kommer inte in på windows xp, virus?

[CSO]

nej finns ingen sådan fil kvar... nej, det är typ IO manager has detected defaults on the drivers you have chosen to verifier, eller något sådant.

 

[Zipp.]

 

Gör detta som jag skrev en gång till = 12 maj 2008 10:46

 

[CSO]

här kommer länken: http://skickafilen.se/download.jsp?fileid=7eN4wEtTWuZTHhLNvnVj

 

[Zipp.]

 

Enligt denna .dmp fil så är problemet i ndisuio.sys

Testa att installera om den.

 

[Cecilia]

Enligt denna .dmp fil så är problemet i ndisuio.sys

Testa att installera om den.

Och det är en del av drivrutiner för trådlösa nätverkskort eller Bluetooth-enheter, så det är sådana som kan vara bra att installera om.

http://www.nordichardware.se/forum/viewtopic.php?topic=164523&forum=42

 

 

[CSO]

Okej... hur installerar jag om dessa? Har ju just då trådlöst nätverk också.

 

[Zipp.]

 

Det följde väl med en CD i trådlösa paketet.

Först avinstallera och sen installera drivrutinerna till nätverkskortet.

 

[CSO]

ajdå, dick inte att avinstallera D-link - som adaptern heter, i felsäkert läge.

 

[Zipp.]

 

Testa att inaktivera nätvärkskort och pröva om datorn startar normalt.

 

[CSO]

Och hur gör jag det? :S Kan inte så mycket sånt här...

 

[Zipp.]

 

Skriv\ kopiera i Kör fältet devmgmt.msc och klicka ok

Där hittar du den och klicka på den och välj inaktivera

 

[CSO]

oj, det fanns typ 6 stycken. D-Link AirPlus G DWL-G122 Wireless USB Adapter(rev.C) - Packet Scheduler Miniport. så heter den första och resten heter samma sak fast # och ett nummer innan - Packet.... så t.ex #2 Packet... eller #3 Packet... förutom en som bara heter #5 och inget bakom. under den står det dock #5 Packet..

 

[Zipp.]

 

Testa att köra detta först och sen pröva att avinstallera

 

http://www.jsifaq.com/DL/SafeMSI.zip

 

[Zipp.]

 

http://www.gur.in/j/index.php?option=com_docman&task=doc_details&gid=72&Itemid=58

 

[CSO]

Nej, det gick ändå inte.

 

[Zipp.]

 

Testa att inaktivera alla Wireless i devmgmt.msc och starta normalt.

 

[CSO]

Så, jag inaktiverade alla, datorn startade bra så jag avinstallerade dom och installerade sedan om D-link igen. Sen tog det lite tid att ansluta till internet men nu fungerar det som det ska. Hoppas verkligen att det inte kommer upp fler bluescreen nu. Men är alla virus borta och sådär?

 

[Zipp.]

 

Bra om det funkar nu entligen

Kör Deckards och skicka main.txt

 

[CSO]

Ja, men tror det fungerar. Startat datorn flera gånger utan problem nu, tacl för all hjälp!

Här kommer loggen, hoppas det ser bra ut

 

[log]Deckard's System Scanner v20071014.68

Run by caroline on 2008-05-25 20:24:44

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

 

 

-- HijackThis (run as caroline.exe) --------------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:25:14, on 2008-05-25

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\COMODO\Firewall\cmdagent.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Roxio\Media Experience\DMXLauncher.exe

C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\D-Link\AirPlus G\AirGCFG.exe

C:\Program Files\Comodo\Css\cssurf.exe

C:\Program Files\COMODO\Firewall\cfp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\cmd.exe

C:\Documents and Settings\caroline\Desktop\dss.exe

C:\PROGRA~1\TRENDM~1\HIJACK~1\caroline.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\cmd.exe

 

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1053

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: (no name) - {3A000524-5872-4AAB-8091-1D5CFC4EC720} - C:\WINDOWS\system32\mlJATjkL.dll (file missing)

O2 - BHO: (no name) - {623B6C68-B4D9-4C1B-A789-B378B48D229B} - C:\WINDOWS\system32\xxyyVOHx.dll (file missing)

O2 - BHO: (no name) - {67120148-1E3E-4B07-85D1-E73D8A43773B} - C:\WINDOWS\system32\pmnkKaWn.dll (file missing)

