Just nu i M3-nätverket
Gå till innehåll

Mr_Hertz

Medlem
  • Antal inlägg

    16
  • Gick med

  • Senaste besök

    Aldrig
  1. Sådär, nu har jag fixat allt du sa, men hittade bara: C:\WINNT\cpu.dll C:\WINNT\system32\dnjmhogk.dll Men här kommer nya loggen. [log]Logfile of HijackThis v1.99.0 Scan saved at 18:06:34, on 2005-09-26 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\GEARSec.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program\D-Tools\daemon.exe C:\Program\ICQLite\ICQLite.exe C:\Program\Microsoft Hardware\Keyboard\type32.exe C:\Program\MSN Messenger\MsnMsgr.Exe C:\WINNT\system32\spool\drivers\w32x86\3\CAP3LAK.EXE C:\WINNT\system32\CAP3RSK.EXE C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE C:\mmm\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php'>http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [iCQ Lite] C:\Program\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [intelliType] "C:\Program\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [CAP3ON] C:\WINNT\system32\spool\drivers\w32x86\3\CAP3ONN.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunOnce: [iCQ Lite] C:\Program\ICQLite\ICQLite.exe -trayboot O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Canon LASER SHOT LBP-1120-statusvindue.LNK = C:\WINNT\system32\spool\drivers\w32x86\3\CAP3LAK.EXE O17 - HKLM\System\CCS\Services\Tcpip\..\{4EF482AF-5A43-4D7F-BB04-A16C0DA4EB04}: NameServer = 217.31.160.30 O17 - HKLM\System\CS1\Services\Tcpip\..\{4EF482AF-5A43-4D7F-BB04-A16C0DA4EB04}: NameServer = 217.31.160.30 O17 - HKLM\System\CS2\Services\Tcpip\..\{4EF482AF-5A43-4D7F-BB04-A16C0DA4EB04}: NameServer = 217.31.160.30 O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe[/log]
  2. på första sidan så stängs alla IE fönster och inget felmedelande syns På andra sidan kommer det upp en ruta om man vill skicka felraport eller inte. så det går inte att scanna.
  3. okej. Vad är det för fil? den hittade några trojaner i den värkar de som. [log]BitDefender Found Trojan.Downloader.Gen (probable variant) ClamAV Found Trojan.Spy.Goldun.U-unp Dr.Web Found Trojan.PWS.GoldSpy Kaspersky Anti-Virus Found Trojan-Spy.Win32.Goldun.cb VBA32 Found Backdoor.Agent.9 (probable variant) [/log]
  4. som sagt, min dator har alvarliga fel, så fort han börjar skanna på sidan du gav mig så stängs alla IE fönster ner, inget felmedelande eller något kommer upp, och Firefox går det inte att köra det där med för det är endast gjort för IE...
  5. Hej, min dator är lite mer mupp än vanligt just nu, och har får hjälp med detta program förrut och det har fungerat väldigt bra då, men har lite svårt att tyda loggen. Någon som har lust att förklara hur man tyder den eller säga vad som ska bort från mig? [log]Logfile of HijackThis v1.99.0 Scan saved at 16:48:43, on 2005-09-26 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\GEARSec.exe C:\Program\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program\D-Tools\daemon.exe C:\Program\ICQLite\ICQLite.exe C:\Program\Microsoft Hardware\Keyboard\type32.exe C:\Program\MSN Messenger\MsnMsgr.Exe C:\WINNT\system32\CAP3RSK.EXE C:\WINNT\system32\mspmspsv.exe C:\Program\BitComet\BitComet.exe C:\WINNT\system32\rundll32.exe C:\WINNT\system32\rundll32.exe D:\Övrigt\Spyware\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php'>http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {91259102-F52D-E42A-57ed-EDA392644311} - C:\WINNT\system32\svcpy.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [iCQ Lite] C:\Program\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [intelliType] "C:\Program\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [RealTray] C:\Program\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [CAP3ON] C:\WINNT\system32\spool\drivers\w32x86\3\CAP3ONN.EXE O4 - HKLM\..\Run: [CPU Watcher] rundll32.exe C:\WINNT\cpu.dll,load O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunOnce: [iCQ Lite] C:\Program\ICQLite\ICQLite.exe -trayboot O4 - Startup: G6FTPSrv.lnk = C:\Program\G6 FTP Server\G6FTPSrv.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Canon LASER SHOT LBP-1120-statusvindue.LNK = C:\WINNT\system32\spool\drivers\w32x86\3\CAP3LAK.EXE O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program\ICQToolbar\toolbaru.dll/SEARCH.HTML O9 - Extra button: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:\Program\MultiPoker\MultiPoker.exe O9 - Extra 'Tools' menuitem: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:\Program\MultiPoker\MultiPoker.exe O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{4EF482AF-5A43-4D7F-BB04-A16C0DA4EB04}: NameServer = 217.31.160.30 O17 - HKLM\System\CS1\Services\Tcpip\..\{4EF482AF-5A43-4D7F-BB04-A16C0DA4EB04}: NameServer = 217.31.160.30 O17 - HKLM\System\CS2\Services\Tcpip\..\{4EF482AF-5A43-4D7F-BB04-A16C0DA4EB04}: NameServer = 217.31.160.30 O21 - SSODL: SysTray.Excn - {1722ECFF-4356-4f5b-B534-E67294FE75E9} - C:\WINNT\system32\dnjmhogk.dll O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe[/log] [inlägget ändrat 2005-09-26 16:59:51 av Mr_Hertz]
  6. Skulle någon som kan HijackThis hjälpa mig att kolla om det är något som inte bör finnas där?[log]Logfile of HijackThis v1.99.0 Scan saved at 13:14:37, on 2005-01-23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\csrss.exe E:\WINDOWS\SYSTEM32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\LEXBCES.EXE E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\system32\LEXPPS.EXE E:\WINDOWS\Explorer.EXE E:\Program\D-Tools\daemon.exe E:\Program\MSN Apps\Updater\01.02.3000.1001\sv\msnappau.exe E:\Program\a2\a2guard.exe E:\Program\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe E:\Program\Panda Software\Panda Antivirus Platinum\pavsrv51.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\wdfmgr.exe E:\Program\DC++\DCPlusPlus.exe E:\Program\Internet Explorer\iexplore.exe E:\Program\MSN Messenger\msnmsgr.exe E:\WINDOWS\system32\taskmgr.exe E:\Program\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE E:\Documents and Settings\Helena\Skrivbord\HijackThis temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://E:\Program\Toolbar\toolbar.dll/sa R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program\MSN Apps\MSN Toolbar\01.02.3000.1001\sv\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program\MSN Apps\MSN Toolbar\01.02.3000.1001\sv\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program\google\googletoolbar2.