XP Dude
-
Innehållsantal
88 -
Gick med
-
Besökte senast
Inlägg postade av XP Dude
-
-
Hej!
Jag söker ett program som kan utföra en paste-funktion då jag ska lägga till en logga på mellan 1000-2000 bilder...
Undrar om någon har ett tips på nåt bra sådant program gärna en freeware, men kan även tänka mig att betala en liten slant.
Tack på förhand!
MVH
// XP Dude
-
*********************************************
2009-06-06:
Tråden är låst då problemet är löst.
Tycker du att den är felaktigt låst, var god kontakta
*********************************************
Hej!
Postar en kompis logga efter att internet betätt sig märkligt, tappar anslutningen med jämna mellanrum
Tacksam om någon kunde kolla?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:36:08, on 2009-04-15
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.finspangshk.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe"
O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZUxdm556YYSE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PartyPoker\RunApp.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...etup1.0.1.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 10653 bytes
-
Ok, det visste jag faktist inte, men då vet jag nu
Tackar aok
// XP Dude
-
Hej!
Har installerat om mitt PS CS 3 när jag öppnar en bildfil dvs. vilken som helst, .jpg, .tif .psd m.m
Så kan jag inte spara dem som .jpg (det är flera andra format som också är borta)
Har dokumentet inställt på 32-bitar. jag vet inte vad detta filproblem beror på.
Någon som kan hjälpa?
Tacksam för svar!
// XP Dude
-
Hej MrO
Oj då, det var ju precis som du sa det är ju mitt antivirusprogram.
Vad bra att allt skit är borta nu, ska ta det försiktigt i fortsättningen med att "acceptera" downloads..
Tack för hjälpen!
// XP Dude
-
Hej igen!
En ny HJT Logga:
Scan saved at 19:34:06, on 2009-03-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Alwil Software\Avast4\aswUpdSv.exe
C:\Program\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program\Alwil Software\Avast4\ashMaiSv.exe
C:\Program\Alwil Software\Avast4\ashWebSv.exe
C:\Program\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 3919 bytes
Går jag dock in på processer så hittar jag ett antal som heter Ash.. dessa syns inte här.. varför vet jag inte men det känns inte rätt.
Däremot e datorn mycket piggare nu.
Vad göra åt dessa Ash?
// XP Dude
-
Hej!
Datorn uppträdde så konstigt att jag helt enkelt tog bort C: o skapade en ny partition, är inte helt klar ännu men bifogar en HJT-logga senare idag.
Var detta Zito Tools kommer ifrån vet jag ej, men vet att det dök upp en uppdatering via Mozilla & när den var gjord började en del av problemen.
Tittade man då i listan över tillägg såg man något som hette redirect dns 1.01 vilket inte alls känns bra.
Men om man plockar bort C: o partionerar om så MÅSTE väl allt vara borta?
// XP Dude
-
Hjälp!
Vad göra?
har ingen aning om var alla dessa saker kommer ifrån, dyker upp nya trojanska hästar hela tiden..
kan någon kolla på hjt loggan:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:30:24, on 2009-03-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\AVG\AVG8\avgemc.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgnsx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program\AVG\AVG8\avgtray.exe
C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\TEMP\masEC.tmp
C:\WINDOWS\system32\rundll32.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\AVG\AVG8\avgscanx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\AVG\AVG8\avgui.exe
C:\WINDOWS\services.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\Fredrik\Application Data\Messenger\Drivers\MsgUpdate.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O2 - BHO: (no name) - {a7e223a5-975d-4fe1-99e0-b4f331c9a126} - C:\WINDOWS\system32\parodupa.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: dnsid - {AEBB9A0D-AEB3-4763-A78A-4C09C526BEFA} - C:\Program\Zito\ZitoTools\dnsid.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [nidle] "C:\Documents and Settings\Fredrik\Application Data\nidle\nidle.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKCU\..\Run: [igfxSys] rundll32.exe "C:\Documents and Settings\Fredrik\Application Data\Messenger\Drivers\IgfxSys.dll",StartProtector
O4 - HKLM\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [nidle] "C:\Documents and Settings\Fredrik\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'Default user')
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\tuyalaze.dll,C:\WINDOWS\system32\pamuyomi.dll,C:\WINDOWS\system32\wavenimu.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 10991 bytes
// XP dude
-
*********************************************
2009-06-06:
Tråden är låst då problemet är löst.
