Just nu i M3-nätverket
Gå till innehåll
karin_k1

Hjälp med HijackThis logg analys!

Rekommendera Poster

Har windows vista och kör regelbundet Advanced system care, funkar bra tycker jag, men den har en säkerhetslogg som visar en hel del poster med kommentaren:

 

 

"Snälla notera att inte alla Poster är problem eller malware. det finnas kritiska inställningar i ditt system och Allmänna mål för malware. Innan du tar bort någon Post, var säker på att det är malware. Logg filen är 100% kompatibel med HijackThis logg så du kan spara loggen och skick den till någon kvalificerade online HijackThis logg analyser och HijackThis forums."

 

å jag undrar om ngn är intresserad av att titta på denna logg och kan säga till vad jag kan ta bort därifrån:)

 

mvh

Karin ;)

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

HÄR KOMMER DEN!!!

 

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 08:02:00, on 2011-01-29

Platform: Windows Vista (WinNT 6.0)

MSIE: Internet Explorer v8.0 (8.0.6001.18999)

Boot mode: Normal

 

Running processes:

C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Windows\system32\conime.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Companion\companionuser.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Groove GFS Browser Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Groove GFS Browser Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Groove GFS Browser Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: URLRedirectionBHO - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll

O2 - BHO: URLRedirectionBHO - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll

O3 - Toolbar: (no name) - Locked - (no file)

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto

O8 - Extra context menu item: Download by QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Karin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: La&dda ner allt med BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Ladda ner med &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} -

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

O9 - Extra button: Länkade anteckningar i OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res:\\C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll\206

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_10) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: (Ati External Event Utility) - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Tjänsten Google Update (gupdate1c9ab11cd642580) (gupdate1c9ab11cd642580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE

O23 - Service: NMIndexingService - Unknown - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe

O23 - Service: AMD Safely Remove Disk Drive (SamSs) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

 

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

ja föreslår att du kör en DDS.

Den visar betydligt mera än denna ASC logg eller en Hijack This logg.

Vad jag omedelbart ser är att du har gammal Java i din dator.

Men avvakta med en tills vi sett DDS loggen.

 

Klistra in loggen/resultatet från programmet DDS. Spara DDS på Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

 

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

 

DDS är ett program som listar processer som kör, program och tjänster som startas automatiskt samt filer i sådana mappar som är vanliga att skadliga program och som är nya eller ändrade under senaste 1-3 månader. DDS är ett mycket vanligt program bland oss som hjälper till att rensa datorer. Resultatet ger oss en grundläggande kunskap om vad som händer och har hänt nyligen i datorn, och från det kan vi dra slutsatser om vad som är nästa lämpliga steg i rensningen av datorn.

 

Obs! När du klistrar in en logg eller ett resultat i ditt inlägg använd inga knappar eller taggar utan kopiera det i programmet (oftast Anteckningar) och klistra in det direkt i rutan du skriver i.

Mvh

Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

 

DDS (Ver_10-12-12.02) - NTFSx86

Run by Karin at 8:13:46,70 on 2011-01-29

Internet Explorer: 8.0.6001.18999

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2814.1106 [GMT 8:00]

 

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\System32\svchost.exe -k Cognizance

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\ATK Hotkey\ASLDRSrv.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files\ATK Hotkey\Hcontrol.exe

C:\Program Files\ATK Hotkey\MsgTranAgt.exe

C:\Program Files\Wireless Console 2\wcourier.exe

C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files\ASUS\Splendid\ACMON.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\System32\ACEngSvr.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\ATK Hotkey\ATKOSD.exe

C:\Windows\system32\NLSSRV32.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\SafeRemoveDialog.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\ATK Hotkey\KBFiltr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\ATK Hotkey\WDC.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\conime.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Companion\companionuser.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIGFVGGA\dds[1].scr

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

TB: {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto

StartupFolder: c:\users\karin\appdata\roaming\micros~1\windows\startm~1\programs\startup\esetno~1.lnk - c:\program files\eset\eset nod32 antivirus\egui.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download by QGet - c:\program files\qnap\qget\QGetCatch.htm

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - c:\users\karin\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: La&dda ner allt med BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm

IE: Ladda ner med &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm

IE: Ski&cka till OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: intervideo.com\www

