Mickilina

Alltid något //Mickilina

Hej! Installerade ovannämnd "städgumma" och för min förvånad hittade den en massa skräp. Jag använder ju dagligen RegSupreme Pro och trodde skulle ha lite "renare" register, därav förvåningen. Nu önskar jag höra om någon har erfarenheter av detta program både negativa som positiva. Vågar man använda detta? Visserligen finns där backup också, men vill helst undvika all extra trassel... Har bara scannat hittills. Lägger här en skärmdump om resultaten: Häls Mickilina

Hej e-son och Venoms! Denne medlem har idag startat 4 trådar i detta ämne varav tråd 2 och 3 har jag deletat. Både Malou och jag har sagt till/tillrättavisat honom men ändå skapade han en fjärde tråd var nu pågår verksamhet. Vad ska man göra? Jag vet inte någon råd sen längre. //Mickilina

En dator = en tråd En annan dator = en ny tråd Alltså ska du fortsätta här //Mickilina

Hej Stefan683! Eftersom dubbelpostandet är inte tillåtet så kommer jag att deleta din andra tråd: http://www.alltomxp.se/forum/index.php?top...22.msg99974#new MVH Mickilina Edit: Håll dig till på denna tråd med detta ärende, om behovet uppstår av någon anledning, så ska vi flytta tråden till lämplig forumsdel. Ytterligare dubbelpostningar kommer vi deleta utan vidare.

Hej! Testade precis och det tog 11 minuter innan uppdateringen blev färdig, trots att det hade uppdaterats under förmiddagen. Så lite trögt går det nog, men det funkar ju vilket fall //Mickilina

Ska sammanfoga dessa! //Mickilina

Hej smari57! Du har inte döpt om din TM HJT-fil, http://www.alltomxp.se/forum/index.php?topic=6306.0 Döp om HiJack This.exe filen HijackThis.exe =>Till => DITT alias/nick.exe Exempel => malou.exe 1: Högerklicka på Start-knappen => välj Utforskaren 2: Välj C:ProgramTrend MicroHijackThis ELLER => C:Program Files Trend MicroHijackThis <= Engelskt Windows System. 3: Markera/öppna HijackThis-mappen i det vänstra fönstret 4: I det högra fönstret skall du nu kunna se HijackThis.exe 5: Högerklicka på den och välj Byt Namn 6: Skriv in DITT alias/nick.exe Exempel => malou.exe 7: Klicka Enter-Tangenten 8: Stäng ner utforskaren. Gör det och kom med en ny log-fil. Samt hämta och installera Malwarebytes' AntiMalware och lämna den loggan också Nedladdning och instruktioner hittar du http://www.alltomxp.se/forum/index.php?topic=11094.0 Har du själv installerat YahooToolbar? Samma fråga gällande iPod? MVH Mickilina

Hej gebe! Så trevligt God Jul på dig! //Mickilina

Passa på Expressen delar ut julklappar genom SMS: http://www.expressen.se/noje/1.1413280/har...-med-julklappen //Mickilina

Jättetack för all hjälp! Det blev ju lite hastigt och snopet avslut med denna dator, men har dom så bråttom att dom hinner inte vänta ett par timmar till att man skulle hinna bli helt färdig, så finns det inte så mycket att göra. Ofta är det ju så, att redan då när folk ber om hjälp, då ska man ha blivit färdig redan helst dagen innan >, tacksamt från dom. Önskar alla hjälpsamma och även läsare här en God Jul! //Mickilina

Tack ni alla snälla och hjälpsamma Nu är datorn tillbaka hos ägaren. //Mickilina

Tack! Så länge gick det bra, men sen fick jag hjärnsläpp, hittar inte till utforskaren i felsäker läge C:Program FilesiPod <=Deleta hela mappen iPod //Mickilina

Hej Malou! Hade försvunnit Finns ingen verktygsrad Får fram en rullgardinmeny: Öppna Utforska Egenskaper Öppna delade Startmenyn Utforska delade Startmenyn Vilket av fönstren jag än öppnar är dom alla exakt lika utan något Verktyg > Mappalternativ Där finns ju flera flikar, men ingen hade de ovanstående. Hur vidare? //Mickilina

Hej Malou! Härligt ang HJT loggan. Jajamen, högerklickade och körde som admin. Vad är på tok! Säkerhetsprogram liger här bredvid mig. Tyckte mig behöva lite mat i mig och kom på att jag hade lömt bort mina morgonmediciner, därav denna extra dröjning. //Mickilina

