Just nu i M3-nätverket
Gå till innehåll

viggo_v

Medlem
  • Antal inlägg

    25
  • Gick med

  • Senaste besök

Allt postat av viggo_v

  1. Hej! Jag undrar om någon kan hjälpa mig att tyda denna info jag fått fram av två proram för att kolla temperaturen i min dator. Har nyligen bytt kylpasta utan något positivt resultat och undrar vad det kan va för problem som gör att datorn blir så varm. Min dator: Operating System: Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_ldr.160408-2045)Language: Swedish (Regional Setting: Swedish) System Manufacturer: SAMSUNG ELECTRONICS CO., LTD. System Model: 700Z3A/700Z4A/700Z5A/700Z5B BIOS: Phoenix SecureCore-Tiano NB Version 2.1 15FD Processor: Intel® Core i5-2450M CPU @ 2.50GHz (4 CPUs), ~2.5GHz Memory: 6144MB RAM Available OS Memory: 6058MB RAM Page File: 2839MB used, 9274MB available Windows Dir: C:\Windows DirectX Version: DirectX 11 DX Setup Parameters: Not found User DPI Setting: Using System DPI System DPI Setting: 96 DPI (100 percent) DWM DPI Scaling: Disabled DxDiag Version: 6.01.7601.17514 32bit Unicode ------ Card name: Intel® HD Graphics Family Manufacturer: Advanced Micro Devices, Inc. Chip type: Intel® HD Graphics Family DAC type: Internal Device Key: Enum\PCI\VEN_8086&DEV_0126&SUBSYS_C0B3144D&REV_09 Display Memory: 3843 MB Dedicated Memory: 1070 MB Shared Memory: 2772 MB Current Mode: 1600 x 900 (32 bit) (60Hz) Monitor Name: Generic PnP Monitor Monitor Model: unknown Monitor Id: SECFFFF Native Mode: 1600 x 900(p) (60.115Hz) Output Type: Internal Driver Name: igdumd64.dll,igd10umd64.dll,igd10umd64.dll,igdumdx32,igd10umd32,igd10umd32 Driver File Version: 8.15.0010.2622 (English) Driver Version: 8.951.9.3000 DDI Version: 11 Driver Model: WDDM 1.1 Driver Attributes: Final Retail Driver Date/Size: 4/24/2016 21:04:47, 8313856 bytes
  2. Hej! Jag har satt in en ny ssd från samsung i min samsung laptop som köppts med windows förinstallerat. Jag har nu försökt installera en ren windows 7 från en usb. Efter att windows har "installerats" och datorn automatiskt startas om för att fortsätta installationen stannar datorn vid en svart skärm. Det är som att datorn försöker starta om och om igen. Jag har testat alla boot ordningar men det verkar ganska kört. Hoppas att någon har tid och förslag på en lösning, det hade vart till stor hjälp! Mvh, Victor
  3. Hej! Det låter toppen, men hur gör jag med den systemavbild som nu ligger på den ny SSD:n. Går det bara att slänga det i papperskorgen? Mvh, Victor
  4. Hej och tack för tipset! Jag har allt detta så det ska nog funka. Nu undrar jag bara hur jag blir av med min systemavbild som ligger på den nya ssd:n? Mvh, Victor
  5. Tack för ditt svar, jag har fått flera förslag på detta så det ska jag testa. Men vet du om jag bör radera den avbildning som nu ligger på disken på något speciellt sett? Mvh, Victor
  6. Hej, det följde med ett program som heter Samsung Magician men jag vet inte vad jag ska ha det till. Mvh, Victor
  7. Tack för ditt svar, men innan jag gör detta kan jag bara ta bort det som nu ligger på SSD disken genom att slänga det på vanligt sett. Mvh, Victor
  8. Hej! Jag har försökt få över mitt Windows 7 till min nya SDD hårddisk genom att förs skapa en systemavbild på den och detta genom Windows egna verktyg. Men när jag bytt ut hårddisken kan jag inte starta upp Windows även om jag ändrat så att datorn bootar från den nya disken. Jag har en bärbar Samsung serie 7, 14 tum och Windows installationsprogram finns på datorn och någon ny start version, iso har jag inte kunnat skapa då min produkt nyckeln inte går att tyda längre. På den nya SDD ligger nu en mapp som heter WindowsImageBackup. Finns det någon som vet om det ens är möjligt att starta Windows från en systemavbild eller om någon vet en annan lösning på mina problem hade jag vart tacksam för tips. Med vänliga hälsningar, Victor
  9. Den funkar bra. Den har blockerat många program tex messenger. Är det något jag ska tänka på eller kan jag öppna program som jag känner till?
