-
Innehållsantal
38 -
Gick med
-
Besökte senast
Inlägg postade av kava
-
-
Jag scannade med Hijack igen och nu verkar den vara borta men är den det när jag kollar i windows, testar nu.
EDIT: den är kvar i "System 32-mappen"
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:19, on 2010-03-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Canon\MyPrinter\BJMyPrt.exe
C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe
C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\SM1BG.EXE
C:\WINDOWS\stsystra.exe
C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program\F-Secure\Anti-Virus\fssm32.exe
C:\Program\F-Secure\Common\FSMA32.EXE
C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\Delade filer\InstallShield\UpdateService\issch.exe
C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program\Winamp\winampa.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Personal\bin\Personal.exe
C:\Documents and Settings\Kalle\Skrivbord\HiJackThis.exe
C:\Program\F-Secure\Common\FSLAUNCH.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.svenskafans.com/hockeyzon/lif/forum.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Bredbandsbolaget Servicecenter Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [bredbandsbolaget Servicecenter] "C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [MSKDetct] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [iAAnotif] C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe
O8 - Extra context menu item: &Block this popup - C:\Program\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/sv_SV/DjVuControl_sv_SV.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268241970421
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program\F-Secure\Common\FNRB32.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Kalle/LOKALA~1/Temp/msohtml1/01/clip_image002.jpg
--
End of file - 11832 bytes
-
Det går inte att ta bort filen!
"Åtkomst nekad"
Har startat om datorn en gång (den stänger sig inte själv) ska jag göra en ny DDS-logg ändå?
-
Här kommer filen "Attach" också!
-
DDS (Ver_09-12-01.01) - NTFSx86
Run by Kalle at 17:49:09,12 on 2010-03-11
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.2046.1250 [GMT 1:00]
AV: F-Secure Anti-Virus Client Security 6.01 *On-access scanning enabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: F-Secure Anti-Virus Client Security 6.01 *enabled* {D4747503-0346-49EB-9262-997542F79BF4}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program\F-Secure\Anti-Virus\fssm32.exe
C:\Program\F-Secure\Common\FSMA32.EXE
C:\Program\F-Secure\Common\FSMB32.EXE
C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\F-Secure\Common\FCH32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program\F-Secure\Common\FAMEH32.EXE
C:\Program\F-Secure\Anti-Virus\fsqh.exe
C:\Program\F-Secure\Anti-Virus\fsrw.exe
C:\Program\F-Secure\Common\FNRB32.EXE
C:\Program\F-Secure\FWES\Program\fsdfwd.exe
C:\Program\F-Secure\Common\FIH32.EXE
C:\Program\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program\F-Secure\Common\FSM32.EXE
C:\Program\Canon\MyPrinter\BJMyPrt.exe
C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe
C:\Program\F-Secure\ANTI-S~1\fsaw.exe
C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program\F-Secure\FSGUI\fsguidll.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\SM1BG.EXE
C:\WINDOWS\stsystra.exe
C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program\Delade filer\InstallShield\UpdateService\issch.exe
C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
C:\Program\Windows Live\Toolbar\wltuser.exe
C:\Program\Spotify\spotify.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\Kalle\Skrivbord\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.svenskafans.com/hockeyzon/lif/forum.asp
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Bredbandsbolaget Servicecenter Plugin: {db87cde1-ef9c-44eb-a42f-6d0b3c72c516} - c:\program\bredbandsbolaget\servicecenter\IEFixItNowPlugin.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [F-Secure TNB] "c:\program\f-secure\tnb\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [F-Secure Manager] "c:\program\f-secure\common\FSM32.EXE" /splash
