Just nu i M3-nätverket
Jump to content

MIN HEMSIDA HAR ÄNDRATS!!!


Imran89

Recommended Posts

MIN HEMSIDA VAR GOOGLE OCH NU PLÖTSLIGT HAR DEN BLIVIT TILL NÅN VIRUSSIDA DÄR DET STÅR ATT JAG HAR VIRUS MEN JA HAR INGET VIRUS..HAR KOLLAT PÅ ANTI-VIRUSPROGRAM.FÖRSÖKER ÄNDRA STARTSIDA MEN DET GÅR EJ...SNÄLLA KAN NÅN HJÄLPA MIG???

DET STÅR ATT VIRUSET HETER MYZOR32...TACKSAM FÖR SNABBT SVAR!!!

[inlägget ändrat 2006-11-09 16:48:03 av Imran89]

Link to comment
Share on other sites

Problem med Caps Lock också?

 

Ladda hem och kör AVG Anti-Spyware (Ewido) enligt dessa anvisningar (säg till om det är något du inte förstår):

http://rstones12.geekstogo.com/ewidosetup.htm

 

Vi kan ju se om HijackThis visar något också:

http://www.thespykiller.co.uk/files/HJTsetup.exe

Installera, kör, skanna och spara loggen (inget annat).

 

I ditt svar bifogar du Ewido-rapporten resp. HijackThis-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in rapporten resp. loggen

Tryck igen på LOG-knappen

 

Link to comment
Share on other sites

[log]Logfile of HijackThis v1.99.1

Scan saved at 20:05:26, on 2006-11-09

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\iVideoCodec\isamonitor.exe

C:\Program\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\iVideoCodec\isamini.exe

C:\Program\Logitech\Video\LogiTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - C:\Program\iVideoCodec\isaddon.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll

O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131812163874

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131812147686

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe

 

 

---------------------------------------------------------

AVG Anti-Spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 19:54:06 2006-11-09

 

+ Scan result:

 

 

 

C:\Program\iVideoCodec -> Adware.Generic : Ignored.

C:\Program\iVideoCodec\isamini.exe -> Adware.Generic : Ignored.

C:\Program\iVideoCodec\isamonitor.exe -> Adware.Generic : Ignored.

C:\Program\iVideoCodec\isauninst.exe -> Adware.Generic : Ignored.

C:\Program\iVideoCodec\ot.ico -> Adware.Generic : Ignored.

C:\Program\iVideoCodec\ts.ico -> Adware.Generic : Ignored.

HKU\S-1-5-21-436374069-562591055-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F} -> Adware.Generic : Ignored.

HKU\S-1-5-21-436374069-562591055-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} -> Adware.Generic : Ignored.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On -> Adware.IntCodec : Ignored.

HKU\S-1-5-21-436374069-562591055-1801674531-1004\Software\Internet Security -> Adware.IntCodec : Ignored.

C:\Program\SpywareHeal -> Adware.SpywareHeal : Ignored.

C:\Program\SpywareHeal\SpywareHeal.exe -> Adware.SpywareHeal : Ignored.

C:\Program\SpywareHeal\ignored.lst -> Adware.SpywareHeal : Ignored.

C:\Program\SpywareHeal\sq.ini -> Adware.SpywareHeal : Ignored.

C:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll -> Downloader.Small : Ignored.

C:\Documents and Settings\Brkic\Application Data\errorsafefreeinstall_se[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignored.

C:\Documents and Settings\Brkic\Lokala inställningar\Temporary Internet Files\Content.IE5\QO99DZ3G\ErrorSafeFreeInstall_se[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignored.

C:\System Volume Information\_restore{FC90BC2F-12A5-424A-9AFD-2D98DFCCE276}\RP283\A0025312.dll -> Not-A-Virus.Hoax.Win32.Renos.gb : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@divx.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@maxim.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@msnservices.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@adbrite[2].txt -> TrackingCookie.Adbrite : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@admarketplace[1].txt -> TrackingCookie.Admarketplace : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@adtech[2].txt -> TrackingCookie.Adtech : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@advertising[2].txt -> TrackingCookie.Advertising : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@burstnet[1].txt -> TrackingCookie.Burstnet : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@www.burstnet[2].txt -> TrackingCookie.Burstnet : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@clickbank[2].txt -> TrackingCookie.Clickbank : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@com[1].txt -> TrackingCookie.Com : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@ivwbox[1].txt -> TrackingCookie.Ivwbox : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@komtrack[2].txt -> TrackingCookie.Komtrack : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@image.masterstats[1].txt -> TrackingCookie.Masterstats : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@ads.planetactive[2].txt -> TrackingCookie.Planetactive : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@tacoda[1].txt -> TrackingCookie.Tacoda : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignored.

