Min Internet hastighet är bra på min laptop, men dess verkliga långsamt på min desktop PC.

**Mohi212** · #1 30 december 2008, 15:11

min bror kopplas till ansluten till den bärbara datorn. efteråt, när han anslutit den till de ursprungliga st ..... mitt skrivbord, hastigheten är verkligen börjar suga ....... jag vet inte. hämtningen som oftast hände vid aroun 14 kb nu händer på max.4kb. som till exempel Facebook som öppnar fin innan, nu Kinda får hängas upp under en lång tid att öppna något.

Jag meddelanden min hijack logg för säkerhets skull. Please help.

Heres min hastighet test har jag 128 hastighet ........ vet inte om det i Mega eller kilo ....... men jag tror att det troligtvis det senare.
http://www.speedtest.net/result/381473298.png

Loggfil av Trend Micro HijackThis v2.0.2
Scan sparas på 2:58:15 AM, den 12/31/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Kör processer:
D: \ WINDOWS \ System32 \ Smss.exe
D: \ WINDOWS \ system32 \ csrss.exe
D: \ WINDOWS \ system32 \ Winlogon.exe
D: \ WINDOWS \ system32 \ services.exe
D: \ WINDOWS \ system32 \ Lsass.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ System32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Spoolsv.exe
D: \ Program \ Delade filer \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
D: \ WINDOWS \ system32 \ slserv.exe
D: \ WINDOWS \ system32 \ wdfmgr.exe
D: \ WINDOWS \ system32 \ wscntfy.exe
D: \ WINDOWS \ system32 \ taskmgr.exe
D: \ Program \ Ares \ Ares.exe
D: \ WINDOWS \ explorer.exe
E: \ ALLA program \ HiJackThis.exe
D: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = cirka: blank
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
F2 - REG: system.ini: Shell = explorer.exe
O2 - BHO: DAPHelper Class - (0000CC75-ACF3-4cac-A0A9-DD3868E06852) - D: \ Program \ DAP \ DAPBHO.dll
O2 - BHO: IDM Helper - (0055C089-8582-441B-A0BF-17B458C2A3A8) - D: \ Program \ Internet Download Manager \ IDMIECC.dll
O2 - BHO: AskBar BHO - (201f27d4-3704-41d6-89c1-aa35e39143ed) - D: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O2 - BHO: Skype add-on (Mastermind) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - D: \ Program \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (inget namn) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - d: \ program \ google \ googletoolbar2.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - d: \ program \ google \ googletoolbar2.dll
O3 - Toolbar: (inget namn) - (DE9C389F-3316-41A7-809B-AA305ED9D922) - (no file)
O3 - Toolbar: Ask Toolbar - (3041d03e-fd4b-44e0-b742-2d9b88305f98) - D: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O4 - HKLM \ .. \ Run: [QuickTime Task] "D: \ Program \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [googletalk] D: \ Program \ Google \ Google Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "D: \ Program \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] D: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "D: \ Program \ DNA \ btdna.exe"
O8 - Extra sammanhang menyobjektet: & Ladda ner med & DAP - D: \ progra ~ 1 \ DAP \ dapextie.htm
O8 - Extra sammanhang menyobjektet: Download & all with DAP - D: \ progra ~ 1 \ DAP \ dapextie2.htm
O8 - Extra sammanhang menyobjektet: Hämta alla länkar med IDM - D: \ Program \ Internet Download Manager \ IEGetAll.htm
O8 - Extra sammanhang menyobjektet: Ladda ner FLV videoinnehåll med IDM - D: \ Program \ Internet Download Manager \ IEGetVL.htm
O8 - Extra sammanhang menyobjektet: Ladda ner med IDM - D: \ Program \ Internet Download Manager \ IEExt.htm
O8 - Extra sammanhang menyobjektet: E & xportera till Microsoft Excel - res: / / D: \ progra ~ 1 \ mikro ~ 2 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (inget namn) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
Ø9 - Extra button: (inget namn) - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
Ø9 - Extra 'Tools' MENUITEM: Uninstall BitDefender Online Scanner v8 - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - D: \ progra ~ 1 \ mikro ~ 2 \ Office11 \ REFIEBAR.DLL
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Control) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) (BDSCANONLINE Control) -- http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1222679603245
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - D: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify:! SASWinLogon - D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Ares Chattrum server (AresChatServer) - Ares Development Group - D: \ Program \ Ares \ chatServer.exe
O23 - Service: Distributed - Okänd ägare - D: \ Program \ Delade filer \ Microsoft Shared \ MSINFO \ ServerNet.exe (fil saknas)
O23 - Service: Google Updater Service (gusvc) - Google - D: \ Program \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe
O23 - Service: ServiceLayer - Nokia. - D: \ Program \ PC Connectivity Solution \ ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - D: \ WINDOWS \ system32 \ slserv.exe

--
End of file - 6000 bytes

**evilfantasy** · #2 30 december 2008, 16:32

Hämta Malwarebytes' Anti-Malware (MBAM)

Dubbelklicka mbam-setup.exe och följer anvisningarna för att installera programmet.
I slutet ska du en bockmärke placeras bredvid följande:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
Klicka sedan på Mål.
Om en uppdatering finns, kommer det att hämta och installera den senaste versionen.
När programmet har laddats, välj Utför Quick Scan, Klicka på Scan.
När sökningen är klar klickar du på OKOch sedan Visa resultat att visa resultat.
Var noga med att allt är kontrollerat, och klicka Ta bort valda.
När desinficeringen är slutförd, en logg kommer att öppna i Anteckningar och du kan bli ombedd att starta om. (Se Extra Not)
Loggen sparas automatiskt genom MBAM och kan läsas genom att klicka på Logs-fliken i MBAM.
Kopiera och klistra in hela rapporten i ditt nästa svar.

