Just nu i M3-nätverket
Jump to content

foto?? haha


Bullhull

Recommended Posts

Det betyder att din dator är infekterad av en MSN-mask, en typ av skadligt program, och därför behöver datorn rensas från skadliga filer. Vi kan se vad DDS visar till att börja med. Ladda ner DDS till Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

 

Starta programmet (i Vista högerklicka och Kör som administratör).

Tryck Yes/Ja på frågan om Optional Scan.

 

I ditt svar bifogar du de två loggarna DSS.txt och Attach.txt i ditt svar på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen nappen i Besvara-fönstret´

Upprepa med nästa logg.

 

Jag flyttar dessutom tråden till forumet Virus, skadliga program & botemedel

Cecilia - Moderator för Diskutera Eforum

 

Link to comment
Share on other sites

[log]

DDS (Ver_09-03-16.01) - NTFSx86

Run by OSSI at 23:36:23,40 on 2009-04-07

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.1535.782 [GMT 2:00]

 

AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Updated)

 

============== Running Processes ===============

 

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\CDBurnerXP\NMSAccessU.exe

C:\Program\Eset\nod32krn.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program\Spyware Doctor\pctsAuxs.exe

C:\Program\Spyware Doctor\pctsSvc.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Eset\nod32kui.exe

C:\Program\Logitech\iTouch\iTouch.exe

C:\Program\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program\ScanSoft\PaperPort\pptd40nt.exe

C:\Program\Sms och mms i datorn Desktop\mw.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\Program\VIA\VIAudioi\SBADeck\ADeck.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program\Spyware Doctor\pctsTray.exe

C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\Steam\Steam.exe

C:\Program\ManyCam 2.4\ManyCam.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\DESKMA~1\Manager.exe

C:\Program\DESKMA~1\Sprite.exe

C:\Program\IncrediMail\bin\IMApp.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\alg.exe

C:\Program\Windows Live\Messenger\msnmsgr.exe

C:\Program\Windows Live\Contacts\wlcomm.exe

C:\Program\Java\jre6\bin\jucheck.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Windows Live\Toolbar\wltuser.exe

C:\Documents and Settings\OSSI\Lokala inställningar\Temporary Internet Files\Content.IE5\D160KPAC\dds[1].scr

C:\WINDOWS\System32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://aftonbladet.se/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = localhost

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SearchHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program\java\jre6\bin\ssv.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.0.926.3450\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program\google\google toolbar\component\fastsearch_219B3E1547538286.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll

BHO: TBHelper Class: {e46a2169-e328-471a-9788-f2b52bb9c681} - c:\program\sms och mms i datorn desktop\miebho2.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Sms och mms i datorn: {6b49f76b-190a-4fc6-83ea-baad234baff8} - c:\program\sms och mms i datorn desktop\mie2.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll

TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

uRun: [incrediMail] c:\program\incredimail\bin\IncMail.exe /c

uRun: [steam] "c:\program\steam\Steam.exe" -silent

uRun: [ManyCam] "c:\program\manycam 2.4\ManyCam.exe"

uRun: [swg] c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [sUPERAntiSpyware] c:\program\superantispyware\SUPERAntiSpyware.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [nod32kui] "c:\program\eset\nod32kui.exe" /WAITSERVICE

mRun: [zBrowser Launcher] c:\program\logitech\itouch\iTouch.exe

mRun: [GrooveMonitor] "c:\program\microsoft office\office12\GrooveMonitor.exe"

mRun: [sSBkgdUpdate] "c:\program\delade filer\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] c:\program\scansoft\paperport\pptd40nt.exe

mRun: [indexSearch] c:\program\scansoft\paperport\IndexSearch.exe

mRun: [sms och mms i datorn Desktop] "c:\program\sms och mms i datorn desktop\mw.exe" /AutoStart

mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe"

mRun: [AudioDeck] c:\program\via\viaudioi\sbadeck\ADeck.exe 1

mRun: [DeskMateAutoUpdate] c:\program\deskma~1\DeskMateAutoUpdate.exe

mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [iSTray] "c:\program\spyware doctor\pctsTray.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

StartupFolder: c:\docume~1\ossi\start-~1\program\autost~1\fatbde~1.lnk - c:\program\deskmates\fatb\FatB.exe

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\adobeg~1.lnk - c:\program\delade filer\adobe\calibration\Adobe Gamma Loader.exe

IE: E&xportera till Microsoft Excel - c:\program\micros~2\office12\EXCEL.EXE/3000

IE: Skicka som mms... - file://c:\program\sms och mms i datorn desktop\sendmms.htm

IE: Skicka som sms... - file://c:\program\sms och mms i datorn desktop\sendsms.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~2\office12\REFIEBAR.DLL

LSP: imon.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206381158359

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://support.f-secure.com/ols/fscax.cab

DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program\microsoft office\office12\GrooveSystemServices.dll

Notify: !SASWinLogon - c:\program\superantispyware\SASWINLO.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program\superantispyware\SASSEH.DLL

 

============= SERVICES / DRIVERS ===============

 

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-4-7 130424]

R1 SASKUTIL;SASKUTIL;c:\program\superantispyware\SASKUTIL.SYS [2009-2-17 55024]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-2-23 55152]

R2 NOD32krn;NOD32 Kernel Service;c:\program\eset\nod32krn.exe [2008-3-24 507904]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program\spyware doctor\pctsAuxs.exe [2009-4-7 348752]

R2 sdCoreService;PC Tools Security Service;c:\program\spyware doctor\pctsSvc.exe [2009-4-7 1095560]

R2 SeaPort;SeaPort;c:\program\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]

R3 SASENUM;SASENUM;c:\program\superantispyware\SASENUM.SYS [2009-2-17 7408]

S1 SASDIFSV;SASDIFSV;c:\program\superantispyware\SASDIFSV.SYS [2009-2-17 9968]

S3 fsssvc;Windows Live Family Safety;c:\program\windows live\family safety\fsssvc.exe [2009-2-6 533360]

S3 getPlus® Helper;getPlus® Helper;c:\program\nos\bin\getPlus_HelperSvc.exe [2009-3-25 33176]

 

=============== Created Last 30 ================

 

2009-04-07 17:11 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys

2009-04-07 17:11 130,424 a------- c:\windows\system32\drivers\PCTCore.sys

2009-04-07 17:11 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys

2009-04-07 17:11 <DIR> --d----- c:\program\delade filer\PC Tools

2009-04-07 17:11 64,392 a------- c:\windows\system32\drivers\pctplsg.sys

2009-04-07 17:10 <DIR> --d----- c:\program\Spyware Doctor

2009-04-07 17:10 <DIR> --d----- c:\docume~1\ossi\applic~1\PC Tools

2009-04-07 17:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools

2009-04-07 16:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2009-04-07 16:53 <DIR> --d----- c:\program\SUPERAntiSpyware

