Just nu i M3-nätverket
Gå till innehåll

Ryuujin

Medlem
  • Antal inlägg

    13
  • Gick med

  • Senaste besök

Allt postat av Ryuujin

  1. Tusen tack för hjälpen, Cecilia och Zipp.
  2. Allt är som de ska vara nu, Hijackthis hittar inget skumt mera, men Ad-aware hittar ändå ett antal objekt i registret för de mesta, och Antivir hittar en massa olika virus i System Volume Information mappen.
  3. Hrm, jag fixade bort 02 raderna från Tea timern, så nu e dom borta, och jag hittar int de raderna du hänvisar till i den nyaste Hijack loggen, konstigt nog, men här e den. [log] Logfile of HijackThis v1.99.1 Scan saved at 19:53:54, on 19.9.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE C:\Program\Java\jre1.5.0_06\bin\jusched.exe C:\Program\AntiVir PersonalEdition Classic\avgnt.exe C:\Program\MessengerPlus! 3\MsgPlus.exe C:\Program\Microsoft IntelliType Pro\type32.exe C:\Program\Spybot - Search & Destroy\TeaTimer.exe C:\Program\Logitech\MouseWare\system\em_exec.exe C:\Program\AntiVir PersonalEdition Classic\sched.exe C:\Program\AntiVir PersonalEdition Classic\avguard.exe C:\Program\ewido anti-spyware 4.0\guard.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\PROGRAM\MOZILL~2\FIREFOX.EXE C:\Program\Hijackthis\rens.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [AtiPTA] C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [type32] "C:\Program\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130541720785 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\Delade filer\PCSuite\Services\ServiceLayer.exe [/log]
  4. Här kommer loggarna! [log] Logfile of HijackThis v1.99.1 Scan saved at 19:44:39, on 19.9.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE C:\Program\Java\jre1.5.0_06\bin\jusched.exe C:\Program\AntiVir PersonalEdition Classic\avgnt.exe C:\Program\MessengerPlus! 3\MsgPlus.exe C:\Program\Microsoft IntelliType Pro\type32.exe C:\Program\Spybot - Search & Destroy\TeaTimer.exe C:\Program\Logitech\MouseWare\system\em_exec.exe C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program\AntiVir PersonalEdition Classic\sched.exe C:\Program\AntiVir PersonalEdition Classic\avguard.exe C:\Program\ewido anti-spyware 4.0\guard.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\Program\Hijackthis\rens.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: (no name) - {01C048D3-D786-4C45-88AD-84A0F484622F} - (no file) O2 - BHO: (no name) - {023B878C-996E-4B98-A490-8097C973FA02} - (no file) O2 - BHO: (no name) - {028C13FE-D709-49EB-B2D4-695BCC6168CF} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {092EE75F-5D94-44E4-946C-A1627F54FFA9} - (no file) O2 - BHO: (no name) - {0B892443-80E2-423A-831B-E4CF4B61CF5F} - (no file) O2 - BHO: (no name) - {0BA4E89B-26B4-4253-B1BC-7BC22F3A743C} - (no file) O2 - BHO: (no name) - {0C69286F-6F7A-4D6D-B168-83A5843DF52A} - (no file) O2 - BHO: (no name) - {0E6E261E-683A-4E54-B3F6-91F9151B8192} - (no file) O2 - BHO: (no name) - {12C8525B-C5EE-4E70-A3F2-6F3688BC1BFD} - (no file) O2 - BHO: (no name) - {13EAACBB-D359-4FB0-A877-53F621A51239} - (no file) O2 - BHO: (no name) - {14B2D663-957E-44C3-A7ED-4454320EB46F} - (no file) O2 - BHO: (no name) - {17981208-29A9-4CFB-9563-7C4C820AD606} - (no file) O2 - BHO: (no name) - {17998F81-B314-49ED-B519-E6BDCB60316C} - (no file) O2 - BHO: (no name) - {18007501-EBA5-46AF-8C82-5F4D33D29525} - (no file) O2 - BHO: (no name) - {1E781928-0B68-45A4-B170-D3E7695E4603} - (no file) O2 - BHO: (no name) - {23D6D4D5-094B-4AE6-B8DB-F90700AC45C8} - (no file) O2 - BHO: (no name) - {26765F18-2291-480E-862F-A61B71035639} - (no file) O2 - BHO: (no name) - {34BC5116-70FF-4333-9D0D-BBFD47F87C45} - (no file) O2 - BHO: (no name) - {36DC55E6-CA42-4216-991A-5A3F7B70C313} - (no file) O2 - BHO: (no name) - {3A1B1116-DD01-433E-A712-6BB2F920822A} - (no file) O2 - BHO: (no name) - {3A639DF3-FF61-43C6-9A8B-386642E9BE65} - (no file) O2 - BHO: (no name) - {3E4A99FD-F251-41F7-A170-875E842A14B0} - (no file) O2 - BHO: (no name) - {462FB66F-1CC8-4BDC-998C-2A696AA4BA5A} - (no file) O2 - BHO: (no name) - {4B6948C8-54F4-41AD-8455-525056E7175C} - (no file) O2 - BHO: (no name) - {4EC87D13-F891-4229-B5DF-4808DBC5880C} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {55819FC9-C4EE-4B55-82AC-86C6190C9DE9} - (no file) O2 - BHO: (no name) - {57026C9B-428B-4376-AADF-B68A85C2C3E2} - (no file) O2 - BHO: (no name) - {57DB274B-4411-40EC-89EC-65D2E60CF2F6} - (no file) O2 - BHO: (no name) - {58C48461-DE56-47E5-A80D-13BCCD400485} - (no file) O2 - BHO: (no name) - {59502477-F4D7-41F8-98D1-68581415EBA7} - (no file) O2 - BHO: (no name) - {65AD32C6-3D8F-4048-8D83-06D9A61554D1} - (no file) O2 - BHO: (no name) - {68C20EFE-8E73-46AB-9E61-757619660FED} - (no file) O2 - BHO: (no name) - {6B263FE1-C68E-4CD7-B59C-E86742EEF31E} - (no file) O2 - BHO: (no name) - {6BBD766F-8587-4041-ADE8-75649BEDBBC9} - (no file) O2 - BHO: (no name) - {718048A4-2F31-44FA-8F2C-D680B3CDDAF8} - (no file) O2 - BHO: (no name) - {749D6F03-B9B4-42FF-A7B3-A58C221DD724} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {77719AF2-FBF7-4DA2-B802-4319C8E814E2} - (no file) O2 - BHO: (no name) - {78DDA3F0-EE31-4EC4-BB9F-BFAD85BE6944} - (no file) O2 - BHO: (no name) - {7A11B1CE-02CF-4F92-9EFE-A50F04E3EF06} - (no file) O2 - BHO: (no name) - {7BC5A1C2-015C-46DE-BB55-B0177A857D58} - (no file) O2 - BHO: (no name) - {7E6F38AB-FE20-480A-A0AF-C1FBA77E1FD0} - (no file) O2 - BHO: (no name) - {807FD5DF-9EDD-4495-B7D0-884693D112F2} - (no file) O2 - BHO: (no name) - {8394B45E-3113-46C6-904A-5A5529618389} - (no file) O2 - BHO: (no name) - {83B61609-74E6-4B17-B029-1973D62E5F34} - (no file) O2 - BHO: (no name) - {83EDE814-8D24-4223-98B3-2D94F7BB4650} - (no file) O2 - BHO: (no name) - {8C6F75C8-14AA-4CC8-9B23-D47C1F880FEB} - (no file) O2 - BHO: (no name) - {91DD8E00-9705-4678-8BBF-32827CA23839} - (no file) O2 - BHO: (no name) - {94A3BDE8-8663-46BA-80E5-A8414CE13CB4} - (no file) O2 - BHO: (no name) - {9830149D-753E-4825-B605-6592ED85F541} - (no file) O2 - BHO: (no name) - {9AB50D67-9E30-43FF-A287-4BCBFE2295F2} - (no file) O2 - BHO: (no name) - {9B050BA9-3DFF-4254-BEA7-7F86A22CA681} - (no file) O2 - BHO: (no name) - {A0C86559-45A7-46BE-94B7-AE1408A4CDA0} - (no file) O2 - BHO: (no name) - {A1B44FD8-2204-48B5-AA55-36F9388BAEBC} - (no file) O2 - BHO: (no name) - {A70F39F8-77C0-4FBA-89F8-2BAD094617C1} - (no file) O2 - BHO: (no name) - {AF11A7E5-3887-4985-8A7D-2F3F6094D924} - (no file) O2 - BHO: (no name) - {B2EB7F9E-0362-48F1-883C-C93F021E4A15} - (no file) O2 - BHO: (no name) - {B847365E-AD7F-4437-A7B2-B53FE89F2A89} - (no file) O2 - BHO: (no name) - {BAF7DEFC-2D9F-4FF1-A327-E5EBBFEB5B31} - (no file) O2 - BHO: (no name) - {BFB7325C-0841-4182-BBAB-A1D4D14A1323} - (no file) O2 - BHO: (no name) - {C1E94AA6-4B3E-40C9-8ECD-87F8AB596DE4} - (no file) O2 - BHO: (no name) - {C323AF49-E6C5-4DBF-A1C9-2F61D0F19B83} - (no file) O2 - BHO: (no name) - {C57C1682-84B8-4E6C-AA4B-D6ACD5C0EEDE} - (no file) O2 - BHO: (no name) - {C595ED35-2C2C-47E5-82FD-EC656041176A} - (no file) O2 - BHO: (no name) - {C974E5AA-3252-4E8E-B6B0-AA9A5A20AFAB} - (no file) O2 - BHO: (no name) - {CAE8553F-D5C8-430B-94A1-9E432E4EA9EA} - (no file) O2 - BHO: (no name) - {CE85F8BD-C652-4CE3-B96A-1865EECB9594} - (no file) O2 - BHO: (no name) - {D4C26AD3-9144-4664-9BED-99456835DE7F} - (no file) O2 - BHO: (no name) - {D57C0E54-1AC8-4EA6-89DD-0D471615731B} - (no file) O2 - BHO: (no name) - {D96DB202-04AF-407F-8ABB-85DD5F374043} - (no file) O2 - BHO: (no name) - {D9B69CA9-2E3D-401C-928C-927A9F422B30} - (no file) O2 - BHO: (no name) - {DA195514-176B-4A6A-AFBA-3A86C5F88C19} - (no file) O2 - BHO: (no name) - {DA2231D4-ECA6-455F-8C1E-803DA24DCA78} - (no file) O2 - BHO: (no name) - {DA6D1C1F-21DB-40E7-B7AE-6983C39B5C63} - (no file) O2 - BHO: (no name) - {DDF1338A-AC8D-4B27-B1BE-5171266AFDAA} - (no file) O2 - BHO: (no name) - {DE75F105-4543-4B43-B781-4B0A1B9FD82F} - (no file) O2 - BHO: (no name) - {E09AC8E1-272E-41B0-9453-3AC7A085D597} - (no file) O2 - BHO: (no name) - {E828E375-561F-41F4-9EA7-43B6E335AC61} - (no file) O2 - BHO: (no name) - {EAB22268-A904-4610-8E3A-FBB98C1C1ACC} - (no file) O2 - BHO: (no name) - {EC8518BA-FEF2-4F19-BAE6-23884B0DE9AE} - (no file) O2 - BHO: (no name) - {EE8E6C0F-BBA3-47E4-8F9D-C91657CEE73B} - (no file) O2 - BHO: (no name) - {F0032AA3-62FA-4691-9225-F71F7CD16D3D} - (no file) O2 - BHO: (no name) - {F4BDF1A3-C722-45CB-8C6E-CBD842DA458F} - (no file) O2 - BHO: (no name) - {F57C0A88-9EA8-499E-8DCB-127762044EC7} - (no file) O2 - BHO: (no name) - {F6242723-17D1-474E-B76F-F3111C0360DF} - (no file) O2 - BHO: (no name) - {FABEED76-B6BB-4827-84B8-23252CE96B6A} - (no file) O2 - BHO: (no name) - {FC293AB1-5ACB-4B92-BC35-CFEC3E87A700} - (no file) O2 - BHO: (no name) - {FE763449-2DB7-4CF2-8983-E61A867322BB} - (no file) O4 - HKLM\..\Run: [AtiPTA] C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [type32] "C:\Program\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130541720785 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: vtuts - C:\WINDOWSO20 - Winlogon Notify: winmqx32 - C:\WINDOWSO23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\Delade filer\PCSuite\Services\ServiceLayer.exe VundoFix V6.1.5 Checking Java version... Sun Java not detected Scan started at 19:22:31 19.9.2006 Listing files found while scanning.... C:\WINDOWS\system32\vtuts.dll C:\WINDOWS\system32\stutv.ini Beginning removal... Attempting to delete C:\WINDOWS\system32\vtuts.dll C:\WINDOWS\system32\vtuts.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\stutv.ini C:\WINDOWS\system32\stutv.ini Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.1.5 Checking Java version... Sun Java not detected Scan started at 19:27:58 19.9.2006 Listing files found while scanning.... C:\WINDOWS\system32\vtuts.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\vtuts.dll C:\WINDOWS\system32\vtuts.dll Has been deleted! Performing Repairs to the registry. Done! [/log]