  10. [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:40:18, on 2007-07-10 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FSMB32.EXE C:\WINDOWS\System32\RegSrvc.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FCH32.EXE C:\Program\Analog Devices\SoundMAX\SMAgent.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FAMEH32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsqh.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsrw.exe C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\WINDOWS\AGRSMMSG.exe C:\Program\Telia\TELIAS~1\ANTI-S~1\fsaw.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Telia\Telias sakerhetstjanster\FSGUI\fsguidll.exe C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe C:\Program\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Telia\Telias sakerhetstjanster\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\Telia\Telias sakerhetstjanster\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [beoplayertray] C:\Program\Bang & Olufsen\BeoPlayer\Beotray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BeoPlayer.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Telias säkerhetstjänster.lnk = C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156431609031 O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Telias säkerhetstjänster (BackWeb Plug-in - 7836882) - BackWeb Technologies Inc. - C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program\Intel\NCS\Sync\NetSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 7521 bytes [/log]
  11. Avenger[log]Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\cjkedjxv ******************* Script file located at: \??\C:\WINDOWS\system32\duqbjrun.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\windows\system32\fccddda.dll not found! Deletion of file C:\windows\system32\fccddda.dll failed! Could not process line: C:\windows\system32\fccddda.dll Status: 0xc0000034 File C:\WINDOWS\system32\hghjpkbm.dll not found! Deletion of file C:\WINDOWS\system32\hghjpkbm.dll failed! Could not process line: C:\WINDOWS\system32\hghjpkbm.dll Status: 0xc0000034 File C:\WINDOWS\system32\hjjlm.bak1 not found! Deletion of file C:\WINDOWS\system32\hjjlm.bak1 failed! Could not process line: C:\WINDOWS\system32\hjjlm.bak1 Status: 0xc0000034 File C:\WINDOWS\system32\hjjlm.bak2 not found! Deletion of file C:\WINDOWS\system32\hjjlm.bak2 failed! Could not process line: C:\WINDOWS\system32\hjjlm.bak2 Status: 0xc0000034 File C:\WINDOWS\system32\hjjlm.ini not found! Deletion of file C:\WINDOWS\system32\hjjlm.ini failed! Could not process line: C:\WINDOWS\system32\hjjlm.ini Status: 0xc0000034 File C:\windows\system32\isytwyip.dll not found! Deletion of file C:\windows\system32\isytwyip.dll failed! Could not process line: C:\windows\system32\isytwyip.dll Status: 0xc0000034 File C:\WINDOWS\system32\mljjh.dll not found! Deletion of file C:\WINDOWS\system32\mljjh.dll failed! Could not process line: C:\WINDOWS\system32\mljjh.dll Status: 0xc0000034 File C:\windows\system32\piywtysi.ini not found! Deletion of file C:\windows\system32\piywtysi.ini failed! Could not process line: C:\windows\system32\piywtysi.ini Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate.[/log]
  12. combofix Quarantine [log] 2007-04-28 17:25 89 --a------ C:\Qoobox\Quarantine\C\DOCUME~1\Victor\APPLIC~1\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol.vir Lista ”ver mappar i milj”variabeln PATH Volymens serienummer „r 208D-E5F1 C:\QOOBOX \---Quarantine +---C | \---DOCUME~1 | \---Victor | \---APPLIC~1 | \---Macromedia | \---Flash Player | \---macromedia.com | \---support | \---flashplayer | \---sys | \---#www.broadcaster.com | settings.sol.vir | \---Registry_backups [/log]
