Just nu i M3-nätverket
Jump to content

Problem


Kjell S

Recommended Posts

Hej

 

Har i många år kört AutoCad 2002LT utan några problem, men nu plötsligt så tvärnitar programmet och anger en felorsak.

 

Efter lite goglande så hittar jag en tänkbar orsak till detta fel, det ska bero på två fulingar "Downloader.Ruins" och "DNS Changer"

 

Laddade ner Super anti Spyware, det hittade och ränsade ut en hel del, men problemet med AutoCad och allmän trötthet hos mig och datorn kvarstår.

 

Bifogar HJT logfil i hopp om hjälp.

Sökningen stannades av mitt Panda två gånger men det kanske inte gör något?

 

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 11:54:56, on 2007-11-04

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

C:\Program\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\system32\crypserv.exe

C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe

C:\Program\ewido anti-spyware 4.0\guard.exe

C:\Program\Compaq\Easy Access Button Support\StartEAK.exe

C:\Program\Delade filer\Logitech\QCDriver\LVCOMS.EXE

C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe

C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Ahead\InCD\InCD.exe

C:\Program\Delade filer\FotoNation\EvLstnr.exe

C:\Program\DATACA~1\FLashKsk.exe

C:\Program\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe

C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE

C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\System32\NMSSvc.exe

C:\Compaq\EAKDRV\EAUSBKBD.EXE

C:\Program\Microsoft IntelliPoint\point32.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program\Java\jre1.6.0_02\bin\jusched.exe

C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program\Delade filer\ACD Systems\EN\DevDetect.exe

C:\Program\Spamihilator\spamihilator.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\Hewlett-Packard\Toolbox\jre\bin\javaw.exe

C:\Program\Compaq\EASYAC~1\BttnServ.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Delade filer\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

C:\Program\Nikon\PictureProject\NkbMonitor.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe

C:\HT\HjT.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\avciman.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\psimreal.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eniro.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=041d&s=search&ap=b204

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\Compaq\Easy Access Button Support\StartEAK.exe

O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Program\Delade filer\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [hpppt] C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe /ICON

O4 - HKLM\..\Run: [HP Lamp] C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [EVENTLISTENER] C:\Program\Delade filer\FotoNation\EvLstnr.exe

O4 - HKLM\..\Run: [DataCaching] C:\Program\DATACA~1\FLashKsk.exe

O4 - HKLM\..\Run: [statusClient 2.6] C:\Program\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto

O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program\Hewlett-Packard\Toolbox\hpbpsttp.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [spamihilator] "C:\Program\Spamihilator\spamihilator.exe"

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_9 -reboot 1

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program\Delade filer\Autodesk Shared\acstart16.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Kalenderpåminnelser i Microsoft Works.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///F:/Program/AcPreview.ocx

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program\Ahead\InCD\InCDsrv.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Panda Software Controller - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe (file missing)

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program\Delade filer\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

 

[/log]

 

 

KS

 

 

 

Link to comment
Share on other sites

Du har väl inte uppgraderat till Internet Explorer 7?

Autodesk produkter är gjorda för IE6.

Så det råder totalförbud mot IE7 på jobbet.

Men först kördes IE7 in.

Så det blev att blåsa alla burkar med AutoCad och Inventor och installera om allt från början.

[inlägget ändrat 2007-11-04 12:45:05 av jannejanne]

Link to comment
Share on other sites

Du har väl inte uppgraderat till Internet Explorer 7?

Autodesk produkter är gjorda för IE6.

Så det råder totalförbud mot IE7 på jobbet.

Men först kördes IE7 in.

Så det blev att blåsa alla burkar med AutoCad och Inventor och installera om allt från början.

 

Jo det gör jag, och det har jag snart gjort i ett år ???!!!! utan problem tidigare.