O2 - BHO: (no name) - {70CF0E53-42F0-4640-A672-52B14214439E} - C:\WINDOWS\system32\byXQJYQi.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: {c79a1fb1-c1b4-d6a8-dde4-a9b4952a2c1b} - {b1c2a259-4b9a-4edd-8a6d-4b1c1bf1a97c} - C:\WINDOWS\system32\msfxyfgg.dll (file missing)

O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [ucookw] "C:\PROGRA~1\TRYGGD~1\ucookw.exe" -start

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [bm(1)] "C:\Program Files\Common Files\BortMedVirus\bm.exe" dm=http://bortmedvirus.com ad=http://bortmedvirus.com sd=http://atour.bortmedvirus.com

O4 - HKLM\..\Run: [a4a5ac12] rundll32.exe "C:\WINDOWS\system32\fpcubxxk.dll",b

O4 - HKLM\..\Run: [bMa7969f8e] Rundll32.exe "C:\WINDOWS\system32\xoghpywg.dll",s

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [css] C:\Program Files\Comodo\Css\cssurf.exe /s

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [arjnyorp] C:\WINDOWS\system32\doxefura.exe

O4 - HKCU\..\Run: [e©ùýùÇûï×óÎØøøÁøôóÊýÛñûöÞó] C:\Program Files\XP Antivirus\xpa.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\caroline\Start Menu\Programs\IMVU\Run IMVU.lnk

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\PROGRA~1\Comodo\Css\cssdll32.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: byXrroOE - byXrroOE.dll (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 

--

End of file - 12685 bytes

 

-- Files created between 2008-04-25 and 2008-05-25 -----------------------------

 

2008-05-25 18:39:10 0 d-------- C:\Program Files\AskSBar

2008-05-25 18:38:16 0 d-------- C:\Documents and Settings\caroline\Application Data\Comodo

2008-05-25 18:38:12 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo

2008-05-25 18:38:11 0 d-------- C:\Program Files\COMODO

2008-05-25 18:29:46 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2008-05-25 18:29:42 0 d-------- C:\Program Files\SUPERAntiSpyware

2008-05-25 18:29:42 0 d-------- C:\Documents and Settings\caroline\Application Data\SUPERAntiSpyware.com

2008-05-25 18:17:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

2008-05-25 17:42:17 36864 --a------ C:\WINDOWS\system32\ANIOApi.dll <Not Verified; Alpha Networks Inc.; ANIO Helper DLL API library>

2008-05-25 17:42:17 50176 --a------ C:\WINDOWS\system32\ANIO64.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>

2008-05-25 17:42:17 11904 --a------ C:\WINDOWS\system32\anio4.sys <Not Verified; ANI; ANIO (NDIS4) Driver>

2008-05-25 17:42:17 24288 --a------ C:\WINDOWS\system32\ANIO.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>

2008-05-25 17:42:06 163840 --a------ C:\WINDOWS\system32\WlanApp.dll <Not Verified; Alpha Networks Inc.; WlanApp Dynamic Link Library>

2008-05-25 17:42:06 237568 --a------ C:\WINDOWS\system32\wlanapi.dll <Not Verified; Alpha Networks Inc.; WLANAPI Dynamic Link Library>

2008-05-25 17:42:06 1327189 --a------ C:\WINDOWS\system32\odSupp_M.dll <Not Verified; Funk Software, Inc.; Odyssey Supplicant Toolkit>

2008-05-25 17:42:06 49152 --a------ C:\WINDOWS\system32\JJAKEn.dll <Not Verified; ; JJAKEn Dynamic Link Library>

2008-05-25 17:42:06 49152 --a------ C:\WINDOWS\system32\AQCKGen.dll <Not Verified; Alpha Networks Inc.; AQuickKey Generator>

2008-05-25 17:42:06 630784 --a------ C:\WINDOWS\system32\ANIWZCS2.dll <Not Verified; Alpha Networks Inc.; ANIWZCS Dynamic Link Library>

2008-05-25 17:42:06 57407 --a------ C:\WINDOWS\system32\ANICtl.dll <Not Verified; Alpha Networks Inc.; DevCtrl Dynamic Link Library>

2008-05-25 17:42:06 204800 --a------ C:\WINDOWS\system32\aIPH.dll <Not Verified; Alpha Networks Inc.; IPH Dynamic Link Library>

2008-05-25 17:42:06 0 d-------- C:\Program Files\ANI

2008-05-17 10:27:56 55871 --a------ C:\Documents and Settings\caroline\gpqxfvie.exe

