Just nu i M3-nätverket
Gå till innehåll

DanV

Medlem
  • Antal inlägg

    20
  • Gick med

  • Senaste besök

Om DanV

  • Medlemstitel
    Användare

Profil

  • Ort
    Älvsjö
  1. Jag har Office 2003 nyinstallerad och har följande fel: Vid förhandsgranskning av dokumentet låser sig word och jag får felmeddelandet att Word svarar ej. Detsamma gäller för Excel som låser sig när jag stänger efter förhandsgranskning. Hade tidigare Office 2007 installerad men avinsallerade och "nedgraderade" till Office 2003 efter uppstartsproblem med word (word låste sig vid uppstart) Office 2003 fungerade utmärkt på min dator innan jag var dum och uppgraderade (och nedgraderade) Letat i MSKB men hittar inget som hjälper mig. Finns här någon som kan hjälpa? Danne
  2. Goddagens Jag följer alla steg i http://support.microsoft.com/kb/921541/sv men jag hittar inte raden: HKEY_CURRENT_USER\Software\Microsoft Office\12.0\Word\Addins i registret. Den finns inte. Kan det vara det som ställer till det? Hur löser jag det problemet? Tack för all hjälp.
  3. Hej, Försökte starta word i felsäkert läge men tyvärr.... Samma resultat. Har tidigare tömt mappen C:\Microsoft\Word\Autostart och det hjälpte inte. Danne
  4. Något har hänt med mitt word, troligtvis när jag stängde mitt i en uppstart av programet. Efter det så stoppar word när jag försöker starta och i aktivitetshanteraren står det "word svarar ej" Har försökt att avinstallera och installera igen, men får samma resultat vid start av programmet. De övriga officeprogrammen fungerar som de ska. Jag använder Windows XP / Office 2007. Danne
  5. Tack för hjälpen Som det verkar så funkar det... Jag förstår bara inte hur det helt plötsligt bara händer? Danne
  6. Goddagens När jag startar min laptop får jag följande meddelande: Spooler SubSystem App har stött på ett problem och måste avslutas. Jag har scannat av datorn med PC Tools spyware doctor Norman antivirus Spybot S&D och iget program ger något larm om trojaner eller annat elakt. Samtliga program hade senaste updat. Vad är det som har hänt? Danne
  7. OK, Tack för hjälpen för denna gång.
  8. Enligt McAfee C:\Smitfraud fix\smitRem\smitRem.exe, C:\Smitfraud fix\SDFix\SDFix.exe C:\Smitfraud fix\SmitfraudFix.zip Så ser det ut
  9. När min McAfee genomsökte min dator signalerade den att följande två "eventuellt oönskade program" hittades och när jag tittade på sökvägen till filerna så upptäkte jag att de var på något sätt kopplade till min tidigare resning av smitfraud trojanen som ni hjälpte mig med. De som hittades är: GenericPUP.q PrcViewer Vad göra?
  10. När Jag startade datorn idag så fick jag följande "Blue Screen" IRQL_NOT_LESS_OR_EQUAL Teknisk info *** STOP: 0x0000000A (0xCE9B1D08, 0x00000002, 0x80515662) Det enda jag (datorn) gjort är automatiskt installerat microsoft:s senaste säkerhetsuppgraderingar samt en automatisk java uppdatering. När jag startade i felsäkert läge och "bockade av" java alternativet som automatisk uppstart så fungerade datorn OK? Vad har hänt? Kan det vara java som "ställer till det" Danne
  11. Goddagens återigen Här kommer logfilen från SDFix Hoppas att allt är ok. Tack för all ovärdelig hjälp. Danne [log] SDFix: Version 1.81 Run by Administrat”r - 2007-05-08 - 11:41:49,26 Microsoft Windows XP [Version 5.1.2600] Running From: C:\SMITFR~1\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: No Trojan Files Found... Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program\\Dell\\MediaDirect\\PCMService.exe"="C:\\Program\\Dell\\MediaDirect\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program" "C:\\Program\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program\\MSN Messenger\\msnmsgr.exe"="C:\\Program\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program\\MSN Messenger\\msncall.exe"="C:\\Program\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program\\Messenger\\msmsgs.exe"="C:\\Program\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"="C:\\Program\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe:*:Enabled:DarkCrusade" "C:\\Program\\Dell Network Assistant\\ezi_hnm2.exe"="C:\\Program\\Dell Network Assistant\\ezi_hnm2.exe:*:Disabled:Home Networking Application" "C:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\\Program\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\\Program\\Delade filer\\McAfee\\MNA\\McNASvc.exe"="C:\\Program\\Delade filer\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program\\MSN Messenger\\msnmsgr.exe"="C:\\Program\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program\\MSN Messenger\\msncall.exe"="C:\\Program\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" Remaining Files: --------------- Checking For Files with Hidden Attributes: C:\Program\Autodesk\Autodesk DWF Viewer\_Setupx.dll C:\Program\Autodesk\Autodesk DWF Viewer\Setup.exe C:\Program\Messenger\msmsgs.exe C:\Program\Outlook Express\msimn.exe C:\i386\A78E263739.sys C:\i386\KGyGaAvL.sys C:\WINDOWS\system32\A78E263739.sys C:\WINDOWS\system32\KGyGaAvL.sys C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch2\lock.tmp C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch3\lock.tmp C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch4\lock.tmp C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\lock.tmp C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch6\lock.tmp C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp Finished [/log]
  12. Goddagens Först och främst vill Jag skicka ett stort tack för all hjälp med att lösa alla mina datorproblem. Tusen Tack! Jag har raderat mappen C:\WINDOWS\Web download Jag har även avinstalerat Dealio Är McAfee tillräckligt bra virusskydd? Jag har inte någon bra koll (understatement!) på vilket virusprogram som är bäst. Enligt de olika tillverkarna av virusprogram är just deras program bättre än alla andra. Jag använder spybot S&D samt en registrerad SpyWare Doctor. Är det tillräckligt? Jag har inte (medvetet) ställt in så att jag inte kan ändra i registren. Ska Jag ändra det? Datorn tycks vara "normal" nu och Jag bifogar 3 olika HijackThis -loggar Hälsningar: Danne [log]Logfile of HijackThis v1.99.1 Scan saved at 09:40:36, on 2007-05-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program\Intel\Wireless\Bin\EvtEng.exe C:\Program\Intel\Wireless\Bin\S24EvMon.exe C:\Program\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program\Dell Network Assistant\hnm_svc.exe C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe C:\Program\McAfee\MSC\mcmscsvc.exe c:\program\delade filer\mcafee\mna\mcnasvc.exe C:\Program\McAfee\VIRUSS~1\mcods.exe C:\Program\McAfee\MSC\mcpromgr.exe c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe C:\Program\McAfee\VIRUSS~1\mcshield.exe C:\Program\McAfee\VIRUSS~1\mcsysmon.exe C:\Program\McAfee\MPF\MPFSrv.exe C:\Program\McAfee\MPS\mps.exe C:\Program\McAfee\MSK\MskSrver.exe C:\Program\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\program\mcafee.com\agent\mcagent.exe C:\Program\McAfee\MPS\mpsevh.exe C:\WINDOWS\stsystra.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\Program\Dell\QuickSet\quickset.exe C:\Program\Intel\Wireless\bin\ZCfgSvc.exe C:\Program\Intel\Wireless\Bin\ifrmewrk.exe C:\Program\Dell\MediaDirect\PCMService.exe C:\Program\Microsoft Office\Office12\GrooveMonitor.exe C:\Program\McAfee\MSK\MskAgent.exe C:\Program\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\iid.exe C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program\PC Connectivity Solution\ServiceLayer.exe C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe C:\Program\Google\Google Desktop Search\GoogleDesktopDisplay.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\NetWaiting\netwaiting.exe C:\Program\Dell Support\DSAgnt.