Dartorn har blivit SÅ långsam!

[Zipp.]

Tack fick den ta bort filen i felsäkert läge

 

C:\Windows\Wnifia.exe

 

starta normalt igen och en ny Hijack log

[En_för_alla_för_en]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:55:35, on 2010-04-04

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\conime.exe

C:\Windows\explorer.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Program Files\Emotum\Mobile Broadband\Mobile.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Just4you\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Just4you\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\Wnifia.exe

C:\Users\Just4you\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{FCD37C1E-9386-409C-BAD9-4FA44B2CEC1F}

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O1 - Hosts: 74.208.10.249 gs.apple.com

O1 - Hosts: ::1 localhost

O1 - Hosts: 74.208.10.249 gs.apple.com

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: IE2Aml - {2564A650-39E8-11DA-9EEF-A60DC4EDC02C} - C:\Program Files\Aml Pages\Plugins\IE2Aml.DLL

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O8 - Extra context menu item: &AOL Verktygsfalt Sök - C:\ProgramData\AOL\ieToolbar\resources\sv-SE\local\search.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe

O23 - Service: Tjänsten Google Update (gupdate1ca2edd43a4c20) (gupdate1ca2edd43a4c20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe

O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

 

--

End of file - 8799 bytes

[Zipp.]

Ladda ner CFScript.txt till Skrivbordet

 

http://www.skickafilen.se/download.jsp?FileId=U6xyZfiisHpTWZcptdE7

 

sen dra den med musen i Combofix ikonen och kör + skicka loggen som kommer ut

Tittar till imorn stänger för idag

[En_för_alla_för_en]

ComboFix 10-04-03.02 - Just4you 2010-04-04 21:14:57.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.3069.1710 [GMT 2:00]

Körs från: c:\users\Just4you\Desktop\ComboFix.exe

Använda kommandoväxlar :: c:\users\Just4you\Desktop\CFScript.txt

SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

FILE ::

"c:\windows\Wnifia.exe"

.

 

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

 

.

(((((((((((((((((((((((( Filer Skapade från 2010-03-04 till 2010-04-04 ))))))))))))))))))))))))))))))

.

 

2010-04-04 19:27 . 2010-04-04 19:31 -------- d-----w- c:\users\Just4you\AppData\Local\temp

2010-04-04 19:27 . 2010-04-04 19:27 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-04-03 12:41 . 2010-04-03 12:41 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2010-04-03 11:16 . 2010-04-03 11:16 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-04-03 10:57 . 2010-04-03 10:57 -------- d-----w- c:\users\Just4you\AppData\Roaming\Malwarebytes

2010-04-03 10:57 . 2010-03-29 13:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-04-03 10:57 . 2010-04-04 10:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-04-03 10:57 . 2010-04-03 10:57 -------- d-----w- c:\programdata\Malwarebytes

2010-04-03 10:57 . 2010-03-29 13:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-04-03 10:52 . 2010-04-03 10:52 -------- d-----w- c:\program files\Trend Micro

2010-04-01 20:32 . 2010-04-01 20:32 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2010-04-01 20:29 . 2010-04-01 20:29 -------- d-----w- c:\program files\Norton Internet Security

2010-04-01 20:17 . 2010-04-01 20:17 -------- d-sh--w- c:\programdata\CUQKA

2010-04-01 20:16 . 2010-04-01 20:49 -------- d-sh--w- c:\programdata\52d99f4

2010-03-30 18:04 . 2010-03-30 18:04 -------- d-----w- c:\program files\Common Files\Java

2010-03-30 13:59 . 2010-03-30 13:59 -------- d-----w- c:\program files\Common Files\Skype

2010-03-22 14:40 . 2010-03-22 15:09 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing

2010-03-22 05:42 . 2010-04-02 09:48 -------- d-----w- c:\program files\Common Files\Symantec Shared

2010-03-20 11:43 . 2010-03-20 11:43 -------- d-----w- C:\Ny mapp

2010-03-19 19:22 . 2010-03-20 07:32 -------- d-----w- c:\program files\Black Obelisk Software

