Just nu i M3-nätverket
Gå till innehåll

karin_k1

Medlem
  • Antal inlägg

    9
  • Gick med

  • Senaste besök

  1. Hej Mats, Kanon! Tusen tack för all hjälp och att du tagit dig tid till att hjälpa mig. Och att det gick snabbt och smärtfritt:) Ha det nu riktigt bra. Med vänliga hälsningar Karin
  2. ...glömde bifoga denna... Attach.txt
  3. Hej Mats, Har återställt host. Här kommer den senaste DDS'en: DDS (Ver_10-12-12.02) - NTFSx86 Run by Karin at 9:08:34,89 on 2011-01-30 Internet Explorer: 8.0.6001.18999 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2814.1604 [GMT 8:00] SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\System32\svchost.exe -k Cognizance C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\ATK Hotkey\ASLDRSrv.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Windows\system32\agrsmsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\ATK Hotkey\Hcontrol.exe C:\Program Files\ATK Hotkey\MsgTranAgt.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\NLSSRV32.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\SafeRemoveDialog.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\NetWorx\networx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\ATK Hotkey\ATKOSD.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\System32\ACEngSvr.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\ATK Hotkey\KBFiltr.exe C:\Program Files\ATK Hotkey\WDC.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGGEG7KI\dds[1].scr C:\Windows\system32\conime.exe ============== Pseudo HJT Report =============== uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File TB: {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - No File TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\users\karin\appdata\roaming\micros~1\windows\startm~1\programs\startup\esetno~1.lnk - c:\program files\eset\eset nod32 antivirus\egui.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download by QGet - c:\program files\qnap\qget\QGetCatch.htm IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\users\karin\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: La&dda ner allt med BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: Ladda ner med &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: Ski&cka till OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: intervideo.com\www Trusted Zone: live.com\mail Trusted Zone: microsoft.com\update Trusted Zone: msn.com\se Trusted Zone: swedbank.se\www DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469 DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: APSHook.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Notification Packages = scecli ASWLNPkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" ============= SERVICES / DRIVERS =============== R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2008-10-15 15416] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-3-29 114984] R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2011-1-17 38976] R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504] R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504] R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-3-29 134024] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-3-29 810120] R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-3-29 96896] R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-21 67904] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032] R2 SafeRemove;AMD Safely Remove Disk Drive;c:\program files\amd\safely remove disk\SafeRemoveService.exe [2008-7-7 147456] R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2008-10-15 22072] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1c9ab11cd642580;Tjänsten Google Update (gupdate1c9ab11cd642580);c:\program files\google\update\GoogleUpdate.exe [2009-3-23 133104] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-10-15 29736] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] =============== Created Last 30 ================ 2011-01-29 15:57:53 14117728 ----a-w- c:\users\karin\appdata\roaming\microsoft\windows\templates\IS360Setup.exe 2011-01-29 15:26:06 -------- d-----w- c:\users\karin\appdata\local\{DE5DD84D-C171-4867-AC52-3D3E86F11B12} 2011-01-29 09:58:14 -------- d-----w- c:\program files\iPod 2011-01-29 09:58:12 -------- d-----w- c:\program files\iTunes 2011-01-29 08:01:44 388096 ----a-r- c:\users\karin\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2011-01-29 08:01:43 -------- d-----w- c:\program files\Trend Micro 2011-01-29 01:32:51 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-01-28 23:43:04 -------- d-----w- c:\users\karin\appdata\local\{70B49ADC-B278-498D-BBA9-CD82776DBD64} 2011-01-28 12:51:22 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d2df4f50-54e8-45b4-b026-f6b80b327cfd}\mpengine.dll 2011-01-28 12:38:04 -------- d-----w- c:\program files\RadarSync 2011-01-28 11:42:38 -------- d-----w- c:\users\karin\appdata\local\{9DBBD93B-73E3-4800-8C96-42316EEA3EAC} 