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\Delade filer\Teleca Shared\Generic.exe C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe c:\program\mcafee\msc\mcuimgr.exe C:\Smitfraud fix\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptcl.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar4.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar4.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Net iD] C:\WINDOWS\system32\iid.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ModemOnHold] C:\Program\NetWaiting\netwaiting.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab'>http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab'>http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\DELADE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program\Dell Network Assistant\hnm_svc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\swdsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program\Intel\Wireless\Bin\WLKeeper.exe [/log] [log]Logfile of HijackThis v1.99.1 Scan saved at 09:21:52, on 2007-05-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program\Intel\Wireless\Bin\EvtEng.exe C:\Program\Intel\Wireless\Bin\S24EvMon.exe C:\Program\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program\Dell Network Assistant\hnm_svc.exe C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe C:\Program\McAfee\MSC\mcmscsvc.exe c:\program\delade filer\mcafee\mna\mcnasvc.exe C:\Program\McAfee\VIRUSS~1\mcods.exe C:\Program\McAfee\MSC\mcpromgr.exe c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe C:\Program\McAfee\VIRUSS~1\mcshield.exe C:\Program\McAfee\VIRUSS~1\mcsysmon.exe C:\Program\McAfee\MPF\MPFSrv.exe C:\Program\McAfee\MPS\mps.exe C:\Program\McAfee\MSK\MskSrver.exe C:\Program\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\program\mcafee.com\agent\mcagent.exe C:\WINDOWS\stsystra.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\Program\Dell\QuickSet\quickset.exe C:\Program\Intel\Wireless\bin\ZCfgSvc.exe C:\Program\Intel\Wireless\Bin\ifrmewrk.exe C:\Program\Dell\MediaDirect\PCMService.exe C:\Program\Delade filer\Real\Update_OB\realsched.exe C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program\McAfee\MPS\mpsevh.exe C:\Program\Microsoft Office\Office12\GrooveMonitor.exe C:\Program\McAfee\MSK\MskAgent.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\system32\iid.exe C:\Program\PC Connectivity Solution\ServiceLayer.exe C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\MICROS~2\wcescomm.exe C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe C:\Program\MICROS~2\rapimgr.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe c:\program\mcafee\msc\mcuimgr.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Smitfraud fix\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/'>http://www.google.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121'>http://www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptcl.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar4.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar4.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Net iD] C:\WINDOWS\system32\iid.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\MICROS~2\wcescomm.exe" O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DWQueuedReporting] "C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe" -t O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Append to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Download all links using BitComet - res://C:\Program\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\DELADE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program\Dell Network Assistant\hnm_svc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\swdsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program\Intel\Wireless\Bin\WLKeeper.exe [/log] [log]Logfile of HijackThis v1.99.1 Scan saved at 09:31:31, on 2007-05-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program\Intel\Wireless\Bin\EvtEng.exe C:\Program\Intel\Wireless\Bin\S24EvMon.exe C:\Program\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program\Dell Network Assistant\hnm_svc.exe C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe C:\Program\McAfee\MSC\mcmscsvc.exe c:\program\delade filer\mcafee\mna\mcnasvc.exe C:\Program\McAfee\VIRUSS~1\mcods.exe C:\Program\McAfee\MSC\mcpromgr.exe c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe C:\Program\McAfee\VIRUSS~1\mcshield.exe C:\Program\McAfee\VIRUSS~1\mcsysmon.exe C:\Program\McAfee\MPF\MPFSrv.exe C:\Program\McAfee\MPS\mps.exe C:\Program\McAfee\MSK\MskSrver.exe C:\Program\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program\PC Connectivity Solution\ServiceLayer.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\program\mcafee.com\agent\mcagent.exe C:\Program\McAfee\MPS\mpsevh.exe C:\WINDOWS\stsystra.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\Program\Dell\QuickSet\quickset.exe C:\Program\Intel\Wireless\bin\ZCfgSvc.exe C:\Program\Intel\Wireless\Bin\ifrmewrk.exe C:\Program\Dell\MediaDirect\PCMService.exe C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program\Microsoft Office\Office12\GrooveMonitor.exe C:\Program\McAfee\MSK\MskAgent.exe C:\WINDOWS\system32\iid.exe C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Real\RealPlayer\RealPlay.exe C:\Program\Dell Support\DSAgnt.exe C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program\Microsoft ActiveSync\wcescomm.exe C:\Program\MICROS~2\rapimgr.exe C:\Program\Delade filer\Ahead\Lib\NMFirstStart.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\Delade filer\Teleca Shared\Generic.exe C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe c:\program\mcafee\msc\mcuimgr.exe C:\Smitfraud fix\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptcl.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar4.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar4.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Net iD] C:\WINDOWS\system32\iid.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O8 - Extra context menu item: &Google-sökning - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Översätt engelskt ord - res://C:\Program\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Bakåtlänkar - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download all links using BitComet - res://C:\Program\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Lagrad bild på sida - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Liknande sidor - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\DELADE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program\Dell Network Assistant\hnm_svc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\swdsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program\Intel\Wireless\Bin\WLKeeper.exe [/log]
