Just nu i M3-nätverket
Gå till innehåll

Mamsell

Medlem
  • Antal inlägg

    14
  • Gick med

  • Senaste besök

Om Mamsell

  • Medlemstitel
    Användare
  • Födelsedag 1965-03-06

Kontaktinformation

  • Hemsida
    http://

Profil

  • Ort
    Uppsala
  1. Utfört! Tack åter igen - jag ska ge dig så många poäng jag bara kan. Du är en klippa =) mvh Lotta
  2. [log] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:16:16, on 2008-08-20 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program\DELADE~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program\Java\jre1.6.0_07\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe C:\Program\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Messenger\msmsgs.exe C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program\WinZip\WZQKPICK.EXE C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program\Canon\CAL\CALMAIN.exe C:\Program\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Lotta Larsson\Skrivbord\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: adzgalore - {380345f9-c36e-1d06-f4dd-430ea2ed128c} - C:\WINDOWS\system32\nse18D.dll (file missing) O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\DELADE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O4 - HKLM\..\Run: [XTNDConnect PC - ErPhn2] C:\Program\DELADE~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton 360\osCheck.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.spray.se/app/uploader/FileUploader.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\pctsSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program\DELADE~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 8430 bytes [/log]
  3. Hej här kommer en ny loggfil efter att jag tagit bort C:\WINDOWS\system32\g16.exe. C:\WINDOWS\system32\nse18D.dll gick inte att ta bort. När jag står i denna mapp ser den ut att vara helt tom. C:\WINDOWS\TG90dGEgTGFyc3Nvbg Mvh Lotta [log] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:17:35, on 2008-08-20 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program\DELADE~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe C:\Program\Java\jre1.6.0_07\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe C:\Program\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program\WinZip\WZQKPICK.EXE C:\Program\Canon\CAL\CALMAIN.exe C:\Program\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program\Ericsson\COMMUN~1\MOBILE~1\DbgOut.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program\DELADE~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe C:\Program\Messenger\msmsgs.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program\Windows Live\Mail\wlmail.exe C:\Documents and Settings\Lotta Larsson\Skrivbord\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: adzgalore - {380345f9-c36e-1d06-f4dd-430ea2ed128c} - C:\WINDOWS\system32\nse18D.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\DELADE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O4 - HKLM\..\Run: [XTNDConnect PC - ErPhn2] C:\Program\DELADE~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton 360\osCheck.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-220523388-152049171-1202660629-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administratör') O4 - HKUS\S-1-5-21-220523388-152049171-1202660629-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Gäst') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.spray.se/app/uploader/FileUploader.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\pctsSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program\DELADE~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 8796 bytes [/log]
  4. Godmorgon! Popupen var igång igen på morgonen. //Lotta
  5. Här är länkarna //Lotta http://skickafilen.se/download.jsp?fileid=gancRkAGD7Yd8avwb2WQ http://skickafilen.se/download.jsp?fileid=iANcdjTdbhDQizivdaCE