  13. combofix[log]"Victor" - 2007-07-10 19:35:51 - ComboFix 07-07-10.1 - Service Pack 2 ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\Victor\APPLIC~1.\macromedia\Flash Player\#SharedObjects\NAS95JCC\www.broadcaster.com C:\DOCUME~1\Victor\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com C:\DOCUME~1\Victor\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol ((((((((((((((((((((((((( Files Created from 2007-06-10 to 2007-07-10 ))))))))))))))))))))))))))))))) 2007-07-10 19:35 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-09 20:51 <KAT> d-------- C:\VundoFix Backups 2007-07-08 20:17 <KAT> d-------- C:\Program\Trend Micro 2007-07-08 14:21 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-07-08 14:21 <KAT> dr------- C:\DOCUME~1\ADMINI~1\Start-meny 2007-07-08 14:21 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\Skrivare 2007-07-08 14:21 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\N„tverket 2007-07-08 14:21 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\Mallar 2007-07-08 14:21 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\Lokala inst„llningar 2007-07-08 14:21 <KAT> d-------- C:\DOCUME~1\ADMINI~1\Skrivbord 2007-07-08 14:21 <KAT> d-------- C:\DOCUME~1\ADMINI~1\Mina dokument 2007-07-08 14:21 <KAT> d-------- C:\DOCUME~1\ADMINI~1\Favoriter 2007-07-04 18:42 16,384 --a------ C:\WINDOWS\system32\FileOps.exe 2007-07-04 18:35 <KAT> d-------- C:\WINDOWS\Adobe Illustrator CS (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-07 17:18:11 -------- d-----w C:\DOCUME~1\Victor\APPLIC~1\uTorrent 2007-07-04 16:37:51 -------- d--h--w C:\Program\InstallShield Installation Information 2007-06-28 20:58:28 -------- d-----w C:\Program\DC++ 2007-05-24 17:34:15 -------- d-----w C:\DOCUME~1\Victor\APPLIC~1\dvdcss 2007-05-24 15:07:39 -------- d-----w C:\DOCUME~1\Victor\APPLIC~1\BeoMediaDatabase 2007-05-18 16:04:55 -------- d-----w C:\Program\Bang & Olufsen 2007-05-18 16:04:15 -------- d-----w C:\Program\Delade filer\InstallShield 2007-05-16 15:20:05 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-15 19:02:35 -------- d-----w C:\DOCUME~1\Victor\APPLIC~1\Google 2007-05-15 18:11:45 -------- d-----w C:\Program\Google 2007-04-25 15:45:36 70,014 ----a-w C:\WINDOWS\system32\perfc01D.dat 2007-04-25 15:45:36 396,090 ----a-w C:\WINDOWS\system32\perfh01D.dat 2007-04-25 14:22:55 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-18 16:14:40 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-16 20:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll 2007-04-16 20:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2006-12-18 05:16 59032 --a------ C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{410DCA6D-452A-46CA-A15A-1415F0C4B9AA}] C:\WINDOWS\system32\mljjh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{634C7583-74C6-4FEF-BD06-9721761A6815}] C:\WINDOWS\system32\fccddda.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] 2007-03-14 03:43 501400 --a------ C:\Program\Java\jre1.6.0_01\bin\ssv.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 2007-05-15 20:11 2411584 -ra------ c:\program\google\googletoolbar1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.exe" [2005-10-26 03:51] "F-Secure TNB"="C:\Program\Telia\Telias sakerhetstjanster\TNB\TNBUtil.exe" [2005-07-18 16:51] "F-Secure Startup Wizard"="C:\Program\Telia\Telias sakerhetstjanster\FSGUI\FSSW.exe" [2005-10-18 10:29] "ATIModeChange"="Ati2mdxx.exe" [2002-08-29 00:17 C:\WINDOWS\system32\Ati2mdxx.exe] "ATIPTA"="C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-04-24 21:00] "AdaptecDirectCD"="C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2003-03-26 11:15] "AGRSMMSG"="AGRSMMSG.exe" [2003-05-06 22:16 C:\WINDOWS\AGRSMMSG.exe] "Cpqset"="C:\Program\HPQ\Default Settings\cpqset.exe" [2003-05-01 13:59] "PRONoMgr.exe"="C:\Program\Intel\NCS\PROSet\PRONoMgr.exe" [2002-12-18 14:20] "Adobe Photo Downloader"="C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2006-10-25 19:58] "Beoplayertray"="C:\Program\Bang & Olufsen\BeoPlayer\Beotray.exe" [2007-02-19 12:41] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:34] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{634C7583-74C6-4FEF-BD06-9721761A6815}"="C:\WINDOWS\system32\fccddda.dll" [] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljjh] C:\WINDOWS\system32\mljjh.