2010-03-17 10:04 . 2010-03-17 10:04 56 ---ha-w- c:\windows\system32\ezsidmv.dat

2010-03-16 18:51 . 2010-03-23 16:51 -------- d-----w- c:\program files\DRPU PC Data Manager(Basic)

2010-03-16 18:22 . 2010-03-16 18:22 -------- d-----w- c:\users\Just4you\AppData\Roaming\H4S

2010-03-13 21:38 . 2010-03-13 21:41 -------- d-----w- c:\users\Just4you\AppData\Local\gctmp

2010-03-13 21:38 . 2010-03-13 21:38 -------- d-----w- c:\users\Just4you\AppData\Local\Xenocode

2010-03-13 21:16 . 2010-03-13 21:43 -------- d-----w- c:\program files\Game Cam V2

2010-03-12 15:51 . 2010-03-23 16:51 -------- d-----w- c:\program files\HyCam2

2010-03-11 15:06 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll

2010-03-11 15:06 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll

2010-03-11 15:06 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys

2010-03-09 16:37 . 2010-03-09 16:37 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2010-03-09 16:37 . 2010-04-03 11:17 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-03-09 16:37 . 2010-04-03 11:17 -------- d-----w- c:\users\Just4you\AppData\Roaming\SUPERAntiSpyware.com

2010-03-09 16:24 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe

2010-03-08 19:25 . 2010-03-23 17:34 -------- d-----w- c:\program files\Common Files\Steam

2010-03-08 15:50 . 2010-03-08 15:50 -------- d-----w- C:\PFiles

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-04-04 19:30 . 2010-01-31 21:52 -------- d-----w- c:\program files\Common Files\Akamai

2010-04-04 19:13 . 2009-09-06 09:28 -------- d-----w- c:\users\Just4you\AppData\Roaming\uTorrent

2010-04-04 16:51 . 2009-09-06 10:06 -------- d-----w- c:\users\Just4you\AppData\Roaming\UltraGet

2010-04-04 13:57 . 2009-12-26 15:57 -------- d-----w- c:\programdata\Lx_cats

2010-04-04 11:27 . 2009-09-30 22:03 -------- d-----w- c:\program files\goonlinetv

2010-04-04 02:21 . 2009-09-10 09:46 -------- d-----w- c:\users\Just4you\AppData\Roaming\vlc

2010-04-03 18:44 . 2009-09-05 18:17 -------- d-----w- c:\programdata\Microsoft Help

2010-04-03 15:37 . 2009-12-17 08:53 -------- d-----w- c:\users\Just4you\AppData\Roaming\Skype

2010-04-03 15:37 . 2009-10-21 16:26 -------- d-----w- c:\program files\Steam

2010-04-03 13:32 . 2009-09-05 18:32 111472 ----a-w- c:\users\Just4you\AppData\Local\GDIPFONTCACHEV1.DAT

2010-04-03 12:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild

2010-04-02 11:11 . 2009-09-06 09:43 -------- d-----w- c:\program files\Common Files\AVSMedia

2010-04-02 11:11 . 2009-09-06 09:43 -------- d-----w- c:\program files\AVS4YOU

2010-04-02 11:03 . 2009-09-24 09:26 -------- d--h--w- c:\users\Just4you\AppData\Roaming\windows

2010-04-02 09:38 . 2009-03-19 07:40 600740 ----a-w- c:\windows\system32\perfh01D.dat

2010-04-02 09:38 . 2009-03-19 07:40 118260 ----a-w- c:\windows\system32\perfc01D.dat

2010-04-02 09:38 . 2009-03-19 07:33 77234 ----a-w- c:\windows\system32\perfc014.dat

2010-04-02 09:38 . 2009-03-19 07:33 446736 ----a-w- c:\windows\system32\perfh014.dat

2010-04-02 09:38 . 2009-03-19 07:26 81456 ----a-w- c:\windows\system32\perfc00B.dat

2010-04-02 09:38 . 2009-03-19 07:26 430022 ----a-w- c:\windows\system32\perfh00B.dat

2010-04-02 09:38 . 2009-03-19 07:20 77944 ----a-w- c:\windows\system32\perfc006.dat

2010-04-02 09:38 . 2009-03-19 07:20 457746 ----a-w- c:\windows\system32\perfh006.dat

2010-04-02 09:25 . 2009-11-26 22:05 151295 ----a-w- c:\windows\hpoins14.dat

2010-04-01 22:27 . 2010-01-18 17:10 -------- d-----w- c:\program files\NortonInstaller

2010-04-01 20:32 . 2010-01-18 17:12 -------- d-----w- c:\program files\Symantec

2010-04-01 20:32 . 2010-04-01 20:32 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF

2010-04-01 20:32 . 2010-04-01 20:32 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT

2010-04-01 20:25 . 2009-03-19 08:21 -------- d-----w- c:\programdata\NortonInstaller

2010-04-01 20:22 . 2009-03-19 08:22 -------- d-----w- c:\programdata\Norton

2010-04-01 20:07 . 2009-03-19 09:53 -------- d-----w- c:\program files\Java

2010-04-01 04:14 . 2009-09-13 19:45 -------- d-----w- c:\users\Just4you\AppData\Roaming\skypePM

2010-03-23 17:52 . 2009-10-27 10:32 -------- d-----w- c:\users\Just4you\AppData\Roaming\dvdcss

2010-03-23 16:52 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar

2010-03-23 16:52 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery

2010-03-23 16:52 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal

2010-03-23 16:52 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender

2010-03-23 16:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-03-23 16:46 . 2009-07-19 08:23 -------- d-----w- c:\program files\JMicron

2010-03-21 10:46 . 2009-03-19 08:19 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-03-20 08:32 . 2009-09-24 07:29 -------- d--h--w- c:\program files\Wedhbbmxenek

2010-03-13 19:06 . 2009-09-12 19:10 -------- d-----w- c:\users\Just4you\AppData\Roaming\HpUpdate

2010-03-10 06:05 . 2009-03-19 09:39 588472 ----a-w- c:\windows\system32\ezsvc7x.dll

2010-03-09 16:38 . 2009-03-19 08:22 -------- d-----w- c:\programdata\Symantec

2010-03-09 02:28 . 2009-03-19 09:53 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-03-04 09:26 . 2010-03-04 09:26 86016 ----a-w- c:\windows\system32\frapsvid.dll

2010-03-03 09:31 . 2010-03-03 09:31 -------- d-----w- c:\users\Just4you\AppData\Roaming\VistaCodecs

2010-03-03 09:31 . 2010-03-03 09:31 -------- d-----w- c:\program files\VistaCodecPack

2010-03-03 09:31 . 2010-03-03 09:30 -------- d-----w- c:\programdata\VistaCodecs

2010-03-03 09:31 . 2010-03-03 09:31 -------- d-----w- c:\users\Just4you\AppData\Roaming\Red Kawa

2010-03-03 09:18 . 2010-03-03 09:18 -------- d-----w- c:\program files\Red Kawa

2010-03-03 08:40 . 2010-03-03 08:40 -------- d-----w- c:\program files\AviSynth 2.5

2010-03-02 22:53 . 2010-03-02 21:47 -------- d-----w- c:\users\Just4you\AppData\Roaming\DiskAid

2010-03-02 19:34 . 2010-03-02 19:21 -------- d-----w- c:\users\Just4you\AppData\Roaming\Apple Computer

2010-03-02 19:21 . 2010-03-02 19:20 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2010-03-02 19:20 . 2010-03-02 19:20 -------- d-----w- c:\program files\iPod

2010-03-02 19:20 . 2009-09-10 09:47 -------- d-----w- c:\program files\Common Files\Apple

2010-03-02 19:20 . 2009-09-10 09:52 -------- d-----w- c:\programdata\Apple Computer

2010-03-02 19:20 . 2009-09-10 09:47 -------- d-----w- c:\programdata\Apple

2010-03-02 19:19 . 2010-03-02 19:19 -------- d-----w- c:\program files\Bonjour

2010-03-01 09:01 . 2009-03-19 08:03 -------- d-----w- c:\program files\Hewlett-Packard