2008-05-13 15:19:16 0 d-------- C:\Documents and Settings\caroline\Application Data\GetRightToGo

2008-05-01 23:38:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe

2008-04-30 20:16:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia

2008-04-30 20:14:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla

2008-04-28 22:52:21 5816 --a------ C:\WINDOWS\system32\tmp.reg

2008-04-28 22:51:56 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe

2008-04-28 22:51:56 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >

2008-04-28 22:51:56 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>

2008-04-28 22:51:56 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>

2008-04-28 22:51:56 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>

2008-04-28 22:51:56 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>

2008-04-28 22:51:56 51200 --a------ C:\WINDOWS\system32\dumphive.exe

2008-04-28 22:51:56 82944 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>

2008-04-28 22:51:55 0 d-------- C:\Documents and Settings\caroline\SmitfraudFix <SMITFR~1>

2008-04-28 17:46:21 0 d-------- C:\WINDOWS\ERUNT

2008-04-26 11:06:44 0 d-------- C:\Documents and Settings\caroline\Application Data\Help

2008-04-25 18:49:20 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft

2008-04-25 18:46:34 0 d--h----- C:\Documents and Settings\Administrator\Templates

2008-04-25 18:46:34 0 dr------- C:\Documents and Settings\Administrator\Start Menu

2008-04-25 18:46:34 0 dr-h----- C:\Documents and Settings\Administrator\SendTo

2008-04-25 18:46:34 0 d--h----- C:\Documents and Settings\Administrator\Recent

2008-04-25 18:46:34 0 d--h----- C:\Documents and Settings\Administrator\PrintHood

2008-04-25 18:46:34 0 d--h----- C:\Documents and Settings\Administrator\NetHood

2008-04-25 18:46:34 0 d-------- C:\Documents and Settings\Administrator\My Documents

2008-04-25 18:46:34 0 d--h----- C:\Documents and Settings\Administrator\Local Settings

2008-04-25 18:46:34 0 d-------- C:\Documents and Settings\Administrator\Favorites

2008-04-25 18:46:34 0 d-------- C:\Documents and Settings\Administrator\Desktop

2008-04-25 18:46:34 0 d---s---- C:\Documents and Settings\Administrator\Cookies

2008-04-25 18:46:34 0 dr-h----- C:\Documents and Settings\Administrator\Application Data

2008-04-25 18:46:34 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft

2008-04-25 18:46:34 0 d-------- C:\Documents and Settings\Administrator\Application Data\Desperate Housewives

2008-04-25 18:46:33 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT

2008-04-25 13:15:27 409600 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>

2008-04-25 13:04:25 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

 

 

-- Find3M Report ---------------------------------------------------------------

 

2008-05-25 18:22:08 0 d-------- C:\Program Files\DAEMON Tools Lite

2008-05-25 18:18:32 0 d-------- C:\Program Files\Common Files

2008-05-25 17:42:17 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-05-13 16:29:20 0 d-------- C:\Program Files\Pinnacle

2008-05-09 22:35:48 0 d-------- C:\Documents and Settings\caroline\Application Data\Adobe

2008-05-05 13:58:17 0 d-------- C:\Program Files\dummsn

2008-05-04 20:05:16 0 d-------- C:\Program Files\Red Mile Entertainment

2008-05-04 20:02:18 0 d-------- C:\Documents and Settings\caroline\Application Data\PC Tools

2008-05-02 21:41:11 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

2008-04-25 15:11:20 0 d-------- C:\Program Files\LimeWire

2008-04-25 13:15:27 114688 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions © Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL Library>

2008-04-25 13:14:05 0 d-------- C:\Program Files\PAN Vision

2008-04-22 22:14:21 0 d-------- C:\Documents and Settings\caroline\Application Data\TmpRecentIcons

2008-04-21 21:10:44 0 d-------- C:\Documents and Settings\caroline\Application Data\DAEMON Tools

2008-04-21 18:43:49 0 d-------- C:\Program Files\NeroInstall.bak

2008-04-21 18:42:04 0 d-------- C:\Documents and Settings\caroline\Application Data\Nero

2008-04-21 18:40:32 0 d-------- C:\Program Files\Common Files\Nero

2008-04-21 18:39:16 0 d-------- C:\Program Files\Nero

2008-04-21 18:00:56 0 d-------- C:\Program Files\SlySoft

2008-04-21 17:46:44 0 d-------- C:\Documents and Settings\caroline\Application Data\ImgBurn

