Renfield Posted September 15, 2008 Share Posted September 15, 2008 Jag har fått ett virus som hindrar mig från att gå in på online scan-sidor! Eftersom jag alltid kollar virus online är jag helt rådlös och behöver hjälp! Link to comment Share on other sites More sharing options...
Cecilia Posted September 15, 2008 Share Posted September 15, 2008 Vi kan se om HijackThis visar något till att börja med: http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat). I ditt svar bifogar du HijackThis-loggen på detta sätt: Tryck på LOG-knappen i Besvara-fönstret Klistra in loggen Tryck igen på LOG-knappen Link to comment Share on other sites More sharing options...
Renfield Posted September 15, 2008 Author Share Posted September 15, 2008 Tack för svaret! Tyvärr kan jag inte gå in på sidan trots upprepade försök! Link to comment Share on other sites More sharing options...
Cecilia Posted September 15, 2008 Share Posted September 15, 2008 Om det är XP så pröva om denna hjälper: Ladda ner SDFix till Skrivbordet: http://downloads.andymanchesta.com/RemovalTools/SDFix.exe Dubbelklicka på SDFix.exe och en ny mapp skapas, C:\SDFix. Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn). Öppna den nya mappen C:\SDFix och dubbelklicka på RunThis.bat för att starta programmet. Tryck Y för att fortsätta. Det arbetar ett tag och när det är klart så kommer det upp en fråga om du vill starta om datorn. Tryck på godtycklig tangent för att omstarten ska påbörjas. Datorn kommer att ta lång tid på sig under uppstarten eftersom programmet kommer att gå igång och fixa till en massa. När det är klart visas Finished. Tryck på valfri tangent för att avsluta programmet. Öppna mappen SDFix och öppna filen Report.txt i Anteckningar. Klistra in innehållet i filen i ditt svar här. Skapa en HijackThis-logg också och klistra in här. Link to comment Share on other sites More sharing options...
Renfield Posted September 15, 2008 Author Share Posted September 15, 2008 Inte ens det funkar. Det känns som att datorn fått ebola... Link to comment Share on other sites More sharing options...
Cecilia Posted September 15, 2008 Share Posted September 15, 2008 Skicka mig ett mejl så kan vi se om det går bra att mejla dig SDfix. Du ser min mejladress när du trycker på Anv.Info. Link to comment Share on other sites More sharing options...
Renfield Posted September 15, 2008 Author Share Posted September 15, 2008 [log] SDFix: Version 1.219 Run by Thomas on 2008-09-15 at 22:26 Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Restoring Windows Product ID To Remove Fake Virus Alert Restoring Time Format To Remove Fake Virus Alert Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\system32\xxyyxxUK.dll - Deleted C:\WINDOWS\SYSTEM32\WINDOW~1.EXE - Deleted C:\Error Cleaner.url - Deleted C:\Documents and Settings\Thomas\Favoriter\Error Cleaner.url - Deleted C:\Privacy Protector.url - Deleted C:\Documents and Settings\Thomas\Favoriter\Privacy Protector.url - Deleted C:\Spyware&Malware Protection.url - Deleted C:\Documents and Settings\Thomas\Favoriter\Spyware&Malware Protection.url - Deleted C:\Program\PCHealthCenter\0.exe - Deleted C:\Program\PCHealthCenter\0.gif - Deleted C:\Program\PCHealthCenter\1.exe - Deleted C:\Program\PCHealthCenter\1.gif - Deleted C:\Program\PCHealthCenter\1.ico - Deleted C:\Program\PCHealthCenter\2.exe - Deleted C:\Program\PCHealthCenter\2.gif - Deleted C:\Program\PCHealthCenter\2.ico - Deleted C:\Program\PCHealthCenter\3.exe - Deleted C:\Program\PCHealthCenter\3.gif - Deleted C:\Program\PCHealthCenter\4.exe - Deleted C:\Program\PCHealthCenter\5.exe - Deleted C:\Program\PCHealthCenter\7.exe - Deleted C:\Program\PCHealthCenter\sc.html - Deleted C:\DOCUME~1\Thomas\LOKALA~1\Temp\lwpwer.exe.bat - Deleted C:\DOCUME~1\Thomas\LOKALA~1\Temp\smchk.exe.bat - Deleted C:\DOCUME~1\Thomas\LOKALA~1\Temp\windfr.exe.bat - Deleted C:\DOCUME~1\Thomas\LOKALA~1\Temp\TMP2.tmp - Deleted C:\DOCUME~1\Thomas\LOKALA~1\Temp\TMP2.tmp - Deleted C:\DOCUME~1\Thomas\LOKALA~1\Temp\lwpwer.exe - Deleted C:\DOCUME~1\Thomas\LOKALA~1\Temp\removalfile.bat - Deleted C:\WINDOWS\hkr32.asm - Deleted C:\WINDOWS\system32\windows_update.exe - Deleted Could Not Remove C:\WINDOWS\system32\drivers\tdssserv.sys Could Not Remove C:\WINDOWS\system32\tdssadw.dll