Just nu i M3-nätverket
Jump to content

HJÄLP! spyware vid namn spylocked


katecat

Recommended Posts

Har också fått det J*vla spionprogrammet (spyware vid namn spylocked)

Hoppas ni kan hjälpa mig =´(

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 18:37:19, on 2007-06-06

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\AvidSDMService.exe

C:\Program\Bonjour\mDNSResponder.exe

D:\Program\Glocalnetbredband\Bredbandsklienten\GlocalnetBredbandService.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Canon\CAL\CALMAIN.exe

D:\Program\Glocalnetbredband\Bredbandsklienten\Launcher.exe

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\devldr32.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRAM\MOZILL~1\FIREFOX.EXE

C:\WINDOWS\system32\wscntfy.exe

D:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.googel.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_01\bin\ssv.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: wssclient - {8D99D2A3-317C-4929-8A5D-21140259D93A} - c:\PROGRA~1\wss.dll

O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Program\Video ActiveX Access\iesplg.dll (file missing)

O4 - HKLM\..\Run: [Glocalnet Bredband] "D:\Program\Glocalnetbredband\Bredbandsklienten\Launcher.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [sDR6_Check] "C:\Program\Delade filer\DriveCleaner Free\udcsdr.exe"

O4 - HKLM\..\Run: [PAS_Check] "C:\Program\Delade filer\DriveCleaner Free\udcpas.exe"

O4 - HKLM\..\Run: [salestart] "C:\Program\Delade filer\DriveCleaner Free\dcsm.exe"

O4 - HKLM\..\Run: [kav] "D:\Program\Kaspersky Lab\avp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\j2re1.4.2_07\bin\jusched.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [bitTorrent] "D:\Program\BitTorrent\bittorrent.exe" --force_start_minimized

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = D:\Program\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://D:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program\Kaspersky Lab\scieplugin.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program\PartyGaming\PartyCasino\RunCasino.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program\PartyGaming\PartyCasino\RunCasino.exe (file missing)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\program\bonjour\mdnsnsp.dll

O12 - Plugin for .pdf: C:\Program\Internet Explorer\PLUGINS\nppdf32.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{69396498-FED7-4625-95BC-DC2DBDC31306}: NameServer = 195.58.103.130 195.58.103.21

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe

O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - D:\Program\Kaspersky Lab\avp.exe" -r (file missing)

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Glocalnet Bredband (GlocalnetBredbandClientService) - Glocalnet AB - D:\Program\Glocalnetbredband\Bredbandsklienten\GlocalnetBredbandService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Unknown owner - C:\Program\iPod\bin\iPodService.exe (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe[/log]

 

[inlägget ändrat 2007-06-06 17:51:56 av katecat]

Link to comment
Share on other sites

 

[log]Ladda ner SmitfraudFix på skrivbordet

 

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

 

Öppna den och välj altenativ Search = klicka 1 och Enter

Kopiera loggen som kommer ut och skicka hit.

 

I ditt svar bifogar du loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen[/log]

 

Link to comment
Share on other sites

[log]SmitFraudFix v2.192

 

Scan done at 17:58:53,28, 2007-06-06

Run from C:\Documents and Settings\Sarah\Skrivbord\SmitfraudFix

OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT

The filesystem type is NTFS

Fix run in normal mode

 

»»»»»»»»»»»»»»»»»»»»»»»» Process

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\AvidSDMService.exe

C:\Program\Bonjour\mDNSResponder.exe

D:\Program\Glocalnetbredband\Bredbandsklienten\GlocalnetBredbandService.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Canon\CAL\CALMAIN.exe

D:\Program\Glocalnetbredband\Bredbandsklienten\Launcher.exe

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\devldr32.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRAM\MOZILL~1\FIREFOX.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\cmd.exe

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

C:\WINDOWS\system32\eeuydc.dll FOUND !

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Sarah

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Sarah\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

 

C:\DOCUME~1\ALLUSE~1.WIN\START-~1\Online Security Guide.url FOUND !

C:\DOCUME~1\ALLUSE~1.WIN\START-~1\Security Troubleshooting.url FOUND !

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Sarah\FAVORI~1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Min aktuella startsida"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]

"{44e670f2-d57b-4815-a576-955d17dbbf2d}"="auditioned"

 

[HKEY_CLASSES_ROOT\CLSID\{44e670f2-d57b-4815-a576-955d17dbbf2d}\InProcServer32]

@="C:\WINDOWS\system32\eeuydc.dll"

 

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{44e670f2-d57b-4815-a576-955d17dbbf2d}\InProcServer32]

@="C:\WINDOWS\system32\eeuydc.dll"

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, following keys are not inevitably infected!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, following keys are not inevitably infected!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Description: CNet PRO200WL PCI Fast Ethernet Adapter - Miniport för paketschemaläggning

DNS Server Search Order: 192.168.0.254

 

Description: WAN (PPP/SLIP) Interface

DNS Server Search Order: 195.58.103.130

DNS Server Search Order: 195.58.103.21

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{5908D3CD-E2C4-4CA8-A2CA-383BB41FD0DD}: DhcpNameServer=192.168.0.254

HKLM\SYSTEM\CCS\Services\Tcpip\..\{69396498-FED7-4625-95BC-DC2DBDC31306}: NameServer=195.58.103.130 195.58.103.21

HKLM\SYSTEM\CS1\Services\Tcpip\..\{5908D3CD-E2C4-4CA8-A2CA-383BB41FD0DD}: DhcpNameServer=192.168.0.254

