Just nu i M3-nätverket
Jump to content

Win expolerer startar automatiskt när jag startar min laptop??


Micke-b

Recommended Posts

Så fort jag startar min lap så öppnas exploerer och en del pop ups dyker upp med jämna mellanrum. Jag använder alltid firefox men även där har det börjat dyka upp popups. Försökte klistra in en kopia på hijackthis loggfil men meddelandet blev för långt.

Vad göra??

 

Link to comment
Share on other sites

[log]Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://projects.securitywonks.net/projects/details.php?file=158

Dubbelklicka på mbam-setup för att installera programmet.

 

Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar tillsammans med en ny HijackThis-logg[/log]

 

Link to comment
Share on other sites

När du postar HijackThis-loggen,använd LOG-knappen då blir loggen

inte så lång.

 

Tryck på LOG-knappen i besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Du hittar LOG-knappen på samma rad som:thumbsup::thumbsdown:

 

[inlägget ändrat 2009-03-09 12:39:27 av Brynäsarn]

Link to comment
Share on other sites

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:30:34, on 2009-03-09

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Lenovo\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program\Glocalnet\Glocalnet Mobilt Bredband\GtDetectSc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\Google\Update\GoogleUpdate.exe

C:\Program Files\Softex\OmniPass\Omniserv.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

c:\program\lenovo\system update\suservice.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\Program\PM Agent\WisFnCtrlSvc.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Softex\OmniPass\OPXPApp.exe

C:\Program\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Softex\OmniPass\scureapp.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Lenovo\LENOVO~2\LPMGR.exe

C:\Program\ThinkVantage\AMSG\Amsg.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\Program\Brother\ControlCenter2\brctrcen.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\Program\QuickTime\qttask.exe

C:\WINDOWS\system32\prunnet.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Lenovo\Client Security Solution\tvtpwm_tray.exe

C:\Program\Messenger\msmsgs.exe

C:\Program\DAEMON Tools\daemon.exe

C:\Program\TomTom HOME 2\HOMERunner.exe

C:\Program\Microsoft ActiveSync\wcescomm.exe

C:\Program\Windows Media Player\WMPNSCFG.exe

C:\Program\MI3AA1~1\rapimgr.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\Lenovo\Bluetooth Software\BTTray.exe

C:\Program\Glocalnet\Glocalnet Mobilt Bredband\Glocalnet Mobilt Bredband.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\Tele2\Tele2Internet Mobile\AutoUpdateSrv.exe

C:\Program\Windows Desktop Search\WindowsSearch.exe

C:\Program\Microsoft ActiveSync\WCESMgr.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ig?hl=sv

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/welcome/3000notebook

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: {a0ba8de0-131d-5f09-e144-6a7abc7483bb} - {bb3847cb-a7a6-441e-90f5-d1310ed8ab0a} - C:\WINDOWS\system32\orqitp.dll

O2 - BHO: (no name) - {cf173f62-bc49-47f2-8b84-5fbd1f7051a8} - C:\WINDOWS\system32\jotejiho.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [OmniPass] "C:\Program Files\Softex\OmniPass\scureapp.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [LPManager] C:\Program\Lenovo\LENOVO~2\LPMGR.exe

O4 - HKLM\..\Run: [AMSG] C:\Program\ThinkVantage\AMSG\Amsg.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [ACTray] C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

O4 - HKLM\..\Run: [ACWLIcon] C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [iSUSPM Startup] c:\program\DELADE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe

O4 - HKLM\..\Run: [hubadumova] Rundll32.exe "C:\WINDOWS\system32\bomeyuju.dll",s

O4 - HKLM\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"

O4 - HKLM\..\Run: [CPM93db917a] Rundll32.exe "c:\windows\system32\hewevahu.dll",a

O4 - HKLM\..\Run: [90e8a2e6] rundll32.exe "C:\WINDOWS\system32\majiriho.dll",b

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [instantONService] C:\Program Files\InterVideo\InstantON\InstantONService.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program\DAEMON Tools\daemon.exe" -autorun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [hubadumova] Rundll32.exe "C:\WINDOWS\system32\bomeyuju.dll",s (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Glocalnet Mobilt Bredband.lnk = C:\Program\Glocalnet\Glocalnet Mobilt Bredband\Glocalnet Mobilt Bredband.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: Update Agent.lnk = ?

O4 - Global Startup: Windows Skrivbordssökning.lnk = C:\Program\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka till &Bluetooth-enhet... - C:\Program\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit ... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook

O15 - Trusted Zone: *.antimalwareguard.com

O15 - Trusted Zone: *.gomyhit.com

O15 - Trusted Zone: *.antimalwareguard.com (HKLM)

O15 - Trusted Zone: *.gomyhit.com (HKLM)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {F0B63C6D-4CDB-11D3-8CE6-CA9CFC28F360} (ZoomObj Class) - http://www.inzomia.com/files/inzomia.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL avgrsstx.dll C:\Program\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\rowuwoze.dll c:\windows\system32\hewevahu.dll c:\windows\system32\mivohilu.dll orqitp.dll c:\windows\system32\volorume.dll

