2008-09-20, 18:34
#1
Rösta fram årets bästa pepparkakshus!
Svara
- Ämnesverktyg
- Hitta inlägg efter datum
2008-09-20, 18:36
#2
Varför testar du malware och spybot mot ett virus? Tanka ett antivirusprogram (t.ex. Avira) och kör det i felsäkert läge först. Finns nog onlinevirusprogram också men jag kan inte adressen till nåt sånt.
2008-09-20, 18:48
#3
del 1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:43:59, on 2008-09-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program\McAfee\MSC\mcmscsvc.exe
c:\program\delade filer\mcafee\mna\mcnasvc.exe
c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
C:\Program\McAfee\VIRUSS~1\mcshield.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\McAfee\MPF\MPFSrv.exe
C:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\Program\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
c:\program\mcafee.com\agent\mcagent.exe
C:\WINDOWS\stsystra.exe
C:\Program\ScanSoft\PaperPort\pptd40nt.exe
C:\Program\Brother\ControlCenter2\brctrcen.exe
C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program\SiteAdvisor\6261\SiteAdv.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\MicroAV\MicroAV.exe
C:\Windows\system32\YUR9.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
C:\Program\palmOne\Hotsync.exe
C:\Program\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program\PC Connectivity Solution\ServiceLayer.exe
C:\mysql\bin\winmysqladmin.exe
C:\Program\iPod\bin\iPodService.exe
Scan saved at 18:43:59, on 2008-09-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program\McAfee\MSC\mcmscsvc.exe
c:\program\delade filer\mcafee\mna\mcnasvc.exe
c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
C:\Program\McAfee\VIRUSS~1\mcshield.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\McAfee\MPF\MPFSrv.exe
C:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\Program\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
c:\program\mcafee.com\agent\mcagent.exe
C:\WINDOWS\stsystra.exe
C:\Program\ScanSoft\PaperPort\pptd40nt.exe
C:\Program\Brother\ControlCenter2\brctrcen.exe
C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program\SiteAdvisor\6261\SiteAdv.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\MicroAV\MicroAV.exe
C:\Windows\system32\YUR9.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
C:\Program\palmOne\Hotsync.exe
C:\Program\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program\PC Connectivity Solution\ServiceLayer.exe
C:\mysql\bin\winmysqladmin.exe
C:\Program\iPod\bin\iPodService.exe
2008-09-20, 18:49
#4
del 2
C:\Program\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/dellsidebar.jhtml?p=EB
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jimca.net/goran/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=042306 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [306581dd] rundll32.exe "C:\WINDOWS\system32\jtqyakmt.dll",b
O4 - HKLM\..\Run: [Windows] C:\DOCUME~1\GRAN~1\LOKALA~1\Temp\Setup_ver1.1400.0 .exe
O4 - HKLM\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKLM\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKLM\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKLM\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKLM\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKLM\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKCU\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKCU\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKCU\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKCU\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKCU\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: palmOne Registration.lnk = C:\Program\palmOne\register.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program\palmOne\Hotsync.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O20 - AppInit_DLLs: cfucta.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech International Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor-tjänst (SiteAdvisor Service) - Unknown owner - C:\Program\SiteAdvisor\6261\SAService.exe
O24 - Desktop Component 0: (no name) - http://img.aftonbladet.se/noje/0610/31/bruce220.jpg
--
End of file - 10863 bytes
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/dellsidebar.jhtml?p=EB
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jimca.net/goran/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=042306 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [306581dd] rundll32.exe "C:\WINDOWS\system32\jtqyakmt.dll",b
O4 - HKLM\..\Run: [Windows] C:\DOCUME~1\GRAN~1\LOKALA~1\Temp\Setup_ver1.1400.0 .exe
O4 - HKLM\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKLM\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKLM\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKLM\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKLM\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKLM\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKCU\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKCU\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKCU\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKCU\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKCU\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: palmOne Registration.lnk = C:\Program\palmOne\register.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program\palmOne\Hotsync.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O20 - AppInit_DLLs: cfucta.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech International Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor-tjänst (SiteAdvisor Service) - Unknown owner - C:\Program\SiteAdvisor\6261\SAService.exe
O24 - Desktop Component 0: (no name) - http://img.aftonbladet.se/noje/0610/31/bruce220.jpg
--
End of file - 10863 bytes
2008-09-20, 19:01
#5
Medlem
Reg: Mar 2007
Inlägg: 12 238
börja med detta:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
spara SDFix.exe på skrivbordet >klicka på SDFix.exe >install >SDFix packas upp här: C:\SDFix.
starta om i felsäkert läge (F8) >gå hit: C:\SDFix >klicka på runthis.bat >välj y.
när scanningen är klar så tryck på valfri tangent för att starta om.
när det står finished så tryck på valfri tangent. en logg kommer automatiskt att visas (C:\SDFix\report.txt), kopiera in loggen hit.