  5. Hejsan, ursäkta avbrottet. Här kommer Hijackthis loggen efter att ja scannat och fixat med Hijack och försökt ta bort vtuts.dll manuellt, den vägrar gå bort. [log] Logfile of HijackThis v1.99.1 Scan saved at 18:39:19, on 19.9.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program\AntiVir PersonalEdition Classic\sched.exe C:\Program\AntiVir PersonalEdition Classic\avguard.exe C:\Program\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE C:\Program\Java\jre1.5.0_06\bin\jusched.exe C:\Program\Logitech\MouseWare\system\em_exec.exe C:\Program\AntiVir PersonalEdition Classic\avgnt.exe C:\Program\MessengerPlus! 3\MsgPlus.exe C:\Program\Microsoft IntelliType Pro\type32.exe C:\Program\Spybot - Search & Destroy\TeaTimer.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Hijackthis\rens.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3A2D6FAE-25E8-4BD9-BE84-940A4D8DFADE} - C:\WINDOWS\system32\vtuts.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [AtiPTA] C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [type32] "C:\Program\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130541720785 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: vtuts - C:\WINDOWS\system32\vtuts.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\Delade filer\PCSuite\Services\ServiceLayer.exe [/log]
  6. Här e loggarna. [log] Logfile of HijackThis v1.99.1 Scan saved at 21:09:38, on 18.9.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\Program\AntiVir PersonalEdition Classic\sched.exe C:\Program\AntiVir PersonalEdition Classic\avguard.exe C:\Program\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\svchost.exe C:\Program\Synaptics\SynTP\SynTPLpr.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\keyhook.exe C:\Program\Arcade\PCMService.exe C:\Program\Launch Manager\QtZgAcer.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program\Logitech\Video\LogiTray.exe C:\Program\Java\jre1.5.0_03\bin\jusched.exe C:\Program\AntiVir PersonalEdition Classic\avgnt.exe C:\Program\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Logitech\Video\FxSvr2.exe C:\Program\acer\eRecovery\Monitor.exe C:\Program\MSN Messenger\MsnMsgr.Exe C:\Program\Skype\Phone\Skype.exe C:\WINDOWS\system32\sistray.exe C:\Program\OpenOffice.org 2.0\program\soffice.exe C:\Program\OpenOffice.org 2.0\program\soffice.BIN C:\Program\Mozilla Firefox\firefox.exe C:\Program\Hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [PCMService] "C:\Program\Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [LManager] C:\Program\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [!ewido] "C:\Program\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk741YYFI O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 20:47:34 18.9.2006 + Scan result: C:\Program\Delade filer\{320D180E-05DC-1053-0419-050315050166}\Update.exe -> Adware.Agent : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\A0012224.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-1.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-14.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-15.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-20.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-21.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-22.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-23.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-24.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-25.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\snapshot\MFEX-4.DAT -> Adware.Look2Me : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP143\A0012222.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindIt.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindItHot.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\Highlight.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\Reference.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\ReferenceHot.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\Weather.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafe.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafeA.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\findithotxp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\finditxp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\games.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\gamesA.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlighthotxp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlightxp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\logo.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\logoxp.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\moviesA.