Ash.. dessa syns inte här.. varför vet jag inte men det känns inte rätt.

Däremot e datorn mycket piggare nu.

Vad göra åt dessa Ash?

// XP Dude

Hej!

Datorn uppträdde så konstigt att jag helt enkelt tog bort C: o skapade en ny partition, är inte helt klar ännu men bifogar en HJT-logga senare idag.

Var detta Zito Tools kommer ifrån vet jag ej, men vet att det dök upp en uppdatering via Mozilla & när den var gjord började en del av problemen.

Tittade man då i listan över tillägg såg man något som hette redirect dns 1.01 vilket inte alls känns bra.

Men om man plockar bort C: o partionerar om så MÅSTE väl allt vara borta?

// XP Dude

Hjälp!

Vad göra?

har ingen aning om var alla dessa saker kommer ifrån, dyker upp nya trojanska hästar hela tiden..

kan någon kolla på hjt loggan:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:30:24, on 2009-03-10

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\McAfee\SiteAdvisor\McSACore.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\AVG\AVG8\avgemc.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\Program\AVG\AVG8\avgnsx.exe

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\TEMP\masEC.tmp

C:\WINDOWS\system32\rundll32.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\AVG\AVG8\avgscanx.exe

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\AVG\AVG8\avgui.exe

C:\WINDOWS\services.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\Fredrik\Application Data\Messenger\Drivers\MsgUpdate.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O2 - BHO: (no name) - {a7e223a5-975d-4fe1-99e0-b4f331c9a126} - C:\WINDOWS\system32\parodupa.dll (file missing)

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: dnsid - {AEBB9A0D-AEB3-4763-A78A-4C09C526BEFA} - C:\Program\Zito\ZitoTools\dnsid.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [nidle] "C:\Documents and Settings\Fredrik\Application Data\nidle\nidle.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139

O4 - HKCU\..\Run: [igfxSys] rundll32.exe "C:\Documents and Settings\Fredrik\Application Data\Messenger\Drivers\IgfxSys.dll",StartProtector

O4 - HKLM\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [nidle] "C:\Documents and Settings\Fredrik\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'Default user')

O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab

O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\tuyalaze.dll,C:\WINDOWS\system32\pamuyomi.dll,C:\WINDOWS\system32\wavenimu.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe

--

End of file - 10991 bytes

// XP dude

*********************************************

2009-06-06:

Tråden är låst då problemet är löst.

Tycker du att den är felaktigt låst, var god kontakta

Malou

*********************************************

Bifogar en logga

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:33:29, on 2009-03-10

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\McAfee\SiteAdvisor\McSACore.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\AVG\AVG8\avgemc.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\Program\AVG\AVG8\avgnsx.exe

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\DOCUME~1\Fredrik\LOKALA~1\Temp\xpre.tmp

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O2 - BHO: (no name) - {a7e223a5-975d-4fe1-99e0-b4f331c9a126} - C:\WINDOWS\system32\denufudu.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [degediluse] Rundll32.exe "C:\WINDOWS\system32\lasefoye.dll",s

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab

O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\tuyalaze.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe

--

End of file - 9482 bytes

Hej!

Har ett problem med jobbets hemsida:

Den gamla hemsidan är bortplockad, dvs dns:erna är borttagna men ändå ligger den i topp på Google.

När jag pratar med den gamla webbyrån anser de att den tomma sidan ska försvinna om några dagar har dock varit så i 2 månader nu.

Den nya hemsidan som numera är i bruk hamnar först på sida 2 vid Google sökning

I uppdateringsverktyget för den nya hemsidan kan jag använda sökord. dvs. metataggar. det är vad jag själv kan komma åt & göra.

Några förslag på hur vi lyckas få den nya hemsidan på topp i Google?

// XP Dude

Hej igen Malou!

Trojanska hästarna är bortplockade det var ett tillägg till ett program jag hade installerat tidigare som innehöll skräpet o fanns bland temp-skräpet man samlar på sig, så ingen fara alls datorn går som en klocka

Men ännu en gång tack för all hjälp!

Ska hålla bra koll på otygen i fortsättningen

// XP Dude

Hej Malou!