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] C:\WINDOWS\System32\LgNotify.dll 2003-03-24 12:26 110592 C:\WINDOWS\system32\LgNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Usnsvc usnsvc Contents of the 'Scheduled Tasks' folder 2007-07-10 07:54:02 C:\WINDOWS\tasks\Scheduled scanning task.job ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-10 19:38:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = C:\Program\HPQ\Default Settings\cpqset.exe?|????????????3?3?7?0??????? ?pTB????????? ?????B???????? scanning hidden files ... C:\WINDOWS\Winamp.ini C:\WINDOWS\winampa.ini C:\WINDOWS\Windows Update.log C:\WINDOWS\WindowsShell.Manifest C:\WINDOWS\WindowsUpdate.log C:\WINDOWS\winhelp.exe C:\WINDOWS\winhlp32.exe C:\WINDOWS\winnt.bmp C:\WINDOWS\winnt256.bmp C:\WINDOWS\WinSxS C:\WINDOWS\WMFDist11.log C:\WINDOWS\wmp11.log C:\WINDOWS\wmprfSVE.prx C:\WINDOWS\wmsetup.log C:\WINDOWS\wmsetup10.log C:\WINDOWS\WMSysPr9.prx C:\WINDOWS\WMSysPrx.prx C:\WINDOWS\Wudf01000Inst.log C:\WINDOWS\xpsp1hfm.log C:\WINDOWS\_default.pif C:\WINDOWS\Ärgad koppar.bmp C:\WINDOWS\Ökensand.bmp scan completed successfully hidden files: 22 ************************************************************************** Completion time: 2007-07-10 19:39:17 C:\ComboFix-quarantined-files.txt ... 2007-07-10 19:39 --- E O F --- [/log]
  14. hijack this [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:54:11, on 2007-07-10 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FSMB32.EXE C:\WINDOWS\System32\RegSrvc.exe C:\Program\Analog Devices\SoundMAX\SMAgent.exe C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FCH32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FAMEH32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsqh.exe C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsrw.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\WINDOWS\AGRSMMSG.exe C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe C:\Program\Telia\TELIAS~1\ANTI-S~1\fsaw.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Telia\Telias sakerhetstjanster\FSGUI\fsguidll.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {410DCA6D-452A-46CA-A15A-1415F0C4B9AA} - C:\WINDOWS\system32\mljjh.dll (file missing) O2 - BHO: (no name) - {634C7583-74C6-4FEF-BD06-9721761A6815} - C:\WINDOWS\system32\fccddda.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Telia\Telias sakerhetstjanster\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\Telia\Telias sakerhetstjanster\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [beoplayertray] C:\Program\Bang & Olufsen\BeoPlayer\Beotray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BeoPlayer.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Telias säkerhetstjänster.lnk = C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156431609031 O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Telias säkerhetstjänster (BackWeb Plug-in - 7836882) - BackWeb Technologies Inc. - C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program\Intel\NCS\Sync\NetSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 7800 bytes [/log]
  15. Ska prova det du förklarar. Vill först bara veta att du är säker på att de filerna som tas bort inte har en viktig del i windows funktion. I sådant fall måste jag kopiera och bränna en del saker först. Mvh Victor