 

KS

 

Link to comment
Share on other sites

Här är en nyare version

 

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:07:47, on 2007-11-04

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

C:\Program\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\system32\crypserv.exe

C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe

C:\Program\ewido anti-spyware 4.0\guard.exe

C:\Program\Compaq\Easy Access Button Support\StartEAK.exe

C:\Program\Delade filer\Logitech\QCDriver\LVCOMS.EXE

C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe

C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Ahead\InCD\InCD.exe

C:\Program\Delade filer\FotoNation\EvLstnr.exe

C:\Program\DATACA~1\FLashKsk.exe

C:\Program\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe

C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE

C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\System32\NMSSvc.exe

C:\Compaq\EAKDRV\EAUSBKBD.EXE

C:\Program\Microsoft IntelliPoint\point32.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program\Java\jre1.6.0_02\bin\jusched.exe

C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program\Delade filer\ACD Systems\EN\DevDetect.exe

C:\Program\Spamihilator\spamihilator.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\Hewlett-Packard\Toolbox\jre\bin\javaw.exe

C:\Program\Compaq\EASYAC~1\BttnServ.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Delade filer\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

C:\Program\Nikon\PictureProject\NkbMonitor.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\HT\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eniro.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=041d&s=search&ap=b204

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\Compaq\Easy Access Button Support\StartEAK.exe

O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Program\Delade filer\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [hpppt] C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe /ICON

O4 - HKLM\..\Run: [HP Lamp] C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [EVENTLISTENER] C:\Program\Delade filer\FotoNation\EvLstnr.exe

O4 - HKLM\..\Run: [DataCaching] C:\Program\DATACA~1\FLashKsk.exe

O4 - HKLM\..\Run: [statusClient 2.6] C:\Program\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto

O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program\Hewlett-Packard\Toolbox\hpbpsttp.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [spamihilator] "C:\Program\Spamihilator\spamihilator.exe"

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_9 -reboot 1

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program\Delade filer\Autodesk Shared\acstart16.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Kalenderpåminnelser i Microsoft Works.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///F:/Program/AcPreview.ocx

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program\Ahead\InCD\InCDsrv.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Panda Software Controller - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe (file missing)

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program\Delade filer\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

 

--

End of file - 12400 bytes

[/log]

 

KS

 

 

Link to comment
Share on other sites

Det är en gammal Java-version med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java/J2SE/JRE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe

Är en gammal version som har ersatts: http://www.ewido.net/en/

 

Jag ser inget otrevligt i loggen. Starta SUPERAntiSpyware, tryck på Preferences, välj fliken Statistics/Logs.

Dubbelklicka på den SUPERAntiSpyware Scan Log där något hittades så att loggen kommer upp i Anteckningar.

Klistra in loggen i ditt svar

 

Link to comment
Share on other sites

Det är en gammal java-version....

 

Har redan gjort honom uppmärksam om det,så den saken har han

åtgärdat,,,:)

 

 

[inlägget ändrat 2007-11-05 10:38:52 av Brynäsarn]

Link to comment
Share on other sites

OK

har avinstallerat div java även uppdateringar.

 

SuperAS loggen

 

[log]

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 11/03/2007 at 11:17 PM

 

Application Version : 3.9.1008

 

Core Rules Database Version : 3337

Trace Rules Database Version: 1338

 

Scan type : Quick Scan

Total Scan Time : 00:50:28

 

Memory items scanned : 607

Memory threats detected : 0

Registry items scanned : 965

Registry threats detected : 7

File items scanned : 26408

File threats detected : 25

 

Unclassified.Unknown Origin/System

[sW20] C:\WINDOWS\SYSTEM32\SW20.EXE

C:\WINDOWS\SYSTEM32\SW20.EXE

[sW24] C:\WINDOWS\SYSTEM32\SW24.EXE

C:\WINDOWS\SYSTEM32\SW24.EXE

C:\WINDOWS\SYSTEM32\REINSTALLBACKUPS\0002\DRIVERFILES\SW20.EXE

C:\WINDOWS\SYSTEM32\REINSTALLBACKUPS\0002\DRIVERFILES\SW24.EXE

C:\WINDOWS\SYSTEM32\REINSTALLBACKUPS\0018\DRIVERFILES\SW20.EXE

C:\WINDOWS\SYSTEM32\REINSTALLBACKUPS\0018\DRIVERFILES\SW24.EXE

 

