Gå till innehåll

Hjälp med trojan


Recommended Posts

*********************************************

2009-01-08:

Tråden är nu låst.

Tycker du att den är felaktigt låst, var god kontakta

Malou

*********************************************

Efter skann med Malwarebytes' AntiMalware

Fick jag denna logg efter att ha tagit bort filen:

2008-11-12 14:46:32

mbam-log-2008-11-12 (14-46-32).txt

Skanningstyp: Fullständig skanning (C:|)

Antal skannade objekt: 116799

Förfluten tid: 1 hour(s), 12 minute(s), 57 second(s)

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 1

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

Infekterade registernycklar:

(Inga illasinnade poster hittades)

Infekterade registervärden:

(Inga illasinnade poster hittades)

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

Infekterade mappar:

(Inga illasinnade poster hittades)

Infekterade filer:

C:System Volume Information_restore{3328431F-6859-4827-9470-37B2E91D160C}RP73A0013833.sys (Trojan.Downloader) -> Quarantined and deleted successfully.

Länk till kommentar
Dela på andra webbplatser

Nu har jag gjort en HiJack This-logga, och undrar om någon skulle kunna kolla om den ser ren ut?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:10:43, on 2008-11-12

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSExplorer.EXE

C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

C:PROGRA~1AVGAVG8avgwdsvc.exe

C:Program FilesBonjourmDNSResponder.exe

C:WINDOWSeHomeehRecvr.exe

C:WINDOWSeHomeehSched.exe

C:Program FilesJavajre6binjqs.exe

C:WINDOWSehomeehtray.exe

C:Program FilesATI TechnologiesATI.ACEcli.exe

C:WINDOWSsystem32o2flash.exe

C:WINDOWSRTHDCPL.EXE

C:WINDOWSsystem32svchost.exe

C:WINDOWSsm56hlpr.exe

C:PROGRA~1AVGAVG8avgtray.exe

C:Program FilesCommon FilesRealUpdate_OBrealsched.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesJavajre6binjusched.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesWindows LiveMessengerMsnMsgr.Exe

C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe

C:Program FilesNokiaNokia PC Suite 7PCSync2.exe

C:Program FilesNokiaNokia PC Suite 7PCSuite.exe

C:PROGRA~1AVGAVG8avgrsx.exe

C:Program FilesPersonalbinPersonal.exe

C:PROGRA~1AVGAVG8avgemc.exe

C:WINDOWSsystem32dllhost.exe

C:WINDOWSeHomeehmsas.exe

C:Program FilesiPodbiniPodService.exe

C:Program FilesPC Connectivity SolutionServiceLayer.exe

C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe

C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe

C:Program FilesCommon FilesNokiaMPAPIMPAPI3s.exe

C:Program FilesATI TechnologiesATI.ACEcli.exe

C:Program FilesATI TechnologiesATI.ACEcli.exe

C:Program Filesinternet exploreriexplore.exe

C:PROGRA~1AVGAVG8aAvgApi.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe

C:Program FilesMalwarebytes' Anti-Malwarembam.exe

C:Program FilesTrend MicroHijackThisJon.exe.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll

O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG8avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:PROGRA~1AVGAVG8AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:PROGRA~1AVGAVG8AVGTOO~1.DLL

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll

O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe

O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime -Delay

O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM..Run: [sMSERIAL] sm56hlpr.exe

O4 - HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe

O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime

O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe"  -osboot

O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe

O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"

O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background

O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe

O4 - HKCU..Run: [Nokia.PCSync] "C:Program FilesNokiaNokia PC Suite 7PCSync2.exe" /NoDialog

O4 - HKCU..Run: [PC Suite Tray] "C:Program FilesNokiaNokia PC Suite 7PCSuite.exe" -onlytray

O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:Program FilesPersonalbinPersonal.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1217359170125

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG8avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgwdsvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6binjqs.exe

O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:WINDOWSsystem32o2flash.exe

O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe

--

End of file - 8809 bytes

Länk till kommentar
Dela på andra webbplatser

Hej raskobert!

Ber om ursäkt för att svar har dröjt  ;)

Din TM HJT-logga ser ren och fin ut. Kan inte hitta några otrevligheter eller andra konstigheter i den. Malwarebytes' AntiMalware har hittat en otrevligheter i din restore-mapp.

För att inte riskera att återtälla datorn till någon/några tidigare tidpunkter då eventuella otrevligheter förekom (detta då med tanke på att där finns/fanns otyg i din restore-mapp) så läs gärna igenom nedanstående information samt instruktion för hur man går tillväga med att rensa rent i restore-mappen m.m.