Trusted Zone: live.com\mail

Trusted Zone: microsoft.com\update

Trusted Zone: msn.com\se

Trusted Zone: swedbank.se\www

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab

DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: APSHook.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Notification Packages = scecli ASWLNPkg

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

Hosts: 127.0.0.1 www.spywareinfo.com

 

============= SERVICES / DRIVERS ===============

 

R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2008-10-15 15416]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-3-29 114984]

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-9 214024]

R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2011-1-17 38976]

R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]

R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-3-29 134024]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-3-29 810120]

R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-3-29 96896]

R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-21 67904]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]

R2 SafeRemove;AMD Safely Remove Disk Drive;c:\program files\amd\safely remove disk\SafeRemoveService.exe [2008-7-7 147456]

R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2008-10-15 22072]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1c9ab11cd642580;Tjänsten Google Update (gupdate1c9ab11cd642580);c:\program files\google\update\GoogleUpdate.exe [2009-3-23 133104]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-10-15 29736]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]

S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-2-10 79880]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-2-10 35272]

S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-2-10 34216]

S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-2-10 40552]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

 

=============== Created Last 30 ================

 

2011-01-28 23:43:04 -------- d-----w- c:\users\karin\appdata\local\{70B49ADC-B278-498D-BBA9-CD82776DBD64}

2011-01-28 12:51:22 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d2df4f50-54e8-45b4-b026-f6b80b327cfd}\mpengine.dll

2011-01-28 12:38:04 -------- d-----w- c:\program files\RadarSync

2011-01-28 11:42:38 -------- d-----w- c:\users\karin\appdata\local\{9DBBD93B-73E3-4800-8C96-42316EEA3EAC}

2011-01-27 23:42:03 -------- d-----w- c:\users\karin\appdata\local\{CDF880BA-F70C-40AF-A17F-71CC72813773}

2011-01-27 13:01:20 -------- d-----w- c:\progra~2\Driver Whiz

2011-01-27 12:11:49 -------- d-----w- c:\users\karin\appdata\local\{1DBE10BF-4DD2-4201-AA0A-5FA98311A70D}

2011-01-27 00:11:22 -------- d-----w- c:\users\karin\appdata\local\{DFBC51CB-FF11-44E9-99F4-9521C4ECCD77}

2011-01-25 23:06:11 -------- d-----w- c:\users\karin\appdata\local\{19E7FBF1-D05F-43FA-BCBF-7578935F3AA7}

2011-01-25 10:28:32 -------- d-----w- c:\users\karin\appdata\local\{CB0656D0-E524-4C81-B245-D7AFCCC2D9B6}

2011-01-25 02:17:22 -------- d-----w- c:\program files\Microsoft Analysis Services

2011-01-24 22:28:04 -------- d-----w- c:\users\karin\appdata\local\{2A8F599A-3317-41D9-8A0F-8E97FECF33E4}

2011-01-24 10:56:39 -------- d-----w- c:\users\karin\appdata\local\{E473FA0F-3205-45D7-A811-D8548CC1939C}

2011-01-24 06:36:31 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2011-01-24 06:36:31 64512 ----a-w- c:\windows\system32\WUDFSvc.dll

2011-01-24 06:36:31 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2011-01-24 06:36:31 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2011-01-24 06:36:30 567808 ----a-w- c:\windows\system32\WUDFx.dll

2011-01-24 06:36:30 195584 ----a-w- c:\windows\system32\WUDFHost.exe

2011-01-24 06:36:30 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll

2011-01-23 22:56:12 -------- d-----w- c:\users\karin\appdata\local\{1AFF9F2B-7870-48AB-A677-4D77A5159EFD}

2011-01-23 10:17:24 -------- d-----w- c:\users\karin\appdata\local\{DE98C263-E26F-4099-8028-DB88385F81BC}

2011-01-22 22:00:13 -------- d-----w- c:\users\karin\appdata\local\{3320905D-ADF8-4C8E-88F9-22AFA80286CB}

2011-01-22 08:54:45 -------- d-----w- c:\users\karin\appdata\local\{C1A5321D-DA6F-46DD-9A98-132F25F4006B}

2011-01-20 06:56:31 -------- d-----w- c:\windows\sv

2011-01-20 06:43:45 15712 ----a-w- c:\program files\common files\windows live\.cache\62322be41cbb86d02\MeshBetaRemover.exe