mRun: [CanonSolutionMenu] c:\program\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program\canon\myprinter\BJMyPrt.exe /logon
mRun: [bredbandsbolaget Servicecenter] "c:\program\bredbandsbolaget\servicecenter\Bredbandsbolaget.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [TkBellExe] "c:\program\delade filer\real\update_ob\realsched.exe" -osboot
mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe"
mRun: [sM1BG] c:\windows\SM1BG.EXE
mRun: [sigmatelSysTrayApp] stsystra.exe
mRun: [RoxioDragToDisc] "c:\program\roxio\easy media creator 7\drag to disc\DrgToDsc.exe"
mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime
mRun: [NWEReboot]
mRun: [MSKDetectorExe] c:\program\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [MSKDetct] c:\program\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [iSUSScheduler] "c:\program\delade filer\installshield\updateservice\issch.exe" -start
mRun: [iSUSPM Startup] "c:\program\delade filer\installshield\updateservice\isuspm.exe" -startup
mRun: [iAAnotif] c:\program\intel\intel matrix storage manager\Iaanotif.exe
mRun: [WinampAgent] c:\program\winamp\winampa.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\f-secu~1.lnk - c:\program\f-secure\backweb\7681197\program\F-Secure Automatic Update.exe
IE: &Block this popup - c:\program\f-secure\anti-spyware\blockpopups.htm
IE: Append Link Target to Existing PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program\delade filer\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportera till Microsoft Excel - c:\program\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
IE: {300DB664-75B5-47c0-8B45-A44ACCF73C00} - {0928F506-07E8-470c-979D-147C296D4879} - c:\program\f-secure\anti-spyware\ieshield.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - h:\program\office11\REFIEBAR.DLL
LSP: c:\program\f-secure\fsps\program\FSLSP.DLL
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.lizardtech.com/download/files/win/djvuplugin/sv_SV/DjVuControl_sv_SV.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} - hxxp://www.tvlution.com/KooPlayer.ocx
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268241970421
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.postfoto.se/aurigma/ImageUploader4.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
Notify: winfjt32 - winfjt32.dll
AppInit_DLLs: acaptuser32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2006-10-24 70896]
R2 BackWeb Plug-in - 7681197;F-Secure Automatic Update;c:\program\f-secure\backweb\7681197\program\SERVIC~1.EXE [2006-10-24 32807]
R2 F-Secure Filter;F-Secure File System Filter;c:\program\f-secure\anti-virus\win2k\FSfilter.sys [2006-10-24 48816]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program\f-secure\anti-virus\fsgk32st.exe [2006-10-24 45056]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program\f-secure\anti-virus\win2k\fsgk.sys [2006-10-24 48256]
R2 F-Secure Recognizer;F-Secure File System Recognizer;c:\program\f-secure\anti-virus\win2k\FSrec.sys [2006-10-24 16720]
R3 F-Secure Network Request Broker;F-Secure Network Request Broker;c:\program\f-secure\common\FNRB32.exe [2006-10-24 110642]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-3-10 38224]
S2 gupdate;Google Update Service (gupdate);c:\program\google\update\GoogleUpdate.exe [2009-9-26 133104]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\drivers\avfsfilter.sys --> c:\windows\system32\drivers\avfsfilter.sys [?]
=============== Created Last 30 ================
2010-03-10 20:46:00 0 d-----w- c:\docume~1\kalle\applic~1\Malwarebytes
2010-03-10 20:45:48 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-10 20:45:46 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-10 20:45:46 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-03-10 20:45:38 0 d-----w- c:\program\Malwarebytes' Anti-Malware
2010-03-10 18:03:03 0 d-----w- c:\program\Messenger
2010-03-10 18:02:52 0 d-----w- c:\windows\l2schemas
2010-03-10 18:02:51 0 d-----w- c:\windows\system32\sv
2010-03-10 18:02:51 0 d-----w- c:\windows\system32\bits