Hej Malou! Datorn har blivit piggare i samma takt som jag själv blir trögare/tröttare Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:14:43, on 2008-12-23 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:Windowssystem32taskeng.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesLogMeInx86LogMeInSystray.exe C:Program FilesLogMeInx86LMIGuardian.exe C:Program FilesWindows DefenderMSASCui.exe C:WindowsRtHDVCpl.exe C:WindowsWindowsMobilewmdSync.exe C:Program FilesWindows Sidebarsidebar.exe C:Program FilesWindows LiveMessengermsnmsgr.exe C:Program FilesWindows Media Playerwmpnscfg.exe C:Program FilesPaltalk Messengerpaltalk.exe C:Program FilesInternet Explorerieuser.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe C:Windowssystem32NOTEPAD.EXE C:Windowssystem32NOTEPAD.EXE C:Program FilesWindows Live Toolbarmsn_sl.exe C:Program FilesTrend MicroHijackThislillajag.exe R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.se R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM..Run: [skytel] Skytel.exe O4 - HKLM..Run: [Windows Mobile-based device management] %windir%WindowsMobilewmdSync.exe O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O4 - HKUSS-1-5-18..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:Program FilesTOSHIBATRDCReminderTRDCReminder.exe (User 'Default user') O4 - Global Startup: PalTalk.lnk = C:Program FilesPaltalk Messengerpaltalk.exe O8 - Extra context menu item: &Windows Live Search - res://C:Program FilesWindows Live Toolbarmsntb.dll/search.htm O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:Program FilesPaltalk MessengerPaltalk.exe O9 - Extra button: Tradera - Köp och sälj - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://adfarm.mediaplex.com/ad/ck/7206-44921-9400-2 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgramsPartyGamingPartyPokerRunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgramsPartyGamingPartyPokerRunApp.exe O13 - Gopher Prefix: O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/OrderingGeneral...loader_fika.cab O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:Program FilesTOSHIBAConfigFreeCFSvcs.exe O23 - Service: GoogleDesktopManager - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:Program FilesLogMeInx86RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:Program FilesLogMeInx86LogMeIn.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:Program FilesTOSHIBATOSHIBA DVD PLAYERTNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:Windowssystem32TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:Program FilesTOSHIBAPower SaverTosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:Program FilesTOSHIBASMARTLogServiceTosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 6886 bytes

