jiz
-
Innehållsantal
20 -
Gick med
-
Besökte senast
Inlägg postade av jiz
-
-
94.245.121.234 var en av IP-adresserna hittar inte på dom andra i ESET
04-raderna finns det ju 1 st ctfmon.exe (ok på den) och 2 st CTFMON.EXE trojan skit?
Angående Firefox ett fönster med flera flikar öppna
Tack för snabbt svar
Kollar vidare på 04-raderna
Lägg till eller ta bort program i kontrollpanelen funkar inte, fönstret kommer upp men inget fylls i?????????
-
Ser allt ok ut?
Väldigt seg dator, har hela 50 st processer igång om man kollar i Aktivitetshanteraren, men "bara" 41 enligt denna logga?
ESET har varnat ett par gånger om in/ut gående tarfik.
Mvh jiz
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:50, on 2012-01-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AgentService\AgentService.exe
C:\Program\LSI SoftModem\agrsmsvc.exe
C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program\ESET\ESET Smart Security\ekrn.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
C:\Program\Delade filer\Java\Java Update\jusched.exe
C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program\ESET\ESET Smart Security\egui.exe
C:\Program\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\iPod\bin\iPodService.exe
C:\Program\Mobile Partner\Mobile Partner.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Mozilla Firefox\plugin-container.exe
C:\Program\Mozilla Firefox\plugin-container.exe
C:\Program\Delade filer\Apple\Apple Application Support\distnoted.exe
C:\Program\Delade filer\Apple\Mobile Device Support\SyncServer.exe
C:\Program\Mozilla Firefox\plugin-container.exe
C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe
C:\Program\Trend Micro\HijackThis\jiz.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program\Winamp Toolbar\winamptb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program\Delade filer\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Delade filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Program\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra button: Mummys Gold Casino - {443196D5-A77E-4F80-98B1-F7F6908E8316} - C:\Microgaming\Casino\MummysGoldCasino\casinogame.exe (file missing) (HKCU)
O15 - Trusted Zone: http://www.csports.com
O15 - Trusted Zone: http://www.csports.se
O15 - Trusted IP range: 192.168.0.1
O15 - Trusted IP range: http://192.168.0.1
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237476882415
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1255538007015
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36017F95-C489-4065-A15B-A509E7479B12}: NameServer = 192.168.0.1,192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B6EE058-9938-4700-B8A7-1C40F489C885}: NameServer = 80.251.201.177,80.251.211.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{36017F95-C489-4065-A15B-A509E7479B12}: NameServer = 192.168.0.1,192.168.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{36017F95-C489-4065-A15B-A509E7479B12}: NameServer = 192.168.0.1,192.168.10.1
O23 - Service: PC Agent Service (AgentService) - Unknown owner - C:\Program\AgentService/AgentService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: ESET Service (ekrn) - ESET - C:\Program\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10034 bytes
-
-
Har upptäckt ett till problem...
Varje gång jag startar Firefox så blockar ESET webadressen,
"jl.chura.pl/rc". Vad är det för skräp? Hur får jag bort den?
-
Jag kan starta den å så, har ej provat att installerat, ska testa det, tack för tips
Nu har jag fått igång datorn igen, körde en systemrecovery, men det är/var många program som inte funkar. Tror Eset fixade det mesta.
Virut.NBM smittade ner alla .exe filer. Så det var inte mycket som funkade
Gjorde en HJT-logga efter raset nu, här kommer den
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:44, on 2009-03-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe
C:\Program\InterVideo\Common\Bin\WinRemote.exe
C:\Program\Delade filer\InstallShield\UpdateService\issch.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program\Windows Desktop Search\WindowsSearch.exe
C:\Program\OpenOffice.org 3\program\soffice.exe
C:\Program\OpenOffice.org 3\program\soffice.bin
C:\Program\LSI SoftModem\agrsmsvc.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program\ESET\ESET Smart Security\ekrn.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program\Mozilla Firefox\firefox.exe
D:\Program\uTorrent\utorrent.exe
C:\Program\Trend Micro\HijackThis\jiz.exe.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] C:\Program\InterVideo\Common\Bin\WinRemote.exe
O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [egui] "C:\Program\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre6\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1237476882415
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1237476986055
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE0783C4-0949-4A1C-8274-631446972520}: NameServer = 195.67.199.12 195.67.199.13
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod-tjänst (iPodService) - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 8379 bytes
-
Hej Jiz!