2011-01-27 23:42:03 -------- d-----w- c:\users\karin\appdata\local\{CDF880BA-F70C-40AF-A17F-71CC72813773} 2011-01-27 13:01:20 -------- d-----w- c:\progra~2\Driver Whiz 2011-01-27 12:11:49 -------- d-----w- c:\users\karin\appdata\local\{1DBE10BF-4DD2-4201-AA0A-5FA98311A70D} 2011-01-27 00:11:22 -------- d-----w- c:\users\karin\appdata\local\{DFBC51CB-FF11-44E9-99F4-9521C4ECCD77} 2011-01-25 23:06:11 -------- d-----w- c:\users\karin\appdata\local\{19E7FBF1-D05F-43FA-BCBF-7578935F3AA7} 2011-01-25 10:28:32 -------- d-----w- c:\users\karin\appdata\local\{CB0656D0-E524-4C81-B245-D7AFCCC2D9B6} 2011-01-25 02:17:22 -------- d-----w- c:\program files\Microsoft Analysis Services 2011-01-24 22:28:04 -------- d-----w- c:\users\karin\appdata\local\{2A8F599A-3317-41D9-8A0F-8E97FECF33E4} 2011-01-24 10:56:39 -------- d-----w- c:\users\karin\appdata\local\{E473FA0F-3205-45D7-A811-D8548CC1939C} 2011-01-24 06:36:31 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2011-01-24 06:36:31 64512 ----a-w- c:\windows\system32\WUDFSvc.dll 2011-01-24 06:36:31 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2011-01-24 06:36:31 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2011-01-24 06:36:30 567808 ----a-w- c:\windows\system32\WUDFx.dll 2011-01-24 06:36:30 195584 ----a-w- c:\windows\system32\WUDFHost.exe 2011-01-24 06:36:30 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll 2011-01-23 22:56:12 -------- d-----w- c:\users\karin\appdata\local\{1AFF9F2B-7870-48AB-A677-4D77A5159EFD} 2011-01-23 10:17:24 -------- d-----w- c:\users\karin\appdata\local\{DE98C263-E26F-4099-8028-DB88385F81BC} 2011-01-22 22:00:13 -------- d-----w- c:\users\karin\appdata\local\{3320905D-ADF8-4C8E-88F9-22AFA80286CB} 2011-01-22 08:54:45 -------- d-----w- c:\users\karin\appdata\local\{C1A5321D-DA6F-46DD-9A98-132F25F4006B} 2011-01-20 06:56:31 -------- d-----w- c:\windows\sv 2011-01-20 06:43:45 15712 ----a-w- c:\program files\common files\windows live\.cache\62322be41cbb86d02\MeshBetaRemover.exe 2011-01-20 06:43:43 469256 ----a-w- c:\program files\common files\windows live\.cache\5eb1b7b41cbb86d01\InstallManager_WLE_WLE.exe 2011-01-17 05:43:47 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys 2011-01-17 05:43:45 -------- d-----w- c:\program files\NetWorx 2011-01-17 05:43:45 -------- d-----w- c:\progra~2\SoftPerfect 2011-01-17 00:35:30 -------- d-----w- c:\users\karin\appdata\local\cald3 2011-01-17 00:35:28 -------- d-----w- c:\users\karin\appdata\roaming\cald3 2011-01-17 00:29:20 -------- d-----w- c:\program files\IDM 2011-01-17 00:27:55 -------- d-----w- c:\program files\Cambridge 2011-01-12 12:33:42 413696 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 12:33:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 12:33:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll 2011-01-12 12:33:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 12:33:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 12:33:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-12 12:33:34 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-01-07 11:42:00 -------- d-----w- c:\progra~2\IObit ==================== Find3M ==================== 2011-01-29 15:29:37 5680 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-01-28 13:56:36 45056 ----a-w- c:\windows\system32\acovcnt.exe 2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-09 18:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-11-09 18:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll 2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2009-12-01 09:53:00 670072 ----a-w- c:\program files\autoruns.exe 2009-12-01 09:53:00 559992 ----a-w- c:\program files\autorunsc.exe ============= FINISH: 9:10:20,04 ===============
  4. Hej Mats, har gjort precis som du sagt, här kommer DDS'en DDS (Ver_10-12-12.02) - NTFSx86 Run by Karin at 0:39:02,05 on 2011-01-30 Internet Explorer: 8.0.6001.18999 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2814.1532 [GMT 8:00] SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\System32\svchost.exe -k Cognizance C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Program Files\ASUS\SmartLogon\smartlogon.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\ATK Hotkey\ASLDRSrv.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Windows\system32\agrsmsvc.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\ATK Hotkey\Hcontrol.exe C:\Program Files\ATK Hotkey\MsgTranAgt.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\NetWorx\networx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Windows\system32\NLSSRV32.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\SafeRemoveDialog.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\ACEngSvr.exe C:\Program Files\ATK Hotkey\ATKOSD.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\ATK Hotkey\KBFiltr.exe C:\Program Files\ATK Hotkey\WDC.