Just nu i M3-nätverket
Jump to content

Trojan-Spy.HTML.Smitfraud.c


djstiv

Recommended Posts

Då gör jag en ny (egen) tråd då...jag har problem med

 

Trojan-Spy.HTML.Smitfraud.c....tror jag :S...

 

För datorn startar om sig lite som den vill, med en bluescreen innan...

 

[log]

Logfile of HijackThis v1.99.1

Scan saved at 15:39:44, on 2005-06-22

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\Logitech\Video\LogiTray.exe

C:\Program\Java\jre1.5.0_02\bin\jusched.exe

C:\Program\Daily Weather Forecast\weather.exe

C:\WINDOWS\wtnvmmun.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\Program\ISTsvc\istsvc.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe

C:\Program\Microsoft ActiveSync\WCESCOMM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Steam\Steam.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\Program\Silicon Image\SiISATARaid\SATARaid.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Logitech\Video\AlbumDB2.exe

C:\HjT\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program\Daily Weather Forecast\weather.exe

O4 - HKLM\..\Run: [mlvbfEtE] C:\WINDOWS\wtnvmmun.exe

O4 - HKLM\..\Run: [hglurgh] C:\WINDOWS\hglurgh.exe

O4 - HKLM\..\Run: [mlvùõš/‚²‘ÆßfÏNb‰»C:\Program\ISTsvc\istsvc.exe] C:\WINDOWS\wtnvmmun.exe

O4 - HKLM\..\Run: [Á³# é"h'þ9ÓœU3rŲWC:\Program\ISTsvc\istsvc.exe] C:\WINDOWS\wtnvmmun.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [iST Service] C:\Program\ISTsvc\istsvc.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot

O4 - HKCU\..\Run: [steam] C:\Program\Steam\Steam.exe -silent

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - Global Startup: SATARaid.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program\expektMPP\MPPoker.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {0C253E15-E096-4E07-BDF9-110895A258D4} (CamfrogWEB Control) - http://camfrogweb.com/download/cfweb_camfrogweb.com-download_instmodule.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105725620171

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O23 - Service: LF Connection Keeper Service (LFCK) - Unknown owner - C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe" --startAsService (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

 

[/log]

 

Det är hela, jag tar "Do a system scan, and save a logfile" Sen kopierar jag hela texten som kommer upp i logfilen...

 

 

 

Link to comment
Share on other sites

Avinstallera via Kontrollpanelen om det finns

 

ISTsvc

Daily Weather Forecast

 

Dolda filer synliga titta här hur man gör

 

http://www.xtra.co.nz/help/0,,4155-1916458,00.html

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och alla andra öppna fönster och klicka FIX checked

 

[log]O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program\Daily Weather Forecast\weather.exe

O4 - HKLM\..\Run: [mlvbfEtE] C:\WINDOWS\wtnvmmun.exe

O4 - HKLM\..\Run: [hglurgh] C:\WINDOWS\hglurgh.exe

O4 - HKLM\..\Run: [mlvùõš/‚²‘ÆßfÏNb‰»C:\Program\ISTsvc\istsvc.exe] C:\WINDOWS\wtnvmmun.exe

O4 - HKLM\..\Run: [Á³# é"h'þ9ÓœU3rŲWC:\Program\ISTsvc\istsvc.exe] C:\WINDOWS\wtnvmmun.exe

O4 - HKLM\..\Run: [iST Service] C:\Program\ISTsvc\istsvc.exe

 

 

Starta sen i felsäkert läge och ta bort om hittas

 

C:\WINDOWS\wtnvmmun.exe

 

C:\Program\Daily Weather Forecast\ < mappen

C:\Program\ISTsvc\ < mappen

 

Starta sen normalt och ny Hijack logg.[/log]

 

Link to comment
Share on other sites

nya loggen

 

[log]

 

Logfile of HijackThis v1.99.1

Scan saved at 16:18:08, on 2005-06-22

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\Logitech\Video\LogiTray.exe