Jag fick en varning om 2 torjanska hästar via AVG 8.. Free sökte med Bit Defender onlinescan o kunde inte hitta dem... ligger någonstans i systemrestore..

du kan inte se dem i loggan på nåt sätt?

jag har knappt använt datorn sedan vi började med denna logga, så vet inte att jag gjort nåt ovanligt eller var dessa skulle komma ifrån.

// XP Dude

Hej Malou!

Här kommer en slutgiltig HJT logga hoppas den ska vara ren & fin

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:35:22, on 2009-03-02

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\McAfee\SiteAdvisor\McSACore.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\AVG\AVG8\avgemc.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\Program\AVG\AVG8\avgnsx.exe

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\EXPERTool\TBPanel.exe

C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [GAINWARD] C:\Program\EXPERTool\TBPanel.exe /A

O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program\Delade filer\Adobe\Updater5\AdobeUpdater.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: adni18_BL-Clock.lnk = C:\Documents and Settings\Fredrik\Skrivbord\adni18_BL-Clock.exe

O4 - Startup: Hyalo-Calendar by adni18.lnk = C:\Documents and Settings\Fredrik\Skrivbord\Hyalo-Calendar Gadget by adni18.exe

O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab

O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe

--

End of file - 9233 bytes

XP Dude

Hej igen Malou!

Datorn mår bra för övrigt, den känns pigg o snabb (nästan snabbare) som innan problemen började, så allt är bara bra

Tack för all hjälp som sagt!

// XP Dude

Hej Malou!

De program & tillägg du hänvisar till här över, är sådant jag själv installerat & godkänt. Så ingen fara alls, en del av dem tog ja bort ändå de är "onödiga"

Får ja fråga på vilket sätt Microgaming inte är bra för datorn? (det är unibets pokerporgramvara)

Tack för all hjälp Malou! (hur skulle man klara sig utan dig) ?

// XP Dude

Hej igen Malou!

Oj missade HJT-loggan den kommer nu istället, ber om ursäkt för detta.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:03:40, on 2009-02-26

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\McAfee\SiteAdvisor\McSACore.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\AVG\AVG8\avgemc.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\Program\AVG\AVG8\avgnsx.exe

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\EXPERTool\TBPanel.exe

C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [GAINWARD] C:\Program\EXPERTool\TBPanel.exe /A

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: adni18_BL-Clock.lnk = C:\Documents and Settings\Fredrik\Skrivbord\adni18_BL-Clock.exe

O4 - Startup: Hyalo-Calendar by adni18.lnk = C:\Documents and Settings\Fredrik\Skrivbord\Hyalo-Calendar Gadget by adni18.exe

O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab

O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe

--

End of file - 9141 bytes

Datorn känns mycket piggare nu

// MVH

XP Dude

Hej Malou!

Här kommer loggan från ComboFix:

ComboFix 09-02-25.02 - Fredrik 2009-02-26 16:09:36.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1053.18.2047.1528 [GMT 1:00]

Körs från: c:\documents and settings\Fredrik\Skrivbord\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

FW: Sygate Personal Firewall *disabled*

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\~.exe

c:\windows\system32\crypts.dll

c:\windows\system32\wpv401232632526.cpx

.

(((((((((((((((((((((((( Filer Skapade från 2009-01-26 till 2009-02-26 ))))))))))))))))))))))))))))))

.

2009-02-26 00:25 . 2009-02-26 00:27 <KAT> d-------- c:\documents and settings\Fredrik\.housecall6.6

2009-02-25 17:33 . 2004-03-29 16:23 90,112 --a------ c:\windows\unvise32.exe

2009-02-25 17:32 . 2009-02-25 17:33 <KAT> d-------- c:\program\ColorVision

2009-02-16 19:47 . 2009-02-16 19:47 <KAT> d-------- c:\program\Recuva

2009-02-08 18:19 . 2009-02-08 18:19 <KAT> d-------- c:\documents and settings\All Users\SonicStage

2009-02-08 18:11 . 2009-02-08 18:11 <KAT> d-------- c:\documents and settings\All Users\Application Data\Sony Corporation

2009-02-08 18:10 . 2009-02-08 18:11 <KAT> d-------- c:\program\Sony

2009-02-08 18:10 . 2009-02-08 18:10 <KAT> d-------- c:\program\Delade filer\Sony Shared