Unclassified.Unknown Origin

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{E521797A-22DE-4B46-8B2F-8E98AB77B942}

 

Adware.Tracking Cookie

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.googleadservices[3].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@clickit[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.googleadservices[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@ad.adocean[2].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@ad.zanox[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.googleadservices[2].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.googleadservices[8].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.googleadservices[4].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@m1.webstats.motigo[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.googleadservices[5].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@mediabuy.uk.smarttargetting[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@ads.revsci[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@stat.swedbank[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.googleadservices[6].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@track.webgains[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@www.track-link[1].txt

C:\Documents and Settings\Kjell Svensson\Cookies\kjell_svensson@eas.apm.emediate[1].txt

 

Trojan.Unknown Origin

HKLM\SOFTWARE\Microsoft\MSSMGR

HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd

HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV

HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV

 

Browser Hijacker.Favorites

C:\RECYCLER\S-1-5-21-502627533-2752991226-3942243025-500\DC9.URL

[/log]

 

 

KS

 

 

Link to comment
Share on other sites

Combofixloggen

 

[log]ComboFix 07-11-05.2 - Kjell Svensson 2007-11-05 12:56:57.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1053.18.187 [GMT 1:00]

Running from: C:\TEMP\Anti spy\ComboFix.exe

* Created a new restore point

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\system32\components

C:\WINDOWS\system32\winsys.exe

 

.

((((((((((((((((((((((((( Files Created from 2007-10-05 to 2007-11-05 )))))))))))))))))))))))))))))))

.

 

2007-11-05 12:53 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-11-04 13:06 <KAT> d-------- C:\Program\HT

2007-11-04 00:08 <KAT> d-------- C:\Documents and Settings\Administratör\Application Data\SUPERAntiSpyware.com

2007-11-03 22:22 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2007-11-03 22:21 <KAT> d-------- C:\Program\SUPERAntiSpyware

2007-11-03 22:21 <KAT> d-------- C:\Documents and Settings\Kjell Svensson\Application Data\SUPERAntiSpyware.com

2007-11-03 22:20 <KAT> d-------- C:\Program\Delade filer\Wise Installation Wizard

2007-11-03 22:03 <KAT> d-------- C:\TEMP\Anti spy

2007-10-26 16:48 <KAT> d-------- C:\Program\Spamihilator

2007-10-25 21:24 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys

2007-10-25 21:21 <KAT> d-------- C:\WINDOWS\system32\PAV

2007-10-25 21:21 142,128 --a------ C:\WINDOWS\system32\drivers\netimflt.sys

2007-10-25 21:20 <KAT> d-------- C:\Program\Panda Security

2007-10-25 21:20 292,144 --a------ C:\WINDOWS\system32\PavSHook.dll

2007-10-25 21:20 161,328 --a------ C:\WINDOWS\system32\TpUtil.dll

2007-10-25 21:20 101,888 --a------ C:\WINDOWS\system32\SYSTOOLS.DLL

2007-10-25 21:20 63,024 --a------ C:\WINDOWS\system32\pavipc.dll

2007-10-25 21:20 50,736 --a------ C:\WINDOWS\system32\avldr.dll

2007-10-25 21:20 24,760 --a------ C:\WINDOWS\system32\drivers\cpoint.sys

2007-10-25 17:54 <KAT> d-------- C:\Documents and Settings\Kjell Svensson\Application Data\Spamihilator