Tycker du att den är felaktigt låst, var god kontakta
*********************************************
Bifogar en logga
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:29, on 2009-03-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\AVG\AVG8\avgemc.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgnsx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program\AVG\AVG8\avgtray.exe
C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\DOCUME~1\Fredrik\LOKALA~1\Temp\xpre.tmp
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O2 - BHO: (no name) - {a7e223a5-975d-4fe1-99e0-b4f331c9a126} - C:\WINDOWS\system32\denufudu.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [degediluse] Rundll32.exe "C:\WINDOWS\system32\lasefoye.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\tuyalaze.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9482 bytes
-
Hej!
Har ett problem med jobbets hemsida:
Den gamla hemsidan är bortplockad, dvs dns:erna är borttagna men ändå ligger den i topp på Google.
När jag pratar med den gamla webbyrån anser de att den tomma sidan ska försvinna om några dagar har dock varit så i 2 månader nu.
Den nya hemsidan som numera är i bruk hamnar först på sida 2 vid Google sökning
I uppdateringsverktyget för den nya hemsidan kan jag använda sökord. dvs. metataggar. det är vad jag själv kan komma åt & göra.
Några förslag på hur vi lyckas få den nya hemsidan på topp i Google?
// XP Dude
-
Hej igen Malou!
Trojanska hästarna är bortplockade det var ett tillägg till ett program jag hade installerat tidigare som innehöll skräpet o fanns bland temp-skräpet man samlar på sig, så ingen fara alls datorn går som en klocka
Men ännu en gång tack för all hjälp!
Ska hålla bra koll på otygen i fortsättningen
// XP Dude
-
Hej Malou!
Jag fick en varning om 2 torjanska hästar via AVG 8.. Free sökte med Bit Defender onlinescan o kunde inte hitta dem... ligger någonstans i systemrestore..
du kan inte se dem i loggan på nåt sätt?
jag har knappt använt datorn sedan vi började med denna logga, så vet inte att jag gjort nåt ovanligt eller var dessa skulle komma ifrån.
// XP Dude
-
Hej Malou!
Här kommer en slutgiltig HJT logga hoppas den ska vara ren & fin
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:22, on 2009-03-02
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\AVG\AVG8\avgemc.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgnsx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program\AVG\AVG8\avgtray.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\EXPERTool\TBPanel.exe
C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] C:\Program\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program\Delade filer\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: adni18_BL-Clock.lnk = C:\Documents and Settings\Fredrik\Skrivbord\adni18_BL-Clock.exe
O4 - Startup: Hyalo-Calendar by adni18.lnk = C:\Documents and Settings\Fredrik\Skrivbord\Hyalo-Calendar Gadget by adni18.exe
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9233 bytes
XP Dude
-
Hej igen Malou!
Datorn mår bra för övrigt, den känns pigg o snabb (nästan snabbare) som innan problemen började, så allt är bara bra
Tack för all hjälp som sagt!
// XP Dude
-
Hej Malou!
De program & tillägg du hänvisar till här över, är sådant jag själv installerat & godkänt. Så ingen fara alls, en del av dem tog ja bort ändå de är "onödiga"
Får ja fråga på vilket sätt Microgaming inte är bra för datorn? (det är unibets pokerporgramvara)
Tack för all hjälp Malou! (hur skulle man klara sig utan dig) ?
// XP Dude
-
Hej igen Malou!
Oj missade HJT-loggan den kommer nu istället, ber om ursäkt för detta.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:40, on 2009-02-26
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\AVG\AVG8\avgemc.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgnsx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program\AVG\AVG8\avgtray.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\EXPERTool\TBPanel.exe
C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] C:\Program\EXPERTool\TBPanel.exe /A
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: adni18_BL-Clock.lnk = C:\Documents and Settings\Fredrik\Skrivbord\adni18_BL-Clock.exe
O4 - Startup: Hyalo-Calendar by adni18.lnk = C:\Documents and Settings\Fredrik\Skrivbord\Hyalo-Calendar Gadget by adni18.exe
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9141 bytes
Datorn känns mycket piggare nu
// MVH
XP Dude
-
Hej Malou!