2009-02-08 18:10 . 2009-02-08 18:19 <KAT> d-------- c:\documents and settings\Fredrik\Application Data\Sony Corporation

2009-01-30 16:25 . 2009-01-30 16:25 268 --ah----- C:\sqmdata01.sqm

2009-01-30 16:25 . 2009-01-30 16:25 244 --ah----- C:\sqmnoopt01.sqm

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-02-20 23:33 --------- d-----w c:\documents and settings\All Users\Application Data\DriverCure

2009-02-19 18:03 --------- d-----w c:\documents and settings\Fredrik\Application Data\uTorrent

2009-02-16 18:22 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP

2009-02-16 18:21 --------- d-----w c:\program\SpywareBlaster

2009-02-08 19:11 --------- d-----w c:\program\Steam

2009-02-08 17:11 --------- d--h--w c:\program\InstallShield Installation Information

2009-02-08 17:10 --------- d-----w c:\program\Delade filer\InstallShield

2009-02-07 18:57 --------- d-----w c:\documents and settings\Fredrik\Application Data\Microgaming

2009-02-06 12:34 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys

2009-02-06 12:34 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys

2009-02-06 12:34 10,520 ----a-w c:\windows\system32\avgrsstx.dll

2009-02-04 20:56 --------- d-----w c:\documents and settings\All Users\Application Data\avg8

2009-01-18 16:25 --------- d-----w c:\program\EXPERTool

2009-01-18 16:23 --------- d-----w c:\program\AMD

2009-01-18 16:22 --------- d-----w c:\program\Delade filer\Wise Installation Wizard

2009-01-17 23:22 --------- d-----w c:\documents and settings\Fredrik\Application Data\AVGTOOLBAR

2009-01-17 09:41 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore

2009-01-16 20:35 --------- d-----w c:\program\McAfee

2009-01-16 13:20 --------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor

2009-01-16 13:19 --------- d-----w c:\program\Delade filer\McAfee

2009-01-16 13:19 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee

2009-01-15 23:26 --------- d-----w c:\program\SIW

2009-01-15 17:21 --------- d-----w c:\documents and settings\Fredrik\Application Data\vlc

2009-01-15 17:18 --------- d-----w c:\program\VideoLAN

2009-01-15 15:07 --------- d-----w c:\program\uTorrent

2009-01-14 09:28 --------- d-----w c:\program\Windows Live

2009-01-14 09:27 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller

2009-01-14 09:20 410,984 ----a-w c:\windows\system32\deploytk.dll

2009-01-14 09:20 --------- d-----w c:\program\Java

2009-01-14 08:46 --------- d-----w c:\program\MSECache

2009-01-13 22:01 --------- dcsh--w c:\program\Delade filer\WindowsLiveInstaller

2009-01-13 21:53 --------- d-----w c:\documents and settings\Fredrik\Application Data\Logitech

2009-01-13 21:53 --------- d-----w c:\documents and settings\All Users\Application Data\LogiShrd

2009-01-13 21:52 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2009-01-13 21:52 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf

2009-01-13 21:52 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf

2009-01-13 21:52 --------- d-----w c:\program\Logitech

2009-01-13 21:52 --------- d-----w c:\program\Delade filer\Logishrd

2009-01-13 21:52 --------- d-----w c:\documents and settings\All Users\Application Data\Logitech

2009-01-13 21:15 --------- d-----w c:\program\AVG

2009-01-13 21:08 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet

2009-01-13 21:07 --------- d-----w c:\program\Windows Desktop Search

2009-01-13 21:05 --------- d-----w c:\program\Delade filer\Adobe

2009-01-13 21:03 --------- d-----w c:\program\Delade filer\Control Panels

2009-01-13 21:02 --------- d-----w c:\documents and settings\All Users\Application Data\ALM

2009-01-13 20:53 --------- d-----w c:\program\QuickTime

2009-01-13 20:49 --------- d-----w c:\program\Trend Micro

2009-01-13 20:49 --------- d-----w c:\program\CCleaner

2009-01-13 20:42 --------- d-----w c:\program\Bonjour

2009-01-13 20:40 --------- d-----w c:\program\Delade filer\Macrovision Shared

2009-01-13 19:59 --------- d-----w c:\program\Sygate

2009-01-13 19:44 --------- d-----w c:\documents and settings\Fredrik\Application Data\Windows Search

