spyware eller vad är det jag har..tangenterna styr ngt windows messanger...

[Diva]

detta händer...

kan inte använda stora bokstäver,

shift knappen eller alt+a tex...det som händer då är att ngn windows messenger öppnas ihop med mappen mina dokument...har kört spybot, skulle köra adaware men det låser sig. har försökt återställa datorn till tidigare tidpunkt men det fungerar inte heller..har även sptguard och spywareblaster..har kört hijack this precis och hoppas ngn kan hjälpa mig att kika på den... hjääääälp snälla...

kan inte ens skriva ett frågetecken här i ämnesraden...

 

fick tips att formatera men är det verkligen så illa

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 18:19:41, on 2006-09-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\PV92Tray.exe

C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\Program\Microsoft Hardware\Keyboard\type32.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Java\jre1.5.0_04\bin\jusched.exe

C:\Program\Telia\Supportassistent\bin\tgcmd.exe

C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

C:\WINDOWS\VM_STI.EXE

C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Grisoft\AVGFRE~1\avgemc.exe

C:\Program\Grisoft\AVGFRE~1\avgcc.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program\Borland\INTRBASE\bin\ibguard.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Skype\Phone\Skype.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\SpywareGuard\sgmain.exe

C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program\SpywareGuard\sgbhp.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program\Borland\INTRBASE\bin\ibserver.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Documents and Settings\Administratör\Skrivbord\HijackThis1991.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dogue.nu/'>http://www.dogue.nu/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dogue.nu

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: (no name) - {C6022201-190F-1B11-1742-74C2D66F070D} - SysSupport.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program\SpywareGuard\dlprotect.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [intelliType] "C:\Program\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [tgcmd] "C:\Program\Telia\Supportassistent\bin\tgcmd.exe" /server /startmonitor /deaf

O4 - HKLM\..\Run: [backorif] RtlFindVal.exe

O4 - HKLM\..\Run: [prgsys0984] nmdllw.exe

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [keybdll] iehelper.exe

O4 - HKCU\..\Run: [powerdll] syspanel.exe

O4 - HKCU\..\Run: [ExchangeMaster] sbin.exe

O4 - HKCU\..\Run: [Anonymizer] C:\Program\Anonymizer\Anonymizer Software\Anonymizer.exe /nogui

O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: SpywareGuard.lnk = C:\Program\SpywareGuard\sgmain.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program\VisualRoute\vrie.dll

O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program\VisualRoute\vrie.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O12 - Plugin for .mp3: C:\Program\Internet Explorer\PLUGINS\npqtplugin4.dll

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.telia.se/sdccommon/download/tgctlcm.cab

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.kennelclub.nl/media/scripts/ScriptX.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab

O16 - DPF: {7823A620-9DD9-11CF-A662-00AA00C066D2} (PopupMenu Object) - http://activex.microsoft.com/contro.../x86/iemenu.cab

O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pr...canner37380.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7730EA4C-EC4B-4E8D-AC48-7E244232F90D}: NameServer = 85.255.115.53,85.255.112.148

O17 - HKLM\System\CCS\Services\Tcpip\..\{ADC4A968-4EB1-43B0-B0E2-480B803087D4}: NameServer = 85.255.115.53,85.255.112.148

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgemc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program\Borland\INTRBASE\bin\ibguard.exe

O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program\Borland\INTRBASE\bin\ibserver.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[/log]

 

[Zipp.]

 

Ladda ner Ewido..installera och uppdatera den

 

http://rstones12.geekstogo.com/ewidosetup.htm

 

Ladda ner FixWareout på skrivbordet

 

http://downloads.subratam.org/Fixwareout.exe

http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe

 

Sen kör Fixwareout.exe och följ anvisningar.

Om din brandvägg gnäller så acceptera att den går ut på nätet.

 

När den är färdikört så starta i felsäkert läge och scanna+ rensa med Ewido.

Starta sen normalt och skicka en ny Hijack logg och C:\fixwareout\report.txt + Ewido loggen.

 

 

 

[Diva]

Ok tack snälla:)Här är loggarna, hoppas det ser ok ut nu:

Fixewareout:

[log]

Fixwareout ver 1.003

Last edited 8/11/2006

Post this report in the forums please

 

Reg Entries that were deleted

...

 

Random Runs removed from HKLM

...

 

PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

 

»»»»» Searching by size/names...

 

»»»»»

Search five digit cs, dm and jb files.

This WILL/CAN also list Legit Files, Submit them at Virustotal

 

Other suspects.

Directory of C:\WINDOWS\system32

 

»»»»» Misc files.