Extra Obs! Om MBAM stöter på en fil som är svår att ta bort, kommer du bli visad 1 av 2 uppmanas att klicka på OK antingen och låta MBAM fortsätta med desinfektion process, om han uppmanas att starta om datorn, gör det omedelbart.

----------

Hämta slumpmässiga system informationsverktyg (RSIT) genom slumpmässigt / måfå från och spara den på skrivbordet.

Dubbelklicka på RSIT.exe att köra.
Klicka Fortsätt vid ansvarsfriskrivning skärmen.
När den är klar, två stockar öppnas.
Log.txt <ska maximeras och info.txt <ska minimeras
Vänligen skicka innehållet i båda Stockarna i nästa replik.

**Mohi212** · #3 1 januari 2009, 11:09

Loggfil slumpmässiga system informationsverktyg 1.05 (written by random / random)
Kör genom Burhan till 2009-01-01 23:01:39
Microsoft Windows XP Professional Service Pack 2
System enhet D: har 1 GB (16%) utan 10 GB
Total RAM: 126 MB (17% free)

Loggfil av Trend Micro HijackThis v2.0.2
Scan sparades vid 11:01:43 PM om 1.1.2009
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Kör processer:
D: \ WINDOWS \ System32 \ Smss.exe
D: \ WINDOWS \ system32 \ csrss.exe
D: \ WINDOWS \ system32 \ Winlogon.exe
D: \ WINDOWS \ system32 \ services.exe
D: \ WINDOWS \ system32 \ Lsass.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ System32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Svchost.exe
D: \ WINDOWS \ system32 \ Spoolsv.exe
D: \ Program \ Delade filer \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
D: \ WINDOWS \ system32 \ Ctfmon.exe
D: \ WINDOWS \ system32 \ wdfmgr.exe
D: \ WINDOWS \ System32 \ alg.exe
D: \ WINDOWS \ system32 \ wscntfy.exe
D: \ WINDOWS \ system32 \ taskmgr.exe
D: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe
D: \ WINDOWS \ explorer.exe
D: \ Documents and Settings \ Burhan \ Desktop \ RSIT.exe
E: \ ALLA program \ Burhan.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = cirka: blank
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
F2 - REG: system.ini: Shell = explorer.exe
O2 - BHO: DAPHelper Class - (0000CC75-ACF3-4cac-A0A9-DD3868E06852) - D: \ Program \ DAP \ DAPBHO.dll
O2 - BHO: Skype add-on (Mastermind) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - D: \ Program \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (inget namn) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O3 - Toolbar: (inget namn) - (DE9C389F-3316-41A7-809B-AA305ED9D922) - (no file)
O4 - HKLM \ .. \ Run: [QuickTime Task] "D: \ Program \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [googletalk] D: \ Program \ Google \ Google Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "D: \ Program \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] D: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "D: \ Program \ DNA \ btdna.exe"
O8 - Extra sammanhang menyobjektet: & Ladda ner med & DAP - D: \ progra ~ 1 \ DAP \ dapextie.htm
O8 - Extra sammanhang menyobjektet: Download & all with DAP - D: \ progra ~ 1 \ DAP \ dapextie2.htm
O8 - Extra sammanhang menyobjektet: E & xportera till Microsoft Excel - res: / / D: \ progra ~ 1 \ mikro ~ 2 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (inget namn) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
Ø9 - Extra button: (inget namn) - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
Ø9 - Extra 'Tools' MENUITEM: Uninstall BitDefender Online Scanner v8 - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - D: \ progra ~ 1 \ mikro ~ 2 \ Office11 \ REFIEBAR.DLL
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) (BDSCANONLINE Control) -- http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1222679603245
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - D: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify:! SASWinLogon - D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Ares Chattrum server (AresChatServer) - Ares Development Group - D: \ Program \ Ares \ chatServer.exe
O23 - Service: Distributed - Okänd ägare - D: \ Program \ Delade filer \ Microsoft Shared \ MSINFO \ ServerNet.exe (fil saknas)
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe
O23 - Service: ServiceLayer - Nokia. - D: \ Program \ PC Connectivity Solution \ ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - D: \ WINDOWS \ system32 \ slserv.exe