2009-01-13 18:47 --------- d-----w c:\program\ParetoLogic

2009-01-13 18:47 --------- d-----w c:\program\Delade filer\ParetoLogic

2009-01-13 18:47 --------- d-----w c:\documents and settings\Fredrik\Application Data\DriverCure

2009-01-13 18:47 --------- d-----w c:\documents and settings\All Users\Application Data\ParetoLogic

2009-01-13 18:47 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations

2009-01-13 18:33 --------- d-----w c:\program\Setup Files

2009-01-13 18:14 --------- d-----w c:\program\Windows Media Connect 2

2009-01-13 17:16 --------- d-----w c:\program\AGEIA Technologies

2009-01-13 17:13 --------- d-----w c:\program\SystemRequirementsLab

2009-01-13 17:04 --------- d-----w c:\program\microsoft frontpage

2009-01-13 17:03 --------- d-----w c:\program\Onlinetjänster

2008-12-23 20:58 453,152 ----a-w c:\windows\system32\NVUNINST.EXE

2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"GAINWARD"="c:\program\EXPERTool\TBPanel.exe" [2008-12-03 2181672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-26 13680640]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-26 86016]

"SmcService"="c:\program\Sygate\SPF\smc.exe" [2004-10-15 2577632]

"Acrobat Assistant 8.0"="c:\program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 624248]

"Adobe_ID0EYTHM"="c:\program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]

"AVG8_TRAY"="c:\program\AVG\AVG8\avgtray.exe" [2009-02-06 1601304]

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-01-14 136600]

"amd_dc_opt"="c:\program\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

"nwiz"="nwiz.exe" [2008-12-26 c:\windows\system32\nwiz.exe]

"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 c:\windows\RTHDCPL.EXE]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start-meny\Program\Autostart\

ColorVisionStartup.lnk - c:\program\ColorVision\Utility\ColorVisionStartup.exe [2006-01-31 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2008-11-07 16:41 72208 c:\program\Delade filer\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-02-06 13:34 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Logitech SetPoint.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Logitech SetPoint.lnk

backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Microsoft Office.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Microsoft Office.lnk

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCure]

--a------ 2009-01-21 06:38 2896976 c:\program\ParetoLogic\DriverCure\DriverCure.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

--a------ 2009-01-16 21:48 5724184 c:\program\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pareto_Update]

--a------ 2009-01-21 06:36 189808 c:\program\Delade filer\ParetoLogic\UUS2\Pareto_Update.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

--a------ 2009-01-13 20:13 1410296 c:\program\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]

-ra------ 2006-05-16 11:04 2879488 c:\windows\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\Program\\Delade filer\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

"c:\\Program\\AVG\\AVG8\\avgemc.exe"=

"c:\\Program\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program\\Steam\\steamapps\\purepa1n\\counter-strike source\\hl2.exe"=

"c:\\Program\\uTorrent\\uTorrent.exe"=

"c:\\Program\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=

"c:\\Program\\Mozilla Firefox\\firefox.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-13 325128]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-13 107272]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\program\AVG\AVG8\avgemc.exe [2009-01-13 903960]

R2 avg8wd;AVG Free8 WatchDog;c:\program\AVG\AVG8\avgwdsvc.exe [2009-01-13 298264]

R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-13 10384]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program\McAfee\SiteAdvisor\McSACore.exe [2009-01-16 206096]

S2 cnaswd;cnaswd;\??\c:\windows\system32\drivers\bffctbyzwvvqqky.sys --> c:\windows\system32\drivers\bffctbyzwvvqqky.sys [?]

S3 mdxgthkn;mdxgthkn;\??\c:\docume~1\Fredrik\LOKALA~1\Temp\mdxgthkn.sys --> c:\docume~1\Fredrik\LOKALA~1\Temp\mdxgthkn.sys [?]

.