Är det så att datorn är helt oåtkomlig, eller?
Finns möjlighet att på något vis installera prg-vara?
Om det råkar vara så att det skulle vara möjligt att kunna installera en prg-vara på HDD´n, så skulle jag kunna rekomendera att prova STINGER från McAfee. Annars så kan det bli lite knepigare!
Men jag gjorde mitt försök att komma på något iallafall.
Hoppas det löser sig.
Mvh/sunshine
Jag kan starta den å så, har ej provat att installerat, ska testa det, tack för tips
-
Låna en OEM-skiva med SP3 av någon... eller tillverka en egen.... så kan du skippa den gamla återställningspartitionen! Det är trots allt licensen du har betalt för... inte installationsmediet!
Hur gör jag då om jag ska fixa en egen OEM-skiva?
Enda utvägen nu är väl att köra återställningspartitionen?
-
Om Virut.nbm : ( ganska nytt )
http://answers.yahoo.com/question/index?qi...16134820AA6XUNq
Tack för tipset.
Men som sagt inget funkar på datorn, alla .exe verkar vara kaputtski
Jävla skit det det där.
Verkar vara det enda rätta att lägga in windows igen:( trista med det är att jag har en företags dator som är
ca 4 år gammal, med OEM på en egen hårddisk, = att datorn kommer att se ut som den gjorde för 4 år sedan med drivisar å allt
Hatar alla som håller på med VIRUS å skit
-
Installera Malwarebytes Antimalware enl. instruktion http://www.alltomxp.se/forum/index.php?showtopic=11094 och lämna loggan här på din tråd samtidigt med en TM HJT-logg.
Har lånat en annan dator nu, eftersom min ballat ur helt.
Går inte att göra mycket, för det mesta är rensat på min dator:( Eset varnade för Virut.NBM eller vad det hette å tok rensade allt?
Gjorde en HJT-logga, men jag kan inte ansluta till nätet, nätverksanslutningen är borta. försökte att kopiera över loggan till ett usb-minne men det går inte heller
Kollade i enhetshanteraren å där finns det inget
Vad göra???????
-
*********************************************
2009-06-06:
Tråden är låst då problemet är löst.
Tycker du att den är felaktigt låst, var god kontakta
*********************************************
Det började med att jag skulle uppdatera mina drivisar från ATI (Catalyst Control Center) som det började spöka!!!
Eset blockade å tog bort en j**la massa, sen gjorde jag en genomsök av datorn så hittade Eset över 1000 infiltrationer!!?!?
Hilfe!!!
Har Xp home
Mvh Jonas
Endel genvägar m.m i aktivitetsfältet funkar inte heller!
Och sopkorgen är borta från skrivbordet....
-
Hallo!!!
Har ett problem med att när jag ska stänga av datorn så sparas inställningar & allt, men sen kommer "vänta windows avslutas" utan att datorn stängs av, slutar med att man får göra en Bruno "dra ur sladden".
Vad göra?
Har XP Home ediotion
Mvh Jonas
-
Valde felsäkert läge
sen Microsoft Windows XP Home Edition
Så kom det upp efter det jag valde Felsäkert läge, var tvungen att välja Microsoft Windows XP Home Edition, annars kom jag inte vidare do vet.....
Har ju en piss hem-pc genom jobbet, special special med dom kanske, allt annat är ju hemsnickrat genom firman man köper av.
Ha de gött!!!
-
Ja det blir ju lite extra jobb med allt nu....