--
End of file - 4970 bytes

====== Registry dump ======

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0000CC75-ACF3-4cac-A0A9-DD3868E06852)]
DAPHelper Class - D: \ Program \ DAP \ DAPBHO.dll [2007-11-27 98304]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (22BF413B-C6D2-4d91-82A9-A0F997BA588C)]
Skype add-on (Mastermind) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll [2008-05-30 1410344]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - D: \ Program \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar]
(DE9C389F-3316-41A7-809B-AA305ED9D922)

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"QuickTime Task" = D: \ Program \ QuickTime \ qttask.exe [2006-09-01 282624]
"googletalk" = D: \ Program \ Google \ Google Talk \ googletalk.exe [2007-01-02 3739648]
"SunJavaUpdateSched" = D: \ Program \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = D: \ WINDOWS \ system32 \ Ctfmon.exe [2004-08-03 15360]
"BitTorrent DNA" = D: \ Program \ DNA \ btdna.exe [2008-12-30 342848]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Ctfmon.exe]
D: \ WINDOWS \ system32 \ Ctfmon.exe [2004-08-03 15360]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ PCSuiteTrayApplication]
[]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ PCTAVApp]
D: \ Program Files \ PC Tools AntiVirus \ PCTAV.exe [2008-09-25 1370000]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon]
D: \ Program \ SUPERAntiSpyware \ SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = D: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ SafeBoot \ Minimal \ SBCSSvc]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ SafeBoot \ Network \ PCTAVSvc]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ SafeBoot \ Network \ SBCSSvc]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer]
"NoDrives" = 0
"NoDriveAutoRun" = FFFFFFFF
"NoDriveTypeAutoRun" = 36

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" =
"NoDrives" =
"NoDriveAutoRun" =

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ tjänster es \ SharedAccess \ Parameters \ firewallpolicy \ standard profile \ authorizedapplications \ lista]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"D: \ Program \ Ares \ Ares.exe" = "D: \ Program \ Ares \ Ares.exe: *: Enabled: Ares P2P för Windows"
"D: \ Program Files \ NetMeeting \ conf.exe" = "D: \ Program Files \ NetMeeting \ conf.exe: *: Enabled: Windows ® NetMeeting ®"
"D: \ Program \ Opera \ Opera.exe" = "D: \ Program \ Opera \ Opera.exe: *: Enabled: Opera Internet Browser"
"D: \ Program \ Google \ Google Talk \ googletalk.exe" = "D: \ Program \ Google \ Google Talk \ googletalk.exe: *: Enabled: Google Talk"
"D: \ Program \ Yahoo! \ Messenger \ YahooMessenger.exe" = "D: \ Pro gram Files \ Yahoo! \ Messenger \ YahooMessenger.exe: *: Aktivera d: Yahoo! Messenger"
"D: \ Program \ Yahoo! \ Messenger \ YServer.exe" = "D: \ Program \ Yahoo! \ Messenger \ YServer.exe: *: Enabled: Yahoo! FT Server"
"D: \ Program Files \ AIM6 \ aim6.exe" = "D: \ Program \ AIM6 \ aim6.exe: *: Enabled: AIM"
"D: \ Program Files \ Skype \ Phone \ Skype.exe" = "D: \ Program Files \ Skype \ Phone \ Skype.exe: *: Enabled: Skype"
"D: \ Program \ Trillian \ trillian.exe" = "D: \ Program \ Trillian \ trillian.exe: *: Enabled: Trillian"
"D: \ Program Files \ Miranda IM \ miranda32.exe" = "D: \ Program \ Miranda IM \ miranda32.exe: *: Enabled: Miranda IM"
"D: \ Program Files \ LimeWire \ LimeWire.exe" = "D: \ Program Files \ LimeWire \ LimeWire.exe: *: Enabled: LimeWire"
"D: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "D: \ Program \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"D: \ Program Files \ MSN Messenger \ livecall.exe" = "D: \ Program \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"D: \ Program \ DNA \ btdna.exe" = "D: \ Program \ DNA \ btdna.exe: *: Enabled: DNA"
"D: \ Program Files \ BitTorrent \ bittorrent.exe" = "D: \ Program Files \ BitTorrent \ bittorrent.exe: *: Enabled: BitTorre nt"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ tjänster es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ lista]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"D: \ Program Files \ MSN Messenger \ msncall.exe" = "D: \ Program \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"D: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "D: \ Program \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"D: \ Program Files \ MSN Messenger \ livecall.exe" = "D: \ Program \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (dafa2220-8123-11dd-aa9c-00065b298742)]
shell \ AutoRun \ command - G: \ CONFIG \ S-1-5-21-1482476501-1644491937-682003330-1013 \ Cfg.exe
shell \ open \ command - G: \ CONFIG \ S-1-5-21-1482476501-1644491937-682003330-1013 \ Cfg.exe