2011-01-20 06:43:43 469256 ----a-w- c:\program files\common files\windows live\.cache\5eb1b7b41cbb86d01\InstallManager_WLE_WLE.exe

2011-01-17 05:43:47 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys

2011-01-17 05:43:45 -------- d-----w- c:\program files\NetWorx

2011-01-17 05:43:45 -------- d-----w- c:\progra~2\SoftPerfect

2011-01-17 00:35:30 -------- d-----w- c:\users\karin\appdata\local\cald3

2011-01-17 00:35:28 -------- d-----w- c:\users\karin\appdata\roaming\cald3

2011-01-17 00:29:20 -------- d-----w- c:\program files\IDM

2011-01-17 00:27:55 -------- d-----w- c:\program files\Cambridge

2011-01-12 12:33:42 413696 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 12:33:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-12 12:33:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-01-12 12:33:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-12 12:33:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-12 12:33:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-12 12:33:34 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-01-07 11:42:00 -------- d-----w- c:\progra~2\IObit

 

==================== Find3M ====================

 

2011-01-28 13:56:36 45056 ----a-w- c:\windows\system32\acovcnt.exe

2011-01-28 00:21:41 5680 ----a-w- c:\windows\system32\PerfStringBackup.TMP

2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-11-09 18:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll

2010-11-09 18:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR

2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2009-12-01 09:53:00 670072 ----a-w- c:\program files\autoruns.exe

2009-12-01 09:53:00 559992 ----a-w- c:\program files\autorunsc.exe

 

============= FINISH: 8:14:55,63 ===============

 

 

Attach.txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

installera Hijack THis, jag väljer det programmet då jag känner till det i förhållande till ASC.

HijackThis - Trend Micro USA

 

Kör "Do a System Scan and Save a Log".

Klistra in loggen här i din tråd.

Det finns rester av McAffe och ett mindre trevlig program, Kiwee.

Ser inte ngt virus i din dator.

 

Avinstallera din gamla Java , via Kontrollpanelen/Program. Installera sedan ny Java här:

http://www.java.com/sv/

 

Mvh

Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Mats

Här kommer HijackThis loggen:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:02:51, on 2011-01-29

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18999)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Startup: ESET NOD32 Antivirus.lnk = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

O8 - Extra context menu item: Download by QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Karin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: La&dda ner allt med BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Ladda ner med &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing)

O15 - Trusted Zone: www.intervideo.com

O15 - Trusted Zone: http://mail.live.com

O15 - Trusted Zone: http://se.msn.com

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: APSHook.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Tjänsten Google Update (gupdate1c9ab11cd642580) (gupdate1c9ab11cd642580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 12716 bytes

 

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

kör HiJack This, och "Do a system scan".

Markera följande rad:

O16 - DPF: CabBuilder - http://kiw.imgag.com...llerControl.cab

Tryck Fix Checked

 

Starta om datorn och kör igen HJT och Do a System Scan and Save a Log.

Klistra in din logg här i din tråd.

 

Sedan kör du ett verktyg från denna sida.

http://service.mcafee.com/FAQDocument.aspx?id=TS100507

Info + länk.

Mvh

Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Och här kommer senaste loggen efter omstarten:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 00:12:25, on 2011-01-30

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18999)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Windows\system32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Startup: ESET NOD32 Antivirus.lnk = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

O8 - Extra context menu item: Download by QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Karin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: La&dda ner allt med BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Ladda ner med &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing)

O15 - Trusted Zone: www.intervideo.com

O15 - Trusted Zone: http://mail.live.com

O15 - Trusted Zone: http://se.msn.com

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.postfoto.se/upload/aurigma/ImageUploader4.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: APSHook.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Tjänsten Google Update (gupdate1c9ab11cd642580) (gupdate1c9ab11cd642580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 12573 bytes

 

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

kört verktyget för McAffe?

Kör en till HJT, Do a System Scan,

R3 - URLSearchHook: (no name) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - (no file) och Fix Checked.

Efter det, kör en ny DDS.