Innehållet i mappen 'Schemalagda aktiviteter':

2009-02-20 c:\windows\Tasks\DriverCure.job

- c:\program\ParetoLogic\DriverCure\DriverCure.exe [2009-01-21 06:38]

2009-02-25 c:\windows\Tasks\ParetoLogic Registration.job

- c:\program\Delade filer\ParetoLogic\UUS2\UUS.dll [2009-01-21 06:36]

2009-02-20 c:\windows\Tasks\ParetoLogic Update Version2.job

- c:\program\Delade filer\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-21 06:36]

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

HKLM-Run-AMD_Display - (no file)

.

------- Extra genomsökning -------

.

uInternet Settings,ProxyOverride = *.local

DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab

FF - ProfilePath - c:\documents and settings\Fredrik\Application Data\Mozilla\Firefox\Profiles\7e9t494f.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.se/

FF - component: c:\program\McAfee\SiteAdvisor\components\McFFPlg.dll

---- FIREFOX POLICY ----

c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-26 16:10:21

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]

"ImagePath"=""

.

--------------------- DLLer som "laddats" under processer som körs ---------------------

- - - - - - - > 'winlogon.exe'(844)

c:\program\delade filer\logishrd\bluetooth\LBTWlgn.dll

c:\program\delade filer\logishrd\bluetooth\LBTServ.dll

.

Sluttid: 2009-02-26 16:11:14

ComboFix-quarantined-files.txt 2009-02-26 15:11:12

Före genomsökningen: 69 425 369 088 byte ledigt

Efter genomsökningen: 69,417,484,288 byte ledigt

210 --- E O F --- 2009-02-25 23:30:23

Ser det bättre ut nu?

Tack på förhand!

// XP Dude

*********************************************

2009-06-06:

Tråden är låst då problemet är löst.

Tycker du att den är felaktigt låst, var god kontakta

Malou

*********************************************

Hej!

Igår kalibrerade jag min skärm med Spyder 2 2.2 och surfade en stund efter detta stod datron på en stund o när ja skulle stänga av hade mitt AVG Free antivirus en varning om ett "Threat" Någon som vill tolka denna logg?

Tack på förhand!

// XP dude

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:49:52, on 2009-02-26

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\McAfee\SiteAdvisor\McSACore.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\Program\AVG\AVG8\avgemc.exe

C:\Program\AVG\AVG8\avgnsx.exe

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\WINDOWS\TEMP\9600.tmp

C:\Program\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\EXPERTool\TBPanel.exe

C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\Program\Adobe\Adobe Photoshop CS3\Photoshop.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Live\Messenger\msnmsgr.exe

C:\Program\Windows Live\Messenger\usnsvc.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [GAINWARD] C:\Program\EXPERTool\TBPanel.exe /A

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: adni18_BL-Clock.lnk = C:\Documents and Settings\Fredrik\Skrivbord\adni18_BL-Clock.exe

O4 - Startup: Hyalo-Calendar by adni18.lnk = C:\Documents and Settings\Fredrik\Skrivbord\Hyalo-Calendar Gadget by adni18.exe

O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab

O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: crypt - C:\WINDOWS\SYSTEM32\crypts.dll

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe

--

End of file - 9865 bytes

// XP Dude

Hej!

Söker en statistikräknare för en hemsida, gärna gratis vet att det finns några men tips om bra räknare mottages tacksamt!

(gärna även information kring var ifrån besökaren kommer, dvs. land)

Tack på förhand!

// XP dude

I den här delen av forumet så sysslar vi med => Systemrensning av virus, spionprogram, trojaner och andra skadliga program <= Med det så menar jag att där skall inte förekomma diskussioner samt ovidkommande inlägg.

Här behöver vi lugn och ro för att kunna utföra dessa systemrensningar den hjälpbehövande samt de som hjälper.

Behörighet krävs för att få lov att hjälpa vid systemrensningar med användandet av olika verktyg:

http://www.alltomxp.se/forum/index.php?showtopic=15396

MVH/Malou

Hej Malou!

Det var inte så farligt som han trodde vi har löst det, tack för hjälpen

// XP Dude

Hej XP Dude!

Det skall gå.

Inget ovanligt i dagens Internetanvändande att där förekommer infektioner även via Facebook då medlemmar besvarar/tar emot meddelanden/länkar tyvärr

Då detta uppstod flaggade eventuella skyddsprogram för något då?

