Just nu i M3-nätverket
Jump to content

hej popup problem


jerrylee

Recommended Posts

har fått nåt typ av popup program eller nåt sånt problemet är att datorn hänger sig i typ 30 sec för att ladda popupen så fort man byter sida samma problem har testat det mesta någon som har nån ide tack på förhand

 

Link to comment
Share on other sites

okey hoppas detta hjälper

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:35:12, on 2007-08-29

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\Program\Java\j2re1.4.2_05\bin\jusched.exe

C:\Program\Ahead\InCD\InCD.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\Rundll32.exe

C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program\Winamp\winampa.exe

C:\PROGRAM\DAP\DAP.EXE

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\PowerISO\PWRISOVM.EXE

C:\Program\HP\HP Software Update\HPWuSchd2.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\Glocalnet\Bredbandscenter\Launcher.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program\Creative\MediaSource\Detector\CTDetect.exe

C:\Program\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe

C:\PROGRAM\PANICW~1\POP-UP~1\PSFREE.EXE

C:\Program\Glocalnet\Bredbandscenter\BredbandscenterUpdater.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\ZONELABS\vsmon.exe

C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program\iPod\bin\iPodService.exe

C:\WINDOWS\system32\taskmgr.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.se/Default.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O1 - Hosts: 80.190.241.30 home.edonkey.com

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program\DAP\DAPIEBar.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program\Xi\NetXfer\NXToolBar.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe

O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRAM\DAP\DAP.EXE /STARTUP

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton AntiVirus\osCheck.exe"

O4 - HKLM\..\Run: [sBCSTray] L:\spy\SBCSTray.exe

O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe

O4 - HKLM\..\Run: [xiladgte.exe] C:\Documents and Settings\All Users\Application Data\xiladgte.exe

O4 - HKLM\..\Run: [sC2] C:\WINDOWS\system32\scchk32.exe

O4 - HKLM\..\Run: [bredbandscenter] "C:\Program\Glocalnet\Bredbandscenter\Launcher.exe" /winstart

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [systemRestoreStatus] rundll32.exe "C:\WINDOWS\system32\cccyuxpd.dll",sitypnow

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Creative Detector] C:\Program\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [blazeServoTool] "C:\Program\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe"

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM\PANICW~1\POP-UP~1\PSFREE.EXE"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Registration Brothers In Arms.LNK = E:\Support\Register\RegistrationReminder.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Download with &DAP - C:\PROGRAM\DAP\dapextie.htm

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRAM\DAP\dapextie2.htm

O8 - Extra context menu item: Ladda ner Alla med NetXfer - C:\Program\Xi\NetXfer\NXAddList.html

O8 - Extra context menu item: Ladda ner med NetXfer - C:\Program\Xi\NetXfer\NXAddLink.html

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/229?761179eab9294967aee603ec55011d63

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/230?761179eab9294967aee603ec55011d63

O9 - Extra button: PopupPopper - Kontrollpanel - {3E94F358-9537-4BBA-8D12-D7F8A0136973} - C:\Program\PopupPopper\SiteList.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/

O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)

O23 - Service: BredbandscenterDownloader - Glocalnet AB - C:\Program\Glocalnet\Bredbandscenter\BredbandscenterUpdater.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Verifiering av lösenord (ISPwdSvc) - Symantec Corporation - C:\Program\Norton AntiVirus\isPwdSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program\WinPcap\rpcapd.exe

O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - L:\spy\SBCSSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe

 

--

End of file - 10391 bytes

 

 

Link to comment
Share on other sites

vi börjar med dessa program:

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

spara SDFix.exe på skrivbordet >klicka på SDFix.exe >sdfixen packas upp här: C:\SDFix.

starta om i felsäkert läge (F8) >gå hit: C:\SDFix >klicka på runthis.bat >välj y.

när scanningen är klar så tryck på valfri tangent för att starta om.

när det står finished så tryck på valfri tangent. en logg kommer automatiskt att visas (C:\SDFix\report.txt), kopiera in loggen här.