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGGEG7KI\dds[1].scr C:\Windows\system32\conime.exe ============== Pseudo HJT Report =============== uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File TB: {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - No File TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\users\karin\appdata\roaming\micros~1\windows\startm~1\programs\startup\esetno~1.lnk - c:\program files\eset\eset nod32 antivirus\egui.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download by QGet - c:\program files\qnap\qget\QGetCatch.htm IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\users\karin\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: La&dda ner allt med BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: Ladda ner med &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: Ski&cka till OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: intervideo.com\www Trusted Zone: live.com\mail Trusted Zone: microsoft.com\update Trusted Zone: msn.com\se Trusted Zone: swedbank.se\www DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469 DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: APSHook.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Notification Packages = scecli ASWLNPkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2008-10-15 15416] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-3-29 114984] R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2011-1-17 38976] R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504] R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504] R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-3-29 134024] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-3-29 810120] R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-3-29 96896] R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-21 67904] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032] R2 SafeRemove;AMD Safely Remove Disk Drive;c:\program files\amd\safely remove disk\SafeRemoveService.exe [2008-7-7 147456] R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2008-10-15 22072] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1c9ab11cd642580;Tjänsten Google Update (gupdate1c9ab11cd642580);c:\program files\google\update\GoogleUpdate.exe [2009-3-23 133104] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-10-15 29736] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] =============== Created Last 30 ================ 2011-01-29 15:57:53 14117728 ----a-w- c:\users\karin\appdata\roaming\microsoft\windows\templates\IS360Setup.exe 2011-01-29 15:26:06 -------- d-----w- c:\users\karin\appdata\local\{DE5DD84D-C171-4867-AC52-3D3E86F11B12} 2011-01-29 09:58:14 -------- d-----w- c:\program files\iPod 2011-01-29 09:58:12 -------- d-----w- c:\program files\iTunes 2011-01-29 08:01:44 388096 ----a-r- c:\users\karin\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2011-01-29 08:01:43 -------- d-----w- c:\program files\Trend Micro 2011-01-29 01:32:51 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-01-28 23:43:04 -------- d-----w- c:\users\karin\appdata\local\{70B49ADC-B278-498D-BBA9-CD82776DBD64} 2011-01-28 12:51:22 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d2df4f50-54e8-45b4-b026-f6b80b327cfd}\mpengine.dll 2011-01-28 12:38:04 -------- d-----w- c:\program files\RadarSync 2011-01-28 11:42:38 -------- d-----w- c:\users\karin\appdata\local\{9DBBD93B-73E3-4800-8C96-42316EEA3EAC} 2011-01-27 23:42:03 -------- d-----w- c:\users\karin\appdata\local\{CDF880BA-F70C-40AF-A17F-71CC72813773} 2011-01-27 13:01:20 -------- d-----w- c:\progra~2\Driver Whiz 2011-01-27 12:11:49 -------- d-----w- c:\users\karin\appdata\local\{1DBE10BF-4DD2-4201-AA0A-5FA98311A70D} 2011-01-27 00:11:22 -------- d-----w- c:\users\karin\appdata\local\{DFBC51CB-FF11-44E9-99F4-9521C4ECCD77} 2011-01-25 23:06:11 -------- d-----w- c:\users\karin\appdata\local\{19E7FBF1-D05F-43FA-BCBF-7578935F3AA7} 2011-01-25 10:28:32 -------- d-----w- c:\users\karin\appdata\local\{CB0656D0-E524-4C81-B245-D7AFCCC2D9B6} 2011-01-25 02:17:22 -------- d-----w- c:\program files\Microsoft Analysis Services 2011-01-24 22:28:04 -------- d-----w- c:\users\karin\appdata\local\{2A8F599A-3317-41D9-8A0F-8E97FECF33E4} 2011-01-24 10:56:39 -------- d-----w- c:\users\karin\appdata\local\{E473FA0F-3205-45D7-A811-D8548CC1939C} 2011-01-24 06:36:31 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2011-01-24 06:36:31 64512 ----a-w- c:\windows\system32\WUDFSvc.dll 2011-01-24 06:36:31 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2011-01-24 06:36:31 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2011-01-24 06:36:30 567808 ----a-w- c:\windows\system32\WUDFx.dll 2011-01-24 06:36:30 195584 ----a-w- c:\windows\system32\WUDFHost.exe 2011-01-24 06:36:30 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll 2011-01-23 22:56:12 -------- d-----w- c:\users\karin\appdata\local\{1AFF9F2B-7870-48AB-A677-4D77A5159EFD} 2011-01-23 10:17:24 -------- d-----w- c:\users\karin\appdata\local\{DE98C263-E26F-4099-8028-DB88385F81BC} 2011-01-22 22:00:13 -------- d-----w- c:\users\karin\appdata\local\{3320905D-ADF8-4C8E-88F9-22AFA80286CB} 2011-01-22 08:54:45 -------- d-----w- c:\users\karin\appdata\local\{C1A5321D-DA6F-46DD-9A98-132F25F4006B} 2011-01-20 06:56:31 -------- d-----w- c:\windows\sv 2011-01-20 06:43:45 15712 ----a-w- c:\program files\common files\windows live\.cache\62322be41cbb86d02\MeshBetaRemover.exe 2011-01-20 06:43:43 469256 ----a-w- c:\program files\common files\windows live\.cache\5eb1b7b41cbb86d01\InstallManager_WLE_WLE.exe 2011-01-17 05:43:47 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys 2011-01-17 05:43:45 -------- d-----w- c:\program files\NetWorx 2011-01-17 05:43:45 -------- d-----w- c:\progra~2\SoftPerfect 2011-01-17 00:35:30 -------- d-----w- c:\users\karin\appdata\local\cald3 2011-01-17 00:35:28 -------- d-----w- c:\users\karin\appdata\roaming\cald3 2011-01-17 00:29:20 -------- d-----w- c:\program files\IDM 2011-01-17 00:27:55 -------- d-----w- c:\program files\Cambridge 2011-01-12 12:33:42 413696 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 12:33:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 12:33:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll 2011-01-12 12:33:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 12:33:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 12:33:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-12 12:33:34 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-01-07 11:42:00 -------- d-----w- c:\progra~2\IObit ==================== Find3M ==================== 2011-01-29 15:29:37 5680 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-01-28 13:56:36 45056 ----a-w- c:\windows\system32\acovcnt.exe 2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-09 18:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-11-09 18:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll 2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2009-12-01 09:53:00 670072 ----a-w- c:\program files\autoruns.exe 2009-12-01 09:53:00 559992 ----a-w- c:\program files\autorunsc.exe ============= FINISH: 0:41:17,95 =============== Attach.txt
  5. Och här kommer senaste loggen efter omstarten: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:12:25, on 2011-01-30 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\NetWorx\networx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O4 - Startup: ESET NOD32 Antivirus.lnk = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O8 - Extra context menu item: Download by QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Karin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: La&dda ner allt med BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Ladda ner med &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing) O15 - Trusted Zone: www.intervideo.com O15 - Trusted Zone: http://mail.live.com O15 - Trusted Zone: http://se.msn.com O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: APSHook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Tjänsten Google Update (gupdate1c9ab11cd642580) (gupdate1c9ab11cd642580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 12573 bytes
  6. Hej Mats Här kommer HijackThis loggen: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:02:51, on 2011-01-29 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\NetWorx\networx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O4 - Startup: ESET NOD32 Antivirus.lnk = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O8 - Extra context menu item: Download by QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Karin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: La&dda ner allt med BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Ladda ner med &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing) O15 - Trusted Zone: www.intervideo.com O15 - Trusted Zone: http://mail.live.com O15 - Trusted Zone: http://se.msn.com O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: APSHook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Tjänsten Google Update (gupdate1c9ab11cd642580) (gupdate1c9ab11cd642580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 12716 bytes