(notera att sdfix återställer hosts filen till original inställningen, aktiverar tjänster som windows brandvägg/säkerhetscenter och automatiska uppdateringar)
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
spara SDFix.exe på skrivbordet >klicka på SDFix.exe >install >SDFix packas upp här: C:\SDFix.
starta om i felsäkert läge (F8) >gå hit: C:\SDFix >klicka på runthis.bat >välj y.
när scanningen är klar så tryck på valfri tangent för att starta om.
när det står finished så tryck på valfri tangent. en logg kommer automatiskt att visas (C:\SDFix\report.txt), kopiera in loggen hit.
(notera att sdfix återställer hosts filen till original inställningen, aktiverar tjänster som windows brandvägg/säkerhetscenter och automatiska uppdateringar)
2008-09-20, 19:07
#6
starta hijackthis, välj "do a system scan only" markera sedan dessa
O4 - HKLM\..\Run: [306581dd] rundll32.exe "C:\WINDOWS\system32\jtqyakmt.dll",b
O4 - HKLM\..\Run: [Windows] C:\DOCUME~1\GRAN~1\LOKALA~1\Temp\Setup_ver1.1400.0 .exe
O4 - HKLM\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKLM\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKLM\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKLM\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKLM\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKLM\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
O4 - HKCU\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKCU\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKCU\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKCU\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKCU\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKCU\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
ta sedan bort denna mapp
C:\Program\MicroAV
starta om datorn och posta en ny hijackthis logg
O4 - HKLM\..\Run: [306581dd] rundll32.exe "C:\WINDOWS\system32\jtqyakmt.dll",b
O4 - HKLM\..\Run: [Windows] C:\DOCUME~1\GRAN~1\LOKALA~1\Temp\Setup_ver1.1400.0 .exe
O4 - HKLM\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKLM\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKLM\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKLM\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKLM\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKLM\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
O4 - HKCU\..\Run: [\YUR41.exe] C:\Windows\system32\YUR41.exe
O4 - HKCU\..\Run: [\YUR42.exe] C:\Windows\system32\YUR42.exe
O4 - HKCU\..\Run: [\YUR43.exe] C:\Windows\system32\YUR43.exe
O4 - HKCU\..\Run: [\YUR44.exe] C:\Windows\system32\YUR44.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program\MicroAV\MicroAV.exe
O4 - HKCU\..\Run: [\YUR53.exe] C:\Windows\system32\YUR53.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKCU\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe
ta sedan bort denna mapp
C:\Program\MicroAV
starta om datorn och posta en ny hijackthis logg
2008-09-20, 19:07
#7
webbsidan fungerar inte =/
körde på "IE med inaktiverade tillägg"
men det gick inte ens med normal inställning.
körde på "IE med inaktiverade tillägg"
men det gick inte ens med normal inställning.
2008-09-20, 19:14
#8
bara "markera" dom?
sen då.
sen då.
2008-09-20, 19:20
#10
Nya loggen (del 1 )
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:59, on 2008-09-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program\ScanSoft\PaperPort\pptd40nt.exe
C:\Program\Brother\Brmfl04g\BrStDvPt.exe
C:\Program\Brother\ControlCenter2\brctrcen.exe
C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program\SiteAdvisor\6261\SiteAdv.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\YUR27.exe
C:\WINDOWS\system32\rundll32.exe
C:\Windows\system32\YUR28.exe
C:\Windows\system32\YUR29.exe
C:\Windows\system32\YUR2A.exe
C:\Windows\system32\YUR2B.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
C:\Program\palmOne\Hotsync.exe
C:\Program\DAEMON Tools\chkupd.exe
C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program\Nikon\PictureProject\NkbMonitor.exe
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\mysql\bin\winmysqladmin.exe
C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program\McAfee\MSC\mcmscsvc.exe
c:\program\delade filer\mcafee\mna\mcnasvc.exe
c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
C:\Program\McAfee\VIRUSS~1\mcshield.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\McAfee\MPF\MPFSrv.exe
C:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\Program\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\Program\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
Scan saved at 19:18:59, on 2008-09-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program\ScanSoft\PaperPort\pptd40nt.exe
C:\Program\Brother\Brmfl04g\BrStDvPt.exe
C:\Program\Brother\ControlCenter2\brctrcen.exe
C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program\SiteAdvisor\6261\SiteAdv.exe
C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\YUR27.exe
C:\WINDOWS\system32\rundll32.exe
C:\Windows\system32\YUR28.exe
C:\Windows\system32\YUR29.exe
C:\Windows\system32\YUR2A.exe
C:\Windows\system32\YUR2B.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
C:\Program\palmOne\Hotsync.exe
C:\Program\DAEMON Tools\chkupd.exe
C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program\Nikon\PictureProject\NkbMonitor.exe
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\mysql\bin\winmysqladmin.exe
C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program\McAfee\MSC\mcmscsvc.exe
c:\program\delade filer\mcafee\mna\mcnasvc.exe
c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
C:\Program\McAfee\VIRUSS~1\mcshield.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\McAfee\MPF\MPFSrv.exe
C:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\Program\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\Program\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
2008-09-20, 19:21
#11
Nya Log (del 2)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/dellsidebar.jhtml?p=EB
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jimca.net/goran/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=042306 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [\YUR27.exe] C:\Windows\system32\YUR27.exe
O4 - HKLM\..\Run: [\YUR28.exe] C:\Windows\system32\YUR28.exe
O4 - HKLM\..\Run: [\YUR29.exe] C:\Windows\system32\YUR29.exe
O4 - HKLM\..\Run: [\YUR2A.exe] C:\Windows\system32\YUR2A.exe
O4 - HKLM\..\Run: [\YUR2B.exe] C:\Windows\system32\YUR2B.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [\YUR27.exe] C:\Windows\system32\YUR27.exe
O4 - HKCU\..\Run: [\YUR28.exe] C:\Windows\system32\YUR28.exe
O4 - HKCU\..\Run: [\YUR29.exe] C:\Windows\system32\YUR29.exe
O4 - HKCU\..\Run: [\YUR2A.exe] C:\Windows\system32\YUR2A.exe
O4 - HKCU\..\Run: [\YUR2B.exe] C:\Windows\system32\YUR2B.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: palmOne Registration.lnk = C:\Program\palmOne\register.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program\palmOne\Hotsync.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O20 - AppInit_DLLs: cfucta.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech International Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor-tjänst (SiteAdvisor Service) - Unknown owner - C:\Program\SiteAdvisor\6261\SAService.exe
O24 - Desktop Component 0: (no name) - http://img.aftonbladet.se/noje/0610/31/bruce220.jpg
--
End of file - 10471 bytes
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jimca.net/goran/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=042306 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [\YUR27.exe] C:\Windows\system32\YUR27.exe
O4 - HKLM\..\Run: [\YUR28.exe] C:\Windows\system32\YUR28.exe
O4 - HKLM\..\Run: [\YUR29.exe] C:\Windows\system32\YUR29.exe
O4 - HKLM\..\Run: [\YUR2A.exe] C:\Windows\system32\YUR2A.exe
O4 - HKLM\..\Run: [\YUR2B.exe] C:\Windows\system32\YUR2B.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [\YUR27.exe] C:\Windows\system32\YUR27.exe
O4 - HKCU\..\Run: [\YUR28.exe] C:\Windows\system32\YUR28.exe
O4 - HKCU\..\Run: [\YUR29.exe] C:\Windows\system32\YUR29.exe
O4 - HKCU\..\Run: [\YUR2A.exe] C:\Windows\system32\YUR2A.exe
O4 - HKCU\..\Run: [\YUR2B.exe] C:\Windows\system32\YUR2B.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: palmOne Registration.lnk = C:\Program\palmOne\register.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program\Delade filer\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program\palmOne\Hotsync.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O20 - AppInit_DLLs: cfucta.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech International Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor-tjänst (SiteAdvisor Service) - Unknown owner - C:\Program\SiteAdvisor\6261\SAService.exe
O24 - Desktop Component 0: (no name) - http://img.aftonbladet.se/noje/0610/31/bruce220.jpg
--
End of file - 10471 bytes
2008-09-20, 19:26
#12
hilfe.
kan f.ö nämna det på skrivbordet blir mer & mer ikoner & skit.
bla " Micro Antivirus 2009" xD.
pop-upsen är outhärdliga.
Mvh
kan f.ö nämna det på skrivbordet blir mer & mer ikoner & skit.
bla " Micro Antivirus 2009" xD.
pop-upsen är outhärdliga.
Mvh
Skapa ett konto eller logga in för att kommentera
Du måste vara medlem för att kunna kommentera