2009-04-07 16:53 <DIR> --d----- c:\docume~1\ossi\applic~1\SUPERAntiSpyware.com

2009-04-07 16:53 <DIR> --d----- c:\program\delade filer\Wise Installation Wizard

2009-04-06 23:33 83,456 a------- c:\windows\system32\drivers\ovfsth.sys

2009-04-06 23:30 <DIR> a-dshr-- C:\cmdcons

2009-04-06 23:28 161,792 a------- c:\windows\SWREG.exe

2009-04-06 23:28 98,816 a------- c:\windows\sed.exe

2009-04-06 23:28 49,152 a------- c:\windows\VFIND.exe

2009-04-06 23:23 <DIR> --d----- c:\program\Trend Micro

2009-04-06 13:07 131,072 a------- c:\windows\system32\winsetup64.exe

2009-04-06 09:15 43 a------- c:\windows\system32\ovfsthonpsljvwqohbtdikpdwemqxvirxlllfy.dat

2009-04-06 09:14 60,416 a------- c:\windows\system32\ovfsthqekwbmkdvbqjnlhossmerymttsjbnomr.dll

2009-04-06 09:14 18,944 a------- c:\windows\system32\ovfsthbnqppxrsjhdyrvtvqueaxxrtylmdhuoy.dll

2009-04-06 09:14 18,432 a------- c:\windows\system32\ovfsthuriydwkrxfndooifeplmwfmrmmycmttb.dll

2009-04-06 09:14 10,164 a------- c:\windows\system32\ovfsthkupqxvsmtfxwnsxmvolaefxjqtagxvui.dat

2009-03-24 10:40 <DIR> --d----- c:\program\ManyCam 2.4

2009-03-24 10:40 <DIR> --d----- c:\docume~1\ossi\applic~1\ManyCam

 

==================== Find3M ====================

 

2009-04-06 10:52 516,416 a------- c:\windows\system32\perfh01D.dat

2009-04-06 10:52 101,328 a------- c:\windows\system32\perfc01D.dat

2009-02-09 16:07 1,846,784 a------- c:\windows\system32\win32k.sys

2009-02-06 20:13 308,088 a------- c:\windows\WLXPGSS.SCR

2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll

2008-09-21 19:22 32,768 a--sh--- c:\windows\system32\config\systemprofile\lokala inställningar\tidigare\history.ie5\mshist012008092120080922\index.dat

 

============= FINISH: 23:37:40,71 ===============

[/log]

[log]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_09-03-16.01)

 

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 2008-03-24 18:10:48

System Uptime: 2009-04-07 17:30:01 (6 hours ago)

 

Motherboard: ECS | | M950

Processor: Intel® Pentium® 4 CPU 2.80GHz | FC-478 | 2800/133mhz

 

==== Disk Partitions =========================

 

A: is Removable

C: is FIXED (NTFS) - 92 GiB total, 58,031 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is CDROM (CDFS)

J: is Removable

O: is FIXED (NTFS) - 20 GiB total, 9,544 GiB free.

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP300: 2009-01-08 14:28:47 - Systemkontrollpunkt

RP301: 2009-01-10 10:26:46 - Systemkontrollpunkt

RP302: 2009-01-11 11:09:13 - Systemkontrollpunkt

RP303: 2009-01-14 23:53:19 - Software Distribution Service 3.0

RP304: 2009-01-17 11:38:27 - Systemkontrollpunkt

RP305: 2009-01-18 11:52:11 - Systemkontrollpunkt

RP306: 2009-01-20 14:54:20 - Installed Creative WebCam NX

RP307: 2009-01-20 14:54:33 - Installed PC-CAM Center

RP308: 2009-01-20 15:03:36 - Installed Creative WebCam NX

RP309: 2009-01-20 15:03:47 - Removed PC-CAM Center

RP310: 2009-01-20 15:32:33 - Removed Google Toolbar for Internet Explorer

RP311: 2009-01-23 10:48:08 - Systemkontrollpunkt

RP312: 2009-01-25 19:38:22 - Systemkontrollpunkt

RP313: 2009-01-26 20:35:39 - Systemkontrollpunkt

RP314: 2009-01-27 21:35:27 - Systemkontrollpunkt

RP315: 2009-01-28 23:56:34 - Systemkontrollpunkt

RP316: 2009-01-30 11:14:41 - Systemkontrollpunkt

RP317: 2009-01-31 14:13:01 - Systemkontrollpunkt

RP318: 2009-02-02 12:08:26 - Systemkontrollpunkt

RP319: 2008-02-03 07:41:34 - Systemkontrollpunkt

RP320: 2008-02-04 15:16:11 - Systemkontrollpunkt

RP321: 2009-02-06 13:56:01 - Systemkontrollpunkt

RP322: 2009-02-07 14:49:50 - Systemkontrollpunkt

RP323: 2009-02-10 21:03:39 - Systemkontrollpunkt

RP324: 2009-02-11 23:39:29 - Software Distribution Service 3.0

RP325: 2009-02-13 09:26:18 - Systemkontrollpunkt

RP326: 2009-02-14 12:32:10 - Systemkontrollpunkt

RP327: 2009-02-15 13:00:35 - Systemkontrollpunkt

RP328: 2009-02-16 17:23:32 - Systemkontrollpunkt

RP329: 2009-02-17 21:35:34 - Systemkontrollpunkt

RP330: 2009-02-18 21:52:44 - Systemkontrollpunkt

RP331: 2009-02-20 09:50:20 - Systemkontrollpunkt

RP332: 2009-02-21 10:07:03 - Systemkontrollpunkt

RP333: 2009-02-22 10:47:30 - Systemkontrollpunkt

RP334: 2009-02-23 11:12:05 - Systemkontrollpunkt

RP335: 2009-02-23 17:57:24 - DirectX har installerats

RP336: 2009-02-25 23:04:08 - Systemkontrollpunkt

RP337: 2009-02-25 23:19:34 - Software Distribution Service 3.0

RP338: 2009-02-27 09:34:32 - Systemkontrollpunkt

RP339: 2009-02-28 19:35:25 - Systemkontrollpunkt

RP340: 2009-03-02 10:03:18 - Systemkontrollpunkt

RP341: 2009-03-03 10:35:42 - Systemkontrollpunkt

RP342: 2009-03-04 10:50:33 - Systemkontrollpunkt

RP343: 2009-03-04 13:02:10 - DirectX har installerats

RP344: 2009-03-04 13:04:20 - Installed Steam

RP345: 2009-03-05 10:42:40 - Software Distribution Service 3.0

RP346: 2009-03-06 13:34:13 - Systemkontrollpunkt

RP347: 2009-03-09 12:17:05 - Systemkontrollpunkt

RP348: 2009-03-10 12:26:49 - Systemkontrollpunkt

RP349: 2009-03-12 00:04:05 - Software Distribution Service 3.0

RP350: 2009-03-13 10:10:06 - Systemkontrollpunkt

RP351: 2009-03-14 16:05:03 - Systemkontrollpunkt

RP352: 2009-03-15 00:34:42 - Software Distribution Service 3.0

RP353: 2009-03-16 11:55:03 - Systemkontrollpunkt

RP354: 2009-03-18 05:46:56 - Systemkontrollpunkt

RP355: 2009-03-19 08:29:56 - Systemkontrollpunkt

RP356: 2009-03-20 20:02:52 - Systemkontrollpunkt

RP357: 2009-03-22 10:31:10 - Systemkontrollpunkt

RP358: 2009-03-23 13:30:32 - Systemkontrollpunkt

RP359: 2009-03-24 15:52:42 - Systemkontrollpunkt

RP360: 2009-03-25 11:39:46 - Adobe Reader 8.1.4 - Svenska togs bort

RP361: 2009-03-25 11:40:44 - Installed Adobe Reader 9.1 - Svenska.