Jag bockade i som du skrev, sen fråga om starta om, gjorde det, sen var datorn som jag skrev första gången, svart skärm bara, väntade över 2 tim. hände nada. Är ju inget proffs så jag visste inte vad jag skulle göra för att komma in i windows igen :'( men men...... Nu borde det vara rent (he he)
-
Gick inte så bra det där :'(
Datorn startade aldrig, provade en j**la massa fick inte igång datorn.
Slutade med att jag fick köra recovery (som jag hatar för det bara är sk*t) så nu är datorn (C:/) sopren, ser ut som den gjorde för fyra år sen:( (he he)
Så nu borde det vara rent från otyg (he he)
-
Kunde ej starta i felsäkert läge!!
Valde felsäkert läge
sen Microsoft Windows XP Home Edition
hände inget mer, bara svart skärm med blinkande markör uppe i vänstra hörnet.......
Vad göra?
-
Multipoker fanns ej med i lägg till/ta bort prog.
Här kommer en ny TM HJT-logga....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:08, on 2008-11-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:ProgramWindows DefenderMsMpEng.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgramDelade filerLogiShrdLVMVFMLVPrcSrv.exe
C:WINDOWSExplorer.EXE
C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:ProgramBonjourmDNSResponder.exe
C:WINDOWSsystem32CTSvcCDA.EXE
C:ProgramESETESET Smart Securityekrn.exe
C:ProgramJavajre6binjqs.exe
C:WINDOWSsystem32CTHELPER.EXE
c:ProgramDelade filerLightScribeLSSrvc.exe
C:WINDOWSAGRSMMSG.exe
C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
C:WINDOWSsystem32hphmon06.exe
C:HPKBDKBD.EXE
C:ProgramESETESET Smart Securityegui.exe
D:ProgramAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe
C:ProgramHPHP Software UpdateHPWuSchd2.exe
C:ProgramWindows DefenderMSASCui.exe
C:ProgramATI TechnologiesATI.ACECore-StaticMOM.exe
C:ProgramJavajre6binjusched.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgramDelade filerAheadLibNMBgMonitor.exe
C:ProgramDelade filerAheadLibNMIndexStoreSvr.exe
C:ProgramATI TechnologiesATI.ACECore-Staticccc.exe
C:ProgramWindows Media PlayerWMPNSCFG.exe
C:ProgramPersonalbinPersonal.exe
C:ProgramWindows Desktop SearchWindowsSearch.exe
C:ProgramDelade filerMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSSystem32snmp.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:WINDOWSsystem32SearchIndexer.exe
C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
C:ProgramCanonCALCALMAIN.exe
C:WINDOWSSystem32svchost.exe
C:ProgramInternet Exploreriexplore.exe
C:ProgramInternet Exploreriexplore.exe
C:ProgramDelade filerMicrosoft SharedWindows LiveWLLoginProxy.exe
C:ProgramInternet Exploreriexplore.exe
C:ProgramJavajre6binjava.exe
C:WINDOWSsystem32wuauclt.exe
C:ProgramTrend MicroHijackThisjiz.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramDelade filerAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:ProgramHPDigital ImagingbinHPDTLK02.dll
O4 - HKLM..Run: [CTHelper] CTHELPER.EXE
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [HPHmon06] C:WINDOWSsystem32hphmon06.exe
O4 - HKLM..Run: [iSUSPM Startup] C:ProgramDELADE~1INSTAL~1UPDATE~1ISUSPM.exe -startup
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [updReg] C:WINDOWSUpdReg.EXE
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [NeroFilterCheck] C:ProgramDelade filerAheadLibNeroCheck.exe
O4 - HKLM..Run: [egui] "C:ProgramESETESET Smart Securityegui.exe" /hide /waitservice
O4 - HKLM..Run: [QuickTime Task] "C:ProgramQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [Adobe Photo Downloader] "D:ProgramAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:ProgramAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [HP Software Update] C:ProgramHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [Windows Defender] "C:ProgramWindows DefenderMSASCui.exe" -hide
O4 - HKLM..Run: [startCCC] "C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKLM..Run: [sunJavaUpdateSched] "C:ProgramJavajre6binjusched.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:ProgramDelade filerAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [WMPNSCFG] C:ProgramWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [Nokia.PCSync] D:ProgramNokia PC Suite 6PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUSS-1-5-18..RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [Nokia.PCSync] D:ProgramNokia PC Suite 6PcSync2.exe /NoDialog (User 'Default user')
