Autzen Skrevet 17. september 2008 Del Skrevet 17. september 2008 Hei. I det siste har nettet blitt veldig tregt, selv om jeg har bra nettverksignal. Tar ofte en evighet å åpne sider og loade youtube klipp osv. Jeg kan heller ikke starte MSN live. Jeg trykker på ikonet, men ingenting skjer. Hvis jeg taster "ctrl, alt, delete" så ser jeg at det står prosesser, men det er alt. Nettverket fungerer helt fint på samboerens PC. Så tror det er noe med min PC og ikke selve nettverket. Jeg har forresten trådløst nettverk. Jeg har scannet PCen med AVG, men den fant ikke noe i det heletatt. Så er det noen som kan hjelpe meg? Lenke til kommentar
norbat Skrevet 17. september 2008 Del Skrevet 17. september 2008 Kjør gjennom veiledningen, så ser vi om det ligger noe der: https://www.diskusjon.no/index.php?showtopic=691246 Loggene det spørres etter, poster du her i din egen tråd. Lenke til kommentar
Autzen Skrevet 17. september 2008 Forfatter Del Skrevet 17. september 2008 ^ Takk Malwarebytes' Anti-Malware 1.28 Database versjon: 1166 Windows 5.1.2600 Service Pack 2 18.09.2008 00:20:31 mbam-log-2008-09-18 (00-20-31).txt Skanntype: Rask Skann Objekter skannet: 44632 Tid tilbakelagt: 2 minute(s), 8 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 1 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0044a14 (Trojan.Vundo) -> Quarantined and deleted successfully. Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) _______________________________ ComboFix 08-09-16.05 - Christopher Autzen 2008-09-18 0:22:29.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.2456 [GMT 2:00] Running from: C:\Documents and Settings\Christopher Autzen\Skrivebord\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\xcrashdump.dat F:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-08-17 to 2008-09-17 ))))))))))))))))))))))))))))))) . 2008-09-18 00:21 . 2008-09-18 00:22 <DIR> d-------- C:\32788R22FWJFW 2008-09-18 00:17 . 2008-09-18 00:17 <DIR> d-------- C:\Programfiler\Malwarebytes' Anti-Malware 2008-09-18 00:17 . 2008-09-18 00:17 <DIR> d-------- C:\Documents and Settings\Christopher Autzen\Programdata\Malwarebytes 2008-09-18 00:17 . 2008-09-18 00:17 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Malwarebytes 2008-09-18 00:17 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-09-18 00:17 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-09-18 00:16 . 2008-09-18 00:18 <DIR> dr-h----- C:\Documents and Settings\Christopher Autzen\Siste 2008-09-18 00:12 . 2008-09-18 00:12 <DIR> d-------- C:\Programfiler\CCleaner 2008-09-17 16:54 . 2008-09-17 22:50 <DIR> d-------- C:\Programfiler\MSN Messenger 2008-09-12 17:01 . 2008-09-12 17:01 <DIR> d-------- C:\Documents and Settings\Christopher Autzen\Programdata\dvdcss 2008-09-09 22:40 . 2008-09-17 22:52 <DIR> d-------- C:\Programfiler\Google 2008-09-07 20:23 . 2008-09-17 20:22 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-09-07 20:17 . 2008-09-17 19:19 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-09-07 20:17 . 2008-09-07 20:17 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-09-07 20:17 . 2008-09-07 20:17 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-09-07 20:17 . 2008-09-07 20:17 12,936 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys 2008-09-07 20:17 . 2008-09-07 20:17 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-09-07 20:16 . 2008-09-07 20:16 <DIR> d-------- C:\Programfiler\AVG 2008-09-07 20:16 . 2008-09-07 20:16 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\avg8 2008-09-07 20:16 . 2008-09-07 20:16 45,568 --a------ C:\WINDOWS\system32\avgfwdx.dll 2008-09-07 20:16 . 2008-09-07 20:16 23,296 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys 2008-09-07 18:03 . 2008-09-07 19:57 <DIR> d-------- C:\Programfiler\Fellesfiler\Symantec Shared 2008-09-06 16:57 . 2008-09-17 20:04 <DIR> d-------- C:\Programfiler\Windows Media Connect 2 2008-09-06 16:57 . 2004-08-04 14:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-09-06 16:56 . 