queball Posted September 28, 2008 Posted September 28, 2008 ********************************************* 2009-01-08: Tråden är nu låst. Tycker du att den är felaktigt låst, var god kontakta Malou ********************************************* Hejsan! jag har problem med att explorer öppnar nya fönster md reklam bla tryggpcverktyg. min hjt logg här Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:05:45, on 2008-09-28 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Windowssystem32taskeng.exe C:Program FilesWindows DefenderMSASCui.exe C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe C:Program FilesJavajre1.6.0_07binjusched.exe C:Program FilesWindows Sidebarsidebar.exe C:Program FilesCommon FilesSymantec SharedccSvcHst.exe C:Windowsehomeehtray.exe C:Program FilesDAEMON Toolsdaemon.exe C:Program FilesWindows Media Playerwmpnscfg.exe C:WindowsSystem32rundll32.exe C:Windowsehomeehmsas.exe C:WindowsSystem32rundll32.exe C:WindowsSystem32rundll32.exe C:PROGRA~1HEWLET~1SharedHPQTOA~1.EXE C:Program FilesWindows Sidebarsidebar.exe C:Program FilesSynapticsSynTPSynTPHelper.exe C:Windowssystem32wbemunsecapp.exe C:Program FilesInternet Explorerieuser.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesWindows LiveToolbarwltuser.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe C:Windowssystem32conime.exe C:Windowssystem32MacromedFlashFlashUtil9f.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesTrend MicroHijackThisHijackThis.exe C:Windowssystem32SearchFilterHost.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.superstart.se/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07binssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07binjusched.exe" O4 - HKLM..Run: [synTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe O4 - HKCU..Run: [steam] "c:program filesvalvesteamsteam.exe" -silent O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1isuspm.exe -startup O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033 O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKCU..Run: [cmds] rundll32.exe C:UsersstevenAppDataLocalTempiifGVPGA.dll,c O4 - HKCU..Run: [17ba3a0f] rundll32.exe "C:UsersstevenAppDataLocalTemprjsqnurk.dll",b O4 - HKCU..Run: [bM14890993] Rundll32.exe "C:UsersstevenAppDataLocalTempasdoooii.dll",s O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000 O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MIC273~1WEB2~1Office12REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ss/sa...abs/tgctlsr.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/...NPUpldsv-se.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Awareaawservice.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsAddFiltr.exe O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:MAGIXCommonDatabasebinfbserver.exe O23 - Service: GtFlashSwitch - OptionNV - C:Program FilesCommon FilesGtFlashSwitchGtFlashSwitch.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 12106 bytes
Guest Malou Posted September 28, 2008 Posted September 28, 2008 Hej queball! Ser ut som att även du har drabbats av en Vundoinfektion som härjar omkring i systemet. För att stänga ner dessa popupfönster så klicka på X'et snett upp till höger i popupen och ingen annanstans. Döp om filen HiJack This.exe enligt instruktionerna C:Program FilesTrend MicroHijackThisHijackThis.exe Stäng även av/avaktivera Windows Defender under pågående procedurer. => Instruktioner för Trend Micro HiJack This Skriv ut nedanstående eller kopiera det till ett textdokument och spara det till skrivbordet: Läs/Följ instruktionerna noga: Hämta hem Malwarebytes Anti-Malware: http://www.besttechie.net/tools/mbam-setup.exe 1: Spara installationsfilen till skrivbordet 2: För att påbörja installationen dubbelklicka på mbam-setup.exe 3: Bocka för nedanstående Uppdatera Malwarebytes' Anti-Malware Starta Malwarebytes' Anti-Malware 4: Klicka på Slutför Om där finns uppdateringar kommer dessa att installeras. Då ovanstående är gjort gå vidare med nedanstående procedur: 1: När programmet startar så välj Utför snabb scanning 2: Klicka på knappen Scanna 3: Scanningen kommer nu att ta en stund 3: När programmet scannat klart klicka Ok och sedan Visa resultat 4: Bocka för allt och klicka på Remove Selected 5: Då borttagningen är klar kommer en textfil i Anteckningar att öppnas upp med en logg. Kopiera/klistra in den loggan hit till din tråd. 6: Gör en ny TM HJT-logga kopiera in den hit så får vi se hur den ser ut. MVH/Malou
queball Posted September 28, 2008 Author Posted September 28, 2008 Malwarebytes' Anti-Malware 1.28 Databasversion: 1220 Windows 6.0.6001 Service Pack 1 2008-09-28 19:30:42 mbam-log-2008-09-28 (19-30-42).txt Skanningstyp: Snabb skanning Antal skannade objekt: 59073 Förfluten tid: 12 minute(s), 6 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 2 Infekterade registernycklar: 3 Infekterade registervärden: 3 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 9 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: C:UsersstevenAppDataLocalTemprjsqnurk.dll (Trojan.Vundo) -> Delete on reboot. C:UsersstevenAppDataLocalTempiifGVPGA.dll (Trojan.Vundo) -> Delete on reboot. Infekterade registernycklar: HKEY_CURRENT_USERSOFTWAREMicrosoftrdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USERSOFTWAREMicrosoftcontim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USERSOFTWAREMicrosoftdslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. Infekterade registervärden: HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRuncmds (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun17ba3a0f (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunbm14890993 (Trojan.Agent) -> Quarantined and deleted successfully. Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: C:UsersstevenAppDataLocalTempiifGVPGA.dll (Trojan.Vundo) -> Delete on reboot. C:UsersstevenAppDataLocalTemprjsqnurk.dll (Trojan.Vundo) -> Delete on reboot. C:UsersstevenAppDataLocalTempiaqapuaa.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:UsersstevenAppDataLocalTemptprmorrr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:UsersstevenAppDataLocalTemppkcbteti.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:UsersstevenAppDataLocalTempjqkulnwk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:UsersstevenAppDataLocalTempjrebxukj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:UsersstevenAppDataLocalTemprkcajeqg.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:UsersstevenAppDataLocalTempasdoooii.dll (Trojan.Agent) -> Delete on reboot.