  16. [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:14:38, on 2007-07-09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSMB32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe C:\WINDOWS\System32\RegSrvc.exe C:\Program\Analog Devices\SoundMAX\SMAgent.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FCH32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FAMEH32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsqh.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsrw.exe C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE C:\Program\Telia\TELIAS~1\ANTI-S~1\fsaw.exe C:\Program\Telia\Telias sakerhetstjanster\FSGUI\fsguidll.exe C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\WINDOWS\AGRSMMSG.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\Mozilla Firefox\firefox.exe C:\Program\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {410DCA6D-452A-46CA-A15A-1415F0C4B9AA} - C:\WINDOWS\system32\mljjh.dll (file missing) O2 - BHO: (no name) - {634C7583-74C6-4FEF-BD06-9721761A6815} - C:\WINDOWS\system32\fccddda.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Telia\Telias sakerhetstjanster\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\Telia\Telias sakerhetstjanster\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [beoplayertray] C:\Program\Bang & Olufsen\BeoPlayer\Beotray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BeoPlayer.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Telias säkerhetstjänster.lnk = C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156431609031 O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Telias säkerhetstjänster (BackWeb Plug-in - 7836882) - BackWeb Technologies Inc. - C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program\Intel\NCS\Sync\NetSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 7858 bytes [/log]
  17. Hej, tackar så mycket för visat intresse. Tyvär kvarstår problemet. [log]VundoFix V6.5.4 Checking Java version... Sun Java not detected Scan started at 20:51:33 2007-07-09 Listing files found while scanning.... C:\windows\system32\fccddda.dll C:\WINDOWS\system32\hghjpkbm.dll C:\WINDOWS\system32\hjjlm.bak1 C:\WINDOWS\system32\hjjlm.bak2 C:\WINDOWS\system32\hjjlm.ini C:\windows\system32\isytwyip.dll C:\WINDOWS\system32\mljjh.dll C:\windows\system32\piywtysi.ini Beginning removal... Attempting to delete C:\windows\system32\fccddda.dll C:\windows\system32\fccddda.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\hghjpkbm.dll C:\WINDOWS\system32\hghjpkbm.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hjjlm.bak1 C:\WINDOWS\system32\hjjlm.bak1 Has been deleted! Attempting to delete C:\WINDOWS\system32\hjjlm.bak2 C:\WINDOWS\system32\hjjlm.bak2 Has been deleted! Attempting to delete C:\WINDOWS\system32\hjjlm.ini C:\WINDOWS\system32\hjjlm.ini Has been deleted! Attempting to delete C:\windows\system32\isytwyip.dll C:\windows\system32\isytwyip.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\mljjh.dll C:\WINDOWS\system32\mljjh.dll Could not be deleted. Attempting to delete C:\windows\system32\piywtysi.ini C:\windows\system32\piywtysi.ini Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.5.4 Checking Java version... Sun Java not detected Scan started at 21:02:34 2007-07-09 Listing files found while scanning.... C:\windows\system32\fccddda.dll C:\WINDOWS\system32\mljjh.dll Beginning removal... Attempting to delete C:\windows\system32\fccddda.dll C:\windows\system32\fccddda.dll Has been deleted! Performing Repairs to the registry. Done! [/log]
  18. Hej, tyvärr har jag inte de möjligheterna att ändra mycket i mina inställningar. Har inte någon tillträdelse att kunna bocka för kryssrutorna; Genomsök alla filer och Genomsök komprimerade filer. Det mesta är i gråton och ej klickbart. Tack för tipsen
  19. [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:19:32, on 2007-07-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FSMB32.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FCH32.EXE C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe C:\Program\Telia\Telias sakerhetstjanster\Common\FAMEH32.EXE C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsqh.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsrw.exe C:\WINDOWS\System32\RegSrvc.exe C:\Program\Analog Devices\SoundMAX\SMAgent.exe C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe C:\WINDOWS\Explorer.EXE C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE C:\Program\Telia\TELIAS~1\ANTI-S~1\fsaw.exe C:\Program\Telia\Telias sakerhetstjanster\FSGUI\fsguidll.exe C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\WINDOWS\AGRSMMSG.exe C:\Program\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program\Trend Micro\HijackThis\HijackThis.exe C:\Program\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINDOWS\system32\hghjpkbm.dll O2 - BHO: (no name) - {634C7583-74C6-4FEF-BD06-9721761A6815} - C:\WINDOWS\system32\fccddda.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O2 - BHO: (no name) - {F3686CD6-1035-445F-A5BC-833763E3E28E} - C:\WINDOWS\system32\mljjh.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Telia\Telias sakerhetstjanster\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\Telia\Telias sakerhetstjanster\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [beoplayertray] C:\Program\Bang & Olufsen\BeoPlayer\Beotray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BeoPlayer.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Telias säkerhetstjänster.lnk = C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156431609031 O20 - Winlogon Notify: fccddda - C:\WINDOWS\SYSTEM32\fccddda.dll O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Telias säkerhetstjänster (BackWeb Plug-in - 7836882) - BackWeb Technologies Inc. - C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program\Intel\NCS\Sync\NetSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 7993 bytes [/log]
  20. Hej, jag har fått ett virus i form av: F-Secure Trojan Information Pages: Agent.BAO [summary] | [Disinfection] | [Detailed Description] | [Detection] Name : Agent.BAO Alias: Trojan-Downloader.Win32.Agent.bao, Trojan.Downloader.Agent.ACT, TR/Dldr.Agent.bao Size: (11,230 bytes) Type: Downloader, Trojan Category: Trojan Platform: Win32 Date of Discovery: November 06, 2006 Radar Summary Agent.BAO, a variant of Agent, is a Trojan. Agent.BAO downloads different trojans and backdoors and activate them on an affected system without user's approval. Mitt virus program klarar inte av att ta bort det. Får felmeddelanden om skadlig kod i c\windows\system32\MLJJH.DLL. Angrepp: Trojan-downloader.win32.agent.bxq HAR INGEN ANING OM VAD JAG KAN GÖRA. VÅGAR INTE TA BORT FILEN MANUELLT VET HELLER INTE OM DET GÅR. HOPPAS NÅGON VET VAD MAN KAN GÖRA. Mvh victor
  21. Jag har laddat ner från http://www.utorrent.com och har telias F-secure och ad-aware på datorn.
  22. Fick VirusBurster här om dagen och blir inte av med det. Rekomenderades att ladda ner och köra Noadware för att bli av med det men det funkade inte till fullo. Viruset är W32.Myzor.FK@yf Vad behövs för att få bort det. Tacksam för svar
  23. Jag har laddat ner från http://www.utorrent.com och har telias F-secure och ad-aware på datorn. Det har inte varit några problem sedan jag skrev inlägget. Dock får jag fortfarande felmedelanden om att internet explorer måste avslutas. Skärmen blinkar till men ingenting stängs av. Aktivitesfälten nere till höger på skärmen smetas samman rätt ofta också. Mycket konstigt.
  24. Sen jag börjat med u torrent så stängs internet efter ett tag helt ner. Efter det går inte datorn att stängas av utan stannar precis innan den ska släcka ner. Någon som vet vad det kan var för fel.
×
×
  • Skapa nytt...