Just nu i M3-nätverket
Gå till innehåll
Harmonicaman

Samsung laptop som "hänger sig"

Rekommendera Poster

Harmonicaman

Hej Cecilia!

Hittar inte mappen 2010-11-01 16:01:24 -------- d-----w- c:\progra~2\UAB

så jag vet inte alls vad den innehåller.

Här kommer MBAM-loggen:

[log]Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databasversion: 5116

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

2010-11-15 06:14:08

mbam-log-2010-11-15 (06-14-08).txt

 

Skanningstyp: Snabbskanning

Antal skannade objekt: 143723

Förfluten tid: 8 minut(er), 6 sekund(er)

 

Infekterade minnesprocesser: 1

Infekterade minnesmoduler: 2

Infekterade registernycklar: 30

Infekterade registervärden: 3

Infekterade registerdataposter: 1

Infekterade mappar: 4

Infekterade filer: 14

 

Infekterade minnesprocesser:

C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

 

Infekterade minnesmoduler:

C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.

 

Infekterade registernycklar:

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d6ba40a1-a502-59bd-f413-04b03a2c8953} (Trojan.Ertfor) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\KOO9RV9K4Z (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.

 

Infekterade registerdataposter:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Infekterade mappar:

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\3.bin (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\3.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Infekterade filer:

C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Alexander\downloads\IWONGlobalSetup2.3.70.1.SA.HP.ZVfox000(2).exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Alexander\downloads\IWONGlobalSetup2.3.70.1.SA.HP.ZVfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\3.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\3.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\3.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Alexander\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.[/log]

 

F-secure fann följande:

TrackingCookie.Research-int

TrackingCookie.Advertising

TrackingCookie.Atdmt

TrackingCookie.Adform

TrackingCookie.Doubleclick

TrackingCookie.Admeta

TrackingCookie.Webtrends

TrackingCookie.Liveperson

TrackingCookie.Statcounter

TrackingCookie.Yieldmanager

 

Kaspersky hittade inget alls..

Däremot öppnades ett fönster från Norton securityscan som hittade följande tracking cockies:

alexander@msnportal.112.2o7.net/

alexander@2o7.net/

alexander@domdex.com/

alexander@m.webtrends.com/

alexander@tap.ribiconproject.com/

alexander@track.adform.net/

alexander@pixel.rubiconproject.com/

alexander@rubiconproject.com/

alexander@myroitracking.com/

alexander@quantserve.com/

alexander@ad.yieldmanager.com/

alexander@adfarm1.adition.com/

alexander@content.yieldmanager.com/

alexander@content.yieldmanager.com/ak/

alexander@ad2.adfarm1.adition.com/

alexander@msnportal.112.2o7.net/

 

Fick skriva av detta för hand då det inte fanns någon speciell logfil & inte gick det att kopiera från fönstret.

Klickade på Fix now-knappen men dåöppnades bara ett explorerfönster där dom ville att "jag" skulle köpa programmet.

 

Mvh. Patric

Redigerad av Harmonicaman

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Det är bara en del online-skanningar som tar bort det de hittar.

 

Cookies är aldrig farliga för datorn, utan det har mer med ens personliga integritet att göra.

 

c:\progra~2\UAB

det betyder att det finns en mapp UAB i en mapp som börjar med "progra", det kan vara "program", "programdata", "program files". Går det lättare att hitta UAB då?

 

På sidan http://www.virustotal.com trycker du på Bläddra-knappen och klistrar in ett av följande filnamn i rutan, tryck på Öppna och sedan Skicka Fil. Vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in en länk till resultatet här. Upprepa med nästa filnamn.

c:\progra~2\hpeC6AC.dll

c:\windows\system32\f3PSSavr.scr

 

Klistra in nya DDS-loggar, även Attach-loggen.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Harmonicaman

Här kommer loggen från VirusTotal:

 