O4 - HKUS.DEFAULT..RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: BankID säkerhetsprogram.lnk = C:ProgramPersonalbinPersonal.exe
O4 - Global Startup: Windows Search.lnk = C:ProgramWindows Desktop SearchWindowsSearch.exe
O9 - Extra button: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgramMultiPokerMultiPoker.exe
O9 - Extra 'Tools' menuitem: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgramMultiPokerMultiPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://start.tele2.se/portal/
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120136247583
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1130954928625
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - http://f010.mail.spray.se/app/uploader/FileUploader.cab
O17 - HKLMSystemCCSServicesTcpip..{8D53BC87-6BDC-47D1-8AC7-A0F56287B21D}: NameServer = 195.67.199.12,195.67.199.13
O17 - HKLMSystemCCSServicesTcpip..{CABFC147-1238-4BC1-9A63-B2B942C03799}: NameServer = 195.67.199.12 195.67.199.13
O23 - Service: Apple Mobile Device - Apple Inc. - C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:ProgramBonjourmDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:ProgramCanonCALCALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTSvcCDA.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:ProgramESETESET Smart SecurityEHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:ProgramESETESET Smart Securityekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:ProgramiPodbiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:ProgramDelade filerLightScribeLSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:ProgramDelade filerLogiShrdLVMVFMLVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:ProgramDelade filerLogiShrdSrvLnchSrvLnch.exe
O23 - Service: NBService - Nero AG - C:ProgramNeroNero 7Nero BackItUpNBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:ProgramPC Connectivity SolutionServiceLayer.exe
--
End of file - 11116 bytes
-
Kanon med proffs hjälp, tack så mycket....
Multipoker har jag ej installerat, använder inte ens det, bara att ta bort eller?
-
Vad var det jag tog bort?
Malwarebytes' Anti-Malware 1.30
Databasversion: 1405
Windows 5.1.2600 Service Pack 3
2008-11-17 20:33:46
mbam-log-2008-11-17 (20-33-46).txt
Skanningstyp: Snabb skanning
Antal skannade objekt: 58254
Förfluten tid: 6 minute(s), 16 second(s)
Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 0
Infekterade registervärden: 0
Infekterade registerdataposter: 0
Infekterade mappar: 0
Infekterade filer: 0
Infekterade minnesprocesser:
(Inga illasinnade poster hittades)
Infekterade minnesmoduler:
(Inga illasinnade poster hittades)
Infekterade registernycklar:
(Inga illasinnade poster hittades)
Infekterade registervärden:
(Inga illasinnade poster hittades)
Infekterade registerdataposter:
(Inga illasinnade poster hittades)
Infekterade mappar:
(Inga illasinnade poster hittades)
Infekterade filer:
(Inga illasinnade poster hittades)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:43, on 2008-11-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:ProgramWindows DefenderMsMpEng.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgramDelade filerLogiShrdLVMVFMLVPrcSrv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32CTHELPER.EXE
C:WINDOWSAGRSMMSG.exe
C:WINDOWSsystem32hphmon06.exe
C:HPKBDKBD.EXE
C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:ProgramBonjourmDNSResponder.exe
C:ProgramESETESET Smart Securityegui.exe
C:WINDOWSsystem32CTSvcCDA.EXE
C:ProgramESETESET Smart Securityekrn.exe
D:ProgramAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe
C:ProgramJavajre6binjqs.exe
C:ProgramHPHP Software UpdateHPWuSchd2.exe
c:ProgramDelade filerLightScribeLSSrvc.exe
C:ProgramATI TechnologiesATI.ACECore-StaticMOM.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgramDelade filerAheadLibNMBgMonitor.exe
C:ProgramWindows Media PlayerWMPNSCFG.exe
C:ProgramDelade filerAheadLibNMIndexStoreSvr.exe
C:ProgramPersonalbinPersonal.exe