  6. Ja jag håller med, natti natti och tack för idag. //Lotta
  7. Jaha ja jag trodde allt var klart :-) Här kommer g16.exe [log] File size: 152243 bytes MD5...: 557847c8164b57a650b96ba161465a0f SHA1..: 9955b6515dba4ad94246034a0d1d6277b7b9294d SHA256: 9fc7decad6e55beca697f867961f9de7b87c7aeda0b0ced2acd608f2a206d6fb SHA512: d690ffb629dd16b2973155276e8108caf3009be29dafa573c001fb0a6cee8318 0b04afc1f1f2389ca440e844731cd9606bd25936e607197e443d4e738172fd08 PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x403225 timedatestamp.....: 0x481c71ea (Sat May 03 14:08:42 2008) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5934 0x5a00 6.46 663546ac41801daf2dc51f560ec05a56 .rdata 0x7000 0x1190 0x1200 5.18 db16645055619c0cc73276ff5c3adb75 .data 0x9000 0x1af98 0x400 4.70 f0511f18783910813a0de0de02bc1206 .ndata 0x24000 0xc000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0x30000 0x6c8 0x800 2.91 45197172dd9457c3c73ddd577483e4cd ( 8 imports ) > KERNEL32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetTickCount, CreateFileA, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, GetVersion, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA > USER32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, DestroyWindow, CreateDialogParamA, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow > GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject > SHELL32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation > ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA > COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create > ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance > VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA ( 0 exports ) [/log] [log] File size: 313856 bytes MD5...: 2575e43790a5375ce1bd5cb6c480ad10 SHA1..: 48eef46a67c6817c878f8641948270e21854cd8c SHA256: 99587dde640b1fe2e9ab8ee4e307e05bf46d081e6ad6bd47c8253dd4a8d2ac58 SHA512: f9c77f33607e48433bb0ade0b15e3eef55e17eeb68cf79cc051af8404682e9fb 08947a3f4474c40ff807f6ff0cab02b2b45a9340390626381a2a6697824f333d PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1001ec7f timedatestamp.....: 0x487cc710 (Tue Jul 15 15:49:36 2008) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x3673f 0x36800 6.68 d2e692c3ddf3afe1578cc1bc6dc4c136 .rdata 0x38000 0xf9ba 0xfa00 5.62 0f28d909862daefa2d593ed89d934b3a .data 0x48000 0x3e78 0x1c00 4.13 e1e1d65f544a541589a5e08fea8ac14c .rsrc 0x4c000 0x4a0 0x600 4.52 02c1b5591bc0be70f5941eeca02f9816 .reloc 0x4d000 0x407c 0x4200 5.21 ff94be3a5e5e21798f66db8d411cbee0 ( 14 imports ) > SHLWAPI.dll: UrlUnescapeW, StrCmpIW, UrlEscapeW, UrlGetPartW, StrStrIW, PathMatchSpecW > KERNEL32.dll: GetTimeZoneInformation, SetStdHandle, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, GetStdHandle, SetHandleCount, HeapReAlloc, VirtualAlloc, VirtualFree, HeapDestroy, HeapCreate, ExitProcess, HeapSize, InitializeCriticalSectionAndSpinCount, GetStringTypeW, GetStringTypeA, GetLocaleInfoA, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, GetModuleHandleW, HeapAlloc, GetCPInfo, LCMapStringW, LCMapStringA, GetCurrentDirectoryA, SetFilePointer, GetDateFormatA, GetTimeFormatA, FlushFileBuffers, GetConsoleMode, GetConsoleCP, ReadFile, IsValidCodePage, GetOEMCP, GetACP, GetCurrentProcessId, SetEndOfFile, GetLastError, GetFullPathNameW, GetTempFileNameW, GetFileSize, GetModuleHandleA, UnmapViewOfFile, VirtualQuery, CreateFileW, LocalAlloc, CreateFileMappingW, CloseHandle, LocalFree, WaitForSingleObject, TerminateThread, Sleep, SetThreadPriority, GetExitCodeThread, FreeLibrary, WriteFile, GetProcAddress, LoadLibraryA, DeleteFileW, WideCharToMultiByte, lstrlenW, SetLastError, GetTempPathW, GetSystemInfo, GetWindowsDirectoryW, GetVolumeInformationW