Just nu i M3-nätverket
Jump to content

Hjälp!


Mannemannen

Recommended Posts

Tjejens lillebror har surfat utan brandvägg och med ett inaktuellt antivirusprogram och nu vill ComHem stänga deras internetanslutning för att det sprids virus från deras dator. Jag försökta att avinstallera deras Norton 2002 för att ersätta den med Nod32 men det gick inte att avinstallera för att windows installer inte kan startas.

 

här är en log

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 09:49:10, on 2008-11-08

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\Program\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe

C:\Program\Macrogaming\SweetIM\SweetIM.exe

C:\Program\NORTON~1\navapw32.exe

C:\Program\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

C:\Program\Telia\Supportassistent\bin\sprtcmd.exe

C:\Program\Windows Defender\MSASCui.exe

C:\Program\Delade filer\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program\Logitech\QuickCam\Quickcam.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program\DAEMON Tools\daemon.exe

C:\Program\DNA\btdna.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program\Norton AntiVirus\navapsvc.exe

C:\Program\Telia\Supportassistent\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe

C:\Program\Delade filer\Logishrd\LQCVFX\COCIManager.exe

C:\Program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\hjt\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com//

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program\Winamp Toolbar\winamptb.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program\Macrogaming\SweetIMBarForIE\toolbar.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar3.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [ulead AutoDetector] C:\Program\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program\Macrogaming\SweetIM\SweetIM.exe

O4 - HKLM\..\Run: [NAV Agent] C:\Program\NORTON~1\navapw32.exe

O4 - HKLM\..\Run: [ulead Photo Express Calendar Checker] C:\Program\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

O4 - HKLM\..\Run: [Telia] "C:\Program\Telia\Supportassistent\bin\sprtcmd.exe" /P Telia

O4 - HKLM\..\Run: [Windows Defender] "C:\Program\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program\Delade filer\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [JQKASJBJ] %systemroot%\JQKASJBJ.exe

O4 - HKCU\..\Run: [Free Download Manager] C:\Program\Free Download Manager\fdm.exe -autorun

O4 - HKCU\..\Run: [sweetIM] C:\Program\Macrogaming\SweetIM\SweetIM.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [steam] "c:\program\steam\steam.exe" -silent

O4 - HKCU\..\Run: [bitComet] "C:\Program\BitComet\BitComet.exe" /tray

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program\DNA\btdna.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/229?9798905a63b84c18ae7ac2b32b0c0500

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/230?9798905a63b84c18ae7ac2b32b0c0500

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\program\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

O18 - Protocol: bw+0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\mssrv16.exe

O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe[/log]

 

Link to comment
Share on other sites

 

[log]Titta här om Windows installer

 

http://support.microsoft.com/kb/555175

 

Ladda ner ComboFix till Skrivbordet:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Dra ur internetanslutningen och stäng av alla program du ser inklusive antivirusprogram, antispionprogram och brandvägg, alternativt starta om datorn i felsäkert läge.

Kör ComboFix och följ anvisningarna som visas.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när den körs annars kan den hänga upp sig.

 

När den är färdig så ska en logg komma upp, bifoga den till ditt svar. Kontrollera att antivirusprogram och brandvägg är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

 

 

Varning! ComboFix förhindrar automatisk körning av CD, disketter och USB-enheter för att göra det lättare att rensa datorn och skydda datorn mot infektioner i framtiden. Det kan bli problem t ex om datorn har internet via ett USB-modem eller USB-nätverkskort. Säg då till i stället för att köra ComboFix[/log].

 

Link to comment
Share on other sites

Prova det här http://tinyurl.com/7yugo (förkortad länk) där kan du ladda

hem Symantecs städprogram för att ta bort Norton version 2002 eller äldre..

Skriv ut sidan och följ instruktionerna..

 

[inlägget ändrat 2008-11-08 12:36:01 av Brynäsarn]

Link to comment
Share on other sites

Jag själv eller kanske nån annan "halkade med musen" och fick Spysheriff i datorn.

Varken Clam antivirus eller NOD32 hittade något fel. Orsaken är att "programm du själv väljer att installera" genom att klicka på nått

inte är virus eller annan skit.

 

Du kanske kan få bort skräpet med tips från det här forumet. Själv slutade det sist med att blåsa disken helt ren (formatering tar inte all skit 100%igt) och ominstallation.

http://www.killdisk.com

 

Vad det var? En bakdörr in i datorn som installerats vid installation av ett pokerprogram. Min son visste precis när strulet börjat.