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\volorume.dll

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\volorume.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\Lenovo\Bluetooth Software\bin\btwdins.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Franson GpsGate 2.0 - Unknown owner - C:\Program\Franson\GpsGate 2.0\GpsGateService.exe

O23 - Service: GtDetectSc - OptionNV - C:\Program\Glocalnet\Glocalnet Mobilt Bredband\GtDetectSc.exe

O23 - Service: Google Update Service (gupdate1c99a5cf91676bc) (gupdate1c99a5cf91676bc) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program\lenovo\system update\suservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: WisFnCtrlSvc - Wistron Corp. - C:\Program\PM Agent\WisFnCtrlSvc.exe

 

--

End of file - 14157 bytes

[/log]

 

Link to comment
Share on other sites

Jag ser i Hijack-loggen att du har en mycket gammal java-version med

många säkerhetshål i datorn.Jag rekommenderar att du laddar hem

och installerar ny version http://www.java.com/sv/ Avinstallera sedan

den gamla i Kontrollpanelen Lägg till/ta bort program (inga webläsare igång)

 

Link to comment
Share on other sites

Här kommer både Hijack och Malmwareloggar. Jag har kört Malmware och den hittade en trojan som heter Vundo. Efter Mamware har jag kört Hijackthis. Ser det OK ut? Efter att jag hade kört Malmware så hittade även min AVG Antivirus Vundotrojanen, varför har den inte hittat den innan?

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:49:11, on 2009-03-09

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Lenovo\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program\Glocalnet\Glocalnet Mobilt Bredband\GtDetectSc.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\Google\Update\GoogleUpdate.exe

C:\Program Files\Softex\OmniPass\Omniserv.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

c:\program\lenovo\system update\suservice.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program\PM Agent\WisFnCtrlSvc.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Softex\OmniPass\OPXPApp.exe

C:\Program\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Softex\OmniPass\scureapp.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Lenovo\LENOVO~2\LPMGR.exe

C:\Program\ThinkVantage\AMSG\Amsg.exe

C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\Program\Brother\ControlCenter2\brctrcen.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\Program\QuickTime\qttask.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program\Lenovo\Client Security Solution\tvtpwm_tray.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program\Messenger\msmsgs.exe

C:\Program\DAEMON Tools\daemon.exe

C:\Program\TomTom HOME 2\HOMERunner.exe

C:\Program\Microsoft ActiveSync\wcescomm.exe

C:\Program\Windows Media Player\WMPNSCFG.exe

C:\Program\Lenovo\Bluetooth Software\BTTray.exe

C:\Program\MI3AA1~1\rapimgr.exe

C:\Program\Glocalnet\Glocalnet Mobilt Bredband\Glocalnet Mobilt Bredband.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\Tele2\Tele2Internet Mobile\AutoUpdateSrv.exe

C:\Program\Windows Desktop Search\WindowsSearch.exe

C:\Program\Microsoft ActiveSync\WCESMgr.exe

C:\Program\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ig?hl=sv

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/welcome/3000notebook

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [OmniPass] "C:\Program Files\Softex\OmniPass\scureapp.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [LPManager] C:\Program\Lenovo\LENOVO~2\LPMGR.exe

O4 - HKLM\..\Run: [AMSG] C:\Program\ThinkVantage\AMSG\Amsg.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [ACTray] C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

O4 - HKLM\..\Run: [ACWLIcon] C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [iSUSPM Startup] c:\program\DELADE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [instantONService] C:\Program Files\InterVideo\InstantON\InstantONService.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program\DAEMON Tools\daemon.exe" -autorun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [hubadumova] Rundll32.exe "C:\WINDOWS\system32\bomeyuju.dll",s (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Glocalnet Mobilt Bredband.lnk = C:\Program\Glocalnet\Glocalnet Mobilt Bredband\Glocalnet Mobilt Bredband.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: Update Agent.lnk = ?

O4 - Global Startup: Windows Skrivbordssökning.lnk = C:\Program\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka till &Bluetooth-enhet... - C:\Program\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit ... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook

O15 - Trusted Zone: *.antimalwareguard.com

O15 - Trusted Zone: *.gomyhit.com

O15 - Trusted Zone: *.antimalwareguard.com (HKLM)

O15 - Trusted Zone: *.gomyhit.com (HKLM)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {F0B63C6D-4CDB-11D3-8CE6-CA9CFC28F360} (ZoomObj Class) - http://www.inzomia.com/files/inzomia.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL avgrsstx.dll C:\Program\Google\GOOGLE~1\GOEC62~1.DLL c:\windows\system32\mivohilu.dll orqitp.dll

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\Lenovo\Bluetooth Software\bin\btwdins.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Franson GpsGate 2.0 - Unknown owner - C:\Program\Franson\GpsGate 2.0\GpsGateService.exe

O23 - Service: GtDetectSc - OptionNV - C:\Program\Glocalnet\Glocalnet Mobilt Bredband\GtDetectSc.exe