RP362: 2009-03-26 14:57:27 - Systemkontrollpunkt

RP363: 2009-03-27 15:23:33 - Systemkontrollpunkt

RP364: 2009-03-29 12:00:10 - Systemkontrollpunkt

RP365: 2009-04-01 09:56:52 - Systemkontrollpunkt

RP366: 2009-04-02 10:25:32 - Systemkontrollpunkt

RP367: 2009-04-04 00:45:32 - Systemkontrollpunkt

RP368: 2009-04-05 10:46:15 - Systemkontrollpunkt

RP369: 2009-04-07 10:39:59 - Systemkontrollpunkt

RP370: 2009-04-07 16:53:53 - Installed SUPERAntiSpyware Free Edition

 

==== Installed Programs ======================

 

 

 

2007 Microsoft Office Suite Service Pack 1 (SP1)

Adobe Flash Player 10 ActiveX

Adobe PageMaker 6.5

Adobe Photoshop CS

Adobe Reader 9.1 - Svenska

Adobe Shockwave Player 11

Brother MFL-Pro Suite

CCleaner (remove only)

CDBurnerXP

Choice Guard

CoffeeCup Free FTP

Creative WebCam NX Driver (2.00.04.0000)

FatB DeskMate

getPlus® for Adobe

Google Earth

Google Toolbar for Internet Explorer

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.0 (KB932471)

Hotfix for Windows Media Format 11 SDK (KB929399)

IncrediMail

Java 2 Runtime Environment SE v1.4.1_01

Java Web Start

Java 6 Update 11

Java 6 Update 7

Junk Mail filter update

king.com (remove only)

Logitech Desktop Messenger

Lost in Reefs Deluxe

ManyCam 2.4 (remove only)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB928366)

Microsoft .NET Framework 1.1 Swedish Language Pack

Microsoft .NET Framework 2.0 Language Pack - SVE

Microsoft .NET Framework 2.0 Service Pack 1

Microsoft .NET Framework 3.0 Service Pack 1

Microsoft .NET Framework 3.0 Swedish Language Pack

Microsoft Application Error Reporting

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Access MUI (Swedish) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Groove MUI (Swedish) 2007

Microsoft Office InfoPath MUI (Swedish) 2007

Microsoft Office Live Add-in 1.3

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook MUI (Swedish) 2007

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Publisher MUI (Swedish) 2007

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word MUI (Swedish) 2007

Microsoft Search Enhancement Pack

Microsoft Software Update for Web Folders (Swedish) 12

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Move Networks Media Player for Internet Explorer

MSVCRT

MSXML 6.0 Parser (KB933579)

Nero 7 Demo

NOD32 antivirus system

NOD32 FiX v1.9

NVIDIA Windows 2000/XP Display Drivers

OGA Notifier 1.7.0105.35.0

OpenOffice.org Installer 1.0

PaperPort

Platform

Programvara för Logitech iTouch

QuickTime Alternative 1.69

QuickTime for Windows (32-bit)

RACE 07

RACE 07 Dedicated Server

Real Alternative 1.48

REALTEK GbE & FE Ethernet PCI NIC Driver

Security Update for 2007 Microsoft Office System (KB951550)

Security Update for 2007 Microsoft Office System (KB951944)

Security Update for 2007 Microsoft Office System (KB958439)

Security Update for Microsoft Office Excel 2007 (KB958437)

Security Update for Microsoft Office OneNote 2007 (KB950130)

Security Update for Microsoft Office PowerPoint 2007 (KB951338)

Security Update for Microsoft Office Publisher 2007 (KB950114)

Security Update for Microsoft Office system 2007 (KB954326)

Security Update for Microsoft Office system 2007 (KB956828)

Security Update for Microsoft Office Word 2007 (KB956358)

Security Update for Visio 2007 (KB947590)

Segoe UI

SmartFTP Client

Sms och mms i datorn Desktop

Snabbkorrigering för Windows Internet Explorer 7 (KB947864)

Snabbkorrigering för Windows Media Player 11 (KB939683)

Snabbkorrigering för Windows XP (KB952287)

SnS DeskMate

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB942615)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB958215)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB960714)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260)

Säkerhetsuppdatering för Windows Media Player (KB911564)

Säkerhetsuppdatering för Windows Media Player (KB952069)

Säkerhetsuppdatering för Windows Media Player 11 (KB936782)

Säkerhetsuppdatering för Windows Media Player 11 (KB954154)

Säkerhetsuppdatering för Windows Media Player 6.4 (KB925398)

Säkerhetsuppdatering för Windows Media Player 9 (KB911565)

Säkerhetsuppdatering för Windows XP (KB923789)

Säkerhetsuppdatering för Windows XP (KB938464-v2)

Säkerhetsuppdatering för Windows XP (KB938464)

Säkerhetsuppdatering för Windows XP (KB941569)

Säkerhetsuppdatering för Windows XP (KB946648)

Säkerhetsuppdatering för Windows XP (KB950760)

Säkerhetsuppdatering för Windows XP (KB950762)

Säkerhetsuppdatering för Windows XP (KB950974)

Säkerhetsuppdatering för Windows XP (KB951066)

Säkerhetsuppdatering för Windows XP (KB951376-v2)

Säkerhetsuppdatering för Windows XP (KB951376)

Säkerhetsuppdatering för Windows XP (KB951698)

Säkerhetsuppdatering för Windows XP (KB951748)

Säkerhetsuppdatering för Windows XP (KB952954)

Säkerhetsuppdatering för Windows XP (KB953839)

Säkerhetsuppdatering för Windows XP (KB954211)

Säkerhetsuppdatering för Windows XP (KB954459)

Säkerhetsuppdatering för Windows XP (KB954600)

Säkerhetsuppdatering för Windows XP (KB955069)

Säkerhetsuppdatering för Windows XP (KB956391)

Säkerhetsuppdatering för Windows XP (KB956802)

Säkerhetsuppdatering för Windows XP (KB956803)

Säkerhetsuppdatering för Windows XP (KB956841)

Säkerhetsuppdatering för Windows XP (KB957095)