2008-09-11 01:09 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-09-05 20:35 . 2008-09-05 20:37 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-09-04 20:55 . 2008-09-04 20:55 <DIR> d-------- C:\Programfiler\TagRename 2008-09-04 17:13 . 2004-08-04 01:03 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2008-09-04 17:13 . 2001-10-06 14:02 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2008-08-28 13:42 . 2008-08-28 13:42 <DIR> d-------- C:\Programfiler\AltoMP3 Gold 2008-08-28 13:42 . 2008-09-04 20:51 <DIR> d-a------ C:\Documents and Settings\All Users\Programdata\TEMP 2008-08-28 13:40 . 2008-08-28 13:40 <DIR> d-------- C:\Programfiler\4U Computing 2008-08-28 13:40 . 2003-03-26 06:59 573,440 --a------ C:\WINDOWS\system32\NCTAudioInformation2.dll 2008-08-28 13:40 . 2002-12-03 03:02 491,520 --a------ C:\WINDOWS\system32\NCTAudioFile.dll 2008-08-28 13:40 . 2003-03-25 15:08 286,720 --a------ C:\WINDOWS\system32\NCTWMAFile2.dll 2008-08-28 13:40 . 2002-12-03 03:07 168,448 --a------ C:\WINDOWS\system32\NCTAudioPlayer.dll 2008-08-28 13:40 . 2002-12-03 03:11 143,872 --a------ C:\WINDOWS\system32\NCTWMAFile.dll 2008-08-28 13:40 . 2002-03-19 07:18 120,832 --a------ C:\WINDOWS\system32\lame_enc.dll 2008-08-28 12:23 . 2008-08-28 12:23 <DIR> d-------- C:\Programfiler\Microsoft CAPICOM 2.1.0.2 2008-08-27 12:01 . 2008-08-27 12:01 <DIR> d-------- C:\Programfiler\NOS 2008-08-27 12:01 . 2008-08-27 12:01 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\NOS 2008-08-27 11:56 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-08-27 11:56 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-08-27 11:55 . 2008-08-27 11:55 <DIR> d-------- C:\Programfiler\ScanSoft 2008-08-27 11:55 . 2008-08-27 11:55 <DIR> d-------- C:\Programfiler\Fellesfiler\ScanSoft Shared 2008-08-27 11:55 . 2008-08-27 11:55 <DIR> d-------- C:\Documents and Settings\Christopher Autzen\Programdata\ScanSoft 2008-08-27 11:55 . 2008-08-27 11:55 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\ScanSoft 2008-08-27 11:55 . 2008-08-27 11:55 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\InstallShield 2008-08-27 11:55 . 2008-08-27 11:55 410 --a------ C:\WINDOWS\MAXLINK.INI 2008-08-27 11:54 . 2008-09-04 17:19 <DIR> d-------- C:\Programfiler\Fellesfiler\CANON 2008-08-27 11:21 . 2008-08-27 11:21 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information 2008-08-27 11:21 . 2008-08-27 11:21 <DIR> d--h----- C:\Programfiler\CanonBJ 2008-08-27 11:21 . 2008-08-27 11:21 <DIR> d--h----- C:\Documents and Settings\All Users\Programdata\CanonBJ 2008-08-27 11:21 . 2007-03-23 09:30 1,400,832 --a------ C:\WINDOWS\system32\CNC210C.DLL 2008-08-27 11:21 . 2007-03-18 22:00 215,040 --a------ C:\WINDOWS\system32\CNMLM8S.DLL 2008-08-27 11:21 . 2007-03-19 03:16 200,704 --a------ C:\WINDOWS\system32\CNC210L.DLL 2008-08-27 11:21 . 2007-03-15 07:12 188,416 --a------ C:\WINDOWS\system32\CNC210O.DLL 2008-08-27 11:21 . 2007-03-23 09:29 98,304 --a------ C:\WINDOWS\system32\CNC210I.DLL 2008-08-27 11:21 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-08-27 11:21 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys 2008-08-27 11:19 . 2008-09-04 17:20 <DIR> d-------- C:\Programfiler\Canon 2008-08-27 11:10 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-08-27 11:10 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-08-21 18:33 . 2008-09-17 19:45 19 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{DC4106C7-9BBC-4F94-A4A2-513D3331E017} . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-17 17:45 --------- d-----w C:\Programfiler\Steam 2008-09-17 17:45 --------- d-----w C:\Programfiler\Conduit 2008-09-17 15:02 --------- d-----w C:\Programfiler\Windows Live 2008-09-17 15:00 --------- d-----w C:\Documents and Settings\All Users\Programdata\WLInstaller 2008-09-11 07:55 --------- d-----w C:\Documents and Settings\All Users\Programdata\Microsoft Help 2008-09-09 20:56 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\Skype 2008-09-09 19:56 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\skypePM 2008-09-05 19:24 --------- d-----w C:\Programfiler\Skype 2008-08-27 10:05 --------- d-----w C:\Programfiler\Fellesfiler\Adobe 2008-08-27 09:55 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield 2008-08-14 11:26 --------- d-----w C:\Programfiler\Java 2008-08-14 11:25 --------- d-----w C:\Programfiler\Fellesfiler\Java 2008-08-13 14:10 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2008-08-13 14:10 --------- d-----w C:\Programfiler\D-Link 2008-08-13 14:10 --------- d-----w C:\Programfiler\ANI 2008-08-03 12:24 --------- d-----w C:\Documents and Settings\All Users\Programdata\FLEXnet 2008-08-03 12:21 --------- d-----w C:\Programfiler\Bonjour 2008-08-03 12:17 --------- d-----w C:\Programfiler\Fellesfiler\Macrovision Shared 2008-07-31 18:11 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\Winamp 2008-07-31 17:56 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\Creative 2008-07-29 22:58 137,840 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-07-29 22:58 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-07-28 11:47 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\Bioshock 2008-07-28 00:48 --------- d-----w C:\Programfiler\EA Sports 2008-07-27 12:59 --------- d-----w C:\Programfiler\Telltale Games 2008-07-25 16:27 --------- d-----w C:\Programfiler\Creative 2008-07-25 16:26 --------- d-----w C:\Programfiler\Audible 2008-07-25 16:20 --------- d--h--w C:\Programfiler\Creative Installation Information 2008-07-25 16:20 --------- d-----w C:\Programfiler\Fellesfiler\Creative 2008-07-25 16:19 --------- d-----w C:\Documents and Settings\All Users\Programdata\Creative 2008-07-25 14:51 --------- d-----w C:\Programfiler\Opera 2008-07-24 16:47 --------- d-----w C:\Programfiler\Fellesfiler\Skype 2008-07-24 16:47 --------- d-----w C:\Documents and Settings\All Users\Programdata\Skype 2008-07-23 16:31 --------- d-----w C:\Programfiler\Bethesda Softworks 2008-07-23 16:06 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\Sports Interactive 2008-07-23 15:56 --------- d-----w C:\Programfiler\BitLord 2008-07-23 15:37 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-07-23 15:37 --------- d--h--r C:\Documents and Settings\Christopher Autzen\Programdata\SecuROM 2008-07-23 15:36 --------- d--h--w C:\Programfiler\Zero G Registry 2008-07-23 15:28 --------- d-----w C:\Programfiler\Sports Interactive 2008-07-23 14:07 --------- d-----w C:\Programfiler\MSBuild 2008-07-23 14:07 --------- d-----w C:\Programfiler\Microsoft Works 2008-07-23 13:43 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2008-07-23 10:51 --------- d-----w C:\Documents and Settings\All Users\Programdata\nView_Profiles 2008-07-23 10:42 --------- d-----w C:\Programfiler\SystemRequirementsLab 2008-07-23 09:05 --------- d-----w C:\Programfiler\PowerISO 2008-07-23 08:57 --------- d-----w C:\Programfiler\EA GAMES 2008-07-23 08:53 --------- d-----w C:\Programfiler\DAEMON Tools Toolbar 2008-07-23 08:53 --------- d-----w C:\Programfiler\DAEMON Tools Lite 2008-07-23 00:20 --------- d-----w C:\Programfiler\VideoLAN 2008-07-23 00:20 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\vlc 2008-07-22 23:37 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-07-22 23:37 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\DAEMON Tools 2008-07-22 23:35 --------- d-----w C:\Programfiler\Last.fm 2008-07-22 23:35 --------- d-----w C:\Documents and Settings\All Users\Programdata\Last.fm 2008-07-22 23:22 --------- d-----w C:\Programfiler\Winamp 2008-07-22 19:49 --------- dcsh--w C:\Programfiler\Fellesfiler\WindowsLiveInstaller 2008-07-22 19:28 --------- d-----w C:\Programfiler\ASUS 2008-07-22 19:24 --------- d-----w C:\Programfiler\Marvell 2008-07-22 19:24 --------- d-----w C:\Documents and Settings\Christopher Autzen\Programdata\TMP 2008-07-22 19:22 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-07-22 19:22 --------- d-----w C:\Programfiler\Realtek 2008-07-22 19:15 --------- d-----w C:\Programfiler\Intel 2008-07-22 18:04 --------- d-----w C:\Programfiler\microsoft frontpage 2008-07-22 18:04 --------- d-----w C:\Programfiler\Elektroniske tjenester 2008-07-22 18:03 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-07 20:33 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-06-24 16:24 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll 2008-06-23 15:41 658,944 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:43 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll 2006-06-23 22:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{77D7E795-33C5-4323-974D-A2A49AB75517}] 2008-09-03 12:14 133616 --a----t- C:\Programfiler\Google\Update\1.2.131.11\GoopdateBho.