C:\Program\Java\jre1.5.0_02\bin\jusched.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program\Steam\Steam.exe

C:\Program\Silicon Image\SiISATARaid\SATARaid.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\wincmd\WinCmd32.exe

C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\mIRC\mirc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Logitech\Video\AlbumDB2.exe

C:\HjT\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot

O4 - HKCU\..\Run: [steam] C:\Program\Steam\Steam.exe -silent

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - Global Startup: SATARaid.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program\expektMPP\MPPoker.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {0C253E15-E096-4E07-BDF9-110895A258D4} (CamfrogWEB Control) - http://camfrogweb.com/download/cfweb_camfrogweb.com-download_instmodule.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105725620171

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O23 - Service: LF Connection Keeper Service (LFCK) - Unknown owner - C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe" --startAsService (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

 

[/log]

 

Link to comment
Share on other sites

Tyvärr så återstår problemet :(.....

 

 

[log]

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 23:52:47, on 2005-06-22

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\Logitech\Video\LogiTray.exe

C:\Program\Java\jre1.5.0_02\bin\jusched.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program\Steam\Steam.exe

C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe

C:\Program\Silicon Image\SiISATARaid\SATARaid.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\Program\wincmd\WinCmd32.exe

C:\Program\Winamp\Winamp.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\HjT\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot

O4 - HKCU\..\Run: [steam] C:\Program\Steam\Steam.exe -silent

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - Global Startup: SATARaid.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program\expektMPP\MPPoker.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {0C253E15-E096-4E07-BDF9-110895A258D4} (CamfrogWEB Control) - http://camfrogweb.com/download/cfweb_camfrogweb.com-download_instmodule.exe'>http://camfrogweb.com/download/cfweb_camfrogweb.com-download_instmodule.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab'>http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105725620171'>http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105725620171

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab'>http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab'>http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O23 - Service: LF Connection Keeper Service (LFCK) - Unknown owner - C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe" --startAsService (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

 

 

 

 

[/log]

[inlägget ändrat 2005-06-22 23:52:33 av djstiv]

 

 

 

Här kommer en till, efter att MSN hängde sig på ett konstigt sätt, kanske har ändrat sig lite, vad vet jag :S...vill verkligen inte ha det såhär :(...

 

[log]

 

Logfile of HijackThis v1.99.1

Scan saved at 04:55:53, on 2005-06-23

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\Logitech\Video\LogiTray.exe

C:\Program\Java\jre1.5.0_02\bin\jusched.exe

C:\Program\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program\Steam\Steam.exe

C:\Program\Silicon Image\SiISATARaid\SATARaid.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\wincmd\WinCmd32.exe

C:\Program\Winamp\Winamp.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\MSN Messenger\msnmsgr.exe

C:\HjT\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot

O4 - HKCU\..\Run: [steam] C:\Program\Steam\Steam.exe -silent

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - Global Startup: SATARaid.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program\expektMPP\MPPoker.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {0C253E15-E096-4E07-BDF9-110895A258D4} (CamfrogWEB Control) - http://camfrogweb.com/download/cfweb_camfrogweb.com-download_instmodule.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105725620171

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O23 - Service: LF Connection Keeper Service (LFCK) - Unknown owner - C:\Program\LennartFranzén\LFConnectionKeeper\lfck.exe" --startAsService (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

 

 

[/log]

[inlägget ändrat 2005-06-23 04:56:36 av djstiv]

Link to comment
Share on other sites

Hijack loggen är ok.

 

> För datorn startar om sig lite som den vill, med en bluescreen innan...<

 

Troligtvis är felet nåt annat än Smitfraud.

Titta i Loggboken om det står närmare om problemet.

 

 

Link to comment
Share on other sites

okay, det sa mig inget...

 

jag hitta loggboken och så...

