kava
-
Innehållsantal
38 -
Gick med
-
Besökte senast
Allt postat av kava
-
Resultatet: Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\WINDOWS\SYSTEM32\winfjt32.dll" deleted successfully. Completed script processing. ******************* Finished! Terminate.
-
Jag scannade med Hijack igen och nu verkar den vara borta men är den det när jag kollar i windows, testar nu. EDIT: den är kvar i "System 32-mappen" Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:06:19, on 2010-03-11 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program\Canon\MyPrinter\BJMyPrt.exe C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe C:\Program\Delade filer\Real\Update_OB\realsched.exe C:\Program\Java\jre6\bin\jusched.exe C:\WINDOWS\SM1BG.EXE C:\WINDOWS\stsystra.exe C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program\F-Secure\Anti-Virus\fsgk32st.exe C:\Program\F-Secure\Anti-Virus\FSGK32.EXE C:\Program\F-Secure\Anti-Virus\fssm32.exe C:\Program\F-Secure\Common\FSMA32.EXE C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program\Delade filer\InstallShield\UpdateService\issch.exe C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program\Winamp\winampa.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Personal\bin\Personal.exe C:\Documents and Settings\Kalle\Skrivbord\HiJackThis.exe C:\Program\F-Secure\Common\FSLAUNCH.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.svenskafans.com/hockeyzon/lif/forum.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Bredbandsbolaget Servicecenter Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [bredbandsbolaget Servicecenter] "C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [MSKDetct] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iAAnotif] C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe O8 - Extra context menu item: &Block this popup - C:\Program\F-Secure\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/sv_SV/DjVuControl_sv_SV.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268241970421 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.se/aurigma/ImageUploader4.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O20 - AppInit_DLLs: acaptuser32.dll O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program\F-Secure\Common\FNRB32.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure\Common\FSMA32.EXE O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe (file missing) O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Kalle/LOKALA~1/Temp/msohtml1/01/clip_image002.jpg -- End of file - 11832 bytes
-
Det går inte att ta bort filen! "Åtkomst nekad" Har startat om datorn en gång (den stänger sig inte själv) ska jag göra en ny DDS-logg ändå?
-
Här kommer filen "Attach" också! Attach.txt
-
DDS.txt DDS (Ver_09-12-01.01) - NTFSx86 Run by Kalle at 17:49:09,12 on 2010-03-11 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.2046.1250 [GMT 1:00] AV: F-Secure Anti-Virus Client Security 6.01 *On-access scanning enabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: F-Secure Anti-Virus Client Security 6.01 *enabled* {D4747503-0346-49EB-9262-997542F79BF4} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Program\F-Secure\Anti-Virus\fsgk32st.exe C:\Program\F-Secure\Anti-Virus\FSGK32.EXE C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program\F-Secure\Anti-Virus\fssm32.exe C:\Program\F-Secure\Common\FSMA32.EXE C:\Program\F-Secure\Common\FSMB32.EXE C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program\F-Secure\Common\FCH32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program\F-Secure\Common\FAMEH32.EXE C:\Program\F-Secure\Anti-Virus\fsqh.exe C:\Program\F-Secure\Anti-Virus\fsrw.exe C:\Program\F-Secure\Common\FNRB32.EXE C:\Program\F-Secure\FWES\Program\fsdfwd.exe C:\Program\F-Secure\Common\FIH32.EXE C:\Program\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program\F-Secure\Common\FSM32.EXE C:\Program\Canon\MyPrinter\BJMyPrt.exe C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe C:\Program\F-Secure\ANTI-S~1\fsaw.exe C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe C:\Program\F-Secure\FSGUI\fsguidll.exe C:\Program\Delade filer\Real\Update_OB\realsched.exe C:\Program\Java\jre6\bin\jusched.exe C:\WINDOWS\SM1BG.EXE C:\WINDOWS\stsystra.exe C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program\Delade filer\InstallShield\UpdateService\issch.exe C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Personal\bin\Personal.exe C:\Program\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe C:\Program\Windows Live\Toolbar\wltuser.exe C:\Program\Spotify\spotify.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Internet Explorer\iexplore.exe C:\WINDOWS\system32\dumprep.exe C:\Documents and Settings\Kalle\Skrivbord\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.svenskafans.com/hockeyzon/lif/forum.asp uSearch Bar = hxxp://www.google.com/ie uDefault_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017 uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms} uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Bredbandsbolaget Servicecenter Plugin: {db87cde1-ef9c-44eb-a42f-6d0b3c72c516} - c:\program\bredbandsbolaget\servicecenter\IEFixItNowPlugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [F-Secure TNB] "c:\program\f-secure\tnb\TNBUtil.exe" /CHECKALL /WAITFORSW mRun: [F-Secure Manager] "c:\program\f-secure\common\FSM32.EXE" /splash mRun: [CanonSolutionMenu] c:\program\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [CanonMyPrinter] c:\program\canon\myprinter\BJMyPrt.exe /logon mRun: [bredbandsbolaget Servicecenter] "c:\program\bredbandsbolaget\servicecenter\Bredbandsbolaget.exe" mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "c:\program\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "c:\program\adobe\acrobat 9.0\acrobat\Acrotray.exe" mRun: [TkBellExe] "c:\program\delade filer\real\update_ob\realsched.exe" -osboot mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe" mRun: [sM1BG] c:\windows\SM1BG.EXE mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [RoxioDragToDisc] "c:\program\roxio\easy media creator 7\drag to disc\DrgToDsc.exe" mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime mRun: [NWEReboot] mRun: [MSKDetectorExe] c:\program\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [MSKDetct] c:\program\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [iSUSScheduler] "c:\program\delade filer\installshield\updateservice\issch.exe" -start mRun: [iSUSPM Startup] "c:\program\delade filer\installshield\updateservice\isuspm.exe" -startup mRun: [iAAnotif] c:\program\intel\intel matrix storage manager\Iaanotif.exe mRun: [WinampAgent] c:\program\winamp\winampa.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\f-secu~1.lnk - c:\program\f-secure\backweb\7681197\program\F-Secure Automatic Update.exe IE: &Block this popup - c:\program\f-secure\anti-spyware\blockpopups.htm IE: Append Link Target to Existing PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xportera till Microsoft Excel - c:\program\micros~3\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe IE: {300DB664-75B5-47c0-8B45-A44ACCF73C00} - {0928F506-07E8-470c-979D-147C296D4879} - c:\program\f-secure\anti-spyware\ieshield.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - h:\program\office11\REFIEBAR.DLL LSP: c:\program\f-secure\fsps\program\FSLSP.DLL DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.lizardtech.com/download/files/win/djvuplugin/sv_SV/DjVuControl_sv_SV.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} - hxxp://www.tvlution.com/KooPlayer.ocx DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268241970421 DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.postfoto.se/aurigma/ImageUploader4.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab Notify: winfjt32 - winfjt32.dll AppInit_DLLs: acaptuser32.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2006-10-24 70896] R2 BackWeb Plug-in - 7681197;F-Secure Automatic Update;c:\program\f-secure\backweb\7681197\program\SERVIC~1.EXE [2006-10-24 32807] R2 F-Secure Filter;F-Secure File System Filter;c:\program\f-secure\anti-virus\win2k\FSfilter.sys [2006-10-24 48816] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program\f-secure\anti-virus\fsgk32st.exe [2006-10-24 45056] R2 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program\f-secure\anti-virus\win2k\fsgk.sys [2006-10-24 48256] R2 F-Secure Recognizer;F-Secure File System Recognizer;c:\program\f-secure\anti-virus\win2k\FSrec.sys [2006-10-24 16720] R3 F-Secure Network Request Broker;F-Secure Network Request Broker;c:\program\f-secure\common\FNRB32.exe [2006-10-24 110642] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-3-10 38224] S2 gupdate;Google Update Service (gupdate);c:\program\google\update\GoogleUpdate.exe [2009-9-26 133104] S3 AVFSFilter;AVFSFilter;c:\windows\system32\drivers\avfsfilter.sys --> c:\windows\system32\drivers\avfsfilter.sys [?] =============== Created Last 30 ================ 2010-03-10 20:46:00 0 d-----w- c:\docume~1\kalle\applic~1\Malwarebytes 2010-03-10 20:45:48 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-10 20:45:46 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-10 20:45:46 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-03-10 20:45:38 0 d-----w- c:\program\Malwarebytes' Anti-Malware 2010-03-10 18:03:03 0 d-----w- c:\program\Messenger 2010-03-10 18:02:52 0 d-----w- c:\windows\l2schemas 2010-03-10 18:02:51 0 d-----w- c:\windows\system32\sv 2010-03-10 18:02:51 0 d-----w- c:\windows\system32\bits 2010-03-10 18:00:35 0 d-----w- c:\windows\ServicePackFiles 2010-03-10 17:58:46 0 d-----w- c:\windows\network diagnostic 2010-03-10 17:55:49 0 d-----w- c:\windows\EHome 2010-03-10 17:47:45 73216 ------w- c:\windows\system32\drivers\atintuxx.sys 2010-03-10 17:29:33 0 d-----w- c:\windows\system32\PreInstall 2010-03-10 17:26:58 22752 ----a-w- c:\windows\system32\wucltui.dll.mui 2010-03-10 17:26:58 17624 ----a-w- c:\windows\system32\wuaueng.dll.mui 2010-03-10 17:26:58 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2010-03-10 17:26:57 15072 ----a-w- c:\windows\system32\wuapi.dll.mui 2010-03-10 17:26:57 0 d-----w- c:\windows\system32\SoftwareDistribution 2010-03-05 16:25:28 0 d-----w- c:\windows\SxsCaPendDel 2010-02-27 08:24:14 39424 ----a-w- c:\windows\system32\winfjt32.dll 2010-02-26 18:24:21 0 d-----w- c:\program\delade