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "E:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [msnappau] "E:\Program\MSN Apps\Updater\01.02.3000.1001\sv\msnappau.exe" O4 - HKLM\..\Run: [LVCOMS] E:\Program\Delade filer\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] E:\Program\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] E:\Program\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [ezShieldProtector for Px] E:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sCANINICIO] "E:\Program\Panda Software\Panda Antivirus Platinum\Inicio.exe" O4 - HKLM\..\Run: [APVXDWIN] "E:\Program\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [MsgCenterExe] "E:\Program\Delade filer\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program\Microsoft ActiveSync\WCESCOMM.EXE" O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Google Search - res://e:\program\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm075XXSE O8 - Extra context menu item: Backward Links - res://e:\program\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://e:\program\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://e:\program\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Program\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Program\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Program\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program\Messenger\msmsgs.exe O12 - Plugin for .spop: E:\Program\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O23 - Service: Symantec Event Manager - Symantec Corporation - E:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation - Symantec Corporation - E:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager - Symantec Corporation - E:\Program\Delade filer\Symantec Shared\ccSetMgr.exe O23 - Service: LexBce Server - Lexmark International, Inc. - E:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: Panda Firewall Service - Unknown - E:\Program\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe O23 - Service: Panda anti-virus service - Unknown - E:\Program\Panda Software\Panda Antivirus Platinum\pavsrv51.exe O23 - Service: ScriptBlocking Service - Symantec Corporation - E:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Core LC - Unknown - E:\WINDOWS\system32\symlcsvc.exe (file missing) [/log]
  7. Jag har en A-Open DVD brännare som det bara går att byta region 5 gånger på. Någon som vet hur man kommer förbi det? Är det så jag måste byta region när jag ska läsa dvdskiva med annan region eller är det när jag ska bränna med annan region. Eller både och?
  8. okej, ska göra det, men vad spelar det för roll vart det ligger? *nyfiken* ja, server-u är en ftp server jag använder. vad gör HijackThis, är det så man ser allt som startar med windows? [inlägget ändrat 2004-12-20 17:51:02 av Mr_Hertz]
  9. Okej, har fått bort en hel hög med spyware innan jag gjorde loggen, men värkade missat naupoint, men nu är det borta och här är den nya loggen. [log]Logfile of HijackThis v1.99.0 Scan saved at 23:39:56, on 2004-12-19 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program\No-IP\DUC20.exe C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe C:\Program\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\Program\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE C:\WINDOWS\Explorer.EXE C:\Program\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE C:\WINDOWS\System32\rundll32.exe C:\Program\Delade filer\CMEII\CMESys.exe C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program\MSN Messenger\MsnMsgr.Exe C:\Program\TGTSoft\StyleXP\StyleXP.exe C:\Program\Delade filer\GMT\GMT.exe C:\Program\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe C:\Program\SpywareGuard\sgmain.exe C:\Program\SpywareGuard\sgbhp.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wisptis.exe C:\Program\ORL\VNC\WinVNC.exe C:\Program\Internet Explorer\iexplore.exe C:\Documents and Settings\Susanne\Mina dokument\Mina mottagna filer\HijackThis(1).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program\SpywareGuard\dlprotect.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program\Lexmark X5100 Series\lxbabmgr.exe" O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\Program\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s O4 - HKLM\..\Run: [CMESys] "C:\Program\Delade filer\CMEII\CMESys.exe" O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sTYLEXP] C:\Program\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - Startup: SpywareGuard.lnk = C:\Program\SpywareGuard\sgmain.exe O4 - Global Startup: GStartup.lnk = C:\Program\Delade filer\GMT\GMT.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE O10 - Hijacked Internet access by New.Net O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4360/mcfscan.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab O18 - Protocol: bw+0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {A46C9648-4DC7-43A3-86D2-7EC76F2F6DBD} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: IOFTPD-Service - Unknown - C:\ioFTPD\IOService-0.0.2\ioservice.exe (file missing) O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program\No-IP\DUC20.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Panda Process Protection Service - Unknown - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service - Unknown - C:\Program\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe O23 - Service: Serv-U FTP Server - Unknown - C:\fwa-movie\serv-u\ServUDaemon.exe (file missing) O23 - Service: StyleXPService - Unknown - C:\Program\TGTSoft\StyleXP\StyleXPService.exe [/log]
  10. jo jag har kört adaware redan, men undrade om någon förstår något av loggen, om de är något kvar fortfarande. tycker det värkar som de
×
×
  • Skapa nytt...