Mvh

Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Mats, har gjort precis som du sagt, här kommer DDS'en

 

 

DDS (Ver_10-12-12.02) - NTFSx86

Run by Karin at 0:39:02,05 on 2011-01-30

Internet Explorer: 8.0.6001.18999

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2814.1532 [GMT 8:00]

 

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\System32\svchost.exe -k Cognizance

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Program Files\ASUS\SmartLogon\smartlogon.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\ATK Hotkey\ASLDRSrv.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\system32\agrsmsvc.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files\ATK Hotkey\Hcontrol.exe

C:\Program Files\ATK Hotkey\MsgTranAgt.exe

C:\Program Files\Wireless Console 2\wcourier.exe

C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files\ASUS\Splendid\ACMON.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Windows\system32\NLSSRV32.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\SafeRemoveDialog.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\System32\ACEngSvr.exe

C:\Program Files\ATK Hotkey\ATKOSD.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\ATK Hotkey\KBFiltr.exe

C:\Program Files\ATK Hotkey\WDC.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGGEG7KI\dds[1].scr

C:\Windows\system32\conime.exe

 

============== Pseudo HJT Report ===============

 

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

TB: {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\users\karin\appdata\roaming\micros~1\windows\startm~1\programs\startup\esetno~1.lnk - c:\program files\eset\eset nod32 antivirus\egui.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download by QGet - c:\program files\qnap\qget\QGetCatch.htm

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - c:\users\karin\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: La&dda ner allt med BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm

IE: Ladda ner med &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm

IE: Ski&cka till OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: intervideo.com\www

Trusted Zone: live.com\mail

Trusted Zone: microsoft.com\update

Trusted Zone: msn.com\se

Trusted Zone: swedbank.se\www

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab

DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: APSHook.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Notification Packages = scecli ASWLNPkg

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

Hosts: 127.0.0.1 www.spywareinfo.com

 

============= SERVICES / DRIVERS ===============

 

R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2008-10-15 15416]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-3-29 114984]

R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2011-1-17 38976]

R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]

R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-3-29 134024]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-3-29 810120]

R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-3-29 96896]

R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-21 67904]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]

R2 SafeRemove;AMD Safely Remove Disk Drive;c:\program files\amd\safely remove disk\SafeRemoveService.exe [2008-7-7 147456]

R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2008-10-15 22072]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1c9ab11cd642580;Tjänsten Google Update (gupdate1c9ab11cd642580);c:\program files\google\update\GoogleUpdate.exe [2009-3-23 133104]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-10-15 29736]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

 

=============== Created Last 30 ================

 

2011-01-29 15:57:53 14117728 ----a-w- c:\users\karin\appdata\roaming\microsoft\windows\templates\IS360Setup.exe

2011-01-29 15:26:06 -------- d-----w- c:\users\karin\appdata\local\{DE5DD84D-C171-4867-AC52-3D3E86F11B12}

2011-01-29 09:58:14 -------- d-----w- c:\program files\iPod

2011-01-29 09:58:12 -------- d-----w- c:\program files\iTunes

2011-01-29 08:01:44 388096 ----a-r- c:\users\karin\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-01-29 08:01:43 -------- d-----w- c:\program files\Trend Micro

2011-01-29 01:32:51 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-28 23:43:04 -------- d-----w- c:\users\karin\appdata\local\{70B49ADC-B278-498D-BBA9-CD82776DBD64}

2011-01-28 12:51:22 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d2df4f50-54e8-45b4-b026-f6b80b327cfd}\mpengine.dll

2011-01-28 12:38:04 -------- d-----w- c:\program files\RadarSync

2011-01-28 11:42:38 -------- d-----w- c:\users\karin\appdata\local\{9DBBD93B-73E3-4800-8C96-42316EEA3EAC}

2011-01-27 23:42:03 -------- d-----w- c:\users\karin\appdata\local\{CDF880BA-F70C-40AF-A17F-71CC72813773}

2011-01-27 13:01:20 -------- d-----w- c:\progra~2\Driver Whiz

2011-01-27 12:11:49 -------- d-----w- c:\users\karin\appdata\local\{1DBE10BF-4DD2-4201-AA0A-5FA98311A70D}

2011-01-27 00:11:22 -------- d-----w- c:\users\karin\appdata\local\{DFBC51CB-FF11-44E9-99F4-9521C4ECCD77}

2011-01-25 23:06:11 -------- d-----w- c:\users\karin\appdata\local\{19E7FBF1-D05F-43FA-BCBF-7578935F3AA7}

2011-01-25 10:28:32 -------- d-----w- c:\users\karin\appdata\local\{CB0656D0-E524-4C81-B245-D7AFCCC2D9B6}

