Just nu i M3-nätverket
Jump to content

Vääääääääldigt långsamt...


putte, va

Recommended Posts

Hej! Någonting, eller många ting, har fått datorn att fungera långsamt under en längre tid. Misstänker maskar, trojaner och allehanda annat trevligt. Fritt fram och kika på min logg! Återkom gärna med förslag på åtgärder. Tack på förhand!///Hannes

[log]Logfile of HijackThis v1.99.1

Scan saved at 01:17:46, on 2006-11-29

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\runservice.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program\MioNet\MioNetManager.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\Program\Analog Devices\SoundMAX\SMAgent.exe

C:\Program\MioNet\jvm\bin\MioNet.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\devldr32.exe

C:\Program\Analog Devices\SoundMAX\SMTray.exe

C:\Program\Creative\Mouse Optical\mouse_2k.exe

C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\Program\Delade filer\Logitech\QCDriver2\LVCOMS.EXE

C:\Program\Logitech\ImageStudio\LogiTray.exe

C:\Program\D-Tools\daemon.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\VM_STI.EXE

C:\Program\HbTools\Bin\4.8.2.0\HbtOEAddOn.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Documents and Settings\User\Skrivbord\304.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program\HbTools\Bin\4.8.2.0\HbtWeatherOnTray.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\Error Safe Free\ers.exe

C:\Program\Error Safe Free\uerscw.exe

C:\Program\Hbtools\HBTV\HBTV.exe

C:\Program\WinAntiVirus Pro 2006\WinAV.exe

C:\Program\WinAntiVirus Pro 2006\uwa6pcw.exe

C:\Program\Delade filer\{7C81A62C-0682-1053-0902-04100501002e}\Update.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe

C:\Program\Skype\Phone\Skype.exe

C:\WINDOWS\system32\crunner\cproc.exe

C:\DOCUME~1\User\MINADO~1\MCROSO~1\scanregw.exe

C:\Program\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\Philips\SPC 200NC PC Camera\TrayMin200.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\HbTools\Bin\4.8.2.0\HbtSrv.exe

C:\Documents and Settings\User\Application Data\?ystem\d?dplay.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program\WinAntiVirus Pro 2006\pv.exe

C:\Program\Windows Media Player\wmplayer.exe

C:\Program\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Documents and Settings\User\Skrivbord\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program\DeluxeCommunications\DxcBho.dll

O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program\MySearch\bar\1.bin\S4BAR.DLL

O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program\MySearch\SrchAstt\1.bin\MYSRCHAS.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: CIEIntegrator Object - {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} - C:\Program\WinAntiVirus Pro 2006\winpgi.dll

O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program\NewDotNet\newdotnet7_22.dll

O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E3D779547B4E213BC0 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program\hbtools\hbtv\hbtvhelper.dll

O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program\HbTools\Bin\4.8.2.0\HbtHostIE.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\sv\msntb.dll

O2 - BHO: (no name) - {BE22579D-BC2A-E38C-7995-B59EFF365EC6} - C:\WINDOWS\system32\ffymlnsk.dll

O2 - BHO: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program\Delade filer\{3C81A62C-0682-1053-0902-04100501002e}\888.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\sv\msntb.dll

O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program\MySearch\bar\1.bin\S4BAR.DLL

O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program\HbTools\Bin\4.8.2.0\HbtHostIE.dll

O3 - Toolbar: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program\Delade filer\{3C81A62C-0682-1053-0902-04100501002e}\888.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar3.dll

O4 - HKLM\..\Run: [smapp] C:\Program\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [CreativeMouse ] C:\Program\Creative\Mouse Optical\mouse_2k.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [LVCOMS] C:\Program\Delade filer\Logitech\QCDriver2\LVCOMS.EXE

O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program\Logitech\ImageStudio\ISStart.exe

O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program\Logitech\ImageStudio\LogiTray.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\Program\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera

O4 - HKLM\..\Run: [HbTools] C:\Program\HbTools\Bin\4.8.2.0\HbtOEAddOn.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\User\Skrivbord\304.exe

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [ipWins] C:\Program\ipwins\ipwins.exe

O4 - HKLM\..\Run: [WeatherOnTray] C:\Program\HbTools\Bin\4.8.2.0\HbtWeatherOnTray.exe

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program\DeluxeCommunications\Dxc.exe

O4 - HKLM\..\Run: [Error Safe] C:\Program\Error Safe Free\ers.exe /scan

O4 - HKLM\..\Run: [uerscw] C:\Program\Error Safe Free\uerscw.exe -c

O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program\WinAntiVirus Pro 2006\WinAV.exe" /min

O4 - HKLM\..\Run: [uwa6pcw] "C:\Program\WinAntiVirus Pro 2006\uwa6pcw.exe" -c

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [cprocsvc] C:\WINDOWS\system32\crunner\cproc.exe

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program\DeluxeCommunications\Dxc.exe

O4 - HKCU\..\Run: [Oass] "C:\DOCUME~1\User\MINADO~1\MCROSO~1\scanregw.exe" -vt yazb

O4 - HKCU\..\Run: [Clgk] C:\Documents and Settings\User\Application Data\?ystem\d?dplay.exe

O4 - HKCU\..\Run: [Error Safe] "C:\Program\Error Safe Free\ers.exe" /scan

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Global Startup: Kodak software updater.lnk = C:\Program\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: TrayMin300.exe.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\OFFICE12\EXCEL.EXE/3000

O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program\expektMPP\MPPoker.exe (file missing)

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program\Titan Poker\casino.exe (file missing)

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program\Titan Poker\casino.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE12\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O15 - Trusted Zone: www.fujidirekt.se

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://cdn.drivecleaner.com/installdrivecleanerstart_se.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.fujidirekt.se/aurigma/ImageUploader3.cab

O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll

O18 - Protocol: bw+0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {BAAAD838-95B1-4911-9956-A55694DB5FBB} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: dxclib303562752.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe

O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program\MioNet\MioNetManager.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program\Trend Micro\PC-cillin 2002\Tmntsrv.exe[/log]

 

Link to comment
Share on other sites

Oj oj, det var mycket otrevligt i den. Det kommer att bli mycket jobb för att få den ren, troligen så går det fortare att installera om den.

 

Kontrollpanelen - Lägg till eller ta bort program

Ta bort om något av följande finns där:

MySearch

MySearch Search Assistant

My Search Bar

NewDotNet

New.Net

HotBar

888Bar

180search assistant

saap

Error Safe

liknande namn

 

Om inte NewDotNet eller New.Net fanns där så följ anvisningarna på den här sidan:

http://www.newdotnet.com/removal.html

 

Använd sedan detta rensningsprogram:

http://securityresponse.symantec.com/avcenter/FxNdotN.exe

 

[log]Starta om datorn.

 

Ladda ner denna fil till Skrivbordet:

http://download.bleepingcomputer.com/reg/FixDXC.reg

 

Stäng Internet Explorer och alla andra program.

 

Start - Kör - Skriv in detta i rutan:

control

Tryck på OK

Dubbelklicka på Lägg till eller ta bort program

Leta reda på DeluxeCommunications och dubbelklicka på den för att ta bort den.

Om den inte finns i listan gör så här i stället:

Start - Kör - skriv in::

C:\Program\DeluxeCommunications\Dxc.exe /u

OK-knappen

 

Oavsett metod så ska nu avinstallationsprogrammet starta, följ anvisningarna som kommer upp. Fråga om det är något oklart.

 

Dubbelklicka på FixDXC.reg som du laddade ner förut. Välj Ja och sedan OK vid frågorna som kommer.

 

Ta bort mappen:

C:\Program\DeluxeCommunications

 

Ta bort filerna (om de finns kvar):

C:\Windows\system32\dxclib303562752.dll

C:\Documents and Settings\"anv.namn"\Application Data\Dxcknwrd.dll

C:\Documents and Settings\"anv.namn"\Application Data\Dxccwrd.dll

C:\Windows\system32\bkd.exe

 

Starta om datorn.

 

Ladda ner http://www.mvps.org/winhelp2002/hosts.zip till Skrivbordet.

Packa upp filen. En ny mapp Hosts skapas på Skrivbordet.

Dubbelklicka på mappen för att öppna den.

Dubbelklicka på filen mvps.bat för att starta programmet.

Detta program kommer att byta ut datorns Hosts-fil så att PurityScan-otrevligheten förhindras komma i kontakt med sin skapare. Det kommer också förhindra att du kan besöka sidor som är ökända för att installera otrevligheter på datorn. Du kan läsa mer om det här:

http://www.mvps.org/winhelp2002/hosts.htm

 

Kontrollpanelen - Lägg till eller ta bort program

Om något av följande finns i listan så ta bort:

Oin

Yazzle by Oin

Purityscan by Oin

Snowballwars by Oin

eller något liknande med Oin eller Outerinfo i sig.

Zolero

Tizzletalk

MediaTickets

Cowabanga

 

Ladda ner och kör avinstallationsprogrammet

http://www.outerinfo.com/OiUninstaller.exe

Om du behöver anvisningar så finns de här: http://www.outerinfo.com/howto.html

 

Starta om datorn.

 

Ladda hem och installera gratisversionen av SUPERAntiSpyware Free Edition:

http://www.superantispyware.com/download.html

Starta programmet, klicka på Check for updates.

Avsluta programmet när uppdateringen är klar.

 

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn).

 

Starta SUPERAntiSpyware och klicka på Scan your Computer.

Bocka för alla hårddiskar (fixed drive/disk).

Välj Perform complete scan

Nästa/Next

 

När skanningen är klar som kommer det upp en sammanfattning, tryck på OK

Nästa/Next

Utför eller liknande

Ett fönster med Quarantine and removal Complete kommer upp

OK

Utför eller liknande

Avsluta programmet.

 

Starta om i normalt läge.

 

Starta programmet, tryck på Preferences, välj filken Statistics/Logs

Dubbelklicka på den nyaste SUPERAntiSpyware Scan Log så att loggen kommer upp i Anteckningar.

Klistra in loggen i ditt svar samt en ny HijackThis-logg.

Så kan vi fortsätta rensningen.

 

OBS! Kom att när du har klistrat in något i ditt svar så ska du markera (måla) det du har klistrat in och sedan trycka på LOG-knappen i Besvara-fönstret.[/log]

 

Edit: Stoppade dit LOG-taggar

[inlägget ändrat 2006-11-29 08:28:52 av Cecilia]

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...