 

»»»»» Checking for older varients covered by the Rem3 tool.

[/log]

 

Hijack this:

[log]Logfile of HijackThis v1.99.1

Scan saved at 23:52:49, on 2006-09-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program\Grisoft\AVGFRE~1\avgemc.exe

C:\Program\ewido anti-spyware 4.0\guard.exe

C:\Program\Borland\INTRBASE\bin\ibguard.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program\Borland\INTRBASE\bin\ibserver.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\PV92Tray.exe

C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\Program\Microsoft Hardware\Keyboard\type32.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Java\jre1.5.0_04\bin\jusched.exe

C:\Program\Telia\Supportassistent\bin\tgcmd.exe

C:\WINDOWS\VM_STI.EXE

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Grisoft\AVGFRE~1\avgcc.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program\ewido anti-spyware 4.0\ewido.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Skype\Phone\Skype.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe

C:\Program\SpywareGuard\sgmain.exe

C:\Program\SpywareGuard\sgbhp.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Documents and Settings\Administratör\Skrivbord\HijackThis1991.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dogue.nu/'>http://www.dogue.nu/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dogue.nu

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: (no name) - {C6022201-190F-1B11-1742-74C2D66F070D} - SysSupport.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program\SpywareGuard\dlprotect.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [intelliType] "C:\Program\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [tgcmd] "C:\Program\Telia\Supportassistent\bin\tgcmd.exe" /server /startmonitor /deaf

O4 - HKLM\..\Run: [backorif] RtlFindVal.exe

O4 - HKLM\..\Run: [prgsys0984] nmdllw.exe

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [!ewido] "C:\Program\ewido anti-spyware 4.0\ewido.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [keybdll] iehelper.exe

O4 - HKCU\..\Run: [powerdll] syspanel.exe

O4 - HKCU\..\Run: [ExchangeMaster] sbin.exe

O4 - HKCU\..\Run: [Anonymizer] C:\Program\Anonymizer\Anonymizer Software\Anonymizer.exe /nogui

O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: SpywareGuard.lnk = C:\Program\SpywareGuard\sgmain.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program\VisualRoute\vrie.dll

O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program\VisualRoute\vrie.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O12 - Plugin for .mp3: C:\Program\Internet Explorer\PLUGINS\npqtplugin4.dll

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.telia.se/sdccommon/download/tgctlcm.cab

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.kennelclub.nl/media/scripts/ScriptX.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

O16 - DPF: {7823A620-9DD9-11CF-A662-00AA00C066D2} (PopupMenu Object) - http://activex.microsoft.com/controls/iexplorer/x86/iemenu.cab

O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7730EA4C-EC4B-4E8D-AC48-7E244232F90D}: NameServer = 85.255.115.53,85.255.112.148

O17 - HKLM\System\CCS\Services\Tcpip\..\{ADC4A968-4EB1-43B0-B0E2-480B803087D4}: NameServer = 85.255.115.53,85.255.112.148

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgemc.exe

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program\Borland\INTRBASE\bin\ibguard.exe

O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program\Borland\INTRBASE\bin\ibserver.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[/log]

 

Ewido:

[log]---------------------------------------------------------

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 23:38:19 2006-09-28

 

+ Scan result:

 

 

 

C:\Documents and Settings\Administratör\Skrivbord\Downloads\japsetup.exe -> Adware.Fastseeker : Cleaned with backup (quarantined).

C:\RECYCLER\S-1-5-21-343818398-1897051121-1801674531-500\Dc3.exe -> Adware.Msnagent : Cleaned with backup (quarantined).

HKU\S-1-5-21-343818398-1897051121-1801674531-500\Software\RX Toolbar -> Adware.RXToolbar : Cleaned with backup (quarantined).

C:\RECYCLER\S-1-5-21-343818398-1897051121-1801674531-500\Dc2.exe -> Hijacker.Small : Cleaned with backup (quarantined).

:mozilla.405:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

:mozilla.406:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

:mozilla.463:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

:mozilla.466:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@ad.adocean[1].txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@gde.adocean[2].txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

:mozilla.92:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).

:mozilla.16:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).

:mozilla.17:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).

:mozilla.18:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).

:mozilla.439:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).

:mozilla.440:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup (quarantined).

:mozilla.435:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@c.goclick[1].txt -> TrackingCookie.Goclick : Cleaned with backup (quarantined).

:mozilla.39:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).

:mozilla.101:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).

:mozilla.102:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).

:mozilla.104:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).

:mozilla.105:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).

:mozilla.285:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).

:mozilla.286:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).

:mozilla.287:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).