2011-01-25 02:17:22 -------- d-----w- c:\program files\Microsoft Analysis Services

2011-01-24 22:28:04 -------- d-----w- c:\users\karin\appdata\local\{2A8F599A-3317-41D9-8A0F-8E97FECF33E4}

2011-01-24 10:56:39 -------- d-----w- c:\users\karin\appdata\local\{E473FA0F-3205-45D7-A811-D8548CC1939C}

2011-01-24 06:36:31 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2011-01-24 06:36:31 64512 ----a-w- c:\windows\system32\WUDFSvc.dll

2011-01-24 06:36:31 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2011-01-24 06:36:31 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2011-01-24 06:36:30 567808 ----a-w- c:\windows\system32\WUDFx.dll

2011-01-24 06:36:30 195584 ----a-w- c:\windows\system32\WUDFHost.exe

2011-01-24 06:36:30 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll

2011-01-23 22:56:12 -------- d-----w- c:\users\karin\appdata\local\{1AFF9F2B-7870-48AB-A677-4D77A5159EFD}

2011-01-23 10:17:24 -------- d-----w- c:\users\karin\appdata\local\{DE98C263-E26F-4099-8028-DB88385F81BC}

2011-01-22 22:00:13 -------- d-----w- c:\users\karin\appdata\local\{3320905D-ADF8-4C8E-88F9-22AFA80286CB}

2011-01-22 08:54:45 -------- d-----w- c:\users\karin\appdata\local\{C1A5321D-DA6F-46DD-9A98-132F25F4006B}

2011-01-20 06:56:31 -------- d-----w- c:\windows\sv

2011-01-20 06:43:45 15712 ----a-w- c:\program files\common files\windows live\.cache\62322be41cbb86d02\MeshBetaRemover.exe

2011-01-20 06:43:43 469256 ----a-w- c:\program files\common files\windows live\.cache\5eb1b7b41cbb86d01\InstallManager_WLE_WLE.exe

2011-01-17 05:43:47 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys

2011-01-17 05:43:45 -------- d-----w- c:\program files\NetWorx

2011-01-17 05:43:45 -------- d-----w- c:\progra~2\SoftPerfect

2011-01-17 00:35:30 -------- d-----w- c:\users\karin\appdata\local\cald3

2011-01-17 00:35:28 -------- d-----w- c:\users\karin\appdata\roaming\cald3

2011-01-17 00:29:20 -------- d-----w- c:\program files\IDM

2011-01-17 00:27:55 -------- d-----w- c:\program files\Cambridge

2011-01-12 12:33:42 413696 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 12:33:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-12 12:33:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-01-12 12:33:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-12 12:33:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-12 12:33:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-12 12:33:34 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-01-07 11:42:00 -------- d-----w- c:\progra~2\IObit

 

==================== Find3M ====================

 

2011-01-29 15:29:37 5680 ----a-w- c:\windows\system32\PerfStringBackup.TMP

2011-01-28 13:56:36 45056 ----a-w- c:\windows\system32\acovcnt.exe

2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-11-09 18:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll

2010-11-09 18:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR

2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2009-12-01 09:53:00 670072 ----a-w- c:\program files\autoruns.exe

2009-12-01 09:53:00 559992 ----a-w- c:\program files\autorunsc.exe

 

============= FINISH: 0:41:17,95 ===============

 

 

Attach.txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

din DDS ser bra ut, förutom denna:

Hosts: 127.0.0.1 www.spywareinfo.com

Prova följande:

Hur återställer jag filen hosts till ursprungsversionen?

Återkom med ny DDS.

 

Men vill varna för att använda ASC.

Om du inte vet vad registerrensningarna som görs innebär, låt bli dem.

På sikt kan det leda till problem med Windows uppdateringar och andra programuppdateringar, eller rent funktionsmässiga problem.

IOBits ASC har ställt till bekymmer för andra, personlig åsikt, och återställning av datorn har varit enda utvägen.

Så använd ASC med försiktighet.

Den snabbar inte upp ngt, som skulle vara märkbart prestandamässigt.

 

Mvh

Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

din DDS ser bra ut, förutom denna:

Hosts: 127.0.0.1 www.spywareinfo.com

Prova följande:

Hur återställer jag filen hosts till ursprungsversionen?