OBS: Välj instruktionen för det Operativsystem just du använder:

=> Systemåterställning: (Så här Inaktiverar/Aktiverar du):

Då du gjort ovanstående:

Gör en ny scanning med  Malwarebytes' AntiMalware (Uppdaterad)

Ta bort det som eventuellt hittas

Kopiera in loggan hit

Gör en ny TM HJT-logga kopiera in även den

Berätta/tala om hur datorn mår

MVH/Malou

Länk till kommentar
Dela på andra webbplatser

Så här såg Malwarebytes'-loggan ut:

Malwarebytes' Anti-Malware 1.30

Databasversion: 1395

Windows 5.1.2600 Service Pack 3

2008-11-13 16:05:04

mbam-log-2008-11-13 (16-05-04).txt

Skanningstyp: Snabb skanning

Antal skannade objekt: 53263

Förfluten tid: 11 minute(s), 39 second(s)

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

Infekterade registernycklar:

(Inga illasinnade poster hittades)

Infekterade registervärden:

(Inga illasinnade poster hittades)

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

Infekterade mappar:

(Inga illasinnade poster hittades)

Infekterade filer:

(Inga illasinnade poster hittades)

Och HijackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:06:13, on 2008-11-13

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSExplorer.EXE

C:WINDOWSehomeehtray.exe

C:Program FilesATI TechnologiesATI.ACEcli.exe

C:WINDOWSRTHDCPL.EXE

C:WINDOWSsm56hlpr.exe

C:PROGRA~1AVGAVG8avgtray.exe

C:Program FilesCommon FilesRealUpdate_OBrealsched.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesJavajre6binjusched.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesWindows LiveMessengerMsnMsgr.Exe

C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe

C:Program FilesNokiaNokia PC Suite 7PCSync2.exe

C:Program FilesNokiaNokia PC Suite 7PCSuite.exe

C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

C:PROGRA~1AVGAVG8avgwdsvc.exe

C:Program FilesPersonalbinPersonal.exe

C:Program FilesBonjourmDNSResponder.exe

C:WINDOWSeHomeehRecvr.exe

C:WINDOWSeHomeehSched.exe

C:Program FilesJavajre6binjqs.exe

C:WINDOWSsystem32o2flash.exe

C:WINDOWSsystem32svchost.exe

C:PROGRA~1AVGAVG8avgrsx.exe

C:PROGRA~1AVGAVG8avgemc.exe

C:WINDOWSsystem32dllhost.exe

C:Program FilesPC Connectivity SolutionServiceLayer.exe

C:WINDOWSeHomeehmsas.exe

C:Program FilesiPodbiniPodService.exe

C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe

C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe

C:Program FilesCommon FilesNokiaMPAPIMPAPI3s.exe

C:Program FilesATI TechnologiesATI.ACEcli.exe

C:Program FilesATI TechnologiesATI.ACEcli.exe

C:Program FilesMalwarebytes' Anti-Malwarembam.exe

C:PROGRA~1AVGAVG8avgscanx.exe

C:Program FilesTrend MicroHijackThisJon.exe.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll

O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG8avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:PROGRA~1AVGAVG8AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:PROGRA~1AVGAVG8AVGTOO~1.DLL

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll

O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe

O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime -Delay

O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM..Run: [sMSERIAL] sm56hlpr.exe

O4 - HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe

O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime

O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe"  -osboot

O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe

O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"

O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background

O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe

O4 - HKCU..Run: [Nokia.PCSync] "C:Program FilesNokiaNokia PC Suite 7PCSync2.exe" /NoDialog

O4 - HKCU..Run: [PC Suite Tray] "C:Program FilesNokiaNokia PC Suite 7PCSuite.exe" -onlytray

O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:Program FilesPersonalbinPersonal.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1217359170125

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG8avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgwdsvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6binjqs.exe

O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:WINDOWSsystem32o2flash.exe

O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe

--

End of file - 8683 bytes

Länk till kommentar
Dela på andra webbplatser

Hej raskobert!

Varsegod och tack själv för att vi fick hjälpa.

Härligt att höra att datorn mår bra.

Och här kommer mina sedvanliga rekommendationer:

Hämta hem/installera ALLA SÄKERHETSUPPDATERINGAR/PATCHAR M.M.

Hämta hem/installera SP1/SP3 för det Operativsystem som används

(Windows XP/Windows Vista).

Finns att hämta hem från Windows Update/Microsoft Update.

Allt hittas på nedanstående sida under fliken Lite Tips & Råd för en säkrare dator:

Läs gärna även informationen under fliken Hur blev jag infekterad?

=>Dator&IT-Säkerhet:

MVH/Malou

Länk till kommentar
Dela på andra webbplatser

Gäst
Detta ämne är nu stängt för ytterligare svar.
×
×
  • Skapa nytt...