jeeves Postad 30 Maj, 2007 Share Postad 30 Maj, 2007 Hej! Min ursprungliga fråga angående att jag inte kan komma in i forumet med rubr. utan måste begagna Firefox ligger i Internet, men det är ju inte rätt forum för en HiJackthis. Jag lägger in en sådan här, och hoppas någon hinner kasta ett öga på den: Logfile of HijackThis v1.99.1 Scan saved at 19:17:19, on 2007-05-30 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE C:\Program\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\Explorer.EXE C:\Program\ewido\security suite\ewidoctrl.exe C:\Program\F-Secure Internet Security\backweb\4476822\Program\fspex.exe C:\Program\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\Program\Analog Devices\SoundMAX\SMAgent.exe C:\Program\Windows Defender\MSASCui.exe C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\system32\sistray.EXE C:\Program\Delade filer\InterVideo\FastTVSync\FastTVSync.exe C:\Program\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program\Microsoft AntiSpyware\gcasDtServ.exe C:\Program\InterVideo\DVD5R\SchSvr.exe C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program\Personal\bin\Personal.exe C:\Program\WinZip\WZQKPICK.EXE C:\Program\F-Secure Internet Security\Common\FSMA32.EXE C:\Program\F-Secure Internet Security\Common\FSMB32.EXE C:\Program\F-Secure Internet Security\Common\FCH32.EXE C:\Program\F-Secure Internet Security\Anti-Virus\fsgk32st.exe C:\Program\F-Secure Internet Security\Anti-Virus\FSGK32.EXE C:\Program\F-Secure Internet Security\Common\FAMEH32.EXE C:\Program\F-Secure Internet Security\Anti-Virus\fsqh.exe C:\Program\F-Secure Internet Security\Anti-Virus\fssm32.exe C:\Program\F-Secure Internet Security\Anti-Virus\fsrw.exe C:\Program\F-Secure Internet Security\FWES\Program\fsdfwd.exe C:\Program\F-Secure Internet Security\FSPC\fspc.exe C:\Program\F-Secure Internet Security\Anti-Virus\fsav32.exe C:\Program\F-Secure Internet Security\Common\FSM32.EXE C:\Program\F-SECU~1\ANTI-S~1\fsaw.exe C:\Program\F-Secure Internet Security\FSGUI\fsguidll.exe C:\Program\Lavalys\EVEREST Corporate Edition\everest.bin C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\Mozilla Firefox\firefox.exe C:\Program\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://secure1.lansforsakringar.se/iba/Main?atgard=inlog_utlogg R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer erhållen av Telia R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program\SPYWAR~2\tools\iesdsg.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar4.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file) O2 - BHO: FiltrateIE Class - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - C:\WINDOWS\system32\safeie.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar4.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [spySweeper] "C:\Program\Webroot\Spy Sweeper\SpySweeper.exe" /startintray O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\system32\sistray.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [FastTVSync] "C:\Program\Delade filer\InterVideo\FastTVSync\FastTVSync.exe" O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [PopupPadlock] C:\Program\PopupPadlock\PopupPadlock.exe 1 O4 - HKCU\..\Run: [Free Download Manager] C:\Program\Free Download Manager\fdm.exe -autorun O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: F-Secure 2006.lnk = C:\Program\F-Secure Internet Security\backweb\4476822\Program\fspex.exe O4 - Global Startup: InterVideo Scheduler server.lnk = C:\Program\InterVideo\DVD5R\SchSvr.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\SYSTEM32\sistray.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\F-Secure Internet Security\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &Download all by WellGet - C:\Program\WellGet\nxall.htm O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program\Free Download Manager\dlall.htm O8 - Extra context menu item: Download by &WellGet - C:\Program\WellGet\nxcatch.htm O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program\Free Download Manager\dlpage.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Webbfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Webbfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure Internet Security\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\F-Secure Internet Security\Anti-Spyware\ieshield.dll O9 - Extra button: WellGet - {35980F6E-A258-4E50-953D-813BB8556899} - C:\Program\WellGet\WellGet.exe O9 - Extra button: Spray Mail - {C7954AE0-4A0C-11D4-BEE4-9BCF3C77857D} - http://mail.spray.se (file missing) (HKCU) O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://G:\content\include\XPPatchInstaller.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109349666468 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab'>http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1120672114234 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?319 O17 - HKLM\System\CCS\Services\Tcpip\..\{A6ECD193-16D3-4208-8A1B-EBB73675D4B6}: NameServer = 195.67.199.30 195.67.199.31 O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\Program\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program\ewido anti-spyware 4.0\guard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program\ewido\security suite\ewidoctrl.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program\F-Secure Internet Security\FSPC\fshttps\fshttps.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program\Analog Devices\SoundMAX\SMAgent.exe Jag är tacksam för alla svar! Hälsningar Hasse Länk till kommentar Dela på andra webbplatser More sharing options...
927 Postad 30 Maj, 2007 Share Postad 30 Maj, 2007 du installera inget annat program i samma veva, det kan va en 02 rad som stör ie7. tex den här som jag inte tror mig ha sett förut O2 - BHO: FiltrateIE Class - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - C:\WINDOWS\system32\safeie.dll filen tillhör wellget Länk till kommentar Dela på andra webbplatser More sharing options...
jeeves Postad 31 Maj, 2007 Trådskapare Share Postad 31 Maj, 2007 Hej! Nej, jag har inte installerat något program i samband med stoppet. Wellget använder jag i samband med att ladda ner program från nätet tillsammans med Free Downloader och det har jag haft flera år utan att något har gått snett. Jag har i alla fall tagit bort den rad, som du beskriver, men fortfarande får jag felrutan, att det inte går att öppna http://pfatjanster.idg.se/support/defult.asp Men du, vi lägger inte ner mer tid på detta, då jag kan gå in i forumet via Firefox! Ha det gott o sköt om dig o de dina! Hälsningar Hasse [inlägget ändrat 2007-05-31 10:03:33 av jeeves] Länk till kommentar Dela på andra webbplatser More sharing options...
927 Postad 31 Maj, 2007 Share Postad 31 Maj, 2007 kanske hjälper det att installera om Länk till kommentar Dela på andra webbplatser More sharing options...
Cecilia Postad 31 Maj, 2007 Share Postad 31 Maj, 2007 O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe" Är ju föråldrat, det har ersatts av Windows Defender som du ju också har. Avinstallera detta. Länk till kommentar Dela på andra webbplatser More sharing options...
Rekommendera Poster
Arkiverat
Det här ämnet är nu arkiverat och är stängt för ytterligare svar.