====== Lista filer / mappar som skapats under de senaste 1 månader ======

2009-01-01 20:51:34 ---- SHD ---- D: \ FOUND.174
2008-12-31 19:12:10 ---- SHD ---- D: \ FOUND.173
2008-12-30 23:08:48 ---- SHD ---- D: \ FOUND.172
2008-12-30 18:53:42 ---- SHD ---- D: \ FOUND.171
2008-12-30 16:16:01 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ BitTorrent
2008-12-30 16:15:44 ---- D ---- D: \ Program \ DNA
2008-12-30 16:15:44 ---- D ---- D: \ Program Files \ BitTorrent
2008-12-30 16:15:44 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ DNA
2008-12-30 14:46:46 ---- SHD ---- D: \ FOUND.170
2008-12-29 23:24:22 ---- SHD ---- D: \ FOUND.169
2008-12-29 15:06:17 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ IDM
2008-12-29 13:39:04 ---- SHD ---- D: \ FOUND.168
2008-12-28 05:25:52 ---- D ---- D: \ Program \ IrfanView
2008-12-26 22:39:46 ---- SHD ---- D: \ FOUND.167
2008-12-26 15:36:18 ---- SHD ---- D: \ FOUND.166
2008-12-26 12:37:24 ---- SHD ---- D: \ FOUND.165
2008-12-25 21:19:38 ---- SHD ---- D: \ FOUND.164
2008-12-20 14:47:41 ---- D ---- D: \ Program \ HyCam2
2008-12-20 12:02:48 ---- D ---- D: \ Program Files \ Frets on fire
2008-12-20 09:54:02 ---- SHD ---- D: \ FOUND.163
2008-12-17 11:38:48 ---- SHD ---- D: \ FOUND.162
2008-12-15 23:31:13 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ LimeWire
2008-12-15 23:03:16 ---- SHD ---- D: \ FOUND.161
2008-12-15 16:52:14 ---- SHD ---- D: \ FOUND.160
2008-12-13 13:47:12 ---- SHD ---- D: \ FOUND.159
2008-12-10 21:05:58 ---- SHD ---- D: \ FOUND.158
2008-12-09 23:27:12 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ J River
2008-12-09 13:10:10 ---- D ---- D: \ Program Files \ Common Files \ NSV
2008-12-06 05:52:44 ---- SHD ---- D: \ FOUND.157
2008-12-06 01:43:41 ---- N ---- D: \ WINDOWS \ system32 \ vxblock.dll
2008-12-06 01:43:41 ---- N ---- D: \ WINDOWS \ system32 \ pxwave.dll
2008-12-06 01:43:41 ---- N ---- D: \ WINDOWS \ system32 \ pxmas.dll
2008-12-06 01:43:41 ---- N ---- D: \ WINDOWS \ system32 \ pxhpinst.exe
2008-12-06 01:43:41 ---- N ---- D: \ WINDOWS \ system32 \ pxdrv.dll
2008-12-06 01:43:40 ---- N ---- D: \ WINDOWS \ system32 \ px.dll
2008-12-06 01:43:14 ---- D ---- D: \ Program \ Winamp
2008-12-06 01:43:14 ---- A ---- D: \ WINDOWS \ winamp.ini
2008-12-05 14:40:22 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ Netscape
2008-12-05 14:39:56 ---- D ---- D: \ Program \ Netscape
2008-12-04 17:34:26 ---- SHD ---- D: \ FOUND.156
2008-12-04 08:55:46 ---- SHD ---- D: \ FOUND.155
2008-12-02 22:24:47 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ InstallShield

====== Lista filer / mappar ändrats under de senaste 1 månader ======

2008-12-31 05:00:54 ---- N ---- D: \ WINDOWS \ SchedLgU.Txt
2008-12-24 22:49:44 ---- A ---- D: \ WINDOWS \ ModemLog_Smart Link 56K Voice Modem.txt