 

sen kör du vundofix:

hämta detta program, spara det på skrivbordet.

http://www.atribune.org/ccount/click.php?id=4

starta programmet >klicka på scan for vundo >klicka på remove vundo.

välj ta bort filerna, vid fråga.

starta om, ev kan det bli aktuellt med flera omstarter.

posta loggen som finns här C:\vundofix.txt

 

posta även en ny HJT logg när du kört vundofix så då blir det tre loggar jag vill se

 

Link to comment
Share on other sites

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:40:05, on 2007-08-30

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\Program\Java\j2re1.4.2_05\bin\jusched.exe

C:\Program\Ahead\InCD\InCD.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\Rundll32.exe

C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program\Winamp\winampa.exe

C:\PROGRAM\DAP\DAP.EXE

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\PowerISO\PWRISOVM.EXE

C:\Program\HP\HP Software Update\HPWuSchd2.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

L:\spy\SBCSTray.exe

C:\Documents and Settings\All Users\Application Data\xiladgte.exe

C:\Program\Glocalnet\Bredbandscenter\Launcher.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Messenger\msmsgs.exe

C:\Program\Creative\MediaSource\Detector\CTDetect.exe

C:\Program\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe

C:\PROGRAM\PANICW~1\POP-UP~1\PSFREE.EXE

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program\Glocalnet\Bredbandscenter\BredbandscenterUpdater.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\WINDOWS\system32\HPZipm12.exe

L:\spy\SBCSSvc.exe

C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\ZONELABS\vsmon.exe

C:\Program\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.se/Default.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Control Popups in Internet Explorer - {41353F8B-78CE-48A5-BE44-153ED293D192} - C:\Program\PopupPopper\PopLib.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program\Xi\NetXfer\NXIEHelper.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program\Xi\NetTransport 2\NTIEHelper.dll

O2 - BHO: (no name) - {CE4C74AD-2391-48CC-B39C-104D0928370F} - C:\WINDOWS\system32\vtstt.dll (file missing)

O2 - BHO: (no name) - {E64F0381-0053-4842-B3E5-08F6C4A0AEB6} - C:\WINDOWS\system32\fwfvgfry.dll

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program\DAP\DAPIEBar.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program\Xi\NetXfer\NXToolBar.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe

O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRAM\DAP\DAP.EXE /STARTUP

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton AntiVirus\osCheck.exe"

O4 - HKLM\..\Run: [sBCSTray] L:\spy\SBCSTray.exe

O4 - HKLM\..\Run: [xiladgte.exe] C:\Documents and Settings\All Users\Application Data\xiladgte.exe

O4 - HKLM\..\Run: [sC2] C:\WINDOWS\system32\scchk32.exe

O4 - HKLM\..\Run: [bredbandscenter] "C:\Program\Glocalnet\Bredbandscenter\Launcher.exe" /winstart

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [systemRestoreStatus] rundll32.exe "C:\WINDOWS\system32\pwohjqji.dll",sitypnow

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Creative Detector] C:\Program\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [blazeServoTool] "C:\Program\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe"

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM\PANICW~1\POP-UP~1\PSFREE.EXE"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Registration Brothers In Arms.LNK = E:\Support\Register\RegistrationReminder.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Download with &DAP - C:\PROGRAM\DAP\dapextie.htm

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRAM\DAP\dapextie2.htm

O8 - Extra context menu item: Ladda ner Alla med NetXfer - C:\Program\Xi\NetXfer\NXAddList.html

O8 - Extra context menu item: Ladda ner med NetXfer - C:\Program\Xi\NetXfer\NXAddLink.html

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/229?761179eab9294967aee603ec55011d63

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/230?761179eab9294967aee603ec55011d63

O9 - Extra button: PopupPopper - Kontrollpanel - {3E94F358-9537-4BBA-8D12-D7F8A0136973} - C:\Program\PopupPopper\SiteList.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/

O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab

O20 - Winlogon Notify: winghy32 - winghy32.dll (file missing)

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)

O23 - Service: BredbandscenterDownloader - Glocalnet AB - C:\Program\Glocalnet\Bredbandscenter\BredbandscenterUpdater.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Verifiering av lösenord (ISPwdSvc) - Symantec Corporation - C:\Program\Norton AntiVirus\isPwdSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program\WinPcap\rpcapd.exe

O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - L:\spy\SBCSSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe

 

--

End of file - 11431 bytes

 

 

 

 

VundoFix V6.5.7

 

Checking Java version...