Säkerhetsuppdatering för Windows XP (KB957097)

Säkerhetsuppdatering för Windows XP (KB958644)

Säkerhetsuppdatering för Windows XP (KB958687)

Säkerhetsuppdatering för Windows XP (KB958690)

Säkerhetsuppdatering för Windows XP (KB960225)

Säkerhetsuppdatering för Windows XP (KB960715)

Spyware Doctor 6.0

STCC - The Game

Steam

SUPERAntiSpyware Free Edition

Svenska Spels Poker

TPTEST 5.0.2

Update for Microsoft Office Outlook 2007 (KB952142)

Update for Office 2007 (KB946691)

Update for Outlook 2007 Junk Email Filter (kb962871)

Uppdatering för Windows XP (KB951072-v2)

Uppdatering för Windows XP (KB951978)

Uppdatering för Windows XP (KB955839)

Uppdatering för Windows XP (KB967715)

USB Mass Storage Toolbox

WebFldrs XP

VIA Plattform för enhetshanterare

Viktig uppdatering för Windows Media Player 11 (KB959772)

Windows Commander (Remove only)

Windows Communication Foundation Language Pack - SVE

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Internet Explorer 7

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live inloggningsassistenten

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Media Format 11 runtime

Windows Media Format SDK Hotfix - KB891122

Windows Media Player 11

Windows Presentation Foundation

Windows Presentation Foundation Language Pack (SVE)

Windows Workflow Foundation SV Language Pack

Windows XP Service Pack 3

WinZip

XML Paper Specification Shared Components Language Pack 1.0

XML Paper Specification Shared Components Pack 1.0

 

==== End Of File ===========================

[/log]

 

Link to comment
Share on other sites

Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://projects.securitywonks.net/projects/details.php?file=158

Dubbelklicka på mbam-setup för att installera programmet.

 

[log]Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar tillsammans med en ny DDS-logg.[/log]

 

Det är flera gamla Java-versioner med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera

Java 2 Runtime Environment SE v1.4.1_01

Java™ 6 Update 11

Java™ 6 Update 7

i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

Link to comment
Share on other sites

[log]Malwarebytes' Anti-Malware 1.36

Databasversion: 1949

Windows 5.1.2600 Service Pack 3

 

2009-04-08 01:33:37

mbam-log-2009-04-08 (01-33-37).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 71840

Förfluten tid: 4 minute(s), 26 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 1

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 6

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_LOCAL_MACHINE\SOFTWARE\Registry Helper (Rogue.RegistryHelper) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

C:\WINDOWS\system32\ovfsthbnqppxrsjhdyrvtvqueaxxrtylmdhuoy.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthuriydwkrxfndooifeplmwfmrmmycmttb.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\ovfsth.sys (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthqekwbmkdvbqjnlhossmerymttsjbnomr.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthkupqxvsmtfxwnsxmvolaefxjqtagxvui.dat (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthonpsljvwqohbtdikpdwemqxvirxlllfy.dat (Trojan.Agent) -> Quarantined and deleted successfully.

[/log]

 

här kommer maleware loggen skall starta om så kommer dds loggen

 

Link to comment
Share on other sites

[log]

DDS (Ver_09-03-16.01) - NTFSx86

Run by OSSI at 1:41:50,95 on 2009-04-08

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.1535.948 [GMT 2:00]

 

AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Updated)

 

============== Running Processes ===============

 

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\CDBurnerXP\NMSAccessU.exe

C:\Program\Eset\nod32krn.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program\Spyware Doctor\pctsAuxs.exe

C:\Program\Spyware Doctor\pctsSvc.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\OGAVerify.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\Program\Spyware Doctor\pctsTray.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program\Eset\nod32kui.exe

C:\Program\Logitech\iTouch\iTouch.exe

C:\Program\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program\ScanSoft\PaperPort\pptd40nt.exe

C:\Program\Sms och mms i datorn Desktop\mw.exe

C:\Program\VIA\VIAudioi\SBADeck\ADeck.exe

C:\Program\DESKMA~1\DeskMateAutoUpdate.exe

C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\IncrediMail\bin\IncMail.exe

C:\Program\Steam\Steam.exe

C:\Program\ManyCam 2.4\ManyCam.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\IncrediMail\bin\IMApp.exe

C:\Documents and Settings\OSSI\Skrivbord\dds.scr

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://aftonbladet.se/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = localhost

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SearchHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.0.926.3450\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program\google\google toolbar\component\fastsearch_219B3E1547538286.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll

BHO: TBHelper Class: {e46a2169-e328-471a-9788-f2b52bb9c681} - c:\program\sms och mms i datorn desktop\miebho2.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Sms och mms i datorn: {6b49f76b-190a-4fc6-83ea-baad234baff8} - c:\program\sms och mms i datorn desktop\mie2.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll

TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

uRun: [incrediMail] c:\program\incredimail\bin\IncMail.exe /c

uRun: [steam] "c:\program\steam\Steam.exe" -silent

uRun: [ManyCam] "c:\program\manycam 2.4\ManyCam.exe"

uRun: [swg] c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [sUPERAntiSpyware] c:\program\superantispyware\SUPERAntiSpyware.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [nod32kui] "c:\program\eset\nod32kui.exe" /WAITSERVICE

mRun: [zBrowser Launcher] c:\program\logitech\itouch\iTouch.exe

mRun: [GrooveMonitor] "c:\program\microsoft office\office12\GrooveMonitor.exe"

mRun: [sSBkgdUpdate] "c:\program\delade filer\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] c:\program\scansoft\paperport\pptd40nt.exe

mRun: [indexSearch] c:\program\scansoft\paperport\IndexSearch.exe

mRun: [sms och mms i datorn Desktop] "c:\program\sms och mms i datorn desktop\mw.exe" /AutoStart

mRun: [AudioDeck] c:\program\via\viaudioi\sbadeck\ADeck.exe 1

mRun: [DeskMateAutoUpdate] c:\program\deskma~1\DeskMateAutoUpdate.exe

mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [iSTray] "c:\program\spyware doctor\pctsTray.exe"

mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

StartupFolder: c:\docume~1\ossi\start-~1\program\autost~1\fatbde~1.lnk - c:\program\deskmates\fatb\FatB.exe

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\adobeg~1.lnk - c:\program\delade filer\adobe\calibration\Adobe Gamma Loader.exe

IE: E&xportera till Microsoft Excel - c:\program\micros~2\office12\EXCEL.EXE/3000

IE: Skicka som mms... - file://c:\program\sms och mms i datorn desktop\sendmms.htm

IE: Skicka som sms... - file://c:\program\sms och mms i datorn desktop\sendsms.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~2\office12\REFIEBAR.DLL

LSP: imon.dll

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206381158359

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://support.f-secure.com/ols/fscax.cab

DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program\microsoft office\office12\GrooveSystemServices.dll