Hade inte kopierat hela loggan, förlåt. Här kommer resten: ======Scheduled tasks folder====== C:WindowstasksKontrollera uppdateringar för Windows Live Toolbar.job ======Registry dump====== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Länkhjälp till Adobe PDF Reader - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:Program FilesJavajre6binssv.dll [2008-12-23 320920] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live inloggningshjälpen - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:program filesgooglegoogletoolbar1.dll [2008-03-04 2411584] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:Program FilesWindows Live Toolbarmsntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:Program FilesJavajre6binjp2ssv.dll [2008-12-23 34816] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:program filesgooglegoogletoolbar1.dll [2008-03-04 2411584] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:Program FilesWindows Live Toolbarmsntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun] "Windows Defender"=C:Program FilesWindows DefenderMSASCui.exe [2008-01-18 1008184] "RtHDVCpl"=C:WindowsRtHDVCpl.exe [2008-01-29 4911104] "Skytel"=C:WindowsSkytel.exe [2007-11-20 1826816] "Windows Mobile-based device management"=C:WindowsWindowsMobilewmdSync.exe [2006-11-02 215552] [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] "Sidebar"=C:Program FilesWindows Sidebarsidebar.exe [2008-01-18 1233920] "MsnMsgr"=C:Program FilesWindows LiveMessengerMsnMsgr.Exe [2007-10-18 5724184] "WMPNSCFG"=C:Program FilesWindows Media PlayerWMPNSCFG.exe [2008-01-18 202240] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreg00TCrdMain] C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [2008-01-22 712704] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher] C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregCamera Assistant Software] C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-10-25 413696] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDesktop SMS] C:Program FilesIDMDesktop SMSDesktopSMS.exe [2007-06-18 1507328] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDisk Cleaner] C:Program FilesDisk CleanerLaunchDiskCleaner.Exe [2008-06-26 31328] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGoogle Desktop Search] C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe [2008-03-04 1836544] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregiTunesHelper] C:Program FilesiTunesiTunesHelper.exe [2008-09-08 289576] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLogMeIn GUI] C:Program FilesLogMeInx86LogMeInSystray.exe [2008-07-24 63048] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNDSTray.exe] NDSTray.exe [] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task] C:Program FilesQuickTimeQTTask.exe [2008-09-06 413696] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRegistry Helper] C:Program FilesRegistry HelperLaunchRegistryHelper.Exe [2008-06-26 25912] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSmoothView] C:Program FilesToshibaSmoothViewSmoothView.exe [2008-01-25 509816] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregStartCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2006-11-10 90112] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched] C:Program FilesJavajre6binjusched.exe [2008-12-23 136600] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-12-06 1029416] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregtopi] C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe [2007-07-10 581632] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTOSCDSPD] TOSCDSPD.EXE [] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregToshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-05-04 571024] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTPwrMain] C:Program FilesTOSHIBAPower SaverTPwrMain.EXE [2008-01-17 431456] C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup PalTalk.lnk - C:Program FilesPaltalk Messengerpaltalk.exe [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLS"="C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL" [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist] [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist] [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2D] shellAutoRuncommand - D:AutoRun.exe [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{71c5f769-63aa-11dd-9838-806e6f6e6963}] shellAutoRuncommand - D:AutoRun.exe [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{71c5f79d-63aa-11dd-9838-001b9ee6c7a7}] shellAutoRuncommand - D:AutoRun.exe [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{fc0601ab-631d-11dd-84f8-806e6f6e6963}] shellAutoRuncommand - D:AutoRun.exe ======List of files/folders created in the last 1 months====== 2008-12-23 14:52:01 ----D---- C:rsit 2008-12-23 02:54:16 ----D---- C:UsersUserAppDataRoamingMalwarebytes 2008-12-23 02:54:05 ----D---- C:ProgramDataMalwarebytes 2008-12-23 02:54:04 ----D---- C:Program FilesMalwarebytes' Anti-Malware 2008-12-23 02:23:41 ----A---- C:Windowssystem32mshtml.dll 2008-12-23 01:54:13 ----SHD---- C:Config.Msi 2008-12-23 01:44:19 ----A---- C:Windowssystem32javaws.exe 2008-12-23 01:44:19 ----A---- C:Windowssystem32deploytk.dll 2008-12-23 01:44:18 ----A---- C:Windowssystem32javaw.exe 2008-12-23 01:44:18 ----A---- C:Windowssystem32java.exe 2008-12-22 23:25:13 ----D---- C:Program FilesTrend Micro 2008-12-22 23:14:16 ----D---- C:Program FilesCCleaner 2008-12-12 03:03:57 ----A---- C:Windowssystem32tzres.dll 2008-12-11 05:09:04 ----A---- C:Windowssystem32gdi32.dll 2008-12-11 05:08:55 ----A---- C:Windowssystem32Apphlpdm.dll 2008-12-11 05:08:52 ----A---- C:Windowssystem32GameUXLegacyGDFs.dll 2008-12-11 05:08:41 ----A---- C:Windowssystem32shell32.dll 2008-12-11 05:08:20 ----A---- C:Windowsexplorer.exe 2008-12-11 05:08:11 ----A---- C:Windowssystem32urlmon.dll 2008-12-11 05:08:11 ----A---- C:Windowssystem32ieframe.dll 2008-12-11 05:08:10 ----A---- C:Windowssystem32wininet.dll 2008-12-11 05:08:09 ----A---- C:Windowssystem32mstime.dll 2008-12-11 05:08:06 ----A---- C:Windowssystem32iertutil.dll 2008-12-11 05:08:04 ----A---- C:Windowssystem32jsproxy.dll 2008-12-11 05:07:54 ----A---- C:Windowssystem32mf.dll 2008-12-11 05:07:53 ----A---- C:Windowssystem32WMVCORE.DLL 2008-12-11 05:07:51 ----A---- C:Windowssystem32WMNetMgr.dll 2008-12-11 05:07:51 ----A---- C:Windowssystem32logagent.exe 2008-12-04 02:58:51 ----A---- C:Windowssystem32WIN.INI 2008-12-04 02:58:51 ----A---- C:Windowssystem32SYSTEM.INI 2008-12-04 02:58:51 ----A---- C:Windowssystem32PROTOCOL.INI 2008-12-04 02:58:48 ----D---- C:Program FilesYadu Digital 2008-12-04 02:57:59 ----D---- C:WindowsDownloaded Installations 2008-11-26 13:21:31 ----A---- C:Windowssystem32PortableDeviceApi.dll 2008-11-26 13:21:27 ----A---- C:Windowssystem32PhotoMetadataHandler.dll 2008-11-26 13:21:26 ----A---- C:Windowssystem32WindowsCodecsExt.dll 2008-11-26 13:21:26 ----A---- C:Windowssystem32WindowsCodecs.dll 2008-11-26 13:21:22 ----A---- C:Windowssystem32connect.dll 2008-11-26 13:11:21 ----A---- C:Windowssystem32wups2.dll 2008-11-26 13:11:20 ----A---- C:Windowssystem32wucltux.dll 2008-11-26 13:11:20 ----A---- C:Windowssystem32wuaueng.dll 2008-11-26 13:11:20 ----A---- C:Windowssystem32wuauclt.exe 2008-11-26 13:10:47 ----A---- C:Windowssystem32wups.dll 2008-11-26 13:10:47 ----A---- C:Windowssystem32wudriver.dll 2008-11-26 13:10:47 ----A---- C:Windowssystem32wuapi.dll 2008-11-26 13:10:35 ----A---- C:Windowssystem32wuwebv.dll 2008-11-26 13:10:34 ----A---- C:Windowssystem32wuapp.exe 2008-11-24 23:23:05 ----D---- C:Program FilesuTorrent 2008-11-24 23:22:33 ----D---- C:UsersUserAppDataRoaminguTorrent ======List of files/folders modified in the last 1 months====== 2008-12-23 14:52:05 ----D---- C:WindowsPrefetch 2008-12-23 14:52:04 ----D---- C:WindowsTemp 2008-12-23 14:42:09 ----D---- C:Windowsinf 2008-12-23 14:42:09 ----AD---- C:WindowsSystem32 2008-12-23 14:42:09 ----A---- C:Windowssystem32PerfStringBackup.INI 2008-12-23 14:28:37 ----D---- C:ProgramDataMcAfee 2008-12-23 14:28:19 ----RD---- C:Program Files 2008-12-23 14:28:17 ----D---- C:Program FilesCommon Files 2008-12-23 14:27:45 ----D---- C:Windows 2008-12-23 14:26:18 ----D---- C:WindowsTasks 2008-12-23 14:26:06 ----D---- C:Windowssystem32drivers 2008-12-23 11:40:49 ----SHD---- C:WindowsInstaller 2008-12-23 11:40:24 ----SHD---- C:System Volume Information 2008-12-23 11:28:13 ----D---- C:Windowstracing 2008-12-23 11:17:45 ----SD---- C:WindowsDownloaded Program Files 2008-12-23 02:54:05 ----HD---- C:ProgramData 2008-12-23 02:24:15 ----D---- C:Windowswinsxs 2008-12-23 02:24:00 ----D---- C:Windowssystem32catroot 2008-12-23 01:52:17 ----D---- C:Program FilesJava 2008-12-23 00:02:24 ----D---- C:Program FilesLogMeIn 2008-12-22 23:19:52 ----D---- C:WindowsDebug 2008-12-19 16:09:37 ----D---- C:WindowsModemLogs 2008-12-13 03:06:10 ----A---- C:Windowssystem32MRT.INI 2008-12-12 03:35:41 ----D---- C:Windowsrescache 2008-12-12 03:18:07 ----D---- C:Windowssystem32catroot2 2008-12-12 03:14:36 ----D---- C:Program FilesWindows Mail 2008-12-12 03:14:35 ----D---- C:WindowsAppPatch 2008-12-12 03:14:34 ----D---- C:Windowssystem32sv-SE 2008-12-10 00:24:37 ----A---- C:Windowssystem32mrt.exe 2008-12-05 00:42:38 ----A---- C:Windowswin.ini 2008-12-04 02:58:52 ----SD---- C:UsersUserAppDataRoamingMicrosoft 2008-11-26 17:44:03 ----D---- C:Windowssystem32WDI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:Windowssystem32DRIVERSrtlprot.sys [2007-04-23 25896] R2 LMIInfo;LogMeIn Kernel Information Provider; ??C:Program FilesLogMeInx86RaInfo.sys [2008-07-24 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver; ??C:Windowssystem32driversLMIRfsDriver.sys [2008-07-24 47640] R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys [2006-06-18 12672] R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio.sys [2007-10-17 8704] R3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys [2007-07-27 2929664] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:Windowssystem32DRIVERSCmBatt.sys [2008-01-18 14208] R3 FwLnk;FwLnk Driver; C:Windowssystem32DRIVERSFwLnk.sys [2006-11-20 7168] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys [2008-04-17 15464] R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSHSX_DPV.sys [2007-11-01 985600] R3 HSXHWAZL;HSXHWAZL; C:Windowssystem32DRIVERSHSXHWAZL.sys [2007-11-01 208896] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2008-01-30 2058528] R3 lmimirr;lmimirr; C:Windowssystem32DRIVERSlmimirr.sys [2008-07-24 10144] R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2007-12-28 104448] R3 RTL8187B;Realtek RTL8187B trådlös 802.11b/g 54Mbps USB 2.0 nätverksadapter; C:Windowssystem32DRIVERSRTL8187B.sys [2007-12-26 290304] R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2007-12-06 196400] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:Windowssystem32DRIVERStdcmdpst.sys [2006-10-18 16128] R3 usbvideo;Chicony USB 2.0 Camera; C:WindowsSystem32Driversusbvideo.sys [2008-01-18 134016] R3 UVCFTR;UVCFTR; C:WindowsSystem32DriversUVCFTR_S.SYS [2007-12-17 18432] R3 winachsf;winachsf; C:Windowssystem32DRIVERSHSX_CNXT.sys [2007-11-01 661504] S3 AgereSoftModem;Agere Systems Soft Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-02 983552] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys [2008-01-18 5632] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:Windowssystem32DRIVERSVSTAZL3.SYS [2006-11-02 200704] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:Windowssystem32DRIVERSewusbmdm.sys [2007-08-16 101376] S3 MSKSSRV;Tjänstproxy för Microsoft-direktuppspelning; C:Windowssystem32driversMSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Klockproxy för Microsoft-direktuppspelning; C:Windowssystem32driversMSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Kvalitetshanteringsproxy för Microsoft-direktuppspelning; C:Windowssystem32driversMSPQM.sys [2008-01-18 5504] S3 MSTEE;Tee/Sink-to-Sink-konverterare för Microsoft-direktuppspelning; C:Windowssystem32driversMSTEE.sys [2008-01-18 6016] S3 RTSTOR;Realtek USB 2.0 Card Reader; C:Windowssystem32driversRTSTOR.SYS [2008-02-20 60416] S3 winusb;WinUSB Service; C:Windowssystem32DRIVERSwinusb.sys [2008-01-18 31616] S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-18 83328] S4 LMIRfsClientNP;LMIRfsClientNP; C:Windowssystem32driversLMIRfsClientNP.sys [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-09-05 116040] R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe [2007-07-27 610304] R2 ConfigFree Service;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2007-12-25 40960] R2 LMIMaint;LogMeIn Maintenance Service; C:Program FilesLogMeInx86RaMaint.exe [2008-10-16 116032] R2 LogMeIn;LogMeIn; C:Program FilesLogMeInx86LogMeIn.exe [2008-07-24 63040] R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-18 21504] R2 TNaviSrv;TOSHIBA Navi Support Service; C:Program FilesTOSHIBATOSHIBA DVD PLAYERTNaviSrv.exe [2008-01-21 83312] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:Windowssystem32TODDSrv.exe [2007-11-21 129632] R2 TosCoSrv;TOSHIBA Power Saver; c:Program FilesTOSHIBAPower SaverTosCoSrv.exe [2008-01-17 431456] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; c:Program FilesTOSHIBASMARTLogServiceTosIPCSrv.exe [2007-12-03 126976] R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152] R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-18 21504] R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio.exe [2007-10-17 386560] S3 GoogleDesktopManager;GoogleDesktopManager; C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe [2008-03-04 1836544] S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-03-04 138168] S3 iPod Service;iPod Service; C:Program FilesiPodbiniPodService.exe [2008-09-08 536872] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader Service; C:Program FilesWindows LiveMessengerusnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:Program FilesWindows LiveinstallerWLSetupSvc.exe [2007-10-25 266240] -----------------EOF-----------------

Det nämnde du och det var vad jag gjorde :-[ Något är tydligen mer konstigt/galet, men vad? //Mickilina

Loggan från RSIT: Logfile of random's system information tool 1.05 (written by random/random) Run by User at 2008-12-23 14:52:01 Microsoft® Windows Vista Home Premium Service Pack 1 System drive C: has 80 GB (67%) free of 119 GB Total RAM: 2941 MB (74% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:52:05, on 2008-12-23 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:Windowssystem32taskeng.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesLogMeInx86LogMeInSystray.exe C:Program FilesLogMeInx86LMIGuardian.exe C:Program FilesWindows DefenderMSASCui.exe C:WindowsRtHDVCpl.exe C:WindowsWindowsMobilewmdSync.exe C:Program FilesWindows Sidebarsidebar.exe C:Program FilesWindows LiveMessengermsnmsgr.exe C:Program FilesWindows Media Playerwmpnscfg.exe C:Program FilesPaltalk Messengerpaltalk.exe C:Program FilesInternet Explorerieuser.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe C:UsersUserDesktopRSIT.exe C:Program Filestrend microUser.exe R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.se R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM..Run: [skytel] Skytel.exe O4 - HKLM..Run: [Windows Mobile-based device management] %windir%WindowsMobilewmdSync.exe O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O4 - HKUSS-1-5-18..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:Program FilesTOSHIBATRDCReminderTRDCReminder.exe (User 'Default user') O4 - Global Startup: PalTalk.lnk = C:Program FilesPaltalk Messengerpaltalk.exe O8 - Extra context menu item: &Windows Live Search - res://C:Program FilesWindows Live Toolbarmsntb.dll/search.htm O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:Program FilesPaltalk MessengerPaltalk.exe O9 - Extra button: Tradera - Köp och sälj - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://adfarm.mediaplex.com/ad/ck/7206-44921-9400-2 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgramsPartyGamingPartyPokerRunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgramsPartyGamingPartyPokerRunApp.exe O13 - Gopher Prefix: O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/OrderingGeneral...loader_fika.cab O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:Program FilesTOSHIBAConfigFreeCFSvcs.exe O23 - Service: GoogleDesktopManager - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:Program FilesLogMeInx86RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:Program FilesLogMeInx86LogMeIn.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:Program FilesTOSHIBATOSHIBA DVD PLAYERTNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:Windowssystem32TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:Program FilesTOSHIBAPower SaverTosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:Program FilesTOSHIBASMARTLogServiceTosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 6787 bytes 013 Gopher Prefix återkommer gång på gång i HJT Anteckningar verkar strula också med HJT, får inte fram den aktuella loggan, utan nåon gammal :-[ Tog bort McAfee, kan jag installera redan F-Secure? Ipod fanns inte i Lägg till/Ta bort, utan fixade den i HJT Har jag glömt bort något? //Mickilina edit: ser att iPod är envist kvar >

Hej Malou! Trodde jag :-[ AskBar verkar inte vara så lätt att avliva: Hittar den I HJT, men inte på den delen var går att fixa. Har inte fått tag i ägaren, men Bonjour har jag avinstallerad på eget bevåg, lika bra att iPod får ta samma väg Datorn mår betydligt bättre, fast det finns lite kvar för önskan (om den var min alltså) Har rensat bort en del från Autostart, men värre är med dom som körs som service (023-rader). Där finns säkert mycket att avaktivera/sätta på manuell, men jag vet ju inget om Vistas behov. Ska köra RSIT Återkommer sen //Mickilina

God morgon e-son! Underbart när man har vaknat upp efter några timmars sömn att hitta svaret färdigt serverat på silverfat Jättetack! //Mickilina

Hej Sir Toby! Vad roligt få höra! God Jul på dig och var rädd om din dator. //Mickilina

Hej Malou! Fixad Javan, tagit bort 2 gamla versioner AskBar/Ask Jeevers avinstallerad 013-rad fixad Men... Hittar ingen *Kör*funktion, antagligen ett annat namn/annan sökväg... får bli senare MBAM hittade lite och åtgärdade också Logga från virustotal är kanske onödigt lång... men då bör allt vara med Med all säkerhet är det han Förmodligen grabben som har installerad, men ska ringa och höra om det också eftersom jag tycker att Bonjour verkar för mig lite tveksamt. Återkommer ang dessa på dagtid. Hoppas jag har inte hoppat över någon fråga Malwarebytes' Anti-Malware 1.31 Databasversion: 1533 Windows 6.0.6001 Service Pack 1 2008-12-23 03:07:31 mbam-log-2008-12-23 (03-07-31).txt Skanningstyp: Snabb skanning Antal skannade objekt: 45939 Förfluten tid: 8 minute(s), 56 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 0 Infekterade registernycklar: 1 Infekterade registervärden: 0 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 1 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: (Inga illasinnade poster hittades) Infekterade registernycklar: HKEY_LOCAL_MACHINESOFTWAREMozillaMSFox (Trojan.Agent) -> Quarantined and deleted successfully. Infekterade registervärden: (Inga illasinnade poster hittades) Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: C:WindowsSystem32ieupdates.exe.tmp (Adware.Agent) -> Quarantined and deleted successfully. Loggen från virustotal: Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.12.19.3 2008.12.19 - AntiVir 7.9.0.45 2008.12.19 - Authentium 5.1.0.4 2008.12.18 - Avast 4.8.1281.0 2008.12.18 - AVG 8.0.0.199 2008.12.19 - BitDefender 7.2 2008.12.19 - CAT-QuickHeal 10.00 2008.12.19 - ClamAV 0.94.1 2008.12.19 - Comodo 781 2008.12.19 - DrWeb 4.44.0.09170 2008.12.19 - eSafe 7.0.17.0 2008.12.18 - eTrust-Vet 31.6.6268 2008.12.18 - Ewido 4.0 2008.12.19 - F-Prot 4.4.4.56 2008.12.18 - F-Secure 8.0.14332.0 2008.12.19 - Fortinet 3.117.0.0 2008.12.19 - GData 19 2008.12.19 - Ikarus T3.1.1.45.0 2008.12.19 - K7AntiVirus 7.10.557 2008.12.18 - Kaspersky 7.0.0.125 2008.12.19 - McAfee 5468 2008.12.18 - McAfee+Artemis 5468 2008.12.18 - Microsoft 1.4205 2008.12.19 - NOD32 3705 2008.12.19 - Norman 5.80.02 2008.12.18 - Panda 9.0.0.4 2008.12.19 - PCTools 4.4.2.0 2008.12.19 - Prevx1 V2 2008.12.19 - Rising 21.08.42.00 2008.12.19 - SecureWeb-Gateway 6.7.6 2008.12.19 - Sophos 4.37.0 2008.12.19 - Sunbelt 3.2.1801.2 2008.12.11 - Symantec 10 2008.12.19 - TheHacker 6.3.1.4.191 2008.12.17 - TrendMicro 8.700.0.1004 2008.12.19 - VBA32 3.12.8.10 2008.12.18 - ViRobot 2008.12.19.1527 2008.12.19 - VirusBuster 4.5.11.0 2008.12.18 - Övrig information File size: 498176 bytes MD5...: 3708ccee4878eb0b9e7b92355a631853 SHA1..: fb2b64805e8ef1afa11439589a172603a881dd3f SHA256: 6ca3c86da704eb113c48ab7ac4583ab8d532d63f9d7331a4744a081b102621f5 SHA512: a0924ab6e699b3fd9a0db8883470ebc3c6345b286c00e88238c7fb58f9d1de7e baaa31df5206cbe14368a86d40260d76ed7fd8bad63d337b4f229344a17902ae ssdeep: 6144:yQyBIHUtHJyCzXxEObsUCtOfEE17TKf76UrgXB2bSCTKwjn29VF65WcQ5zi y3a:yw2XxHbsJtE317EcCTKdVF65dQ5i6a PEiD..: - TrID..: File type identification Windows OCX File (68.1%) Win32 Executable MS Visual C++ (generic) (20.7%) Win32 Executable Generic (4.7%) Win32 Dynamic Link Library (generic) (4.1%) Generic Win/DOS Executable (1.1%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1034e70 timedatestamp.....: 0x4791945e (Sat Jan 19 06:10:38 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5b6ce 0x5b800 6.13 c563c17705c552121332f55fdeae0864 .data 0x5d000 0x31f4 0x2800 4.62 3888d530636e63256aefaaf87fa8c36c .rsrc 0x61000 0x14128 0x14200 5.53 531be2c775f3f4dd0e04037213bb4dd4 .reloc 0x76000 0x72f2 0x7400 5.84 7348bd46c4f39b3f5684ac85bc242cc4 ( 10 imports ) > ADVAPI32.dll: RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, SetEntriesInAclW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, FreeSid, RegQueryValueExA, RegSetValueExA, RegQueryValueExW, RegOpenKeyW, RegCreateKeyW, AllocateAndInitializeSid > KERNEL32.dll: GetSystemDirectoryW, RegisterApplicationRestart, HeapSetInformation, LoadLibraryExW, GetModuleHandleW, LocalFree, FormatMessageW, WaitForMultipleObjects, ResumeThread, CreateThread, Sleep, MulDiv, GetUserDefaultUILanguage, LoadLibraryA, SetCurrentDirectoryW, ReleaseMutex, lstrcmpiW, CreateMutexW, ExpandEnvironmentStringsW, GetSystemInfo, GetExitCodeThread, TerminateThread, ResetEvent, CreateEventW, CreateIoCompletionPort, GetSystemWindowsDirectoryW, GetFileMUIPath, GetBinaryTypeW, OutputDebugStringA, UnhandledExceptionFilter, TerminateProcess, GetModuleFileNameW, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoW, VirtualAlloc, VirtualFree, lstrlenA, WideCharToMultiByte, GetProcessHeap, HeapSize, HeapReAlloc, HeapFree, HeapAlloc, HeapDestroy, GetVersionExA, DelayLoadFailureHook, GetCurrentProcessId, MultiByteToWideChar, DeleteCriticalSection, InitializeCriticalSection, lstrlenW, LoadLibraryW, FreeLibrary, SetEvent, GetQueuedCompletionStatus, InterlockedExchange, WaitForSingleObject, CloseHandle, GetLastError, PostQueuedCompletionStatus, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, GetVersionExW, InitializeCriticalSectionAndSpinCount, FileTimeToSystemTime, SystemTimeToFileTime, GetSystemTime, GetUserDefaultLCID, LocalAlloc, OpenEventW, GetProcAddress, InterlockedCompareExchange, SetLastError, GetCurrentThreadId, GetCurrentProcess, FlushInstructionCache, LeaveCriticalSection, EnterCriticalSection, RaiseException, InterlockedIncrement, InterlockedDecrement, GetSystemTimeAsFileTime > GDI32.dll: CreateFontIndirectW, GetDeviceCaps, CreateDIBSection, CreateCompatibleDC, GetStockObject, DeleteObject, GetObjectW, SelectObject, GetTextExtentPoint32W, DeleteDC, SetBkMode, SetTextColor > USER32.dll: MonitorFromPoint, GetMonitorInfoW, GetProcessDefaultLayout, LoadCursorW, SetCursor, GetFocus, TrackMouseEvent, MonitorFromRect, LoadAcceleratorsW, GetMessageW, TranslateAcceleratorW, TranslateMessage, DispatchMessageW, CharNextW, IsWindow, PostMessageW, LoadStringW, InvalidateRect, EnableMenuItem, EnumChildWindows, DestroyMenu, GetKeyState, SetActiveWindow, GetClassNameW, GetWindowThreadProcessId, DestroyWindow, IsIconic, IsZoomed, GetWindowRect, GetWindowPlacement, SetWindowPlacement, LockWindowUpdate, PostQuitMessage, GetActiveWindow, LoadIconW, GetSysColor, ShowWindow, DeleteMenu, ReleaseDC, SystemParametersInfoW, GetDlgItem, EnableWindow, IsDlgButtonChecked, CheckDlgButton, BringWindowToTop, GetSysColorBrush, UnregisterClassA, GetSystemMetrics, RegisterWindowMessageW, FindWindowExW, KillTimer, SetTimer, SetWindowTextW, CharLowerBuffW, LoadMenuW, GetSubMenu, CheckMenuRadioItem, TrackPopupMenuEx, GetParent, ClientToScreen, CreateWindowExW, GetClassInfoExW, SetForegroundWindow, RegisterClassExW, DefWindowProcW, SetFocus, GetDC, AdjustWindowRectEx, IsWindowEnabled, IsWindowVisible, GetClientRect, SetWindowPos, MoveWindow, GetMenu, SendMessageW, GetWindowLongW, SetWindowLongW, CallWindowProcW, SwitchToThisWindow > msvcrt.dll: _controlfp, _onexit, _lock, __dllonexit, _unlock, _errno, realloc, _except_handler4_common, _terminate@@YAXXZ, __1type_info@@UAE@XZ, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _amsg_exit, _initterm, _wcmdln, _XcptFilter, _exit, _cexit, __wgetmainargs, calloc, _ftol2, _itoa, _ltow, wcschr, exit, swprintf_s, __0exception@@QAE@XZ, __0exception@@QAE@ABV0@@Z, __1exception@@UAE@XZ, _what@exception@@UBEPBDXZ, __0exception@@QAE@ABQBD@Z, wcsncpy_s, iswspace, _wsplitpath_s, wcsncat_s, _beginthreadex, _wtoi, memmove_s, _itow, _wcsicmp, memcpy_s, memset, _wcsnicmp, __RTDynamicCast, wcsstr, _ultow_s, wcsrchr, iswdigit, _vscwprintf, vswprintf_s, _strlwr_s, _ultoa_s, wcsnlen, strncmp, _msize, wcsncmp, _itoa_s, _i64toa_s, _ui64toa_s, _gcvt_s, _get_errno, _set_errno, _fpclass, _wcstoi64, _wcstoui64, _HUGE, wcstod, swscanf, _vsnwprintf, wcspbrk, memcpy, _wcslwr, memmove, _purecall, _resetstkoflw, _ftol2_sse, wcscat_s, wcscpy_s, free, malloc, _CxxThrowException, __CxxFrameHandler3, _callnewh > COMCTL32.dll: ImageList_LoadImageW, -, -, InitCommonControlsEx, ImageList_Destroy, ImageList_Add, ImageList_Draw, ImageList_GetIconSize, ImageList_Create, ImageList_GetImageCount, PropertySheetW > ole32.dll: StringFromCLSID, CoGetClassObject, CreateStreamOnHGlobal, OleGetClipboard, OleInitialize, CoInitializeSecurity, CoResumeClassObjects, OleUninitialize, CoTaskMemFree, CoRegisterClassObject, CoRevokeClassObject, CoTaskMemRealloc, CoTaskMemAlloc, CoUninitialize, CoInitialize, CoCreateInstance > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > SHLWAPI.dll: UrlEscapeW, UrlUnescapeW > RPCRT4.dll: UuidCreate, UuidCreateNil, RpcStringFreeA, UuidToStringA, UuidIsNil, UuidFromStringA ( 0 exports ) Och nu ska jag göra natt här //Mickilina

Hej! Var och hur hittar man i Vista motsvarande funktion som heter *Kör* i XP? //Mickilina

Tack Lasseska, jag hittade till sist! //Mickilina