Det där är ett skydd mot att hamna på en skadlig webbplats som Spybot S&D lägger in. Det behöver inte åtgärdas.

http://www.mywot.com/sv/scorecard/spywareinfo.com

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Mats,

Har återställt host.

Här kommer den senaste DDS'en:

 

 

DDS (Ver_10-12-12.02) - NTFSx86

Run by Karin at 9:08:34,89 on 2011-01-30

Internet Explorer: 8.0.6001.18999

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2814.1604 [GMT 8:00]

 

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\System32\svchost.exe -k Cognizance

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\ATK Hotkey\ASLDRSrv.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\ATK Hotkey\Hcontrol.exe

C:\Program Files\ATK Hotkey\MsgTranAgt.exe

C:\Program Files\Wireless Console 2\wcourier.exe

C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files\ASUS\Splendid\ACMON.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\NLSSRV32.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\SafeRemoveDialog.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\ATK Hotkey\ATKOSD.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\System32\ACEngSvr.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\ATK Hotkey\KBFiltr.exe

C:\Program Files\ATK Hotkey\WDC.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGGEG7KI\dds[1].scr

C:\Windows\system32\conime.exe

 

============== Pseudo HJT Report ===============

 

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

TB: {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\users\karin\appdata\roaming\micros~1\windows\startm~1\programs\startup\esetno~1.lnk - c:\program files\eset\eset nod32 antivirus\egui.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download by QGet - c:\program files\qnap\qget\QGetCatch.htm

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - c:\users\karin\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: La&dda ner allt med BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm

IE: Ladda ner med &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm

IE: Ski&cka till OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: intervideo.com\www

Trusted Zone: live.com\mail

Trusted Zone: microsoft.com\update

Trusted Zone: msn.com\se

Trusted Zone: swedbank.se\www

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1257492609469

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257492189925

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldsv-se.cab

DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.postfoto.se/upload/aurigma/ImageUploader4.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: APSHook.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Notification Packages = scecli ASWLNPkg

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

 

============= SERVICES / DRIVERS ===============

 

R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2008-10-15 15416]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-3-29 114984]

R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2011-1-17 38976]

R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]

R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-3-29 134024]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-3-29 810120]

R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-3-29 96896]

R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-21 67904]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]

R2 SafeRemove;AMD Safely Remove Disk Drive;c:\program files\amd\safely remove disk\SafeRemoveService.exe [2008-7-7 147456]

R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2008-10-15 22072]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1c9ab11cd642580;Tjänsten Google Update (gupdate1c9ab11cd642580);c:\program files\google\update\GoogleUpdate.exe [2009-3-23 133104]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-10-15 29736]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

 

=============== Created Last 30 ================

 

2011-01-29 15:57:53 14117728 ----a-w- c:\users\karin\appdata\roaming\microsoft\windows\templates\IS360Setup.exe

2011-01-29 15:26:06 -------- d-----w- c:\users\karin\appdata\local\{DE5DD84D-C171-4867-AC52-3D3E86F11B12}

2011-01-29 09:58:14 -------- d-----w- c:\program files\iPod

2011-01-29 09:58:12 -------- d-----w- c:\program files\iTunes

2011-01-29 08:01:44 388096 ----a-r- c:\users\karin\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-01-29 08:01:43 -------- d-----w- c:\program files\Trend Micro

2011-01-29 01:32:51 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-28 23:43:04 -------- d-----w- c:\users\karin\appdata\local\{70B49ADC-B278-498D-BBA9-CD82776DBD64}

2011-01-28 12:51:22 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d2df4f50-54e8-45b4-b026-f6b80b327cfd}\mpengine.dll

2011-01-28 12:38:04 -------- d-----w- c:\program files\RadarSync

2011-01-28 11:42:38 -------- d-----w- c:\users\karin\appdata\local\{9DBBD93B-73E3-4800-8C96-42316EEA3EAC}

2011-01-27 23:42:03 -------- d-----w- c:\users\karin\appdata\local\{CDF880BA-F70C-40AF-A17F-71CC72813773}

2011-01-27 13:01:20 -------- d-----w- c:\progra~2\Driver Whiz

2011-01-27 12:11:49 -------- d-----w- c:\users\karin\appdata\local\{1DBE10BF-4DD2-4201-AA0A-5FA98311A70D}