Här kommer loggan från ComboFix:
ComboFix 09-02-25.02 - Fredrik 2009-02-26 16:09:36.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1053.18.2047.1528 [GMT 1:00]
Körs från: c:\documents and settings\Fredrik\Skrivbord\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: Sygate Personal Firewall *disabled*
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\~.exe
c:\windows\system32\crypts.dll
c:\windows\system32\wpv401232632526.cpx
.
(((((((((((((((((((((((( Filer Skapade från 2009-01-26 till 2009-02-26 ))))))))))))))))))))))))))))))
.
2009-02-26 00:25 . 2009-02-26 00:27 <KAT> d-------- c:\documents and settings\Fredrik\.housecall6.6
2009-02-25 17:33 . 2004-03-29 16:23 90,112 --a------ c:\windows\unvise32.exe
2009-02-25 17:32 . 2009-02-25 17:33 <KAT> d-------- c:\program\ColorVision
2009-02-16 19:47 . 2009-02-16 19:47 <KAT> d-------- c:\program\Recuva
2009-02-08 18:19 . 2009-02-08 18:19 <KAT> d-------- c:\documents and settings\All Users\SonicStage
2009-02-08 18:11 . 2009-02-08 18:11 <KAT> d-------- c:\documents and settings\All Users\Application Data\Sony Corporation
2009-02-08 18:10 . 2009-02-08 18:11 <KAT> d-------- c:\program\Sony
2009-02-08 18:10 . 2009-02-08 18:10 <KAT> d-------- c:\program\Delade filer\Sony Shared
2009-02-08 18:10 . 2009-02-08 18:19 <KAT> d-------- c:\documents and settings\Fredrik\Application Data\Sony Corporation
2009-01-30 16:25 . 2009-01-30 16:25 268 --ah----- C:\sqmdata01.sqm
2009-01-30 16:25 . 2009-01-30 16:25 244 --ah----- C:\sqmnoopt01.sqm
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-20 23:33 --------- d-----w c:\documents and settings\All Users\Application Data\DriverCure
2009-02-19 18:03 --------- d-----w c:\documents and settings\Fredrik\Application Data\uTorrent
2009-02-16 18:22 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-16 18:21 --------- d-----w c:\program\SpywareBlaster
2009-02-08 19:11 --------- d-----w c:\program\Steam
2009-02-08 17:11 --------- d--h--w c:\program\InstallShield Installation Information
2009-02-08 17:10 --------- d-----w c:\program\Delade filer\InstallShield
2009-02-07 18:57 --------- d-----w c:\documents and settings\Fredrik\Application Data\Microgaming
2009-02-06 12:34 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-06 12:34 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-06 12:34 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-02-04 20:56 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-01-18 16:25 --------- d-----w c:\program\EXPERTool
2009-01-18 16:23 --------- d-----w c:\program\AMD
2009-01-18 16:22 --------- d-----w c:\program\Delade filer\Wise Installation Wizard
2009-01-17 23:22 --------- d-----w c:\documents and settings\Fredrik\Application Data\AVGTOOLBAR
2009-01-17 09:41 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore
2009-01-16 20:35 --------- d-----w c:\program\McAfee
2009-01-16 13:20 --------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor
2009-01-16 13:19 --------- d-----w c:\program\Delade filer\McAfee
2009-01-16 13:19 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-01-15 23:26 --------- d-----w c:\program\SIW
2009-01-15 17:21 --------- d-----w c:\documents and settings\Fredrik\Application Data\vlc
2009-01-15 17:18 --------- d-----w c:\program\VideoLAN
2009-01-15 15:07 --------- d-----w c:\program\uTorrent
2009-01-14 09:28 --------- d-----w c:\program\Windows Live
2009-01-14 09:27 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-01-14 09:20 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-01-14 09:20 --------- d-----w c:\program\Java
2009-01-14 08:46 --------- d-----w c:\program\MSECache
2009-01-13 22:01 --------- dcsh--w c:\program\Delade filer\WindowsLiveInstaller
2009-01-13 21:53 --------- d-----w c:\documents and settings\Fredrik\Application Data\Logitech
2009-01-13 21:53 --------- d-----w c:\documents and settings\All Users\Application Data\LogiShrd
2009-01-13 21:52 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-13 21:52 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-01-13 21:52 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-01-13 21:52 --------- d-----w c:\program\Logitech
2009-01-13 21:52 --------- d-----w c:\program\Delade filer\Logishrd
2009-01-13 21:52 --------- d-----w c:\documents and settings\All Users\Application Data\Logitech
2009-01-13 21:15 --------- d-----w c:\program\AVG
2009-01-13 21:08 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-01-13 21:07 --------- d-----w c:\program\Windows Desktop Search
