Just nu i M3-nätverket
Jump to content

Trög dator.


chrilloo

Recommended Posts

Hej. Jag vet inte vad som har hänt med min dator, men på 5 minuter så har den blivit slöare än min 450mhz;are.

Vad hände?

- Jo, som vanligt så satt jag inne och spanade lite via firefox. Inga problem. Jag hade msn, firefox och itunes uppe. Jag skulle precis öppna en till "tag" genom att klicka ner scrollhjulet på musen, och det var då det hände. Hela datorn frös sig, allting slutade att svara. Jag fick upp enhetshanteraren för kanske 2 sek. Innan den också frös sig. Jaha, vad gör man nu? , jo jag kör mammas metod, dra ut sladden och hoppas allt ordnar sig, och det första jag märker med datorn är att windows laddar jättesegt. Till och med laddarmätaren "laggar" till och från. När den laddat klart och användarmenyn ska komma fram, så blir det svart, skärmen stängs av. Precis som om man satt den i vänteläge. Jag tittar förvånat på skärmen och den startas igen, och användarmenyn kommer fram. När själva windows har laddat klart, så märker jag hur seg datorn har blivit. Itunes sprakar, CPU pendlar oavbrutet emellan 60-100%. Om jag lät allting ligga stilla, alltså inte röra musen, så var den nere i 40%, när jag rörde musen kanske 2 mm, så drog den rakt upp till 100% igen, sen så gick den ner sakta men säkert. Jag öppnade windows defragmenterade och lät den stå. Körde den några gånger, och tillslut så fanns det inga fragmenterade filer kvar, det blåa på ena sidan och vitt på andra, perfekt. Startade om datorn , samma symdrom, lite snabbare kanske. Jaha, jag körde PCtools spywaredoctor, hittade lite spyware, som jag tog bort, körde även PCtools register mechanic, för att vara på säkra sidan att ingeting låg kvar i registret, och slutligen så körde jag full systemcheck med BitDefender 10.0. Och här står jag nu, datorn är fortfarande seg, inte lika mkt som vanligt, utan det har gått framåt. Men fortfarande så kan jag inte lyssna på musik, och samtidigt röra på musen. Allting låter bra tills jag antingen rör på musen eller skriver fort. Jag vet inte riktigt mer vad jag ska göra, och därför ber jag er på IDG efter hjälp. Bifogar även hijack log.

Min dator:

AMD Athlon 1.2 ghz processor.

512mb ram, 256mb ATI radeon 9600pro

80gb + 250 extern hårddisk.

 

 

Hoppas ni kan hjälpa mig, MVH

Christoffer

 

[log]

Logfile of HijackThis v1.99.1

Scan saved at 18:12:25, on 2006-11-26

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

F:\Windows\System32\smss.exe

F:\Windows\SYSTEM32\winlogon.exe

F:\Windows\system32\services.exe

F:\Windows\system32\lsass.exe

F:\Windows\system32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\System32\svchost.exe

F:\Windows\SYSTEM32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\wscntfy.exe

F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

F:\Windows\System32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Program\iPod\bin\iPodService.exe

f:\program\intern~1\iexplore.exe

F:\Program\Internet Explorer\iexplore.exe

F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe

F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe

F:\Program\Softwin\BitDefender10\vsserv.exe

F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe

F:\Program\Softwin\BitDefender10\bdagent.exe

F:\Program\Softwin\BitDefender10\bdmcon.exe

F:\Windows\explorer.exe

F:\PROGRAM\MOZILL~1\FIREFOX.EXE

F:\Windows\SYSTEM32\taskmgr.exe

F:\Program\iTunes\iTunes.exe

F:\Program\WinRAR\WinRAR.exe

F:\Documents and Settings\Chrilloo oo\Skrivbord\Tankat- Firefox\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O4 - HKLM\..\Run: [bDMCon] "F:\Program\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "F:\Program\Softwin\BitDefender10\bdagent.exe"

O4 - HKCU\..\Run: [MsnMsgr] "F:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bitComet] "F:\Program\BitComet\BitComet.exe"

O4 - HKCU\..\Run: [bAIT TITLE] F:\DOCUME~1\CHRILL~1\APPLIC~1\PILEEX~1\up amok.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Program\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Program\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O18 - Protocol: bw+0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Adobe LM Service - Adobe Systems - F:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\Windows\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: iPodService - Apple Computer, Inc. - F:\Program\iPod\bin\iPodService.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - F:\Program\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

[/log]

 

 

[inlägget ändrat 2006-11-26 18:31:11 av chrilloo]

Link to comment
Share on other sites

Kan tänkas vara en LOP-otrevlighet där.

Ladda ner NoLop till Skrivbordet:

http://www.spywareedge.net/nolop/NoLop.exe

Stäng alla program för datorn kommer att startas om.

Dubbelklicka på NoLop för att starta det.

Klicka på Search and Destroy

Om något hittas så kommer det ett meddelande om att starta om datorn, klicka då på OK

Klicka på Reboot

Ett meddelande borde komma upp från NoLop, om inte så dubbelklicka på programmet igen och det kommer att göra det sista.

 

Klistra in C:\NoLop.log och en ny HijackThis-logg. Jag tittar på loggarna i morgon.

 

Link to comment
Share on other sites

NoLop:[log]NoLop! Log by Skate_Punk_21

 

Fix running from: F:\Program\Softwin\BitDefender10

[2006-11-26]

[19:46:41]

 

---Infection Files Found/Removed---

F:\Windows\tasks\B05D27AD930ADB59.job

 

Beginning Removal...

Rebooting...

Removing Lop's Leftover Files/Folders...

Editing Registry...