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencehotxp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencexp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\screensaver.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\screensaverA.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherhotxp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherxp.png -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\contexts -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\contexts\error.xml -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\contexts\related.xml -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\contexts\travel.xml -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\images -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\All Users\Application Data\Starware\images\walertXP.bmp -> Adware.Starware : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Lokala inställningar\Temporary Internet Files\Content.IE5\L1C35X5H\speedtest2[1].dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined). C:\WINDOWS\Downloaded Program Files\speedtest2.dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined). :mozilla.97:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined). :mozilla.12:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.13:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.54:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.57:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.58:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.59:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.60:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.53:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined). :mozilla.100:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.101:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.102:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Cleaned with backup (quarantined). :mozilla.15:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). :mozilla.16:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). :mozilla.17:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). :mozilla.18:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@cqcounter[2].txt -> TrackingCookie.Cqcounter : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@www.cqcounter[1].txt -> TrackingCookie.Cqcounter : Cleaned with backup (quarantined). :mozilla.62:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined). :mozilla.114:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup (quarantined). :mozilla.115:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup (quarantined). :mozilla.134:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.135:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.137:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.138:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.29:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). :mozilla.31:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.32:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.103:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@ads1.revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). :mozilla.69:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.70:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.71:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.72:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.73:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.167:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). :mozilla.33:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.34:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.35:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.21:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.22:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.23:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.24:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.25:C:\Documents and Settings\Virtanen II\Application Data\Mozilla\Firefox\Profiles\xb0p0jgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Cookies\virtanen ii@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Virtanen II\Lokala inställningar\Temporary Internet Files\Content.IE5\RMGV31K5\photo223[1].PIF -> Worm.Licat.c : Cleaned with backup (quarantined). C:\System Volume Information\_restore{FA59FCEB-29AA-4812-A10E-5ECFDD7A74E2}\RP142\A0012168.rbf -> Worm.Licat.c : Cleaned with backup (quarantined). ::Report end [/log]
  7. Har inte haft tid de senaste dagarna, beklagar att jag lämnade diskussionen mitt i, men privatlivet går före.