queball Posted September 28, 2008 Author Posted September 28, 2008 hjt loggen.. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:00:26, on 2008-09-28 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Windowssystem32taskeng.exe C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe C:Program FilesJavajre1.6.0_07binjusched.exe C:Program FilesCommon FilesSymantec SharedccSvcHst.exe C:Program FilesWindows Sidebarsidebar.exe C:Windowsehomeehtray.exe C:Program FilesDAEMON Toolsdaemon.exe C:Program FilesWindows Media Playerwmpnscfg.exe C:Windowsehomeehmsas.exe C:Program FilesWindows Sidebarsidebar.exe C:PROGRA~1HEWLET~1SharedHPQTOA~1.EXE C:Windowssystem32wbemunsecapp.exe C:Program FilesSynapticsSynTPSynTPHelper.exe C:Program FilesInternet Explorerieuser.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesWindows LiveToolbarwltuser.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe C:Windowssystem32conime.exe C:Program FilesTrend MicroHijackThisQueball.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.superstart.se/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07binssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07binjusched.exe" O4 - HKLM..Run: [synTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe O4 - HKCU..Run: [steam] "c:program filesvalvesteamsteam.exe" -silent O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1isuspm.exe -startup O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033 O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000 O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MIC273~1WEB2~1Office12REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ss/sa...abs/tgctlsr.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/...NPUpldsv-se.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Awareaawservice.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsAddFiltr.exe O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:MAGIXCommonDatabasebinfbserver.exe O23 - Service: GtFlashSwitch - OptionNV - C:Program FilesCommon FilesGtFlashSwitchGtFlashSwitch.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 11530 bytes
Guest Malou Posted September 28, 2008 Posted September 28, 2008 Hej queball! Såja nu ser det genast lite bättre ut. Malwarebytes' Anti-Malware har hittat samt åtgärdat en del av det upphittade. Starta om datorn Gör en ny scanning med Malwarebytes' Anti-Malware Låt den ta bort resterande som den hittar Kopiera in den nya loggan du får upp Gör en ny TM HJT-logga och kopiera in även den Berätta/Tala om hur datorn mår MVH/Malou
queball Posted September 28, 2008 Author Posted September 28, 2008 alwarebytes' Anti-Malware 1.28 Databasversion: 1220 Windows 6.0.6001 Service Pack 1 2008-09-28 20:37:40 mbam-log-2008-09-28 (20-37-40).txt Skanningstyp: Snabb skanning Antal skannade objekt: 50740 Förfluten tid: 6 minute(s), 4 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 0 Infekterade registernycklar: 0 Infekterade registervärden: 0 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 0 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: (Inga illasinnade poster hittades) Infekterade registernycklar: (Inga illasinnade poster hittades) Infekterade registervärden: (Inga illasinnade poster hittades) Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: (Inga illasinnade poster hittades) hjt logg Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:40:04, on 2008-09-28 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Windowssystem32taskeng.exe C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe C:Program FilesJavajre1.6.0_07binjusched.exe C:Program FilesSynapticsSynTPSynTPStart.exe C:Program FilesWindows Sidebarsidebar.exe C:Program FilesCommon FilesSymantec SharedccSvcHst.exe C:Windowsehomeehtray.exe C:Program FilesDAEMON Toolsdaemon.exe C:Program FilesWindows Media Playerwmpnscfg.exe C:Windowsehomeehmsas.exe C:Program FilesWindows Sidebarsidebar.exe C:Windowssystem32wbemunsecapp.exe C:PROGRA~1HEWLET~1SharedHPQTOA~1.EXE C:Program FilesSynapticsSynTPSynTPHelper.exe C:Program FilesInternet Explorerieuser.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesWindows LiveToolbarwltuser.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe C:Windowssystem32conime.exe C:Windowssystem32NOTEPAD.EXE C:Program FilesTrend MicroHijackThisQueball.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.superstart.se/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07binssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07binjusched.exe" O4 - HKLM..Run: [synTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe O4 - HKCU..Run: [steam] "c:program filesvalvesteamsteam.exe" -silent O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1isuspm.exe -startup O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033 O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000 O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MIC273~1WEB2~1Office12REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ss/sa...abs/tgctlsr.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/...NPUpldsv-se.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Awareaawservice.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsAddFiltr.exe O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:MAGIXCommonDatabasebinfbserver.exe O23 - Service: GtFlashSwitch - OptionNV - C:Program FilesCommon FilesGtFlashSwitchGtFlashSwitch.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 11612 bytes nu så verkar den funka tack!!