[log]Antivirus Version Last Update Result

AhnLab-V3 2010.11.15.00 2010.11.14 -

AntiVir 7.10.13.238 2010.11.14 -

Antiy-AVL 2.0.3.7 2010.11.15 -

Authentium 5.2.0.5 2010.11.15 -

Avast 4.8.1351.0 2010.11.14 -

Avast5 5.0.594.0 2010.11.14 -

AVG 9.0.0.851 2010.11.15 -

BitDefender 7.2 2010.11.15 -

CAT-QuickHeal 11.00 2010.11.09 -

ClamAV 0.96.4.0 2010.11.15 -

Comodo 6722 2010.11.15 -

Emsisoft 5.0.0.50 2010.11.15 -

eSafe 7.0.17.0 2010.11.14 -

eTrust-Vet 36.1.7973 2010.11.13 -

F-Prot 4.6.2.117 2010.11.15 -

F-Secure 9.0.16160.0 2010.11.15 -

Fortinet 4.2.249.0 2010.11.14 -

GData 21 2010.11.15 -

Ikarus T3.1.1.90.0 2010.11.15 -

Jiangmin 13.0.900 2010.11.14 -

K7AntiVirus 9.67.2973 2010.11.12 -

Kaspersky 7.0.0.125 2010.11.14 -

McAfee 5.400.0.1158 2010.11.15 -

McAfee-GW-Edition 2010.1C 2010.11.15 -

Microsoft 1.6301 2010.11.14 -

NOD32 5619 2010.11.14 -

Norman 6.06.10 2010.11.14 -

nProtect 2010-11-14.01 2010.11.14 -

Panda 10.0.2.7 2010.11.14 -

PCTools 7.0.3.5 2010.11.15 -

Prevx 3.0 2010.11.15 -

Rising 22.73.04.00 2010.11.13 -

Sophos 4.59.0 2010.11.15 -

Sunbelt 7313 2010.11.15 -

SUPERAntiSpyware 4.40.0.1006 2010.11.15 -

Symantec 20101.2.0.161 2010.11.15 -

TheHacker 6.7.0.1.083 2010.11.15 -

TrendMicro 9.120.0.1004 2010.11.14 -

TrendMicro-HouseCall 9.120.0.1004 2010.11.15 -

VBA32 3.12.14.2 2010.11.12 -

ViRobot 2010.11.13.4145 2010.11.14 -

VirusBuster 12.75.3.0 2010.11.14 -

Additional information

Show all

MD5 : cbf470b77b2db2f25c56e05ce391f18a

SHA1 : a7b49ae6c6ab2f51d27bea49c624680066315676

SHA256: 45a2f8fae3d3284373a0a7b4927f2bb3757cd39abecb2b0e7c26540fc52618d1[/log]

 

Nästa: c:\windows\system32\f3PSSavr.scr hittade jag inte i system32-mappen.

 

Patric.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Spara SystemLook på Skrivbordet från en av dessa länkar:

http://jpshortstuff.247fixes.com/SystemLook.exe

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe

 

Dubbelklicka på SystemLook-filen för att köra den.

 

Kopiera alla rader i rutan

:dir
c:\progra~2\UAB
:file
c:\windows\system32\f3PSSavr.scr

och klistra in i det stora textfältet i SýstemLook.

Tryck på knappen Look för att starta sökningen.

När det är klart så kommer Anteckningar upp med en logg, och den klistrar du in här. Om loggen inte kommer upp så finns den som SystemLook.txt på Skrivbordet.

 

Klistra in nya DDS-loggar också.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Harmonicaman

Här kommer DDS-loggarna:

 

DDS (Ver_10-11-10.01) - NTFSx86

Run by Alexander at 17:25:33,13 on 2010-11-16

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.46.1053.18.3033.1777 [GMT 1:00]

 

 

============== Running Processes ===============

 

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\windows\system32\PnkBstrA.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe

C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe

C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe

C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

C:\windows\system32\igfxext.exe

C:\windows\system32\igfxsrvc.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\iPod\bin\iPodService.exe

Q:\140062.enu\Office14\ONENOTEM.EXE

C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

C:\windows\system32\DllHost.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\windows\system32\conhost.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\windows\system32\conhost.exe

C:\Program Files\Registry Mechanic\RegMech.exe

C:\Program Files\GetDiz\GetDiz.exe

C:\Program Files\Windows NT\Accessories\wordpad.exe

C:\Users\Alexander\Desktop\SystemLook.exe

C:\WINDOWS\notepad.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\explorer.exe

C:\Users\Alexander\Desktop\dds(2).scr

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZVfox000&ptb=RpmTCflHMPM1VEyZaFOXcw

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

mURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll

BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m

uRun: [sony Ericsson PC Suite] "c:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon

uRun: [Mobile Partner] "d:\program files\tele2 mobile partner\Tele2 Mobile Partner.exe"

uRun: [steam] "d:\program files\steam\Steam.exe" -silent

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"

mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"

mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [updatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"

mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"

mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"

mRun: [updatePPShortCut] "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0"

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [APLangApp] "c:\program files\anypc client\APLangApp.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"

mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup

mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

dRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog

StartupFolder: c:\users\alexan~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\common files\microsoft shared\virtualization handler\CVH.EXE

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll

LSP: c:\program files\iobit\advanced systemcare 3\SPICtrl.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\alexan~1\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://torrents.to/

FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptb=RpmTCflHMPM1VEyZaFOXcw&psa=&ind=2010110108&ptnrS=ZVfox000&si=&st=kwd&n=77cfd89c&searchfor=

FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll

FF - component: c:\users\alexander\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll

FF - component: c:\users\alexander\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll

FF - component: c:\users\alexander\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\extensions\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}\components\FFExternalAlert.dll

FF - component: c:\users\alexander\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\extensions\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}\components\RadioWMPCore.dll

FF - component: c:\users\alexander\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\extensions\engine@conduit.com\components\FFExternalAlert.dll

FF - component: c:\users\alexander\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\extensions\engine@conduit.com\components\RadioWMPCore.dll

FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

 

============= SERVICES / DRIVERS ===============

 

R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]

R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-1-12 10752]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AVP;Tjänsten Kaspersky Anti-Virus;c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-7-1 352976]

R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-2-28 821664]

R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-10-6 90112]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-10-17 632792]

R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-4-24 483688]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-13 122880]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-10-6 27632]

R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-4-24 550760]

R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-4-24 195944]

R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-4-24 21864]

R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-4-24 19304]

R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-4-24 209768]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-18 135664]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-20 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2010-4-19 18432]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2010-10-6 90536]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2010-10-6 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2010-10-6 122152]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2010-10-6 115496]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2010-10-6 25768]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2010-10-6 111912]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2010-10-6 117672]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-18 1343400]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

 

=============== File Associations ===============

 

.txt=GetDiz.Document

 

=============== Created Last 30 ================

 

2010-11-14 21:01:22 -------- d-----w- c:\users\alexan~1\appdata\roaming\Malwarebytes

2010-11-14 21:01:05 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-11-14 21:01:04 -------- d-----w- c:\progra~2\Malwarebytes

2010-11-14 21:01:03 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-11-14 21:01:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-11-14 13:39:43 -------- d-----w- c:\progra~2\F-Secure

2010-11-14 13:15:41 -------- d-----w- C:\Intel

2010-11-14 13:14:23 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-14 13:14:23 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2010-11-12 15:22:50 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{52b9e05a-aff5-43f9-8ec0-b6556b7bb92f}\mpengine.dll

2010-11-05 22:32:22 -------- d-----w- c:\users\alexan~1\appdata\local\ElevatedDiagnostics

2010-11-01 16:00:46 -------- d-----w- c:\progra~2\Driver Mender

2010-10-29 21:40:02 21840 ----atw- c:\windows\system32\SIntfNT.dll

2010-10-29 21:40:02 17212 ----atw- c:\windows\system32\SIntf32.dll

2010-10-29 21:40:02 12067 ----atw- c:\windows\system32\SIntf16.dll

2010-10-29 21:38:34 94208 ----a-w- c:\windows\DIIUnin.exe

2010-10-29 21:38:34 2829 ----a-w- c:\windows\DIIUnin.pif

2010-10-29 16:20:32 -------- d-----w- c:\users\alexan~1\appdata\local\PunkBuster

2010-10-29 16:11:18 -------- d-----w- c:\users\alexan~1\appdata\roaming\uTorrent

2010-10-26 18:31:49 641536 ----a-w- c:\windows\system32\CPFilters.dll

2010-10-26 18:31:49 417792 ----a-w- c:\windows\system32\msdri.dll

2010-10-26 18:31:48 204288 ----a-w- c:\windows\system32\MSNP.ax

2010-10-26 18:31:48 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2010-10-26 18:31:38 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2010-10-20 15:13:31 -------- d-----w- c:\windows\sv

2010-10-20 15:12:36 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2010-10-20 15:04:04 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll

2010-10-20 15:04:04 515416 ----a-w- c:\windows\system32\XAudio2_5.dll

2010-10-20 15:04:04 453456 ----a-w- c:\windows\system32\d3dx10_42.dll

2010-10-20 15:02:23 -------- d-----w- c:\users\alexan~1\appdata\local\Windows Live

2010-10-18 11:26:02 -------- d-----w- c:\program files\iPod

2010-10-17 20:30:00 -------- d-----w- c:\program files\FlvTube Toolbar

2010-10-17 20:29:12 187 ----a-w- c:\users\alexan~1\appdata\roaming\8801.bat

2010-10-17 19:53:06 -------- d-----w- c:\users\alexan~1\appdata\roaming\Need for Speed World

2010-10-17 19:42:20 -------- d-----w- c:\users\alexan~1\appdata\local\Electronic_Arts_Inc

2010-10-17 19:39:19 -------- d-----w- c:\windows\system32\directx

2010-10-17 19:39:07 -------- d-----w- c:\progra~2\Electronic Arts

 

==================== Find3M ====================

 

2010-10-29 18:00:51 103736 ----a-w- c:\windows\system32\PnkBstrB.exe

2010-10-29 16:21:57 66872 ----a-w- c:\windows\system32\PnkBstrA.exe

2010-10-19 10:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-13 17:44:21 0 ----a-w- c:\windows\system32\sho7AEE.tmp

2010-10-06 17:30:35 148736 ----a-w- c:\progra~2\hpeC6AC.dll

2010-10-01 19:32:03 22328 ----a-w- c:\users\alexan~1\appdata\roaming\PnkBstrK.sys

2010-10-01 18:55:41 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll

2010-09-22 22:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll

2010-09-22 22:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR

2010-09-21 12:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL

2010-09-18 18:09:54 595456 ----a-w- c:\windows\system32\NScanNative_bak.dll

2010-09-18 18:09:54 43584 ----a-w- c:\windows\system32\AES_bak.dll

2010-09-18 18:09:42 81920 ----a-w- c:\windows\system32\fstcp_bak.dll

2010-09-18 18:09:42 76800 ----a-w- c:\windows\system32\spekekit_bak.dll

2010-09-18 18:07:35 138304 ----a-w- c:\program files\common files\osdinst.dll

2010-09-18 18:07:29 4870208 ----a-w- c:\program files\common files\xsignal.exe

2010-09-16 09:26:02 37336 ----a-w- c:\windows\system32\CleanMFT32.exe

2010-09-08 09:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-09-08 09:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll

2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec

2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL

2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys

2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll

2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll

2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll

2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll

2010-08-25 18:46:02 8198680 ----a-w- c:\windows\system32\TVWSetup.exe

2010-08-25 18:45:48 948760 ----a-w- c:\windows\system32\igxpun.exe

2010-08-25 18:45:44 136216 ----a-w- c:\windows\system32\igfxtray.exe

2010-08-25 18:45:42 266776 ----a-w- c:\windows\system32\igfxsrvc.exe

2010-08-25 18:45:40 170520 ----a-w- c:\windows\system32\igfxpers.exe

2010-08-25 18:45:38 179224 ----a-w- c:\windows\system32\igfxext.exe

2010-08-25 18:45:36 171032 ----a-w- c:\windows\system32\hkcmd.exe

2010-08-25 18:45:32 3156504 ----a-w- c:\windows\system32\GfxUI.exe

2010-08-25 18:39:46 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll

2010-08-25 18:31:30 4967424 ----a-w- c:\windows\system32\igdumd32.dll

2010-08-25 18:28:22 571904 ----a-w- c:\windows\system32\igdumdx32.dll

2010-08-25 18:23:14 4411904 ----a-w- c:\windows\system32\igd10umd32.dll

2010-08-25 18:09:34 11040256 ----a-w- c:\windows\system32\ig4icd32.dll

2010-08-25 18:00:00 23552 ----a-w- c:\windows\system32\igfxexps.dll

2010-08-25 18:00:00 194560 ----a-w- c:\windows\system32\igfxpph.dll

2010-08-25 17:59:58 261632 ----a-w- c:\windows\system32\igfxTMM.dll

2010-08-25 17:59:58 115200 ----a-w- c:\windows\system32\igfxcpl.cpl

2010-08-25 17:59:42 57344 ----a-w- c:\windows\system32\igfxsrvc.dll

2010-08-25 17:59:24 130048 ----a-w- c:\windows\system32\igfxdo.dll

2010-08-25 17:59:16 94720 ----a-w- c:\windows\system32\hccutils.dll

2010-08-25 17:59:10 120320 ----a-w- c:\windows\system32\gfxSrvc.dll

2010-08-25 17:59:08 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2010-08-25 17:59:06 85504 ----a-w- c:\windows\system32\igfxrenu.lrc

2010-08-25 17:59:06 828928 ----a-w- c:\windows\system32\igfxress.dll

2010-08-25 17:59:06 228864 ----a-w- c:\windows\system32\igfxdev.dll

2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll

2010-08-21 05:36:24 224256 ----a-w- c:\windows\system32\schannel.dll

2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll

2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe

 

============= FINISH: 17:26:48,38 ===============

 

-------------------------------------------------------------------------

-------------------------------------------------------------------------

Nummer 2:

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-11-10.01)

 

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2010-07-20 18:03:29

System Uptime: 2010-11-15 06:19:56 (35 hours ago)

 

Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | R530/R730

Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz | U2E1 | 2100/mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 141 GiB total, 93,252 GiB free.

D: is FIXED (NTFS) - 141 GiB total, 106,816 GiB free.

E: is CDROM (UDF)

 

==== Disabled Device Manager Items =============

 

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Description: Nokia 6300

Device ID: ROOT\WPD\0000

Manufacturer: Nokia

Name: Nokia 6300

PNP Device ID: ROOT\WPD\0000

Service: WUDFRd

 

==== System Restore Points ===================

 

RP96: 2010-10-17 14:08:52 - Installed XIII

RP98: 2010-10-17 21:40:50 - DirectX har installerats

RP100: 2010-10-18 12:28:50 - Windows Update

 

==== Installed Programs ======================

 

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh

Adobe Acrobat 5.0

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.1 - Svenska

Adobe Shockwave Player 11.5

Advanced SystemCare 3

AnyPC Client

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Client Installation Program

µTorrent

Auto Avatar Prerequisites

Avanquest update

BatteryLifeExtender

Bonjour

Compatibility Pack för Office 2007-systemet

Conduit Engine

Counter-Strike

CyberLink DVD Suite

CyberLink LabelPrint

CyberLink Power2Go

CyberLink PowerDirector

CyberLink PowerDVD 8

CyberLink PowerProducer

CyberLink YouCam

D3DX10

Diablo II

DllPlayer 2.1.1

Easy Display Manager

Easy Network Manager

Easy SpeedUp Manager

EasyBatteryManager

Enemy Territory - QUAKE Wars

Game Booster

Game Booster 2

GameSpy Arcade

GetDiz 4.5

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GTA San Andreas

Incomedia WebSite X5 v8 - Evolution

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

iTunes

Java Auto Updater

Java 6 Update 22

Junk Mail filter update

Kaspersky Anti-Virus 2011

Malwarebytes' Anti-Malware

Marvell Miniport Driver

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile Language Pack - SVE

Microsoft .NET Framework 4 Client Profile SVE Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended Language Pack - SVE

Microsoft .NET Framework 4 Extended SVE Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Click-to-Run 2010