  7. DDS (Ver_10-12-12.02) - NTFSx86 Run by Karin at 8:13:46,70 on 2011-01-29 Internet Explorer: 8.0.6001.18999 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2814.1106 [GMT 8:00] SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\System32\svchost.exe -k Cognizance C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\ATK Hotkey\ASLDRSrv.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\NetWorx\networx.exe C:\Program Files\ATK Hotkey\Hcontrol.exe C:\Program Files\ATK Hotkey\MsgTranAgt.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Windows\System32\ACEngSvr.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Windows\system32\agrsmsvc.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\ATK Hotkey\ATKOSD.exe C:\Windows\system32\NLSSRV32.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\SafeRemoveDialog.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\ATK Hotkey\KBFiltr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\ATK Hotkey\WDC.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Companion\companionuser.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIGFVGGA\dds[1].scr C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uInternet Settings,ProxyOverride = *.local uURLSearchHooks: H - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File TB: {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - No File TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto StartupFolder: c:\users\karin\appdata\roaming\micros~1\windows\startm~1\programs\startup\esetno~1.lnk - c:\program files\eset\eset nod32 antivirus\egui.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download by QGet - c:\program files\qnap\qget\QGetCatch.htm IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\users\karin\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: La&dda ner allt med BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: Ladda ner med &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: Ski&cka till OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: intervideo.com\www Trusted Zone: live.com\mail Trusted Zone: microsoft.com\update Trusted Zone: msn.com\se Trusted Zone: swedbank.se\www DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469 DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: APSHook.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Notification Packages = scecli ASWLNPkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2008-10-15 15416] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-3-29 114984] R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-9 214024] R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2011-1-17 38976] R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504] R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504] R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-3-29 134024] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-3-29 810120] R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-3-29 96896] R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-21 67904] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032] R2 SafeRemove;AMD Safely Remove Disk Drive;c:\program files\amd\safely remove disk\SafeRemoveService.exe [2008-7-7 147456] R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2008-10-15 22072] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1c9ab11cd642580;Tjänsten Google Update (gupdate1c9ab11cd642580);c:\program files\google\update\GoogleUpdate.exe [2009-3-23 133104] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-10-15 29736] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-2-10 79880] S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-2-10 35272] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-2-10 34216] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-2-10 40552] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] =============== Created Last 30 ================ 2011-01-28 23:43:04 -------- d-----w- c:\users\karin\appdata\local\{70B49ADC-B278-498D-BBA9-CD82776DBD64} 2011-01-28 12:51:22 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d2df4f50-54e8-45b4-b026-f6b80b327cfd}\mpengine.dll 2011-01-28 12:38:04 -------- d-----w- c:\program files\RadarSync 2011-01-28 11:42:38 -------- d-----w- c:\users\karin\appdata\local\{9DBBD93B-73E3-4800-8C96-42316EEA3EAC} 2011-01-27 23:42:03 -------- d-----w- c:\users\karin\appdata\local\{CDF880BA-F70C-40AF-A17F-71CC72813773} 2011-01-27 13:01:20 -------- d-----w- c:\progra~2\Driver Whiz 2011-01-27 12:11:49 -------- d-----w- c:\users\karin\appdata\local\{1DBE10BF-4DD2-4201-AA0A-5FA98311A70D} 2011-01-27 00:11:22 -------- d-----w- c:\users\karin\appdata\local\{DFBC51CB-FF11-44E9-99F4-9521C4ECCD77} 2011-01-25 23:06:11 -------- d-----w- c:\users\karin\appdata\local\{19E7FBF1-D05F-43FA-BCBF-7578935F3AA7} 2011-01-25 10:28:32 -------- d-----w- c:\users\karin\appdata\local\{CB0656D0-E524-4C81-B245-D7AFCCC2D9B6} 2011-01-25 02:17:22 -------- d-----w- c:\program files\Microsoft Analysis Services 2011-01-24 22:28:04 -------- d-----w- c:\users\karin\appdata\local\{2A8F599A-3317-41D9-8A0F-8E97FECF33E4} 2011-01-24 10:56:39 -------- d-----w- c:\users\karin\appdata\local\{E473FA0F-3205-45D7-A811-D8548CC1939C} 2011-01-24 06:36:31 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2011-01-24 06:36:31 64512 ----a-w- c:\windows\system32\WUDFSvc.dll 2011-01-24 06:36:31 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2011-01-24 06:36:31 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2011-01-24 06:36:30 567808 ----a-w- c:\windows\system32\WUDFx.dll 2011-01-24 06:36:30 195584 ----a-w- c:\windows\system32\WUDFHost.exe 