Internet Explorer öppnar nya fönster med reklam

[queball]

*********************************************

2009-01-08:

Tråden är nu låst.

Tycker du att den är felaktigt låst, var god kontakta

Malou

*********************************************

Hejsan!

jag har problem med att explorer öppnar nya fönster md reklam bla tryggpcverktyg.

min hjt logg här

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:05:45, on 2008-09-28

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:Windowssystem32Dwm.exe

C:WindowsExplorer.EXE

C:Windowssystem32taskeng.exe

C:Program FilesWindows DefenderMSASCui.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe

C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe

C:Program FilesJavajre1.6.0_07binjusched.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

C:Windowsehomeehtray.exe

C:Program FilesDAEMON Toolsdaemon.exe

C:Program FilesWindows Media Playerwmpnscfg.exe

C:WindowsSystem32rundll32.exe

C:Windowsehomeehmsas.exe

C:WindowsSystem32rundll32.exe

C:WindowsSystem32rundll32.exe

C:PROGRA~1HEWLET~1SharedHPQTOA~1.EXE

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesSynapticsSynTPSynTPHelper.exe

C:Windowssystem32wbemunsecapp.exe

C:Program FilesInternet Explorerieuser.exe

C:Program FilesInternet Exploreriexplore.exe

C:Program FilesWindows LiveToolbarwltuser.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe

C:Windowssystem32conime.exe

C:Windowssystem32MacromedFlashFlashUtil9f.exe

C:Program FilesInternet Exploreriexplore.exe

C:Program FilesTrend MicroHijackThisHijackThis.exe

C:Windowssystem32SearchFilterHost.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.superstart.se/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07binssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll

O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll

O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll

O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe

O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe

O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe

O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07binjusched.exe"

O4 - HKLM..Run: [synTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe

O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"

O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun

O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe

O4 - HKCU..Run: [steam] "c:program filesvalvesteamsteam.exe" -silent

O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1isuspm.exe -startup

O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033

O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe

O4 - HKCU..Run: [cmds] rundll32.exe C:UsersstevenAppDataLocalTempiifGVPGA.dll,c

O4 - HKCU..Run: [17ba3a0f] rundll32.exe "C:UsersstevenAppDataLocalTemprjsqnurk.dll",b

O4 - HKCU..Run: [bM14890993] Rundll32.exe "C:UsersstevenAppDataLocalTempasdoooii.dll",s

O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MIC273~1WEB2~1Office12REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ss/sa...abs/tgctlsr.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/...NPUpldsv-se.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Awareaawservice.exe

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsAddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe

O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:MAGIXCommonDatabasebinfbserver.exe

O23 - Service: GtFlashSwitch - OptionNV - C:Program FilesCommon FilesGtFlashSwitchGtFlashSwitch.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe

O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe

O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--

End of file - 12106 bytes

[Gäst Malou]

Hej queball!

Ser ut som att även du har drabbats av en Vundoinfektion som härjar omkring i systemet.

För att stänga ner dessa popupfönster så klicka på X'et snett upp till höger i popupen och ingen annanstans.

Döp om filen HiJack This.exe enligt instruktionerna

C:Program FilesTrend MicroHijackThisHijackThis.exe

Stäng även av/avaktivera Windows Defender under pågående procedurer.

=> Instruktioner för Trend Micro HiJack This

Skriv ut nedanstående eller kopiera det till ett textdokument och spara det till skrivbordet:

Läs/Följ instruktionerna noga:

Hämta hem Malwarebytes Anti-Malware:

http://www.besttechie.net/tools/mbam-setup.exe

1: Spara installationsfilen till skrivbordet

2: För att påbörja installationen dubbelklicka på mbam-setup.exe

3: Bocka för nedanstående

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

4: Klicka på Slutför

Om där finns uppdateringar kommer dessa att installeras.

Då ovanstående är gjort gå vidare med nedanstående procedur:

1: När programmet startar så välj Utför snabb scanning

2: Klicka på knappen Scanna

3: Scanningen kommer nu att ta en stund

3: När programmet scannat klart klicka Ok och sedan Visa resultat

4: Bocka för allt och klicka på Remove Selected

5: Då borttagningen är klar kommer en textfil i Anteckningar att öppnas upp med en logg. Kopiera/klistra in den loggan hit till din tråd.

6: Gör en ny TM HJT-logga kopiera in den hit så får vi se hur den ser ut.

MVH/Malou

[queball]

Malwarebytes' Anti-Malware 1.28

Databasversion: 1220

Windows 6.0.6001 Service Pack 1

2008-09-28 19:30:42

mbam-log-2008-09-28 (19-30-42).txt

Skanningstyp: Snabb skanning

Antal skannade objekt: 59073

Förfluten tid: 12 minute(s), 6 second(s)

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 2

Infekterade registernycklar: 3

Infekterade registervärden: 3

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 9

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

Infekterade minnesmoduler:

C:UsersstevenAppDataLocalTemprjsqnurk.dll (Trojan.Vundo) -> Delete on reboot.

C:UsersstevenAppDataLocalTempiifGVPGA.dll (Trojan.Vundo) -> Delete on reboot.