Och brandväggar skyddar mot attacker utifrån (men brandvägg skyddar in mot användaren som vill installera nått program)

 

Och när vi försökte få bort det med Panda Antivirus så syntes sammanhanget klart.

Varje gång en bakdörr rensats av Panda så varnade pokerprogrammet (i fönster som dök upp) om fel trots att pokerprogrammet inte var startat.

Hur vi hittade bakdörren?

Malwarebytes Antimalware, tips från Cecilias sida.

http://ceblstockholm.googlepages.com/home

Link to comment
Share on other sites

Hej Zipp!

Tack för att du tar dig tid.

Jag gick igenom hälften av tipsen om installerproblemet men det hjälpte inte så jag körde combofix först. Här har du logen

 

[log]ComboFix 08-11-07.01 - Lillo-Eriksson 2008-11-08 12:49:02.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1053.18.536 [GMT 1:00]

Running from: c:\documents and settings\Lillo-Eriksson\Skrivbord\ComboFix.exe

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

ADS - svchost.exe: deleted 25088 bytes in 1 streams.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

c:\documents and settings\Lillo-Eriksson\Favoriter\Online Security Test.url

c:\windows\IE4 Error Log.txt

c:\windows\system32\_000124_.tmp.dll

c:\windows\system32\av.cpl

c:\windows\system32\drivers\TVVIPVOR.sys

c:\windows\system32\stera.log

 

----- BITS: Possible infected sites -----

 

hxxp://sync.support.telia.se

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_ICF

-------\Legacy_MSUPDATE

-------\Legacy_TVVIPVOR

-------\Service_ICF

-------\Service_msupdate

-------\Service_TVVIPVOR

 

 

((((((((((((((((((((((((( Files Created from 2008-10-08 to 2008-11-08 )))))))))))))))))))))))))))))))

.

 

2008-11-08 12:05 . 2008-04-14 17:04 2,843,136 --a------ c:\windows\system32\msi.dll

2008-11-08 12:05 . 2008-04-13 16:39 884,736 --a------ c:\windows\system32\msimsg.dll

2008-11-08 12:05 . 2008-04-14 17:04 271,360 --a------ c:\windows\system32\msihnd.dll

2008-11-08 12:05 . 2008-04-14 17:05 78,848 --a------ c:\windows\system32\msiexec.exe

2008-11-08 12:05 . 2008-04-14 17:04 15,360 --a------ c:\windows\system32\msisip.dll

2008-10-21 19:37 . 2008-10-21 19:37 <KAT> d-------- c:\documents and settings\All Users\Application Data\SupportSoft

2008-10-15 20:23 . 2008-09-08 11:41 333,824 --------- c:\windows\system32\dllcache\srv.sys

2008-10-15 20:22 . 2008-09-15 16:27 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys

2008-10-15 19:43 . 2008-10-15 20:35 <KAT> d-------- c:\program\VstPlugins

2008-10-15 19:43 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm

2008-10-15 19:43 . 2006-06-20 09:56 225,280 --a------ c:\windows\system32\rewire.dll

2008-10-15 19:42 . 2008-10-15 19:42 <KAT> d-------- c:\program\Outsim

2008-10-15 19:40 . 2008-10-15 20:35 <KAT> d-------- c:\program\Image-Line

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-08 11:52 --------- d-----w c:\program\Steam

2008-11-08 11:50 --------- d-----w c:\documents and settings\Lillo-Eriksson\Application Data\DNA

2008-10-21 18:31 --------- d-----w c:\documents and settings\Lillo-Eriksson\Application Data\uTorrent

2008-10-15 19:35 --------- d-----w c:\program\VstPlugins

2008-10-08 13:22 --------- d-----w c:\program\Winamp

2008-09-27 16:13 --------- d--h--w c:\program\InstallShield Installation Information

2008-09-25 14:28 --------- d-----w c:\program\EA Games

2008-09-25 14:15 --------- d-----w c:\program\japp

2008-09-23 09:32 --------- d-----w c:\program\DNA

2008-09-22 13:38 --------- d-----w c:\program\Infogrames

2008-09-19 15:30 --------- d-----w c:\program\Rockstar Games

2008-09-09 18:26 --------- d-----w c:\program\LucasArts

2008-09-08 10:41 333,824 ----a-w c:\windows\system32\drivers\srv.sys

2007-10-10 05:58 2,466,926 ----a-w c:\program\dc++faster_downloads_free.exe

2007-10-10 05:55 1,697,581 ----a-w c:\program\dc++faster_downloads_23.exe

2006-08-30 16:53 1,060,327 ----a-w c:\program\wrar360sw.exe

2001-09-10 08:55 141,536 ----a-w c:\program\Sw_rcsp.pdf

2001-09-10 08:36 138,861 ----a-w c:\program\In_rcsp.pdf

2001-09-10 08:36 134,247 ----a-w c:\program\La_rcsp.pdf

2001-09-10 08:36 127,777 ----a-w c:\program\Ap_rcsp.pdf

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SweetIM"="c:\program\Macrogaming\SweetIM\SweetIM.exe" [2006-01-01 40960]

"swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 68856]

"LDM"="c:\program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-16 36864]

"Steam"="c:\program\steam\steam.exe" [2008-10-08 1410296]

"DAEMON Tools"="c:\program\DAEMON Tools\daemon.exe" [2007-04-03 165784]

"BitTorrent DNA"="c:\program\DNA\btdna.exe" [2008-09-23 289088]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NVMixerTray"="c:\program\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 131072]

"RemoteControl"="c:\program\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-21 40960]

"Ulead AutoDetector"="c:\program\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-11-19 45056]

"SweetIM"="c:\program\Macrogaming\SweetIM\SweetIM.exe" [2006-01-01 40960]

"NAV Agent"="c:\program\NORTON~1\navapw32.exe" [2001-09-10 74832]

"Ulead Photo Express Calendar Checker"="c:\program\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe" [2004-01-12 69632]

"Telia"="c:\program\Telia\Supportassistent\bin\sprtcmd.exe" [2008-10-16 201976]

"LogitechCommunicationsManager"="c:\program\Delade filer\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]

"LogitechQuickCamRibbon"="c:\program\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2008-05-27 413696]

"iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2008-06-02 267048]

"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 c:\windows\AGRSMMSG.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\program\DELADE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"AntiVirusOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program\\Messenger\\msmsgs.exe"=

"%windir%\\system32\\ccapp.exe"=

"c:\\Program\\EA Games\\Battlefield 2\\BF2.exe"=

"c:\\Program\\Quake III Arena\\quake3.exe"=

"c:\\Program\\DC++ MP3 Finder\\Downloads\\Spel och Filmer\\film filer\\utorrent.exe"=

"c:\\Program\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

"c:\\Program\\DNA\\btdna.exe"=

"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"22618:TCP"= 22618:TCP:BitComet 22618 TCP

"22618:UDP"= 22618:UDP:BitComet 22618 UDP

 

R2 sprtsvc_telia;SupportSoft Sprocket Service (telia);c:\program\Telia\Supportassistent\bin\sprtsvc.exe [2008-10-16 202016]

S2 pheasbnctjfpfg;pheasbnctjfpfg;c:\windows\system32\drivers\kysgbnagcr.sys [ ]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a25aa356-8a2e-11dc-9f89-00016caababa}]

\Shell\AutoRun\command - E:\LaunchU3.exe -a

.

Contents of the 'Scheduled Tasks' folder

 

2008-10-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]

 

2008-11-08 c:\windows\Tasks\Kontrollera uppdateringar för Windows Live Toolbar.job

- c:\program\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

 

2008-11-08 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

 

2008-09-26 c:\windows\Tasks\Norton AntiVirus - Sök igenom datorn.job

- c:\program\NORTON~1\NAVW32.exe [2001-09-10 10:25]

 

2008-11-08 c:\windows\Tasks\Symantec NetDetect.job

- c:\program\Symantec\LiveUpdate\NDETECT.EXE [2004-12-14 11:24]

.

- - - - ORPHANS REMOVED - - - -

 

WebBrowser-{FE2D25C1-C1DB-4B5E-9390-AF1CB5302F32} - (no file)

HKCU-Run-Free Download Manager - c:\program\Free Download Manager\fdm.exe

HKCU-Run-BitComet - c:\program\BitComet\BitComet.exe

HKLM-Run-JQKASJBJ - c:\windows\JQKASJBJ.exe

HKLM-Run-ATIPTA - (no file)

HKLM-Run-Aspire Schedule - (no file)

HKLM-Run-WinFast Schedule - (no file)

 

 

.