====== List förare (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======

R1 P3, Intel PentiumIII Processor Driver; D: \ WINDOWS \ system32 \ drivers \ p3.sys [2004-08-03 42496]
R1 SASDIFSV; SASDIFSV; \? \ D: \ Program Files \ SUPERAntiSpyware \ SASDIFSV.SYS []
R1 SASKUTIL; SASKUTIL; \? \ D: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.sys []
R1 WS2IFSL, Windows Socket 2.0 Icke-IFS Service Provider stödja miljö-och D: \ WINDOWS \ system32 \ drivers \ ws2ifsl.sys [2001-08-23 12032]
R2 AVFilter; AVFilter, D: \ WINDOWS \ system32 \ drivers \ AVFilter.sys [2008-02-12 21904]
R2 dmsmbios; dmsmbios; \? \ D: \ WINDOWS \ system32 \ dmsmbios.sys []
R3 ac97intc, Intel (R) 82801 Audio Driver Installera Service (WDM), D: \ WINDOWS \ system32 \ drivers \ ac97intc.sys [2001-08-17 96256]
R3 AVHook; AVHook, D: \ WINDOWS \ system32 \ drivers \ AVHook.sys [2007-12-06 28568]
R3 AVRec; AVRec, D: \ WINDOWS \ system32 \ drivers \ AVRec.sys [2007-12-06 21912]
R3 EL90XBC; 3Com EtherLink XL 90XB / C Adapter Driver; D: \ WINDOWS \ system32 \ drivers \ el90xbc5.sys [2001-08-17 66591]
R3 i81x; i81x, D: \ WINDOWS \ system32 \ drivers \ i81xnt5.sys [2004-08-03 161020]
R3 MODEMCSA; Unimodem Streaminghyra Filtrera Anordning, D: \ WINDOWS \ system32 \ drivers \ MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5; Mtlmnt5, D: \ WINDOWS \ system32 \ drivers \ Mtlmnt5.sys [2004-08-03 126686]
R3 Slntamr, Smart Link 56K Modem Driver; D: \ WINDOWS \ system32 \ drivers \ slntamr.sys [2004-08-03 404990]
R3 SlWdmSup; SlWdmSup, D: \ WINDOWS \ system32 \ drivers \ SlWdmSup.sys [2004-08-03 13240]
R3 usbhub, USB2 Enabled Hub, D: \ WINDOWS \ system32 \ drivers \ Usbhub.sys [2004-08-03 57600]
R3 usbuhci, Microsoft USB Universal Host Controller Miniport Driver; D: \ WINDOWS \ system32 \ drivers \ usbuhci.sys [2004-08-03 20480]
S1 b88b9e8e; b88b9e8e, D: \ WINDOWS \ system32 \ drivers \ b88b9e8e.sys [2008-08-05 109150]
S3 AvFlt; Antivirus Filter Driver; D: \ WINDOWS \ system32 \ drivers \ av5flt.sys []
S3 CCDECODE, Closed Caption Dekoder, D: \ WINDOWS \ system32 \ drivers \ CCDECODE.sys [2004-08-03 17024]
S3 iAimFP0; iAimFP0, D: \ WINDOWS \ system32 \ drivers \ wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1; iAimFP1, D: \ WINDOWS \ system32 \ drivers \ wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2; iAimFP2, D: \ WINDOWS \ system32 \ drivers \ wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3; iAimFP3, D: \ WINDOWS \ system32 \ drivers \ wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4; iAimFP4, D: \ WINDOWS \ system32 \ drivers \ wVchNTxx.sys [2004-08-03 19455]
S3 iAimFP5; iAimFP5, D: \ WINDOWS \ system32 \ drivers \ wADV07nt.sys [2004-08-03 11807]
S3 iAimFP6; iAimFP6, D: \ WINDOWS \ system32 \ drivers \ wADV08nt.sys [2004-08-03 11295]
S3 iAimFP7; iAimFP7, D: \ WINDOWS \ system32 \ drivers \ wADV09nt.sys [2004-08-03 11871]
S3 iAimTV0; iAimTV0, D: \ WINDOWS \ system32 \ drivers \ wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1; iAimTV1, D: \ WINDOWS \ system32 \ drivers \ wATV02NT.sys [2004-08-03 19551]
S3 iAimTV3; iAimTV3, D: \ WINDOWS \ system32 \ drivers \ wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4; iAimTV4, D: \ WINDOWS \ system32 \ drivers \ wCh7xxNT.sys [2004-08-03 23615]
S3 iAimTV5; iAimTV5, D: \ WINDOWS \ system32 \ drivers \ wATV10nt.sys [2004-08-03 25471]
S3 iAimTV6; iAimTV6, D: \ WINDOWS \ system32 \ drivers \ wATV06nt.sys [2004-08-03 22271]
S3 MBAMSwissArmy; MBAMSwissArmy; \? \ D: \ WINDOWS \ system32 \ drivers \ mbamswissarmy.sys []
S3 MSTEE, Microsoft Streaming Tee / Sänka till Sänka Converter, D: \ WINDOWS \ system32 \ drivers \ MSTEE.sys [2004-08-03 5504]
S3 Mtlstrm; Mtlstrm, D: \ WINDOWS \ system32 \ drivers \ Mtlstrm.sys [2004-08-03 1309184]
S3 NABTSFEC; NABTS / FEC VBI Codec, D: \ WINDOWS \ system32 \ drivers \ NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP, Microsoft TV / Video Connection, D: \ WINDOWS \ system32 \ drivers \ NdisIP.sys [2004-08-03 10880]
S3 nmwcd; Nokias USB Phone Parent; D: \ WINDOWS \ system32 \ drivers \ nmwcd.sys [2007-02-22 137216]
S3 nmwcdc, Nokia USB Generic; D: \ WINDOWS \ system32 \ drivers \ nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj, Nokia USB-port, D: \ WINDOWS \ system32 \ drivers \ nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm, Nokia USB-modem, D: \ WINDOWS \ system32 \ drivers \ nmwcdcm.sys [2007-02-22 12288]
S3 NtMtlFax; NtMtlFax, D: \ WINDOWS \ system32 \ drivers \ NtMtlFax.sys [2004-08-03 180360]
S3 SASENUM; SASENUM; \? \ D: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS []
S3 SBRE; SBRE; \? \ D: \ WINDOWS \ system32 \ drivers \ SBREdrv.sys []
S3 SLIP; BDA Slip De-Framer, D: \ WINDOWS \ system32 \ drivers \ SLIP.sys [2004-08-03 11136]
S3 SlNtHal; SlNtHal, D: \ WINDOWS \ system32 \ drivers \ Slnthal.sys [2004-08-03 95424]
S3 streamip, BDA IPSink, D: \ WINDOWS \ system32 \ drivers \ StreamIP.sys [2004-08-03 15360]
S3 usbprint, Microsoft USB-skrivare klass, D: \ WINDOWS \ system32 \ drivers \ usbprint.sys [2004-08-03 25856]
S3 USBSTOR, USB Mass Storage Driver, D: \ WINDOWS \ system32 \ drivers \ USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb; WpdUsb, D: \ WINDOWS \ System32 \ Drivers \ wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC; världen Standard Teletext Codec, D: \ WINDOWS \ system32 \ drivers \ WSTCODEC.SYS [2004-08-03 19328]
S3 XIRLINK, IBM PC Camera, D: \ WINDOWS \ system32 \ drivers \ C-itnt.sys [1999-10-19 435655]