2007-10-25 12:43 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\sentinel

2007-10-24 22:22 <KAT> d-------- C:\TEMP\Panda 2008

2007-10-24 21:40 4 --a------ C:\WINDOWS\vx86036.dat

2007-10-24 21:39 165,888 --a------ C:\WINDOWS\Ckconfig.exe

2007-10-24 21:39 69,632 --a------ C:\WINDOWS\system32\Crypserv.exe

2007-10-24 21:39 31,846 --a------ C:\WINDOWS\system32\Ckldrv.sys

2007-10-24 21:39 27,648 -ra------ C:\WINDOWS\Setup_ck.exe

2007-10-24 21:39 18,432 --a------ C:\WINDOWS\Setup_ck.dll

2007-10-24 21:39 11,776 --a------ C:\WINDOWS\Ckrfresh.exe

2007-10-24 21:11 <KAT> d-------- C:\Program\AOEV

2007-10-24 19:45 <KAT> d-------- C:\Program\FreeUndelete

2007-10-24 19:40 <KAT> d-------- C:\Program\Recovery for Outlook

2007-10-24 18:56 <KAT> d-------- C:\Program\Stellar Phoenix Mailbox Professional

2007-10-24 18:56 1,207,808 --a------ C:\WINDOWS\system32\PhoenixDll.dll

2007-10-24 18:56 178,176 --a------ C:\WINDOWS\system32\StellarProfile.dll

2007-10-23 18:49 <KAT> d-------- C:\Program\RegCure

2007-10-23 15:59 <KAT> d-------- C:\Documents and Settings\Kjell Svensson\Application Data\RegistrySmart

2007-10-14 02:13 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys

2007-10-14 01:10 <KAT> d-------- C:\TEMP\Adobe Premiere Elements 3.0

2007-10-14 00:51 <KAT> d-------- C:\TEMP\Premiere

2007-10-10 18:45 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-11-05 11:16 --------- d-----w C:\Program\Java

2007-11-05 08:52 220,256 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck

2007-11-05 08:52 220,256 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT

2007-11-05 08:52 1,224 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck

2007-11-05 08:52 1,224 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG

2007-11-05 08:41 --------- d-----w C:\Documents and Settings\Kjell Svensson\Application Data\Azureus

2007-11-04 01:52 --------- d-----w C:\Program\ewido anti-spyware 4.0

2007-11-03 20:14 --------- d-----w C:\Program\SpywareBlaster

2007-11-03 19:13 --------- d-----w C:\Program\Delade filer\Wextech Shared

2007-11-03 19:12 --------- d-----w C:\Program\Delade filer\Autodesk Shared

2007-11-01 21:28 3,601 ----a-w C:\WINDOWS\panose.bin

2007-10-26 17:05 --------- d-----w C:\Program\XXXSpamihilator

2007-10-25 19:29 --------- d-----w C:\Program\Delade filer\Panda Software

2007-10-25 17:24 --------- d--h--w C:\Program\InstallShield Installation Information

2007-10-25 17:24 --------- d-----w C:\Program\Panda Software

2007-10-24 19:36 --------- d-----w C:\Program\Recover4All

2007-10-23 20:48 --------- d-----w C:\Program\DS_Dual4

2007-10-23 17:31 --------- d-----w C:\Program\Azureus

2007-10-23 13:55 --------- d-----w C:\Program\Microsoft IntelliPoint

2007-10-23 13:55 --------- d-----w C:\Program\Data Caching

2007-10-23 13:54 --------- d-----w C:\Program\QuickTime

2007-10-23 13:54 --------- d-----w C:\Program\Delade filer\FotoNation

2007-10-15 21:31 107,816 ----a-w C:\Documents and Settings\Kjell Svensson\Application Data\GDIPFONTCACHEV1.DAT