  8. Tjena, har ett virus som har MSN Messenger som mål, den börjar spamma linkar åt folk på min kontaktlista. Scannade datorn me Antivir och deletade alla filer de hittade, och sedan med AdAware, men det kan inte ta bort 2 filer som de hittar, ktdhela3.dll i Windows/system32 mappen. Scannade me Hijackthis, här e loggen. [log] Logfile of HijackThis v1.99.1 Scan saved at 18:41:27, on 18.9.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\Program\AntiVir PersonalEdition Classic\sched.exe C:\Program\Synaptics\SynTP\SynTPLpr.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\Program\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\keyhook.exe C:\Program\Arcade\PCMService.exe C:\Program\Launch Manager\QtZgAcer.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program\Logitech\Video\LogiTray.exe C:\Program\Java\jre1.5.0_03\bin\jusched.exe C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\Program\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\svchost.exe C:\Program\Delade filer\{320D180E-05DC-1053-0419-050315050166}\Update.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Logitech\Video\FxSvr2.exe C:\WINDOWS\System32\alg.exe C:\Program\acer\eRecovery\Monitor.exe C:\Program\Skype\Phone\Skype.exe C:\WINDOWS\system32\sistray.exe C:\Program\OpenOffice.org 2.0\program\soffice.exe C:\Program\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\explorer.exe C:\Program\Mozilla Firefox\firefox.exe C:\Program\Hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [PCMService] "C:\Program\Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [LManager] C:\Program\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe O4 - HKLM\..\Run: [defender] c:\\dfndrff_e7.exe O4 - HKLM\..\Run: [keyboard] c:\\kybrdff_e7.exe O4 - HKLM\..\Run: [newname] c:\\nwnmff_e7.exe O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\VIRTAN~1\LOKALA~1\Temp\MsgPlusUninst.bat" O4 - HKLM\..\RunOnce: [AAW] "C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk741YYFI O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe [/log]
  9. Här e Vundo och Hijack loggen efter jag körde Vundo. [log] VundoFix V6.1.4 Checking Java version... Sun Java not detected Scan started at 18:33:10 11.9.2006 Listing files found while scanning.... C:\WINDOWS\system32\vtuts.dll C:\WINDOWS\system32\stutv.ini C:\WINDOWS\system32\stutv.bak1 C:\WINDOWS\system32\stutv.bak2 C:\WINDOWS\system32\stutv.ini2 C:\WINDOWS\system32\stutv.tmp C:\WINDOWS\system32\xdfmxyhb.exe Beginning removal... Attempting to delete C:\WINDOWS\system32\vtuts.dll C:\WINDOWS\system32\vtuts.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\stutv.ini C:\WINDOWS\system32\stutv.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.bak1 C:\WINDOWS\system32\stutv.bak1 Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.bak2 C:\WINDOWS\system32\stutv.bak2 Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.ini2 C:\WINDOWS\system32\stutv.ini2 Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.tmp C:\WINDOWS\system32\stutv.tmp Has been deleted! Attempting to delete C:\WINDOWS\system32\xdfmxyhb.exe C:\WINDOWS\system32\xdfmxyhb.exe Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.1.4 Checking Java version... Sun Java not detected Scan started at 18:37:25 11.9.2006 Listing files found while scanning.... No infected files were found. Beginning removal... ----------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 18:47:29, on 11.9.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program\AntiVir PersonalEdition Classic\sched.exe C:\Program\AntiVir PersonalEdition Classic\avguard.exe C:\Program\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE C:\Program\Java\jre1.5.0_06\bin\jusched.exe C:\Program\Logitech\MouseWare\system\em_exec.exe C:\Program\AntiVir PersonalEdition Classic\avgnt.exe C:\Program\MessengerPlus! 3\MsgPlus.exe C:\Program\Microsoft IntelliType Pro\type32.exe C:\Program\MSN Messenger\msnmsgr.exe C:\PROGRAM\MOZILL~2\FIREFOX.EXE C:\Program\mIRC\mirc.exe C:\Program\Hijackthis\rens.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: (no name) - {01C048D3-D786-4C45-88AD-84A0F484622F} - (no file) O2 - BHO: (no name) - {023B878C-996E-4B98-A490-8097C973FA02} - (no file) O2 - BHO: (no name) - {028C13FE-D709-49EB-B2D4-695BCC6168CF} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {092EE75F-5D94-44E4-946C-A1627F54FFA9} - (no file) O2 - BHO: (no name) - {0B892443-80E2-423A-831B-E4CF4B61CF5F} - (no file) O2 - BHO: (no name) - {0BA4E89B-26B4-4253-B1BC-7BC22F3A743C} - (no file) O2 - BHO: (no name) - {0C69286F-6F7A-4D6D-B168-83A5843DF52A} - (no file) O2 - BHO: (no name) - {0E6E261E-683A-4E54-B3F6-91F9151B8192} - C:\WINDOWS\system32\vtuts.dll O2 - BHO: (no name) - {12C8525B-C5EE-4E70-A3F2-6F3688BC1BFD} - (no file) O2 - BHO: (no name) - {13EAACBB-D359-4FB0-A877-53F621A51239} - (no file) O2 - BHO: (no name) - {14B2D663-957E-44C3-A7ED-4454320EB46F} - (no file) O2 - BHO: (no name) - {17981208-29A9-4CFB-9563-7C4C820AD606} - (no file) O2 - BHO: (no name) - {17998F81-B314-49ED-B519-E6BDCB60316C} - (no file) O2 - BHO: (no