====== Förteckning av tjänster (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======

R2 MDM; Machine Debug Manager, D: \ Program \ Delade filer \ Microsoft Shared \ VS7DEBUG \ MDM.EXE [2003-06-19 322120]
R2 UMWdf, Windows User Mode Driver Framework; D: \ WINDOWS \ system32 \ wdfmgr.exe [2004-08-11 38912]
S2 Distributed, Distributed, D: \ Program \ Delade filer \ Microsoft Shared \ MSINFO \ ServerNet.exe []
S2 PCTAVSvc; PC Tools AntiVirus Engine, D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe [2008-09-23 995520]
S2 SLService; SmartLinkService, D: \ WINDOWS \ system32 \ slserv.exe [2004-08-04 73796]
S3 AresChatServer; Ares Chattrum server, D: \ Program \ Ares \ chatServer.exe [2007-03-20 263168]
S3 aspnet_state, ASP.NET statens tjänst; D: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ aspn et_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;. NET Runtime Optimization Service v2.0.50727_X86, D: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ msco rsvw.exe [2005-09-23 66240]
S3 ose; Office Source Engine; D: \ Program \ Delade filer \ Microsoft Shared \ Source Engine \ OSE.EXE [2003-07-28 89136]
S3 ServiceLayer; ServiceLayer, D: \ Program \ PC Connectivity Solution \ ServiceLayer.exe [2007-06-15 300544]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader service; D: \ Program \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc, Windows Live Setup Service; D: \ Program Files \ Windows Live \ installer \ WLSetupSvc.exe [2007-10-25 266240]

----------------- EOF -----------------

**Mohi212** · #4 1 januari 2009, 11:11

info.txt loggfil slumpmässiga system informationsverktyg 1,02 2008-09-26 23:02:40