2009-01-13 21:05 --------- d-----w c:\program\Delade filer\Adobe
2009-01-13 21:03 --------- d-----w c:\program\Delade filer\Control Panels
2009-01-13 21:02 --------- d-----w c:\documents and settings\All Users\Application Data\ALM
2009-01-13 20:53 --------- d-----w c:\program\QuickTime
2009-01-13 20:49 --------- d-----w c:\program\Trend Micro
2009-01-13 20:49 --------- d-----w c:\program\CCleaner
2009-01-13 20:42 --------- d-----w c:\program\Bonjour
2009-01-13 20:40 --------- d-----w c:\program\Delade filer\Macrovision Shared
2009-01-13 19:59 --------- d-----w c:\program\Sygate
2009-01-13 19:44 --------- d-----w c:\documents and settings\Fredrik\Application Data\Windows Search
2009-01-13 18:47 --------- d-----w c:\program\ParetoLogic
2009-01-13 18:47 --------- d-----w c:\program\Delade filer\ParetoLogic
2009-01-13 18:47 --------- d-----w c:\documents and settings\Fredrik\Application Data\DriverCure
2009-01-13 18:47 --------- d-----w c:\documents and settings\All Users\Application Data\ParetoLogic
2009-01-13 18:47 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-01-13 18:33 --------- d-----w c:\program\Setup Files
2009-01-13 18:14 --------- d-----w c:\program\Windows Media Connect 2
2009-01-13 17:16 --------- d-----w c:\program\AGEIA Technologies
2009-01-13 17:13 --------- d-----w c:\program\SystemRequirementsLab
2009-01-13 17:04 --------- d-----w c:\program\microsoft frontpage
2009-01-13 17:03 --------- d-----w c:\program\Onlinetjänster
2008-12-23 20:58 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* Tomma poster & legitima standardposter visas inte.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"GAINWARD"="c:\program\EXPERTool\TBPanel.exe" [2008-12-03 2181672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-26 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-26 86016]
"SmcService"="c:\program\Sygate\SPF\smc.exe" [2004-10-15 2577632]
"Acrobat Assistant 8.0"="c:\program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 624248]
"Adobe_ID0EYTHM"="c:\program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]
"AVG8_TRAY"="c:\program\AVG\AVG8\avgtray.exe" [2009-02-06 1601304]
"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-01-14 136600]
"amd_dc_opt"="c:\program\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"nwiz"="nwiz.exe" [2008-12-26 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 c:\windows\RTHDCPL.EXE]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start-meny\Program\Autostart\
ColorVisionStartup.lnk - c:\program\ColorVision\Utility\ColorVisionStartup.exe [2006-01-31 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 16:41 72208 c:\program\Delade filer\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-06 13:34 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCure]
--a------ 2009-01-21 06:38 2896976 c:\program\ParetoLogic\DriverCure\DriverCure.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2009-01-16 21:48 5724184 c:\program\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pareto_Update]
--a------ 2009-01-21 06:36 189808 c:\program\Delade filer\ParetoLogic\UUS2\Pareto_Update.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2009-01-13 20:13 1410296 c:\program\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-ra------ 2006-05-16 11:04 2879488 c:\windows\SkyTel.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program\\Bonjour\\mDNSResponder.exe"=
"c:\\Program\\Delade filer\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program\\Steam\\steamapps\\purepa1n\\counter-strike source\\hl2.exe"=
"c:\\Program\\uTorrent\\uTorrent.exe"=
"c:\\Program\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program\\Mozilla Firefox\\firefox.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-13 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-13 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\program\AVG\AVG8\avgemc.exe [2009-01-13 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\program\AVG\AVG8\avgwdsvc.exe [2009-01-13 298264]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-13 10384]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program\McAfee\SiteAdvisor\McSACore.exe [2009-01-16 206096]
S2 cnaswd;cnaswd;\??\c:\windows\system32\drivers\bffctbyzwvvqqky.sys --> c:\windows\system32\drivers\bffctbyzwvvqqky.sys [?]
S3 mdxgthkn;mdxgthkn;\??\c:\docume~1\Fredrik\LOKALA~1\Temp\mdxgthkn.sys --> c:\docume~1\Fredrik\LOKALA~1\Temp\mdxgthkn.sys [?]