Om ja vad flaggade de för?

Kunde skyddsprogrammen åtgärda på något sätt?

Finns där fler konton på datorn?

Om ja har dessa fullständiga Adminrättigheter?

Om där går att komma in i felsäkert läge så gör nedanstående procedur. Välj den procedur som passar för det operativsystem som finns installerat i datorn.

Windows XP-Instruktioner:

1: Gå till Start => Kör

2: Skriv/Kopiera in devmgmt.msc i körfältet => klicka Ok-knappen

Se Skärmdump:

3: Gå till Visa i menyn => bocka för Visa dolda enheter => Klicka på +Tecknet framför Icke-Plug and Play-drivrutiner

Se Skärmdump:

Leta upp nedanstående (Rödmarkerade) filer i listan

UACd

TDSSserv

UAComxjecpx

UACuwjqbouq

UACd.sys

TDSSserv.sys

UACuwjqbouq.sys

UAComxjecpx.sys

Se Skärmdump:

4: Om någon/några hittas => Högerklicka på varje fil => Välj => Inaktivera

5: Då du är klar med ovanstående => Starta om datorn

Windows Vista-Instruktioner:

1: Gå till Start => Kör

2: Skriv/Kopiera in devmgmt.msc i körfältet => klicka Ok-knappen

Se Skärmdump:

3: Gå till Visa i menyn => bocka för Visa dolda enheter => Klicka på +Tecknet framför Icke-Plug and Play-drivrutiner

Se Skärmdump:

Leta upp nedanstående (Rödmarkerade)filer i listan

UACd

TDSSserv

UAComxjecpx

UACuwjqbouq

UACd.sys

TDSSserv.sys

UACuwjqbouq.sys

UAComxjecpx.sys

Se Skärmdump:

4: Om någon/några hittas => Högerklicka på varje fil => Välj => Egenskaper.

5: I det nya fönstret välj fliken Drivrutiner och där sätt Autostart till Inaktiverad.

6: Då du är klar med ovanstående => Starta om datorn

Då ovanstående är gjort gå vidare med nedanstående:

För att kunna hjälpa dig på bästa sätt och för att komma igång med att rensa rent från diverse otyg/otrevligheter så rekommenderar vi att du läser/följer nedanstående instruktioner mycket noga:

=> Trend Micro HiJack This (Nerladdning/Instruktioner):

Då du döpt om filen gör en ny TM HJT-logga kopiera in den hit till din tråd så får vi se hur det ser ut.

OBS: Starta ingen ny tråd i ämnet utan fortsätt posta här i din tråd

MVH/Malou

Hej Malou!

Tack för ditt snabba svar, ska se till att följa dina instruktioner när ja kollar på datorn imorogn.

Vet vare sig om man kommer in i Felsäkert läge eller vilka konton som finns i dagsläget.

kollar upp det imorgon.

// XP Dude

*********************************************

2009-06-06:

Tråden är låst då problemet är löst.

Tycker du att den är felaktigt låst, var god kontakta

Malou

*********************************************

Hej!

En kompis ringde, han hade fått rejält virus eller allvarligt fel på sin dator (ska kolla på det imorgon)

Han kommer inte åt att logga in på sin användare som är skyddad med lösenord, vilket gör att vi inte når Windwos normalt.

Vet ej om Felsäkert läge heller funkar.. om det gör det.. går det att kopiera hans filer till tex. en hårddisk över felsäkert läge?

(Problemet skall ha uppstått när han vistades på Facebook o svarade på något meddelande.)

Någon som haft likande problem eller är det bara att formatera hela datorn?

Tacksam för lite input.

// XP Dude

Hej !

Någon som har ett bra program för att kolla hårdvara?

(fick ett tips för ett tag sedan men hittar det inte)

// XP Dude

Hej har ett problem efter ominstallation av Photoshop CS2 som nu längre inte öppnar bilder i .nef dvs. kamerans rawformat

Uppdaterar till max med CS2 dvs. fram till version 3.7 av insticksmodulen Camera Raw...

Någon som vet nåt om detta, fotar med en Nikon D300.

Tack på förhand!

// XP Dude