, CreateMutexW, CreateProcessW, GetTickCount, ReleaseMutex, GetSystemTime, MoveFileExW, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, RtlUnwind, GetProcessHeap, GetDriveTypeA, CompareStringA, CompareStringW, GetModuleFileNameW, MultiByteToWideChar, lstrcmpW, DeleteCriticalSection, InitializeCriticalSection, RaiseException, FindFirstFileW, FreeEnvironmentStringsA, GetDriveTypeW, FileTimeToLocalFileTime, MapViewOfFile, CreateFileA, LoadLibraryW, LeaveCriticalSection, EnterCriticalSection, InterlockedDecrement, InterlockedIncrement, GetFileType, GetStartupInfoA, QueryPerformanceCounter, SetEnvironmentVariableA, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapFree, GetCurrentThreadId, GetCommandLineA, GetSystemTimeAsFileTime, ExitThread, CreateThread, FindClose, FileTimeToSystemTime, GetModuleFileNameA > USER32.dll: wsprintfW, EnumChildWindows, RealGetWindowClassW, GetWindowTextW, SendMessageW, SetWindowLongW, CallWindowProcW, GetWindowLongW, SetWindowTextW, SetWindowPos > ole32.dll: CoCreateInstance, CoUninitialize, CoTaskMemFree, CoInitialize > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, - > WS2_32.dll: - > VERSION.dll: GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW > RPCRT4.dll: UuidToStringW, RpcStringFreeW > urlmon.dll: UrlMkGetSessionOption > WININET.dll: InternetSetOptionW, InternetOpenW, InternetQueryOptionW, InternetCrackUrlW, InternetReadFile, HttpSendRequestW, InternetConnectW, HttpQueryInfoW, InternetCloseHandle, HttpOpenRequestW > imagehlp.dll: UnMapAndLoad, MapAndLoad > ADVAPI32.dll: CryptGetHashParam, CryptDestroyHash, CryptDecrypt, CryptDestroyKey, CryptCreateHash, CryptEncrypt, CryptDeriveKey, RegSetValueExW, RegDeleteValueW, RegDeleteKeyW, RegQueryValueExW, RegCreateKeyW, RegCloseKey, CryptGenRandom, CryptReleaseContext, CryptAcquireContextW, CryptHashData > SHELL32.dll: SHCreateDirectoryExW > DNSAPI.dll: DnsFree ( 4 exports ) DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer [/log] //Lotta
  8. Jag tror du har fixat till det åt mig peppar peppar men inga popup fönster i sikte än så länge.... Jag säger bara en sak .... TACK, Tack så hemskt mycket för hjälpen! //Lotta
  9. Hej igen Jag körde först i felsäkert läge men datan startade om sig och då startade norton och en massa annat så det hängde sig så klart. Körde om igen utan nätverk och enablade norton så här kommer loggen. //Lotta [log] ComboFix 08-08-17.05 - Lotta Larsson 2008-08-18 21:26:07.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.408 [GMT 2:00] Running from: C:\Documents and Settings\Lotta Larsson\Skrivbord\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Documents and Settings\Gäst\Cookies\gäst@tryggpcverktyg[1].txt C:\Documents and Settings\Gäst\Lokala inställningar\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML C:\Documents and Settings\Lotta Larsson\Cookies\lotta larsson@CA1CH0E5.txt C:\Documents and Settings\Lotta Larsson\Cookies\lotta_larsson@ad.yieldmanager[2].txt C:\Documents and Settings\Lotta Larsson\Cookies\lotta_larsson@adtrgt[2].txt C:\Documents and Settings\Lotta Larsson\Cookies\lotta_larsson@se.advancedcleaner[2].txt C:\Documents and Settings\Lotta Larsson\Cookies\lotta_larsson@tryggpcverktyg[2].txt C:\Documents and Settings\Lotta Larsson\Cookies\lotta_larsson@virusvakt[1].txt C:\Documents and Settings\Lotta Larsson\Cookies\lotta_larsson@virusvakt[2].txt C:\Documents and Settings\Lotta Larsson\Cookies\lotta_larsson@www.cmpd-se[2].txt C:\Documents and Settings\Lotta Larsson\Cookies\system@virusvakt[1].txt C:\Documents and Settings\Lotta Larsson\UserData C:\Documents and Settings\Lotta Larsson\UserData\index.dat C:\Documents and Settings\Lotta Larsson\UserData\TCQ8OUMC\userDataXmlIsland[1].xml C:\Documents and Settings\Lotta Larsson\UserData\WJQVSSXL\oWindowsUpdate[1].xml C:\Program\mjc C:\Temp\1cb C:\Temp\1cb\syscheck.log C:\WINDOWS\BM937adf79.txt C:\WINDOWS\BM937adf79.xml C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\browse.dll C:\WINDOWS\system32\ccfadeddb8_z.dll C:\WINDOWS\system32\euvtfrek.ini C:\WINDOWS\system32\gkkevjvn.ini C:\WINDOWS\system32\hnkegwmh.dll C:\WINDOWS\system32\iqwqtmhb.dll C:\WINDOWS\system32\kerftvue.