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Home and Business 2010 - English

Microsoft Office Home and Student 2007

Microsoft Office Live Add-in 1.5

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook Connector

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office PowerPoint Viewer 2007 (Swedish)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Works

Mozilla Firefox (3.6.10)

MSVCRT

Need For Speed™ World

Nokia Connectivity Cable Driver

Nokia PC Suite

Norton Security Scan

NVIDIA PhysX

OGA Notifier 2.0.0048.0

PC Connectivity Solution

QuickTime

Registry Mechanic 10.0

Samsung Recovery Solution 4

Samsung Support Center

Samsung Update Plus

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Skype™ 4.2

Sony Ericsson PC Companion 1.60.13

Sony Ericsson PC Suite 6.009.00

Spotify

Steam

SWAT 4

Synaptics Pointing Device Driver

TeamSpeak 3 Client

Tele2 Mobile Partner

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Word 2007 (KB974631)

User Guide

Ventrilo Client

Windows 7 USB/DVD Download Tool

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

Xfire (remove only)

XfireXO Toolbar

XIII

 

==== End Of File ===========================

 

 

Här är det som stod i systemlook: SystemLook 04.09.10 by jpshortstuff

Log created at 17:16 on 16/11/2010 by Alexander

Administrator - Elevation successful

 

========== dir ==========

 

c:\progra~2\UAB - Unable to find folder.

 

========== file ==========

 

c:\windows\system32\f3PSSavr.scr - Unable to find/read file.

 

-= EOF =-

 

Om jag klickar på systemlookfilen på skrivbordet öppnas bara ett blått fönster med ett: S uppe i vänstra hörnet men när jag kopierar sidan & klistrar in den här står det följande:

SystemLook 04.09.10 by jpshortstuff

Log created at 17:16 on 16/11/2010 by Alexander

Administrator - Elevation successful

 

========== dir ==========

 

c:\progra~2\UAB - Unable to find folder.

 

========== file ==========

 

c:\windows\system32\f3PSSavr.scr - Unable to find/read file.

 

-= EOF =-

 

Patric

Redigerad av Cecilia
Tog bort log-taggar (från Log-knappen) eftersom de gjorde loggen oläslig /Cecilia, moderator

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Avinstallera:

XfireXO Toolbar

 

Ta bort mapparna:

c:\program files\FlvTube Toolbar

c:\progra~2\Driver Mender

där ~2 står för ett antal godtyckliga tecken.

 

Byt startsida i IE till något lämpligare än MyWebSearch.

 

uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m

För bättre prestanda sluta använda SmartRAM.

 

I Firefox adressfält skriver du in about:config.

Leta sedan upp raden:

keyword.URL

Högerklicka på den och välj Återställ.

 

Hittar du XfireXO Toolbar som Tillägg i Firefox också?

I så fall avinstallera det.

 

Är du medveten om att registerstädningsprogram, t ex Registry Mechanic, då och då tar bort för mycket från registret och orsakar problem om man låter dem ta bort allt de vill?

 

Starta om datorn och klistra in en ny DDS.txt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Harmonicaman

Jag var inte medveten om att Registry Mechanic ibland tar bort för mycket.

 

Här kommer DDS-loggarna:

 

DDS (Ver_10-11-10.01) - NTFSx86

Run by Alexander at 15:54:38,97 on 2010-11-19

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.46.1053.18.3033.2048 [GMT 1:00]

 

 

============== Running Processes ===============

 

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\windows\system32\PnkBstrA.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\taskeng.exe

C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe

C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe

C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe

C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

C:\windows\system32\igfxext.exe

C:\windows\system32\igfxsrvc.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\servicing\TrustedInstaller.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE

C:\windows\system32\SearchProtocolHost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

Q:\140062.enu\Office14\ONENOTEM.EXE

C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\windows\system32\DllHost.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\taskeng.exe

C:\windows\explorer.exe

C:\Users\Alexander\Desktop\dds(2).scr

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZVfox000&ptb=RpmTCflHMPM1VEyZaFOXcw

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

mURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll

BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m

uRun: [sony Ericsson PC Suite] "c:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon

uRun: [Mobile Partner] "d:\program files\tele2 mobile partner\Tele2 Mobile Partner.exe"

uRun: [steam] "d:\program files\steam\Steam.exe" -silent

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"

mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"

mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [updatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"

mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"

mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"

mRun: [updatePPShortCut] "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0"

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [APLangApp] "c:\program files\anypc client\APLangApp.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"

mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup

mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

dRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog

StartupFolder: c:\users\alexan~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\common files\microsoft shared\virtualization handler\CVH.EXE

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll

LSP: c:\program files\iobit\advanced systemcare 3\SPICtrl.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\alexan~1\appdata\roaming\mozilla\firefox\profiles\anzpx27w.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://torrents.to/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll

FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

 

============= SERVICES / DRIVERS ===============

 

R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]

R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-1-12 10752]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AVP;Tjänsten Kaspersky Anti-Virus;c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-7-1 352976]

R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-2-28 821664]

R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-10-6 90112]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-10-17 632792]

R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-4-24 483688]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-13 122880]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-10-6 27632]

R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-4-24 550760]

R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-4-24 195944]

R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-4-24 21864]

R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-4-24 19304]

R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-4-24 209768]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-18 135664]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-20 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2010-4-19 18432]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2010-10-6 90536]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2010-10-6 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2010-10-6 122152]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2010-10-6 115496]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2010-10-6 25768]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2010-10-6 111912]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2010-10-6 117672]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-18 1343400]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

 

=============== File Associations ===============

 

.txt=GetDiz.Document

 

=============== Created Last 30 ================

 

2010-11-19 12:16:10 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{18185dc1-deda-4ab1-a6bb-59e8118aa48d}\mpengine.dll

2010-11-14 21:01:22 -------- d-----w- c:\users\alexan~1\appdata\roaming\Malwarebytes

2010-11-14 21:01:05 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-11-14 21:01:04 -------- d-----w- c:\progra~2\Malwarebytes

2010-11-14 21:01:03 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-11-14 21:01:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-11-14 13:39:43 -------- d-----w- c:\progra~2\F-Secure

2010-11-14 13:15:41 -------- d-----w- C:\Intel

2010-11-14 13:14:23 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-14 13:14:23 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2010-11-05 22:32:22 -------- d-----w- c:\users\alexan~1\appdata\local\ElevatedDiagnostics

2010-11-01 16:00:46 -------- d-----w- c:\progra~2\Driver Mender

2010-10-29 21:40:02 21840 ----atw- c:\windows\system32\SIntfNT.dll

2010-10-29 21:40:02 17212 ----atw- c:\windows\system32\SIntf32.dll

2010-10-29 21:40:02 12067 ----atw- c:\windows\system32\SIntf16.dll

2010-10-29 21:38:34 94208 ----a-w- c:\windows\DIIUnin.exe

2010-10-29 21:38:34 2829 ----a-w- c:\windows\DIIUnin.pif

2010-10-29 16:20:32 -------- d-----w- c:\users\alexan~1\appdata\local\PunkBuster

2010-10-29 16:11:18 -------- d-----w- c:\users\alexan~1\appdata\roaming\uTorrent

2010-10-26 18:31:49 641536 ----a-w- c:\windows\system32\CPFilters.dll

2010-10-26 18:31:49 417792 ----a-w- c:\windows\system32\msdri.dll

2010-10-26 18:31:48 204288 ----a-w- c:\windows\system32\MSNP.ax

2010-10-26 18:31:48 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2010-10-26 18:31:38 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2010-10-20 15:13:31 -------- d-----w- c:\windows\sv

2010-10-20 15:12:36 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2010-10-20 15:04:04 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll

2010-10-20 15:04:04 515416 ----a-w- c:\windows\system32\XAudio2_5.dll

2010-10-20 15:04:04 453456 ----a-w- c:\windows\system32\d3dx10_42.dll

2010-10-20 15:02:23 -------- d-----w- c:\users\alexan~1\appdata\local\Windows Live

 

==================== Find3M ====================

 

2010-10-29 18:00:51 103736 ----a-w- c:\windows\system32\PnkBstrB.exe

2010-10-29 16:21:57 66872 ----a-w- c:\windows\system32\PnkBstrA.exe

2010-10-19 09:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-17 20:29:12 187 ----a-w- c:\users\alexan~1\appdata\roaming\8801.bat

2010-10-13 17:44:21 0 ----a-w- c:\windows\system32\sho7AEE.tmp

2010-10-06 17:30:35 148736 ----a-w- c:\progra~2\hpeC6AC.dll

2010-10-01 19:32:03 22328 ----a-w- c:\users\alexan~1\appdata\roaming\PnkBstrK.sys

2010-10-01 18:55:41 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll

2010-09-22 22:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll

2010-09-22 22:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR

2010-09-21 12:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL

2010-09-18 18:09:54 595456 ----a-w- c:\windows\system32\NScanNative_bak.dll

2010-09-18 18:09:54 43584 ----a-w- c:\windows\system32\AES_bak.dll

2010-09-18 18:09:42 81920 ----a-w- c:\windows\system32\fstcp_bak.dll

2010-09-18 18:09:42 76800 ----a-w- c:\windows\system32\spekekit_bak.dll

2010-09-18 18:07:35 138304 ----a-w- c:\program files\common files\osdinst.dll

2010-09-18 18:07:29 4870208 ----a-w- c:\program files\common files\xsignal.exe

2010-09-16 09:26:02 37336 ----a-w- c:\windows\system32\CleanMFT32.exe

2010-09-08 09:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-09-08 09:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll

2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec

2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL

2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys

2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll

2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll

2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll

2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll

2010-08-25 18:46:02 8198680 ----a-w- c:\windows\system32\TVWSetup.exe

2010-08-25 18:45:48 948760 ----a-w- c:\windows\system32\igxpun.exe

2010-08-25 18:45:44 136216 ----a-w- c:\windows\system32\igfxtray.exe

2010-08-25 18:45:42 266776 ----a-w- c:\windows\system32\igfxsrvc.exe

2010-08-25 18:45:40 170520 ----a-w- c:\windows\system32\igfxpers.exe

2010-08-25 18:45:38 179224 ----a-w- c:\windows\system32\igfxext.exe

2010-08-25 18:45:36 171032 ----a-w- c:\windows\system32\hkcmd.exe

2010-08-25 18:45:32 3156504 ----a-w- c:\windows\system32\GfxUI.exe

2010-08-25 18:39:46 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll

2010-08-25 18:31:30 4967424 ----a-w- c:\windows\system32\igdumd32.dll

2010-08-25 18:28:22 571904 ----a-w- c:\windows\system32\igdumdx32.dll

2010-08-25 18:23:14 4411904 ----a-w- c:\windows\system32\igd10umd32.dll

2010-08-25 18:09:34 11040256 ----a-w- c:\windows\system32\ig4icd32.dll

2010-08-25 18:00:00 23552 ----a-w- c:\windows\system32\igfxexps.dll

2010-08-25 18:00:00 194560 ----a-w- c:\windows\system32\igfxpph.dll

2010-08-25 17:59:58 261632 ----a-w- c:\windows\system32\igfxTMM.dll

2010-08-25 17:59:58 115200 ----a-w- c:\windows\system32\igfxcpl.cpl

2010-08-25 17:59:42 57344 ----a-w- c:\windows\system32\igfxsrvc.dll

2010-08-25 17:59:24 130048 ----a-w- c:\windows\system32\igfxdo.dll

2010-08-25 17:59:16 94720 ----a-w- c:\windows\system32\hccutils.dll

2010-08-25 17:59:10 120320 ----a-w- c:\windows\system32\gfxSrvc.dll

2010-08-25 17:59:08 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2010-08-25 17:59:06 85504 ----a-w- c:\windows\system32\igfxrenu.lrc

2010-08-25 17:59:06 828928 ----a-w- c:\windows\system32\igfxress.dll

2010-08-25 17:59:06 228864 ----a-w- c:\windows\system32\igfxdev.dll

 

============= FINISH: 15:56:38,63 ===============

 

 

DDS-logg 2:

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-11-10.01)

 

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2010-07-20 18:03:29

System Uptime: 2010-11-19 15:44:34 (0 hours ago)

 

Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | R530/R730

Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz | U2E1 | 2100/mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 141 GiB total, 93,138 GiB free.

D: is FIXED (NTFS) - 141 GiB total, 106,815 GiB free.

E: is CDROM (UDF)

 

==== Disabled Device Manager Items =============

 

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Description: Nokia 6300

Device ID: ROOT\WPD\0000

Manufacturer: Nokia

Name: Nokia 6300

PNP Device ID: ROOT\WPD\0000

Service: WUDFRd

 

==== System Restore Points ===================

 

RP96: 2010-10-17 14:08:52 - Installed XIII

RP98: 2010-10-17 21:40:50 - DirectX har installerats

RP100: 2010-10-18 12:28:50 - Windows Update

 

==== Installed Programs ======================

 

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh

Adobe Acrobat 5.0

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.1 - Svenska

Adobe Shockwave Player 11.5

Advanced SystemCare 3

AnyPC Client

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Client Installation Program

µTorrent

Auto Avatar Prerequisites

Avanquest update

BatteryLifeExtender

Bonjour

Compatibility Pack för Office 2007-systemet

Conduit Engine

Counter-Strike

CyberLink DVD Suite

CyberLink LabelPrint

CyberLink Power2Go

CyberLink PowerDirector

CyberLink PowerDVD 8

CyberLink PowerProducer

CyberLink YouCam

D3DX10

Diablo II

DllPlayer 2.1.1

Easy Display Manager

Easy Network Manager

Easy SpeedUp Manager

EasyBatteryManager

Enemy Territory - QUAKE Wars

Game Booster

Game Booster 2

GameSpy Arcade

GetDiz 4.5

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GTA San Andreas

Incomedia WebSite X5 v8 - Evolution

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

iTunes

Java Auto Updater

Java 6 Update 22

Junk Mail filter update

Kaspersky Anti-Virus 2011

Malwarebytes' Anti-Malware

Marvell Miniport Driver

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile Language Pack - SVE

Microsoft .NET Framework 4 Client Profile SVE Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended Language Pack - SVE

Microsoft .NET Framework 4 Extended SVE Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Click-to-Run 2010

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Home and Business 2010 - English

Microsoft Office Home and Student 2007

Microsoft Office Live Add-in 1.5

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook Connector

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office PowerPoint Viewer 2007 (Swedish)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Works

Mozilla Firefox (3.6.10)

MSVCRT

Need For Speed™ World

Nokia Connectivity Cable Driver

Nokia PC Suite

Norton Security Scan

NVIDIA PhysX

OGA Notifier 2.0.0048.0

PC Connectivity Solution

QuickTime

Registry Mechanic 10.0

Samsung Recovery Solution 4

Samsung Support Center

Samsung Update Plus

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Skype™ 4.2

Sony Ericsson PC Companion 1.60.13

Sony Ericsson PC Suite 6.009.00

Spotify

Steam

SWAT 4

Synaptics Pointing Device Driver

TeamSpeak 3 Client

Tele2 Mobile Partner

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Word 2007 (KB974631)

User Guide

Ventrilo Client

Windows 7 USB/DVD Download Tool

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

Xfire (remove only)

XIII

 

==== End Of File ===========================

 

 

Patric

Redigerad av Cecilia
Tog bort log-taggar (från Log-knappen) eftersom de gjorde loggen oläslig /Cecilia, moderator

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Alla registerstädningsprogram tar ibland bort för mycket och orsakar problem.

 

XfireXO Toolbar är fortfarande kvar i loggen. Det är dags för HijackThis för att få bort den. Ladda ner från en av länkarna:

http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi (bästa alternativet)

http://www.filehippo.com/download_hijackthis/

http://www.trendmicro.com/ftp/products/hijackthis/HijackThis.exe

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat) och klistra in i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Harmonicaman

HiJackloggen:

[log]Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:58:46, on 2010-11-19

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16671)

Boot mode: Normal

 

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE

Q:\140062.enu\Office14\ONENOTEM.EXE

C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

C:\Program Files\Registry Mechanic\Alert.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\Windows NT\Accessories\wordpad.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZVfox000&ptb=RpmTCflHMPM1VEyZaFOXcw

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (file missing)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll

O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (file missing)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (file missing)

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [APLangApp] "C:\Program Files\AnyPC Client\APLangApp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon

O4 - HKCU\..\Run: [Mobile Partner] "D:\Program Files\Tele2 Mobile Partner\Tele2 Mobile Partner.exe"

O4 - HKCU\..\Run: [steam] "D:\Program Files\steam\Steam.exe" -silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin

O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: &Virtuellt tangentbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: K&ontroll av webbadresser - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll

O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll

O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll

O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Tjänsten Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 12376 bytes

[/log]

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Skanna med HijackThis och bocka för:

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsea...HMPM1VEyZaFOXcw

R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (file missing)

O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (file missing)

O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (file missing)

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn.

 

Hur fungerar datorn nu?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Harmonicaman

Har gjort det nu men nu verkar den ännu sämre!?

Igår efter att jag gjort allt du skrev om & startat om datorn så skulle jag starta iTunes, men den vägrade starta.

Fick inte ens ett felmeddelande så jag ominstallerade det men det hjälpte inte.

Stängde av datorn & skulle starta upp den idag(söndag) men första gången så slutade det med att skärmen blev svart(med svag "bakgrundsbelysning").

De 2 nästföljande gånger fick jag fram skrivbordet fast utan ikoner & ett timglas.

Verktygsraden längst ner kom också fram med ikoner.

Kunde inte klicka någonstans då timglaset inte ändrades till en pil.

 

Jag fick starta om datorn i "Felsäkert läge med nätverk" för att kunna gå ut på nätet & skriva hit.

 

Patric

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia
Stängde av datorn & skulle starta upp den idag(söndag) men första gången så slutade det med att skärmen blev svart(med svag "bakgrundsbelysning").
Det där är ett hårdvaruproblem med bakgrundsbelysningen till skärmen.

 

Jag undrar om det inte är något hårdvaruproblem med datorn när den beter sig så där, så varierande. Kan ju vara bra att testa hårddisken genom att starta datorn från en CD-skiva med testprogram på. Testa hårddisken med det testprogram som tillverkaren av den har på sin webbplats. Om du inte vet vilken tillverkare det är av hårddisken så kan man ofta få fram det genom att titta i Enhetshanteraren (högerklick på Den här datorn - Hantera), där brukar det stå åtminstone ett artikelnummer för hårddisken som man kan googla på för att få fram tillverkaren.

Det är oftare lättare att gå via sidan http://www.tacktech.com/display.cfm?ttid=287 för att hitta testprogrammet än att leta på tillverkarens webbplats.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Harmonicaman

Körde programmet Data Lifeguard Diagnostic for Windows som jag hittade via länken som du la ut.

Denna logg fick jag fram när jag hade kört "Extended test".

[log]Test Option: EXTENDED TEST

Model Number: WDC WD3200BEVT-22ZCT0

Unit Serial Number: WD-WXT0EB9NCT25

Firmware Number: 11.01A11

Capacity: 320.07 GB

SMART Status: PASS

Test Result: PASS

Test Time: 21:26:43, November 21, 2010

 

Test Option: EXTENDED TEST

Model Number: WDC WD3200BEVT-22ZCT0

Unit Serial Number: WD-WXT0EB9NCT25

Firmware Number: 11.01A11

Capacity: 320.07 GB

SMART Status: PASS

Test Result: ABORT

Test Time: 21:26:54, November 21, 2010

 

 

Test Option: EXTENDED TEST

Model Number: WDC WD3200BEVT-22ZCT0

Unit Serial Number: WD-WXT0EB9NCT25

Firmware Number: 11.01A11

Capacity: 320.07 GB

SMART Status: PASS

Test Result: PASS

Test Time: 04:41:50, November 22, 2010

 

[/log]

Alla testresultat från S.M.A.R.T var okej.

 

Patric

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...