.
Innehållet i mappen 'Schemalagda aktiviteter':
2009-02-20 c:\windows\Tasks\DriverCure.job
- c:\program\ParetoLogic\DriverCure\DriverCure.exe [2009-01-21 06:38]
2009-02-25 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program\Delade filer\ParetoLogic\UUS2\UUS.dll [2009-01-21 06:36]
2009-02-20 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program\Delade filer\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-21 06:36]
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
HKLM-Run-AMD_Display - (no file)
.
------- Extra genomsökning -------
.
uInternet Settings,ProxyOverride = *.local
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\Fredrik\Application Data\Mozilla\Firefox\Profiles\7e9t494f.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.se/
FF - component: c:\program\McAfee\SiteAdvisor\components\McFFPlg.dll
---- FIREFOX POLICY ----
c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-26 16:10:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- DLLer som "laddats" under processer som körs ---------------------
- - - - - - - > 'winlogon.exe'(844)
c:\program\delade filer\logishrd\bluetooth\LBTWlgn.dll
c:\program\delade filer\logishrd\bluetooth\LBTServ.dll
.
Sluttid: 2009-02-26 16:11:14
ComboFix-quarantined-files.txt 2009-02-26 15:11:12
Före genomsökningen: 69 425 369 088 byte ledigt
Efter genomsökningen: 69,417,484,288 byte ledigt
210 --- E O F --- 2009-02-25 23:30:23
Ser det bättre ut nu?
Tack på förhand!
// XP Dude
-
*********************************************
2009-06-06:
Tråden är låst då problemet är löst.
Tycker du att den är felaktigt låst, var god kontakta
*********************************************
Hej!
Igår kalibrerade jag min skärm med Spyder 2 2.2 och surfade en stund efter detta stod datron på en stund o när ja skulle stänga av hade mitt AVG Free antivirus en varning om ett "Threat" Någon som vill tolka denna logg?
Tack på förhand!
// XP dude
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49:52, on 2009-02-26
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgemc.exe
C:\Program\AVG\AVG8\avgnsx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program\AVG\AVG8\avgtray.exe
C:\WINDOWS\TEMP\9600.tmp
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\EXPERTool\TBPanel.exe
C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Windows Live\Messenger\msnmsgr.exe
C:\Program\Windows Live\Messenger\usnsvc.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] C:\Program\EXPERTool\TBPanel.exe /A
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: adni18_BL-Clock.lnk = C:\Documents and Settings\Fredrik\Skrivbord\adni18_BL-Clock.exe
O4 - Startup: Hyalo-Calendar by adni18.lnk = C:\Documents and Settings\Fredrik\Skrivbord\Hyalo-Calendar Gadget by adni18.exe
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program\ColorVision\Utility\ColorVisionStartup.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231922808437
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: crypt - C:\WINDOWS\SYSTEM32\crypts.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9865 bytes
// XP Dude
-
Hej!
Söker en statistikräknare för en hemsida, gärna gratis vet att det finns några men tips om bra räknare mottages tacksamt!
(gärna även information kring var ifrån besökaren kommer, dvs. land)
Tack på förhand!
// XP dude
-
I den här delen av forumet så sysslar vi med => Systemrensning av virus, spionprogram, trojaner och andra skadliga program <= Med det så menar jag att där skall inte förekomma diskussioner samt ovidkommande inlägg.
Här behöver vi lugn och ro för att kunna utföra dessa systemrensningar den hjälpbehövande samt de som hjälper.
Behörighet krävs för att få lov att hjälpa vid systemrensningar med användandet av olika verktyg:
http://www.alltomxp.se/forum/index.php?showtopic=15396
MVH/Malou
Hej Malou!
Det var inte så farligt som han trodde vi har löst det, tack för hjälpen
// XP Dude
-
Hej XP Dude!
Det skall gå.
Inget ovanligt i dagens Internetanvändande att där förekommer infektioner även via Facebook då medlemmar besvarar/tar emot meddelanden/länkar tyvärr
Då detta uppstod flaggade eventuella skyddsprogram för något då?
Om ja vad flaggade de för?
Kunde skyddsprogrammen åtgärda på något sätt?
Finns där fler konton på datorn?
Om ja har dessa fullständiga Adminrättigheter?