Notify: !SASWinLogon - c:\program\superantispyware\SASWINLO.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program\superantispyware\SASSEH.DLL

 

============= SERVICES / DRIVERS ===============

 

R?2 sdCoreService;PC Tools Security Service;c:\program\spyware doctor\pctsSvc.exe [2009-4-7 1095560]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-4-7 130424]

R1 SASDIFSV;SASDIFSV;c:\program\superantispyware\SASDIFSV.SYS [2009-2-17 9968]

R1 SASKUTIL;SASKUTIL;c:\program\superantispyware\SASKUTIL.SYS [2009-2-17 55024]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-2-23 55152]

R2 NOD32krn;NOD32 Kernel Service;c:\program\eset\nod32krn.exe [2008-3-24 507904]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program\spyware doctor\pctsAuxs.exe [2009-4-7 348752]

R2 SeaPort;SeaPort;c:\program\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]

S3 fsssvc;Windows Live Family Safety;c:\program\windows live\family safety\fsssvc.exe [2009-2-6 533360]

S3 getPlus® Helper;getPlus® Helper;c:\program\nos\bin\getPlus_HelperSvc.exe [2009-3-25 33176]

S3 SASENUM;SASENUM;c:\program\superantispyware\SASENUM.SYS [2009-2-17 7408]

 

=============== Created Last 30 ================

 

2009-04-08 01:20 <DIR> d- c:\docume~1\ossi\applic~1\Malwarebytes

2009-04-08 01:20 15,504 a- c:\windows\system32\drivers\mbam.sys

2009-04-08 01:20 38,496 a- c:\windows\system32\drivers\mbamswissarmy.sys

2009-04-08 01:20 <DIR> d- c:\program\Malwarebytes' Anti-Malware

2009-04-08 01:20 <DIR> d- c:\docume~1\alluse~1\applic~1\Malwarebytes

2009-04-07 17:11 159,600 a- c:\windows\system32\drivers\pctgntdi.sys

2009-04-07 17:11 130,424 a- c:\windows\system32\drivers\PCTCore.sys

2009-04-07 17:11 73,840 a- c:\windows\system32\drivers\PCTAppEvent.sys

2009-04-07 17:11 <DIR> d- c:\program\delade filer\PC Tools

2009-04-07 17:11 64,392 a- c:\windows\system32\drivers\pctplsg.sys

2009-04-07 17:10 <DIR> d- c:\program\Spyware Doctor

2009-04-07 17:10 <DIR> d- c:\docume~1\ossi\applic~1\PC Tools

2009-04-07 17:10 <DIR> d- c:\docume~1\alluse~1\applic~1\PC Tools

2009-04-07 16:54 <DIR> d- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2009-04-07 16:53 <DIR> d- c:\program\SUPERAntiSpyware

2009-04-07 16:53 <DIR> d- c:\docume~1\ossi\applic~1\SUPERAntiSpyware.com

2009-04-07 16:53 <DIR> d- c:\program\delade filer\Wise Installation Wizard

2009-04-06 23:30 <DIR> a-dshr C:\cmdcons

2009-04-06 23:28 161,792 a- c:\windows\SWREG.exe

2009-04-06 23:28 98,816 a- c:\windows\sed.exe

2009-04-06 23:28 49,152 a- c:\windows\VFIND.exe

2009-04-06 23:23 <DIR> d- c:\program\Trend Micro

2009-04-06 13:07 131,072 a- c:\windows\system32\winsetup64.exe

2009-03-24 10:40 <DIR> d- c:\program\ManyCam 2.4

2009-03-24 10:40 <DIR> d- c:\docume~1\ossi\applic~1\ManyCam

 

==================== Find3M ====================

 

2009-04-06 10:52 516,416 a- c:\windows\system32\perfh01D.dat

2009-04-06 10:52 101,328 a- c:\windows\system32\perfc01D.dat

2009-03-09 05:19 410,984 a- c:\windows\system32\deploytk.dll

2009-02-21 08:25 691,592 a- c:\windows\system32\OGACheckControl.DLL

2009-02-09 16:07 1,846,784 a- c:\windows\system32\win32k.sys

2009-02-06 20:13 308,088 a- c:\windows\WLXPGSS.SCR

2009-02-06 19:52 49,504 a- c:\windows\system32\sirenacm.dll

2008-09-21 19:22 32,768 ash- c:\windows\system32\config\systemprofile\lokala inställningar\tidigare\history.ie5\mshist012008092120080922\index.dat

 

============= FINISH: 1:44:27,76 ===============

[/log]

 

 

 

 

 

[log]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_09-03-16.01)

 

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 2008-03-24 18:10:48

System Uptime: 2009-04-08 01:39:08 (0 hours ago)

 

Motherboard: ECS | | M950

Processor: Intel® Pentium® 4 CPU 2.80GHz | FC-478 | 2800/133mhz

 

==== Disk Partitions =========================

 

A: is Removable

C: is FIXED (NTFS) - 92 GiB total, 57,959 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is CDROM (CDFS)

J: is Removable

O: is FIXED (NTFS) - 20 GiB total, 9,544 GiB free.

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP300: 2009-01-08 14:28:47 - Systemkontrollpunkt