 

Men det verkar som det får bli en "format c:" så visar det sig om problemet återstår.

 

Link to comment
Share on other sites

Har samma problem får Bluescreen. Här kommer HJT loggen.

 

Logfile of HijackThis v1.99.1

Scan saved at 11:04:09, on 28.6.2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Program\Ahead\InCD\InCD.exe

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe

C:\Program\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE

C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe

C:\Program\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

C:\Program\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe

C:\Program\F-Secure Internet Security\Anti-Virus\FSGK32.EXE

C:\Program\F-Secure Internet Security\Common\FSMA32.EXE

C:\Program\F-Secure Internet Security\Anti-Virus\fssm32.exe

C:\Program\F-Secure Internet Security\Common\FSMB32.EXE

C:\Program\F-Secure Internet Security\backweb\4476822\Program\BackWeb-4476822.exe

C:\Program\F-Secure Internet Security\Common\FCH32.EXE

C:\Program\F-Secure Internet Security\Common\FAMEH32.EXE

C:\Program\F-Secure Internet Security\Anti-Virus\fsav32.exe

C:\Program\MUSICA~1\mac.exe

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\F-Secure Internet Security\Common\FSM32.EXE

C:\Program\F-Secure Internet Security\FWES\Program\fsdfwd.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe

C:\Program\MSI\Core Center\CoreCenter.exe

C:\Program\MSI\DigiCell\DigiCell.exe

C:\Program\Logitech\SetPoint\KEM.exe

C:\Program\Logitech\SetPoint\KHALMNPR.EXE

C:\Program\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\WINDOWS\System32\wuauclt.exe

C:\Program\Internet Explorer\iexplore.exe

C:\HJT\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.agrolink.fi/sve/start

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: ZToolbar Activator Class - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - C:\WINDOWS\pumba3.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Search Toolbar - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - C:\WINDOWS\pumba3.dll

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

O4 - HKLM\..\Run: [RemoteControl] "C:\Program\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Mobile Phone Suite] C:\Program\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe -nogui

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Music Alarm Clock] C:\Program\MUSICA~1\mac.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure Internet Security\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: CoreCenter.lnk = C:\Program\MSI\Core Center\CoreCenter.exe

O4 - Global Startup: DigiCell.lnk = C:\Program\MSI\DigiCell\DigiCell.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program\Logitech\SetPoint\KEM.exe

O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\WIDCOMM\Bluetooth-programvara\btsendto_ie_ctx.htm

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\WIDCOMM\Bluetooth-programvara\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\WIDCOMM\Bluetooth-programvara\btsendto_ie.htm

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1119079175859

O16 - DPF: {A57B79D8-9501-42B7-BA9B-B961454712F2} (WLANinfo.WLANX) - https://www.jiwire.com/activeX/wlaninfo.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{B6E6D0F2-EEA2-4FC9-AD0C-CB982C40AAE4}: NameServer = 192.168.1.1

O18 - Protocol: bw+0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {27D7FB81-DF45-418C-91E9-72A086C19C25} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: LBTServ - C:\Program\Delade filer\Logitech\Bluetooth\lbtserv.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: F-Secure Internet Security 2004 (BackWeb Client - 4476822) - Unknown owner - C:\Program\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\F-Secure Internet Security\FWES\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure Internet Security\Common\FSMA32.EXE

O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program\F-Secure Internet Security\fswsclds.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program\Ahead\InCD\InCDsrv.exe

 

 

 

Link to comment
Share on other sites

Ser inga Smitfraud filer i loggen. Har du den blåa Smitfraud varningsrutan på skärmen eller har du haft Smitfraud på datorn men rensat bort den?

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och alla andra öppna fönster och klicka FIX checked

 

O2 - BHO: ZToolbar Activator Class - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - C:\WINDOWS\pumba3.dll

O3 - Toolbar: Search Toolbar - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - C:\WINDOWS\pumba3.dll

 

+ alla 018 rader.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...