filer\Macrovision Shared 2010-02-26 18:23:53 45392 ----a-r- c:\windows\system32\AdobePDF.dll 2010-02-26 18:23:53 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll 2010-02-22 17:38:37 26 ----a-w- c:\windows\Zone.Identifier 2010-02-09 20:42:35 0 d-----w- c:\program\Lame for Audacity 2010-02-09 20:19:00 0 d-----w- c:\program\Audacity 1.3 Beta (Unicode) ==================== Find3M ==================== 2010-03-10 18:11:59 63494 ----a-w- c:\windows\system32\perfc01D.dat 2010-03-10 18:11:59 384758 ----a-w- c:\windows\system32\perfh01D.dat 2009-04-20 17:07:30 133573480 ----a-w- c:\program\wlsetup-all.exe 2008-11-25 17:47:42 68756776 ----a-w- c:\program\iTunesSetup.exe 2008-02-26 15:45:43 1216496 -c--a-w- c:\program\dnlsetup.exe 2006-11-24 13:24:23 3334480 -c--a-w- c:\program\FotolaboSE-OrderClient-SV.exe 2006-11-07 19:36:32 19666504 -c--a-w- c:\program\QuickTimeInstaller.exe 2004-11-15 13:15:48 1701098 -c--a-w- c:\program\winamp291_std.exe 2003-08-27 13:19:18 36963 -c--a-r- c:\program\delade filer\SM1updtr.dll 2001-10-22 10:09:16 1259960 -c--a-w- c:\program\winzip80.exe 2001-07-10 04:47:42 777728 ----a-w- c:\program\PHOTOED.EXE 1999-10-05 10:50:02 114688 -c--a-w- c:\program\CPsv050.exe 2006-10-24 18:38:42 1682 -csha-w- c:\windows\system32\KGyGaAvL.sys 2009-11-29 09:07:03 32768 --sha-w- c:\windows\temp\history\history.ie5\index.dat ============= FINISH: 17:49:21,51 ===============
-
http://www.virustotal.com/sv/analisis/1c5a74fc1f539d68d057896109da2270c14bd48f03c92f11032382e47f570839-1268324555
-
Fattar ni något av det här? Verkar som att vissa program har hittat trojaner. Resultat: 17/42 (40.48%) Antivirus Version Senaste Uppdatering Resultat a-squared 4.5.0.50 2010.03.11 Trojan.Win32.Nebuler!IK AhnLab-V3 5.0.0.2 2010.03.11 - AntiVir 8.2.1.180 2010.03.11 TR/Spy.Gen Antiy-AVL 2.0.3.7 2010.03.11 - Authentium 5.2.0.5 2010.03.11 - Avast 4.8.1351.0 2010.03.10 Win32:Nebuler-H Avast5 5.0.332.0 2010.03.10 Win32:Nebuler-H AVG 9.0.0.787 2010.03.11 Agent_r.NV BitDefender 7.2 2010.03.11 - CAT-QuickHeal 10.00 2010.03.11 - ClamAV 0.96.0.0-git 2010.03.11 - Comodo 4225 2010.03.11 - DrWeb 5.0.1.12222 2010.03.11 Trojan.Mssmsgs.origin eSafe 7.0.17.0 2010.03.11 - eTrust-Vet 35.2.7354 2010.03.11 - F-Prot 4.5.1.85 2010.03.11 - F-Secure 9.0.15370.0 2010.03.11 - Fortinet 4.0.14.0 2010.03.09 - GData 19 2010.03.11 Win32:Nebuler-H Ikarus T3.1.1.80.0 2010.03.11 Trojan.Win32.Nebuler Jiangmin 13.0.900 2010.03.11 - K7AntiVirus 7.10.995 2010.03.11 - Kaspersky 7.0.0.125 2010.03.11 - McAfee 5917 2010.03.11 Nebuler.dll McAfee+Artemis 5917 2010.03.11 Nebuler.dll McAfee-GW-Edition 6.8.5 2010.03.11 Heuristic.BehavesLike.Win32.Downloader.H Microsoft 1.5502 2010.03.11 Trojan:Win32/Nebuler.J NOD32 4935 2010.03.11 - Norman 6.04.08 2010.03.11 - nProtect 2009.1.8.0 2010.03.11 - Panda 10.0.2.2 2010.03.11 - PCTools 7.0.3.5 2010.03.11 - Prevx 3.0 2010.03.11 Medium Risk Malware Rising 22.38.03.04 2010.03.11 Trojan.Win32.Generic.51FA52DB Sophos 4.51.0 2010.03.11 Troj/Nebule-Gen Sunbelt 5824 2010.03.11 - Symantec 20091.2.0.41 2010.03.11 Suspicious.Insight TheHacker 6.5.2.0.230 2010.03.11 - TrendMicro 9.120.0.1004 2010.03.11 Mal_Neb-2 VBA32 3.12.12.2 2010.03.11 - ViRobot 2010.3.11.2222 2010.03.11 - VirusBuster 5.0.27.0 2010.03.11 -
-
Nu har jag installerat Malware och "kört" scanning 2 ggr. Båda gångerna stannade programmet vid 12 sekunder och hängde sig där och svarade inte. Nu ger jag upp för idag, återkommer i morron från jobbet. Gonatt!
