Citat:
Ursprungligen postat av 927
nej, det ovan gällde spyware doctor länken
kolla om du hittar detta i enhetshanteraren
win+pause >maskinvara >enhetshanteraren >visa >visa dolda enheter >icke plug and play >tdssxxx >högerklicka >inaktivera >starta om
annars så postar du en HJT logg
Det där funkade! Nu har jag skannat med både superantispyware och anti malwarebyte. Här är hijack-loggen:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:16, on 2008-03-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\IDispChg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\00THotkey.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
C:\Program\Apoint2K\Apoint.exe
C:\Program\TOSHIBA\TouchED\TouchED.Exe
C:\Program\TOSHIBA\PadTouch\PadExe.exe
C:\Program\TOSHIBA\TOSHIBAs kontroller\TFncKy.exe
C:\Program\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
C:\Program\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program\APV\autostart_and_process_viewer.exe
C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program\Apoint2K\Apntex.exe
C:\Program\Gigabyte\Gigabyte GN-WMAG 802.11g WLan (ATS)\G-EzLink.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.daemonsearch.com/intl/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [PadTouch] "C:\Program\TOSHIBA\PadTouch\PadExe.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] C:\Program\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [APV] C:\Program\APV\autostart_and_process_viewer.exe
O4 - HKCU\..\Run: [jsf8j34rgfght] C:\DOCUME~1\*******\LOKALA~1\Temp\winloggn.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpeedRunner] C:\Documents and Settings\*********\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] C:\Documents and Settings\********\Application Data\Microsoft\Windows\wxpqsgbu.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GN-WMAG Utility.lnk = C:\Program\Gigabyte\Gigabyte GN-WMAG 802.11g WLan (ATS)\G-EzLink.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {5ed80217-570b-4da9-bf44-be107c0ec166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/res...scbase6662.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{37EA6955-F347-4E09-BD4F-DE29A9E827BC}: NameServer = 84.246.88.10,84.246.88.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{37EA6955-F347-4E09-BD4F-DE29A9E827BC}: NameServer = 84.246.88.10,84.246.88.20
O20 - Winlogon Notify: !saswinlogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: IDispChg Service (IDispChgService) - Unknown owner - C:\WINDOWS\system32\IDispChg.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
--
End of file - 5661 bytes