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mjwtaebo.dll C:\WINDOWS\system32\MSINET.oca C:\WINDOWS\system32\pac.txt C:\WINDOWS\system32\rhknffsw.dll C:\WINDOWS\system32\SrrBcfii.ini C:\WINDOWS\system32\SrrBcfii.ini2 C:\WINDOWS\system32\UtuvvGgh.ini C:\WINDOWS\system32\UtuvvGgh.ini2 C:\WINDOWS\system32\wsffnkhr.ini C:\WINDOWS\system32\xnvapy.dll C:\WINDOWS\system32\xuheumic.dll . ((((((((((((((((((((((((( Files Created from 2008-07-18 to 2008-08-18 ))))))))))))))))))))))))))))))) . 2008-08-18 20:01 . 2008-08-18 20:07 <KAT> d-------- C:\Program\Spyware Doctor 2008-08-18 20:01 . 2008-08-18 20:01 <KAT> d-------- C:\Documents and Settings\Lotta Larsson\Application Data\PC Tools 2008-08-18 20:01 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-08-18 20:01 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-08-18 20:01 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-08-18 20:01 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-08-15 18:35 . 2008-08-18 21:19 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-08-15 18:35 . 2008-08-15 18:35 1,409 --a------ C:\WINDOWS\QTFont.for 2008-08-14 20:14 . 2008-08-14 20:14 <KAT> d-------- C:\Program\Windows Sidebar 2008-08-14 20:12 . 2008-08-15 05:18 <KAT> d-------- C:\Program\Norton 360 2008-08-14 19:55 . 2008-08-14 21:08 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-08-14 19:55 . 2008-08-14 21:08 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2008-08-14 19:55 . 2008-08-14 21:08 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-08-14 19:55 . 2008-08-14 21:08 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-08-07 19:00 . 2008-08-07 19:02 <KAT> d-------- C:\WINDOWS\nview 2008-08-07 19:00 . 2005-08-25 11:18 176,128 --a------ C:\WINDOWS\system32\nvudisp.exe 2008-08-07 19:00 . 2008-08-18 21:19 29,204 --a------ C:\WINDOWS\system32\nvapps.xml 2008-08-07 19:00 . 2005-08-25 11:18 14,757 --a------ C:\WINDOWS\system32\nvdisp.nvu 2008-08-07 18:59 . 2008-08-07 18:59 <KAT> d-------- C:\NVIDIA 2008-08-07 18:13 . 2008-08-07 19:08 <KAT> d-------- C:\Program\TicketToRide 2008-07-21 10:16 . 2008-07-21 10:16 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-07-20 20:23 . 2008-07-21 08:44 2,368 --a------ C:\WINDOWS\system32\tmp.reg 2008-07-20 19:00 . 2008-07-20 19:00 <KAT> d-------- C:\fsaua.data 2008-07-20 13:08 . 2008-07-20 21:06 <KAT> d-------- C:\Program\Enigma Software Group 2008-07-20 12:35 . 2008-07-20 12:35 23 --a------ C:\WINDOWS\system32\fdcaaecce3_z.ocx 2008-07-20 01:40 . 2008-07-20 01:40 1,924 --a------ C:\WINDOWS\system32\fcasino.ico 2008-07-19 18:51 . 2008-07-20 18:25 <KAT> d--hs---- C:\WINDOWS\TG90dGEgTGFyc3Nvbg 2008-07-19 18:51 . 2008-07-20 11:43 <KAT> d-------- C:\WINDOWS\system32\wnet 2008-07-19 18:51 . 2008-07-20 18:25 <KAT> d-------- C:\WINDOWS\system32\vdf1 2008-07-19 18:51 . 2008-07-19 18:51 <KAT> d-------- C:\WINDOWS\system32\confg 2008-07-19 18:51 . 2008-07-19 18:51 <KAT> d-------- C:\WINDOWS\system32\carH18 2008-07-19 18:51 . 2008-07-19 18:51 <KAT> d-------- C:\Temp\btxv15 2008-07-19 18:51 . 2008-07-19 18:51 152,243 --a------ C:\WINDOWS\system32\g16.exe 2008-07-19 18:50 . 2008-07-19 18:50 77 --a------ C:\Documents and Settings\Lotta Larsson\8867.bat 2008-07-19 12:20 . 2008-07-24 07:06 <KAT> d-------- C:\Program\BVS Solitaire Collection 2008-07-19 12:20 . 2008-07-23 04:46 <KAT> d-------- C:\Documents and Settings\Lotta Larsson\Application Data\BVS Solitaire Collection . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-18 19:24 --------- d-----w C:\Program\Delade filer\Symantec Shared 2008-08-18 18:50 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-15 15:38 --------- d-----w C:\Program\SUPERAntiSpyware 2008-08-15 15:38 --------- d-----w C:\Documents and Settings\Lotta Larsson\Application Data\SUPERAntiSpyware.com 2008-08-14 19:18 --------- d-----w C:\Documents and Settings\Lotta Larsson\Application Data\Symantec 2008-08-14 19:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-08-14 19:08 --------- d-----w C:\Program\Symantec 2008-08-11 16:30 --------- d-----w C:\Documents and Settings\Lotta Larsson\Application Data\AdobeUM 2008-08-07 04:00 --------- d-----w C:\Program\XoftSpySE 2008-07-30 15:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys 2008-07-30 15:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf 2008-07-30 15:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat 2008-07-28 10:41 --------- d-----w C:\Program\Java 2008-07-20 19:05 --------- d-----w C:\Program\Paltalk Messenger 2008-07-20 19:05 --------- d-----w C:\Documents and Settings\Lotta Larsson\Application Data\Paltalk 2008-07-20 19:04 --------- d--h--w C:\Program\InstallShield Installation Information 2008-07-20 19:04 --------- d-----w C:\Program\MansionPoker 2008-07-20 19:04 --------- d-----w C:\Program\iPod 2008-07-20 10:55 --------- d-----w C:\Program\Winamp 2008-07-17 04:29 --------- d-----w C:\Documents and Settings\Lotta Larsson\Application Data\Apple Computer 2008-07-15 15:49 313,856 ----a-w C:\WINDOWS\system32\nse18D.dll 2008-07-13 20:00 --------- d-----w C:\Documents and Settings\Lotta Larsson\Application Data\U3 2008-06-20 17:42 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-13 12:45 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll 2008-06-13 12:45 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll . ------- Sigcheck ------- 2004-08-04 01:34 14336 22d8a75754b7b9ecc4753e3c09a56b18 C:\WINDOWS\system32\svchost.exe 2004-08-04 01:34 14336 22d8a75754b7b9ecc4753e3c09a56b18 C:\WINDOWS\system32\dllcache\svchost.exe 2005-03-02 20:21 577024 9e1d00980a3049018ca4f88a393039df C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll 2007-03-08 17:51 578048 3e8b53e05155bcd52ca2d38d1f222dc0 C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll 2004-08-04 01:34 577024 3e9523a6915656f639a49ebf8453ca00 C:\WINDOWS\$NtUninstallKB890859$\user32.dll 2005-03-02 20:19 577024 90e96b3930709ed71ffed80fe122dd39 C:\WINDOWS\$NtUninstallKB925902$\user32.dll 2007-03-08 17:39 577536 5f35963477143b0aa1527af61b8bab09 C:\WINDOWS\system32\user32.dll 2007-03-08 17:39 577536 5f35963477143b0aa1527af61b8bab09 C:\WINDOWS\system32\dllcache\user32.dll 2004-08-04 01:34 82944 cd46885df74086059a723209990298a9 C:\WINDOWS\system32\ws2_32.dll 2004-08-04 01:34 82944 cd46885df74086059a723209990298a9 C:\WINDOWS\system32\dllcache\ws2_32.dll 2004-08-04 01:34 502272 3e080d3d4f81b0638766ccc4d7707d10 C:\WINDOWS\system32\winlogon.exe 2004-08-04 01:34 502272 3e080d3d4f81b0638766ccc4d7707d10 C:\WINDOWS\system32\dllcache\winlogon.exe 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2005-03-02 20:14 2057728 31d7044bcd9abebc6082e5acad95adbb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe 2006-12-19 20:47 2060160 629b04aa1544239f6a40f07658f858ea C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe 2007-02-28 18:09 2060160 80691b07cac39b56dfb2df5abe78f18e C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe 2004-08-04 01:46 2057600 acf426ac8f877ff7662c88338638f47f C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe 2005-03-02 20:09 2057600 659d508859419cd1c5000e82337be48e C:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe 2006-12-19 20:25 2058368 43ccaaaa3943caa583f67a3bff56e1f6 