-
Här kommer loggen från Hijack This. Får ni ut något som hjälper mig är det nästan dags för Nobelpris;) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:39, on 2010-03-10 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Program\F-Secure\Anti-Virus\fsgk32st.exe C:\Program\F-Secure\Anti-Virus\FSGK32.EXE C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program\F-Secure\Common\FSMA32.EXE C:\Program\F-Secure\Anti-Virus\fssm32.exe C:\Program\F-Secure\Common\FSMB32.EXE C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program\F-Secure\Common\FCH32.EXE C:\Program\Java\jre6\bin\jqs.exe C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program\F-Secure\Common\FAMEH32.EXE C:\Program\F-Secure\Anti-Virus\fsqh.exe C:\Program\F-Secure\Anti-Virus\fsrw.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program\F-Secure\Common\FNRB32.EXE C:\Program\F-Secure\Common\FIH32.EXE C:\Program\F-Secure\FWES\Program\fsdfwd.exe C:\WINDOWS\Explorer.EXE C:\Program\F-Secure\Common\FSM32.EXE C:\Program\Canon\MyPrinter\BJMyPrt.exe C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe C:\Program\Delade filer\Real\Update_OB\realsched.exe C:\Program\Java\jre6\bin\jusched.exe C:\WINDOWS\SM1BG.EXE C:\WINDOWS\stsystra.exe C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program\Delade filer\InstallShield\UpdateService\issch.exe C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Personal\bin\Personal.exe C:\Program\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe C:\Program\F-Secure\Anti-Virus\fsav32.exe C:\Program\F-Secure\ANTI-S~1\fsaw.exe C:\Program\F-Secure\FSGUI\fsguidll.exe C:\Program\Outlook Express\msimn.exe C:\Program\Messenger\msmsgs.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Windows Live\Toolbar\wltuser.exe C:\Program\Winamp\winampa.exe C:\Documents and Settings\Kalle\Lokala inställningar\Temporary Internet Files\Content.IE5\X7SKIPYL\HiJackThis[1].exe C:\Program\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.svenskafans.com/hockeyzon/lif/forum.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Bredbandsbolaget Servicecenter Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [bredbandsbolaget Servicecenter] "C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [MSKDetct] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iAAnotif] C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe O8 - Extra context menu item: &Block this popup - C:\Program\F-Secure\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/sv_SV/DjVuControl_sv_SV.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268241970421 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.se/aurigma/ImageUploader4.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O20 - AppInit_DLLs: acaptuser32.dll O20 - Winlogon Notify: winfjt32 - C:\WINDOWS\SYSTEM32\winfjt32.dll O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program\F-Secure\Common\FNRB32.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure\Common\FSMA32.EXE O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe (file missing) O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Kalle/LOKALA~1/Temp/msohtml1/01/clip_image002.jpg -- End of file - 12963 bytes
-
När det gäller mitt problem med att datorn inte vill stänga ner. Kom på en sak, när jag ska stänga datorn så stängs ju windows mm och sen skärmen. Innan skärmen blir svart så kommer det upp en ruta där det står "power saving mode". Datorn fortsätter "utan skärm" och fläkten ökar i varv! Alla program är ju stängda så varför ökar fläkten i varv?
-
Hej! Nej jag har inget tok i datorn förutom allt krångel:) Jag har försökt rensa bland program p.g.a. seg dator men Sonic Cineplayer skulle jag inte tagit bort trots att jag aldrig använt den medvetat, kanske i bakgrunden. Edit: såg att Du tipsade om mer, ska kolla det när jag kommer hem ikväll! Tack!
-
Hej! När jag ska öppna någon mapp som innehåller musik eller video vill datorn installera något som heter "Sonic Cinplayer Decoder Pack" Hur blir jag av med detta? När jag ska starta om eller stänga datorn så stängs skärmen och det kommer upp en ruta med "Power saving mode" eller liknande sen blir skärmen svart som den ska men datorn fortsätter att "lysa" och fläkten går och datorn stänger aldrig av sig. Vad gör man i det fallet? När jag ska öppna utforskaren så har jag plötsligt börjat få ett meddelande: Se bifogad bild. Hur blir man av med det? Vore jättetacksam för hjälp! Tack på förhand! Kalle
-
Hej alla!! Kan någon tala om varför min nya dator ändrar inställning på utseende från klassisk/lönn, som jag ställt in och vill ha, till XP standard vid start av datorn. Det händer nästan varje gång men ibland håller den inställningen. Vore mycket tacksam för hjälp!! MVH kava