Guest Malou Posted September 28, 2008 Posted September 28, 2008 Hej queball! Varsegod och tack själv för att vi fick hjälpa. Härligt att höra att datorn mår bra igen. Malwarebytes' Anti-Malware ser ren och fin ut. Mycket bra. TM HJT-loggan: Ser att du har äldre versioner av Javan installerad. Avinstallera alla äldre Javaversioner via kontrollpanelen lägg till/ta bort. Men behåll den nyare versionen jre1.6.0_07 som jag ser att du har installerat. För övrigt kan jag inte se till några otrevligheter eller andra konstigheter längre. Och här kommer mina sedvanliga rekommendationer: Hämta hem/installera ALLA SÄKERHETSUPPDATERINGAR/PATCHAR M.M. Hämta hem/installera SP1/SP3 för det Operativsystem som används (Windows XP/Windows Vista). Finns att hämta hem från Windows Update/Microsoft Update. Allt hittas på nedanstående sida under fliken Lite Tips & Råd för en säkrare dator: Läs gärna även informationen under fliken Hur blev jag infekterad? =>Dator&IT-Säkerhet: MVH/Malou
queball Posted September 30, 2008 Author Posted September 30, 2008 hmm .fick ett litet delikat problem efter allt fixande. å trixande jag kan inte byta skrivbordsbakgrund längre.hmm nån som har nått svar på hur jag går till väga ..kör vista,
Guest Malou Posted September 30, 2008 Posted September 30, 2008 Hej queball! hmm .fick ett litet delikat problem efter allt fixande. å trixandejag kan inte byta skrivbordsbakgrund längre.hmm Uppstod detta i samband med våra procedurer? Eller har du själv gjort något fixande/trixande efter det att vi var klara? Har du eventuellt kört något verktyg på egen hand? Vet tyvärr inte om det ser likadant ut i Vista som i XP. Men prova med nedanstående så håller vi tummarna Om du har problem med din bakgrundsbild: 1: Ta fram Kontrollpanelen 2: Bildskärm 3: Skrivbord 4: Anpassa skrivbordet 5: Webb 6: Avbocka Security Info / privacy protection eller liknande om det finns. MVH/Malou
queball Posted September 30, 2008 Author Posted September 30, 2008 kan vara efter jag försökteb med en system återställning.. har inte dom alternativen du beskriver vista ser lite anorlunda ut än xp där..
Guest Malou Posted September 30, 2008 Posted September 30, 2008 Hej queball! kan vara efter jag försökteb med en system återställning.. Jaha??????? Och varför har du gjort en systemåterställning? Innebär detta att du nu har återställt allt vi har rensat bort? MVH/Malou
queball Posted September 30, 2008 Author Posted September 30, 2008 nja ......nej dåå!! försökte med det innan jag fick din eminenta hjlp ..men den ville inte återställa..
Guest Malou Posted September 30, 2008 Posted September 30, 2008 Hej queball! nja ......nej dåå!! Känner en viss oro här nja ......nej dåå!! försökte med det innan jag fick din eminenta hjlp ..men den ville inte återställa.. Tack för dina vänliga ord! Men jag förstår inte riktigt? Du försökte med en återställning av systemet innan rensningsprocedurerna och den ville inte vara med på noterna om jag förstår dig rätt. Detta beror då på att den infektionen du hade i systemet förhindrade detta (inget ovanligt). Och nu? Har du försökt att göra en systemåterställning nu? Hur ser din bakgrunsdbild ut nu idag? MVH/Malou
Guest Malou Posted September 30, 2008 Posted September 30, 2008 Hej queball! Här hittade jag något som kanske kan vara dig till hjälp Ändra skrivbordsbakgrund (skrivbordsunderlägg) Gäller för alla utgåvor av Windows Vista. http://windowshelp.microsoft.com/Windows/s...0b8f5f1053.mspx MVH/Malou
queball Posted October 1, 2008 Author Posted October 1, 2008 Jag har fixat det .. gjorde en systemåterställning och har sedan kör malware samt hjt..så nu funkar allt perfekt. ;D Tack änn en gång för all hjälp!! //Q
Guest Malou Posted October 1, 2008 Posted October 1, 2008 Hej queball! Varsegod och tack själv för att vi fick hjälpa! Härligt att höra att du fick ordning på det hela till slut Ha det så bra och var rädd om datorn! MVH/Malou
Recommended Posts