C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe 2007-02-28 18:05 2058368 4fefd3871a8fc2b3b1ca780abaaa9dc3 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe 2007-02-28 18:05 2058368 4fefd3871a8fc2b3b1ca780abaaa9dc3 C:\WINDOWS\system32\ntkrnlpa.exe 2007-02-28 18:05 2058368 4fefd3871a8fc2b3b1ca780abaaa9dc3 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2005-03-02 20:15 2180352 ef7e05a2969b095c210b8ff6d429b640 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe 2006-12-19 20:47 2182784 2e12ae64594fb5ebdd5ab63403ce2f62 C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe 2007-02-28 18:09 2182912 7bd1227fc18fadaf2433e72a20f65536 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe 2004-08-04 01:25 2181760 99944110c274a14262976c73b7cde99b C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe 2005-03-02 20:09 2180096 211d0450e481e05bf8ed3c74e84ffaf1 C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe 2006-12-19 20:25 2181120 9d60a3b2b71fdabe2f639eed64f56fd2 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe 2007-02-28 18:05 2181120 34f0c0b294efc4b1cda85631841a2582 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe 2007-02-28 18:05 2181120 34f0c0b294efc4b1cda85631841a2582 C:\WINDOWS\system32\ntoskrnl.exe 2007-02-28 18:05 2181120 34f0c0b294efc4b1cda85631841a2582 C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2007-06-13 15:23 1033728 96d1dde74e550113d2fcb97c8a4c43cb C:\WINDOWS\explorer.exe 2007-06-13 15:12 1033728 75cf621935a2138bb0dd354bb72548fc C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-04 01:34 1032704 87a3c8ead27cf3591713d629d8bcb990 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 2007-06-13 15:23 1033728 96d1dde74e550113d2fcb97c8a4c43cb C:\WINDOWS\system32\dllcache\explorer.exe 2004-08-04 01:34 108032 0df00535e2f5aefaead3a800f75137af C:\WINDOWS\system32\services.exe 2004-08-04 01:34 108032 0df00535e2f5aefaead3a800f75137af C:\WINDOWS\system32\dllcache\services.exe 2004-08-04 01:34 13312 ba428312d9a0726e4c07c2037e882520 C:\WINDOWS\system32\lsass.exe 2004-08-04 01:34 13312 ba428312d9a0726e4c07c2037e882520 C:\WINDOWS\system32\dllcache\lsass.exe 2004-08-04 01:34 15360 febe82a289a6645e26b27f3a0a4d2b84 C:\WINDOWS\system32\ctfmon.exe 2004-08-04 01:34 15360 febe82a289a6645e26b27f3a0a4d2b84 C:\WINDOWS\system32\dllcache\ctfmon.exe 2005-06-11 02:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe 2004-08-04 01:34 57856 5770628bc7a7a3e49e7d4426ee60bee6 C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe 2005-06-11 01:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\system32\spoolsv.exe 2005-06-11 01:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\system32\dllcache\spoolsv.exe 2004-08-04 01:34 24576 452202227d7a5020d058d49106c0b872 C:\WINDOWS\system32\userinit.exe 2004-08-04 01:34 24576 452202227d7a5020d058d49106c0b872 C:\WINDOWS\system32\dllcache\userinit.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{380345f9-c36e-1d06-f4dd-430ea2ed128c}] 2008-07-15 17:49 313856 --a------ C:\WINDOWS\system32\nse18D.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded] @="{4433A54A-1AC8-432F-90FC-85F045CF383C}" [HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}] 2008-02-26 10:34 576352 --a------ C:\Program\Delade filer\Symantec Shared\Backup\buShell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending] @="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}" [HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}] 2008-02-26 10:34 576352 --a------ C:\Program\Delade filer\Symantec Shared\Backup\buShell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected] @="{476D0EA3-80F9-48B5-B70B-05E677C9C148}" [HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}] 2008-02-26 10:34 576352 --a------ C:\Program\Delade filer\Symantec Shared\Backup\buShell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:35 5724184] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:34 15360] "updateMgr"="C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "XTNDConnect PC - ErPhn2"="C:\Program\DELADE~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe" [2002-01-04 18:00 53248] "Adobe Photo Downloader"="C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 00:46 57344] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-25 11:18 7110656] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-08-25 11:18 86016] "ccApp"="C:\Program\Delade filer\Symantec Shared\ccApp.exe" [2008-02-18 21:37 51048] "osCheck"="C:\Program\Norton 360\osCheck.exe" [2008-02-26 16:50 988512] "nwiz"="nwiz.exe" [2005-08-25 11:18 1519616 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:34 15360] C:\Documents and Settings\All Users\Start-meny\Program\AutostartAdobe Reader Speed Launch.lnk - C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] WinZip Quick Pick.lnk - C:\Program\WinZip\WZQKPICK.EXE [2006-12-14 21:13:32 118784] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"= "C:\\WINDOWS\\system32\\rtcshare.exe"= "C:\\Program\\NetMeeting\\conf.exe"= "C:\\StubInstaller.exe"= "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program\\iTunes\\iTunes.exe"= "C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program\\Winamp Remote\\bin\\Orb.exe"= "C:\\Program\\Winamp Remote\\bin\\OrbTray.exe"= "C:\\Program\\Winamp Remote\\bin\\OrbStreamerClient.exe"= R1 lusbaudio;Logitech USB-mikrofon;C:\WINDOWS\system32\drivers\OVSound2.sys [2001-08-18 00:05] R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe [2008-02-18 21:37] R3 ELNK3;3Com EtherLink III;C:\WINDOWS\system32\DRIVERS\elnk3.sys [2001-08-17 22:10] R3 QCEmerald;Logitech QuickCam Web;C:\WINDOWS\system32\DRIVERS\OVCE.sys [2001-08-18 00:05] R3 usb2vcom;USB Data Cable;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2005-12-21 05:32] S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 17:42] S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;C:\DOCUME~1\LOTTAL~1\LOKALA~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [] *Newly Created Service* - COMHOST *Newly Created Service* - PROCEXP90 . Contents of the 'Scheduled Tasks' folder 2008-08-18 C:\WINDOWS\Tasks\XoftSpySE 2.job - C:\Program\XoftSpySE\XoftSpy.exe [2007-09-15 09:26] 2008-08-15 C:\WINDOWS\Tasks\XoftSpySE.job - C:\Program\XoftSpySE\XoftSpy.exe [2007-09-15 09:26] . - - - - ORPHANS REMOVED - - - - BHO-{398D2F42-62C5-4512-996A-C805041BAB14} - C:\WINDOWS\system32\hgGvvutU.dll BHO-{B0182E8E-DC13-4086-A644-E759C9DC61EA} - C:\WINDOWS\system32\iifcBrrS.dll HKLM-Run-9049ece5 - C:\WINDOWS\system32\kerftvue.dll HKLM-Run-BM937adf79 - C:\WINDOWS\system32\vyihlars.dll Notify-ssqQjKaW - ssqQjKaW.dll . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www.msn.com R0 -: HKLM-Main,Start Page = hxxp://www.msn.com O8 -: E&xportera till Microsoft Excel - C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 -: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe O16 -: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f012.mail.spray.se/app/uploader/FileUploader.cab C:\WINDOWS\Downloaded Program Files\FileUploader.inf C:\WINDOWS\Downloaded Program Files\FileUploader.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-18 21:30:43 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . Completion time: 2008-08-18 21:34:53 ComboFix-quarantined-files.txt 2008-08-18 19:33:42 Pre-Run: 6,105,796,608 byte ledigt Post-Run: 6,096,863,232 byte ledigt 283 --- E O F --- 2008-07-26 21:34:12 [/log]
  10. Jag startar om i felsäkert läge utan nätverk och återkommer med logg snart.. tack //Lotta
  11. PPS jag laddade ner PCTOLLS spyware Doctor och det var ju en massa "sk-t" den hittade men sen måste man ju registrera programmet - där sprack det *ler* //Lotta