RP301: 2009-01-10 10:26:46 - Systemkontrollpunkt

RP302: 2009-01-11 11:09:13 - Systemkontrollpunkt

RP303: 2009-01-14 23:53:19 - Software Distribution Service 3.0

RP304: 2009-01-17 11:38:27 - Systemkontrollpunkt

RP305: 2009-01-18 11:52:11 - Systemkontrollpunkt

RP306: 2009-01-20 14:54:20 - Installed Creative WebCam NX

RP307: 2009-01-20 14:54:33 - Installed PC-CAM Center

RP308: 2009-01-20 15:03:36 - Installed Creative WebCam NX

RP309: 2009-01-20 15:03:47 - Removed PC-CAM Center

RP310: 2009-01-20 15:32:33 - Removed Google Toolbar for Internet Explorer

RP311: 2009-01-23 10:48:08 - Systemkontrollpunkt

RP312: 2009-01-25 19:38:22 - Systemkontrollpunkt

RP313: 2009-01-26 20:35:39 - Systemkontrollpunkt

RP314: 2009-01-27 21:35:27 - Systemkontrollpunkt

RP315: 2009-01-28 23:56:34 - Systemkontrollpunkt

RP316: 2009-01-30 11:14:41 - Systemkontrollpunkt

RP317: 2009-01-31 14:13:01 - Systemkontrollpunkt

RP318: 2009-02-02 12:08:26 - Systemkontrollpunkt

RP319: 2008-02-03 07:41:34 - Systemkontrollpunkt

RP320: 2008-02-04 15:16:11 - Systemkontrollpunkt

RP321: 2009-02-06 13:56:01 - Systemkontrollpunkt

RP322: 2009-02-07 14:49:50 - Systemkontrollpunkt

RP323: 2009-02-10 21:03:39 - Systemkontrollpunkt

RP324: 2009-02-11 23:39:29 - Software Distribution Service 3.0

RP325: 2009-02-13 09:26:18 - Systemkontrollpunkt

RP326: 2009-02-14 12:32:10 - Systemkontrollpunkt

RP327: 2009-02-15 13:00:35 - Systemkontrollpunkt

RP328: 2009-02-16 17:23:32 - Systemkontrollpunkt

RP329: 2009-02-17 21:35:34 - Systemkontrollpunkt

RP330: 2009-02-18 21:52:44 - Systemkontrollpunkt

RP331: 2009-02-20 09:50:20 - Systemkontrollpunkt

RP332: 2009-02-21 10:07:03 - Systemkontrollpunkt

RP333: 2009-02-22 10:47:30 - Systemkontrollpunkt

RP334: 2009-02-23 11:12:05 - Systemkontrollpunkt

RP335: 2009-02-23 17:57:24 - DirectX har installerats

RP336: 2009-02-25 23:04:08 - Systemkontrollpunkt

RP337: 2009-02-25 23:19:34 - Software Distribution Service 3.0

RP338: 2009-02-27 09:34:32 - Systemkontrollpunkt

RP339: 2009-02-28 19:35:25 - Systemkontrollpunkt

RP340: 2009-03-02 10:03:18 - Systemkontrollpunkt

RP341: 2009-03-03 10:35:42 - Systemkontrollpunkt

RP342: 2009-03-04 10:50:33 - Systemkontrollpunkt

RP343: 2009-03-04 13:02:10 - DirectX har installerats

RP344: 2009-03-04 13:04:20 - Installed Steam

RP345: 2009-03-05 10:42:40 - Software Distribution Service 3.0

RP346: 2009-03-06 13:34:13 - Systemkontrollpunkt

RP347: 2009-03-09 12:17:05 - Systemkontrollpunkt

RP348: 2009-03-10 12:26:49 - Systemkontrollpunkt

RP349: 2009-03-12 00:04:05 - Software Distribution Service 3.0

RP350: 2009-03-13 10:10:06 - Systemkontrollpunkt

RP351: 2009-03-14 16:05:03 - Systemkontrollpunkt

RP352: 2009-03-15 00:34:42 - Software Distribution Service 3.0

RP353: 2009-03-16 11:55:03 - Systemkontrollpunkt

RP354: 2009-03-18 05:46:56 - Systemkontrollpunkt

RP355: 2009-03-19 08:29:56 - Systemkontrollpunkt

RP356: 2009-03-20 20:02:52 - Systemkontrollpunkt

RP357: 2009-03-22 10:31:10 - Systemkontrollpunkt

RP358: 2009-03-23 13:30:32 - Systemkontrollpunkt

RP359: 2009-03-24 15:52:42 - Systemkontrollpunkt

RP360: 2009-03-25 11:39:46 - Adobe Reader 8.1.4 - Svenska togs bort

RP361: 2009-03-25 11:40:44 - Installed Adobe Reader 9.1 - Svenska.

RP362: 2009-03-26 14:57:27 - Systemkontrollpunkt

RP363: 2009-03-27 15:23:33 - Systemkontrollpunkt

RP364: 2009-03-29 12:00:10 - Systemkontrollpunkt

RP365: 2009-04-01 09:56:52 - Systemkontrollpunkt

RP366: 2009-04-02 10:25:32 - Systemkontrollpunkt

RP367: 2009-04-04 00:45:32 - Systemkontrollpunkt

RP368: 2009-04-05 10:46:15 - Systemkontrollpunkt

RP369: 2009-04-07 10:39:59 - Systemkontrollpunkt

RP370: 2009-04-07 16:53:53 - Installed SUPERAntiSpyware Free Edition

RP371: 2009-04-08 01:10:31 - Java 6 Update 13 installerades

 

==== Installed Programs ======================

 

 

 

2007 Microsoft Office Suite Service Pack 1 (SP1)

Adobe Flash Player 10 ActiveX

Adobe PageMaker 6.5

Adobe Photoshop CS

Adobe Reader 9.1 - Svenska

Adobe Shockwave Player 11

Brother MFL-Pro Suite

CCleaner (remove only)

CDBurnerXP

Choice Guard

CoffeeCup Free FTP

Creative WebCam NX Driver (2.00.04.0000)

FatB DeskMate

getPlus® for Adobe

Google Earth

Google Toolbar for Internet Explorer

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.0 (KB932471)

Hotfix for Windows Media Format 11 SDK (KB929399)

IncrediMail

Java 2 Runtime Environment SE v1.4.1_01

Java Web Start

Java 6 Update 13

Java 6 Update 7

Junk Mail filter update

king.com (remove only)

Logitech Desktop Messenger

Lost in Reefs Deluxe

Malwarebytes' Anti-Malware

ManyCam 2.4 (remove only)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB928366)

Microsoft .NET Framework 1.1 Swedish Language Pack

Microsoft .NET Framework 2.0 Language Pack - SVE

Microsoft .NET Framework 2.0 Service Pack 1

Microsoft .NET Framework 3.0 Service Pack 1

Microsoft .NET Framework 3.0 Swedish Language Pack

Microsoft Application Error Reporting

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Access MUI (Swedish) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Groove MUI (Swedish) 2007

Microsoft Office InfoPath MUI (Swedish) 2007

Microsoft Office Live Add-in 1.3

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook MUI (Swedish) 2007

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Publisher MUI (Swedish) 2007

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word MUI (Swedish) 2007

Microsoft Search Enhancement Pack

Microsoft Software Update for Web Folders (Swedish) 12

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Move Networks Media Player for Internet Explorer

MSVCRT

MSXML 6.0 Parser (KB933579)

Nero 7 Demo

NOD32 antivirus system

NOD32 FiX v1.9

NVIDIA Windows 2000/XP Display Drivers

OGA Notifier 1.7.0105.35.0

OpenOffice.org Installer 1.0

PaperPort

Platform

Programvara för Logitech iTouch

QuickTime Alternative 1.69

QuickTime for Windows (32-bit)

RACE 07

RACE 07 Dedicated Server

Real Alternative 1.48

REALTEK GbE & FE Ethernet PCI NIC Driver

Security Update for 2007 Microsoft Office System (KB951550)

Security Update for 2007 Microsoft Office System (KB951944)

Security Update for 2007 Microsoft Office System (KB958439)

Security Update for Microsoft Office Excel 2007 (KB958437)

Security Update for Microsoft Office OneNote 2007 (KB950130)

Security Update for Microsoft Office PowerPoint 2007 (KB951338)

Security Update for Microsoft Office Publisher 2007 (KB950114)

Security Update for Microsoft Office system 2007 (KB954326)

Security Update for Microsoft Office system 2007 (KB956828)

Security Update for Microsoft Office Word 2007 (KB956358)

Security Update for Visio 2007 (KB947590)