name) - {18007501-EBA5-46AF-8C82-5F4D33D29525} - (no file) O2 - BHO: (no name) - {1E781928-0B68-45A4-B170-D3E7695E4603} - (no file) O2 - BHO: (no name) - {23D6D4D5-094B-4AE6-B8DB-F90700AC45C8} - (no file) O2 - BHO: (no name) - {26765F18-2291-480E-862F-A61B71035639} - (no file) O2 - BHO: (no name) - {34BC5116-70FF-4333-9D0D-BBFD47F87C45} - (no file) O2 - BHO: (no name) - {36DC55E6-CA42-4216-991A-5A3F7B70C313} - (no file) O2 - BHO: (no name) - {3A1B1116-DD01-433E-A712-6BB2F920822A} - (no file) O2 - BHO: (no name) - {3A639DF3-FF61-43C6-9A8B-386642E9BE65} - (no file) O2 - BHO: (no name) - {3E4A99FD-F251-41F7-A170-875E842A14B0} - (no file) O2 - BHO: (no name) - {462FB66F-1CC8-4BDC-998C-2A696AA4BA5A} - (no file) O2 - BHO: (no name) - {4B6948C8-54F4-41AD-8455-525056E7175C} - (no file) O2 - BHO: (no name) - {4EC87D13-F891-4229-B5DF-4808DBC5880C} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {55819FC9-C4EE-4B55-82AC-86C6190C9DE9} - (no file) O2 - BHO: (no name) - {57026C9B-428B-4376-AADF-B68A85C2C3E2} - (no file) O2 - BHO: (no name) - {57DB274B-4411-40EC-89EC-65D2E60CF2F6} - (no file) O2 - BHO: (no name) - {58C48461-DE56-47E5-A80D-13BCCD400485} - (no file) O2 - BHO: (no name) - {59502477-F4D7-41F8-98D1-68581415EBA7} - (no file) O2 - BHO: (no name) - {65AD32C6-3D8F-4048-8D83-06D9A61554D1} - (no file) O2 - BHO: (no name) - {68C20EFE-8E73-46AB-9E61-757619660FED} - (no file) O2 - BHO: (no name) - {6BBD766F-8587-4041-ADE8-75649BEDBBC9} - (no file) O2 - BHO: (no name) - {718048A4-2F31-44FA-8F2C-D680B3CDDAF8} - (no file) O2 - BHO: (no name) - {749D6F03-B9B4-42FF-A7B3-A58C221DD724} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {77719AF2-FBF7-4DA2-B802-4319C8E814E2} - (no file) O2 - BHO: (no name) - {78DDA3F0-EE31-4EC4-BB9F-BFAD85BE6944} - (no file) O2 - BHO: (no name) - {7A11B1CE-02CF-4F92-9EFE-A50F04E3EF06} - (no file) O2 - BHO: (no name) - {7BC5A1C2-015C-46DE-BB55-B0177A857D58} - (no file) O2 - BHO: (no name) - {7E6F38AB-FE20-480A-A0AF-C1FBA77E1FD0} - (no file) O2 - BHO: (no name) - {807FD5DF-9EDD-4495-B7D0-884693D112F2} - (no file) O2 - BHO: (no name) - {8394B45E-3113-46C6-904A-5A5529618389} - (no file) O2 - BHO: (no name) - {83B61609-74E6-4B17-B029-1973D62E5F34} - (no file) O2 - BHO: (no name) - {83EDE814-8D24-4223-98B3-2D94F7BB4650} - (no file) O2 - BHO: (no name) - {8C6F75C8-14AA-4CC8-9B23-D47C1F880FEB} - (no file) O2 - BHO: (no name) - {91DD8E00-9705-4678-8BBF-32827CA23839} - (no file) O2 - BHO: (no name) - {94A3BDE8-8663-46BA-80E5-A8414CE13CB4} - (no file) O2 - BHO: (no name) - {9830149D-753E-4825-B605-6592ED85F541} - (no file) O2 - BHO: (no name) - {9AB50D67-9E30-43FF-A287-4BCBFE2295F2} - (no file) O2 - BHO: (no name) - {9B050BA9-3DFF-4254-BEA7-7F86A22CA681} - (no file) O2 - BHO: (no name) - {A0C86559-45A7-46BE-94B7-AE1408A4CDA0} - (no file) O2 - BHO: (no name) - {A1B44FD8-2204-48B5-AA55-36F9388BAEBC} - (no file) O2 - BHO: (no name) - {A70F39F8-77C0-4FBA-89F8-2BAD094617C1} - (no file) O2 - BHO: (no name) - {AF11A7E5-3887-4985-8A7D-2F3F6094D924} - (no file) O2 - BHO: (no name) - {B2EB7F9E-0362-48F1-883C-C93F021E4A15} - (no file) O2 - BHO: (no name) - {B847365E-AD7F-4437-A7B2-B53FE89F2A89} - (no file) O2 - BHO: (no name) - {BAF7DEFC-2D9F-4FF1-A327-E5EBBFEB5B31} - (no file) O2 - BHO: (no name) - {BFB7325C-0841-4182-BBAB-A1D4D14A1323} - (no file) O2 - BHO: (no name) - {C1E94AA6-4B3E-40C9-8ECD-87F8AB596DE4} - (no file) O2 - BHO: (no name) - {C323AF49-E6C5-4DBF-A1C9-2F61D0F19B83} - (no file) O2 - BHO: (no name) - {C57C1682-84B8-4E6C-AA4B-D6ACD5C0EEDE} - (no file) O2 - BHO: (no name) - {C595ED35-2C2C-47E5-82FD-EC656041176A} - (no file) O2 - BHO: (no name) - {C974E5AA-3252-4E8E-B6B0-AA9A5A20AFAB} - (no file) O2 - BHO: (no name) - {CAE8553F-D5C8-430B-94A1-9E432E4EA9EA} - (no file) O2 - BHO: (no name) - {CE85F8BD-C652-4CE3-B96A-1865EECB9594} - (no file) O2 - BHO: (no name) - {D4C26AD3-9144-4664-9BED-99456835DE7F} - (no file) O2 - BHO: (no name) - {D57C0E54-1AC8-4EA6-89DD-0D471615731B} - (no file) O2 - BHO: (no name) - {D96DB202-04AF-407F-8ABB-85DD5F374043} - (no file) O2 - BHO: (no name) - {D9B69CA9-2E3D-401C-928C-927A9F422B30} - (no file) O2 - BHO: (no name) - {DA195514-176B-4A6A-AFBA-3A86C5F88C19} - (no file) O2 - BHO: (no name) - {DA2231D4-ECA6-455F-8C1E-803DA24DCA78} - (no file) O2 - BHO: (no name) - {DA6D1C1F-21DB-40E7-B7AE-6983C39B5C63} - (no file) O2 - BHO: (no name) - {DDF1338A-AC8D-4B27-B1BE-5171266AFDAA} - (no file) O2 - BHO: (no name) - {DE75F105-4543-4B43-B781-4B0A1B9FD82F} - (no file) O2 - BHO: (no name) - {E09AC8E1-272E-41B0-9453-3AC7A085D597} - (no file) O2 - BHO: (no name) - {E828E375-561F-41F4-9EA7-43B6E335AC61} - (no file) O2 - BHO: (no name) - {EAB22268-A904-4610-8E3A-FBB98C1C1ACC} - (no file) O2 - BHO: (no name) - {EC8518BA-FEF2-4F19-BAE6-23884B0DE9AE} - (no file) O2 - BHO: (no name) - {EE8E6C0F-BBA3-47E4-8F9D-C91657CEE73B} - (no file) O2 - BHO: (no name) - {F0032AA3-62FA-4691-9225-F71F7CD16D3D} - (no file) O2 - BHO: (no name) - {F4BDF1A3-C722-45CB-8C6E-CBD842DA458F} - (no file) O2 - BHO: (no name) - {F57C0A88-9EA8-499E-8DCB-127762044EC7} - (no file) O2 - BHO: (no name) - {F6242723-17D1-474E-B76F-F3111C0360DF} - (no file) O2 - BHO: (no name) - {FABEED76-B6BB-4827-84B8-23252CE96B6A} - (no file) O2 - BHO: (no name) - {FC293AB1-5ACB-4B92-BC35-CFEC3E87A700} - (no file) O2 - BHO: (no name) - {FE763449-2DB7-4CF2-8983-E61A867322BB} - (no file) O4 - HKLM\..