HKLM\SYSTEM\CS1\Services\Tcpip\..\{69396498-FED7-4625-95BC-DC2DBDC31306}: NameServer=195.58.103.130 195.58.103.21

HKLM\SYSTEM\CS2\Services\Tcpip\..\{5908D3CD-E2C4-4CA8-A2CA-383BB41FD0DD}: DhcpNameServer=192.168.0.254

HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.254

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

 

 

»»»»»»»»»»»»»»»»»»»»»»»» End

 

[/log]

 

Link to comment
Share on other sites

 

[log]Avinstallera via Kontrollpanelen om hittas

 

Java

DriveCleaner

 

Starta datorn i felsäkert läge

 

Ta bort

 

C:\Program\Delade filer\DriveCleaner Free\ < mappen

 

Sen öppna SmitfraudFix

Välj altenativ Clean = klicka 2 och Enter

Sen vänta tills den jobbar klart.

På frågan "Registry cleaning - Do you want to clean the registry ?"

svara Yes med att klicka Y och Enter

Om wininet.dll är infekterad får du frågan "Replace infected file ?"

svara Yes med att klicka Y och Enter.

Om inte datorn startar om automatiskt så starta den i normalläge.

 

Skicka sen en ny Hijack logg och C:\rapport.txt [/log]

 

Link to comment
Share on other sites

Hej!

 

Hitta inte C:\Program\Delade filer\DriveCleaner Free\ < mappen

så jag sökte på DriveCleaner och hitta den på

c:\Documents and settings\Sarah\Application Data

 

Klicka på mappen och där fanns en till mapp vid namn logs, klickade på den och där fanns det ett textdokument vid namn update

 

Tog bort hela mappen.

 

Öppnade SmitfraudFix

Efter jag klicka 2 och Enter startade diskrensning (normalt?) sen stod det på SmitfraudFix " det gick inte att hitta filen - c:\Docume~\Sarah\LOKALA~1\Temp\ *.*

 

Sen kom "Registry cleaning - Do you want to clean the registry ?" tryckte Y och enter och sen startade jag datorn i "rätt läge" och här är Hijack loggan

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 18:46:40, on 2007-06-06

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\AvidSDMService.exe

D:\Program\Kaspersky Lab\avp.exe

C:\Program\Bonjour\mDNSResponder.exe

D:\Program\Glocalnetbredband\Bredbandsklienten\GlocalnetBredbandService.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Canon\CAL\CALMAIN.exe

D:\Program\Glocalnetbredband\Bredbandsklienten\Launcher.exe

D:\Program\ZoneAlarm\zlclient.exe

C:\Program\D-Tools\daemon.exe

D:\Program\Kaspersky Lab\avp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\devldr32.exe

C:\WINDOWS\system32\WgaTray.exe

D:\Program\Hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_01\bin\ssv.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: wssclient - {8D99D2A3-317C-4929-8A5D-21140259D93A} - c:\PROGRA~1\wss.dll

O4 - HKLM\..\Run: [Glocalnet Bredband] "D:\Program\Glocalnetbredband\Bredbandsklienten\Launcher.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [sDR6_Check] "C:\Program\Delade filer\DriveCleaner Free\udcsdr.exe"

O4 - HKLM\..\Run: [PAS_Check] "C:\Program\Delade filer\DriveCleaner Free\udcpas.exe"

O4 - HKLM\..\Run: [salestart] "C:\Program\Delade filer\DriveCleaner Free\dcsm.exe"

O4 - HKLM\..\Run: [kav] "D:\Program\Kaspersky Lab\avp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\j2re1.4.2_07\bin\jusched.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [bitTorrent] "D:\Program\BitTorrent\bittorrent.exe" --force_start_minimized

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = D:\Program\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://D:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program\Kaspersky Lab\scieplugin.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program\PartyGaming\PartyCasino\RunCasino.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program\PartyGaming\PartyCasino\RunCasino.exe (file missing)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\program\bonjour\mdnsnsp.dll

O12 - Plugin for .pdf: C:\Program\Internet Explorer\PLUGINS\nppdf32.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe

O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - D:\Program\Kaspersky Lab\avp.exe" -r (file missing)

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Glocalnet Bredband (GlocalnetBredbandClientService) - Glocalnet AB - D:\Program\Glocalnetbredband\Bredbandsklienten\GlocalnetBredbandService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Unknown owner - C:\Program\iPod\bin\iPodService.exe (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe[/log]

 

Link to comment
Share on other sites

 

[log]Scanna med Hijack bocka i följande rader stäng Web-läsaren och klicka Fix checked

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_01\bin\ssv.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [sDR6_Check] "C:\Program\Delade filer\DriveCleaner Free\udcsdr.exe"

O4 - HKLM\..\Run: [PAS_Check] "C:\Program\Delade filer\DriveCleaner Free\udcpas.exe"

O4 - HKLM\..\Run: [salestart] "C:\Program\Delade filer\DriveCleaner Free\dcsm.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\j2re1.4.2_07\bin\jusched.exe

 

sen är logen ok

Hämta nyaste Java här

 

http://www.java.com/sv/[/log]

 

Link to comment
Share on other sites

Hej!

 

De funkade jätte bra och nu är jag av med de skrället!

Tack så mycket!! Vilken servis, är helt imponerad!

All tacksamhet! :)

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...