2007-10-14 19:45 --------- d-----w C:\Program\Delade filer\ACD Systems

2007-10-14 01:14 --------- d-----w C:\Program\Delade filer\Adobe

2007-10-14 00:22 --------- d-----w C:\Program\SmartFTP

2007-10-13 23:08 --------- d-----w C:\Program\SpamiOL

2007-10-04 18:44 --------- d-----w C:\Program\ACD Systems

2007-09-09 10:10 --------- d-----w C:\Program\NVIDIA

2007-08-21 06:18 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll

2007-08-17 15:23 679,936 ----a-w C:\WINDOWS\system32\spsplib1.dll

2007-03-14 15:56 524,288 ---ha-w C:\Documents and Settings\Ägaren\ntuser.dat

2007-03-14 15:56 524,288 ---ha-w C:\Documents and Settings\Ägaren\ntuser.dat

2004-09-23 17:19 5,730,190 ----a-w C:\Program\acehtml6pro.exe

2006-08-02 00:11:21 184,401 --sh--w C:\WINDOWS\system32\bcbeg.bak1

2006-08-14 16:57:15 308,669 --sh--w C:\WINDOWS\system32\bcbeg.bak2

2006-08-14 17:00:15 308,662 --sh--w C:\WINDOWS\system32\bcbeg.ini2

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 23:43]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]

"CPQEASYACC"="C:\Program\Compaq\Easy Access Button Support\StartEAK.exe" [2001-12-14 13:01]

"srmclean"="C:\Cpqs\Scom\srmclean.exe" [2001-07-24 22:34]

"AutoLogon"="" []

"zBrowser Launcher"="C:\Program\Logitech\iTouch\iTouch.exe" [2001-10-12 00:59]

"LVCOMS"="C:\Program\Delade filer\Logitech\QCDriver\LVCOMS.EXE" [2001-09-06 17:10]

"hpppt"="C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe" [1998-11-24 02:00]

"HP Lamp"="C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe" [1998-11-24 02:00]

"QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2004-05-20 09:31]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]

"InCD"="C:\Program\Ahead\InCD\InCD.exe" [2004-06-04 12:33]

"EVENTLISTENER"="C:\Program\Delade filer\FotoNation\EvLstnr.exe" [2000-06-20 19:46]

"DataCaching"="C:\Program\DATACA~1\FLashKsk.exe" [2002-07-22 12:46]

"StatusClient 2.6"="C:\Program\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe" [2004-02-11 23:08]

"TomcatStartup 2.5"="C:\Program\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-04-09 16:33]

"HP Software Update"="C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]

"IntelliPoint"="C:\Program\Microsoft IntelliPoint\point32.exe" [2005-06-10 10:21]

"nwiz"="nwiz.exe" [2007-06-28 23:43 C:\WINDOWS\system32\nwiz.exe]

"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 17:56 C:\WINDOWS\system32\CTHELPER.EXE]

"Jet Detection"="C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 01:00]

"Acrobat Assistant 7.0"="C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2006-01-12 20:52]

"Device Detector"="DevDetect.exe" []

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 23:43]

"Adobe Reader Speed Launcher"="C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]

"Spamihilator"="C:\Program\Spamihilator\spamihilator.exe" [2007-08-17 16:24]

"APVXDWIN"="C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.exe" [2007-07-19 14:23]

"SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:34]

"updateMgr"="C:\Program\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" [2006-03-30 16:45]

"SUPERAntiSpyware"="C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

 

C:\Documents and Settings\All Users\Start-meny\Program\AutostartAdobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-03-14 15:10:48]

Adobe Gamma Loader.lnk - C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe [2006-07-01 13:17:55]

AutoCAD Startup Accelerator.lnk - C:\Program\Delade filer\Autodesk Shared\acstart16.exe [2005-03-05 21:18:22]

EPSON Status Monitor 3 Environment Check(2).lnk - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2006-08-21 11:59:45]

Logitech Desktop Messenger.lnk - C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2002-06-19 22:07:11]

Microsoft Office.lnk - C:\Program\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]