\Run: [AtiPTA] C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [type32] "C:\Program\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130541720785 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: vtuts - C:\WINDOWS\system32\vtuts.dll O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\Delade filer\PCSuite\Services\ServiceLayer.exe [/log]
  10. Här är loggen efter ja böt namn på exe filen. Kom upp massor me nya grejjer. :| [log]Logfile of HijackThis v1.99.1 Scan saved at 14:08:05, on 11.9.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\AntiVir PersonalEdition Classic\sched.exe C:\Program\AntiVir PersonalEdition Classic\avguard.exe C:\Program\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE C:\Program\Java\jre1.5.0_06\bin\jusched.exe C:\Program\AntiVir PersonalEdition Classic\avgnt.exe C:\Program\MessengerPlus! 3\MsgPlus.exe C:\Program\Microsoft IntelliType Pro\type32.exe C:\Program\Logitech\MouseWare\system\em_exec.exe C:\Program\MSN Messenger\msnmsgr.exe C:\Program\Mozilla Firefox\firefox.exe C:\Program\Winamp\winamp.exe C:\Program\Hijackthis\rens.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: (no name) - {01C048D3-D786-4C45-88AD-84A0F484622F} - (no file) O2 - BHO: (no name) - {023B878C-996E-4B98-A490-8097C973FA02} - C:\WINDOWS\system32\vtuts.dll O2 - BHO: (no name) - {028C13FE-D709-49EB-B2D4-695BCC6168CF} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {092EE75F-5D94-44E4-946C-A1627F54FFA9} - (no file) O2 - BHO: (no name) - {0B892443-80E2-423A-831B-E4CF4B61CF5F} - (no file) O2 - BHO: (no name) - {0BA4E89B-26B4-4253-B1BC-7BC22F3A743C} - (no file) O2 - BHO: (no name) - {0C69286F-6F7A-4D6D-B168-83A5843DF52A} - (no file) O2 - BHO: (no name) - {12C8525B-C5EE-4E70-A3F2-6F3688BC1BFD} - (no file) O2 - BHO: (no name) - {13EAACBB-D359-4FB0-A877-53F621A51239} - (no file) O2 - BHO: (no name) - {14B2D663-957E-44C3-A7ED-4454320EB46F} - (no file) O2 - BHO: (no name) - {17981208-29A9-4CFB-9563-7C4C820AD606} - (no file) O2 - BHO: (no name) - {17998F81-B314-49ED-B519-E6BDCB60316C} - (no file) O2 - BHO: (no name) - {18007501-EBA5-46AF-8C82-5F4D33D29525} - (no file) O2 - BHO: (no name) - {1E781928-0B68-45A4-B170-D3E7695E4603} - (no file) O2 - BHO: (no name) - {23D6D4D5-094B-4AE6-B8DB-F90700AC45C8} - (no file) O2 - BHO: (no name) - {26765F18-2291-480E-862F-A61B71035639} - (no file) O2 - BHO: (no name) - {34BC5116-70FF-4333-9D0D-BBFD47F87C45} - (no file) O2 - BHO: (no name) - {36DC55E6-CA42-4216-991A-5A3F7B70C313} - (no file) O2 - BHO: (no name) - {3A1B1116-DD01-433E-A712-6BB2F920822A} - (no file) O2 - BHO: (no name) - {3A639DF3-FF61-43C6-9A8B-386642E9BE65} - (no file) O2 - BHO: (no name) - {3E4A99FD-F251-41F7-A170-875E842A14B0} - (no file) O2 - BHO: (no name) - {462FB66F-1CC8-4BDC-998C-2A696AA4BA5A} - (no file) O2 - BHO: (no name) - {4B6948C8-54F4-41AD-8455-525056E7175C} - (no file) O2 - BHO: (no name) - {4EC87D13-F891-4229-B5DF-4808DBC5880C} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {55819FC9-C4EE-4B55-82AC-86C6190C9DE9} - (no file) O2 - BHO: (no name) - {57026C9B-428B-4376-AADF-B68A85C2C3E2} - (no file) O2 - BHO: (no name) - {57DB274B-4411-40EC-89EC-65D2E60CF2F6} - (no file) O2 - BHO: (no name) - {58C48461-DE56-47E5-A80D-13BCCD400485} - (no file) O2 - BHO: (no name) - {59502477-F4D7-41F8-98D1-68581415EBA7} - (no file) O2 - BHO: (no name) - {65AD32C6-3D8F-4048-8D83-06D9A61554D1} - (no file) O2 - BHO: (no name) - {68C20EFE-8E73-46AB-9E61-757619660FED} - (no file) O2 - BHO: (no name) - {6BBD766F-8587-4041-ADE8-75649BEDBBC9} - (no file) O2 - BHO: (no name) - {718048A4-2F31-44FA-8F2C-D680B3CDDAF8} - (no file) O2 - BHO: (no name) - {749D6F03-B9B4-42FF-A7B3-A58C221DD724} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {77719AF2-FBF7-4DA2-B802-4319C8E814E2} - (no file) O2 - BHO: (no name) - {78DDA3F0-EE31-4EC4-BB9F-BFAD85BE6944} - (no file) O2 - BHO: (no name) - {7A11B1CE-02CF-4F92-9EFE-A50F04E3EF06} - (no file) O2 - BHO: (no name) - {7BC5A1C2-015C-46DE-BB55-B0177A857D58} - (no file) O2 - BHO: (no name) - {7E6F38AB-FE20-480A-A0AF-C1FBA77E1FD0} - (no file) O2 - BHO: (no name) - {807FD5DF-9EDD-4495-B7D0-884693D112F2} - (no file) O2 - BHO: (no name) - {8394B45E-3113-46C6-904A-5A5529618389} - (no file) O2 - BHO: (no name) - {83B61609-74E6-4B17-B029-1973D62E5F34} - (no file) O2 - BHO: (no