------- Supplementary Scan -------

.

FireFox -: Profile - c:\documents and settings\Lillo-Eriksson\Application Data\Mozilla\Firefox\Profiles\zblp26me.defaultFF -: plugin - c:\program\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll

FF -: plugin - c:\program\DNA\plugins\npbtdna.dll

FF -: plugin - c:\program\iTunes\Mozilla Plugins\npitunes.dll

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-08 12:52:32

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\ati2evxx.exe

c:\program\Windows Defender\MsMpEng.exe

c:\windows\system32\ati2evxx.exe

c:\program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program\Bonjour\mDNSResponder.exe

c:\program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

c:\program\Delade filer\Symantec Shared\Security Center\symwsc.exe

c:\program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

c:\program\iPod\bin\iPodService.exe

c:\program\Delade filer\LogiShrd\LQCVFX\COCIManager.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2008-11-08 12:59:12 - machine was rebooted [Lillo-Eriksson]

ComboFix-quarantined-files.txt 2008-11-08 11:59:09

 

Pre-Run: 36 271 796 224 byte ledigt

Post-Run: 40,967,081,984 byte ledigt

 

186 --- E O F --- 2008-11-08 10:35:16[/log]

 

 

Link to comment
Share on other sites

Jag tror att combofix ordnade installerproblemet :-) jag uppdaterade javan och då startade windows installer hur fint som helst.

 

Link to comment
Share on other sites

Efter combofix så funkade tipps nr 4 dvs.

 

Method 4

 

 

The Windows Installer service may disabled on the machine.

 

1. Go to "Start" -> "Run" , type "services.msc" and press on "Enter" button.

 

2. Double-click on the service named "Windows Installer".

 

3. Check the value in the "Startup type:" field. If it's currently set to "Disabled", then this is the

 

problem. Change it by selecting "Manual" from the drop-down box.

 

Här är den nya logen

[log]

Logfile of HijackThis v1.99.1

Scan saved at 13:31:54, on 2008-11-08

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program\Telia\Supportassistent\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe

C:\Program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\Program\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe

C:\Program\Macrogaming\SweetIM\SweetIM.exe

C:\Program\NORTON~1\navapw32.exe

C:\Program\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

C:\Program\Telia\Supportassistent\bin\sprtcmd.exe

C:\Program\Delade filer\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program\Logitech\QuickCam\Quickcam.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program\DAEMON Tools\daemon.exe

C:\Program\DNA\btdna.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\Delade filer\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program\Norton AntiVirus\navapsvc.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\hjt\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://se.msn.com//

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program\Winamp Toolbar\winamptb.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program\Macrogaming\SweetIMBarForIE\toolbar.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar3.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [ulead AutoDetector] C:\Program\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program\Macrogaming\SweetIM\SweetIM.exe

O4 - HKLM\..\Run: [NAV Agent] C:\Program\NORTON~1\navapw32.exe

O4 - HKLM\..\Run: [ulead Photo Express Calendar Checker] C:\Program\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

O4 - HKLM\..\Run: [Telia] "C:\Program\Telia\Supportassistent\bin\sprtcmd.exe" /P Telia

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program\Delade filer\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [sweetIM] C:\Program\Macrogaming\SweetIM\SweetIM.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [steam] "c:\program\steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program\DNA\btdna.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/229?9798905a63b84c18ae7ac2b32b0c0500

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\Windows Live Toolbar\Components\sv-se\msntabres.dll.mui/230?9798905a63b84c18ae7ac2b32b0c0500

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\program\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

O18 - Protocol: bw+0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {37514192-AAD4-4AC3-B36C-6F00E8F8B290} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program\Delade filer\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program\Delade filer\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe[/log]

 

 

 

Link to comment
Share on other sites

 

[log]Scanna med Hijack bocka i följande rader stäng Web-läsaren och klicka Fix checked

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

 

sen är loggen ok .

Rensa bort rester med

 

Ladda ner Malwarebytes Anti-Malware:

http://www.besttechie.net/tools/mbam-setup.exe

Dubbelklicka på mbam-setup.exe för att installera programmet.

Bocka för:

Update Malwarebytes' Anti-Malware

Launch Malwarebytes' Anti-Malware

Tryck på Finish

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj Perform Quick Scan och tryck på Scan.

Ta bort allt som hittas.[/log]

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...