  12. Hej Tack för ert svar här kommer en loggfil //Lotta Ps nej jag har ingen fräsch återställningspunkt [log] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:46:06, on 2008-08-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program\Spyware Doctor\pctsAuxs.exe C:\Program\Spyware Doctor\pctsSvc.exe C:\Program\DELADE~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program\Java\jre1.6.0_07\bin\jusched.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\system32\rundll32.exe C:\Program\Spyware Doctor\pctsTray.exe C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe C:\Program\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program\Canon\CAL\CALMAIN.exe C:\Program\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program\Windows Live\Mail\wlmail.exe C:\Documents and Settings\Lotta Larsson\Lokala inställningar\Temporary Internet Files\Content.IE5\78Z51568\HiJackThis[1].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: adzgalore - {380345f9-c36e-1d06-f4dd-430ea2ed128c} - C:\WINDOWS\system32\nse18D.dll O2 - BHO: (no name) - {398D2F42-62C5-4512-996A-C805041BAB14} - C:\WINDOWS\system32\hgGvvutU.dll (file missing) O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\DELADE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {B0182E8E-DC13-4086-A644-E759C9DC61EA} - C:\WINDOWS\system32\iifcBrrS.dll (file missing) O2 - BHO: (no name) - {BE57FEE9-C3D5-4969-A945-13C274D2DF4D} - C:\WINDOWS\system32\browse.dll O2 - BHO: {964c0a6a-efce-894b-c404-3e534a235acc} - {cca532a4-35e3-404c-b498-ecfea6a0c469} - C:\WINDOWS\system32\xnvapy.dll O2 - BHO: (no name) - {DB036A52-3A88-466B-BD39-05A6D9D9B18A} - C:\WINDOWS\system32\ssqQjKaW.dll (file missing) O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O4 - HKLM\..\Run: [XTNDConnect PC - ErPhn2] C:\Program\DELADE~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [9049ece5] rundll32.exe "C:\WINDOWS\system32\kerftvue.dll",b O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [bM937adf79] Rundll32.exe "C:\WINDOWS\system32\vyihlars.dll",s O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton 360\osCheck.exe" O4 - HKLM\..\Run: [iSTray] "C:\Program\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program\Paltalk Messenger\Paltalk.exe (file missing) O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.spray.se/app/uploader/FileUploader.cab O20 - Winlogon Notify: ssqQjKaW - ssqQjKaW.dll (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\pctsSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program\DELADE~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 9479 bytes [/log]
  13. Hej Finns det någon hygglig själ som vill och kan hjälpa mig. Jag har fått in nåt program som tar över explorer när jag surfar, det går sååå lååångsamt och många popup fönster kommer upp. Jag har provat oräkneliga spyware och virusprogram helt utan resultat. läste på nån sajt att dessa program inte är "virus" utan just program så ativirusprogram och spywareprogram tror att det är ett "snällt" program och låter det vara Nu är jag gruvligt trött på problemet att jag ibland har lust att kasta ut datan...men vad hjälper det =) Nere i högra aktivitetsfältet kommer en ikon upp "system message" och klickar man där så börjar sidorna poppa up. Helst skulle jag vilja slippa formatera HD och installera OS på nytt men är det det ända som hjälper tro? Stor förhoppning att det finns någon som kan hjälpa mig. Tack på förhand //Lotta
  14. Jag håller på att bli snurrig på messenger. Var 5:e min loggas jag ut och loggas in igen efter 1 min kanske. VARFÖR jag surfar samtidigt på nätet så uppkopplad är jag hela tiden. Suck, snälla kom med något bra tips så är ni gulliga. Vilket hattande :-) [inlägget ändrat 2005-09-08 11:40:10 av Mamsell]
×
×
  • Skapa nytt...