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "DAEMON Tools Lite"="C:\Programfiler\DAEMON Tools Lite\daemon.exe" [2008-07-17 490952] "Steam"="C:\Programfiler\Steam\Steam.exe" [2008-07-23 1271032] "MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-08-04 1667584] "CTSyncU.exe"="C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 700416] "Google Update"="C:\Documents and Settings\Christopher Autzen\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" [2008-09-03 133104] "AdobeUpdater"="C:\Programfiler\Fellesfiler\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 2321600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 1426432] "CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 626176] "Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 880640] "WinampAgent"="C:\Programfiler\Winamp\winampa.exe" [2008-07-09 36352] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-06-18 13533184] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-06-18 86016] "GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "D-Link AirPlus G"="C:\Programfiler\D-Link\AirPlus G\AirGCFG.exe" [2006-11-17 1552384] "ANIWZCS2Service"="C:\Programfiler\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2006-06-29 49152] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "CanonSolutionMenu"="C:\Programfiler\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="C:\Programfiler\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "SSBkgdUpdate"="C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="C:\Programfiler\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-09-07 1235736] "RTHDCPL"="RTHDCPL.EXE" [2007-08-10 C:\WINDOWS\RTHDCPL.exe] "nwiz"="nwiz.exe" [2008-06-18 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "C:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"= "C:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Programfiler\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Programfiler\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Programfiler\\Sports Interactive\\Football Manager 2008\\fm.exe"= "C:\\Programfiler\\BitLord\\BitLord.exe"= "C:\\Programfiler\\Steam\\steamapps\\autzen89\\team fortress 2\\hl2.exe"= "C:\\Programfiler\\Steam\\steamapps\\autzen89\\half-life 2 deathmatch\\hl2.exe"= "C:\\Programfiler\\Opera\\opera.exe"= "C:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "C:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"= "C:\\Programfiler\\Skype\\Phone\\Skype.exe"= "C:\\Programfiler\\Messenger\\msmsgs.exe"= "C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "C:\\Programfiler\\MSN Messenger\\livecall.exe"= R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-09-07 12936] R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-09-07 97928] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-07 231704] R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-09-07 1220888] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-09-07 76040] R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-09-07 23296] S2 gupdate1c912bc52e2118e;Google Update Service (gupdate1c912bc52e2118e);C:\Programfiler\Google\Update\GoogleUpdate.exe [2008-09-03 133104] S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-09-07 23296] S3 getPlus(R) Helper;getPlus(R) Helper;C:\Programfiler\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5053dcaf-5827-11dd-b73d-001fc6853a12}] \Shell\AutoRun\command - F:\wd_windows_tools\setup.exe *Newly Created Service* - PROCEXP90 *Newly Created Service* - SYSMONLOG . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Christopher Autzen\Programdata\Mozilla\Firefox\Profiles\gzjmqprs.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q= FF -: plugin - C:\Documents and Settings\Christopher Autzen\Lokale innstillinger\Programdata\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - C:\Programfiler\Google\Update\1.2.131.11\npGoogleOneClick5.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-18 00:23:31 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-09-18 0:23:59 ComboFix-quarantined-files.txt 2008-09-17 22:23:55 Pre-Run: 127,306,493,952 byte ledig Post-Run: 128,185,229,312 byte ledig 261 --- E O F --- 2008-09-17 17:41:11 ________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:30:03, on 18.09.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Programfiler\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Programfiler\Google\Update\GoogleUpdate.exe C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\Programfiler\D-Link\AirPlus G\AirGCFG.exe C:\Programfiler\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe C:\Programfiler\Canon\MyPrinter\BJMyPrt.exe C:\Programfiler\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\DAEMON Tools Lite\daemon.exe C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe C:\Documents and Settings\Christopher Autzen\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Programfiler\Windows Live\Messenger\msvs.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\imapi.exe C:\WINDOWS\explorer.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Christopher Autzen\Skrivebord\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vg.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programfiler\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Programfiler\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programfiler\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programfiler\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programfiler\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programfiler\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Programfiler\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Christopher Autzen\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [AdobeUpdater] C:\Programfiler\Fellesfiler\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programfiler\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programfiler\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Programfiler\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Update Service (gupdate1c912bc52e2118e) (gupdate1c912bc52e2118e) - Google Inc. - C:\Programfiler\Google\Update\GoogleUpdate.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 8978 bytes Sånn. Har jeg fått med alt nå? Håper på god hjelp. Lenke til kommentar
Autzen Skrevet 18. september 2008 Forfatter Del Skrevet 18. september 2008 Jeg glemte å nevne at det går fort å laste ned ting... Går bare utrolig tregt å surfe på nettet. Føles ut som hele PCen er treg, egentlig. :\ Så, norbat, har du noen gode tips til hvordan jeg kan få orden på dette? Jeg er desperat etter hjelp, har ikke særlig lyst til å formatere. Lenke til kommentar
norbat Skrevet 18. september 2008 Del Skrevet 18. september 2008 Har du kunnet prøvd å koble deg til med ledning og sjekket om nettet oppleves tregt da også? Ang. treg pc, så er det en god start å rydde: Kjør CCleaner (link i veiledningen gitt tidligere) Avinstaller prog. du ikke bruker Sjekk om det er brannmuren som sinker nettet (slå det av midlertidig) Diskdefragmentering (tilbehør->systemverktøy->diskdefragmentering) Lenke til kommentar
Autzen Skrevet 18. september 2008 Forfatter Del Skrevet 18. september 2008 Jeg har ikke muligheten til å koble meg opp med ledning. Leier i en hybelleilighet. Og nettet funker helt greit på en annen PC her. Har kjørt alt i veiledningen, men kan prøve å avinstallere noen programmer. Har allerede sjekket brannmuren, uten hell. Skal også teste diskdefragmentering nå. Takk for hjelpa Lenke til kommentar
