thomassit0 Skrevet 3. desember 2008 Del Skrevet 3. desember 2008 Det er snakk om en HP 6715s, (kjøpt fra skolen- igjennom sånn pc ordning for 1600) og den mister nettet (bruker trådløst) hele tiden, men det fungerer alltid med en gang etter at jeg har tatt 'repair'. Har sett på connection status, og når nettet er dødt så står både sent og received helt eller nesten helt stille. Samtidig så fungerer nettet 100% på min pc (er broren min sin pc det er problemer med). Noen som har noen tips ? [Win XP Pro SP2] Lenke til kommentar
snippsat Skrevet 3. desember 2008 Del Skrevet 3. desember 2008 Last ned HijackThis legg i egen mappe på skrivebordet. Start programmet og velg "Trykk scan og save log" Post HijackThis.txt Lenke til kommentar
thomassit0 Skrevet 3. desember 2008 Forfatter Del Skrevet 3. desember 2008 Her er loggen: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:08:28, on 03.12.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Winamp\winamp.exe C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Administrator\Desktop\fl prosjekter\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://augustus.eye-square.info/studies/20...Media/proxy.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [blazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe" O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\random installfiles\LimeWire\LimeWire.exe O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\random installfiles\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\random installfiles\Spyware Doctor\pctsSvc.exe O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe -- End of file - 9256 bytes Lenke til kommentar
Digitalis Skrevet 3. desember 2008 Del Skrevet 3. desember 2008 Oppdatert driverne til trådløskortet? Lenke til kommentar
snippsat Skrevet 3. desember 2008 Del Skrevet 3. desember 2008 Hijackthis loggen viser at du har malware. Kjør dette. Last ned MBAM til skrivebordet. Velg Norsk språkdrakt-->kjør hurtig systemskann. Når MBAM er ferdig åpner den en logg,den poster du. Last Combofix ned ,legg på skrivebordet. Ikke klikk på vindu mens programmet kjører. post logg C:\combofix.txt Lenke til kommentar
thomassit0 Skrevet 4. desember 2008 Forfatter Del Skrevet 4. desember 2008 MBAM Logg: Malwarebytes' Anti-Malware 1.31 Databaseversjon: 1459 Windows 5.1.2600 Service Pack 2 04.12.2008 13:54:44 mbam-log-2008-12-04 (13-54-44).txt Skanntype: Rask Skann Objekter skannet: 36064 Tid tilbakelagt: 2 minute(s), 51 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) Combofix logg: ComboFix 08-12-03.03 - Administrator 2008-12-04 14:01:13.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.408 [GMT 1:00] Kjører fra: c:\documents and settings\Administrator\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\lsprst7.dll c:\windows\system32\ssprs.dll . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-04 til 2008-12-04 ))))))))))))))))))))))))))))))))) . 2008-12-04 13:45 . 2008-12-04 13:45 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-04 13:45 . 2008-12-04 13:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-04 13:45 . 2008-12-04 13:45 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes 2008-12-04 13:45 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-04 13:45 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-04 12:23 . 2008-12-04 12:23 873,374 --a------ c:\windows\system32\oem112.inf 2008-11-25 16:51 . 2008-11-25 16:55 <DIR> d-------- C:\YouTubeDownload 2008-11-25 16:51 . 2008-11-25 16:51 <DIR> d-------- C:\ConverterOutput 2008-11-25 16:48 . 2008-11-25 16:48 <DIR> d-------- c:\program files\Cucusoft 2008-11-25 16:48 . 2003-03-30 20:08 372,736 --a------ c:\windows\system32\xvid.ax 2008-11-25 16:48 . 2008-06-15 10:01 258,352 --a------ c:\windows\system32\unicows.dll 2008-11-25 16:48 . 2006-07-08 04:07 114,688 --a------ c:\windows\system32\PropListCtrl.ocx 2008-11-25 16:48 . 2008-08-31 11:59 92,102 --a------ c:\windows\system32\HKCU_GNU.reg 2008-11-25 16:48 . 2008-06-15 10:01 60,273 --a------ c:\windows\system32\pthreadGC2.dll 2008-11-25 16:48 . 2006-07-17 21:42 14,909 --a------ c:\windows\system32\A_reg.reg 2008-11-25 16:48 . 2008-06-15 21:13 7,680 --a------ c:\windows\system32\ff_vfw.dll 2008-11-25 16:48 . 2008-06-17 10:57 6,700 --a------ c:\windows\system32\HKLM_GNU.reg 2008-11-25 16:48 . 2008-06-15 21:13 6,144 --a------ c:\windows\system32\ff_acm.acm 2008-11-25 16:48 . 2008-06-15 10:01 547 --a------ c:\windows\system32\ff_vfw.dll.manifest 2008-11-18 20:07 . 2008-11-18 20:07 1,025 --a------ c:\windows\system32\sysprs7.tgz 2008-11-18 20:07 . 2008-11-18 20:07 1,025 --a------ c:\windows\system32\sysprs7.dll 2008-11-18 20:07 . 2008-11-18 20:07 1,025 --a------ c:\windows\system32\clauth2.dll 2008-11-18 20:07 . 2008-11-18 20:07 1,025 --a------ c:\windows\system32\clauth1.dll 2008-11-18 20:07 . 2008-11-29 20:35 219 --a------ c:\windows\system32\lsprst7.tgz 2008-11-18 20:07 . 2008-11-29 20:35 87 --a------ c:\windows\system32\ssprs.tgz 2008-11-18 19:56 . 2008-11-18 19:56 <DIR> d-------- c:\program files\KORG 2008-11-18 19:56 . 2008-11-18 19:56 <DIR> d-------- c:\program files\iZotope 2008-11-18 19:56 . 2008-11-18 19:56 <DIR> d-------- c:\program files\Common Files\KORG 2008-11-18 19:56 . 2008-11-18 19:56 <DIR> d-------- c:\program files\Common Files\iZotope 2008-11-18 19:55 . 2008-11-18 19:55 <DIR> d-------- c:\program files\VstPlugins 2008-11-18 19:54 . 1999-12-17 10:13 86,016 --a------ c:\windows\unvise32.exe 2008-11-18 19:53 . 2008-11-18 19:53 <DIR> d-------- c:\program files\Digidesign 2008-11-18 19:53 . 2008-11-18 19:54 <DIR> d-------- c:\program files\Arturia 2008-11-18 19:53 . 2003-02-24 17:27 151,552 --a------ c:\windows\system32\FDlg.dll 2008-11-17 20:19 . 2008-11-17 20:19 <DIR> d-------- c:\program files\Monkey's Audio 2008-11-17 20:10 . 2008-11-17 20:10 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Deckadance 2008-11-17 18:45 . 2008-11-17 18:45 <DIR> d-------- c:\program files\M-Audio 2008-11-17 18:45 . 2006-08-16 09:23 86,016 --a------ c:\windows\system32\ma_cmidn.dll 2008-11-17 18:45 . 2006-08-16 09:24 82,944 --a------ c:\windows\system32\USBMN1X1.DLL 2008-11-17 18:45 . 2006-08-16 09:24 24,128 --a------ c:\windows\system32\drivers\USBMM1X1.SYS 2008-11-17 18:45 . 2006-08-16 09:24 22,208 --a------ c:\windows\system32\drivers\USBMN1X1.SYS 2008-11-17 18:45 . 2006-08-16 09:23 21,888 --a------ c:\windows\system32\drivers\ma_cmidi.sys 2008-11-17 18:45 . 2006-08-16 09:24 17,920 --a------ c:\windows\system32\USBMM1X1.DLL 2008-11-17 18:45 . 2006-08-16 09:23 17,920 --a------ c:\windows\system32\MA_CMIDI.DLL 2008-11-17 18:45 . 2006-08-16 09:23 14,272 --a------ c:\windows\system32\MA_CMIDI.DRV 2008-11-17 18:45 . 2006-08-16 09:24 13,504 --a------ c:\windows\system32\drivers\USB11LDR.SYS 2008-11-17 18:45 . 2006-08-16 09:24 12,272 --a------ c:\windows\system32\USBMM1X1.DRV 2008-11-17 18:45 . 2006-08-16 09:24 7,330 --a------ c:\windows\system32\USBMM1X1.VXD 2008-11-17 18:45 . 2006-08-16 09:23 7,282 --a------ c:\windows\system32\MA_CMIDI.VXD 2008-11-16 18:26 . 2008-11-16 18:26 <DIR> d-------- c:\program files\ASIO4ALL v2 2008-11-16 18:24 . 2006-06-20 09:56 225,280 --a------ c:\windows\system32\rewire.dll 2008-11-16 18:23 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm 2008-11-16 18:22 . 2008-11-16 18:22 <DIR> d-------- c:\program files\Outsim 2008-11-16 18:21 . 2008-11-17 20:27 <DIR> d-------- c:\program files\Image-Line . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-04 11:52 --------- d-----w c:\documents and settings\Administrator\Application Data\Orbit 2008-12-04 11:51 --------- d-----w c:\documents and settings\Administrator\Application Data\LimeWire 2008-12-04 11:25 87,280 ----a-w c:\windows\system32\bcmwlcoi.dll 2008-12-04 11:25 1,391,104 ----a-w c:\windows\system32\drivers\BCMWL5.SYS 2008-12-04 10:24 --------- d-----w c:\program files\Orbitdownloader 2008-12-03 17:00 --------- d-----w c:\program files\Norton Security Scan 2008-11-27 20:41 --------- d-----w c:\documents and settings\Administrator\Application Data\dvdcss 2008-11-25 17:55 --------- d-----w c:\documents and settings\Administrator\Application Data\Azureus 2008-11-25 16:02 --------- d-----w c:\program files\Common Files\DVDVideoSoft 2008-11-17 17:45 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-16 17:32 --------- d-----w c:\program files\Musikkprosjekt(studio9) 2008-11-16 17:13 --------- d-----w c:\program files\Azureus 2008-10-24 11:25 455,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-12 16:03 --------- d-----w c:\program files\Common Files\Symantec Shared 2008-10-04 09:15 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-10-04 09:14 81,288 ----a-w c:\windows\system32\drivers\iksyssec.sys 2008-10-04 09:14 66,952 ----a-w c:\windows\system32\drivers\iksysflt.sys 2008-10-04 09:14 42,376 ----a-w c:\windows\system32\drivers\ikfilesec.sys 2008-10-04 09:14 29,576 ----a-w c:\windows\system32\drivers\kcom.sys 2008-10-04 09:13 --------- d-----w c:\program files\Trojan Remover 2008-10-04 09:12 --------- d-----w c:\documents and settings\Administrator\Application Data\Simply Super Software 2008-10-04 09:10 --------- d-----w c:\documents and settings\All Users\Application Data\Simply Super Software 2008-10-04 09:01 --------- d-----w c:\program files\Spyware Doctor 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-15 12:17 1,846,912 ----a-w c:\windows\system32\win32k.sys 2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\msxml3.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "BlazeServoTool"="c:\program files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe" [2006-06-29 286720] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 356352] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2008-01-15 277960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2006-08-14 98393] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-08-14 688217] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "MDDiskProtect.exe"="c:\program files\Mediafour\MacDrive\MDDiskProtect.exe" [2005-04-15 106496] "MediafourGettingStartedWithMacDrive6"="c:\program files\Mediafour\MacDrive\MacDrive.exe" [2005-03-13 86016] "Mediafour Mac Volume Notifications"="c:\program files\Common Files\Mediafour\MACVNTFY.EXE" [2005-03-13 61440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-31 385024] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-02-19 267048] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-12-20 37376] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2008-09-30 967048] c:\documents and settings\Administrator\Start Menu\Programs\Startup\ LimeWire On Startup.lnk - c:\program files\random installfiles\LimeWire\LimeWire.exe [2008-02-08 147456] MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-03-11 546816] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213] Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2008-06-13 1690824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "midi1"= ma_cmidn.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\random installfiles\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\random installfiles\\mIRC\\mirc.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= R0 MDPMGRNT;MDPMGRNT;c:\windows\system32\drivers\MDPMGRNT.sys [2006-04-30 16640] R1 MDFSYSNT;MDFSYSNT;c:\windows\system32\drivers\MDFSYSNT.sys [2006-09-13 213888] R2 SWIHPWMI;SWIHPWMI;c:\program files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [2006-12-04 292384] S3 CEUSBAUD;Lambda MIDI Device;c:\windows\system32\Drivers\CEUSBAUD.sys [2003-11-01 17920] S3 DfuUsb;DfuUsb;c:\windows\system32\DRIVERS\DFUUsb.sys [2001-11-27 10880] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\random installfiles\Spyware Doctor\pctsAuxs.exe [2008-03-03 337800] *Newly Created Service* - PROCEXP90 . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2008-12-04 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] 2008-12-03 c:\windows\Tasks\Norton Security Scan.job - c:\program files\Norton Security Scan\Nss.exe [2008-01-09 04:08] . - - - - TOMME PEKERE FJERNET - - - - ShellIconOverlayIdentifiers-Mediafour Mac Volume Icons - (no file) . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.daemon-search.com/startpage uInternet Settings,ProxyOverride = *.local IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FireFox -: Profile - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ib7z29qv.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.vg.no/ . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-04 14:02:48 Windows 5.1.2600 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(552) c:\windows\system32\Ati2evxx.dll . Tidspunkt ferdig: 2008-12-04 14:03:39 ComboFix-quarantined-files.txt 2008-12-04 13:03:18 Pre-Run: 25,035,689,984 bytes free Post-Run: 27,094,163,456 bytes free 203 --- E O F --- 2008-11-17 15:01:43 Lenke til kommentar
thomassit0 Skrevet 6. desember 2008 Forfatter Del Skrevet 6. desember 2008 Har nå kjørt begge de greiene i tillegg til å ha oppgradert nettverksdriver.. Enda er det sånn Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå