Just nu i M3-nätverket
Jump to content

Problem med svärmors dator..


MacAudio

Recommended Posts

Hej,

Sitter på min svärmors dator som verkar vara full av konstigheter.

Är tex. konstiga längst ner till höger, där vart klockan är.

En icon är som en tom ruta och när man höger klickar på den så kommer det upp en tom meny.

Finns även en stjärna som säger att datorn kan vara utsatt för risk när man drar musen över den..

 

Har tankat hem hijack this och scannat. Bifogar en Log.

 

[log]Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 18:24, on 2007-05-20

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Grisoft\AVG7\avgamsvr.exe

C:\Program\Grisoft\AVG7\avgupsvc.exe

C:\Program\Grisoft\AVG7\avgemc.exe

C:\Program\Java\jre1.5.0_11\bin\jusched.exe

C:\Program\Grisoft\AVG7\avgcc.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program\Java\jre1.5.0_11\bin\jucheck.exe

C:\Program\MSN Messenger\usnsvc.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Tony\Skrivbord\hijackthis\HiJackThis_v2.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe

O4 - HKLM\..\Run: [PCLEUSBTip] C:\Program\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bitTorrent] "C:\Program\BitTorrent\bittorrent.exe" --force_start_minimized

O4 - HKCU\..\Run: [NBJ] "C:\Program\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\Program\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/229?4cac007b7b8d42c1b4ee22f0e25bfe3d

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/230?4cac007b7b8d42c1b4ee22f0e25bfe3d

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://webkc.support.telia.se/sdccommon/download/tgctlcm.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://webkamera.kristinehamn.se/activex/AxisCamControl.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.pixbox.se/static/ImageUploader3.cab

O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://betway.microgaming.com/betway/FlashAX.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgemc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 7343 bytes

[/log]

 

 

 

Tacksam för svar och hjälp.

 

MVH Mattias

 

Link to comment
Share on other sites

 

Ser inget i loggen.

Ladda ner SmitfraudFix på skrivbordet och unzippa den där.

 

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

 

Sen öppna SmitfraudFix mappen och dubbelklicka på smitfraudfix.cmd

Välj altenativ Search = klicka 1 och Enter

Kopiera loggen som kommer ut och skicka hit.

 

Ladda ner Decard`s System Scanner på Skrivbordet

 

http://www.techsupportforum.com/sectools/Deckard/dss.exe

 

Kör den och följ anvisningar.

Skicka loggen som kommer ut = Main.txt

 

 

Link to comment
Share on other sites

Tack för ett snabbt svar,

 

Här är smitfraudfix loggen:

[log]

SmitFraudFix v2.183

 

Scan done at 18:36:51,26, 2007-05-20

Run from C:\Documents and Settings\Tony\Skrivbord\SmitfraudFix

OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT

The filesystem type is NTFS

Fix run in normal mode

 

»»»»»»»»»»»»»»»»»»»»»»»» Process

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Grisoft\AVG7\avgamsvr.exe

C:\Program\Grisoft\AVG7\avgupsvc.exe

C:\Program\Grisoft\AVG7\avgemc.exe

C:\Program\Java\jre1.5.0_11\bin\jusched.exe

C:\Program\Grisoft\AVG7\avgcc.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program\Java\jre1.5.0_11\bin\jucheck.exe

C:\Program\MSN Messenger\usnsvc.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\WINDOWS\system32\cmd.exe

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

hosts file corrupted !

 

127.0.0.1 microsoft.com.org #[iE-SpyAd]

127.0.0.1 www.www.microsoft.com.org

 

»»»»»»»»»»»»»»»»»»»»»»»» C:

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Tony

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Tony\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Tony\FAVORI~1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, following keys are not inevitably infected!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, following keys are not inevitably infected!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport för paketschemaläggning

DNS Server Search Order: 192.168.1.1

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{371C9D40-F06B-45BB-9A42-0DC4B1B2E9C8}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{371C9D40-F06B-45BB-9A42-0DC4B1B2E9C8}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS2\Services\Tcpip\..\{371C9D40-F06B-45BB-9A42-0DC4B1B2E9C8}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

 

 

»»»»»»»»»»»»»»»»»»»»»»»» End

 

[/log]

 

Och en DSS Log:

 

Main.txt

[log]

Deckard's System Scanner v20070426.43

Run by Tony on 2007-05-20 at 18:38:24

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

-- System Restore --------------------------------------------------------------

 

System Restore is disabled; attempting to re-enable...success.

 

 

-- Last 1 Restore Point(s) --

1: 2007-05-20 16:38:25 UTC - RP1 - Systemkontrollpunkt

 

 

Backed up registry hives.

 

Performed disk cleanup.

 

 

-- HijackThis Clone ------------------------------------------------------------

 

Emulating logfile of HijackThis v1.99.1

Scan saved at 2007-05-20 18:40:16

Platform: Windows XP Service Pack 2 (5.01.2600)

MSIE: Internet Explorer (6.0.2900.2180)

 

Running processes:

C:\WINDOWS\system32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\explorer.exe

C:\Program\Grisoft\AVG7\avgamsvr.exe

C:\Program\Grisoft\AVG7\avgupsvc.exe

C:\Program\Grisoft\AVG7\avgemc.exe

C:\Program\Java\jre1.5.0_11\bin\jusched.exe

C:\Program\Grisoft\AVG7\avgcc.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program\Java\jre1.5.0_11\bin\jucheck.exe

C:\Program\MSN Messenger\usnsvc.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Tony\Skrivbord\dss.exe

C:\WINDOWS\system32\wuauclt.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie'>http://www.google.com/ie'>http://www.google.com/ie'>http://www.google.com/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\GoogleToolbar3.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe

O4 - HKLM\..\Run: [PCLEUSBTip] C:\Program\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Advanced WindowsCare V2 Pro] "C:\Program\IObit\Advanced WindowsCare V2 Pro\Awc.exe" /startup

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [NBJ] "C:\Program\Ahead\Nero BackItUp\NBJ.exe"

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/229?4cac007b7b8d42c1b4ee22f0e25bfe3d

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/230?4cac007b7b8d42c1b4ee22f0e25bfe3d

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)

O9 - Extra 'Tools' menuitem: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://webkc.support.telia.se/sdccommon/download/tgctlcm.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} () - http://webkamera.kristinehamn.se/activex/AxisCamControl.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.pixbox.se/static/ImageUploader3.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://betway.microgaming.com/betway/FlashAX.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSN Messenger\msgrapp.8.1.0178.00.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\system32\WgaLogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - "C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe"

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgemc.exe

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe /com

O23 - Service: Google Updater Service (gusvc) - Google - "C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe"

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

 

-- File Associations -----------------------------------------------------------

 

All associations okay.

 

 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 

R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil©>

R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>

R1 SASDIFSV - c:\program\superantispyware\sasdifsv.sys

R1 SASKUTIL - c:\program\superantispyware\saskutil.sys

R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; VOB Computersysteme GmbH; asapi>

R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete>

R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>

R3 SASENUM - c:\program\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

 

S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys (file missing)

S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys (file missing)

S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys

S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>

S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>

 

 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 

All services whitelisted.

 

 

-- Scheduled Tasks -------------------------------------------------------------

 

2007-05-20 18:39:05 240 --a------ C:\WINDOWS\Tasks\Kontrollera uppdateringar för Windows Live Toolbar.job

 

 

-- Files created between 2007-04-20 and 2007-05-20 -----------------------------

 

2007-05-20 18:27:02 10081 --a------ C:\WINDOWS\msvrc20.dll

2007-05-20 18:27:02 0 d-------- C:\Program\IObit

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-05-20 18:37:04 1328 --a------ C:\WINDOWS\system32\tmp.reg

2007-05-20 18:13:49 0 d-------- C:\Program\Google

2007-05-20 05:00:47 404336 --a------ C:\WINDOWS\system32\perfh01D.dat

2007-05-20 05:00:47 73936 --a------ C:\WINDOWS\system32\perfc01D.dat

2007-05-02 05:12:03 0 d-------- C:\Documents and Settings\Tony\Application Data\AVG7

2007-04-12 05:14:32 552 --a------ C:\WINDOWS\system32\d3d8caps.dat

2007-04-09 12:24:58 0 d-------- C:\Program\Zylom Games

2007-04-07 21:39:16 0 d-------- C:\Documents and Settings\Tony\Application Data\dvdcss

2007-03-22 13:39:57 0 d-------- C:\Documents and Settings\Tony\Application Data\Zylom

2007-03-22 13:39:57 0 d-------- C:\Documents and Settings\Tony\Application Data\Identities

 

 

-- Registry Dump ---------------------------------------------------------------

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program\Java\jre1.5.0_11\bin\ssv.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program\google\googletoolbar3.dll

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program\Windows Live Toolbar\msntb.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

"nwiz"="nwiz.exe /install"

"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

"PinnacleDriverCheck"="C:\\WINDOWS\\system32\\\\PSDrvCheck.exe"

"PCLEUSBTip"="C:\\Program\\Pinnacle\\Shared Files\\Programs\\USBTip\\USBTip.exe"

"AVG7_CC"="C:\\Program\\Grisoft\\AVG7\\avgcc.exe /STARTUP"

@=""

"Advanced WindowsCare V2 Pro"="\"C:\\Program\\IObit\\Advanced WindowsCare V2 Pro\\Awc.exe\" /startup"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"MsnMsgr"="\"C:\\Program\\MSN Messenger\\MsnMsgr.Exe\" /background"

"NBJ"="\"C:\\Program\\Ahead\\Nero BackItUp\\NBJ.exe\""

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"nlsf"=hex(2):63,6d,64,2e,65,78,65,20,2f,43,20,6d,6f,76,65,20,2f,59,20,22,25, 53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,73,79,73,73, 65,74,75,62,2e,64,6c,6c,22,20,22,25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53, 79,73,74,65,6d,33,32,5c,73,79,73,73,65,74,75,70,2e,64,6c,6c,22,00

"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d, 33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"MsnMsgr"="\"C:\\Program\\MSN Messenger\\MsnMsgr.Exe\" /background"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"SynchronousMachineGroupPolicy"=dword:00000000

"SynchronousUserGroupPolicy"=dword:00000000

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoCDBurning"=dword:00000001

"LinkResolveIgnoreLinkInfo"=dword:00000000

"NoResolveSearch"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"LinkResolveIgnoreLinkInfo"=dword:00000000

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

 

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

 

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa

Authentication Packages REG_MULTI_SZ msv1_0\0\0

Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0

Notification Packages REG_MULTI_SZ scecli\0\0

 

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]

HTTPFilter REG_MULTI_SZ HTTPFilter\0\0

LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0

NetworkService REG_MULTI_SZ DnsCache\0\0

DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

rpcss REG_MULTI_SZ RpcSs\0\0

imgsvc REG_MULTI_SZ StiSvc\0\0

termsvcs REG_MULTI_SZ TermService\0\0

 

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f6bfa34-419a-11db-a1b1-00409530028b}]

Shell\AutoRun\command F:\LaunchU3.exe -a

 

 

-- Hosts -----------------------------------------------------------------------

 

127.0.0.1 ad.a8.net

127.0.0.1 asy.a8ww.net

127.0.0.1 www.abcsearcher.com #[spamdexing][Microsoft.Strider]

127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]

127.0.0.1 adserver.adbunker.com

127.0.0.1 phpadsnew.abac.com

127.0.0.1 a.abnad.net

127.0.0.1 b.abnad.net

127.0.0.1 c.abnad.net #[iE-SpyAd]

127.0.0.1 d.abnad.net

 

13386 more entries in hosts file.

 

 

-- End of Deckard's System Scanner: finished at 2007-05-20 at 18:40:58 ---------

 

[/log]

 

 

extra.txt

 

[log]

Deckard's System Scanner v20070426.43

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

 

-- System Information ----------------------------------------------------------

 

Microsoft Windows XP Professional (build 2600) SP 2.0

Architecture: X86; Language: Swedish

 

CPU 0: AMD Athlon XP

Percentage of Memory in Use: 44%

Physical Memory (total/avail): 1023.49 MiB / 563.45 MiB

Pagefile Memory (total/avail): 2461.71 MiB / 2150.93 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1954.88 MiB

 

C: is Fixed (NTFS) - 29.29 GiB total, 9.93 GiB free.

D: is Fixed (NTFS) - 82.49 GiB total, 71 GiB free.

E: is CDROM (CDFS)

 

 

-- Security Center -------------------------------------------------------------

 

AUOptions is scheduled to auto-install.

Windows Internal Firewall is enabled.

 

FirstRunDisabled is set.

AntivirusOverride is set.

 

AV: AVG 7.5.467 v7.5.467 (GRISOFT)

 

 

-- Environment Variables -------------------------------------------------------

 

ALLUSERSPROFILE=C:\Documents and Settings\All Users

APPDATA=C:\Documents and Settings\Tony\Application Data

CLIENTNAME=Console

CommonProgramFiles=C:\Program\Delade filer

COMPUTERNAME=EF3FB367C7154F9

ComSpec=C:\WINDOWS\system32\cmd.exe

DEFAULT_CA_NR=CA6

DEVMGR_SHOW_DETAILS=

DEVMGR_SHOW_NONPRESENT_DEVICES=1

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Documents and Settings\Tony

LOGONSERVER=\\EF3FB367C7154F9

NoSMBalloonTip=

NUMBER_OF_PROCESSORS=1

OS=Windows_NT

Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program\Delade filer\Ulead Systems\MPEG;C:\Program\Delade filer\Teleca Shared;C:\Program\Pinnacle\Shared Files;C:\Program\Pinnacle\Shared Files\Filter

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 6 Model 6 Stepping 2, AuthenticAMD

PROCESSOR_LEVEL=6

PROCESSOR_REVISION=0602

ProgramFiles=C:\Program

PROMPT=$P$G

SESSIONNAME=Console

SystemDrive=C:

SystemRoot=C:\WINDOWS

TEMP=C:\DOCUME~1\Tony\LOKALA~1\Temp

TMP=C:\DOCUME~1\Tony\LOKALA~1\Temp

USERDOMAIN=EF3FB367C7154F9

USERNAME=Tony

USERPROFILE=C:\Documents and Settings\Tony

windir=C:\WINDOWS

 

 

-- User Profiles ---------------------------------------------------------------

 

Tony (admin)

Administratör (admin)

 

 

-- Add/Remove Programs ---------------------------------------------------------

 

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

ACDSee Trial Version --> C:\Program\ACDSYS~1\ACDSee\UNWISE.EXE C:\Program\ACDSYS~1\ACDSee\INSTALL.LOG

Ad-Aware SE Personal --> C:\Program\Lavasoft\AD-AWA~1\UNWISE.EXE C:\Program\Lavasoft\AD-AWA~1\INSTALL.LOG

Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q

Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-041D-1E257A25E34D}

Adobe Reader 7.0.7 - Svenska --> MsiExec.exe /I{AC76BA86-7AD7-1053-7B44-A70700000002}

Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

Advanced WindowsCare 2.21 Professional --> "C:\Program\IObit\Advanced WindowsCare V2 Pro\unins000.exe"

AVG 7.5 --> C:\Program\Grisoft\AVG7\setup.exe /UNINSTALL

Betway.com Poker --> C:\Program\BETWAY~1\Betway\UNWISE.EXE C:\Program\BETWAY~1\Betway\INSTALL.LOG

BitComet 0.70 --> C:\Program\BitComet\uninst.exe

CD-DA X-Tractor v0.24 --> "C:\Program\CD-DA X-Tractor\unins000.exe"

Disc2Phone --> MsiExec.exe /I{6E65247F-58F9-41CA-BE69-0316F7907170}

DiscAPI (Studio 10) --> MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}

DVD Decrypter (Remove Only) --> "C:\Program\DVDDecrypter\uninstall.exe"

DVD Shrink 3.2 --> "C:\Program\DVD Shrink\unins000.exe"

Feedidentifiering (Windows Live Toolbar) --> MsiExec.exe /X{736D3047-3A62-4FF0-8F75-B1AB9387EE8D}

Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program\google\googletoolbar3.dll"

HijackThis 2.0.0 --> "C:\Documents and Settings\Tony\Skrivbord\hijackthis\HijackThis.exe" /uninstall

Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"

J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}

J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}

J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}

J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}

K-Lite Codec Pack 2.82 Full --> "C:\Program\K-Lite Codec Pack\unins000.exe"

Language pack for Ad-Aware SE --> C:\Program\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\Program\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG

Nero 6 Ultra Edition --> C:\Program\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

Nero Digital --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL

NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI

OneCare Advisor (Windows Live Toolbar) --> MsiExec.exe /X{19B622A5-0956-4080-843C-53A2E378BE5E}

Pinnacle Instant DVD Recorder --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\Setup.exe" -l0x1d UNINSTALL

Popup-blockeraren (Windows Live Toolbar) --> MsiExec.exe /X{1E3C24B7-76FC-4EFB-B672-DB35C194DBC2}

QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log

RAPID --> MsiExec.exe /X{EEECE229-49F6-4851-A73A-99B058221F8C}

Smarta menyer (Windows Live Toolbar) --> MsiExec.exe /X{5DB357BB-7940-4E5F-BAFF-4FB490914457}

SmartSound Quicktracks Plugin --> C:\Program\DELADE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}

Säkerhetsuppdatering för Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB913433) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf

Säkerhetsuppdatering för Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"

Säkerhetsuppdatering för Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"

Sony Ericsson PC Suite 1.20.173 --> MsiExec.exe /I{C5ADA65A-7828-4D85-B071-ECC52B51F794}

Studio 10 --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{FDFE8A65-3DDD-4309-8194-559F41BF61F3}\setup.exe" -l0x9 UNINSTALL

SUPERAntiSpyware Professional --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}

Ulead VideoStudio 6 SE DVD --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{5404E185-BD7C-4A72-ABD0-91A411A05726}\Setup.exe" -l0x9

Uppdatering för Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"

Uppdatering för Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"

Webbsökning med flikar (Windows Live Toolbar) --> MsiExec.exe /X{70BF0AE7-758E-48C9-8637-640EFE887346}

Verktygsfältet Outlook (Windows Live Toolbar) --> MsiExec.exe /X{C757334D-4884-4C1D-AB60-7E038C019BBC}

VideoLAN VLC media player 0.8.6 --> C:\Program\VideoLAN\VLC\uninstall.exe

Windows Live Messenger --> MsiExec.exe /I{2E55A582-4FFE-4FF2-8D4D-E7D275FF89BD}

Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}

Windows Live Toolbar --> "C:\Program\Windows Live Toolbar\UnInstall.exe" {BF222632-FA11-46BE-900C-6297C769D64E}

Windows Live Toolbar --> MsiExec.exe /X{BF222632-FA11-46BE-900C-6297C769D64E}

Windows Live Toolbar Extension (Windows Live Toolbar) --> MsiExec.exe /X{4A84EB9C-E961-45E5-A93C-FBDC5CD9DACD}

Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"

WinRAR archiver --> C:\Program\WinRAR\uninstall.exe

Zylom Games Player Plugin --> "C:\Program\Zylom Games\UninstallPlugin.exe" --uninstall

 

 

-- End of Deckard's System Scanner: finished at 2007-05-20 at 18:40:58 ---------

 

[/log]

 

 

 

Link to comment
Share on other sites

Hej,

låter bra iallafall :)

 

här är loggen från virustotal:

 

[log]

STATUS: FINISHEDComplete scanning result of "msvrc20.dll", received in VirusTotal at 05.20.2007, 18:55:11 (CET).

 

Antivirus Version Update Result

AhnLab-V3 2007.5.16.1 05.18.2007 no virus found

AntiVir 7.4.0.23 05.20.2007 no virus found

Authentium 4.93.8 05.18.2007 no virus found

Avast 4.7.997.0 05.18.2007 no virus found

AVG 7.5.0.467 05.20.2007 no virus found

BitDefender 7.2 05.20.2007 no virus found

CAT-QuickHeal 9.00 05.18.2007 no virus found

ClamAV devel-20070416 05.20.2007 no virus found

DrWeb 4.33 05.20.2007 no virus found

eSafe 7.0.15.0 05.20.2007 no virus found

eTrust-Vet 30.7.3644 05.19.2007 no virus found

Ewido 4.0 05.20.2007 no virus found

FileAdvisor 1 05.20.2007 no virus found

Fortinet 2.85.0.0 05.20.2007 no virus found

F-Prot 4.3.2.48 05.18.2007 no virus found

F-Secure 6.70.13030.0 05.18.2007 no virus found

Ikarus T3.1.1.7 05.20.2007 no virus found

Kaspersky 4.0.2.24 05.20.2007 no virus found

McAfee 5034 05.18.2007 no virus found

Microsoft 1.2503 05.20.2007 no virus found

NOD32v2 2278 05.20.2007 no virus found

Norman 5.80.02 05.18.2007 no virus found

Panda 9.0.0.4 05.20.2007 no virus found

Prevx1 V2 05.20.2007 no virus found

Sophos 4.17.0 05.20.2007 no virus found

Sunbelt 2.2.907.0 05.17.2007 no virus found

Symantec 10 05.20.2007 no virus found

TheHacker 6.1.6.118 05.18.2007 no virus found

VBA32 3.12.0 05.20.2007 no virus found

VirusBuster 4.3.7:9 05.20.2007 no virus found

Webwasher-Gateway 6.0.1 05.20.2007 no virus found

 

 

Aditional Information

File size: 10081 bytes

MD5: 34b320d85c154ffe9e25b1529a715537

SHA1: 7be41a401de920edfaf6d93cc27380dd09c4a10a

packers: ZLIB

[/log]

 

Hur avinstallerar jag Javan?

 

MVH Mattias

 

Link to comment
Share on other sites

Tack för hjälpen,

Datorn fungerar mycket bättre nu.

Har tankat hem advanced windows care v2 också och scannat,

hittade en massa fel som nu är borta.

 

Sätter poäng åt dig.

 

MVH Mattias

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...