Could Not Remove C:\WINDOWS\system32\tdssinit.dll Could Not Remove C:\WINDOWS\system32\tdssl.dll Could Not Remove C:\WINDOWS\system32\tdsslog.dll Could Not Remove C:\WINDOWS\system32\tdssmain.dll Could Not Remove C:\WINDOWS\system32\tdssservers.dat Folder C:\Program\PCHealthCenter - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-15 22:42:28 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... disk error: C:\WINDOWS\system32\config\system, 0 scanning hidden registry entries ... disk error: C:\WINDOWS\system32\config\software, 0 disk error: C:\Documents and Settings\Thomas\ntuser.dat, 0 scanning hidden files ... disk error: C:\WINDOWS please note that you need administrator rights to perform deep scan Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\\Program\\uTorrent\\utorrent.exe"="D:\\Program\\uTorrent\\utorrent.exe:*:Enabled:æTorrent" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\\Program\\iTunes\\iTunes.exe"="D:\\Program\\iTunes\\iTunes.exe:*:Enabled:iTunes" "D:\\Program\\LimeWire\\LimeWire.exe"="D:\\Program\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program\\Windows Live\\Messenger\\livecall.exe"="C:\\Program\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP000.TMP\\reason.exe"="C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP000.TMP\\reason.exe:*:Enabled:Windows Messanger" "C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP001.TMP\\keygen1.exe"="C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP001.TMP\\keygen1.exe:*:Enabled:Windows Messanger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program\\Windows Live\\Messenger\\livecall.exe"="C:\\Program\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : C:\WINDOWS\system32\drivers\tdssserv.sys Found C:\WINDOWS\system32\tdssadw.dll Found C:\WINDOWS\system32\tdssinit.dll Found C:\WINDOWS\system32\tdssl.dll Found C:\WINDOWS\system32\tdsslog.dll Found C:\WINDOWS\system32\tdssmain.dll Found C:\WINDOWS\system32\tdssservers.dat Found File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Thu 2 Aug 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Wed 21 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Mon 12 Mar 2007 1,401 A..H. --- "C:\Program\Delade filer\System\Opwo8XgoJ9v9s\ceGFpsSwi.tmp" Wed 15 Nov 2006 1,291 A..H. --- "C:\Documents and Settings\All Users\Application Data\Microsoft\QHihbuQC7npW\weKAQVW7b1fnsh.tmp" Wed 18 Apr 2007 1,343 A..H. --- "C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy\akpDCaeV28NI\7CWmwfd7rI.tmp" Finished! [/log] Link to comment Share on other sites More sharing options...
Cecilia Posted September 15, 2008 Share Posted September 15, 2008 Det här är filer som är tillåtna i Windows-brandväggen men som troligen är skadliga och i alla fall är det inte några normala filer. "C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP000.TMP\\reason.exe"="C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP000.TMP\\reason.exe:*:Enabled:Windows Messanger" "C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP001.TMP\\keygen1.exe"="C:\\Documents and Settings\\Thomas\\Lokala inst„llningar\\Temp\\IXP001.TMP\\keygen1.exe:*:Enabled:Windows Messanger" Se till att ta bort dem eller förbjud dem i Windows-brandväggen. Fungerar det att få ner detta program: Ladda ner Malwarebytes Anti-Malware från en av dessa länkar: http://www.malwaresupport.com/mbam/program/mbam-setup.exe http://www.brothersoft.com/download-malwarebytes.-anti-malware-71406.html Dubbelklicka på mbam-setup.exe för att installera programmet. [log]Bocka för: Update Malwarebytes' Anti-Malware Launch Malwarebytes' Anti-Malware Tryck på Finish Om det finns någon uppdatering så kommer den att laddas ner och installeras. När programmet startar så välj Perform Quick Scan och tryck på Scan. Skanningen tar ett tag. När den är klar så tryck på OK och sedan Show Results. Bocka för allt och tryck sedan Remove Selected. När borttagningen är klar så öppnar Anteckningar med en logg. Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det. Om programmet inte kommer igång efter omstarten så starta det. Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på Logs-fliken i MBAM. Kopiera loggen och klistra in den i ditt svar.[/log] Link to comment Share on other sites More sharing options...