C:ProgramWindows Desktop SearchWindowsSearch.exe
C:ProgramATI TechnologiesATI.ACECore-Staticccc.exe
C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
C:ProgramDelade filerMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSSystem32snmp.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:WINDOWSsystem32SearchIndexer.exe
C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
C:ProgramCanonCALCALMAIN.exe
C:WINDOWSSystem32svchost.exe
C:ProgramInternet Exploreriexplore.exe
C:ProgramDelade filerMicrosoft SharedWindows LiveWLLoginProxy.exe
C:ProgramTrend MicroHijackThisjiz.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramDelade filerAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:ProgramHPDigital ImagingbinHPDTLK02.dll
O4 - HKLM..Run: [CTHelper] CTHELPER.EXE
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [HPHmon06] C:WINDOWSsystem32hphmon06.exe
O4 - HKLM..Run: [iSUSPM Startup] C:ProgramDELADE~1INSTAL~1UPDATE~1ISUSPM.exe -startup
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [updReg] C:WINDOWSUpdReg.EXE
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [NeroFilterCheck] C:ProgramDelade filerAheadLibNeroCheck.exe
O4 - HKLM..Run: [egui] "C:ProgramESETESET Smart Securityegui.exe" /hide /waitservice
O4 - HKLM..Run: [QuickTime Task] "C:ProgramQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [Adobe Photo Downloader] "D:ProgramAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:ProgramAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [HP Software Update] C:ProgramHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [Windows Defender] "C:ProgramWindows DefenderMSASCui.exe" -hide
O4 - HKLM..Run: [startCCC] "C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:ProgramDelade filerAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [WMPNSCFG] C:ProgramWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [Nokia.PCSync] D:ProgramNokia PC Suite 6PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUSS-1-5-18..RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [Nokia.PCSync] D:ProgramNokia PC Suite 6PcSync2.exe /NoDialog (User 'Default user')
O4 - HKUS.DEFAULT..RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: BankID säkerhetsprogram.lnk = C:ProgramPersonalbinPersonal.exe
O4 - Global Startup: Windows Search.lnk = C:ProgramWindows Desktop SearchWindowsSearch.exe
O9 - Extra button: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgramMultiPokerMultiPoker.exe
O9 - Extra 'Tools' menuitem: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgramMultiPokerMultiPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://start.tele2.se/portal/
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120136247583
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1130954928625
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - http://f010.mail.spray.se/app/uploader/FileUploader.cab
O17 - HKLMSystemCCSServicesTcpip..{8D53BC87-6BDC-47D1-8AC7-A0F56287B21D}: NameServer = 195.67.199.12,195.67.199.13
O17 - HKLMSystemCCSServicesTcpip..{CABFC147-1238-4BC1-9A63-B2B942C03799}: NameServer = 195.67.199.12 195.67.199.13
O23 - Service: Apple Mobile Device - Apple Inc. - C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:ProgramBonjourmDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:ProgramCanonCALCALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTSvcCDA.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:ProgramESETESET Smart SecurityEHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:ProgramESETESET Smart Securityekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:ProgramiPodbiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:ProgramDelade filerLightScribeLSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:ProgramDelade filerLogiShrdLVMVFMLVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:ProgramDelade filerLogiShrdSrvLnchSrvLnch.exe
O23 - Service: NBService - Nero AG - C:ProgramNeroNero 7Nero BackItUpNBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:ProgramPC Connectivity SolutionServiceLayer.exe
--
End of file - 10491 bytes
Det kändes som om datorn startade upp snabbare efter detta....