C:\Documents and Settings\Brkic\Cookies\brkic@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignored.

 

 

::Report end

 

 

 

 

[/log]

 

Det var rapporten och loggen!

 

Link to comment
Share on other sites

Kontrollpanelen - Lägg till eller ta bort program

Ta bort SpywareHeal om den finns där, ta sedan bort mappen C:\Program\SpywareHeal

 

Ladda ner programmet SmitfraudFix (by S!Ri) till Skrivbordet:

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Högerklicka och extrahera allt innehåll till Skrivbordet. En mapp SmitfraudFix kommer att skapas.

 

Öppna SmitfraudFix-mappen och dubbelklicka på smitfraudfix.cmd.

Välj alternativ #1 - Search genom att trycka på 1 och Enter.

Programmet kommer att skanna igenom datorn.

När den är klart visas resultatet och programmet har skapat loggfilen C:\rapport.txt.

 

Klistra in innehållet i loggfilen i ditt svar här.

 

Gör inget annat med SmitfraudFix-mappen eller smitfraudfix.cmd.

 

Link to comment
Share on other sites

Här kommer loggfilen!

SmitFraudFix v2.120

 

Scan done at 17:17:30,90, 2006-11-10

Run from C:\Documents and Settings\Brkic\Skrivbord\SmitfraudFix\SmitfraudFix

OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT

Fix run in normal mode

 

»»»»»»»»»»»»»»»»»»»»»»»» C:

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Brkic

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Brkic\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Brkic\FAVORI~1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program

 

C:\Program\iVideoCodec\ FOUND !

C:\Program\VirusBursters\ FOUND !

 

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Min aktuella startsida"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, following keys are not inevitably infected!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection

 

 

»»»»»»»»»»»»»»»»»»»»»»»» End

 

 

 

Link to comment
Share on other sites

Starta om datorn i felsäkert läge genom att trycka F8 upprepade gånger under uppstarten och välja Felsäkert i menyn.

 

Öppna SmitfraudFix-mappen och dubbelklicka på smitfraudfix.cmd för att starta programmet.

Välj alternativ #2 genom att trycka 2 och Enter.

Vänta på att verktyget blir klart och diskrensningen avslutas.

Under tiden så kommer det en fråga om du vill rensa registret (clean the registry) svara ja (Yes) genom att trycka Y och Enter.

 

Om datorn inte startar om av sig själv så gör du det.

Även denna gång ska det vara felsäkert läge.

 

Kontrollpanelen - Internet-alternativ - Allmänt - Ta bort filer, kryssa i rutan - OK

Sedan på fliken Program, välj Återställ webbinställningar. Verkställ - OK

 

Kontrollpanelen - Bildskärm - Skrivbord - Anpassa skrivbordet - Webb

Om det finns något med Security info eller liknande så Ta bort det.

OK - Verkställ - OK

 

Starta om datorn i normalt läge.

 

I ditt svar så klistra in den nyss skapade C:\rapport.txt och en ny HijackThis-logg, samt skriv hur datorn uppför sig nu.

 

Link to comment
Share on other sites

Allt är bra nu..min startsida är Google igen!!!:):thumbsup:

 

SmitFraudFix v2.120

 

Scan done at 18:08:20,20, 2006-11-10

Run from C:\Documents and Settings\Brkic\Skrivbord\SmitfraudFix\SmitfraudFix

OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT

Fix run in safe mode

 

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

 

GenericRenosFix by S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

 

Registry Cleaning done.

 

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» End

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 18:27:55, on 2006-11-10

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\Logitech\Video\LogiTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program\Logitech\Video\ManifestEngine.exe boot

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll

O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131812163874

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131812147686

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

[/log]

Tack så jättemycket för hjälpen!!!

:):)

 

Link to comment
Share on other sites

Installera ett antivirusprogram. Finns gratis från t ex Avast, Antivir och AVG:

http://www.avast.com/eng/avast_4_home.html

http://www.free-av.com/

http://free.grisoft.com/

 

Skanna med HijackThis och bocka för:

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/Smiley

CentralFWBInitialSetup1.0.0.15.cab

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn).

 

Starta AVG Anti-Spyware och ställ in den så att den tar bort och sätter i karantän de otrevligheter den hittar. Skanna igenom datorn.

 

Skanna igenom datorn med ditt antivirusprogram.

 

Starta om i normalt läge och så en ny HijackThis-logg förutom loggen från AVG Anti-Spyware. Kom ihåg LOG-knappen.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...