2011-01-24 06:36:30 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll 2011-01-23 22:56:12 -------- d-----w- c:\users\karin\appdata\local\{1AFF9F2B-7870-48AB-A677-4D77A5159EFD} 2011-01-23 10:17:24 -------- d-----w- c:\users\karin\appdata\local\{DE98C263-E26F-4099-8028-DB88385F81BC} 2011-01-22 22:00:13 -------- d-----w- c:\users\karin\appdata\local\{3320905D-ADF8-4C8E-88F9-22AFA80286CB} 2011-01-22 08:54:45 -------- d-----w- c:\users\karin\appdata\local\{C1A5321D-DA6F-46DD-9A98-132F25F4006B} 2011-01-20 06:56:31 -------- d-----w- c:\windows\sv 2011-01-20 06:43:45 15712 ----a-w- c:\program files\common files\windows live\.cache\62322be41cbb86d02\MeshBetaRemover.exe 2011-01-20 06:43:43 469256 ----a-w- c:\program files\common files\windows live\.cache\5eb1b7b41cbb86d01\InstallManager_WLE_WLE.exe 2011-01-17 05:43:47 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys 2011-01-17 05:43:45 -------- d-----w- c:\program files\NetWorx 2011-01-17 05:43:45 -------- d-----w- c:\progra~2\SoftPerfect 2011-01-17 00:35:30 -------- d-----w- c:\users\karin\appdata\local\cald3 2011-01-17 00:35:28 -------- d-----w- c:\users\karin\appdata\roaming\cald3 2011-01-17 00:29:20 -------- d-----w- c:\program files\IDM 2011-01-17 00:27:55 -------- d-----w- c:\program files\Cambridge 2011-01-12 12:33:42 413696 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 12:33:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 12:33:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll 2011-01-12 12:33:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 12:33:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 12:33:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-12 12:33:34 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-01-07 11:42:00 -------- d-----w- c:\progra~2\IObit ==================== Find3M ==================== 2011-01-28 13:56:36 45056 ----a-w- c:\windows\system32\acovcnt.exe 2011-01-28 00:21:41 5680 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-09 18:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-11-09 18:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll 2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2009-12-01 09:53:00 670072 ----a-w- c:\program files\autoruns.exe 2009-12-01 09:53:00 559992 ----a-w- c:\program files\autorunsc.exe ============= FINISH: 8:14:55,63 =============== Attach.txt
  8. HÄR KOMMER DEN!!! Logfile of Advanced SystemCare 3 Security Analyzer Scan saved at 08:02:00, on 2011-01-29 Platform: Windows Vista (WinNT 6.0) MSIE: Internet Explorer v8.0 (8.0.6001.18999) Boot mode: Normal Running processes: C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\NetWorx\networx.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Companion\companionuser.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Groove GFS Browser Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Groove GFS Browser Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Groove GFS Browser Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: URLRedirectionBHO - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: URLRedirectionBHO - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll O3 - Toolbar: (no name) - Locked - (no file) O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto O8 - Extra context menu item: Download by QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Karin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: La&dda ner allt med BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Ladda ner med &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - O9 - Extra button: Länkade anteckningar i OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res:\\C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll\206 O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_10) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: (Ati External Event Utility) - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Tjänsten Google Update (gupdate1c9ab11cd642580) (gupdate1c9ab11cd642580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE O23 - Service: NMIndexingService - Unknown - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe O23 - Service: AMD Safely Remove Disk Drive (SamSs) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe
  9. Har windows vista och kör regelbundet Advanced system care, funkar bra tycker jag, men den har en säkerhetslogg som visar en hel del poster med kommentaren: "Snälla notera att inte alla Poster är problem eller malware. det finnas kritiska inställningar i ditt system och Allmänna mål för malware. Innan du tar bort någon Post, var säker på att det är malware. Logg filen är 100% kompatibel med HijackThis logg så du kan spara loggen och skick den till någon kvalificerade online HijackThis logg analyser och HijackThis forums." å jag undrar om ngn är intresserad av att titta på denna logg och kan säga till vad jag kan ta bort därifrån:) mvh Karin
×
×
  • Skapa nytt...