-
*********************************************
2008-12-09:
Tråden är nu låst eftersom problemet är löst
Tycker du att den är felaktigt låst, var god kontakta
*********************************************
Har nog något oönskat i datorn!!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:19:48, on 2008-11-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:ProgramWindows DefenderMsMpEng.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgramDelade filerLogiShrdLVMVFMLVPrcSrv.exe
C:WINDOWSExplorer.EXE
C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:ProgramBonjourmDNSResponder.exe
C:WINDOWSsystem32CTSvcCDA.EXE
C:ProgramESETESET Smart Securityekrn.exe
C:ProgramJavajre6binjqs.exe
c:ProgramDelade filerLightScribeLSSrvc.exe
C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
C:windowssystemhpsysdrv.exe
C:WINDOWSsystem32CTHELPER.EXE
C:WINDOWSAGRSMMSG.exe
C:WINDOWSsystem32hphmon06.exe
C:HPKBDKBD.EXE
C:ProgramESETESET Smart Securityegui.exe
C:ProgramDelade filerMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32tcpsvcs.exe
C:WINDOWSSystem32snmp.exe
C:ProgramATI TechnologiesATI.ACECore-StaticMOM.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:WINDOWSsystem32SearchIndexer.exe
C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
C:ProgramHPHP Software UpdateHPWuSchd2.exe
C:ProgramJavajre6binjusched.exe
C:ProgramWindows DefenderMSASCui.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgramDelade filerAheadLibNMBgMonitor.exe
C:ProgramWindows Media PlayerWMPNSCFG.exe
C:ProgramDelade filerAheadLibNMIndexStoreSvr.exe
C:ProgramATI TechnologiesATI.ACECore-Staticccc.exe
C:ProgramPersonalbinPersonal.exe
C:ProgramWindows Desktop SearchWindowsSearch.exe
C:ProgramCanonCALCALMAIN.exe
C:ProgramPC Connectivity SolutionServiceLayer.exe
C:WINDOWSSystem32svchost.exe
C:ProgramInternet Exploreriexplore.exe
C:ProgramDelade filerMicrosoft SharedWindows LiveWLLoginProxy.exe
D:ProgramuTorrentutorrent.exe
C:ProgramTrend MicroHijackThisjiz.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramDelade filerAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:ProgramHPDigital ImagingbinHPDTLK02.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [CTHelper] CTHELPER.EXE
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [HPHmon06] C:WINDOWSsystem32hphmon06.exe
O4 - HKLM..Run: [iSUSPM Startup] C:ProgramDELADE~1INSTAL~1UPDATE~1ISUSPM.exe -startup
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [updReg] C:WINDOWSUpdReg.EXE
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [NeroFilterCheck] C:ProgramDelade filerAheadLibNeroCheck.exe
O4 - HKLM..Run: [egui] "C:ProgramESETESET Smart Securityegui.exe" /hide /waitservice
O4 - HKLM..Run: [PCSuiteTrayApplication] D:ProgramNokia PC Suite 6LaunchApplication.exe -startup
O4 - HKLM..Run: [QuickTime Task] "C:ProgramQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AppleSyncNotifier] C:ProgramDelade filerAppleMobile Device SupportbinAppleSyncNotifier.exe
O4 - HKLM..Run: [startCCC] "C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKLM..Run: [Adobe Photo Downloader] "D:ProgramAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:ProgramAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [HP Software Update] C:ProgramHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [sunJavaUpdateSched] "C:ProgramJavajre6binjusched.exe"
O4 - HKLM..Run: [Windows Defender] "C:ProgramWindows DefenderMSASCui.exe" -hide
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:ProgramDelade filerAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [TomTomHOME.exe] "D:ProgramTomTom HOME 2HOMERunner.exe"
O4 - HKCU..Run: [WMPNSCFG] C:ProgramWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [Nokia.PCSync] D:ProgramNokia PC Suite 6PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUSS-1-5-18..RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [Nokia.PCSync] D:ProgramNokia PC Suite 6PcSync2.exe /NoDialog (User 'Default user')
O4 - HKUS.DEFAULT..RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: BankID säkerhetsprogram.lnk = C:ProgramPersonalbinPersonal.exe
O4 - Global Startup: Windows Search.lnk = C:ProgramWindows Desktop SearchWindowsSearch.exe
O9 - Extra button: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgramMultiPokerMultiPoker.exe
O9 - Extra 'Tools' menuitem: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgramMultiPokerMultiPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://start.tele2.se/portal/