Infekterade registernycklar:

HKEY_CURRENT_USERSOFTWAREMicrosoftrdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USERSOFTWAREMicrosoftcontim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USERSOFTWAREMicrosoftdslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.

Infekterade registervärden:

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRuncmds (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun17ba3a0f (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunbm14890993 (Trojan.Agent) -> Quarantined and deleted successfully.

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

Infekterade mappar:

(Inga illasinnade poster hittades)

Infekterade filer:

C:UsersstevenAppDataLocalTempiifGVPGA.dll (Trojan.Vundo) -> Delete on reboot.

C:UsersstevenAppDataLocalTemprjsqnurk.dll (Trojan.Vundo) -> Delete on reboot.

C:UsersstevenAppDataLocalTempiaqapuaa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:UsersstevenAppDataLocalTemptprmorrr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:UsersstevenAppDataLocalTemppkcbteti.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:UsersstevenAppDataLocalTempjqkulnwk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:UsersstevenAppDataLocalTempjrebxukj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:UsersstevenAppDataLocalTemprkcajeqg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:UsersstevenAppDataLocalTempasdoooii.dll (Trojan.Agent) -> Delete on reboot.

[queball]

hjt loggen..

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:00:26, on 2008-09-28

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:Windowssystem32Dwm.exe

C:WindowsExplorer.EXE

C:Windowssystem32taskeng.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe

C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe

C:Program FilesJavajre1.6.0_07binjusched.exe

C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Windowsehomeehtray.exe

C:Program FilesDAEMON Toolsdaemon.exe

C:Program FilesWindows Media Playerwmpnscfg.exe

C:Windowsehomeehmsas.exe

C:Program FilesWindows Sidebarsidebar.exe

C:PROGRA~1HEWLET~1SharedHPQTOA~1.EXE

C:Windowssystem32wbemunsecapp.exe

C:Program FilesSynapticsSynTPSynTPHelper.exe

C:Program FilesInternet Explorerieuser.exe

C:Program FilesInternet Exploreriexplore.exe

C:Program FilesWindows LiveToolbarwltuser.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe

C:Windowssystem32conime.exe

C:Program FilesTrend MicroHijackThisQueball.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.superstart.se/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07binssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll

O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll

O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll

O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe

O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe

O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe

O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07binjusched.exe"

O4 - HKLM..Run: [synTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe

O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"

O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun

O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe

O4 - HKCU..Run: [steam] "c:program filesvalvesteamsteam.exe" -silent

O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1isuspm.exe -startup

O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033

O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe

O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MIC273~1WEB2~1Office12REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ss/sa...abs/tgctlsr.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/...NPUpldsv-se.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Awareaawservice.exe

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsAddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe

O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:MAGIXCommonDatabasebinfbserver.exe

O23 - Service: GtFlashSwitch - OptionNV - C:Program FilesCommon FilesGtFlashSwitchGtFlashSwitch.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe

O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe

O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--

End of file - 11530 bytes

[Gäst Malou]

Hej queball!

Såja nu ser det genast lite bättre ut.

Malwarebytes' Anti-Malware har hittat samt åtgärdat en del av det upphittade.

Starta om datorn

Gör en ny scanning med Malwarebytes' Anti-Malware

Låt den ta bort resterande som den hittar

Kopiera in den nya loggan du får upp

Gör en ny TM HJT-logga och kopiera in även den

Berätta/Tala om hur datorn mår

MVH/Malou

[queball]

alwarebytes' Anti-Malware 1.28

Databasversion: 1220

Windows 6.0.6001 Service Pack 1

2008-09-28 20:37:40

mbam-log-2008-09-28 (20-37-40).txt

Skanningstyp: Snabb skanning

Antal skannade objekt: 50740

Förfluten tid: 6 minute(s), 4 second(s)

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

Infekterade registernycklar:

(Inga illasinnade poster hittades)

Infekterade registervärden:

(Inga illasinnade poster hittades)

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

Infekterade mappar:

(Inga illasinnade poster hittades)

Infekterade filer:

(Inga illasinnade poster hittades)

hjt logg

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:40:04, on 2008-09-28

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:Windowssystem32Dwm.exe

C:WindowsExplorer.EXE

C:Windowssystem32taskeng.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe

C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe

C:Program FilesJavajre1.6.0_07binjusched.exe

C:Program FilesSynapticsSynTPSynTPStart.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

C:Windowsehomeehtray.exe

C:Program FilesDAEMON Toolsdaemon.exe

C:Program FilesWindows Media Playerwmpnscfg.exe

C:Windowsehomeehmsas.exe

C:Program FilesWindows Sidebarsidebar.exe

C:Windowssystem32wbemunsecapp.exe

C:PROGRA~1HEWLET~1SharedHPQTOA~1.EXE

C:Program FilesSynapticsSynTPSynTPHelper.exe

C:Program FilesInternet Explorerieuser.exe

C:Program FilesInternet Exploreriexplore.exe

C:Program FilesWindows LiveToolbarwltuser.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe

C:Windowssystem32conime.exe

C:Windowssystem32NOTEPAD.EXE

C:Program FilesTrend MicroHijackThisQueball.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.superstart.se/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07binssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll

O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll

O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll

O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide

O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe

O4 - HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe

O4 - HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe

O4 - HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07binjusched.exe"

O4 - HKLM..Run: [synTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe

O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"

O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun

O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe

O4 - HKCU..Run: [steam] "c:program filesvalvesteamsteam.exe" -silent

O4 - HKCU..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1isuspm.exe -startup

O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033

O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe

O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJR1916~1.0_0binssv.dll

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MIC273~1WEB2~1Office12REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ss/sa...abs/tgctlsr.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/...NPUpldsv-se.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Awareaawservice.exe

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsAddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe

O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:Program FilesHPQuickPlayKernelTVCLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:MAGIXCommonDatabasebinfbserver.exe

O23 - Service: GtFlashSwitch - OptionNV - C:Program FilesCommon FilesGtFlashSwitchGtFlashSwitch.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe

O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe

O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--

End of file - 11612 bytes

nu så verkar den funka

tack!!

[Gäst Malou]

Hej queball!

Varsegod och tack själv för att vi fick hjälpa.

Härligt att höra att datorn mår bra igen.

Malwarebytes' Anti-Malware ser ren och fin ut. Mycket bra.

TM HJT-loggan:

Ser att du har äldre versioner av Javan installerad. Avinstallera alla äldre Javaversioner via kontrollpanelen lägg till/ta bort. Men behåll den nyare versionen jre1.6.0_07 som jag ser att du har installerat.

För övrigt kan jag inte se till några otrevligheter eller andra konstigheter längre.

Och här kommer mina sedvanliga rekommendationer:

Hämta hem/installera ALLA SÄKERHETSUPPDATERINGAR/PATCHAR M.M. 

Hämta hem/installera SP1/SP3 för det Operativsystem som används

(Windows XP/Windows Vista).

Finns att hämta hem från Windows Update/Microsoft Update.

Allt hittas på nedanstående sida under fliken Lite Tips & Råd för en säkrare dator:

Läs gärna även informationen under fliken Hur blev jag infekterad?

=>Dator&IT-Säkerhet:

MVH/Malou

[queball]

hmm .fick ett litet delikat problem efter allt fixande. å trixande

jag kan inte byta skrivbordsbakgrund längre.hmm

nån som har nått svar på hur jag går till väga ..kör vista,

[Gäst Malou]

Hej queball!

hmm .fick ett litet delikat problem efter allt fixande. å trixande

jag kan inte byta skrivbordsbakgrund längre.hmm

Uppstod detta i samband med våra procedurer?

Eller har du själv gjort något fixande/trixande efter det att vi var klara?

Har du eventuellt kört något verktyg på egen hand?

Vet tyvärr inte om det ser likadant ut i Vista som i XP. Men prova med nedanstående så håller vi tummarna

Om du har problem med din bakgrundsbild:

1: Ta fram Kontrollpanelen

2: Bildskärm

3: Skrivbord

4: Anpassa skrivbordet

5: Webb

6: Avbocka Security Info / privacy protection eller liknande om det finns.

MVH/Malou

[queball]

kan vara efter jag försökteb med en system återställning..

har inte dom alternativen du beskriver

vista ser lite anorlunda ut  än xp där..

[Gäst Malou]

Hej queball!

kan vara efter jag försökteb med en system återställning..

Jaha???????

Och varför har du gjort en systemåterställning?

Innebär detta att du nu har återställt allt vi har rensat bort?

MVH/Malou

[queball]

nja ......nej dåå!!  försökte med det innan jag fick din eminenta hjlp ..men den ville inte återställa..

[Gäst Malou]

Hej queball!

nja ......nej dåå!!

Känner en viss oro här

nja ......nej dåå!!  försökte med det innan jag fick din eminenta hjlp ..men den ville inte återställa..

Tack för dina vänliga ord!

Men jag förstår inte riktigt?

Du försökte med en återställning av systemet innan rensningsprocedurerna och den ville inte vara med på noterna om jag förstår dig rätt.

Detta beror då på att den infektionen du hade i systemet förhindrade detta (inget ovanligt).

Och nu?

Har du försökt att göra en systemåterställning nu?

Hur ser din bakgrunsdbild ut nu idag?

MVH/Malou

[Gäst Malou]

Hej queball!

Här hittade jag något som kanske kan vara dig till hjälp

Ändra skrivbordsbakgrund (skrivbordsunderlägg)

Gäller för alla utgåvor av Windows Vista.

http://windowshelp.microsoft.com/Windows/s...0b8f5f1053.mspx

MVH/Malou

[queball]

Jag har fixat det ..

gjorde en systemåterställning och har sedan kör malware samt hjt..så nu funkar allt perfekt. ;D

Tack änn en gång för all hjälp!!

//Q

[Gäst Malou]

Hej  queball!

Varsegod och tack själv för att vi fick hjälpa!

Härligt att höra att du fick ordning på det hela till slut

Ha det så bra och var rädd om datorn!

MVH/Malou