**Fix Complete!**

 

---Listing AppData sub directories---

 

F:\Documents and Settings\Administratör\Application Data\Identities

F:\Documents and Settings\Administratör\Application Data\Microsoft

F:\Documents and Settings\All Users\Application Data\Adobe

F:\Documents and Settings\All Users\Application Data\Adobe Systems

F:\Documents and Settings\All Users\Application Data\Apple Computer

F:\Documents and Settings\All Users\Application Data\Bitdefender

F:\Documents and Settings\All Users\Application Data\Date Rect Gpl Load

F:\Documents and Settings\All Users\Application Data\Microsoft

F:\Documents and Settings\All Users\Application Data\Microsoft Corporation

F:\Documents and Settings\All Users\Application Data\Pc Suite

F:\Documents and Settings\Chrilloo Oo\Application Data\Adobe

F:\Documents and Settings\Chrilloo Oo\Application Data\Adobeum -- EMPTY Directory

F:\Documents and Settings\Chrilloo Oo\Application Data\Apple Computer

F:\Documents and Settings\Chrilloo Oo\Application Data\Ati

F:\Documents and Settings\Chrilloo Oo\Application Data\Bitdefender

F:\Documents and Settings\Chrilloo Oo\Application Data\Datalayer

F:\Documents and Settings\Chrilloo Oo\Application Data\Divx

F:\Documents and Settings\Chrilloo Oo\Application Data\F?nts

F:\Documents and Settings\Chrilloo Oo\Application Data\Identities

F:\Documents and Settings\Chrilloo Oo\Application Data\Logitech

F:\Documents and Settings\Chrilloo Oo\Application Data\Macromedia

F:\Documents and Settings\Chrilloo Oo\Application Data\Microgaming

F:\Documents and Settings\Chrilloo Oo\Application Data\Microsoft

F:\Documents and Settings\Chrilloo Oo\Application Data\Mozilla

F:\Documents and Settings\Chrilloo Oo\Application Data\Nokia

F:\Documents and Settings\Chrilloo Oo\Application Data\Nokia Multimedia Player

F:\Documents and Settings\Chrilloo Oo\Application Data\Pc Suite

F:\Documents and Settings\Chrilloo Oo\Application Data\Pc Tools

F:\Documents and Settings\Chrilloo Oo\Application Data\Personal

F:\Documents and Settings\Chrilloo Oo\Application Data\Pile Extra Debug

F:\Documents and Settings\Chrilloo Oo\Application Data\Smartftp

F:\Documents and Settings\Chrilloo Oo\Application Data\Sun

F:\Documents and Settings\Chrilloo Oo\Application Data\S?mbols

F:\Documents and Settings\Chrilloo Oo\Application Data\Vlc

F:\Documents and Settings\Default User\Application Data\Microsoft

F:\Documents and Settings\Localservice\Application Data\Microsoft

F:\Documents and Settings\Localservice.nt Instans\Application Data\Microsoft

F:\Documents and Settings\Networkservice\Application Data\Microsoft

F:\Documents and Settings\Networkservice.nt Instans\Application Data\Microsoft

[/log]..och hijack

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 22:20:26, on 2006-11-26

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

F:\Windows\System32\smss.exe

F:\Windows\SYSTEM32\winlogon.exe

F:\Windows\system32\services.exe

F:\Windows\system32\lsass.exe

F:\Windows\system32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\System32\svchost.exe

F:\Windows\SYSTEM32\Ati2evxx.exe

F:\Windows\Explorer.EXE

F:\Program\Softwin\BitDefender10\bdagent.exe

F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

F:\Program\MSN Messenger\msnmsgr.exe

F:\Program\Logitech\SetPoint\SetPoint.exe

f:\program\intern~1\iexplore.exe

F:\Program\Delade filer\Logitech\KHAL\KHALMNPR.EXE

F:\Windows\system32\svchost.exe

F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe

F:\Program\Internet Explorer\iexplore.exe

F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe

F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe

F:\PROGRAM\MOZILL~1\FIREFOX.EXE

F:\Program\Softwin\BitDefender10\vsserv.exe

F:\Windows\system32\wscntfy.exe

F:\Windows\System32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\NOTEPAD.EXE

F:\Documents and Settings\Chrilloo oo\Skrivbord\Tankat- Firefox\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O4 - HKLM\..\Run: [bDMCon] "F:\Program\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "F:\Program\Softwin\BitDefender10\bdagent.exe"

O4 - HKCU\..\Run: [LDM] F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bitComet] "F:\Program\BitComet\BitComet.exe"

O4 - HKCU\..\Run: [bAIT TITLE] F:\DOCUME~1\CHRILL~1\APPLIC~1\PILEEX~1\up amok.exe

O4 - HKCU\..\Run: [msnmsgr] "F:\Program\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Program\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Program\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O18 - Protocol: bw+0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Adobe LM Service - Adobe Systems - F:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\Windows\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: iPodService - Apple Computer, Inc. - F:\Program\iPod\bin\iPodService.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - F:\Program\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

[/log]

För övrigt så går den lite snabbare, men fortfarande inte återställd.

 

Link to comment
Share on other sites

Det är en gammal Java-version med säkerhetshål i datorn. Avinstallera alla Java i Kontrollpanelen - Lägg till eller ta bort program och installera därefter en ny: http://www.java.com/sv/

 

Skanna med HijackThis och bocka för:

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

O4 - HKCU\..\Run: [bAIT TITLE] F:\DOCUME~1\CHRILL~1\APPLIC~1\PILEEX~1\up amok.exe

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn).

 

Ställ in Utforskaren så att du kan se alla filer:

Verktyg - (Mapp)alternativ eller liknande - Visning

Välj Visa dolda filer och mappar

Avbocka Dölj filnamnstillägg för kända filtyper

Avbocka Dölj skyddade operativsystemfiler

 

Ta bort mapparna (om de finns kvar):

F:\Documents and Settings\All Users\Application Data\Date Rect Gpl Load

F:\Documents and Settings\Chrilloo Oo\Application Data\Pile Extra Debug

 

Starta om i normalt läge och så en ny HijackThis-logg.

 

Sedan ser det ut som att det finns PurityScan-otrevlighet där också.

Kontrollpanelen - Lägg till eller ta bort program

Om något av följande finns i listan så ta bort:

Oin

Yazzle by Oin

Purityscan by Oin

Snowballwars by Oin

eller något liknande med Oin eller Outerinfo i sig.

Zolero

Tizzletalk

MediaTickets

Cowabanga

 

Ladda ner och kör avinstallationsprogrammet

http://www.outerinfo.com/OiUninstaller.exe

Om du behöver anvisningar så finns de här: http://www.outerinfo.com/howto.html

 

Starta om datorn.

 

Ladda ner ComboFix:

http://download.bleepingcomputer.com/sUBs/combofix.exe

 

Kör den och följ anvisningarna som visas.