2010-03-10 18:00:35 0 d-----w- c:\windows\ServicePackFiles
2010-03-10 17:58:46 0 d-----w- c:\windows\network diagnostic
2010-03-10 17:55:49 0 d-----w- c:\windows\EHome
2010-03-10 17:47:45 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2010-03-10 17:29:33 0 d-----w- c:\windows\system32\PreInstall
2010-03-10 17:26:58 22752 ----a-w- c:\windows\system32\wucltui.dll.mui
2010-03-10 17:26:58 17624 ----a-w- c:\windows\system32\wuaueng.dll.mui
2010-03-10 17:26:58 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2010-03-10 17:26:57 15072 ----a-w- c:\windows\system32\wuapi.dll.mui
2010-03-10 17:26:57 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-03-05 16:25:28 0 d-----w- c:\windows\SxsCaPendDel
2010-02-27 08:24:14 39424 ----a-w- c:\windows\system32\winfjt32.dll
2010-02-26 18:24:21 0 d-----w- c:\program\delade filer\Macrovision Shared
2010-02-26 18:23:53 45392 ----a-r- c:\windows\system32\AdobePDF.dll
2010-02-26 18:23:53 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-02-22 17:38:37 26 ----a-w- c:\windows\Zone.Identifier
2010-02-09 20:42:35 0 d-----w- c:\program\Lame for Audacity
2010-02-09 20:19:00 0 d-----w- c:\program\Audacity 1.3 Beta (Unicode)
==================== Find3M ====================
2010-03-10 18:11:59 63494 ----a-w- c:\windows\system32\perfc01D.dat
2010-03-10 18:11:59 384758 ----a-w- c:\windows\system32\perfh01D.dat
2009-04-20 17:07:30 133573480 ----a-w- c:\program\wlsetup-all.exe
2008-11-25 17:47:42 68756776 ----a-w- c:\program\iTunesSetup.exe
2008-02-26 15:45:43 1216496 -c--a-w- c:\program\dnlsetup.exe
2006-11-24 13:24:23 3334480 -c--a-w- c:\program\FotolaboSE-OrderClient-SV.exe
2006-11-07 19:36:32 19666504 -c--a-w- c:\program\QuickTimeInstaller.exe
2004-11-15 13:15:48 1701098 -c--a-w- c:\program\winamp291_std.exe
2003-08-27 13:19:18 36963 -c--a-r- c:\program\delade filer\SM1updtr.dll
2001-10-22 10:09:16 1259960 -c--a-w- c:\program\winzip80.exe
2001-07-10 04:47:42 777728 ----a-w- c:\program\PHOTOED.EXE
1999-10-05 10:50:02 114688 -c--a-w- c:\program\CPsv050.exe
2006-10-24 18:38:42 1682 -csha-w- c:\windows\system32\KGyGaAvL.sys
2009-11-29 09:07:03 32768 --sha-w- c:\windows\temp\history\history.ie5\index.dat
============= FINISH: 17:49:21,51 ===============
-
-
Fattar ni något av det här?
Verkar som att vissa program har hittat trojaner.
Resultat: 17/42 (40.48%)
Antivirus Version Senaste Uppdatering Resultat
a-squared 4.5.0.50 2010.03.11 Trojan.Win32.Nebuler!IK
AhnLab-V3 5.0.0.2 2010.03.11 -
AntiVir 8.2.1.180 2010.03.11 TR/Spy.Gen
Antiy-AVL 2.0.3.7 2010.03.11 -
Authentium 5.2.0.5 2010.03.11 -
Avast 4.8.1351.0 2010.03.10 Win32:Nebuler-H
Avast5 5.0.332.0 2010.03.10 Win32:Nebuler-H
AVG 9.0.0.787 2010.03.11 Agent_r.NV
BitDefender 7.2 2010.03.11 -
CAT-QuickHeal 10.00 2010.03.11 -
ClamAV 0.96.0.0-git 2010.03.11 -
Comodo 4225 2010.03.11 -
DrWeb 5.0.1.12222 2010.03.11 Trojan.Mssmsgs.origin
eSafe 7.0.17.0 2010.03.11 -
eTrust-Vet 35.2.7354 2010.03.11 -
F-Prot 4.5.1.85 2010.03.11 -
F-Secure 9.0.15370.0 2010.03.11 -
Fortinet 4.0.14.0 2010.03.09 -
GData 19 2010.03.11 Win32:Nebuler-H
Ikarus T3.1.1.80.0 2010.03.11 Trojan.Win32.Nebuler
Jiangmin 13.0.900 2010.03.11 -
K7AntiVirus 7.10.995 2010.03.11 -
Kaspersky 7.0.0.125 2010.03.11 -
McAfee 5917 2010.03.11 Nebuler.dll
McAfee+Artemis 5917 2010.03.11 Nebuler.dll
McAfee-GW-Edition 6.8.5 2010.03.11 Heuristic.BehavesLike.Win32.Downloader.H
Microsoft 1.5502 2010.03.11 Trojan:Win32/Nebuler.J
NOD32 4935 2010.03.11 -
Norman 6.04.08 2010.03.11 -
nProtect 2009.1.8.0 2010.03.11 -
Panda 10.0.2.2 2010.03.11 -
PCTools 7.0.3.5 2010.03.11 -
Prevx 3.0 2010.03.11 Medium Risk Malware
Rising 22.38.03.04 2010.03.11 Trojan.Win32.Generic.51FA52DB
Sophos 4.51.0 2010.03.11 Troj/Nebule-Gen
Sunbelt 5824 2010.03.11 -
Symantec 20091.2.0.41 2010.03.11 Suspicious.Insight
TheHacker 6.5.2.0.230 2010.03.11 -
TrendMicro 9.120.0.1004 2010.03.11 Mal_Neb-2
VBA32 3.12.12.2 2010.03.11 -
ViRobot 2010.3.11.2222 2010.03.11 -
VirusBuster 5.0.27.0 2010.03.11 -
-
Nu har jag installerat Malware och "kört" scanning 2 ggr. Båda gångerna stannade programmet vid 12 sekunder och hängde sig där och svarade inte.