2008-04-21 17:43:26 0 d-------- C:\Program Files\ImgBurn

2008-04-20 23:59:54 0 d-------- C:\Program Files\IZArc

2008-04-20 15:30:32 0 d-------- C:\Documents and Settings\caroline\Application Data\LimeWire

2008-04-18 17:05:52 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >

2008-04-18 16:44:08 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>

2008-04-12 15:30:34 0 d-------- C:\Program Files\Common Files\PC Tools

2008-04-12 13:45:49 0 d-------- C:\Program Files\Hewlett-Packard

2008-03-27 20:29:25 0 d-------- C:\Program Files\Java

2008-03-27 20:28:20 0 d-------- C:\Program Files\Common Files\Java

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

2008-05-25 18:39 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3A000524-5872-4AAB-8091-1D5CFC4EC720}]

C:\WINDOWS\system32\mlJATjkL.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{623B6C68-B4D9-4C1B-A789-B378B48D229B}]

C:\WINDOWS\system32\xxyyVOHx.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{67120148-1E3E-4B07-85D1-E73D8A43773B}]

C:\WINDOWS\system32\pmnkKaWn.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{70CF0E53-42F0-4640-A672-52B14214439E}]

C:\WINDOWS\system32\byXQJYQi.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b1c2a259-4b9a-4edd-8a6d-4b1c1bf1a97c}]

C:\WINDOWS\system32\msfxyfgg.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]

2008-05-25 18:39 262144 --a------ C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 20:51]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-11 07:47]

"nwiz"="nwiz.exe" [2005-11-11 07:47 C:\WINDOWS\system32\nwiz.exe]

"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-08-10 12:10]

"DMXLauncher"="C:\Program Files\Roxio\Media Experience\DMXLauncher.exe" [2006-08-14 01:07]

"RoxioDragToDisc"="C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-07-31 09:00]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-11-11 07:47]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 03:07 C:\WINDOWS\system32\bthprops.cpl]

"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50]

"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 15:42]

"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 17:26]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16]

"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-03-21 00:09]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25]

"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 21:21]

"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 09:59]

"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 16:29]

"ucookw"="C:\PROGRA~1\TRYGGD~1\ucookw.exe" []

"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

"bm(1)"="C:\Program Files\Common Files\BortMedVirus\bm.exe" []

"a4a5ac12"="C:\WINDOWS\system32\fpcubxxk.dll" []

"BMa7969f8e"="C:\WINDOWS\system32\xoghpywg.dll" []

"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 18:19]

"D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 15:04]

"css"="C:\Program Files\Comodo\Css\cssurf.exe" [2008-05-22 16:16]

"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-05-25 18:38]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:07]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-27 13:08]

"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-03-21 00:09]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 17:07]

"arjnyorp"="C:\WINDOWS\system32\doxefura.exe" []

"e©ùýùÇûï×óÎØøøÁøôóÊýÛñûöÞó"="C:\Program Files\XP Antivirus\xpa.exe" []

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-13 12:43]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:35]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

 

C:\Documents and Settings\caroline\Start Menu\Programs\StartupAdobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-02-12 22:54:03]

 

C:\Documents and Settings\All Users\Start Menu\Programs\StartupAdobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-02-12 22:54:03]

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-11-29 19:55:44]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byXrroOE]

byXrroOE.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"= C:\WINDOWS\system32\guard32.dll C:\PROGRA~1\Comodo\Css\cssdll32.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmnkKaWn

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs BthServ

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]

AutoRun\command- D:\AUTORUN.EXE

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{908bbcf2-bfaf-11dc-a40c-000ea132e704}]

Auto\command- H:\Start.exe

AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

 

*Newly Created Service* - CMDAGENT

*Newly Created Service* - CMDGUARD

*Newly Created Service* - CMDHLP

*Newly Created Service* - INSPECT

 

 

 

-- End of Deckard's System Scanner: finished at 2008-05-25 20:26:51 ------------[/log]

 

[Zipp.]

 

[log]Avinstallera via Kontrollpanelen = AskSBar

Sen ta bort med dolda filer synliga om hittas

 

C:\PROGRA~1\TRYGGD~1\

C:\Program Files\AskSBar\

C:\Program Files\Common Files\BortMedVirus\

C:\Program Files\XP Antivirus\

C:\WINDOWS\system32\doxefura.exe

C:\Documents and Settings\caroline\gpqxfvie.exe

 

Scanna och skicka en ny Hijack log efter det[/log]