  13. Hej igen Jag har AutoCAD i datorn, använder det ibland. Mappen C:\Explorer innehåller IE7 SP2 Mappen C:\WINDOWS\Web download innehåller 3 st jpg bilder samt 1st index.html fil Jag tror att Dealito Toolbar kom "på köpet" med IE7 SP2. Jag har avinstallerat den nu McAfee har inte uppdaterats sedan 2 månader tillbaka (dags att förnya licensen...) Här är de nya logfilerna [log]Deckard's System Scanner v20070426.43 Run by Danne on 2007-05-08 at 01:33:56 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Danne.exe) ----------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 01:34:05, on 2007-05-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program\Intel\Wireless\Bin\EvtEng.exe C:\Program\Intel\Wireless\Bin\S24EvMon.exe C:\Program\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program\Dell Network Assistant\hnm_svc.exe C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe C:\Program\McAfee\MSC\mcmscsvc.exe c:\program\delade filer\mcafee\mna\mcnasvc.exe C:\Program\McAfee\VIRUSS~1\mcods.exe C:\Program\McAfee\MSC\mcpromgr.exe c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe C:\Program\McAfee\VIRUSS~1\mcshield.exe C:\Program\McAfee\VIRUSS~1\mcsysmon.exe C:\Program\McAfee\MPF\MPFSrv.exe C:\Program\McAfee\MPS\mps.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program\McAfee\MSK\MskSrver.exe C:\WINDOWS\Explorer.EXE C:\Program\McAfee\MPS\mpsevh.exe C:\program\mcafee.com\agent\mcagent.exe C:\Program\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\stsystra.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\Program\Dell\QuickSet\quickset.exe C:\Program\Intel\Wireless\bin\ZCfgSvc.exe C:\Program\Intel\Wireless\Bin\ifrmewrk.exe C:\Program\Delade filer\InstallShield\UpdateService\issch.exe C:\Program\Dell\MediaDirect\PCMService.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program\Delade filer\Real\Update_OB\realsched.exe C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program\Microsoft Office\Office12\GrooveMonitor.exe C:\Program\McAfee\MSK\MskAgent.exe C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe C:\WINDOWS\system32\iid.exe C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\WINDOWS\system32\msiexec.exe C:\Program\PC Connectivity Solution\ServiceLayer.exe C:\Program\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\MICROS~2\wcescomm.exe C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\MICROS~2\rapimgr.exe C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe c:\program\mcafee\msc\mcuimgr.exe C:\Deckards\dss.exe C:\SMITFR~1\Danne.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptcl.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar4.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar4.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Net iD] C:\WINDOWS\system32\iid.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RegistrySmart] "C:\Program Files\RegistrySmart\RegistrySmart.exe" -boot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\MICROS~2\wcescomm.exe" O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DWQueuedReporting] "C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe" -t O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Append to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Download all links using BitComet - res://C:\Program\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\DELADE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program\Dell Network Assistant\hnm_svc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\swdsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program\Intel\Wireless\Bin\WLKeeper.exe -- Files created between 2007-04-08 and 2007-05-08 ----------------------------- 2007-05-08 01:31:21 0 d-------- C:\avenger 2007-05-07 16:12:23 0 d-------- C:\Deckards 2007-05-07 12:43:08 0 d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-05-07 11:17:51 0 d-------- C:\ewido antispyware 2007-05-06 11:34:22 3622 --a------ C:\WINDOWS\system32\tmp.reg 2007-05-06 11:34:22 616 --a------ C:\WINDOWS\system32\GetValue.vbs 2007-05-06 11:27:34 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2007-05-06 11:27:34 51200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-05-05 21:27:55 0 --a------ C:\WINDOWS\system32\ksl48.bin 2007-05-05 21:20:32 0 d-------- C:\!KillBox 2007-05-05 17:05:31 0 d-------- C:\WINDOWS\Content.IE5 2007-05-05 16:53:26 0 d-------- C:\Documents and Settings\Administratör\Application Data\RegistrySmart 2007-05-05 16:53:22 0 d-------- C:\Program\RegistrySmart 2007-05-05 14:57:31 0 d-------- C:\ATI 2007-05-05 14:26:09 0 d-------- C:\Registry Smart 2007-05-05 12:01:39 0 d-------- C:\Explorer 2007-05-05 09:44:17 0 d-------- C:\PC Tools 2007-05-04 14:02:34 0 d-------- C:\Documents and Settings\Administratör\Application Data\Google 2007-05-04 14:00:17 0 d-------- C:\Documents and Settings\Administratör\Application Data\Netscape 2007-05-04 14:00:17 0 d-------- C:\Documents and Settings\Administratör\Application Data\Mozilla 2007-05-04 14:00:15 0 d-------- C:\Documents and Settings\Administratör\cbt 2007-05-04 14:00:13 0 d-------- C:\Documents and Settings\Administratör\Application Data\Personal 2007-05-04 13:59:45 0 d-------- C:\Documents and Settings\Administratör\Application Data\iid 2007-05-04 10:49:16 0 d-------- C:\Documents and Settings\Administratör\Application Data\Windows Desktop Search 2007-05-04 10:47:59 6724 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-05-04 10:47:54 0 d-------- C:\Documents and Settings\Administratör\Application Data\CyberLink 2007-05-04 10:28:16 0 d-------- C:\Program\Spyware Doctor 2007-05-04 10:28:16 0 d-------- C:\Documents and Settings\Administratör\Application Data\PC Tools 2007-05-04 09:47:19 0 d-------- C:\Program\XoftSpySE 2007-05-03 14:31:47 0 d-------- C:\Smitfraud fix 2007-05-03 12:43:55 0 d-------- C:\Program\CONEXANT 2007-05-03 12:17:00 0 d-------- C:\Documents and Settings\Administratör\Application Data\Macromedia 2007-05-02 17:10:49 0 d-------- C:\WINDOWS\Web Download 2007-05-02 17:03:54 0 d-------- C:\Documents and Settings\Danne\Application Data\Ahead 2007-05-02 17:00:10 0 d-------- C:\Program\Nero 2007-05-02 17:00:10 0 d-------- C:\Program\Delade filer\Ahead 2007-05-02 17:00:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero 2007-05-02 12:52:04 0 d-------- C:\Program\Yahoo! 2007-05-02 10:38:34 0 d-------- C:\Documents and Settings\Danne\cbt 2007-05-02 10:38:33 0 d-------- C:\Documents and Settings\Danne\Application Data\Personal 2007-05-02 10:38:27 0 d-------- C:\Documents and Settings\Danne\Application Data\Netscape 2007-05-02 10:38:23 0 d-------- C:\Program\Personal 2007-05-02 10:36:20 0 d-------- C:\Nexus 2007-04-30 12:11:45 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-04-30 12:11:36 0 d-------- C:\Program\Delade filer\Macrovision Shared 2007-04-26 00:58:10 0 d-------- C:\Adobe 2007-04-25 10:06:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2007-04-23 20:34:45 0 d-------- C:\Documents and Settings\Elisabeth\Application Data\iid 2007-04-23 10:52:56 491520 --a------ C:\WINDOWS\system32\iidxadm.exe <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:56 102400 --a------ C:\WINDOWS\system32\iidplg.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 425984 --a------ C:\WINDOWS\system32\iidp11.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 139264 --a------ C:\WINDOWS\system32\iidcsp.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 663552 --a------ C:\WINDOWS\system32\iid.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 0 d-------- C:\Documents and Settings\Danne\Application Data\iid 2007-04-22 11:45:33 0 dr-h----- C:\Documents and Settings\Elisabeth\Recent 2007-04-17 20:57:27 0 d-------- C:\Documents and Settings\Administratör\Application Data\Adobe 2007-04-17 20:57:16 0 d-------- C:\Documents and Settings\Administratör\Application Data\Teleca 2007-04-17 20:57:06 0 d-------- C:\Documents and Settings\Administratör\Application Data\Sony Ericsson 2007-04-17 20:57:04 0 d-------- C:\Documents and Settings\Administratör\Application Data\Real 2007-04-17 20:56:13 0 d-------- C:\Documents and Settings\Administratör\Application Data\PC Suite 2007-04-17 00:20:55 0 d-------- C:\WINDOWS\pss 2007-04-10 17:14:02 198 --a------ C:\PSLOG -- Find3M Report --------------------------------------------------------------- 2007-05-08 01:17:15 0 d-------- C:\Program\Java 2007-05-07 12:37:55 0 d-------- C:\Program\Delade filer\System 2007-05-05 11:27:04 408214 --a------ C:\WINDOWS\system32\perfh01D.dat 2007-05-05 11:27:04 73704 --a------ C:\WINDOWS\system32\perfc01D.dat 2007-05-05 11:26:32 0 d-------- C:\Program\Windows NT 2007-05-02 17:00:10 0 d-------- C:\Program\Delade filer 2007-05-02 10:38:27 0 d-------- C:\Documents and Settings\Danne\Application Data\Mozilla 2007-04-30 12:11:49 0 d-------- C:\Program\Delade filer\Adobe 2007-04-30 12:11:49 0 d-------- C:\Documents and Settings\Danne\Application Data\Adobe 2007-04-26 01:38:30 0 d-------- C:\Documents and Settings\Danne\Application Data\Corel 2007-04-16 10:22:31 0 d-------- C:\Program\DivX 2007-03-27 09:55:57 524288 --a------ C:\WINDOWS\system32\DivXsm.exe <Not Verified; DivX Inc.; DivX Inc. divxsm> 2007-03-27 09:55:48 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-03-27 09:55:23 200704 --a------ C:\WINDOWS\system32\ssldivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/;'>http://www.openssl.org/; The OpenSSL Toolkit> 2007-03-27 09:55:23 1044480 --a------ C:\WINDOWS\system32\libdivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit> 2007-03-27 09:49:07 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2007-03-27 09:49:07 73728 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2007-03-27 09:49:05 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll <Not Verified; DivXNetworks; DivXNetworks dpuGUI10> 2007-03-27 09:49:03 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll <Not Verified; DivXNetworks; DivXNetworks dpuGUI11> 2007-03-27 09:49:02 57344 --a------ C:\WINDOWS\system32\dpv11.dll <Not Verified; DivXNetworks; DivXNetworks dpv11> 2007-03-27 09:49:02 344064 --a------ C:\WINDOWS\system32\dpus11.dll <Not Verified; DivXNetworks; DivXNetworks dpus11> 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu11.dll <Not Verified; DivXNetworks; DivXNetworks dpu11> 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu10.dll <Not Verified; DivXNetworks; DivXNetworks dpu11> 2007-03-27 09:48:59 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-03-27 09:48:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-03-27 09:48:58 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-03-27 09:48:58 639066 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-03-20 22:55:29 0 d-------- C:\Program\Hewlett-Packard 2007-03-20 17:03:05 0 d--h----- C:\Program\Zenographics 2007-03-14 02:10:58 0 d-------- C:\Program\Windows Media Connect 2 2007-03-08 18:52:22 0 d-------- C:\Documents and Settings\Danne\Application Data\Real -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} C:\Program\BitComet\tools\BitCometBHO.dll {53707962-6F74-2D53-2644-206D7942484F} C:\Program\Spybot - Search & Destroy\SDHelper.dll {5CA3D70E-1895-11CF-8E15-001234567890} C:\WINDOWS\system32\dla\tfswshx.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\Program\MICROS~3\Office12\GRA8E1~1.DLL {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program\Java\jre1.6.0_01\bin\ssv.dll {7DB2D5A0-7241-4E79-B68D-6309F01C5231} c:\program\mcafee\virusscan\scriptcl.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program\google\googletoolbar4.dll {CA6319C0-31B7-401E-A518-A07C3DB8F777} C:\Program\BAE\BAE.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SigmatelSysTrayApp"="stsystra.exe" "SynTPEnh"="C:\\Program\\Synaptics\\SynTP\\SynTPEnh.exe" "Dell QuickSet"="C:\\Program\\Dell\\QuickSet\\quickset.exe" "IntelZeroConfig"="\"C:\\Program\\Intel\\Wireless\\bin\\ZCfgSvc.exe\"" "IntelWireless"="\"C:\\Program\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless" "ISUSPM Startup"="C:\\Program\\DELADE~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup" "ISUSScheduler"="\"C:\\Program\\Delade filer\\InstallShield\\UpdateService\\issch.exe\" -start" "PCMService"="\"C:\\Program\\Dell\\MediaDirect\\PCMService.exe\"" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "TkBellExe"="\"C:\\Program\\Delade filer\\Real\\Update_OB\\realsched.exe\" -osboot" "Sony Ericsson PC Suite"="\"C:\\Program\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions" "PCSuiteTrayApplication"="C:\\Program\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup" "QuickTime Task"="\"C:\\Program\\QuickTime\\qttask.exe\" -atboottime" "GrooveMonitor"="\"C:\\Program\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "MskAgentexe"="C:\\Program\\McAfee\\MSK\\MskAgent.exe" "Google Desktop Search"="\"C:\\Program\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "Net iD"="C:\\WINDOWS\\system32\\iid.exe" "Acrobat Assistant 8.0"="\"C:\\Program\\Adobe\\Acrobat 8.0\\Acrobat\\Acrotray.exe\"" "NeroFilterCheck"="C:\\Program\\Delade filer\\Ahead\\Lib\\NeroCheck.exe" "RegistrySmart"="\"C:\\Program Files\\RegistrySmart\\RegistrySmart.exe\" -boot" "!AVG Anti-Spyware"="\"C:\\Program\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" "SunJavaUpdateSched"="\"C:\\Program\\Java\\jre1.6.0_01\\bin\\jusched.exe\"" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "H/PC Connection Agent"="\"C:\\Program\\MICROS~2\\wcescomm.exe\"" "swg"="C:\\Program\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program\\Delade filer\\Ahead\\Lib\\NMBgMonitor.exe\"" "DWQueuedReporting"="\"C:\\Program\\DELADE~1\\MICROS~1\\DW\\dwtrig20.exe\" -t" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "PcSync"="C:\\Program\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"=dword:00000000 "DisableRegistryTools"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktopChanges"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRun"=dword:00000000 "NoClose"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" "{56F9679E-7826-4C84-81F3-532071A8BCC5}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "appinit_dlls"="C:\Program\Google\GOOGLE~1\GOEC62~1.DLL" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 Usnsvc REG_MULTI_SZ usnsvc\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 -- End of Deckard's System Scanner: finished at 2007-05-08 at 01:34:41 --------- [/log] [log]Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\nqvbhobk ******************* Script file located at: \??\C:\WINDOWS\gpuyqwip.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Driver linksrvd unloaded successfully. File c:\windows\system32\linksrvd.sys deleted successfully. File C:\WINDOWS\system32\efccbxy.dll deleted successfully. Completed script processing. ******************* Finished! Terminate.[/log]
  14. Jag har inte märkt några problem med programstarter och liknande. här är Deckards två logfiler [log]Deckard's System Scanner v20070426.43 Run by Danne on 2007-05-07 at 16:15:52 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 87: 2007-05-07 14:16:01 UTC - RP158 - Deckard's System Scanner Restore Point 86: 2007-05-07 07:44:37 UTC - RP157 - Java SE Runtime Environment 6 Update 1 installerades 85: 2007-05-05 12:11:42 UTC - RP156 - ATI Catalyst Control Center togs bort 84: 2007-05-05 11:12:13 UTC - RP155 - Skrivardrivrutinen Send To Microsoft OneNote Driver installerad 83: 2007-05-05 10:48:57 UTC - RP154 - Software Distribution Service 2.0 -- First Restore Point -- 1: 2007-02-08 07:51:06 UTC - RP72 - Systemkontrollpunkt Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Danne.exe) ----------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 16:18:19, on 2007-05-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program\Intel\Wireless\Bin\EvtEng.exe C:\Program\Intel\Wireless\Bin\S24EvMon.exe C:\Program\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Dell Network Assistant\hnm_svc.exe C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe C:\Program\McAfee\MSC\mcmscsvc.exe c:\program\delade filer\mcafee\mna\mcnasvc.exe C:\Program\McAfee\VIRUSS~1\mcods.exe C:\Program\McAfee\MSC\mcpromgr.exe c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe C:\Program\McAfee\VIRUSS~1\mcshield.exe C:\Program\McAfee\VIRUSS~1\mcsysmon.exe C:\Program\McAfee\MPF\MPFSrv.exe C:\Program\McAfee\MPS\mps.exe C:\Program\McAfee\MSK\MskSrver.exe C:\Program\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\program\mcafee.com\agent\mcagent.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\Program\Dell\QuickSet\quickset.exe C:\Program\McAfee\MPS\mpsevh.exe C:\Program\Intel\Wireless\bin\ZCfgSvc.exe C:\Program\Intel\Wireless\Bin\ifrmewrk.exe C:\Program\Delade filer\InstallShield\UpdateService\issch.exe C:\Program\Dell\MediaDirect\PCMService.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program\Delade filer\Real\Update_OB\realsched.exe C:\Program\Microsoft Office\Office12\GrooveMonitor.exe C:\Program\McAfee\MSK\MskAgent.exe C:\WINDOWS\system32\iid.exe C:\Program\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\MICROS~2\wcescomm.exe C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe C:\Program\MICROS~2\rapimgr.exe C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe c:\program\mcafee\msc\mcuimgr.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\wscntfy.exe C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe C:\Program\BitComet\BitComet.exe C:\Deckards\dss.exe c:\program\mcafee\mpf\mc\mpfalert.exe C:\SMITFR~1\Danne.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=4061121 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program\Dealio\kb103\Dealio.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptcl.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar4.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar4.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program\Dealio\kb103\Dealio.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Net iD] C:\WINDOWS\system32\iid.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [au] C:\Program\Dealio\DealioAU.exe O4 - HKLM\..\Run: [RegistrySmart] "C:\Program Files\RegistrySmart\RegistrySmart.exe" -boot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\MICROS~2\wcescomm.exe" O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DWQueuedReporting] "C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe" -t O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Append to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program\Dealio\kb103\res\DealioSearch.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Download all links using BitComet - res://C:\Program\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program\Dealio\kb103\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\DELADE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program\Dell Network Assistant\hnm_svc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\swdsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program\Intel\Wireless\Bin\WLKeeper.exe -- HijackThis Fixed Entries (C:\SMITFR~1\backups\) ----------------------------- backup-20070506-103032-250 O4 - HKLM\..\Run: [win32ccp] C:\Documents and Settings\Elisabeth\win32ccp\win32ccp.exe backup-20070507-110508-959 O20 - Winlogon Notify: linksrv0 - linksrv0.dll (file missing) -- File Associations ----------------------------------------------------------- .scr - AutoCADLTScriptFile - shell\open\command - "C:\WINDOWS\notepad.exe" "%1" -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver> R1 linksrvd (MTdX main controller) - c:\windows\system32\linksrvd.sys R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver> R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.10.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.10.0> R2 Packet (Auto Internet Protocol) - c:\windows\system32\drivers\packet.sys <Not Verified; SingleClick Systems; Auto IP Protocol Driver> R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver> S3 DSproct - c:\program\dell support\gtaction\triggers\dsproct.sys <Not Verified; GTek Technologies Ltd.; processt> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service> R2 WLANKEEPER (Intel® PROSet/Wireless SSO Service) - c:\program\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSO Service> R3 FLEXnet Licensing Service - "c:\program\delade filer\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> R3 ServiceLayer - "c:\program\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution> S3 NBService - c:\program\nero\nero 7\nero backitup\nbservice.exe -- Scheduled Tasks ------------------------------------------------------------- 2007-05-07 11:08:13 424 --a------ C:\WINDOWS\Tasks\XoftSpySE 2.job 2007-05-05 17:14:55 402 --a------ C:\WINDOWS\Tasks\XoftSpySE.job 2007-05-05 17:00:02 418 --a------ C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job 2007-04-10 09:16:02 272 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2007-02-22 23:38:19 344 --a------ C:\WINDOWS\Tasks\McDefragTask.job 2007-02-22 23:38:18 328 --a------ C:\WINDOWS\Tasks\McQcTask.job -- Files created between 2007-04-07 and 2007-05-07 ----------------------------- 2007-05-07 16:12:23 0 d-------- C:\Deckards 2007-05-07 12:43:08 0 d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-05-07 12:43:05 0 d-------- C:\WINDOWS\LastGood 2007-05-07 11:17:51 0 d-------- C:\ewido antispyware 2007-05-06 11:34:22 3622 --a------ C:\WINDOWS\system32\tmp.reg 2007-05-06 11:34:22 616 --a------ C:\WINDOWS\system32\GetValue.vbs 2007-05-06 11:27:34 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2007-05-06 11:27:34 51200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-05-05 21:27:55 0 --a------ C:\WINDOWS\system32\ksl48.bin 2007-05-05 21:20:32 0 d-------- C:\!KillBox 2007-05-05 17:05:31 0 d-------- C:\WINDOWS\Content.IE5 2007-05-05 16:53:26 0 d-------- C:\Documents and Settings\Administratör\Application Data\RegistrySmart 2007-05-05 16:53:22 0 d-------- C:\Program\RegistrySmart 2007-05-05 14:57:31 0 d-------- C:\ATI 2007-05-05 14:26:09 0 d-------- C:\Registry Smart 2007-05-05 12:01:39 0 d-------- C:\Explorer 2007-05-05 09:44:17 0 d-------- C:\PC Tools 2007-05-04 14:02:34 0 d-------- C:\Documents and Settings\Administratör\Application Data\Google 2007-05-04 14:00:17 0 d-------- C:\Documents and Settings\Administratör\Application Data\Netscape 2007-05-04 14:00:17 0 d-------- C:\Documents and Settings\Administratör\Application Data\Mozilla 2007-05-04 14:00:15 0 d-------- C:\Documents and Settings\Administratör\cbt 2007-05-04 14:00:13 0 d-------- C:\Documents and Settings\Administratör\Application Data\Personal 2007-05-04 13:59:45 0 d-------- C:\Documents and Settings\Administratör\Application Data\iid 2007-05-04 10:49:16 0 d-------- C:\Documents and Settings\Administratör\Application Data\Windows Desktop Search 2007-05-04 10:47:59 6724 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-05-04 10:47:54 0 d-------- C:\Documents and Settings\Administratör\Application Data\CyberLink 2007-05-04 10:28:16 0 d-------- C:\Program\Spyware Doctor 2007-05-04 10:28:16 0 d-------- C:\Documents and Settings\Administratör\Application Data\PC Tools 2007-05-04 09:47:19 0 d-------- C:\Program\XoftSpySE 2007-05-03 14:31:47 0 d-------- C:\Smitfraud fix 2007-05-03 12:43:55 0 d-------- C:\Program\CONEXANT 2007-05-03 12:17:00 0 d-------- C:\Documents and Settings\Administratör\Application Data\Macromedia 2007-05-02 17:14:06 0 d-------- C:\Program\Dealio 2007-05-02 17:12:43 7456 --a------ C:\WINDOWS\system32\linksrvd.sys 2007-05-02 17:11:45 22541 ---hs---- C:\WINDOWS\system32\efccbxy.dll 2007-05-02 17:10:49 0 d-------- C:\WINDOWS\Web Download 2007-05-02 17:03:54 0 d-------- C:\Documents and Settings\Danne\Application Data\Ahead 2007-05-02 17:00:10 0 d-------- C:\Program\Nero 2007-05-02 17:00:10 0 d-------- C:\Program\Delade filer\Ahead 2007-05-02 17:00:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero 2007-05-02 12:52:04 0 d-------- C:\Program\Yahoo! 2007-05-02 10:38:34 0 d-------- C:\Documents and Settings\Danne\cbt 2007-05-02 10:38:33 0 d-------- C:\Documents and Settings\Danne\Application Data\Personal 2007-05-02 10:38:27 0 d-------- C:\Documents and Settings\Danne\Application Data\Netscape 2007-05-02 10:38:23 0 d-------- C:\Program\Personal 2007-05-02 10:36:20 0 d-------- C:\Nexus 2007-04-30 12:11:45 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-04-30 12:11:36 0 d-------- C:\Program\Delade filer\Macrovision Shared 2007-04-26 00:58:10 0 d-------- C:\Adobe 2007-04-25 10:06:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2007-04-23 20:34:45 0 d-------- C:\Documents and Settings\Elisabeth\Application Data\iid 2007-04-23 10:52:56 491520 --a------ C:\WINDOWS\system32\iidxadm.exe <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:56 102400 --a------ C:\WINDOWS\system32\iidplg.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 425984 --a------ C:\WINDOWS\system32\iidp11.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 139264 --a------ C:\WINDOWS\system32\iidcsp.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 663552 --a------ C:\WINDOWS\system32\iid.dll <Not Verified; NetMaker Consulting Group AB; Net iD> 2007-04-23 10:52:55 0 d-------- C:\Documents and Settings\Danne\Application Data\iid 2007-04-22 11:45:33 0 dr-h----- C:\Documents and Settings\Elisabeth\Recent 2007-04-17 20:57:27 0 d-------- C:\Documents and Settings\Administratör\Application Data\Adobe 2007-04-17 20:57:16 0 d-------- C:\Documents and Settings\Administratör\Application Data\Teleca 2007-04-17 20:57:06 0 d-------- C:\Documents and Settings\Administratör\Application Data\Sony Ericsson 2007-04-17 20:57:04 0 d-------- C:\Documents and Settings\Administratör\Application Data\Real 2007-04-17 20:56:13 0 d-------- C:\Documents and Settings\Administratör\Application Data\PC Suite 2007-04-17 00:20:55 0 d-------- C:\WINDOWS\pss 2007-04-10 17:14:02 198 --a------ C:\PSLOG -- Find3M Report --------------------------------------------------------------- 2007-05-07 12:37:55 0 d-------- C:\Program\Delade filer\System 2007-05-07 09:46:09 0 d-------- C:\Program\Java 2007-05-05 11:27:04 408214 --a------ C:\WINDOWS\system32\perfh01D.dat 2007-05-05 11:27:04 73704 --a------ C:\WINDOWS\system32\perfc01D.dat 2007-05-05 11:26:32 0 d-------- C:\Program\Windows NT 2007-05-02 17:00:10 0 d-------- C:\Program\Delade filer 2007-05-02 10:38:27 0 d-------- C:\Documents and Settings\Danne\Application Data\Mozilla 2007-04-30 12:11:49 0 d-------- C:\Program\Delade filer\Adobe 2007-04-30 12:11:49 0 d-------- C:\Documents and Settings\Danne\Application Data\Adobe 2007-04-26 01:38:30 0 d-------- C:\Documents and Settings\Danne\Application Data\Corel 2007-04-16 10:22:31 0 d-------- C:\Program\DivX 2007-03-27 09:55:57 524288 --a------ C:\WINDOWS\system32\DivXsm.exe <Not Verified; DivX Inc.; DivX Inc. divxsm> 2007-03-27 09:55:48 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-03-27 09:55:23 200704 --a------ C:\WINDOWS\system32\ssldivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/;'>http://www.openssl.org/; The OpenSSL Toolkit> 2007-03-27 09:55:23 1044480 --a------ C:\WINDOWS\system32\libdivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit> 2007-03-27 09:49:07 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2007-03-27 09:49:07 73728 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2007-03-27 09:49:05 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll <Not Verified; DivXNetworks; DivXNetworks dpuGUI10> 2007-03-27 09:49:03 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll <Not Verified; DivXNetworks; DivXNetworks dpuGUI11> 2007-03-27 09:49:02 57344 --a------ C:\WINDOWS\system32\dpv11.dll <Not Verified; DivXNetworks; DivXNetworks dpv11> 2007-03-27 09:49:02 344064 --a------ C:\WINDOWS\system32\dpus11.dll <Not Verified; DivXNetworks; DivXNetworks dpus11> 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu11.dll <Not Verified; DivXNetworks; DivXNetworks dpu11> 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu10.dll <Not Verified; DivXNetworks; DivXNetworks dpu11> 2007-03-27 09:48:59 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-03-27 09:48:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-03-27 09:48:58 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-03-27 09:48:58 639066 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-03-20 22:55:29 0 d-------- C:\Program\Hewlett-Packard 2007-03-20 17:03:05 0 d--h----- C:\Program\Zenographics 2007-03-14 02:10:58 0 d-------- C:\Program\Windows Media Connect 2 2007-03-08 18:52:22 0 d-------- C:\Documents and Settings\Danne\Application Data\Real -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} C:\Program\BitComet\tools\BitCometBHO.dll {53707962-6F74-2D53-2644-206D7942484F} C:\Program\Spybot - Search & Destroy\SDHelper.dll {5CA3D70E-1895-11CF-8E15-001234567890} C:\WINDOWS\system32\dla\tfswshx.dll {6A87B991-A31F-4130-AE72-6D0C294BF082} C:\Program\Dealio\kb103\Dealio.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\Program\MICROS~3\Office12\GRA8E1~1.DLL {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program\Java\jre1.6.0_01\bin\ssv.dll {7DB2D5A0-7241-4E79-B68D-6309F01C5231} c:\program\mcafee\virusscan\scriptcl.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program\google\googletoolbar4.dll {CA6319C0-31B7-401E-A518-A07C3DB8F777} C:\Program\BAE\BAE.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="\"C:\\Program\\Java\\jre1.6.0_01\\bin\\jusched.exe\"" "SigmatelSysTrayApp"="stsystra.exe" "SynTPEnh"="C:\\Program\\Synaptics\\SynTP\\SynTPEnh.exe" "Dell QuickSet"="C:\\Program\\Dell\\QuickSet\\quickset.exe" "IntelZeroConfig"="\"C:\\Program\\Intel\\Wireless\\bin\\ZCfgSvc.exe\"" "IntelWireless"="\"C:\\Program\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless" "ISUSPM Startup"="C:\\Program\\DELADE~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup" "ISUSScheduler"="\"C:\\Program\\Delade filer\\InstallShield\\UpdateService\\issch.exe\" -start" "PCMService"="\"C:\\Program\\Dell\\MediaDirect\\PCMService.exe\"" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "TkBellExe"="\"C:\\Program\\Delade filer\\Real\\Update_OB\\realsched.exe\" -osboot" "Sony Ericsson PC Suite"="\"C:\\Program\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions" "PCSuiteTrayApplication"="C:\\Program\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup" "QuickTime Task"="\"C:\\Program\\QuickTime\\qttask.exe\" -atboottime" "GrooveMonitor"="\"C:\\Program\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "MskAgentexe"="C:\\Program\\McAfee\\MSK\\MskAgent.exe" "Google Desktop Search"="\"C:\\Program\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "Net iD"="C:\\WINDOWS\\system32\\iid.exe" "Acrobat Assistant 8.0"="\"C:\\Program\\Adobe\\Acrobat 8.0\\Acrobat\\Acrotray.exe\"" "NeroFilterCheck"="C:\\Program\\Delade filer\\Ahead\\Lib\\NeroCheck.exe" "au"="C:\\Program\\Dealio\\DealioAU.exe" "RegistrySmart"="\"C:\\Program Files\\RegistrySmart\\RegistrySmart.exe\" -boot" "!AVG Anti-Spyware"="\"C:\\Program\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "H/PC Connection Agent"="\"C:\\Program\\MICROS~2\\wcescomm.exe\"" "swg"="C:\\Program\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program\\Delade filer\\Ahead\\Lib\\NMBgMonitor.exe\"" "DWQueuedReporting"="\"C:\\Program\\DELADE~1\\MICROS~1\\DW\\dwtrig20.exe\" -t" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "PcSync"="C:\\Program\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"=dword:00000000 "DisableRegistryTools"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktopChanges"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRun"=dword:00000000 "NoClose"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" "{56F9679E-7826-4C84-81F3-532071A8BCC5}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "appinit_dlls"="C:\Program\Google\GOOGLE~1\GOEC62~1.DLL" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 Usnsvc REG_MULTI_SZ usnsvc\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_DRIVER *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_GUARD -- End of Deckard's System Scanner: finished at 2007-05-07 at 16:19:27 --------- [/log] [log]Deckard's System Scanner v20070426.43 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: Swedish CPU 0: Intel® Core2 CPU T5600 @ 1.83GHz CPU 1: Intel® Core2 CPU T5600 @ 1.83GHz Percentage of Memory in Use: 58% Physical Memory (total/avail): 1022.37 MiB / 426.95 MiB Pagefile Memory (total/avail): 2460.36 MiB / 1759.99 MiB Virtual Memory (total/avail): 2047.88 MiB / 1960.32 MiB C: is Fixed (NTFS) - 106.7 GiB total, 64.23 GiB free. D: is CDROM (No Media) -- Security Center ------------------------------------------------------------- AUOptions is set to notify before download. Windows Internal Firewall is disabled. FirstRunDisabled is set. FW: McAfee Personal Firewall v (McAfee) AV: McAfee VirusScan v (McAfee) Outdated -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Danne\Application Data CommonProgramFiles=C:\Program\Delade filer COMPUTERNAME=D3CXSL2J ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Danne LOGONSERVER=\\D3CXSL2J NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Program\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program\Delade filer\Autodesk Shared\;C:\Program\Delade filer\Teleca Shared;C:\Program\QuickTime\QTSystemPATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramFiles=C:\Program PROMPT=$P$G SESSIONNAME=Console SonicCentral=C:\Program\Delade filer\Sonic Shared\Sonic CentralSystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Danne\LOKALA~1\Temp TMP=C:\DOCUME~1\Danne\LOKALA~1\Temp USERDOMAIN=D3CXSL2J USERNAME=Danne USERPROFILE=C:\Documents and Settings\Danne windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Danne (admin) Elisabeth (admin) Administratör (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Program\Delade filer\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program\DivX\ConverterUninstall.exe /CONVERTER --> C:\Program\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 8 Professional - English, Français, Deutsch --> msiexec /I {AC76BA86-1033-F400-7760-000000000003} Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 7.0.8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002} Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D} ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean AutoCAD LT 2005 - English --> MsiExec.exe /I{5783F2D7-0309-0409-0002-0060B0CE6BBA} Autodesk DWF Viewer --> C:\Program\Autodesk\AUTODE~1\Setup.exe /remove AVG Anti-Spyware 7.5 --> C:\Program\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe AXIS Media Control Embedded --> rundll32 "C:\Program\Axis Communications\AXIS Media Control Embedded\AxisMediaControlEmb.dll",UninstallMe BitComet 0.79 --> C:\Program\BitComet\uninst.exe Broadcom Management Programs --> MsiExec.exe /I{26E1BFB0-E87E-4696-9F89-B467F01F81E5} Conexant HDA D110 MDC V.92 Modem --> C:\Program\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf Dawn of War - Dark Crusade --> C:\Program\InstallShield Installation Information\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}\setup.exe -runfromtemp -l0x0009 -removeonly Dealio Toolbar --> MsiExec.exe /X{AD45E492-5AA6-456C-8F01-FA9061039AF7} Dell Network Assistant --> MsiExec.exe /I{0240BDFB-2995-4A3F-8C96-18D41282B716} Dell Support 3.2.1 --> MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413} Digital Line Detect --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x1d ControlPanel DivX Codec --> C:\Program\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program\DivX\ConverterUninstall.exe /CONVERTER DivX Player --> C:\Program\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program\DivX\DivXWebPlayerUninstall.exe /PLUGIN Google Desktop --> C:\Program\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program\google\googletoolbar4.dll" High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 1.99.1 --> C:\Smitfraud fix\HijackThis.exe /uninstall Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP OrderReminder --> C:\Program\Hewlett-Packard\OrderReminder\uninstall\hpuninstaller.exe hp_LaserJet_1018 J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe LaserJet 1018 --> C:\Program\Zenographics\{1B5D20C1-A859-4B71-A582-B95C14A25ADD}\Setup.exe -u "HPLJInstaller.dll=Hplj1018.inf" McAfee Avinstallation --> C:\Program\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\program\mcafee.com\agent\uninst\comrem.dll::uninstall.htm McAfee SecurityCenter --> C:\Program\McAfee\MSC\mcuninst.exe mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779} MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120} mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49} MediaDirect --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x9 -cluninstall mHlpDell --> MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B} Microsoft ActiveSync 4.0 --> MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E} Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Access MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-0015-041D-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program\Delade filer\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-0016-041D-0000-0000000FF1CE} Microsoft Office Groove MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-00BA-041D-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-0044-041D-0000-0000000FF1CE} Microsoft Office OneNote MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-00A1-041D-0000-0000000FF1CE} Microsoft Office Outlook MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-001A-041D-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-0018-041D-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (Finnish) 2007 --> MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Swedish) 2007 --> MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE} Microsoft Office Proofing (Swedish) 2007 --> MsiExec.exe /X{90120000-002C-041D-0000-0000000FF1CE} Microsoft Office Publisher MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-0019-041D-0000-0000000FF1CE} Microsoft Office Shared MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-006E-041D-0000-0000000FF1CE} Microsoft Office Word MUI (Swedish) 2007 --> MsiExec.exe /X{90120000-001B-041D-0000-0000000FF1CE} Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe" mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F} mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Modem Helper --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x1d ControlPanel mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9} mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} mSSO --> MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB} mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} mWMI --> MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA} mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401} mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023} Nero 7 --> MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1053} neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Net iD 4.4 --> C:\WINDOWS\system32\iid.exe -uninstall NetWaiting --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x1d ControlPanel Nokia Connectivity Cable Driver --> MsiExec.exe /X{0FF1922C-B6C4-40BB-AF30-BEF75A482444} Nokia PC Suite --> MsiExec.exe /I{D89AC4DF-7A00-4D0B-BA99-D582C7974A09} OutlookAddinSetup --> MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56} PC Connectivity Solution --> MsiExec.exe /I{AB2347E4-153B-4194-AA3B-97C0A662B369} Personal 4.5.2 --> "C:\Program\Personal\bin\persinst.exe" -u PrintServer Utilities --> C:\Program\PrintServer Utilities\Uninstall.exe