name) - {83EDE814-8D24-4223-98B3-2D94F7BB4650} - (no file) O2 - BHO: (no name) - {8C6F75C8-14AA-4CC8-9B23-D47C1F880FEB} - (no file) O2 - BHO: (no name) - {91DD8E00-9705-4678-8BBF-32827CA23839} - (no file) O2 - BHO: (no name) - {94A3BDE8-8663-46BA-80E5-A8414CE13CB4} - (no file) O2 - BHO: (no name) - {9830149D-753E-4825-B605-6592ED85F541} - (no file) O2 - BHO: (no name) - {9AB50D67-9E30-43FF-A287-4BCBFE2295F2} - (no file) O2 - BHO: (no name) - {9B050BA9-3DFF-4254-BEA7-7F86A22CA681} - (no file) O2 - BHO: (no name) - {A0C86559-45A7-46BE-94B7-AE1408A4CDA0} - (no file) O2 - BHO: (no name) - {A1B44FD8-2204-48B5-AA55-36F9388BAEBC} - (no file) O2 - BHO: (no name) - {A70F39F8-77C0-4FBA-89F8-2BAD094617C1} - (no file) O2 - BHO: (no name) - {AF11A7E5-3887-4985-8A7D-2F3F6094D924} - (no file) O2 - BHO: (no name) - {B2EB7F9E-0362-48F1-883C-C93F021E4A15} - (no file) O2 - BHO: (no name) - {B847365E-AD7F-4437-A7B2-B53FE89F2A89} - (no file) O2 - BHO: (no name) - {BAF7DEFC-2D9F-4FF1-A327-E5EBBFEB5B31} - (no file) O2 - BHO: (no name) - {BFB7325C-0841-4182-BBAB-A1D4D14A1323} - (no file) O2 - BHO: (no name) - {C1E94AA6-4B3E-40C9-8ECD-87F8AB596DE4} - (no file) O2 - BHO: (no name) - {C323AF49-E6C5-4DBF-A1C9-2F61D0F19B83} - (no file) O2 - BHO: (no name) - {C57C1682-84B8-4E6C-AA4B-D6ACD5C0EEDE} - (no file) O2 - BHO: (no name) - {C595ED35-2C2C-47E5-82FD-EC656041176A} - (no file) O2 - BHO: (no name) - {C974E5AA-3252-4E8E-B6B0-AA9A5A20AFAB} - (no file) O2 - BHO: (no name) - {CAE8553F-D5C8-430B-94A1-9E432E4EA9EA} - (no file) O2 - BHO: (no name) - {CE85F8BD-C652-4CE3-B96A-1865EECB9594} - (no file) O2 - BHO: (no name) - {D4C26AD3-9144-4664-9BED-99456835DE7F} - (no file) O2 - BHO: (no name) - {D57C0E54-1AC8-4EA6-89DD-0D471615731B} - (no file) O2 - BHO: (no name) - {D96DB202-04AF-407F-8ABB-85DD5F374043} - (no file) O2 - BHO: (no name) - {D9B69CA9-2E3D-401C-928C-927A9F422B30} - (no file) O2 - BHO: (no name) - {DA195514-176B-4A6A-AFBA-3A86C5F88C19} - (no file) O2 - BHO: (no name) - {DA2231D4-ECA6-455F-8C1E-803DA24DCA78} - (no file) O2 - BHO: (no name) - {DA6D1C1F-21DB-40E7-B7AE-6983C39B5C63} - (no file) O2 - BHO: (no name) - {DDF1338A-AC8D-4B27-B1BE-5171266AFDAA} - (no file) O2 - BHO: (no name) - {DE75F105-4543-4B43-B781-4B0A1B9FD82F} - (no file) O2 - BHO: (no name) - {E09AC8E1-272E-41B0-9453-3AC7A085D597} - (no file) O2 - BHO: (no name) - {E828E375-561F-41F4-9EA7-43B6E335AC61} - (no file) O2 - BHO: (no name) - {EAB22268-A904-4610-8E3A-FBB98C1C1ACC} - (no file) O2 - BHO: (no name) - {EC8518BA-FEF2-4F19-BAE6-23884B0DE9AE} - (no file) O2 - BHO: (no name) - {EE8E6C0F-BBA3-47E4-8F9D-C91657CEE73B} - (no file) O2 - BHO: (no name) - {F0032AA3-62FA-4691-9225-F71F7CD16D3D} - (no file) O2 - BHO: (no name) - {F4BDF1A3-C722-45CB-8C6E-CBD842DA458F} - (no file) O2 - BHO: (no name) - {F57C0A88-9EA8-499E-8DCB-127762044EC7} - (no file) O2 - BHO: (no name) - {F6242723-17D1-474E-B76F-F3111C0360DF} - (no file) O2 - BHO: (no name) - {FABEED76-B6BB-4827-84B8-23252CE96B6A} - (no file) O2 - BHO: (no name) - {FC293AB1-5ACB-4B92-BC35-CFEC3E87A700} - (no file) O2 - BHO: (no name) - {FE763449-2DB7-4CF2-8983-E61A867322BB} - (no file) O4 - HKLM\..\Run: [AtiPTA] C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [type32] "C:\Program\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130541720785 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: vtuts - C:\WINDOWS\system32\vtuts.dll O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\Delade filer\PCSuite\Services\ServiceLayer.exe [/log]
  11. Har ingen aning om vad de 2 kan vara. Jag tror de e lika bra att bocka för dem.
  12. Körde Hijack, hitta några skumma grejjer men är inte riktigt säker...kan nån hjälpa? [log] C:\Program\Winamp\winamp.exe C:\Program\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\rsvp.exe C:\Program\mIRC\mirc.exe C:\zMUD\Zmud.exe C:\PROGRAM\MOZILL~1\THUNDE~1.EXE C:\PROGRAM\WINZIP\winzip32.exe C:\Documents and Settings\Frej Eriksson\Lokala inställningar\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O4 - HKLM\..\Run: [AtiPTA] C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBLive\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [type32] "C:\Program\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O15 - Trusted Zone: http://locator.cdn.imageservr.com O15 - Trusted Zone: http://locator1.cdn.imageservr.com O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130541720785 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall_se.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\Delade filer\PCSuite\Services\ServiceLayer.exe [/log]
  13. Har ett 5.1 ljudkort och ett 5.1 högtalar system, men inhandlade ett headset idag (inte USB) och ja undrar vilka alternativ ja har för att ha både högtalarna och hörlurarna kopplade samtidigt utan att behöva krypa under bordet och koppla och ha sig.
×
×
  • Skapa nytt...