 

Sun Java not detected

Scan started at 18:27:33 2007-08-30

 

Listing files found while scanning....

 

C:\windows\system32\qomjifc.dll

C:\WINDOWS\system32\ttstv.bak1

C:\WINDOWS\system32\ttstv.bak2

C:\WINDOWS\system32\ttstv.ini

C:\windows\system32\tuvuutq.dll

C:\WINDOWS\system32\vtstt.dll

 

Beginning removal...

 

Attempting to delete C:\windows\system32\qomjifc.dll

C:\windows\system32\qomjifc.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ttstv.bak1

C:\WINDOWS\system32\ttstv.bak1 Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ttstv.bak2

C:\WINDOWS\system32\ttstv.bak2 Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ttstv.ini

C:\WINDOWS\system32\ttstv.ini Has been deleted!

 

Attempting to delete C:\windows\system32\tuvuutq.dll

C:\windows\system32\tuvuutq.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\vtstt.dll

C:\WINDOWS\system32\vtstt.dll Has been deleted!

 

Performing Repairs to the registry.

Done!

 

 

Microsoft Windows XP [Version 5.1.2600]

 

Running From: C:\SDFix

 

Safe Mode:

Checking Services:

 

Name:

runtime2

 

ImagePath:

\SystemRoot\system32\drivers\runtime2.sys

 

runtime2 - Deleted

 

 

 

Restoring Windows Registry Values

Restoring Windows Default Hosts File

 

Rebooting...

 

 

Normal Mode:

Checking Files:

 

Trojan Files Found:

 

C:\DOCUME~1\JESPER~1\LOKALA~1\Temp\$b17a2e8.tmp - Deleted

C:\WINDOWS\system32\0_exception.nls - Deleted

C:\WINDOWS\Temp\$_2341233.TMP - Deleted

 

 

 

Removing Temp Files...

 

ADS Check:

 

C:\WINDOWS

No streams found.

 

C:\WINDOWS\system32

No streams found.

 

C:\WINDOWS\system32\svchost.exe

No streams found.

 

C:\WINDOWS\system32\ntoskrnl.exe

No streams found.

 

 

 

Final Check:

 

Remaining Services:

------------------

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"E:\\My Shared Folder\\Ny mapp\\eDonkey2000\\edonkey2000.exe"="E:\\My Shared Folder\\Ny mapp\\eDonkey2000\\edonkey2000.exe:*:Enabled:edonkey2000"

"C:\\Program\\Kazaa Lite K++\\KazaaLite.kpp"="C:\\Program\\Kazaa Lite K++\\KazaaLite.kpp:*:Enabled:KazaaLite"

"C:\\Program\\Messenger\\MSMSGS.EXE"="C:\\Program\\Messenger\\MSMSGS.EXE:*:Enabled:Windows Messenger"

"C:\\Program\\MSN Messenger\\msnmsgr.exe"="C:\\Program\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program\\BitComet\\BitComet.exe"="C:\\Program\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"

"C:\\Program\\iTunes\\iTunes.exe"="C:\\Program\\iTunes\\iTunes.exe:*:Enabled:iTunes"

"C:\\DOCUME~1\\JESPER~1\\LOKALA~1\\Temp\\win290.tmp.exe"="C:\\DOCUME~1\\JESPER~1\\LOKALA~1\\Temp\\win290.tmp.exe:*:Enabled:win290.tmp"

"C:\\Program\\Glocalnet\\Bredbandscenter\\Bredbandscenter.exe"="C:\\Program\\Glocalnet\\Bredbandscenter\\Bredbandscenter.exe:*:Enabled:Glocalnet Bredbandscenter"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program\\MSN Messenger\\msnmsgr.exe"="C:\\Program\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program\\Glocalnet\\Bredbandscenter\\Bredbandscenter.exe"="C:\\Program\\Glocalnet\\Bredbandscenter\\Bredbandscenter.exe:*:Enabled:Glocalnet Bredbandscenter"

"C:\\Program\\Glocalnet\\Bredbandscenter\\BredbandscenterUpdater.exe"="C:\\Program\\Glocalnet\\Bredbandscenter\\BredbandscenterUpdater.exe:*:Enabled:Glocalnet Bredbandscenter(Nedladdningstj„nsten)"

 

Remaining Files:

---------------

 

File Backups: - C:\SDFix\backups\backups.zip

 

Files with Hidden Attributes:

 

C:\Documents and Settings\jesper horner\Skrivbord\video\cut\DomKarin.com\Thumbs.db

C:\WINDOWS\system32\NTIMPEG2.dll

C:\WINDOWS\system32\ntiembed.dll

C:\WINDOWS\system32\NTICDMK32.dll

C:\Program Files\Replay AV 8\cygz.dll

C:\WINDOWS\system32\KGyGaAvL.sys

C:\WINDOWS\system32\102D0651A4.sys

C:\System Volume Information\_restore{53F66C93-E325-4D64-B04A-194AA55C0CEA}\RP855\A0200544.sys

C:\Documents and Settings\jesper horner\Lokala inst„llningar\Temp\EMULEc7f\MadeTo Print v1.0.007 serial keygen.zip

C:\Documents and Settings\jesper horner\Lokala inst„llningar\Temp\EMULEc7f\Cd Architect v5.0 serial keygen.zip

C:\Documents and Settings\jesper horner\Skrivbord\video\cut\danika7.zip\Thumbs.db

C:\Documents and Settings\jesper horner\Skrivbord\video\cut\Anal.zip\Thumbs.db

 

Finished

 

 

 

 

 

Link to comment
Share on other sites

bättre men inte bra

installera >uppdatera superantispyware.

scan computer >välj complete scan >klicka på next >starta om.

öppna superantispyware >preferences >statistics/logs >markera senaste loggen >view >kopiera in texten från loggen här (det är frivilligt att radera ev cookies från loggen du postar här).

http://www.superantispyware.com/downloads/SUPERAntiSpyware.exe

 

posta en ny HJT logg

 

 

Link to comment
Share on other sites

 

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 08/31/2007 at 06:33 PM

 

Application Version : 3.9.1008

 

Core Rules Database Version : 3259

Trace Rules Database Version: 1270

 

Scan type : Complete Scan

Total Scan Time : 00:51:43

 

Memory items scanned : 520

Memory threats detected : 0

Registry items scanned : 4524

Registry threats detected : 5

File items scanned : 45323

File threats detected : 407

 

Trojan.WinFixer

HKLM\Software\Classes\CLSID\{CE4C74AD-2391-48CC-B39C-104D0928370F}

HKCR\CLSID\{CE4C74AD-2391-48CC-B39C-104D0928370F}

HKCR\CLSID\{CE4C74AD-2391-48CC-B39C-104D0928370F}\InprocServer32

HKCR\CLSID\{CE4C74AD-2391-48CC-B39C-104D0928370F}\InprocServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\VTSTT.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE4C74AD-2391-48CC-B39C-104D0928370F}

Adware.ClickSpring/Yazzle

C:\PROGRAM\DELADE FILER\YAZZLE1162OINUNINSTALLER.EXE

 

Trojan.Downloader-Gen/HitItQuitIt

C:\SYSTEM VOLUME INFORMATION\_RESTORE{53F66C93-E325-4D64-B04A-194AA55C0CEA}\RP904\A0221549.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{53F66C93-E325-4D64-B04A-194AA55C0CEA}\RP904\A0221550.DLL

 