Renfield Posted September 15, 2008 Author Share Posted September 15, 2008 [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:48: VIRUS ALERT!, on 2008-09-15 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program\M-Audio\MobilePre\Install\MPInst.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program\Agnitum\OUTPOS~1\outpost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program\SyncroSoft\Pos\H2O\cledx.exe C:\Program\Java\jre1.6.0_07\bin\jusched.exe D:\Program\CyberLink\PowerDVD\PDVDServ.exe D:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\System32\M-AudioTaskBarIcon.exe C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\rundll32.exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe D:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program\TEXTware\HotKey\Twalink.exe D:\Program\Last.fm\LastFMHelper.exe C:\Program\iPod\bin\iPodService.exe C:\Program\Windows Live\Messenger\usnsvc.exe C:\Program\internet explorer\iexplore.exe C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program\Windows Live Toolbar\msn_sl.exe C:\Program\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar4.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll O3 - Toolbar: fqbewlna - {D355A751-C166-4351-8112-0EB0775E1B16} - C:\WINDOWS\fqbewlna.dll O4 - HKLM\..\Run: [Outpost Firewall] C:\Program\Agnitum\Outpost Firewall\outpost.exe /waitservice O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NVMixerTray] "C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [H2O] C:\Program\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RemoteControl] D:\Program\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [QuickTime Task] "D:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [\YUR6.exe] C:\Windows\system32\YUR6.exe O4 - HKLM\..\Run: [\YUR7.exe] C:\Windows\system32\YUR7.exe O4 - HKLM\..\Run: [\YUR8.exe] C:\Windows\system32\YUR8.exe O4 - HKLM\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe O4 - HKLM\..\Run: [dc9db43f] rundll32.exe "C:\WINDOWS\system32\ptigadyq.dll",b O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MySpaceIM] C:\Program\MySpace\IM\MySpaceIM.exe O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [uniblue RegistryBooster 2] D:\Program\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [\YUR6.exe] C:\Windows\system32\YUR6.exe O4 - HKCU\..\Run: [\YUR7.exe] C:\Windows\system32\YUR7.exe O4 - HKCU\..\Run: [\YUR8.exe] C:\Windows\system32\YUR8.exe O4 - HKCU\..\Run: [\YUR9.exe] C:\Windows\system32\YUR9.exe O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program\MySpace\IM\MySpaceIM.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - Startup: Last.fm Helper.lnk = D:\Program\Last.fm\LastFMHelper.exe O4 - Startup: MagicDisc.lnk = D:\Program\MagicDisc\MagicDisc.exe O4 - Global Startup: HotKey.lnk = C:\Program\TEXTware\HotKey\Twalink.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://D:\Program\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Browser Adjustment - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157420033328 O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://newscanner.virus112.com/ols/fscax.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O20 - AppInit_DLLs: NVDESK32.DLL tdclsc.dll O21 - SSODL: dtseqrxk - {E46FFA05-A630-4919-812A-B97C4E83358E} - C:\WINDOWS\dtseqrxk.dll O21 - SSODL: mgxfebsq - {4425F5DB-DC9E-4507-8208-FDABC05CE048} - C:\WINDOWS\mgxfebsq.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: MobilePre Installer (MobilePreInstallerService) - M-Audio - C:\Program\M-Audio\MobilePre\Install\MPInst.exe O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - D:\Program\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing) O23 - Service: AOpen Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program\Agnitum\OUTPOS~1\outpost.exe O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - D:\Program\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing) -- End of file - 9704 bytes [/log] Link to comment Share on other sites More sharing options...
Cecilia Posted September 15, 2008 Share Posted September 15, 2008 Bra att du fick ned HijackThis. Jag tror att Malwarebytes Anti-Malware får bort de flesta av de skadliga filerna så kör det som jag skrev förut. Link to comment Share on other sites More sharing options...
Renfield Posted September 15, 2008 Author Share Posted September 15, 2008 Tack så oerhört mycket för hjälpen! Link to comment Share on other sites More sharing options...
Cecilia Posted September 15, 2008 Share Posted September 15, 2008 Så allt är bra med datorn nu? Här kan du läsa mina vanliga råd för en säkrare dator, men det är så klart viktigt att man använder sitt förnuft också. http://ceblstockholm.googlepages.com/home Link to comment Share on other sites More sharing options...
.thumb.JPG.a7f98fcf4231ab407810fba3dc9b4085.JPG)
.thumb.png.71a73be41d8bf63826729db87e16f1ce.png)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.