2011-01-27 00:11:22 -------- d-----w- c:\users\karin\appdata\local\{DFBC51CB-FF11-44E9-99F4-9521C4ECCD77}

2011-01-25 23:06:11 -------- d-----w- c:\users\karin\appdata\local\{19E7FBF1-D05F-43FA-BCBF-7578935F3AA7}

2011-01-25 10:28:32 -------- d-----w- c:\users\karin\appdata\local\{CB0656D0-E524-4C81-B245-D7AFCCC2D9B6}

2011-01-25 02:17:22 -------- d-----w- c:\program files\Microsoft Analysis Services

2011-01-24 22:28:04 -------- d-----w- c:\users\karin\appdata\local\{2A8F599A-3317-41D9-8A0F-8E97FECF33E4}

2011-01-24 10:56:39 -------- d-----w- c:\users\karin\appdata\local\{E473FA0F-3205-45D7-A811-D8548CC1939C}

2011-01-24 06:36:31 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2011-01-24 06:36:31 64512 ----a-w- c:\windows\system32\WUDFSvc.dll

2011-01-24 06:36:31 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2011-01-24 06:36:31 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2011-01-24 06:36:30 567808 ----a-w- c:\windows\system32\WUDFx.dll

2011-01-24 06:36:30 195584 ----a-w- c:\windows\system32\WUDFHost.exe

2011-01-24 06:36:30 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll

2011-01-23 22:56:12 -------- d-----w- c:\users\karin\appdata\local\{1AFF9F2B-7870-48AB-A677-4D77A5159EFD}

2011-01-23 10:17:24 -------- d-----w- c:\users\karin\appdata\local\{DE98C263-E26F-4099-8028-DB88385F81BC}

2011-01-22 22:00:13 -------- d-----w- c:\users\karin\appdata\local\{3320905D-ADF8-4C8E-88F9-22AFA80286CB}

2011-01-22 08:54:45 -------- d-----w- c:\users\karin\appdata\local\{C1A5321D-DA6F-46DD-9A98-132F25F4006B}

2011-01-20 06:56:31 -------- d-----w- c:\windows\sv

2011-01-20 06:43:45 15712 ----a-w- c:\program files\common files\windows live\.cache\62322be41cbb86d02\MeshBetaRemover.exe

2011-01-20 06:43:43 469256 ----a-w- c:\program files\common files\windows live\.cache\5eb1b7b41cbb86d01\InstallManager_WLE_WLE.exe

2011-01-17 05:43:47 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys

2011-01-17 05:43:45 -------- d-----w- c:\program files\NetWorx

2011-01-17 05:43:45 -------- d-----w- c:\progra~2\SoftPerfect

2011-01-17 00:35:30 -------- d-----w- c:\users\karin\appdata\local\cald3

2011-01-17 00:35:28 -------- d-----w- c:\users\karin\appdata\roaming\cald3

2011-01-17 00:29:20 -------- d-----w- c:\program files\IDM

2011-01-17 00:27:55 -------- d-----w- c:\program files\Cambridge

2011-01-12 12:33:42 413696 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 12:33:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-12 12:33:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-01-12 12:33:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-12 12:33:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-12 12:33:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-12 12:33:34 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-01-07 11:42:00 -------- d-----w- c:\progra~2\IObit

 

==================== Find3M ====================

 

2011-01-29 15:29:37 5680 ----a-w- c:\windows\system32\PerfStringBackup.TMP

2011-01-28 13:56:36 45056 ----a-w- c:\windows\system32\acovcnt.exe

2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-11-09 18:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll

2010-11-09 18:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR

2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2009-12-01 09:53:00 670072 ----a-w- c:\program files\autoruns.exe

2009-12-01 09:53:00 559992 ----a-w- c:\program files\autorunsc.exe

 

============= FINISH: 9:10:20,04 ===============

 

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

ja det ser bara bra ut nu i DDS!

Cecilia hade rätt om den hostsfilen, jag var lite snabb där.

Beklagar!

Men återkom om det är något du undrar över.

Mvh

Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Mats,

 

Kanon! Tusen tack för all hjälp och att du tagit dig tid till att hjälpa mig.

Och att det gick snabbt och smärtfritt:)

Ha det nu riktigt bra.

 

Med vänliga hälsningar

Karin

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...