====== Uninstall listan ======

-> D: \ WINDOWS \ IsUninst.exe-f "D: \ Program Files \ IbmPcCamera \ Uninst.isu"
-> rundll32.exe Setupapi.dll, InstallHinfSection DefaultUninstall 132 D: \ WINDOWS \ INF \ PCHealth.inf
ACDSee -> D: \ progra ~ 1 \ ACDSYS ~ 1 \ ACDSee \ UNWISE.EXE D: \ progra ~ 1 \ ACDSYS ~ 1 \ ACDSee \ INSTALL.LOG
Adobe Flash Player ActiveX -> D: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Flash Player Plugin -> D: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_plug in.exe
MÅL 6 -> D: \ Program \ AIM6 \ uninst.exe
Ares 2.0.9 -> "D: \ Program \ Ares \ uninstall.exe"
Astro123 v1.40--> "D: \ Program \ Astro123 \ unins000.exe"
Axialis AX-ikoner 4.5 -> D: \ Program \ Axialis \ AX-Icons \ UnInstall.exe "AX-ikoner 4.5" "AXIcons.exe"
CCleaner (ta bort bara )-->" D: \ Program \ CCleaner \ uninst.exe "
CDisplay 1.8 -> "D: \ Program \ CDisplay \ unins000.exe"
Download Accelerator Plus -> D: \ progra ~ 1 \ DAP \ UNWISE.EXE D: \ progra ~ 1 \ DAP \ INSTALL.LOG
ESET Online Scanner -> D: \ WINDOWS \ system32 \ OnlineScannerUninstaller.ex e
ffdshow [rev 2019] [2008-06-22 ]-->" D: \ Program \ ffdshow \ unins000.exe "
Flash Studio Pro Trial -> "D: \ Program \ Flash Studio PRO Trial \ unins000.exe"
FLV Player 2.0, bygga 24 -> C: \ Program Files \ FLV Player \ uninst.exe
Foxit Reader -> C: \ Program \ Foxit Software \ Foxit Reader \ Uninstall.exe
Glary Registry Repair 2.9 -> "D: \ Program \ Glary Registry Repair \ unins000.exe"
Google Earth -> msiexec.exe / I (1D14373E-7970-4F2F-A467-ACA4F0EA21E3)
Google Talk (ta bort bara )-->" D: \ Program \ Google \ Google Talk \ uninstall.exe "
Google Toolbar för Internet Explorer -> msiexec.exe / I (DBEA1034-5882-4A88-8033-81C4EF0CFA29)
Google Toolbar för Internet Explorer -> regsvr32 / u / s "d: \ program \ google \ googletoolbar2.dll"
HijackThis 2.0.2 -> "D: \ Documents and Settings \ Burhan \ Mina dokument \ ALLA program \ HijackThis.exe" / uninstall
Snabbkorrigeringen för Windows XP (KB915865 )-->" D: \ WINDOWS \ $ NtUninstallKB915865 $ \ spuninst \ spunin st.exe "
Internet Download Manager -> D: \ Program \ Internet Download Manager \ Uninstall.exe
Malwarebytes' Anti-Malware -> "D: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe"
Microsoft National Language Support Downlevel API -> "D: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Excel Viewer 2003 -> msiexec.exe / I (90840409-6000-11D3-8CFE-0150048383C9)
Microsoft Office XP Professional med FrontPage -> msiexec.exe / I (90280409-6000-11D3-8CFE-0050048383C9)
Microsoft Visual Basic 6.0 Enterprise Edition -> "D: \ Program \ Microsoft Visual Studio \ VB98 \ Setup \ 1033 \ Setup.exe"
Microsoft Webb guiden 1,53 -> rundll32 ADVPACK.DLL, LaunchINFSection D: \ WINDOWS \ INF \ wpie3x86.inf, WebPostUninstall
Mobysaurus Thesaurus -> "D: \ WINDOWS \ system32 \ SpoonUninstall.exe" <uninstall> D: \ WINDOWS \ system32 \ SpoonUninstall-Mobysaurus Thesaurus.dat
Nokia Connectivity Cable Driver -> msiexec.exe / X (11964613-805F-432D-A12B-169554B793E7)
Nokia Multimedia Player -> D: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ I Driver.exe / M (4D6183C0-005C-4B1F-8261-4B0F71F1C4A5)
Nokia PC Suite -> D: \ Documents and Settings \ All Users \ Application Data \ Installationer \ (A982E6CC-9F0D-4948-9B18-BDFD55DE4A72) \ Nokia_PC_Suite_6_84_10_3_EA.exe
Nokia PC Suite -> msiexec.exe / I (A982E6CC-9F0D-4948-9B18-BDFD55DE4A72)
Opera 9.51 -> msiexec.exe / X (179624B1-2683-45ED-965A-B72189EB5820)
Datoranslutning Solution -> msiexec.exe / I (99A40651-0BC2-4095-8F9A-A40FAB224FEF)
PowerDVD -> rundll32 D: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ INSTAL ~ 1 \ motor \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "D: \ Program \ InstallShield Installation Information \ (6811CAA0-BF12 - 11D4-9EA1-0050BAE317E1) \ Setup.exe "-uninstall
QuickTime -> msiexec.exe / I (F07B861C-72B9-40A4-8B1A-AAED4C06A7E8)
RichFX Player -> rundll32 D: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ RichFX \ npvpg004.dll, Avinstallera _Player
Skype ™ 3.8 -> msiexec.exe / X (5C82DAE5-6EB0-4374-9254-BE3319BA4E82)
TIDPUNKTER Utbildning - En Nivå Fysik -> D: \ WINDOWS \ uninst.exe-f "D: \ Program Files \ TIDPUNKTER Utbildning \ A Level \ fysik \ DeIsL2.isu"-cd: \ progra ~ 1 \ TIMESE ~ 1 \ ALEVEL ~ 1 \ fysik \ _ISREG32.DL L
TZ Connection Booster 2.6 -> "D: \ Program \ TZ Connection Booster \ unins000.exe"
USB Drive AntiVirus 2.3 -> "D: \ Program \ USBAntiVirus \ unins000.exe"
Synvinkel Media Player -> D: \ Program \ synvinkel \ synvinkel Media Player \ mtsAxInstaller.exe / u
Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0) -> D: \ progra ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ pccswpddri_044C8712DB 44F83D9DE6C376991EE9254E0A69E4 \ pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3,1) -> D: \ progra ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ pccs_bluet_8B37DC7291 8CCD58A6EC20373AF6242B037A293B \ pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (02/15/2007 3,1) -> D: \ progra ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ pccs_bluet_F12A08B6F7 76984A95553486F64C541356F86E38 \ pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) -> D: \ progra ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ nokbtmdm_5E1541AFF1E1 EA3554CE566743CCAD323ED1C108 \ nokbtmdm.inf
Windows Installer 3.1 (KB893803 )-->" D: \ WINDOWS \ $ MSI31Uninstall_KB893803v2 $ \ spuninst \ spuninst.exe "
Windows Live installer -> msiexec.exe / X (A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320)
Windows Live Messenger -> msiexec.exe / I (571700F0-DB9D-4B3A-B03D-35A14BB5939F)
Windows Media Format Runtime -> "D: \ Program \ Windows Media Player \ wmsetsdk.exe" / UninstallAll
Windows Media Player 10 -> "D: \ Program \ Windows Media Player \ Setup_wm.exe" / avinstallera
WinRAR Archiver -> D: \ Program Files \ WinRAR \ uninstall.exe
Yahoo! Messenger -> D: \ progra ~ 1 \ YAHOO! \ Messen ~ 1 \ UNWISE.EXE / UD: \ progra ~ 1 \ YAHOO! \ Messen ~ 1 \ INSTALL.LOG