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120136247583
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1130954928625
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - http://f010.mail.spray.se/app/uploader/FileUploader.cab
O17 - HKLMSystemCCSServicesTcpip..{8D53BC87-6BDC-47D1-8AC7-A0F56287B21D}: NameServer = 195.67.199.12,195.67.199.13
O17 - HKLMSystemCCSServicesTcpip..{CABFC147-1238-4BC1-9A63-B2B942C03799}: NameServer = 195.67.199.12 195.67.199.13
O23 - Service: Apple Mobile Device - Apple Inc. - C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:ProgramBonjourmDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:ProgramCanonCALCALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTSvcCDA.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:ProgramESETESET Smart SecurityEHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:ProgramESETESET Smart Securityekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:ProgramiPodbiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:ProgramDelade filerLightScribeLSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:ProgramDelade filerLogiShrdLVCOMSERLVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:ProgramDelade filerLogiShrdLVMVFMLVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:ProgramDelade filerLogiShrdSrvLnchSrvLnch.exe
O23 - Service: NBService - Nero AG - C:ProgramNeroNero 7Nero BackItUpNBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:ProgramPC Connectivity SolutionServiceLayer.exe
--
End of file - 11130 bytes
Malwarebytes' Anti-Malware 1.30
Databasversion: 1403
Windows 5.1.2600 Service Pack 3
2008-11-17 14:21:09
mbam-log-2008-11-17 (14-21-09).txt
Skanningstyp: Snabb skanning
Antal skannade objekt: 58747
Förfluten tid: 7 minute(s), 12 second(s)
Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 2
Infekterade registervärden: 2
Infekterade registerdataposter: 0
Infekterade mappar: 8
Infekterade filer: 8
Infekterade minnesprocesser:
(Inga illasinnade poster hittades)
Infekterade minnesmoduler:
(Inga illasinnade poster hittades)
Infekterade registernycklar:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USERSOFTWARERegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Infekterade registervärden:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInstallerFoldersc:programregistrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInstallerFoldersc:programregistrysmartmicrosoft.vc80.mfc (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Infekterade registerdataposter:
(Inga illasinnade poster hittades)
Infekterade mappar:
C:ProgramAscentive (Rogue.Multiple) -> Quarantined and deleted successfully.
C:ProgramAscentivePerformance Center (Rogue.Multiple) -> Quarantined and deleted successfully.
C:WINDOWSprivacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:WINDOWSprivacy_dangerimages (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:ProgramRegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:ProgramRegistrySmartMicrosoft.VC80.MFC (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:Documents and SettingsHP_ÄgarenApplication DataRegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:Documents and SettingsHP_ÄgarenApplication DataRegistrySmartLog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Infekterade filer:
C:ProgramAscentivePerformance CenterGUID (Rogue.Multiple) -> Quarantined and deleted successfully.
C:WINDOWSprivacy_dangerindex.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:WINDOWSprivacy_dangerimagescapt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:WINDOWSprivacy_dangerimagesdanger.jpg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:WINDOWSprivacy_dangerimagesdown.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:WINDOWSprivacy_dangerimagesspacer.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:Documents and SettingsHP_ÄgarenApplication DataRegistrySmartLog2007 Sep 21 - 06_45_56 PM_156.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:Documents and SettingsHP_ÄgarenApplication DataRegistrySmartLog2007 Sep 21 - 06_45_59 PM_203.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HJT logga!
i Borttagning av virus och andra skadliga program
Postad
Nån blåskärm har man ju varit med om, men det var ett tag sedan.
Datorn blir "varm" fläktarna går igång å brummar som fan ibland.
Du skrev så här "Kan inte se något skadligt i din logg. Men det är ju inte mycket skadligt som syns i en HijackThis-logg." Kan man kolla upp det på något annat sätt?
Tack för hjälpen