norbat Skrevet 18. september 2008 Del Skrevet 18. september 2008 (endret) Hvis det ikke er for lenge siden at dette oppsto (tregt nett/pc), så kunne du ha kjørt en systemgjenoppretting til en dato der ting og tang fungerte ok (tilbehør->systemverktøy->systemgjenoppretting). Du vil ikke miste noe data (annet enn program som du evt. har innstallert etter valgt dato) Edit: Du kunne også ha sjekket om det er noen forskjell om det er Windows eller programvaren til det trådløse kortet ditt som administerer tilkoblingen Endret 18. september 2008 av norbat Lenke til kommentar
Autzen Skrevet 18. september 2008 Forfatter Del Skrevet 18. september 2008 Problemet startet for noen dager siden, så jeg systemgjenopprettet. Valgte å gjennomrette fra en uke siden, men det fungerer fortsatt ikke. Jeg diskdefragmenterte også PCen. Jeg tror ikke det er noe galt med selve nettverket, fordi den har funket helt utmerket før. Og fungerer som tidligere nevnt helt greit på kjæresten min sin PC, som også går på trådløstnettverk. Jeg begynner å frykte at det er noe galt med selve PCen. Kan jo prøve å formatere hvis ikke noe annet skulle funke. Har en grei ekstern harddisk som jeg kan lagre det viktigste på, men er forsatt litt kjipt. PCen er forresten ganske så ny, så er litt rart om noe skulle være galt med den allerede. Tror jeg skal teste med noen spill om den er tregere da, eller om det bare er i nettlesere. Og det er jo litt rart at MSN live ikke vil fungere, selv om jeg har reinstallert det og alt. Spesielt når den funket når jeg lagde en annen bruker på PCen... Derfor tror jeg at det er et virus eller noe... Merkelig saker. :\ Lenke til kommentar
Autzen Skrevet 18. september 2008 Forfatter Del Skrevet 18. september 2008 Haha! Jeg fant det ut! Det var bare AVG firewall og diverse som var litt nazi! ^^ Takk for all hjelp, Norbat. Jeg er veldig takknemlig. Om du noengang trenger litt hjelp i photoshop eller hva som helst så send meg en PM. Lenke til kommentar
Autzen Skrevet 18. september 2008 Forfatter Del Skrevet 18. september 2008 Men av en eller annen grunn funker ikke MSN live. Men det kan jeg prøve å ordne på egenhånd, hvis ikke er det tilbake til MSN 7. Lenke til kommentar
inigomontoya Skrevet 19. september 2008 Del Skrevet 19. september 2008 Sjekk datoen (og årstall) på maskinen din. Live nekter å fungere skikkelig hvis det er satt et gammelt årstall. Lenke til kommentar
Autzen Skrevet 19. september 2008 Forfatter Del Skrevet 19. september 2008 Sjekk datoen (og årstall) på maskinen din. Live nekter å fungere skikkelig hvis det er satt et gammelt årstall. Takk for tipset. Jeg sjekket, men datoen var helt riktig. Er veldig merkelig med MSN live. Spesielt fordi det har funket helt fint i lang tid, men plutselig vil den ikke. Når jeg trykker på ikonet så kan jeg jo finne den under prosesser som "msnmsgr.exe", men likevel skjer ingenting. Til min forbauselse så fungerte den når jeg slo på PCen i dag, men det tok ikke lang tid før den klikket igjen. Og nå vil den ikke startes lenger. Kunne jo hende at noen viktige filer hadde forsvunnet, men jeg har jo reinstallert det mange ganger nå. Lenke til kommentar
Autzen Skrevet 20. september 2008 Forfatter Del Skrevet 20. september 2008 Jeg var litt lur og tok en titt i hendelse listen. Da fant jeg ut dette om MSN: Hengende program msnmsgr.exe, versjon 8.5.1302.1018, hengende modul hungapp, versjon 0.0.0.0, hengeadresse 0x00000000. 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 48 61 6e 67 ion Hang 0010: 20 20 6d 73 6e 6d 73 67 msnmsg 0018: 72 2e 65 78 65 20 38 2e r.exe 8. 0020: 35 2e 31 33 30 32 2e 31 5.1302.1 0028: 30 31 38 20 69 6e 20 68 018 in h 0030: 75 6e 67 61 70 70 20 30 ungapp 0 0038: 2e 30 2e 30 2e 30 20 61 .0.0.0 a 0040: 74 20 6f 66 66 73 65 74 t offset 0048: 20 30 30 30 30 30 30 30 0000000 0050: 30 0 Og det står noe om application hang... Noen som skjønner hva som da er galt med MSN? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå