Problem! Trojan kanske? - PCHemma

Forum » Virusakuten » AntimalwareGuru hjälper dig! » Problem! Trojan kanske?

Visa det senaste inlägget

Problem! Trojan kanske? / av ijahman

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #1 2010-02-22 kl 14:58
	Hej! Jag har fått någon skit på min laptop som börjar spela en musikslinga trots att inga musikprogram är öppna. Om jag skulle spela musik på itunes går den här musikslingan igång över mp3n och fortsätter till och md efter att jag stängt av alla program som är igång. Mkt märkligt och irriterande... tänkte att det kan vara nån trojan kanske? Postar en hijackthislogg och om någon kunde ta en titt på den vore jag mycket tacksam! Tack för hjälpen. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 14:57:35, on 2010-02-22Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18882)Boot mode: Normal Running processes:C $:\$ windows\system32\Dwm.exeC $:\$ windows\syste m32\taskeng.exeC $:\$ windows\Explorer.EXEC $:\$ Program Files\Windows Defender\MSASCui.exeC $:\$ Program Files\Synaptics\SynTP\SynTPEnh.exeC $:\$ Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC $:\$ Program Files\SiteAdvisor\6173\SiteAdv.exeC $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exeC $:\$ Program Files\iTunes\iTunesHelper.exeC $:\$ Program Files\IDT\WDM\sttray.exeC $:\$ Program Files\Java\jre6\bin\jusched.exeC $:\$ Program Files\Voddler\service\VNetManager.exeC $:\$ Program Files\Windows Sidebar\sidebar.exeC $:\$ Program Files\Emotum\Mobile Broadband\Mobile.exeC $:\$ Program Files\Windows Media Player\wmpnscfg.exeC $:\$ Windows\System32 undll32.exeC $:\$ Program Files\Personal\bin\Personal.exeC $:\$ Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exeC $:\$ Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC $:\$ Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exeC $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC $:\$ Program Files\Hewlett-Packard\Shared\hpqToaster.exeC $:\$ Progr am Files\Synaptics\SynTP\SynTPHelper.exeC $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC $:\$ Program Files\Lavasoft\Ad-Aware\AAWTray.exeC $:\$ Program Files\Internet Explorer\iexplore.exeC $:\$ Program Files\Internet Explorer\iexplore.exeC $:\$ Windows\system32\Macromed\F lash\FlashUtil10e.exeC $:\$ Program Files\Internet Explorer\iexplore.exeC $:\$ Program Files\Windows Live\Messenger\msnmsgr.exeC $:\$ Program Files\Windows Live\Contacts\wlcomm.exeC $:\$ windows\system32\conime. exeC $:\$ windows\system32\ctfmon.exeC $:\$ Program Files\Internet Explorer\iexplore.exeC $:\$ Users\Andreas\AppData\Local \Temp\Lbh.exeC $:\$ Users\Andreas\Desktop\HiJackThis!\H ijackThis.exeC $:\$ windows\system32\SearchFilterHost.e xe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome& locale=sv_se&c=92&bd=all&pf=cmnbR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome& locale=sv_se&c=92&bd=all&pf=cmnbR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome& locale=sv_se&c=92&bd=all&pf=cmnbR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C $:\$ Program Files\SiteAdvisor\6173\SiteAdv.dllO2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C $:\$ Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C $:\$ Program Files\Java\jre6\bin\jp2ssv.dllO3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C $:\$ Program Files\SiteAdvisor\6173\SiteAdv.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [PDF Complete] C $:\$ Program Files\PDF Complete\pdfsty.exeO4 - HKLM\..\Run: [SynTPEnh] C $:\$ Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [WirelessAssistant] C $:\$ Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [MVS Splash] C $:\$ Program Files\McAfee\Managed VirusScan\Agent\Splash.exeO4 - HKLM\..\Run: [McAfee Managed Services Tray] "C $:\$ Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"O4 - HKLM\..\Run: [SiteAdvisor] C $:\$ Program Files\SiteAdvisor\6173\SiteAdv.exeO4 - HKLM\..\Run: [QlbCtrl.exe] C $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [StartCCC] "C $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [HPCam_Menu] "c $:\$ Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "c $:\$ Program Files\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"O4 - HKLM\..\Run: [QuickTime Task] "C $:\$ Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C $:\$ Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C $:\$ Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [VoddlerNet Manager] C $:\$ Program Files\Voddler\service\VNetManager.exeO4 - HKCU\..\Run: [Sidebar] C $:\$ Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [Emotum Mobile Broadband] C $:\$ Program Files\Emotum\Mobile Broadband\Mobile.exeO4 - HKCU\..\Run: [WMPNSCFG] C $:\$ Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [LosAlamos] rundll32.exe C $:\$ windows\system32\sshnas21.dll,AttachConsoleAO4 - HKCU\..\Run: [TOY5KNQ8OC] C $:\$ Users\Andreas\AppData\Local\Temp\Lbh.exeO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST&#39O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST&#39O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST&#39O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C $:\$ windows\TEMP\pecx.tmp\svchost.exe (User 'SYSTEM&#39O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C $:\$ windows\TEMP\pecx.tmp\svchost.exe (User 'Default user&#39O4 - Global Startup: BankID säkerhetsprogram.lnk = C $:\$ Program Files\Personal\bin\Personal.exeO4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://c $:\$ PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C $:\$ PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: @C $:\$ Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @C $:\$ Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO13 - Gopher Prefix: O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin .cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/g p.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{58C0307E-A365- 4D50-B92E-0DF87458AB46}: NameServer = 195.54.122.221 195.54.122.211O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C $:\$ windows\System32\DriverStore\FileRepository\stwr t.inf_2159adbc\aestsrv.exeO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C $:\$ Program Files\LSI SoftModem\agrsmsvc.exeO23 - Service: AMD External Events Utility - AMD - C $:\$ windows\system32\atiesrxx.exeO23 - Service: Apple Mobile Device - Apple Inc. - C $:\$ Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C $:\$ Program Files\Bonjour\mDNSResponder.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btwdins.exeO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: EngineServer - McAfee, Inc. - C $:\$ Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exeO23 - Service: HP Health Check Service - Hewlett-Packard - C $:\$ Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C $:\$ Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: iPod Service - Apple Inc. - C $:\$ Program Files\iPod\bin\iPodService.exeO23 - Service: IviRegMgr - InterVideo - C $:\$ Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C $:\$ Program Files\Lavasoft\Ad-Aware\AAWService.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C $:\$ Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C $:\$ Program Files\Common Files\McAfee\HackerWatch\HWAPI.exeO23 - Service: McShield - McAfee, Inc. - C $:\$ PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C $:\$ Program Files\McAfee\MPF\MPFSrv.exeO23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C $:\$ Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.ExeO23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C $:\$ Program Files\PDF Complete\pdfsvc.exeO23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C $:\$ Program Files\Common Files\Protexis\License Service\PsiService_2.exeO23 - Service: RoxMediaDB10 - Sonic Solutions - c $:\$ Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exeO23 - Service: SiteAdvisor-tjänst (SiteAdvisor Service) - Unknown owner - C $:\$ Program Files\SiteAdvisor\6173\SAService.exeO23 - Service: Audio Service (STacSV) - IDT, Inc. - C $:\$ windows\System32\DriverStore\FileRepository\stwr t.inf_2159adbc\STacSV.exeO23 - Service: stllssvr - MicroVision Development, Inc. - c $:\$ Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: VoddlerNet - Voddler - C $:\$ Program Files\Voddler\service\voddler.exe --End of file - 10626 bytes

AntimalwareGuru Registrerad 2008-07-09 Poster: 595 Från N/A
	Rapportera #2 2010-02-22 kl 18:17
	det finns malware i din dator, gör en snabb scan med malwarebytes antimalware. ta bort det som hittas och posta loggen som visas då

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #3 2010-03-08 kl 20:12
	nu kom ett annat problem (eller samma?). antivirusprogrammet varnar för att ett virus hittats i svchost.exe. när jag försöker ta bort det går det inte, inte heller går det att sätta det i karantän. loggen från malwarebytes nedan... Malwarebytes' Anti-Malware 1.44Databasversion: 3792Windows 6.0.6002 Service Pack 2Internet Explorer 8.0.6001.18882 2010-03-02 15:51:45mbam-log-2010-03-02 (15-51-45).txt Skanningstyp: Fullständig skanning (C $:\$ \|)Antal skannade objekt: 342240Förfluten tid: 1 hour(s), 54 minute(s), 6 second(s) Infekterade minnesprocesser: 0Infekterade minnesmoduler: 0Infekterade registernycklar: 0Infekterade registervärden: 0Infekterade registerdataposter: 0Infekterade mappar: 0Infekterade filer: 0 Infekterade minnesprocesserInga illasinnade poster hittades) Infekterade minnesmodulerInga illasinnade poster hittades) Infekterade registernycklarInga illasinnade poster hittades) Infekterade registervärdenInga illasinnade poster hittades) Infekterade registerdataposterInga illasinnade poster hittades) Infekterade mapparInga illasinnade poster hittades) Infekterade filerInga illasinnade poster hittades)

AntimalwareGuru Registrerad 2008-07-09 Poster: 595 Från N/A
	Rapportera #4 2010-03-08 kl 21:05
	http://download.bleepingcomputer.com/sUBs/dds.scr spara filen på skrivbordet och kör den. det kommer skapas två loggar, du postar innehållet från den som heter dds.txt

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #5 2010-03-08 kl 21:34
	DDS (Ver_09-12-01.01) - NTFSx86 Run by Andreas at 21:34:57,15 on 2010-03-08Internet Explorer: 8.0.6001.18882Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.46.1053.18.1788.859 [GMT 1:00] SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} ============== Running Processes =============== C $:\$ windows\system32\wininit.exeC $:\$ windows\system32\ls m.exeC $:\$ windows\system32\svchost.exe -k DcomLaunchC $:\$ windows\system32\svchost.exe -k rpcssC $:\$ windows\System32\svchost.exe -k secsvcsC $:\$ windows\system32\atiesrxx.exeC $:\$ windows\Sys tem32\svchost.exe -k LocalServiceNetworkRestrictedC $:\$ windows\System32\sv chost.exe -k LocalSystemNetworkRestrictedC $:\$ windows\system32\svc host.exe -k netsvcsC $:\$ windows\System32\DriverStore\FileReposito ry\stwrt.inf_2159adbc\STacSV.exeC $:\$ windows\system32 \svchost.exe -k GPSvcGroupC $:\$ windows\system32\SLsvc.exeC $:\$ windows\sys tem32\svchost.exe -k LocalServiceC $:\$ windows\system32\atieclxx.exeC $:\$ window s\system32\svchost.exe -k NetworkServiceC $:\$ windows\system32\WLANExt.exeC $:\$ windo ws\system32\taskeng.exeC $:\$ windows\System32\spoolsv. exeC $:\$ windows\system32\svchost.exe -k LocalServiceNoNetworkC $:\$ windows\System32\DriverStor e\FileRepository\stwrt.inf_2159adbc\aestsrv.exeC $:\$ P rogram Files\LSI SoftModem\agrsmsvc.exeC $:\$ Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC $:\$ Program Files\Bonjour\mDNSResponder.exeC $:\$ windows\system32\ svchost.exe -k bthsvcsC $:\$ Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC $:\$ Program Files\Telenor Säkerhetspaket\Anti-Virus\fsgk32st.exeC $:\$ Program Files\Telenor Säkerhetspaket\Common\FSMA32.EXEC $:\$ Program Files\Telenor Säkerhetspaket\Anti-Virus\FSGK32.EXEC $:\$ Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeC $:\$ Program Files\Common Files\LightScribe\LSSrvc.exeC $:\$ Program Files\Telenor Säkerhetspaket\Common\FSHDLL32.EXEC $:\$ Program Files\PDF Complete\pdfsvc.exeC $:\$ windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC $:\$ Program Files\Common Files\Protexis\License Service\PsiService_2.exeC $:\$ windows\system32\svchost .exe -k imgsvcC $:\$ Program Files\Voddler\service\voddler.exeC $:\$ windows\System3 2\svchost.exe -k WerSvcGroupC $:\$ windows\system32\SearchIndexer.exeC $:\$ Pr ogram Files\Telenor Säkerhetspaket\FWES\Program\fsdfwd.exeC $:\$ Program Files\Telenor Säkerhetspaket\Anti-Virus\fssm32.exeC $:\$ Windows\syst em32\WUDFHost.exeC $:\$ Program Files\Telenor Säkerhetspaket\ORSP Client\fsorsp.exeC $:\$ windows\system32\taskeng.exeC $:\$ wi ndows\system32\Dwm.exeC $:\$ windows\Explorer.EXEC $:\$ Progr am Files\Windows Defender\MSASCui.exeC $:\$ Program Files\Synaptics\SynTP\SynTPEnh.exeC $:\$ Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exeC $:\$ Program Files\iTunes\iTunesHelper.exeC $:\$ Program Files\IDT\WDM\sttray.exeC $:\$ Program Files\Java\jre6\bin\jusched.exeC $:\$ Program Files\Voddler\service\VNetManager.exeC $:\$ Program Files\Telenor Säkerhetspaket\Common\FSM32.EXEC $:\$ Program Files\Windows Sidebar\sidebar.exeC $:\$ Program Files\Emotum\Mobile Broadband\Mobile.exeC $:\$ Program Files\Windows Media Player\wmpnscfg.exeC $:\$ Program Files\Personal\bin\Personal.exeC $:\$ Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exeC $:\$ Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC $:\$ Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC $:\$ Program Files\iPod\bin\iPodService.exeC $:\$ windows\system32\w bem\wmiprvse.exeC $:\$ Program Files\Telenor Säkerhetspaket\Anti-Virus\fsav32.exeC $:\$ Program Files\Windows Media Player\wmpnetwk.exeC $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeC $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC $:\$ Program Files\Hewlett-Packard\Shared\hpqToaster.exeC $:\$ Progr am Files\Synaptics\SynTP\SynTPHelper.exeC $:\$ Windows\Sys tem32\mshta.exeC $:\$ Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeC $:\$ Program Files\Internet Explorer\iexplore.exeC $:\$ Program Files\Internet Explorer\iexplore.exeC $:\$ Program Files\Spotify\spotify.exeC $:\$ Program Files\Windows Live\Messenger\msnmsgr.exeC $:\$ Program Files\Windows Live\Contacts\wlcomm.exeC $:\$ Windows\system32\Macrome d\Flash\FlashUtil10e.exeC $:\$ Program Files\Internet Explorer\iexplore.exeC $:\$ Users\Andreas\Desktop\dds.s crC $:\$ windows\system32\conime.exeC $:\$ windows\system32\w bem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.se/uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome& locale=sv_se&c=92&bd=all&pf=cmnbmDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome& locale=sv_se&c=92&bd=all&pf=cmnbBHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c $:\$ program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c $:\$ program files\telenor säkerhetspaket rs\iescript\baselitmus.dllBHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c $:\$ program files\java\jre6\bin\jp2ssv.dllTB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No FileTB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c $:\$ program files\telenor säkerhetspaket rs\iescript\baselitmus.dlluRun: [Sidebar] c $:\$ program files\windows sidebar\sidebar.exe /autoRunuRun: [Emotum Mobile Broadband] c $:\$ program files\emotum\mobile broadband\Mobile.exeuRun: [WMPNSCFG] c $:\$ program files\windows media player\WMPNSCFG.exeuRun: [BrowserChoice] "c $:\$ windows\system32\browserchoice.exe" /runmRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun: [PDF Complete] c $:\$ program files\pdf complete\pdfsty.exemRun: [SynTPEnh] c $:\$ program files\synaptics\syntp\SynTPEnh.exemRun: [WirelessAssistant] c $:\$ program files\hewlett-packard\hp wireless assistant\HPWAMain.exemRun: [QlbCtrl.exe] c $:\$ program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /StartmRun: [StartCCC] "c $:\$ program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRunmRun: [HPCam_Menu] "c $:\$ program files\hewlett-packard\hp webcam\muitransfer\muistartmenu.exe" "c $:\$ program files\hewlett-packard\hp webcam" updatewithcreateonce "software\cyberlink\hp webcam\1.0"mRun: [QuickTime Task] "c $:\$ program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c $:\$ program files\itunes\iTunesHelper.exe"mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exemRun: [SunJavaUpdateSched] "c $:\$ program files\java\jre6\bin\jusched.exe"mRun: [VoddlerNet Manager] c $:\$ program files\voddler\service\VNetManager.exemRun: [F-Secure Manager] "c $:\$ program files\telenor säkerhetspaket\common\FSM32.EXE" /splashmRun: [F-Secure TNB] "c $:\$ program files\telenor säkerhetspaket\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSWStartupFolder: c $:\$ progra~2\micros~1\windows\startm~1\programs\star tup\bankid~1.lnk - c $:\$ program files\personal\bin\Personal.exeStartupFolder: c $:\$ progra~2\micros~1\windows\startm~1\programs\star tup\blueto~1.lnk - c $:\$ program files\widcomm\bluetooth software\BTTray.exemPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: E&xport to Microsoft Excel - c $:\$ progra~1\micros~2\office12\EXCEL.EXE/3000IE: Skicka bild till &Bluetooth-enhet... - c $:\$ program files\widcomm\bluetooth software\btsendto_ie_ctx.htmIE: Skicka sida till &Bluetooth-enhet... - c $:\$ program files\widcomm\bluetooth software\btsendto_ie.htmIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c $:\$ program files\widcomm\bluetooth software\btsendto_ie.htmIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c $:\$ progra~1\micros~2\office12\REFIEBAR.DLLLSP: c $:\$ program files\telenor se4,kerhetspaket\fsps\program\FSLSP.DLLDPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin .cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_1 7-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_1 7-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_1 7-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/g p.cabTCP: {58C0307E-A365-4D50-B92E-0DF87458AB46} = 195.54.122.221 195.54.122.211mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c $:\$ program files\common files\lightscribe\LSRunOnce.exe" ============= SERVICES / DRIVERS =============== R0 fsbts;fsbts;c $:\$ windows\system32\drivers\fsbts.sys [2010-2-22 33920]R0 Lbd;Lbd;c $:\$ windows\system32\drivers\Lbd.sys [2010-2-21 64288]R1 F-Secure HIPS;F-Secure HIPS Driver;c $:\$ program files\telenor säkerhetspaket\hips\drivers\fshs.sys [2010-2-22 68064]R1 FSES;F-Secure Email Scanning Driver;c $:\$ windows\system32\drivers\fses.sys [2010-2-22 35680]R1 FSFW;F-Secure Firewall Driver;c $:\$ windows\system32\drivers\fsdfw.sys [2010-2-22 71040]R1 fsvista;F-Secure Vista Support Driver;c $:\$ program files\telenor säkerhetspaket\anti-virus\minifilter\fsvista.sys [2010-2-22 12384]R1 mfehidk;McAfee Inc. mfehidk;c $:\$ windows\system32\drivers\mfehidk.sys [2009-7-31 207688]R3 btwl2cap;Bluetooth L2CAP Service;c $:\$ windows\system32\drivers\btwl2cap.sys [2009-9-23 29472]R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c $:\$ program files\telenor säkerhetspaket\anti-virus\minifilter\fsgk.sys [2010-2-22 107104]R3 hwusbfake;Huawei DataCard USB Fake;c $:\$ windows\system32\drivers\ewusbfake.sys [2009-10-8 103040]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c $:\$ windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]S3 MfeAVFK;McAfee Inc. MfeAVFK;c $:\$ windows\system32\drivers\MfeAVFK.sys [2009-7-31 79240]S3 MfeBOPK;McAfee Inc. MfeBOPK;c $:\$ windows\system32\drivers\MfeBOPK.sys [2009-7-31 35240]S3 MfeRKDK;McAfee Inc. MfeRKDK;c $:\$ windows\system32\drivers\MfeRKDK.sys [2009-7-31 34152]S4 F-Secure Filter;F-Secure File System Filter;c $:\$ program files\telenor säkerhetspaket\anti-virus\win2k\fsfilter.sys [2010-2-22 39776]S4 F-Secure Recognizer;F-Secure File System Recognizer;c $:\$ program files\telenor säkerhetspaket\anti-virus\win2k\fsrec.sys [2010-2-22 25184] =============== Created Last 30 ================ 2010-03-07 18:41:48 293376 ----a-w- c $:\$ windows\system32\browserchoice.exe2010-03-02 12:42:49 294254929 ----a-w- c $:\$ windows\MEMORY.DMP2010-02-25 17:13:19 0 d-----w- c $:\$ users\andreas\appdata oaming\Malwarebytes2010-02-25 17:13:10 38224 ----a-w- c $:\$ windows\system32\drivers\mbamswissarmy.sys2010-0 2-25 17:13:08 0 d-----w- c $:\$ programdata\Malwarebytes2010-02-25 17:13:06 19160 ----a-w- c $:\$ windows\system32\drivers\mbam.sys2010-02-23 20:56:49 434 ----a-w- c $:\$ windows\myClean.bat2010-02-22 17:17:05 33920 ----a-w- c $:\$ windows\system32\drivers\fsbts.sys2010-02-22 17:16:39 35680 ----a-w- c $:\$ windows\system32\drivers\fses.sys2010-02-22 17:16:33 71040 ----a-w- c $:\$ windows\system32\drivers\fsdfw.sys2010-02-22 17:16:32 572512 ----a-w- c $:\$ windows\system32\msvcp50.dll2010-02-22 17:14:27 0 d-----w- c $:\$ program files\Telenor Säkerhetspaket2010-02-22 16:50:53 0 d-----w- c $:\$ programdata\fssg2010-02-22 16:48:21 0 d-----w- c $:\$ programdata\f-secure2010-02-21 00:33:33 15880 ----a-w- c $:\$ windows\system32\lsdelete.exe2010-02-20 23:43:32 64288 ----a-w- c $:\$ windows\system32\drivers\Lbd.sys2010-02-20 23:43:26 95024 ----a-w- c $:\$ windows\system32\drivers\SBREDrv.sys2010-02-20 23:40:44 0 dc-h--w- c $:\$ programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC 6}2010-02-20 23:39:53 0 d-----w- c $:\$ program files\Lavasoft2010-02-20 23:39:52 0 d-----w- c $:\$ programdata\Lavasoft ==================== Find3M ==================== 2010-02-24 08:16:06 181632 ------w- c $:\$ windows\system32\MpSigStub.exe2010-02-22 17:16:41 642772 ----a-w- c $:\$ windows\system32\perfh01D.dat2010-02-22 17:16:41 139422 ----a-w- c $:\$ windows\system32\perfc01D.dat2010-01-25 12:00:35 471552 ----a-w- c $:\$ windows\system32\secproc_isv.dll2010-01-25 12:00:35 152576 ----a-w- c $:\$ windows\system32\secproc_ssp_isv.dll2010-01-25 12:00:35 152064 ----a-w- c $:\$ windows\system32\secproc_ssp.dll2010-01-25 12:00:22 471552 ----a-w- c $:\$ windows\system32\secproc.dll2010-01-25 11:58:52 332288 ----a-w- c $:\$ windows\system32\msdrm.dll2010-01-25 08:21:20 526336 ----a-w- c $:\$ windows\system32\RMActivate_isv.exe2010-01-25 08:21:20 346624 ----a-w- c $:\$ windows\system32\RMActivate_ssp_isv.exe2010-01-25 08:21:18 518144 ----a-w- c $:\$ windows\system32\RMActivate.exe2010-01-25 08:21:18 347136 ----a-w- c $:\$ windows\system32\RMActivate_ssp.exe2010-01-23 09:26:13 2048 ----a-w- c $:\$ windows\system32\tzres.dll2010-01-06 15:39:38 1696256 ----a-w- c $:\$ windows\system32\gameux.dll2010-01-06 15:38:47 28672 ----a-w- c $:\$ windows\system32\Apphlpdm.dll2010-01-06 13:30:41 4240384 ----a-w- c $:\$ windows\system32\GameUXLegacyGDFs.dll2010-01-02 06:38:20 916480 ----a-w- c $:\$ windows\system32\wininet.dll2010-01-02 06:32:33 71680 ----a-w- c $:\$ windows\system32\iesetup.dll2010-01-02 06:32:33 109056 ----a-w- c $:\$ windows\system32\iesysprep.dll2010-01-02 04:57:00 133632 ----a-w- c $:\$ windows\system32\ieUnatt.exe2009-11-09 18:47:17 665600 ----a-w- c $:\$ windows\inf\drvindex.dat2009-11-09 18:47:17 51200 ----a-w- c $:\$ windows\inf\infpub.dat2009-11-09 18:47:16 86016 ----a-w- c $:\$ windows\inf\infstor.dat2009-11-09 18:47:16 143360 ----a-w- c $:\$ windows\inf\infstrng.dat2008-04-16 16:31:09 35978 ----a-w- c $:\$ windows\inf\perflib\041d\perfd.dat2008-04-16 16:31:09 35978 ----a-w- c $:\$ windows\inf\perflib\041d\perfc.dat2008-04-16 16:31:09 290490 ----a-w- c $:\$ windows\inf\perflib\041d\perfi.dat2008-04-16 16:31:09 290490 ----a-w- c $:\$ windows\inf\perflib\041d\perfh.dat2008-01-21 02:57:01 174 --sha-w- c $:\$ program files\desktop.ini2006-11-02 09:20:21 287440 ----a-w- c $:\$ windows\inf\perflib\0000\perfi.dat2006-11-02 09:20:21 287440 ----a-w- c $:\$ windows\inf\perflib\0000\perfh.dat2006-11-02 09:20:19 30674 ----a-w- c $:\$ windows\inf\perflib\0000\perfd.dat2006-11-02 09:20:19 30674 ----a-w- c $:\$ windows\inf\perflib\0000\perfc.dat2009-11-17 11:12:50 245760 --sha-w- c $:\$ windows\serviceprofiles\localservice\appdata oaming\microsoft\windows\ietldcache\index.dat2009 -11-09 20:34:53 245760 --sha-w- c $:\$ windows\serviceprofiles etworkservice\appdata oaming\microsoft\windows\ietldcache\index.dat2009 -07-31 06:58:14 8192 --sha-w- c $:\$ windows\users\default\NTUSER.DAT ============= FINISH: 21:38:13,44 ===============

AntimalwareGuru Registrerad 2008-07-09 Poster: 595 Från N/A
	Rapportera #6 2010-03-09 kl 07:09
	ok så långt. den svchost.exe du pratar om antar jag ligger i en temp mapp, lista ut i vilken mapp den finns. öppna mappen och ta en skärm dump på mappen (skicka upp bilden till fuskbugg eller nån liknande sajt). är det massor med filer i mappen så skriv sökvägen till mappen (jag måste nämligen se alla filer i mappen)

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #7 2010-03-09 kl 11:08
	ok. jag tittade under historik i antivirusprogramet och hittade en lista över blockerade virus/spionprogram. trojan.heur.kmKfzGnMX8oc förekommer 93 gånger. blockerad varje gång. aldrig från samma temp-mapp vad jag kan se. vet inte riktigt vad jag ska göra.

AntimalwareGuru Registrerad 2008-07-09 Poster: 595 Från N/A
	Rapportera #8 2010-03-09 kl 18:12
	hämta detta program. http://www.snapfiles.com/screenshots/atfcleaner.h tmbocka åtmindstånde för ruta 1, 2, 3, 5 räknat uppifrån och klicka på empty selected http://www.softpedia.com/get/Security/Secure-clea ning/ATF-Cleaner.shtml starta om och skriv sökvägen till en av dessa mappar du ser i loggen, gärna den senaste

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #9 2010-03-09 kl 19:22
	tack för all hjälp du gett mig! ok. körde programmet. c $:\$ windows\system32\cdkablwr.dll det är den senaste. (trojan.generic.3286717)

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #10 2010-03-09 kl 19:24
	trojan.heur.kmKfzGnMX8oc kanske försvann i rensningen men har ersatts av trojan.generic.

AntimalwareGuru Registrerad 2008-07-09 Poster: 595 Från N/A
	Rapportera #11 2010-03-09 kl 21:08
	uppdatera malwarebytes, gör en snabb scan, ta bort det som hittas, posta logg. posta en hijackthis logg

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #12 2010-03-09 kl 21:51
	Logfile of Trend Micro HijackThis v2.0.2Scan saved at 21:55:29, on 2010-03-09Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18882)Boot mode: Normal Running processes:C $:\$ windows\system32\taskeng.exeC $:\$ windows\s ystem32\Dwm.exeC $:\$ windows\Explorer.EXEC $:\$ Program Files\Windows Defender\MSASCui.exeC $:\$ Program Files\Synaptics\SynTP\SynTPEnh.exeC $:\$ Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exeC $:\$ Program Files\iTunes\iTunesHelper.exeC $:\$ Program Files\IDT\WDM\sttray.exeC $:\$ Program Files\Java\jre6\bin\jusched.exeC $:\$ Program Files\Voddler\service\VNetManager.exeC $:\$ Program Files\Telenor Säkerhetspaket\Common\FSM32.EXEC $:\$ Program Files\Windows Sidebar\sidebar.exeC $:\$ Program Files\Emotum\Mobile Broadband\Mobile.exeC $:\$ Program Files\Windows Media Player\wmpnscfg.exeC $:\$ Program Files\Personal\bin\Personal.exeC $:\$ Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exeC $:\$ windows\System32\mobsync.exeC $:\$ Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC $:\$ Program Files\Synaptics\SynTP\SynTPHelper.exeC $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC $:\$ Program Files\Hewlett-Packard\Shared\hpqToaster.exeC $:\$ Progr am Files\iTunes\iTunes.exeC $:\$ windows\system32\SearchFi lterHost.exeC $:\$ Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exeC $:\$ windows\system32\coni me.exeC $:\$ Users\Andreas\Desktop\Malware och sånt\HiJackThis!\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome& locale=sv_se&c=92&bd=all&pf=cmnbR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome& locale=sv_se&c=92&bd=all&pf=cmnbR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C $:\$ Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C $:\$ Program Files\Telenor Säkerhetspaket\NRS\iescript\baselitmus.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C $:\$ Program Files\Java\jre6\bin\jp2ssv.dllO3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C $:\$ Program Files\Telenor Säkerhetspaket\NRS\iescript\baselitmus.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [PDF Complete] C $:\$ Program Files\PDF Complete\pdfsty.exeO4 - HKLM\..\Run: [SynTPEnh] C $:\$ Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [WirelessAssistant] C $:\$ Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [QlbCtrl.exe] C $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [StartCCC] "C $:\$ Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [HPCam_Menu] "c $:\$ Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "c $:\$ Program Files\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"O4 - HKLM\..\Run: [QuickTime Task] "C $:\$ Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C $:\$ Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C $:\$ Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [VoddlerNet Manager] C $:\$ Program Files\Voddler\service\VNetManager.exeO4 - HKLM\..\Run: [F-Secure Manager] "C $:\$ Program Files\Telenor Säkerhetspaket\Common\FSM32.EXE" /splashO4 - HKLM\..\Run: [F-Secure TNB] "C $:\$ Program Files\Telenor Säkerhetspaket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKCU\..\Run: [Sidebar] C $:\$ Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [Emotum Mobile Broadband] C $:\$ Program Files\Emotum\Mobile Broadband\Mobile.exeO4 - HKCU\..\Run: [WMPNSCFG] C $:\$ Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST&#39O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST&#39O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST&#39O4 - Global Startup: BankID säkerhetsprogram.lnk = C $:\$ Program Files\Personal\bin\Personal.exeO4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://c $:\$ PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C $:\$ PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: @C $:\$ Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @C $:\$ Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO13 - Gopher Prefix: O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin .cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/g p.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{58C0307E-A365- 4D50-B92E-0DF87458AB46}: NameServer = 195.54.122.221 195.54.122.211O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C $:\$ windows\System32\DriverStore\FileRepository\stwr t.inf_2159adbc\aestsrv.exeO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C $:\$ Program Files\LSI SoftModem\agrsmsvc.exeO23 - Service: AMD External Events Utility - AMD - C $:\$ windows\system32\atiesrxx.exeO23 - Service: Apple Mobile Device - Apple Inc. - C $:\$ Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C $:\$ Program Files\Bonjour\mDNSResponder.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C $:\$ Program Files\WIDCOMM\Bluetooth Software\btwdins.exeO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C $:\$ Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C $:\$ Program Files\Telenor Säkerhetspaket\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C $:\$ Program Files\Telenor Säkerhetspaket\FWES\Program\fsdfwd.exeO23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C $:\$ Program Files\Telenor Säkerhetspaket\Common\FSMA32.EXEO23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C $:\$ Program Files\Telenor Säkerhetspaket\ORSP Client\fsorsp.exeO23 - Service: HP Health Check Service - Hewlett-Packard - C $:\$ Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C $:\$ Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: iPod Service - Apple Inc. - C $:\$ Program Files\iPod\bin\iPodService.exeO23 - Service: IviRegMgr - InterVideo - C $:\$ Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C $:\$ Program Files\Lavasoft\Ad-Aware\AAWService.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C $:\$ Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C $:\$ Program Files\PDF Complete\pdfsvc.exeO23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C $:\$ Program Files\Common Files\Protexis\License Service\PsiService_2.exeO23 - Service: RoxMediaDB10 - Sonic Solutions - c $:\$ Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exeO23 - Service: Audio Service (STacSV) - IDT, Inc. - C $:\$ windows\System32\DriverStore\FileRepository\stwr t.inf_2159adbc\STacSV.exeO23 - Service: stllssvr - MicroVision Development, Inc. - c $:\$ Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: VoddlerNet - Voddler - C $:\$ Program Files\Voddler\service\voddler.exe --End of file - 9700 bytes

AntimalwareGuru Registrerad 2008-07-09 Poster: 595 Från N/A
	Rapportera #13 2010-03-09 kl 22:29
	nu ser det bra ut även i den här loggen

Raderad Registrerad 2012-05-17 Poster: 0 Från N/A
	Rapportera #14 2010-03-12 kl 11:17
	oj vad bra! tack så jättemycket för hjälpen!!!

Inte inloggad

Logga in Bli medlem

Läs mer

Senaste
Mest läst
Mest kommenterat

Programtips: Apple Safari 5.1.7 (programtips)
Programtips: Tweetdeck 1.4 (programtips)
LG:s första 4G-telefon med HD... (nyheter)
Programtips: Evernote 4.5.6 (programtips)
Programtips: Snapseed 1.1 (programtips)
HP storsatsar med 20 nya datorer (nyheter)
Stänger Microsoft ute Firefox... (nyheter)
Motorola Xoom 2 är här (artiklar)
Lenovo-datorer i miniformat (nyheter)
Dell satsar på Linux - igen (nyheter)

Kom in i diskussionen

Detta innehåll är skapat av PC Hemmas besökare

Test: HP Officejet 4500

1 kommentar

andy1n2: 695 kr är priset denna vecka i vår butik i lilla Köping

Forum

Detta innehåll är skapat av PC Hemmas medlemmar.

hittar inte andra datorer och min NAS i... (Nätverk)
Fick bra hjälp med datorproblem i Göteborg (Öppet forum)
Facebook - Hur gör man för att gå ur? (Övrigt)
Produktnyckel tll XP?? (Windows 95/98/Me/XP/Vista)
Grafikkort Sony Vaio (Grafik och ljud)
Skulle någon hjälpa mig bygga en gaming pc? (Datorer)
Irriterande!!!! Hjälp! (Datorer)
Registret (Öppet forum)
Trådlöst med Telia (Nätverk)
Datorn strular (Datorer)

Tester

Senaste
Mest läst
Mest kommenterat

Test: Intel Core i7-3770K
2012-04-24 20:54
Test: Samsung Galaxy SII LTE I9210
2012-04-23 18:47
Test: Western digital My Book Live duo
2012-04-19 09:36
Test: Compulab Fit-PC3-PRO W7
2012-04-18 13:26
Test: LaCie 5 Big Network V2
2012-04-12 14:46

Artikelkommentarer

Test: HP Officejet 4500
2012-05-11 10:15 Tester 1 kommentarer
Installera en webbkamera
2012-04-30 19:04 Guider 5 kommentarer
Pixma iP4950 - ny fotoskrivare från Canon
2012-04-25 21:03 Nyheter 2 kommentarer
Test: Asus P8Z68-V LX
2012-04-13 13:41 Tester 3 kommentarer
Sony avråder från Android 4
2012-04-07 11:23 Nyheter 9 kommentarer
Test: Apple Ipad
2012-04-06 21:32 Tester 4 kommentarer

© Egmont Tidskrifter