 

VIKTIGT! Klicka inte på Combofix-fönstret med musen när den körs annars kan den hänga upp sig.

 

När den är färdig så ska en logg komma upp, klistra in den här.

 

Link to comment
Share on other sites

Combofixloggen;

[log]Chrilloo oo - 06-11-27 17:52:18,23 Service Pack 2

ComboFix 06.11.27W - Running from: "F:\Documents and Settings\Chrilloo oo"

 

((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))

 

REGISTRY ENTRIES REMOVED:

 

[HKEY_CLASSES_ROOT\clsid\{7D848803-975C-4029-B78C-87CB2E5490CE}]

@=""

"IDEx"="ADDR"

 

[HKEY_CLASSES_ROOT\clsid\{7D848803-975C-4029-B78C-87CB2E5490CE}\Implemented Categories]

@=""

 

[HKEY_CLASSES_ROOT\clsid\{7D848803-975C-4029-B78C-87CB2E5490CE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]

@=""

 

[HKEY_CLASSES_ROOT\clsid\{7D848803-975C-4029-B78C-87CB2E5490CE}\InprocServer32]

"ThreadingModel"="Apartment"

 

[HKEY_CLASSES_ROOT\clsid\{057FCA6B-4116-49A0-88E8-0C943ED26DC1}]

@=""

 

[HKEY_CLASSES_ROOT\clsid\{057FCA6B-4116-49A0-88E8-0C943ED26DC1}\Implemented Categories]

@=""

 

[HKEY_CLASSES_ROOT\clsid\{057FCA6B-4116-49A0-88E8-0C943ED26DC1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]

@=""

 

[HKEY_CLASSES_ROOT\clsid\{057FCA6B-4116-49A0-88E8-0C943ED26DC1}\InprocServer32]

"ThreadingModel"="Apartment"

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

 

 

Granting sedebugprivilege to Administratörer ... successful

 

 

((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

F:\Documents and Settings\Chrilloo oo\Application Data\Dxcdmns.dll

 

 

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

 

 

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

F:\Program\PrintView

F:\Windows\system32\components

F:\Program\Delade filer\{A0E084A4-04AF-1053-0829-01041119002e}

 

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

 

Folders Quarantined:

 

F:\QooBox\Purity\Documents and Settings\Chrilloo oo\Application Data\FNTS~1

F:\QooBox\Purity\Documents and Settings\Chrilloo oo\Application Data\SMBOLS~1

F:\QooBox\Purity\Documents and Settings\Chrilloo oo\Application Data\FNTS~1\F?nts

F:\QooBox\Purity\Documents and Settings\Chrilloo oo\Application Data\FNTS~1\F?nts\ctxad-491.0000

F:\QooBox\Purity\Documents and Settings\Chrilloo oo\Application Data\FNTS~1\F?nts\ctxad-491.0001

F:\QooBox\Purity\Program\FNTS~1

F:\QooBox\Purity\Program\SSTEM3~1

F:\QooBox\Purity\WINDOWS\ECURIT~1

F:\QooBox\Purity\WINDOWS\ICROSO~1.NET

F:\QooBox\Purity\WINDOWS\SSTEM3~1

F:\QooBox\Purity\WINDOWS\STEM~1

F:\QooBox\Purity\WINDOWS\YMBOLS~1

F:\QooBox\Purity\WINDOWS\system32\APPATC~1

F:\QooBox\Purity\WINDOWS\system32\ASKS~1

F:\QooBox\Purity\WINDOWS\system32\CROSOF~1.NET

F:\QooBox\Purity\WINDOWS\system32\CURITY~1

F:\QooBox\Purity\WINDOWS\system32\DOBE~1

F:\QooBox\Purity\WINDOWS\system32\PPPATC~1

F:\QooBox\Purity\WINDOWS\system32\WNSXS~1

 

 

((((((((((((((((((((((((((((((( Files Created from 2006-10-27 to 2006-11-27 ))))))))))))))))))))))))))))))))))

 

 

2006-11-27 17:26 88,340 --a------ F:\WINDOWS\system32\kmbkamdf.exe

2006-11-27 17:26 <KAT> d-------- F:\Documents and Settings\Chrilloo oo\Application Data\SearchToolbarCorp

2006-11-26 19:48 <KAT> d-------- F:\NoLopBackups

2006-11-26 16:40 <KAT> d-------- F:\Documents and Settings\Chrilloo oo\Application Data\Bitdefender

2006-11-26 16:18 <KAT> d-------- F:\Documents and Settings\All Users\Application Data\BitDefender

2006-11-26 16:17 <KAT> d-------- F:\Program\Softwin

2006-11-26 16:13 <KAT> d-------- F:\Program\Delade filer\Softwin

2006-11-26 12:55 260 --a------ F:\WINDOWS\system32\tmp.reg

2006-11-26 12:45 126,996 --a------ F:\WINDOWS\system32\gatdfcsj.dll

2006-11-26 10:27 <KAT> d-------- F:\Program\Registry Mechanic

2006-11-26 09:40 <KAT> d-------- F:\WINDOWS\BDOSCAN8

2006-11-25 13:02 668,503 ---hs---- F:\WINDOWS\system32\kkllm.ini2

2006-11-24 21:14 <KAT> d-------- F:\Documents and Settings\Chrilloo oo\.housecall6.6

2006-11-23 20:58 38,420 --a------ F:\WINDOWS\system32\emjslltc.dll

2006-11-19 23:02 <KAT> d-------- F:\tmp

2006-11-19 23:00 <KAT> d-------- F:\Program\Blender Foundation

2006-11-16 19:45 126,996 --a------ F:\WINDOWS\system32\ophgtaxt.dll

2006-11-16 18:23 <KAT> d-------- F:\Program\SlySoft

2006-11-15 22:33 <KAT> d-------- F:\Program\MSXML 4.0

2006-11-15 22:33 <KAT> d-------- F:\4a172e1badff3cc061b6b8

2006-11-14 09:03 50,688 --a------ F:\WINDOWS\system32\wbhelp2.dll

2006-11-14 09:03 <KAT> d-------- F:\Program\DAP

2006-11-11 15:25 <KAT> d-------- F:\Program\QuickSFV

2006-11-10 20:04 31,744 --a------ F:\WINDOWS\system32\drivers\maplom.sys

2006-11-05 22:35 <KAT> d-------- F:\Program\Xilisoft

2006-11-04 17:08 <KAT> d-------- F:\Program\Everstrike Software

2006-11-04 17:08 <KAT> d-------- F:\Program\Delade filer\Everstrike Software

2006-11-04 14:14 1,245,696 --a------ F:\WINDOWS\system32\msxml4.dll

2006-11-03 21:53 <KAT> d-------- F:\Documents and Settings\Chrilloo oo\Application Data\Pile extra debug