Nu ger jag upp för idag, återkommer i morron från jobbet.
Gonatt!
-
Här kommer loggen från Hijack This.
Får ni ut något som hjälper mig är det nästan dags för Nobelpris;)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:39, on 2010-03-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program\F-Secure\Common\FSMA32.EXE
C:\Program\F-Secure\Anti-Virus\fssm32.exe
C:\Program\F-Secure\Common\FSMB32.EXE
C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program\F-Secure\Common\FCH32.EXE
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\F-Secure\Common\FAMEH32.EXE
C:\Program\F-Secure\Anti-Virus\fsqh.exe
C:\Program\F-Secure\Anti-Virus\fsrw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\F-Secure\Common\FNRB32.EXE
C:\Program\F-Secure\Common\FIH32.EXE
C:\Program\F-Secure\FWES\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\Program\F-Secure\Common\FSM32.EXE
C:\Program\Canon\MyPrinter\BJMyPrt.exe
C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe
C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\WINDOWS\SM1BG.EXE
C:\WINDOWS\stsystra.exe
C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program\Delade filer\InstallShield\UpdateService\issch.exe
C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
C:\Program\F-Secure\Anti-Virus\fsav32.exe
C:\Program\F-Secure\ANTI-S~1\fsaw.exe
C:\Program\F-Secure\FSGUI\fsguidll.exe
C:\Program\Outlook Express\msimn.exe
C:\Program\Messenger\msmsgs.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Windows Live\Toolbar\wltuser.exe
C:\Program\Winamp\winampa.exe
C:\Documents and Settings\Kalle\Lokala inställningar\Temporary Internet Files\Content.IE5\X7SKIPYL\HiJackThis[1].exe
C:\Program\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.svenskafans.com/hockeyzon/lif/forum.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5061017
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Bredbandsbolaget Servicecenter Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [bredbandsbolaget Servicecenter] "C:\Program\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [MSKDetct] C:\Program\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [iAAnotif] C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/sv_SV/DjVuControl_sv_SV.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268241970421
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: winfjt32 - C:\WINDOWS\SYSTEM32\winfjt32.dll
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program\F-Secure\Common\FNRB32.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Kalle/LOKALA~1/Temp/msohtml1/01/clip_image002.jpg
--
End of file - 12963 bytes
-
När det gäller mitt problem med att datorn inte vill stänga ner.
Kom på en sak, när jag ska stänga datorn så stängs ju windows mm och sen skärmen.
Innan skärmen blir svart så kommer det upp en ruta där det står "power saving mode".
Datorn fortsätter "utan skärm" och fläkten ökar i varv!
Alla program är ju stängda så varför ökar fläkten i varv?
-
Hej!
Nej jag har inget tok i datorn förutom allt krångel:)
Jag har försökt rensa bland program p.g.a. seg dator men Sonic Cineplayer skulle jag inte tagit bort trots att jag aldrig använt den medvetat, kanske i bakgrunden.
Edit: såg att Du tipsade om mer, ska kolla det när jag kommer hem ikväll!
Tack!
-
Hej!
När jag ska öppna någon mapp som innehåller musik eller video vill datorn installera något som heter "Sonic Cinplayer Decoder Pack"
Hur blir jag av med detta?
När jag ska starta om eller stänga datorn så stängs skärmen och det kommer upp en ruta med "Power saving mode" eller liknande sen blir skärmen svart som den ska men datorn fortsätter att "lysa" och fläkten går och datorn stänger aldrig av sig.
Vad gör man i det fallet?
När jag ska öppna utforskaren så har jag plötsligt börjat få ett meddelande: Se bifogad bild.
Hur blir man av med det?
Vore jättetacksam för hjälp!
Tack på förhand!
Kalle
-
Hej alla!!
Kan någon tala om varför min nya dator ändrar inställning på utseende från klassisk/lönn, som jag ställt in och vill ha, till XP standard vid start av datorn. Det händer nästan varje gång men ibland håller den inställningen.
Vore mycket tacksam för hjälp!!
MVH
kava
Frustrerande Sonic Cineplayer
i Windows XP
Postad
Resultatet:
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\SYSTEM32\winfjt32.dll" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.