:mozilla.280:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.288:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.289:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.313:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.417:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.431:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.436:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.458:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.461:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@search.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup (quarantined).

:mozilla.268:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.269:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.270:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.271:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.272:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.273:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.274:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.275:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.276:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.277:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.507:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.93:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).

:mozilla.94:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).

:mozilla.219:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).

:mozilla.222:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).

:mozilla.223:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).

:mozilla.122:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.123:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.124:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.125:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.126:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

C:\Documents and Settings\Administratör\Cookies\administratör@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.91:C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\7zy10s0q.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).

 

 

::Report end

[/log]

 

[Zipp.]

 

 

Skapa en ny mapp på C:\ och placera HijackThis.exe dit så C:\HjT\HijackThis.exe

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och klicka Fix checked

 

[log]R3 - URLSearchHook: (no name) - {C6022201-190F-1B11-1742-74C2D66F070D} - SysSupport.dll (file missing)

O4 - HKLM\..\Run: [backorif] RtlFindVal.exe

O4 - HKLM\..\Run: [prgsys0984] nmdllw.exe

O4 - HKCU\..\Run: [keybdll] iehelper.exe

O4 - HKCU\..\Run: [powerdll] syspanel.exe

O4 - HKCU\..\Run: [ExchangeMaster] sbin.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O17 - HKLM\System\CCS\Services\Tcpip\..\{7730EA4C-EC4B-4E8D-AC48-7

E244232F90D}: NameServer = 85.255.115.53,85.255.112.148

O17 - HKLM\System\CCS\Services\Tcpip\..\{ADC4A968-4EB1-43B0-B0E2-4

80B803087D4}: NameServer = 85.255.115.53,85.255.112.148

 

 

starta om datorn och ny logg.[/log]

 

[Diva]

Hoppas det ser ok ut nu? Undrar bara över raden

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

Ska den vara kvar?

 

Tusen tack för din hjälp

/Maria

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 12:10:40, on 2006-09-29

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\PV92Tray.exe

C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\Program\Microsoft Hardware\Keyboard\type32.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Java\jre1.5.0_04\bin\jusched.exe

C:\Program\Telia\Supportassistent\bin\tgcmd.exe

C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

C:\WINDOWS\VM_STI.EXE

C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Grisoft\AVGFRE~1\avgemc.exe

C:\Program\Grisoft\AVGFRE~1\avgcc.exe

C:\Program\ewido anti-spyware 4.0\guard.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program\ewido anti-spyware 4.0\ewido.exe

C:\Program\Borland\INTRBASE\bin\ibguard.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Skype\Phone\Skype.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\SpywareGuard\sgmain.exe

C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe

C:\Program\SpywareGuard\sgbhp.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program\Borland\INTRBASE\bin\ibserver.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\wuauclt.exe

C:\HjT\HijackThis1991.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dogue.nu/'>http://www.dogue.nu/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dogue.nu

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program\SpywareGuard\dlprotect.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [intelliType] "C:\Program\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [tgcmd] "C:\Program\Telia\Supportassistent\bin\tgcmd.exe" /server /startmonitor /deaf

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [!ewido] "C:\Program\ewido anti-spyware 4.0\ewido.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Anonymizer] C:\Program\Anonymizer\Anonymizer Software\Anonymizer.exe /nogui

O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: SpywareGuard.lnk = C:\Program\SpywareGuard\sgmain.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program\VisualRoute\vrie.dll

O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program\VisualRoute\vrie.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O12 - Plugin for .mp3: C:\Program\Internet Explorer\PLUGINS\npqtplugin4.dll

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.telia.se/sdccommon/download/tgctlcm.cab

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.kennelclub.nl/media/scripts/ScriptX.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

O16 - DPF: {7823A620-9DD9-11CF-A662-00AA00C066D2} (PopupMenu Object) - http://activex.microsoft.com/controls/iexplorer/x86/iemenu.cab

O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgemc.exe

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program\Borland\INTRBASE\bin\ibguard.exe

O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program\Borland\INTRBASE\bin\ibserver.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[/log]

 

[Zipp.]

 

Loggen är ok.

Uppdatera Java hittas i Kontrollpanelen.

09 raden ska vara kvar

 

[Diva]

Ok kanon. Försökte uppdatera Java men får meddelande om att det inte går pga ngn inställning i Internet Alternativ/ Anslutningar...Vad göra?

 

Nu funkade det, tack åter!

 

[inlägget ändrat 2006-09-29 13:49:52 av Diva]

[Zipp.]

 

Avinstallera och hämta en ny

 

http://java.sun.com/javase/downloads/index.jsp

 

Java Runtime Environment (JRE) 5.0 Update 8