Programvara för Intel® PROSet för trådlösa anslutningar --> C:\WINDOWS\Installer\iProInst.exe QuickSet --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 APPDRVNT4 QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A} RealPlayer --> C:\Program\Delade filer\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 RegistrySmart 2.6 --> "C:\Program\RegistrySmart\unins000.exe" ROUTE 66 Route Europa 2005 --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{9443D8A5-0CC2-43E2-9C30-76D17BCD7FAB}\setup.exe" -l0x1d SearchAssist --> C:\DELL\SearchAssist\UninstSA.bat Snabbkorrigering för Windows XP (KB896256) --> Snabbkorrigering för Windows XP (KB906569) --> Snabbkorrigering för Windows XP (KB908673) --> Snabbkorrigering för Windows XP (KB909095) --> Snabbkorrigering för Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB896358) --> Säkerhetsuppdatering för Windows XP (KB896423) --> Säkerhetsuppdatering för Windows XP (KB896424) --> Säkerhetsuppdatering för Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB899588) --> Säkerhetsuppdatering för Windows XP (KB899591) --> Säkerhetsuppdatering för Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB901214) --> Säkerhetsuppdatering för Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB904706) --> Säkerhetsuppdatering för Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB908519) --> Säkerhetsuppdatering för Windows XP (KB908531) --> Säkerhetsuppdatering för Windows XP (KB911562) --> Säkerhetsuppdatering för Windows XP (KB911567) --> Säkerhetsuppdatering för Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB912919) --> Säkerhetsuppdatering för Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB914388) --> Säkerhetsuppdatering för Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB916281) --> Säkerhetsuppdatering för Windows XP (KB917159) --> Säkerhetsuppdatering för Windows XP (KB917344) --> Säkerhetsuppdatering för Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB918439) --> Säkerhetsuppdatering för Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB921883) --> Säkerhetsuppdatering för Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Sonic Audio module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic MyDVD LE --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Sony Ericsson PC Suite --> MsiExec.exe /I{788A9E76-1079-445D-B9A1-6DBB9420F7C3} Spybot - Search & Destroy 1.4 --> "C:\Program\Spybot - Search & Destroy\unins000.exe" Spyware Doctor 5.0 --> C:\Program\Spyware Doctor\unins000.exe Synaptics Pointing Device Driver --> rundll32.exe "C:\Program\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TPTEST 5.0.1 --> "C:\Program\TPTEST5\unins000.exe" Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7} Update for Outlook 2007 Junk Email Filter (KB932338) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E90DA454-DE6C-45FA-A702-47B614A0159F} Uppdatering för Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB912945) --> "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" URL Assistant --> regsvr32 /u /s "C:\Program\BAE\BAE.dll" Winamp (remove only) --> "C:\Program\Winamp\UninstWA.exe" Windows Desktop Search 3.0 --> "C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe" Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2) --> C:\Program\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_6B630EE2E66584353C6CD8683D447072872F34D8\pccswpddriver.inf Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1) --> C:\Program\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf Windows Live Messenger --> MsiExec.exe /I{B10BFDE0-0F93-401A-BB3E-CEFF02B5CB83} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" WinRAR archiver --> C:\Program\WinRAR\uninstall.exe XoftSpySE --> C:\Program\XoftSpySE\uninstall.exe -- End of Deckard's System Scanner: finished at 2007-05-07 at 16:19:27 --------- [/log]
  15. Och från Kaspersky virusscan [log]------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, May 07, 2007 3:08:33 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 7/05/2007 Kaspersky Anti-Virus database records: 295883 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C: D: Scan Statistics: Total number of scanned objects: 96021 Number of viruses found: 1 Number of infected objects: 2 / 0 Number of suspicious objects: 0 Duration of the scan process: 02:14:46 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{403CD958-EEAD-408A-98FA-64CC8D653DAE}.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{B1D219D7-4B9D-4AC9-9B0A-611F302DAB00}.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{FD44DADE-F236-4BC0-8292-3B6EEBCDA018}.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSK\MSKWMDB.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSK\RBLDB.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\MSK\settingsdb.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR1.tmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.72.Crwl Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.72.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.ci Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wsb Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy15.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf3.tmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_8e4.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\SingleClick Systems\HomeNet Manager\Logs\hnm_svc.log Object is locked skipped C:\Documents and Settings\Danne\Application Data\$_hpcst$.hpc Object is locked skipped C:\Documents and Settings\Danne\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Application Data\Identities\{4BE48AE1-D2D2-456E-9D57-88C42E785AAA}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Application Data\Identities\{4BE48AE1-D2D2-456E-9D57-88C42E785AAA}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Temp\Perflib_Perfdata_10f0.dat Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Temp\WCESLog.log Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Tidigare\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Danne\Lokala inställningar\Tidigare\History.IE5\MSHist012007050720070508\index.dat Object is locked skipped C:\Documents and Settings\Danne\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Danne\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Lokala inställningar\Tidigare\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{A2AF58B2-83EB-46DB-8FC8-B6CEAAE16AC0}\RP156\A0043070.dll Infected: Trojan-Spy.Win32.Goldun.ph skipped C:\System Volume Information\_restore{A2AF58B2-83EB-46DB-8FC8-B6CEAAE16AC0}\RP157\change.log Object is locked skipped C:\WINDOWS\CSC\00000001 Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Prefetch\Layout.ini Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped C:\WINDOWS\system32\config\OSession.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\linksrvd.sys Infected: Trojan-Spy.Win32.Goldun.ph skipped C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\mcafee_D3bwQ6N11WiuNq5 Object is locked skipped C:\WINDOWS\Temp\mcmsc_26Pwtbax0EcKrG0 Object is locked skipped C:\WINDOWS\Temp\mcmsc_296bhAKIuTU7qrv Object is locked skipped C:\WINDOWS\Temp\mcmsc_9EVBwJKiCfEcj8U Object is locked skipped C:\WINDOWS\Temp\mcmsc_D2dl6mf1sFYdQ2h Object is locked skipped C:\WINDOWS\Temp\mcmsc_HsTtKlrUutOCqha Object is locked skipped C:\WINDOWS\Temp\mcmsc_XPuiXyguZYrAoDE Object is locked skipped C:\WINDOWS\Temp\sqlite_FEnIhiD7jov6H0Q Object is locked skipped C:\WINDOWS\Temp\sqlite_gyhIKG2GWYr5alH Object is locked skipped C:\WINDOWS\Temp\sqlite_sZZ9vuJdKFHgKB7 Object is locked skipped C:\WINDOWS\Temp\sqlite_XKacEgct8vwCKns Object is locked skipped C:\WINDOWS\Temp\sqlite_YUhCNNqrhnWqdUK Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. [/log]
×
×
  • Skapa nytt...