Om där går att komma in i felsäkert läge så gör nedanstående procedur. Välj den procedur som passar för det operativsystem som finns installerat i datorn.
Windows XP-Instruktioner:
1: Gå till Start => Kör
2: Skriv/Kopiera in devmgmt.msc i körfältet => klicka Ok-knappen
Se Skärmdump:
3: Gå till Visa i menyn => bocka för Visa dolda enheter => Klicka på +Tecknet framför Icke-Plug and Play-drivrutiner
Se Skärmdump:
Leta upp nedanstående (Rödmarkerade) filer i listan
UACd
TDSSserv
UAComxjecpx
UACuwjqbouq
UACd.sys
TDSSserv.sys
UACuwjqbouq.sys
UAComxjecpx.sys
Se Skärmdump:
4: Om någon/några hittas => Högerklicka på varje fil => Välj => Inaktivera
5: Då du är klar med ovanstående => Starta om datorn
Windows Vista-Instruktioner:
1: Gå till Start => Kör
2: Skriv/Kopiera in devmgmt.msc i körfältet => klicka Ok-knappen
Se Skärmdump:
3: Gå till Visa i menyn => bocka för Visa dolda enheter => Klicka på +Tecknet framför Icke-Plug and Play-drivrutiner
Se Skärmdump:
Leta upp nedanstående (Rödmarkerade)filer i listan
UACd
TDSSserv
UAComxjecpx
UACuwjqbouq
UACd.sys
TDSSserv.sys
UACuwjqbouq.sys
UAComxjecpx.sys
Se Skärmdump:
4: Om någon/några hittas => Högerklicka på varje fil => Välj => Egenskaper.
5: I det nya fönstret välj fliken Drivrutiner och där sätt Autostart till Inaktiverad.
6: Då du är klar med ovanstående => Starta om datorn
Då ovanstående är gjort gå vidare med nedanstående:
För att kunna hjälpa dig på bästa sätt och för att komma igång med att rensa rent från diverse otyg/otrevligheter så rekommenderar vi att du läser/följer nedanstående instruktioner mycket noga:
=> Trend Micro HiJack This (Nerladdning/Instruktioner):
Då du döpt om filen gör en ny TM HJT-logga kopiera in den hit till din tråd så får vi se hur det ser ut.
OBS: Starta ingen ny tråd i ämnet utan fortsätt posta här i din tråd
MVH/Malou
Hej Malou!
Tack för ditt snabba svar, ska se till att följa dina instruktioner när ja kollar på datorn imorogn.
Vet vare sig om man kommer in i Felsäkert läge eller vilka konton som finns i dagsläget.
kollar upp det imorgon.
// XP Dude
-
*********************************************
2009-06-06:
Tråden är låst då problemet är löst.
Tycker du att den är felaktigt låst, var god kontakta
*********************************************
Hej!
En kompis ringde, han hade fått rejält virus eller allvarligt fel på sin dator (ska kolla på det imorgon)
Han kommer inte åt att logga in på sin användare som är skyddad med lösenord, vilket gör att vi inte når Windwos normalt.
Vet ej om Felsäkert läge heller funkar.. om det gör det.. går det att kopiera hans filer till tex. en hårddisk över felsäkert läge?
(Problemet skall ha uppstått när han vistades på Facebook o svarade på något meddelande.)
Någon som haft likande problem eller är det bara att formatera hela datorn?
Tacksam för lite input.
// XP Dude
-
Hej !
Någon som har ett bra program för att kolla hårdvara?
(fick ett tips för ett tag sedan men hittar det inte)
// XP Dude
-
Hej har ett problem efter ominstallation av Photoshop CS2 som nu längre inte öppnar bilder i .nef dvs. kamerans rawformat
Uppdaterar till max med CS2 dvs. fram till version 3.7 av insticksmodulen Camera Raw...
Någon som vet nåt om detta, fotar med en Nikon D300.
Tack på förhand!
// XP Dude
Program för att göra en paste av en logga...
i Program
Postad
Hej Mutex, ber om ursäkt för att jag var otydlig, Jag vill alltså ha ett program som kan infoga en logotype på 1000-2000 bilder.
Som ett Macro i photoshop.
Vet inte om det finns program för detta.. annars kanske det går att skapa sig ett macro som sköter detta i PS som sagt.
Någon som vet?
Tacksam för svar!
MVH
// XP Dude