Trojan.Downloader-Gen/AVP

C:\SYSTEM VOLUME INFORMATION\_RESTORE{53F66C93-E325-4D64-B04A-194AA55C0CEA}\RP851\A0195129.EXE

 

Trojan.Downloader-DRVSAM

C:\SYSTEM VOLUME INFORMATION\_RESTORE{53F66C93-E325-4D64-B04A-194AA55C0CEA}\RP849\A0194958.DLL

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:48:26, on 2007-08-31

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program\Glocalnet\Bredbandscenter\BredbandscenterUpdater.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\WINDOWS\system32\HPZipm12.exe

L:\spy\SBCSSvc.exe

C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\ZONELABS\vsmon.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\Program\Java\j2re1.4.2_05\bin\jusched.exe

C:\Program\Ahead\InCD\InCD.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\Rundll32.exe

C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program\Winamp\winampa.exe

C:\PROGRAM\DAP\DAP.EXE

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\PowerISO\PWRISOVM.EXE

C:\Program\HP\HP Software Update\HPWuSchd2.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

L:\spy\SBCSTray.exe

C:\Documents and Settings\All Users\Application Data\xiladgte.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\Glocalnet\Bredbandscenter\Launcher.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Messenger\msmsgs.exe

C:\Program\Creative\MediaSource\Detector\CTDetect.exe

C:\Program\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe

C:\PROGRAM\PANICW~1\POP-UP~1\PSFREE.EXE

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.se/Default.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Control Popups in Internet Explorer - {41353F8B-78CE-48A5-BE44-153ED293D192} - C:\Program\PopupPopper\PopLib.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program\Xi\NetXfer\NXIEHelper.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program\Xi\NetTransport 2\NTIEHelper.dll

O2 - BHO: (no name) - {E64F0381-0053-4842-B3E5-08F6C4A0AEB6} - C:\WINDOWS\system32\fwfvgfry.dll

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program\DAP\DAPIEBar.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program\Xi\NetXfer\NXToolBar.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe

O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRAM\DAP\DAP.EXE /STARTUP

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton AntiVirus\osCheck.exe"

O4 - HKLM\..\Run: [sBCSTray] L:\spy\SBCSTray.exe

O4 - HKLM\..\Run: [xiladgte.exe] C:\Documents and Settings\All Users\Application Data\xiladgte.exe

O4 - HKLM\..\Run: [sC2] C:\WINDOWS\system32\scchk32.exe

O4 - HKLM\..\Run: [bredbandscenter] "C:\Program\Glocalnet\Bredbandscenter\Launcher.exe" /winstart

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [systemRestoreStatus] rundll32.exe "C:\WINDOWS\system32\pwohjqji.dll",sitypnow

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Creative Detector] C:\Program\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [blazeServoTool] "C:\Program\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe"

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM\PANICW~1\POP-UP~1\PSFREE.EXE"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Registration Brothers In Arms.LNK = E:\Support\Register\RegistrationReminder.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Download with &DAP - C:\PROGRAM\DAP\dapextie.htm

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRAM\DAP\dapextie2.htm

O8 - Extra context menu item: Ladda ner Alla med NetXfer - C:\Program\Xi\NetXfer\NXAddList.html

O8 - Extra context menu item: Ladda ner med NetXfer - C:\Program\Xi\NetXfer\NXAddLink.html

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/229?761179eab9294967aee603ec55011d63

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/230?761179eab9294967aee603ec55011d63

O9 - Extra button: PopupPopper - Kontrollpanel - {3E94F358-9537-4BBA-8D12-D7F8A0136973} - C:\Program\PopupPopper\SiteList.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/

O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: winghy32 - winghy32.dll (file missing)

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)

O23 - Service: BredbandscenterDownloader - Glocalnet AB - C:\Program\Glocalnet\Bredbandscenter\BredbandscenterUpdater.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Verifiering av lösenord (ISPwdSvc) - Symantec Corporation - C:\Program\Norton AntiVirus\isPwdSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program\WinPcap\rpcapd.exe

O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - L:\spy\SBCSSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe

 

--

End of file - 11601 bytes

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...