NkbMonitor.exe.lnk - C:\Program\Nikon\PictureProject\NkbMonitor.exe [2004-05-20 09:32:51]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

@=

"NoFavoritesMenu"=0 (0x0)

"NoRecentDocsMenu"=0 (0x0)

"NoLogOff"=0 (0x0)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

 

R1 APPFLT;App Filter Plugin;\??\C:\WINDOWS\system32\Drivers\APPFLT.SYS

R1 DSAFLT;DSA Filter Plugin;\??\C:\WINDOWS\system32\Drivers\DSAFLT.SYS

R1 FNETMON;NetMon Filter Plugin;\??\C:\WINDOWS\system32\Drivers\fnetmon.SYS

R1 IDSFLT;Ids Filter Plugin;\??\C:\WINDOWS\system32\Drivers\IDSFLT.SYS

R1 NETFLTDI;Panda Net Driver [TDI Layer];\??\C:\WINDOWS\system32\Drivers\NETFLTDI.SYS

R1 SMSFLT;SMS Filter Plugin;\??\C:\WINDOWS\system32\Drivers\SMSFLT.SYS

R1 WNMFLT;Wifi Monitor Filter Plugin;\??\C:\WINDOWS\system32\Drivers\WNMFLT.SYS

R2 ALIEHCD;ALi PCI to USB Enhanced Host Controller;C:\WINDOWS\system32\Drivers\ALIEHCI.sys

R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys

R2 NMSSvc;Intel® NMS;C:\WINDOWS\System32\NMSSvc.exe

R3 aliroothub;USB 2.0 Root Hub;C:\WINDOWS\system32\DRIVERS\AliRtHub.sys

R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys

R3 ComFiltr;Panda Anti-Dialer;\??\C:\WINDOWS\system32\DRIVERS\COMFiltr.sys

R3 hpusbfd;Hewlett-Packard USB Filter Class;C:\WINDOWS\system32\DRIVERS\hpusbfd.sys

R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys

R3 NMSCFG;NIC Management Service Configuration Driver;\??\C:\WINDOWS\system32\drivers\NMSCFG.SYS

R3 PavSRK.sys;PavSRK.sys;\??\C:\WINDOWS\system32\PavSRK.sys

R3 PavTPK.sys;PavTPK.sys;\??\C:\WINDOWS\system32\PavTPK.sys

R3 Wdm1;USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc.sys

S0 epstwnt;epstwnt;C:\WINDOWS\system32\Drivers\epstwnt.mpd

S1 EACMOS;EACMOS;C:\WINDOWS\system32\drivers\EACMOS.SYS

S1 lusbaudio;Logitech USB-mikrofon;C:\WINDOWS\system32\drivers\OVSound2.sys

S1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys

S2 PavProc;Panda Process Protection Driver;\??\C:\WINDOWS\system32\DRIVERS\PavProc.sys

S2 SHARSHTL;Shuttle Sharer;C:\WINDOWS\system32\Drivers\sharshtl.sys

S3 dot4ufd;HP Dot4usb Filter;C:\WINDOWS\system32\DRIVERS\hppaufd0.sys

S3 QCEmerald;Logitech QuickCam Web;C:\WINDOWS\system32\DRIVERS\OVCE.sys

S3 SetupNTGLM7X;SetupNTGLM7X;\??\D:\NTGLM7X.sys

 

*Newly Created Service* - CATCHME

*Newly Created Service* - NMSCFG

.

Contents of the 'Scheduled Tasks' folder

"2007-11-05 08:45:20 C:\WINDOWS\Tasks\RegCure Program Check.job"

- C:\Program\RegCure\RegCure.exe

"2007-10-23 20:02:27 C:\WINDOWS\Tasks\RegCure.job"

- C:\Program\RegCure\RegCure.exe

"2007-11-05 02:30:00 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"

- C:\Program\RegistrySmart\RegistrySmart.exe

.