2006-11-03 21:53 <KAT> d-------- F:\Documents and Settings\All Users\Application Data\Date Rect Gpl Load

2006-11-02 19:26 <KAT> d-------- F:\Program\Total Video Player

2006-11-02 19:11 20,640 --------- F:\WINDOWS\system32\drivers\PxHelp20.sys

2006-11-02 19:11 109,568 --------- F:\WINDOWS\system32\pxinsi64.exe

2006-11-02 19:11 108,544 --------- F:\WINDOWS\system32\pxcpyi64.exe

2006-11-02 19:11 <KAT> d-------- F:\Documents and Settings\Chrilloo oo\Application Data\DivX

2006-11-02 19:10 <KAT> d-------- F:\Program\DivX

2006-11-02 17:24 <KAT> d-------- F:\Documents and Settings\Chrilloo oo\Local Settings

2006-11-01 17:52 60,436 --a------ F:\WINDOWS\system32\itjsaikc.dll

2006-10-31 14:03 14 --a------ F:\WINDOWS\system32\systeminfo.dll

2006-10-31 14:02 <KAT> d-------- F:\Program\DVD X Studios

2006-10-31 11:04 935,632 --a------ F:\WINDOWS\system\VB40016.DLL

2006-10-31 11:04 57,328 --a------ F:\WINDOWS\system\OLE2CONV.DLL

2006-10-31 11:04 536,048 --a------ F:\WINDOWS\system\OC25.DLL

2006-10-31 11:04 51,712 --a------ F:\WINDOWS\system\OLE2PROX.DLL

2006-10-31 11:04 5,120 --a------ F:\WINDOWS\system\STKIT416.DLL

2006-10-31 11:04 304,640 --a------ F:\WINDOWS\system\OLE2.DLL

2006-10-31 11:04 28,113 --a------ F:\WINDOWS\system\OLE2.REG

2006-10-31 11:04 27,632 --a------ F:\WINDOWS\system\CTL3DV2.DLL

2006-10-31 11:04 177,824 --a------ F:\WINDOWS\system\TYPELIB.DLL

2006-10-31 11:04 164,960 --a------ F:\WINDOWS\system\OLE2DISP.DLL

2006-10-31 11:04 157,696 --a------ F:\WINDOWS\system\STORAGE.DLL

2006-10-31 11:04 152,976 --a------ F:\WINDOWS\system\OLE2NLS.DLL

2006-10-31 11:04 12,976 --a------ F:\WINDOWS\system\SCP.DLL

2006-10-31 11:04 109,056 --a------ F:\WINDOWS\system\COMPOBJ.DLL

2006-10-31 11:04 <KAT> d-------- F:\Documents and Settings\Chrilloo oo\WINDOWS

2006-10-31 11:04 <KAT> d-------- F:\BIMOTION

2006-10-30 17:46 110,612 --a------ F:\WINDOWS\system32\gqrsucmu.exe

2006-10-29 12:05 <KAT> d-------- F:\Program\Delade filer\Hewlett-Packard

2006-10-29 12:04 94,208 --a------ F:\WINDOWS\system32\HPZipt12.dll

2006-10-29 12:04 65,536 --a------ F:\WINDOWS\system32\HPZipm12.exe

2006-10-29 12:04 61,440 --a------ F:\WINDOWS\system32\HPZinw12.exe

2006-10-29 12:04 57,344 --a------ F:\WINDOWS\system32\HPZisn12.dll

2006-10-29 12:04 306,688 --a------ F:\WINDOWS\IsUninst.exe

2006-10-29 12:04 278,584 --a------ F:\WINDOWS\system32\HPZidr12.dll

2006-10-29 12:04 204,800 --a------ F:\WINDOWS\system32\HPZipr12.dll

2006-10-29 12:01 <KAT> d-------- F:\HP_WebRelease

2006-10-27 16:56 9,600 --a------ F:\WINDOWS\system32\drivers\hidusb.sys

2006-10-27 16:53 14,848 --a------ F:\WINDOWS\system32\drivers\kbdhid.sys

2006-10-27 16:53 12,160 --a------ F:\WINDOWS\system32\drivers\mouhid.sys

2006-10-27 16:52 5,600 --a------ F:\WINDOWS\system32\drivers\WmVirHid.sys

2006-10-27 16:52 45,504 --a------ F:\WINDOWS\system32\drivers\WmXlCore.sys

2006-10-27 16:52 22,240 --a------ F:\WINDOWS\system32\drivers\WmFilter.sys

2006-10-27 16:52 17,632 --a------ F:\WINDOWS\system32\drivers\WmHidLo.sys

2006-10-27 16:52 10,144 --a------ F:\WINDOWS\system32\drivers\WmBEnum.sys

 

 

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

2006-11-27 17:54 -------- d-------- F:\Program\Delade filer

2006-11-27 17:36 -------- d-------- F:\Program\Mozilla Firefox

2006-11-27 17:26 616453 ---hs---- F:\WINDOWS\system32\kkllm.bak2

2006-11-26 20:03 -------- d-------- F:\Program\Microsoft Games

2006-11-26 18:14 -------- d-------- F:\Program\Internet Explorer

2006-11-26 17:44 -------- d-------- F:\Program\NetMeeting

2006-11-26 10:35 -------- d---s---- F:\Documents and Settings\Chrilloo oo\Application Data\Microsoft

2006-11-24 23:31 -------- d--h----- F:\Program\InstallShield Installation Information

2006-11-12 21:22 -------- d-------- F:\Program\iconchanger

2006-11-12 13:43 -------- d-------- F:\Program\Delade filer\Microsoft Shared

2006-11-10 19:37 163644 --a------ F:\WINDOWS\system32\drivers\secdrv.sys

2006-11-09 20:56 -------- d-------- F:\Program\EA SPORTS

2006-11-02 19:08 -------- d-------- F:\Program\BitComet

2006-11-02 16:39 -------- d-------- F:\Program\TPTEST5

2006-10-27 16:52 -------- d-------- F:\Program\Logitech

2006-10-27 16:52 -------- d-------- F:\Program\Delade filer\Logitech

2006-10-26 17:49 -------- d-------- F:\Program\Messenger

2006-10-26 16:15 -------- d-------- F:\Program\Spyware Doctor

2006-10-26 15:25 -------- d-------- F:\Documents and Settings\Chrilloo oo\Application Data\PC Tools

2006-10-25 15:57 -------- d-------- F:\Program\ScanSpyware v3.8.0.4

2006-10-23 16:41 1259 --a------ F:\WINDOWS\system32\kkh33e88.sys

2006-10-22 17:25 -------- d-------- F:\Documents and Settings\Chrilloo oo\Application Data\Adobe

2006-10-22 15:50 -------- d-------- F:\Program\Anti-Blaxx 1.18

2006-10-22 15:49 67604 --a------ F:\WINDOWS\system32\ltoxylis.exe

2006-10-22 15:48 688180 ---hs---- F:\WINDOWS\system32\mllkk.dll

2006-10-22 15:48 409912 ---hs---- F:\WINDOWS\system32\kkllm.bak1

2006-10-22 14:41 -------- d-------- F:\Program\EA GAMES

2006-10-22 10:39 22016 --a------ F:\WINDOWS\system32\mscoriezz.dll

2006-10-21 11:50 -------- d-------- F:\Program\IKEA HomePlanner

2006-10-21 11:44 -------- d-------- F:\Program\Delade filer\Wise Installation Wizard

2006-10-21 11:19 -------- d-------- F:\Program\Delade filer\Panda Software

2006-10-21 10:52 -------- d-------- F:\Program\WinRAR

2006-10-21 10:51 -------- d-------- F:\Program\MSN Messenger

2006-10-21 10:17 -------- d-------- F:\Program\Messenger Plus! Live

2006-10-21 10:16 -------- d-------- F:\Program\iTunes

2006-10-21 09:53 -------- d-------- F:\Program\QuickTime

2006-10-21 09:52 -------- d-------- F:\Program\DAEMON Tools

2006-10-20 23:16 -------- d-------- F:\Program\Free FTP Manager

2006-10-20 22:13 -------- d-------- F:\Program\Panda Software

2006-10-20 22:10 -------- d-------- F:\Program\HideMyIP

2006-10-20 20:22 -------- d-------- F:\Program\Advanced Voice Client

2006-10-19 20:30 -------- d-------- F:\Program\Delade filer\Adobe

2006-10-19 20:30 -------- d-------- F:\Program\Adobe

2006-10-18 18:27 -------- d-------- F:\Program\Common Files

2006-10-13 13:41 65536 --a------ F:\WINDOWS\system32\nwwks.dll

2006-10-13 13:41 64000 --a------ F:\WINDOWS\system32\nwapi32.dll

2006-10-13 13:41 141824 --a------ F:\WINDOWS\system32\nwprovau.dll

2006-10-13 11:23 163584 --a------ F:\WINDOWS\system32\drivers\nwrdr.sys

2006-10-11 21:28 356352 --a------ F:\WINDOWS\eSellerateEngine.dll

2006-10-06 23:17 -------- d-------- F:\Program\Windows Live Safety Center

2006-10-05 20:48 -------- d-------- F:\Program\Calculator Prompter

2006-10-05 17:37 -------- d-------- F:\Program\Personal

2006-10-05 17:37 -------- d-------- F:\Documents and Settings\Chrilloo oo\Application Data\Personal

2006-10-04 22:39 -------- d-------- F:\Program\Microsoft Windows Vista Upgrade Advisor

2006-10-02 20:04 806912 --a------ F:\WINDOWS\system32\divx_xx0c.dll

2006-10-02 20:04 806912 --a------ F:\WINDOWS\system32\divx_xx07.dll

2006-10-02 20:04 790528 --a------ F:\WINDOWS\system32\divx_xx11.dll

2006-10-02 20:04 635486 --a------ F:\WINDOWS\system32\DivX.dll

2006-09-27 16:57 118784 -r------- F:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe

2006-09-20 16:16 118784 -r------- F:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe

2006-09-16 11:59 729088 --a------ F:\WINDOWS\iun6002.exe

2006-09-13 06:07 1084416 --a------ F:\WINDOWS\system32\msxml3.dll

2006-09-03 00:35 692276 ---hs---- F:\WINDOWS\system32\nnlkl.dll

2006-09-03 00:35 448220 ---hs---- F:\WINDOWS\system32\lklnn.bak1

2006-08-29 18:43 135168 --a------ F:\WINDOWS\system32\swreg.exe

2006-08-16 21:31 8 --a------ F:\Documents and Settings\Chrilloo oo\Application Data\NMM-MetaData.db

2006-08-13 13:55 802 --a------ F:\Documents and Settings\Chrilloo oo\Application Data\AdobeDLM.log

2006-08-13 13:55 0 --a------ F:\Documents and Settings\Chrilloo oo\Application Data\dm.ini

2006-08-06 20:47 62 --ahs---- F:\Documents and Settings\Chrilloo oo\Application Data\desktop.ini

 

 

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

 

*Note* empty entries are not shown

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"LDM"="F:\\Program\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"

"BitComet"="\"F:\\Program\\BitComet\\BitComet.exe\""

"msnmsgr"="\"F:\\Program\\MSN Messenger\\msnmsgr.exe\" /background"

"BAIT TITLE"="F:\\DOCUME~1\\CHRILL~1\\APPLIC~1\\PILEEX~1\\up amok.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"RegistryMechanic"=""

"BDMCon"="\"F:\\Program\\Softwin\\BitDefender10\\bdmcon.exe\" /reg"

"BDAgent"="\"F:\\Program\\Softwin\\BitDefender10\\bdagent.exe\""

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]

"DeskHtmlVersion"=dword:00000110

"DeskHtmlMinorVersion"=dword:00000005

"Settings"=dword:00000001

"GeneralFlags"=dword:00000001

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Min aktuella startsida"

"Flags"=dword:00000002

"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00, 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00

"CurrentState"=hex:04,00,00,40

"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff, ff,ff,04,00,00,00

"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00, 00,00,01,00,00,00

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="F:\\WINDOWS\\system32\\CTFMON.EXE"

"Spyware Doctor"="\"F:\\Program\\Spyware Doctor\\swdoctor.exe\" /Q"

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="F:\\WINDOWS\\system32\\CTFMON.EXE"

"Spyware Doctor"="\"F:\\Program\\Spyware Doctor\\swdoctor.exe\" /Q"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]

"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"

"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Start-meny^Program^Autostart^Adobe Reader Speed Launch.lnk]

"backup"="F:\\Windows\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"

"location"="Common Startup"

"command"="F:\\Program\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "

"item"="Adobe Reader Speed Launch"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Start-meny^Program^Autostart^Personal.lnk]

"backup"="F:\\Windows\\pss\\Personal.lnkCommon Startup"

"location"="Common Startup"

"command"="F:\\Program\\Personal\\bin\\Personal.exe "

"item"="Personal"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APVXDWIN]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APVXDWIN"

"hkey"="HKLM"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CLIStart"

"hkey"="HKLM"

"command"="\"F:\\Program\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BAIT TITLE]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="up amok"

"hkey"="HKCU"

"command"="F:\\DOCUME~1\\CHRILL~1\\APPLIC~1\\PILEEX~1\\up amok.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CloneCDTray"

"hkey"="HKLM"

"command"="\"F:\\Program\\SlySoft\\CloneCD\\CloneCDTray.exe\" /s"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ctfmon"

"hkey"="HKCU"

"command"="F:\\Windows\\system32\\ctfmon.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dopli]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="s?chost"

"hkey"="HKCU"

"command"="F:\\Program\\s?stem32\\s?chost.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoldenFTPserver]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GFTP"

"hkey"="HKCU"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gpl load deaf bike]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="store readme"

"hkey"="HKLM"

"command"="F:\\Documents and Settings\\All Users\\Application Data\\Date Rect Gpl Load\\store readme.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"F:\\Program\\iTunes\\iTunesHelper.exe\""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LAUNCH~1"

"hkey"="HKLM"

"command"="F:\\Program\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PcSync2"

"hkey"="HKCU"

"command"="F:\\Program\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="qttask"

"hkey"="HKLM"

"command"="\"F:\\Program\\QuickTime\\qttask.exe\" -atboottime"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCANINICIO]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Inicio"

"hkey"="HKLM"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="swdoctor"

"hkey"="HKCU"

"command"="\"F:\\Program\\Spyware Doctor\\swdoctor.exe\" /Q"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="jusched"

"hkey"="HKLM"

"command"="F:\\Program\\Java\\jre1.5.0_06\\bin\\jusched.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAnonymous]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SurfAnonymous"

"hkey"="HKLM"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tieu]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="alg"

"hkey"="HKCU"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vbeeczdg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="j?vaw"

"hkey"="HKCU"

"command"="F:\\WINDOWS\\?ymbols\\j?vaw.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"ServiceLayer"=dword:00000003

"IDriverT"=dword:00000003

"SDhelper"=dword:00000002

"iPodService"=dword:00000003

"dmadmin"=dword:00000003

"VSS"=dword:00000003

"Spooler"=dword:00000002

"seclogon"=dword:00000002

"BITS"=dword:00000003

 

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mllkk

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

 

 

Contents of the 'Scheduled Tasks' folder

F:\Windows\tasks\MP Scheduled Scan.job

 

Completion time: 06-11-27 18:01:35.37

F:\ComboFix.txt ... 06-11-27 18:01

[/log]

 

Och ny hijackthis;

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 18:27:45, on 2006-11-27

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

F:\Windows\System32\smss.exe

F:\Windows\system32\csrss.exe

F:\Windows\SYSTEM32\winlogon.exe

F:\Windows\system32\services.exe

F:\Windows\system32\lsass.exe

F:\Windows\system32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\System32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\SYSTEM32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe

F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe

F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe

F:\Program\Softwin\BitDefender10\vsserv.exe

F:\Windows\system32\wscntfy.exe

F:\Windows\System32\alg.exe

F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

F:\Program\Logitech\SetPoint\SetPoint.exe

F:\Program\Delade filer\Logitech\KHAL\KHALMNPR.EXE

F:\Windows\System32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\msiexec.exe

F:\Windows\explorer.exe

F:\Program\MSN Messenger\msnmsgr.exe

F:\PROGRAM\MOZILL~1\FIREFOX.EXE

F:\Windows\system32\NOTEPAD.EXE

F:\Documents and Settings\Chrilloo oo\Skrivbord\Tankat- Firefox\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O4 - HKLM\..\Run: [bDMCon] "F:\Program\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "F:\Program\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Program\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKCU\..\Run: [LDM] F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bitComet] "F:\Program\BitComet\BitComet.exe"

O4 - HKCU\..\Run: [msnmsgr] "F:\Program\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bAIT TITLE] F:\DOCUME~1\CHRILL~1\APPLIC~1\PILEEX~1\up amok.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Program\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Program\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O18 - Protocol: bw+0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Adobe LM Service - Adobe Systems - F:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\Windows\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: iPodService - Apple Computer, Inc. - F:\Program\iPod\bin\iPodService.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - F:\Program\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

[/log]

 

För övrigt så hittade jag inga "oin" program i programhanteraren, men OiUnsistaller.exe tog visst bort något om jag inte minns helt fel. Date rect gpl load och pile extra debug var kvar, och kördes av iexplore.exe, eftersom det gick att ta bort dom utan att ligga i fel säkert läge, bara man avslutade iexplore.exe, och sedan spärrade program att startas..

 

MVH

Christoffer Törnqvist

 

Link to comment
Share on other sites

Hmm, LOP-mapparna är fortfarande kvar. Det är något annat där som döljer sig.

 

Ladda ner Vundofix:

http://www.atribune.org/ccount/click.php?id=4

 

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn).

 

Dubbelklicka på VundoFix.exe för att starta programmet.

När den startar igen så tryck på Scan for Vundo.

När skanningen är klar så tryck på Remove Vundo.

Svara Ja/Yes på frågan om du vill ta bort filerna.

Därefter kommer Skrivbordet att försvinna medan filerna tas bort.

När det är klart så kommer det en fråga om att din dator kommer att stängas av, tryck på OK.

Sätt igång datorn igen i normalt läge.

 

Om det är så att VundoFix inte kunde ta bort någon fil vid första försöket så kommer VundoFix att starta igen när datorn startas, följ i så fall beskrivningen en gång till.

 

Klistra in F:\vundofix.txt i ditt svar.

 

Gå till mappen Skrivbord\Tankat- Firefox\hijackthis med Utforskaren eller Den här datorn och byt namn på programmet HijackThis.exe till något annat, t ex rensning.exe, skapa sedan en ny logg som klistras in här.

 

Vad innehåller denna mapp?

F:\4a172e1badff3cc061b6b8

Ett minst sagt udda namn på en mapp.

 

Jag ser att du har installerat DAP, Download Accelerator Plus, det visar annonser. Det finns andra program som gör samma sak utan att visa reklam. Här finns en lista på några: http://download.openoffice.org/

Det kan tänkas att problemen med datorn började när du installerade DAP, så jag rekommenderar att du avinstallerar programmet.

 

Link to comment
Share on other sites

Vundo:

[log]

VundoFix V6.2.13

 

Checking Java version...

 

Sun Java not detected

Scan started at 09:48:25 2006-11-28

 

Listing files found while scanning....

 

 

VundoFix V6.2.13

 

Checking Java version...

 

Sun Java not detected

Scan started at 17:26:25 2006-11-28

 

Listing files found while scanning....

 

F:\Windows\system32\nnlkl.dll

F:\Windows\system32\lklnn.ini

F:\Windows\system32\lklnn.bak1

F:\Windows\system32\mllkk.dll

F:\Windows\system32\lklnn.ini

F:\Windows\system32\lklnn.bak1

F:\Windows\system32\kkllm.ini

F:\Windows\system32\kkllm.bak1

F:\Windows\system32\kkllm.bak2

F:\Windows\system32\kkllm.ini2

F:\Windows\system32\kkllm.tmp

 

Beginning removal...

 

Attempting to delete F:\Windows\system32\nnlkl.dll

F:\Windows\system32\nnlkl.dll Has been deleted!

 

Attempting to delete F:\Windows\system32\lklnn.ini

F:\Windows\system32\lklnn.ini Has been deleted!

 

Attempting to delete F:\Windows\system32\lklnn.bak1

F:\Windows\system32\lklnn.bak1 Has been deleted!

 

Attempting to delete F:\Windows\system32\mllkk.dll

F:\Windows\system32\mllkk.dll Could not be deleted.

 

Attempting to delete F:\Windows\system32\kkllm.ini

F:\Windows\system32\kkllm.ini Has been deleted!

 

Attempting to delete F:\Windows\system32\kkllm.bak1

F:\Windows\system32\kkllm.bak1 Has been deleted!

 

Attempting to delete F:\Windows\system32\kkllm.bak2

F:\Windows\system32\kkllm.bak2 Has been deleted!

 

Attempting to delete F:\Windows\system32\kkllm.ini2

F:\Windows\system32\kkllm.ini2 Has been deleted!

 

Attempting to delete F:\Windows\system32\kkllm.tmp

F:\Windows\system32\kkllm.tmp Has been deleted!

 

Performing Repairs to the registry.

Done!

 

Beginning removal...

 

Attempting to delete F:\Windows\system32\mllkk.dll

F:\Windows\system32\mllkk.dll Has been deleted!

 

Performing Repairs to the registry.

Done!

[/log]

HijackThis:

[log]Logfile of HijackThis v1.99.1

Scan saved at 17:59:29, on 2006-11-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

F:\Windows\System32\smss.exe

F:\Windows\system32\csrss.exe

F:\Windows\SYSTEM32\winlogon.exe

F:\Windows\system32\services.exe

F:\Windows\system32\lsass.exe

F:\Windows\system32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\System32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\SYSTEM32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\Explorer.EXE

F:\Program\Softwin\BitDefender10\bdagent.exe

F:\Program\Java\jre1.5.0_09\bin\jusched.exe

F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

F:\Program\BitComet\BitComet.exe

F:\Program\MSN Messenger\msnmsgr.exe

F:\Program\Logitech\SetPoint\SetPoint.exe

F:\Windows\system32\svchost.exe

F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe

F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe

F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe

F:\Program\Delade filer\Logitech\KHAL\KHALMNPR.EXE

F:\Program\Softwin\BitDefender10\vsserv.exe

F:\Windows\system32\wuauclt.exe

F:\Windows\system32\wscntfy.exe

F:\Windows\System32\alg.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\NOTEPAD.EXE

F:\PROGRAM\MOZILL~1\FIREFOX.EXE

F:\Documents and Settings\Chrilloo oo\Skrivbord\Tankat- Firefox\hijackthis\rensning.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {0C510D28-509C-4E6D-A1F6-E957D8297D85} - F:\Windows\system32\mllkk.dll (file missing)

O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - F:\Windows\system32\amyqrsqv.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\Program\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\Program\SPYWAR~1\tools\iesdpb.dll

O4 - HKLM\..\Run: [bDMCon] "F:\Program\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "F:\Program\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Program\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [LDM] F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bitComet] "F:\Program\BitComet\BitComet.exe"

O4 - HKCU\..\Run: [msnmsgr] "F:\Program\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bAIT TITLE] F:\DOCUME~1\CHRILL~1\APPLIC~1\PILEEX~1\up amok.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Program\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Program\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O18 - Protocol: bw+0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Adobe LM Service - Adobe Systems - F:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\Windows\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: iPodService - Apple Computer, Inc. - F:\Program\iPod\bin\iPodService.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - F:\Program\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

[/log]

 

Jag hade DAP en gång i tiden, men sedan så avinstallerade jag det. Var kan du hitta spår av den?

 

F:\4a172e1badff3cc061b6b8 innehåller en logg. "msxml4-KB927978-enu.log"

Har något med windows installer att göra om jag har fattat den rätt. Vill du se på den?

 

Var ligger LOP-mapparna kvar?

 

 

Link to comment
Share on other sites

ComboFix-loggen visar:

2006-11-14 09:03 <KAT> d-------- F:\Program\DAP

 

Skanna med HijackThis och bocka för:

 

O2 - BHO: (no name) - {0C510D28-509C-4E6D-A1F6-E957D8297D85} - F:\Windows\system32\mllkk.dll (file missing)

O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - F:\Windows\system32\amyqrsqv.dll

O4 - HKCU\..\Run: [bAIT TITLE] F:\DOCUME~1\CHRILL~1\APPLIC~1\PILEEX~1\up amok.exe

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn).

 

Ställ in Utforskaren så att du kan se alla filer:

Verktyg - (Mapp)alternativ eller liknande - Visning

Välj Visa dolda filer och mappar

Avbocka Dölj filnamnstillägg för kända filtyper

Avbocka Dölj skyddade operativsystemfiler

 

Ta bort filerna (om de finns kvar):

F:\Windows\system32\mllkk.dll

F:\Windows\system32\amyqrsqv.dll

 

Ta bort mapparna (om de finns kvar):

F:\Documents and Settings\All Users\Application Data\Date Rect Gpl Load

F:\Documents and Settings\Chrilloo Oo\Application Data\Pile Extra Debug

 

Starta om i normalt läge och så en ny HijackThis-logg.

Jag tittar på den imorgon.

 

Link to comment
Share on other sites

[log]Logfile of HijackThis v1.99.1

Scan saved at 21:15:44, on 2006-11-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

F:\Windows\System32\smss.exe

F:\Windows\system32\csrss.exe

F:\Windows\SYSTEM32\winlogon.exe

F:\Windows\system32\services.exe

F:\Windows\system32\lsass.exe

F:\Windows\system32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\System32\svchost.exe

F:\Windows\system32\svchost.exe

F:\Windows\SYSTEM32\Ati2evxx.exe

F:\Windows\system32\svchost.exe

F:\Program\Softwin\BitDefender10\bdagent.exe

F:\Program\Java\jre1.5.0_09\bin\jusched.exe

F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

F:\Program\MSN Messenger\msnmsgr.exe

F:\Program\Logitech\SetPoint\SetPoint.exe

F:\Program\Delade filer\Logitech\KHAL\KHALMNPR.EXE

F:\Windows\system32\svchost.exe

F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe

F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe

F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe

F:\Program\Softwin\BitDefender10\vsserv.exe

F:\Windows\system32\wscntfy.exe

F:\Windows\System32\alg.exe

F:\Windows\system32\svchost.exe

F:\Program\CloseAllWindows\CloseAllWindows.exe

F:\Windows\SYSTEM32\taskmgr.exe

F:\Windows\system32\cmd.exe

F:\Windows\explorer.exe

F:\Documents and Settings\Chrilloo oo\Skrivbord\Tankat- Firefox\hijackthis\rensning.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\Program\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\Program\SPYWAR~1\tools\iesdpb.dll

O4 - HKLM\..\Run: [bDMCon] "F:\Program\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "F:\Program\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Program\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [LDM] F:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bitComet] "F:\Program\BitComet\BitComet.exe"

O4 - HKCU\..\Run: [msnmsgr] "F:\Program\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Program\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Program\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program\Messenger\msmsgs.exe

O18 - Protocol: bw+0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {D0363F85-74A1-487D-8424-68EEE8B46A7A} - F:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Adobe LM Service - Adobe Systems - F:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\Windows\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: iPodService - Apple Computer, Inc. - F:\Program\iPod\bin\iPodService.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - F:\Program\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - F:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

[/log] Dap var avinstallerat, bara en gammal mapp kvar. det verkar som up amok.exe kommer tillbaka hela tiden?

 

Link to comment
Share on other sites

Nu ser jag inget otrevligt i loggen längre. :thumbsup:

 

Här kommer mina vanliga råd för en säkrare dator, men det är så klart viktigt att man använder sitt förnuft också.

 

Uppdatera från Windows Update och kör antispionprogrammen AVG Anti-Spyware (Ewido), SUPERAntiSpyware, Spybot S&D och/eller Ad-aware regelbundet.

http://www.ewido.net/en/

http://www.superantispyware.com/

http://www.safer-networking.org/en/download/index.html

http://www.lavasoft.com

 

Komplettera antivirusprogrammet med några online-skanningar då och då:

http://housecall.trendmicro.com/

http://www.bitdefender.com/scan8/ie.html

http://www.pandasoftware.com/products/activescan/

 

Använd en brandvägg (bättre än den inbyggda i XP), finns gratis från t ex ZoneLabs.

http://www.zonelabs.com/store/content/home.jsp

 

Om man använder Internet Explorer så kan det vara lämpligt att ha programmen SpywareBlaster och SpywareGuard, vilka hindrar en hel del otrevliga program från att laddas ner resp. köras:

http://www.javacoolsoftware.com

 

Se över säkerhetsinställningarna i Internet Explorer, det finns en hel del tips här:

http://www.spywarewarrior.com/uiuc/btw/ie/ie-opts.htm

 

Samt kör IE-SpyAd som lägger en hel massa otrevliga webbplatser i zonen Ej tillförlitliga i Internet Explorer så att de inte kan göra något med datorn:

http://www.spywarewarrior.com/uiuc/resource.htm

 

Om man byter webbläsare så är det bara SpywareGuard som behövs. Andra webbläsare är t ex Mozilla Firefox och Opera:

http://www.mozilla.org

http://www.opera.com

 

Allt gratis för hemanvändare/personligt bruk.

 

Link to comment
Share on other sites

Kan ju kolla hårddiskens överföringsläge:

Högerklick på datorn - Egenskaper - Maskinvara - Enhetshanteraren - IDE ATA/ATAPI-styrenheter - Primär IDE-kanal - Avancerade inställningar

Vad står det för Aktuellt överföringsläge för hårddisken?

 

Link to comment
Share on other sites

Ja, i PIO-läge går det långsamt. Du kan läsa här hur Microsoft har tänkt sig att du får tillbaks diskarna i DMA-läge:

http://www.microsoft.com/whdc/device/storage/IDE-DMA.mspx

http://support.microsoft.com/default.aspx?scid=kb;en-us;817472

 

Du bör också testa hårddisken med det testprogram som disktillverkaren har på sin webbplats. Disktillverkare brukar framgå i Enhetshanteraren när man trycker på + framför Diskenheter. Det kan ju vara ett fel på den som gjort att Windows har ställt ner överföringshastigheten till den.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...