2010-02-26 19:56 . 2010-02-26 19:56 -------- d-----w- c:\program files\Common Files\Solveig Multimedia

2010-02-26 18:38 . 2009-09-06 09:44 -------- d-----w- c:\users\Just4you\AppData\Roaming\AVS4YOU

2010-02-23 06:39 . 2010-03-31 10:37 916480 ----a-w- c:\windows\system32\wininet.dll

2010-02-23 06:33 . 2010-03-31 10:37 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-02-23 06:33 . 2010-03-31 10:37 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-02-23 04:55 . 2010-03-31 10:37 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-02-22 17:18 . 2010-02-22 17:18 -------- d-----w- c:\users\Just4you\AppData\Roaming\Tific

2010-02-20 15:26 . 2010-02-20 15:25 -------- d-----w- c:\programdata\HPSSUPPLY

2010-02-16 17:47 . 2010-02-16 17:47 -------- d-----w- c:\program files\Emotum

2010-02-15 13:38 . 2009-09-06 08:52 -------- d-----w- c:\programdata\Emotum

2010-02-15 13:30 . 2010-02-15 13:30 -------- d-----w- c:\program files\Option

2010-02-06 10:56 . 2009-09-06 09:48 -------- d-----w- c:\program files\Google

2010-02-04 15:02 . 2010-02-01 16:52 -------- d-----w- c:\program files\Microsoft SQL Server

2010-02-04 14:42 . 2009-09-05 18:19 -------- d-----w- c:\program files\Microsoft.NET

2010-01-28 01:09 . 2010-01-28 01:09 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2010-01-25 12:00 . 2010-02-24 17:59 471552 ----a-w- c:\windows\system32\secproc_isv.dll

2010-01-25 12:00 . 2010-02-24 17:59 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2010-01-25 12:00 . 2010-02-24 17:59 152064 ----a-w- c:\windows\system32\secproc_ssp.dll

2010-01-25 12:00 . 2010-02-24 17:59 471552 ----a-w- c:\windows\system32\secproc.dll

2010-01-25 11:58 . 2010-02-24 17:59 332288 ----a-w- c:\windows\system32\msdrm.dll

2010-01-25 08:21 . 2010-02-24 17:59 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-01-25 08:21 . 2010-02-24 17:59 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2010-01-25 08:21 . 2010-02-24 17:59 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2010-01-25 08:21 . 2010-02-24 17:59 518144 ----a-w- c:\windows\system32\RMActivate.exe

2010-01-23 09:26 . 2010-02-24 17:59 2048 ----a-w- c:\windows\system32\tzres.dll

2010-01-06 15:39 . 2010-02-24 17:58 1696256 ----a-w- c:\windows\system32\gameux.dll

2010-01-06 15:38 . 2010-02-24 17:58 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2010-01-06 13:30 . 2010-02-24 17:58 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2010-01-05 15:46 . 2009-10-01 17:03 680 ----a-w- c:\users\Just4you\AppData\Local\d3d9caps.dat

2009-03-19 08:10 . 2009-03-19 07:42 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

 

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-14 319792]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-06 39408]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-03-29 1086856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 2 (0x2)

"EnableUIADesktopToggle"= 0 (0x0)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^Users^Just4you^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Skärmurklipp och start för OneNote 2007.lnk]

path=c:\users\Just4you\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skärmurklipp och start för OneNote 2007.lnk

backup=c:\windows\pss\Skärmurklipp och start för OneNote 2007.lnk.Startup

backupExtension=.Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2005-09-09 00:18 57344 ----a-w- c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart]

2008-12-25 20:41 189736 ----a-w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctra]

2009-12-26 21:56 249856 ----a-w- c:\windows\cmxint.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DRPU PC Data Manager(Basic)]

2010-01-05 14:05 2801664 ----a-w- c:\program files\DRPU PC Data Manager(Basic)\pcdm.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]

2008-11-29 01:04 1148200 ----a-w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Emotum Mobile Broadband]

2009-05-14 17:14 348968 ----a-w- c:\program files\Emotum\Mobile Broadband\Mobile.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2009-01-29 15:43 107176 ----a-w- c:\program files\Lexmark 2600 Series\ezprint.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]

2009-09-10 07:18 122368 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2009-09-06 10:39 133104 ----atw- c:\users\Just4you\AppData\Local\Google\Update\GoogleUpdate.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-02-15 17:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnmon.exe]

2009-01-29 15:43 660136 ----a-w- c:\program files\Lexmark 2600 Series\lxdnmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2010-03-29 13:24 1086856 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-07-26 14:44 3883840 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]

2008-10-10 19:24 206128 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2010-03-09 08:02 26100520 ----a-r- c:\program files\Skype\Phone\Skype.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

2008-08-30 00:11 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

2010-03-23 17:26 1217872 ----a-w- c:\program files\Steam\Steam.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

2010-04-01 10:28 2010864 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2009-09-06 09:48 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

2009-06-03 19:43 450652 ----a-w- c:\program files\IDT\WDM\sttray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]

2008-12-25 20:41 1316136 ----a-w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent]

2009-05-09 00:32 206120 ----a-w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2008-11-15 05:02 218408 ----a-w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]

2008-06-14 01:11 210216 ----a-w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]

2008-06-14 01:11 210216 ----a-w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]

2008-11-26 18:34 210216 ----a-w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2010-03-14 13:01 319792 ----a-w- c:\program files\uTorrent\uTorrent.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]

2008-12-08 18:25 432432 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(:f4,b1,4b,ca,a9,42,ca,01

 

R2 gupdate1ca2edd43a4c20;Tjänsten Google Update (gupdate1ca2edd43a4c20);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-06 133104]

R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-12-05 109408]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1105000.07F\SYMDS.SYS [2009-08-30 328752]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1105000.07F\SYMEFA.SYS [2009-11-26 172592]

S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys [2010-03-24 536112]

S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1105000.07F\ccHPx86.sys [2009-12-09 501888]

S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100326.001\IDSvix86.sys [2009-11-17 343088]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-02-17 66632]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1105000.07F\Ironx86.SYS [2009-11-26 116272]

S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\NIS\1105000.07F\SYMTDIV.SYS [2009-11-22 340016]

S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/07/19 02:04];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-29 01:04 87536]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]

S2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GTDetectSc.exe [2007-12-18 196704]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]

S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2008-02-27 594600]

S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2009-04-28 94208]

S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [2009-12-09 126392]

S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952]

S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-27 296320]

S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-27 116096]

S2 XobniService;XobniService;c:\program files\Xobni\XobniService.exe [2009-12-08 55016]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-04-01 102448]

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\DRIVERS\Gt51Ip.sys [2008-02-18 106624]

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\DRIVERS\gt72ubus.sys [2008-02-08 59648]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-29 22072]

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

Akamai REG_MULTI_SZ Akamai

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

Innehållet i mappen 'Schemalagda aktiviteter':

 

2010-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-06 10:29]

 

2010-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-06 10:29]

 

2010-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3082484009-1095413871-806137520-1000Core.job

- c:\users\Just4you\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-24 10:39]

 

2010-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3082484009-1095413871-806137520-1000UA.job

- c:\users\Just4you\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-24 10:39]

 

2010-04-04 c:\windows\Tasks\HPCeeScheduleForJust4you.job

- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-03-19 18:34]

 

2010-04-04 c:\windows\Tasks\User_Feed_Synchronization-{A35599E8-89D9-4F6E-9169-D96C6F4E1788}.job

- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://www.bigseekpro.com/hypercam/{FCD37C1E-9386-409C-BAD9-4FA44B2CEC1F}

uInternet Settings,ProxyOverride = *.local

IE: &AOL Verktygsfalt Sök - c:\programdata\AOL\ieToolbar\resources\sv-SE\local\search.html

IE: E&xportera till Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\users\Just4you\AppData\Roaming\Mozilla\Firefox\Profiles\wxyq7mjg.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - component: c:\program files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll

FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll

FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

FF - component: c:\users\Just4you\AppData\Roaming\Mozilla\Firefox\Profiles\wxyq7mjg.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll

FF - component: c:\users\Just4you\AppData\Roaming\Mozilla\Firefox\Profiles\wxyq7mjg.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.dll

FF - component: c:\users\Just4you\AppData\Roaming\Mozilla\Firefox\Profiles\wxyq7mjg.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll

FF - plugin: c:\users\Just4you\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\users\Just4you\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICY ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-04-04 21:34

Windows 6.0.6002 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

------------------------ Andra processer som körs ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\spool\DRIVERS\W32X86\3\lxdnserv.exe

c:\program files\CyberLink\Shared files\RichVideo.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\DllHost.exe

c:\windows\system32\conime.exe

c:\windows\servicing\TrustedInstaller.exe

.

**************************************************************************

.

Sluttid: 2010-04-04 21:45:02 - datorn startades om.

ComboFix-quarantined-files.txt 2010-04-04 19:44

ComboFix2.txt 2010-04-04 17:31

 

Före genomsökningen: 294 014 631 936 byte ledigt

Efter genomsökningen: 294 096 760 832 byte ledigt

 

- - End Of File - - 9578E571FCDB7B7025B74930A5326759

 

Tack för all hjälp!

[Zipp.]

Scanna och skicka en ny Hijack log

[En_för_alla_för_en]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:55:35, on 2010-04-04

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\conime.exe

C:\Windows\explorer.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Program Files\Emotum\Mobile Broadband\Mobile.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Just4you\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Just4you\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\Wnifia.exe

C:\Users\Just4you\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{FCD37C1E-9386-409C-BAD9-4FA44B2CEC1F}

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O1 - Hosts: 74.208.10.249 gs.apple.com

O1 - Hosts: ::1 localhost

O1 - Hosts: 74.208.10.249 gs.apple.com

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: IE2Aml - {2564A650-39E8-11DA-9EEF-A60DC4EDC02C} - C:\Program Files\Aml Pages\Plugins\IE2Aml.DLL

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O8 - Extra context menu item: &AOL Verktygsfalt Sök - C:\ProgramData\AOL\ieToolbar\resources\sv-SE\local\search.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe

O23 - Service: Tjänsten Google Update (gupdate1ca2edd43a4c20) (gupdate1ca2edd43a4c20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe

O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

 

--

End of file - 8799 bytes

[Zipp.]

Scanna och skicka en ny logg med HijackThis,loggen du skicka är gammal

[En_för_alla_för_en]

sorry märkte inte!

 

 

 

ogfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:51:32, on 2010-04-05

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

 

Running processes:

C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Red Kawa\Video Converter App\VideoConverterApp.exe

C:\Program Files\Emotum\Mobile Broadband\Mobile.exe

C:\Windows\system32\conime.exe

C:\Program Files\Red Kawa\Video Converter App\Tools\FFmpeg\ffmpeg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\DllHost.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{FCD37C1E-9386-409C-BAD9-4FA44B2CEC1F}

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: IE2Aml - {2564A650-39E8-11DA-9EEF-A60DC4EDC02C} - C:\Program Files\Aml Pages\Plugins\IE2Aml.DLL

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: &AOL Verktygsfalt Sök - C:\ProgramData\AOL\ieToolbar\resources\sv-SE\local\search.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe

O23 - Service: Tjänsten Google Update (gupdate1ca2edd43a4c20) (gupdate1ca2edd43a4c20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe

O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

 

--

End of file - 8605 bytes

[Zipp.]

Har du nå Norton / Symantec program som används på datorn

[En_för_alla_för_en]

Japp!

[Zipp.]

Avinstallera Java och hämta nyaste

 

http://www.java.com/sv/

 

Har du ingen antivirus och brandvägg så installera gratisversion av bägge

Här finns lite mera tips

 

http://sites.google.com/site/ceblstockholm/home

[En_för_alla_för_en]

ok, tack så mycket! datorn har blivit mycket bättre nu! Tack igen!