Segoe UI

SmartFTP Client

Sms och mms i datorn Desktop

Snabbkorrigering för Windows Internet Explorer 7 (KB947864)

Snabbkorrigering för Windows Media Player 11 (KB939683)

Snabbkorrigering för Windows XP (KB952287)

SnS DeskMate

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB942615)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB958215)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB960714)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260)

Säkerhetsuppdatering för Windows Media Player (KB911564)

Säkerhetsuppdatering för Windows Media Player (KB952069)

Säkerhetsuppdatering för Windows Media Player 11 (KB936782)

Säkerhetsuppdatering för Windows Media Player 11 (KB954154)

Säkerhetsuppdatering för Windows Media Player 6.4 (KB925398)

Säkerhetsuppdatering för Windows Media Player 9 (KB911565)

Säkerhetsuppdatering för Windows XP (KB923789)

Säkerhetsuppdatering för Windows XP (KB938464-v2)

Säkerhetsuppdatering för Windows XP (KB938464)

Säkerhetsuppdatering för Windows XP (KB941569)

Säkerhetsuppdatering för Windows XP (KB946648)

Säkerhetsuppdatering för Windows XP (KB950760)

Säkerhetsuppdatering för Windows XP (KB950762)

Säkerhetsuppdatering för Windows XP (KB950974)

Säkerhetsuppdatering för Windows XP (KB951066)

Säkerhetsuppdatering för Windows XP (KB951376-v2)

Säkerhetsuppdatering för Windows XP (KB951376)

Säkerhetsuppdatering för Windows XP (KB951698)

Säkerhetsuppdatering för Windows XP (KB951748)

Säkerhetsuppdatering för Windows XP (KB952954)

Säkerhetsuppdatering för Windows XP (KB953839)

Säkerhetsuppdatering för Windows XP (KB954211)

Säkerhetsuppdatering för Windows XP (KB954459)

Säkerhetsuppdatering för Windows XP (KB954600)

Säkerhetsuppdatering för Windows XP (KB955069)

Säkerhetsuppdatering för Windows XP (KB956391)

Säkerhetsuppdatering för Windows XP (KB956802)

Säkerhetsuppdatering för Windows XP (KB956803)

Säkerhetsuppdatering för Windows XP (KB956841)

Säkerhetsuppdatering för Windows XP (KB957095)

Säkerhetsuppdatering för Windows XP (KB957097)

Säkerhetsuppdatering för Windows XP (KB958644)

Säkerhetsuppdatering för Windows XP (KB958687)

Säkerhetsuppdatering för Windows XP (KB958690)

Säkerhetsuppdatering för Windows XP (KB960225)

Säkerhetsuppdatering för Windows XP (KB960715)

Spyware Doctor 6.0

STCC - The Game

Steam

SUPERAntiSpyware Free Edition

Svenska Spels Poker

TPTEST 5.0.2

Update for Microsoft Office Outlook 2007 (KB952142)

Update for Office 2007 (KB946691)

Update for Outlook 2007 Junk Email Filter (kb962871)

Uppdatering för Windows XP (KB951072-v2)

Uppdatering för Windows XP (KB951978)

Uppdatering för Windows XP (KB955839)

Uppdatering för Windows XP (KB967715)

USB Mass Storage Toolbox

WebFldrs XP

VIA Plattform för enhetshanterare

Viktig uppdatering för Windows Media Player 11 (KB959772)

Windows Commander (Remove only)

Windows Communication Foundation Language Pack - SVE

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Internet Explorer 7

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live inloggningsassistenten

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Media Format 11 runtime

Windows Media Format SDK Hotfix - KB891122

Windows Media Player 11

Windows Presentation Foundation

Windows Presentation Foundation Language Pack (SVE)

Windows Workflow Foundation SV Language Pack

Windows XP Service Pack 3

WinZip

XML Paper Specification Shared Components Language Pack 1.0

XML Paper Specification Shared Components Pack 1.0

 

==== End Of File ===========================

[/log]

Tagit bort en dubblett av en av loggarna

Cecilia - Moderator för Virus, skadliga program & botemedel

 

[inlägget ändrat 2009-04-08 01:56:42 av Cecilia]

Link to comment
Share on other sites

Vet du vad det här är för fil som kom in i datorn måndag klockan 13 är?

2009-04-06 13:07 131,072 a- c:\windows\system32\winsetup64.exe

 

 

Link to comment
Share on other sites

Nej vet inte, virusprogrammet varnade för den och jag provade att ta bort den, den hette catch-you.ru \files \ winsetup64 . exe

har även hittat en c: Windows \ fxsteller . exe. Catch you filen kommer tillbaks hela tiden. i meddelandet som skickas står det

" foto?? haha" ":P http:\\ photo-msn .org\ gallery.php?" slashen la jag åt fel håll och några mellanslag. En av mina kontakter öppnade dock filen och då la tydligen datorn av. Fick hjälp med en återställningspunkt, så nu fungerar den igen. har gjort en printscreen på viruslogen kan man skicka den på nåt vis?

 

Link to comment
Share on other sites

Uppdatera och kör MBAM en gång till så får vi se om den hittar något mer nu till att börja med.

 

Link to comment
Share on other sites

Hehe, jag gick och la mig precis efter att jag skrev i natt så jag hann sova många timmar. ;)

 

Kan du ta bort filen c:\windows\system32\winsetup64.exe och de andra filer som antivirusprogrammet klagar på? Gör sedan en ny DDS-logg och klistra in DSS.txt (inte Attach.txt).

 

Link to comment
Share on other sites

[log]

DDS (Ver_09-03-16.01) - NTFSx86

Run by OSSI at 13:10:39,04 on 2009-04-08

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.1535.861 [GMT 2:00]

 

AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Updated)

 

============== Running Processes ===============

 

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\CDBurnerXP\NMSAccessU.exe

C:\Program\Eset\nod32krn.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program\Spyware Doctor\pctsAuxs.exe

C:\Program\Spyware Doctor\pctsSvc.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\Program\Spyware Doctor\pctsTray.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program\Eset\nod32kui.exe

C:\Program\Logitech\iTouch\iTouch.exe

C:\Program\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program\ScanSoft\PaperPort\pptd40nt.exe

C:\Program\Sms och mms i datorn Desktop\mw.exe

C:\Program\VIA\VIAudioi\SBADeck\ADeck.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\Steam\Steam.exe

C:\Program\ManyCam 2.4\ManyCam.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\IncrediMail\bin\IMApp.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\alg.exe

C:\Program\Windows Live\Messenger\msnmsgr.exe

C:\Program\Windows Live\Contacts\wlcomm.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Windows Live\Toolbar\wltuser.exe

C:\Program\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\spider.exe

C:\Documents and Settings\OSSI\Skrivbord\dds.scr

C:\WINDOWS\System32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://aftonbladet.se/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = localhost

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SearchHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.0.926.3450\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program\google\google toolbar\component\fastsearch_219B3E1547538286.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll

BHO: TBHelper Class: {e46a2169-e328-471a-9788-f2b52bb9c681} - c:\program\sms och mms i datorn desktop\miebho2.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Sms och mms i datorn: {6b49f76b-190a-4fc6-83ea-baad234baff8} - c:\program\sms och mms i datorn desktop\mie2.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll

TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

uRun: [incrediMail] c:\program\incredimail\bin\IncMail.exe /c

uRun: [steam] "c:\program\steam\Steam.exe" -silent

uRun: [ManyCam] "c:\program\manycam 2.4\ManyCam.exe"

uRun: [swg] c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [sUPERAntiSpyware] c:\program\superantispyware\SUPERAntiSpyware.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [nod32kui] "c:\program\eset\nod32kui.exe" /WAITSERVICE

mRun: [zBrowser Launcher] c:\program\logitech\itouch\iTouch.exe

mRun: [GrooveMonitor] "c:\program\microsoft office\office12\GrooveMonitor.exe"

mRun: [sSBkgdUpdate] "c:\program\delade filer\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] c:\program\scansoft\paperport\pptd40nt.exe

mRun: [indexSearch] c:\program\scansoft\paperport\IndexSearch.exe

mRun: [sms och mms i datorn Desktop] "c:\program\sms och mms i datorn desktop\mw.exe" /AutoStart

mRun: [AudioDeck] c:\program\via\viaudioi\sbadeck\ADeck.exe 1

mRun: [DeskMateAutoUpdate] c:\program\deskma~1\DeskMateAutoUpdate.exe

mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [iSTray] "c:\program\spyware doctor\pctsTray.exe"

mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

StartupFolder: c:\docume~1\ossi\start-~1\program\autost~1\fatbde~1.lnk - c:\program\deskmates\fatb\FatB.exe

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\adobeg~1.lnk - c:\program\delade filer\adobe\calibration\Adobe Gamma Loader.exe

IE: E&xportera till Microsoft Excel - c:\program\micros~2\office12\EXCEL.EXE/3000

IE: Skicka som mms... - file://c:\program\sms och mms i datorn desktop\sendmms.htm

IE: Skicka som sms... - file://c:\program\sms och mms i datorn desktop\sendsms.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~2\office12\REFIEBAR.DLL

LSP: imon.dll

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206381158359

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://support.f-secure.com/ols/fscax.cab

DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program\microsoft office\office12\GrooveSystemServices.dll

Notify: !SASWinLogon - c:\program\superantispyware\SASWINLO.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program\superantispyware\SASSEH.DLL

 

============= SERVICES / DRIVERS ===============

 

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-4-7 130424]

R1 SASDIFSV;SASDIFSV;c:\program\superantispyware\SASDIFSV.SYS [2009-2-17 9968]

R1 SASKUTIL;SASKUTIL;c:\program\superantispyware\SASKUTIL.SYS [2009-2-17 55024]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-2-23 55152]

R2 NOD32krn;NOD32 Kernel Service;c:\program\eset\nod32krn.exe [2008-3-24 507904]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program\spyware doctor\pctsAuxs.exe [2009-4-7 348752]

R2 sdCoreService;PC Tools Security Service;c:\program\spyware doctor\pctsSvc.exe [2009-4-7 1095560]

R2 SeaPort;SeaPort;c:\program\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-4-8 38496]

R3 SASENUM;SASENUM;c:\program\superantispyware\SASENUM.SYS [2009-2-17 7408]

S3 fsssvc;Windows Live Family Safety;c:\program\windows live\family safety\fsssvc.exe [2009-2-6 533360]

S3 getPlus® Helper;getPlus® Helper;c:\program\nos\bin\getPlus_HelperSvc.exe [2009-3-25 33176]

 

=============== Created Last 30 ================

 

2009-04-08 01:20 <DIR> --d----- c:\docume~1\ossi\applic~1\Malwarebytes

2009-04-08 01:20 15,504 a------- c:\windows\system32\drivers\mbam.sys

2009-04-08 01:20 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys

2009-04-08 01:20 <DIR> --d----- c:\program\Malwarebytes' Anti-Malware

2009-04-08 01:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

2009-04-07 17:11 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys

2009-04-07 17:11 130,424 a------- c:\windows\system32\drivers\PCTCore.sys

2009-04-07 17:11 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys

2009-04-07 17:11 <DIR> --d----- c:\program\delade filer\PC Tools

2009-04-07 17:11 64,392 a------- c:\windows\system32\drivers\pctplsg.sys

2009-04-07 17:10 <DIR> --d----- c:\program\Spyware Doctor

2009-04-07 17:10 <DIR> --d----- c:\docume~1\ossi\applic~1\PC Tools

2009-04-07 17:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools

2009-04-07 16:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2009-04-07 16:53 <DIR> --d----- c:\program\SUPERAntiSpyware

2009-04-07 16:53 <DIR> --d----- c:\docume~1\ossi\applic~1\SUPERAntiSpyware.com

2009-04-07 16:53 <DIR> --d----- c:\program\delade filer\Wise Installation Wizard

2009-04-06 23:30 <DIR> a-dshr-- C:\cmdcons

2009-04-06 23:28 161,792 a------- c:\windows\SWREG.exe

2009-04-06 23:28 98,816 a------- c:\windows\sed.exe

2009-04-06 23:28 49,152 a------- c:\windows\VFIND.exe

2009-04-06 23:23 <DIR> --d----- c:\program\Trend Micro

2009-03-24 10:40 <DIR> --d----- c:\program\ManyCam 2.4

2009-03-24 10:40 <DIR> --d----- c:\docume~1\ossi\applic~1\ManyCam

 

==================== Find3M ====================

 

2009-04-06 10:52 516,416 a------- c:\windows\system32\perfh01D.dat

2009-04-06 10:52 101,328 a------- c:\windows\system32\perfc01D.dat

2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll

2009-02-21 08:25 691,592 a------- c:\windows\system32\OGACheckControl.DLL

2009-02-09 16:07 1,846,784 a------- c:\windows\system32\win32k.sys

2009-02-06 20:13 308,088 a------- c:\windows\WLXPGSS.SCR

2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll

2008-09-21 19:22 32,768 a--sh--- c:\windows\system32\config\systemprofile\lokala inställningar\tidigare\history.ie5\mshist012008092120080922\index.dat

 

============= FINISH: 13:11:45,32 ===============

[/log]

det gäller att ligga i skall själv börja jobba igen strax. väldigt imponerad av din uthållighet och hjälpsamhet, har haft hjälp av dig förut när jag följt dina problemtrådar

 

Link to comment
Share on other sites

har haft hjälp av dig förut när jag följt dina problemtrådar
Kul att höra!

 

Avinstallera

Java 2 Runtime Environment SE v1.4.1_01

Java™ 6 Update 11

Java™ 6 Update 7

i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

Fungerar MSN bra nu? Byt lösenord till det också.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...