**************************************************************************

 

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-11-05 13:03:21

Windows 5.1.2600 Service Pack 2 NTFS

 

detected NTDLL code modification:

ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2007-11-05 13:06:05

C:\ComboFix.2006-08-14.190002.txt ... 2006-08-14 16:36

C:\ComboFix2.txt ... 2006-08-14 18:28

.

--- E O F ---

[/log]

 

 

Och en nyare HJT

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:33:48, on 2007-11-05

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

C:\Program\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\system32\crypserv.exe

C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe

C:\Program\ewido anti-spyware 4.0\guard.exe

C:\WINDOWS\System32\NMSSvc.exe

C:\Program\Compaq\Easy Access Button Support\StartEAK.exe

C:\Program\Delade filer\Logitech\QCDriver\LVCOMS.EXE

C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe

C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Ahead\InCD\InCD.exe

C:\Program\Delade filer\FotoNation\EvLstnr.exe

C:\Program\DATACA~1\FLashKsk.exe

C:\Program\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe

C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program\Microsoft IntelliPoint\point32.exe

C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE

C:\WINDOWS\system32\CTHELPER.EXE

C:\Compaq\EAKDRV\EAUSBKBD.EXE

C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program\Delade filer\ACD Systems\EN\DevDetect.exe

C:\Program\Spamihilator\spamihilator.exe

C:\Program\Hewlett-Packard\Toolbox\jre\bin\javaw.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

C:\Program\Compaq\EASYAC~1\BttnServ.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe

C:\Program\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\explorer.exe

C:\HT\HjT.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\avciman.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\psimreal.exe

C:\WINDOWS\system32\HPBPRO.EXE

C:\WINDOWS\system32\HPBPRO.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eniro.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=041d&s=search&ap=b204

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\Compaq\Easy Access Button Support\StartEAK.exe

O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Program\Delade filer\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [hpppt] C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe /ICON

O4 - HKLM\..\Run: [HP Lamp] C:\Program\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [EVENTLISTENER] C:\Program\Delade filer\FotoNation\EvLstnr.exe

O4 - HKLM\..\Run: [DataCaching] C:\Program\DATACA~1\FLashKsk.exe

O4 - HKLM\..\Run: [statusClient 2.6] C:\Program\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto

O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program\Hewlett-Packard\Toolbox\hpbpsttp.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [spamihilator] "C:\Program\Spamihilator\spamihilator.exe"

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_9 -reboot 1

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program\Delade filer\Autodesk Shared\acstart16.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///F:/Program/AcPreview.ocx

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program\Ahead\InCD\InCDsrv.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Panda Software Controller - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe (file missing)

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program\Delade filer\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

 

--

End of file - 12223 bytes

[/log]

[inlägget ändrat 2007-11-05 13:36:22 av Kjell S]

Link to comment
Share on other sites

Vad innehåller mappen C:\TEMP\Anti spy?

 

Jag ser inget otrevligt i loggarna längre.

Har du uppgraderat Ewido och skannat igenom datorn med det?

Hur uppför sig datorn?

 

Link to comment
Share on other sites

Vad innehåller mappen C:\TEMP\Anti spy?

 

Där ligger några av de nedladdade programfilerna som jag fått goda råd om att jag behöver. t.ex. Super antispyware osv.

 

Ewido ska jag uppgradera.....

 

Det ursprungliga felet med AutoCad 2002 kvarstår.

 

 

 

 

 

 

Link to comment
Share on other sites

Där ligger några av de nedladdade programfilerna som jag fått goda råd om att jag behöver. t.ex. Super antispyware osv.
Då var ju det lugnt i alla fall.

 

Vi får väl se om Ewido hittar något mer. Du kan också pröva med en online-skanning:

http://www.kaspersky.com/virusscanner

http://www.eset.eu/online-scanner

 

Sedan kan du ju alltid testa om en ominstallation av Auto-CAD hjälper.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...