====== Miljövariabler ======

"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% systemroot% \ system32;% systemroot%,% systemr oot% \ system32 \ wbem; D: \ Program \ PC Connectivity Solution, D: \ Program \ QuickTime \ QTSYSTEM
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NEJ
"OS" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 6
"PROCESSOR_IDENTIFIER" = x86 Family 6 Model 8 Stepping 10, GenuineIntel
"PROCESSOR_REVISION" = 080a
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM,. EXE,. BAT;. CMD,. VBS,. Vbe,. JS;. Jse,. WSF;. WSH
"TEMP" =% SystemRoot% \ TEMP
"TMP" =% SystemRoot% \ TEMP
"Classpath" =.; D: \ Program \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = D: \ Program \ QuickTime \ QTSystem \ QTJava.zip

----------------- EOF -----------------

**Mohi212** · #5 1 januari 2009, 11:14

Malwarebytes' Anti-Malware 1.28
Database version: 1234
Windows 5.1.2600 Service Pack 2

12/31/2008 6:04:35 AM
mbam-log-2008-12-31 (06-04-35). txt

Scan type: Full Scan (D: \ |)
Objekt skannade: 107121
Tid som förflutit: 24 minute (s), 0 andra (s)

Memory Processes Infekterade: 0
Minnesmoduler Infekterade: 0
Registernycklar Infekterade: 2
Registervärdena Infekterade: 0
Registry Data Items Infekterade: 0
Mappar Infekterade: 0
Filer Infekterade: 0

Memory Processes Infekterade:
(Inga illasinnade poster upptäcks)

Minnesmoduler Infekterade:
(Inga illasinnade poster upptäcks)

Registernycklar Infekterade:
HKEY_CLASSES_ROOT \ AppID \ (bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1) (Adware.WebDir) -> karantän och raderades.
HKEY_CLASSES_ROOT \ AppID \ DLP.DLL (Trojan.BHO) -> karantän och raderades.

Registervärdena Infekterade:
(Inga illasinnade poster upptäcks)

Registry Data Items Infekterade:
(Inga illasinnade poster upptäcks)

Mappar Infekterade:
(Inga illasinnade poster upptäcks)

Filer Infekterade:
(Inga illasinnade poster upptäcks)

**evilfantasy** · #6 1 januari 2009, 12:55

Öppna HijackThis och välj Gör ett system scan bara.

Placera en bock bredvid följande uppgifter: (om det)

F2 - REG: system.ini: Shell = explorer.exe

Viktigt: Stäng alla öppna fönster förutom HijackThis och klicka sedan på Fix kontrolleras.

Efter avslutad, exit HijackThis.

----------

Ladda ner ComboFix © by subs från en av nedanstående länkar. Var noga med början spara det till Desktop.

Länk # 1
Länk # 2

** Observera: Det är viktigt att det sparas direkt på skrivbordet

INTE kör det ännu!

Obs! nedanstående instruktioner skapades speciellt för den här användaren. Om du inte är här, INTE Följ dessa anvisningar, eftersom de kan skada fungerar systemet

Ta bort dessa filer / mappar på följande sätt:

1. Gå till Start > Springa > Typ Notepad.exe och klicka OK att öppna Anteckningar.
Den måste vara Anteckningar inte WordPad.
2. Kopiera texten i nedanstående nummer fält genom att markera all text och trycka på Ctrl + C

Kod:

Killall:: Arkiv:: D: \ FOUND.174 D: \ FOUND.173 D: \ FOUND.172 D: \ FOUND.171 D: \ FOUND.170 D: \ FOUND.169 D: \ FOUND.168 D: \ FOUND.167 D: \ FOUND.166 D: \ FOUND.165 D: \ FOUND.164 D: \ FOUND.163 D: \ FOUND.162 D: \ FOUND.161 D: \ FOUND.160 D: \ FOUND ,159 D: \ FOUND.158 D: \ FOUND.157 D: \ FOUND.156 D: \ FOUND.155 Registry:: [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Browser Helper Objects \ (7E853D72 - 626A-48EC-A868-BA8D5E23E045)] [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar] (DE9C389F-3316-41A7-809B-AA305ED9D922) [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ ( dafa2220-8123-11dd-aa9c-00065b298742)]

3. Gå till Notepad-fönstret och klicka på Redigera > Klistra in
4. Klicka sedan på Fil > Spara
5. Namnge filen CFScript.txt - Spara filen på skrivbordet
6. Dra sedan CFScript (håll nere vänster musknapp medan du drar filen) och släppa det (release vänster musknapp) i ComboFix.exe som du ser i skärmdumpen nedan. Viktigt: Utför denna instruktion noga!

ComboFix kommer att börja köra, bara följ anvisningarna.
Efter omstart (om man begär att starta om), kommer att ta fram en logga åt dig.
Post som log (Combofix.txt) i din nästa replik.

Obs! Don't mouseclick ComboFix fönster medan det körs. Det kan göra att ditt system fryser