O23 - Service: Google Update Service (gupdate1c99a5cf91676bc) (gupdate1c99a5cf91676bc) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program\lenovo\system update\suservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: WisFnCtrlSvc - Wistron Corp. - C:\Program\PM Agent\WisFnCtrlSvc.exe

 

--

End of file - 13212 bytes

[/log]

[log]Malwarebytes' Anti-Malware 1.34

Databasversion: 1828

Windows 5.1.2600 Service Pack 3

 

2009-03-09 13:39:20

mbam-log-2009-03-09 (13-39-20).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 78759

Förfluten tid: 10 minute(s), 48 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

(Inga illasinnade poster hittades)

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

(Inga illasinnade poster hittades)

[/log]

 

Link to comment
Share on other sites

 

[log]Scanna med Hijack bocka i följande rader stäng Web-läsaren och klicka Fix checked

 

O15 - Trusted Zone: *.antimalwareguard.com

O15 - Trusted Zone: *.gomyhit.com

O15 - Trusted Zone: *.antimalwareguard.com (HKLM)

O15 - Trusted Zone: *.gomyhit.com (HKLM)

 

sen är loggen ok

Följ sökvägen i registret

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

 

och ta bort dessa

 

c:\windows\system32\mivohilu.dll orqitp.dll [/log]

 

Link to comment
Share on other sites

då är det gjort och nu ser det ut så här:

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:36:33, on 2009-03-09

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program\AVG\AVG8\avgwdsvc.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Lenovo\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program\Glocalnet\Glocalnet Mobilt Bredband\GtDetectSc.exe

C:\Program\AVG\AVG8\avgrsx.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\Google\Update\GoogleUpdate.exe

C:\Program Files\Softex\OmniPass\Omniserv.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

c:\program\lenovo\system update\suservice.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program\PM Agent\WisFnCtrlSvc.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Softex\OmniPass\OPXPApp.exe

C:\Program\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Softex\OmniPass\scureapp.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Lenovo\LENOVO~2\LPMGR.exe

C:\Program\ThinkVantage\AMSG\Amsg.exe

C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\Program\Brother\ControlCenter2\brctrcen.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

C:\Program\AVG\AVG8\avgtray.exe

C:\Program\QuickTime\qttask.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program\Lenovo\Client Security Solution\tvtpwm_tray.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program\Messenger\msmsgs.exe

C:\Program\DAEMON Tools\daemon.exe

C:\Program\TomTom HOME 2\HOMERunner.exe

C:\Program\Microsoft ActiveSync\wcescomm.exe

C:\Program\Windows Media Player\WMPNSCFG.exe

C:\Program\Lenovo\Bluetooth Software\BTTray.exe

C:\Program\MI3AA1~1\rapimgr.exe

C:\Program\Glocalnet\Glocalnet Mobilt Bredband\Glocalnet Mobilt Bredband.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\Tele2\Tele2Internet Mobile\AutoUpdateSrv.exe

C:\Program\Windows Desktop Search\WindowsSearch.exe

C:\Program\Microsoft ActiveSync\WCESMgr.exe

C:\Program\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\FOXITS~1\FOXITR~1\FOXITR~1.EXE

C:\Program\FOXITS~1\FOXITR~1\FOXITR~1.EXE

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ig?hl=sv

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/welcome/3000notebook

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [OmniPass] "C:\Program Files\Softex\OmniPass\scureapp.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [LPManager] C:\Program\Lenovo\LENOVO~2\LPMGR.exe

O4 - HKLM\..\Run: [AMSG] C:\Program\ThinkVantage\AMSG\Amsg.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [ACTray] C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

O4 - HKLM\..\Run: [ACWLIcon] C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [iSUSPM Startup] c:\program\DELADE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [instantONService] C:\Program Files\InterVideo\InstantON\InstantONService.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program\DAEMON Tools\daemon.exe" -autorun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [hubadumova] Rundll32.exe "C:\WINDOWS\system32\bomeyuju.dll",s (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Glocalnet Mobilt Bredband.lnk = C:\Program\Glocalnet\Glocalnet Mobilt Bredband\Glocalnet Mobilt Bredband.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: Update Agent.lnk = ?

O4 - Global Startup: Windows Skrivbordssökning.lnk = C:\Program\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka till &Bluetooth-enhet... - C:\Program\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit ... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebook

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {F0B63C6D-4CDB-11D3-8CE6-CA9CFC28F360} (ZoomObj Class) - http://www.inzomia.com/files/inzomia.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL avgrsstx.dll C:\Program\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\Lenovo\Bluetooth Software\bin\btwdins.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Franson GpsGate 2.0 - Unknown owner - C:\Program\Franson\GpsGate 2.0\GpsGateService.exe

O23 - Service: GtDetectSc - OptionNV - C:\Program\Glocalnet\Glocalnet Mobilt Bredband\GtDetectSc.exe

O23 - Service: Google Update Service (gupdate1c99a5cf91676bc) (gupdate1c99a5cf91676bc) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program\lenovo\system update\suservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: WisFnCtrlSvc - Wistron Corp. - C:\Program\PM Agent\WisFnCtrlSvc.exe

 

--

End of file - 13044 bytes

[/log]

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...