norbat Skrevet 29. april 2007 Del Skrevet 29. april 2007 her er min: Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 19:49:27, on 23.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Messenger\Msmsgs.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\iTunes\iTunes.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\msiexec.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\*******\Lokale innstillinger\Temp\wze350\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.channel4.com/sport/football_ita...planetjuve.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {F68B0219-EE04-4EA6-9EA9-8701C3A09427} - (no file) O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [RegistrySmart] "C:\Program Files\RegistrySmart\RegistrySmart.exe" -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\Msmsgs.exe" /background O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O12 - Plugin for .spop: C:\Programfiler\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1169647341859 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1176041650984 O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/sites/er...eInstall_no.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\RDOCURDS.dll C:\WINDOWS\system32\tmp_2ra.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: URL - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: ManageEngine Firewall Analyzer 4.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: VMIE - Unknown owner - C:\DOCUME~1\FRANKO~1.000\LOKALE~1\Temp\VMIE.exe (file missing) 8454022[/snapback] Egen post: https://www.diskusjon.no/index.php?showtopic=755787 Lenke til kommentar
Heilage Skrevet 29. april 2007 Del Skrevet 29. april 2007 Hei folkens. Vil bare minne om at det er veldig lurt å legge HiJackThis-logger i slike tagger: [SKJUL]Masse rar info[/SKJUL] På den måten ødelegger vi ikke poststrukturen og det blir lettere å lese loggene. Lenke til kommentar
Xarus Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 (endret) Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1 Scan saved at 23:38:08, on 04.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5450.0004) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Programfiler\DLink\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programfiler\Intel\Intel Application Accelerator\iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Video AX Object\bpmon.exe C:\Programfiler\Intel\Intel Application Accelerator\iaanotif.exe C:\Programfiler\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Programfiler\Video AX Object\bpmini.exe C:\WINDOWS\system32\Rundll32.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Creative\Shared Files\CAMTRAY.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\K-Lite Codec Pack\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\PowerISO\PWRISOVM.EXE C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programfiler\DLink\Bluetooth-programvare\BTTray.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\Programfiler\Xfire\Xfire.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Azureus\Azureus.exe C:\Programfiler\Winamp\winamp.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Sindre\Skrivebord\HijackThis.exe hva nå ? Endret 10. mai 2007 av Heilage Lenke til kommentar
norbat Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 Kjør HJT på nytt, velg "Do a system scan and save a logfile". Loggfilen som åpnes i notisblokk, kopierer du og poster i et nytt emnet som du oppretter Lenke til kommentar
Xarus Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 (endret) Kjør HJT på nytt, velg "Do a system scan and save a logfile". Loggfilen som åpnes i notisblokk, kopierer du og poster i et nytt emnet som du oppretter 8539097[/snapback] Skal jeg poste loggen her på nytt ? Og sorry for mye spam :S Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1 Scan saved at 23:45:28, on 04.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5450.0004) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Programfiler\DLink\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programfiler\Intel\Intel Application Accelerator\iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Video AX Object\bpmon.exe C:\Programfiler\Intel\Intel Application Accelerator\iaanotif.exe C:\Programfiler\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Programfiler\Video AX Object\bpmini.exe C:\WINDOWS\system32\Rundll32.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Creative\Shared Files\CAMTRAY.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\K-Lite Codec Pack\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\PowerISO\PWRISOVM.EXE C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programfiler\DLink\Bluetooth-programvare\BTTray.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\Programfiler\Xfire\Xfire.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Azureus\Azureus.exe C:\Programfiler\Winamp\winamp.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Sindre\Skrivebord\HijackThis.exe slik eller ? Endret 10. mai 2007 av Heilage Lenke til kommentar
norbat Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 Hent SAS, installer og oppdater. Hent Smitfraudfix, legg det på skrivebordet Restart i sikker modus (tapp F8 under oppstart, velg sikker modus) Kjør Smitfraudfix, velg valg 2. Kjør deretter en 'Complete scan' med SAS, slett alt den finner. Restart i normal Post en ny HJT-logg sammen med loggen fra SAS (preferences->statistics/logs). Lenke til kommentar
Xarus Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 Hent SAS, installer og oppdater. Hent Smitfraudfix, legg det på skrivebordet Restart i sikker modus (tapp F8 under oppstart, velg sikker modus) Kjør Smitfraudfix, velg valg 2. Kjør deretter en 'Complete scan' med SAS, slett alt den finner. Restart i normal Post en ny HJT-logg sammen med loggen fra SAS (preferences->statistics/logs). 8539184[/snapback] har instalert sas og SmitfraudFix, men hva mener du med "Restart i sikker modus (tapp F8 under oppstart, velg sikker modus)" og "Restart i normal"? Lenke til kommentar
Gjest medlem-105082 Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 Start maskinen på nytt. Og når den booter, så trykker du bare F8 mange ganger til den kommer en meny hvor du kan velge noe som heter 'sikkerhetsmodus'. Derreter kjører du Smitfraudfix og SAS i sikkerhetsmodus. Når du har scannet ferdig, restarter du maskinen og lar den boote som normalt. Lenke til kommentar
Xarus Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 Slik, nå er den faktisk vekk, utrolig... Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1 Scan saved at 01:08:17, on 05.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5450.0004) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Intel\Intel Application Accelerator\iaanotif.exe C:\Programfiler\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Creative\Shared Files\CAMTRAY.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\K-Lite Codec Pack\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\PowerISO\PWRISOVM.EXE C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Programfiler\DLink\Bluetooth-programvare\BTTray.exe C:\Programfiler\DLink\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programfiler\Intel\Intel Application Accelerator\iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\Programfiler\Xfire\Xfire.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\Winamp\winamp.exe C:\Documents and Settings\Sindre\Skrivebord\HijackThis.exe Lenke til kommentar
Xarus Skrevet 4. mai 2007 Del Skrevet 4. mai 2007 Må takke alle som har hjulpet meg! /bow and /love Lenke til kommentar
norbat Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 Det er fortsatt bare øvre del av loggen du poster. Gjør følgende: Lag deg ei mappe på skriveborder der du legger hijackthis.exe i. Bytt navn på programmet, hijackthis -> test. Kjør programmet og velg det som du tidligere har gjort, slik at notisblokk åpnes med en logg. Kopier HELE innholdet og post. Lenke til kommentar
Xarus Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 Okey, her kommer hele greia:P Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1 Scan saved at 11:44:10, on 05.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5450.0004) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Intel\Intel Application Accelerator\iaanotif.exe C:\Programfiler\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Creative\Shared Files\CAMTRAY.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\K-Lite Codec Pack\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\PowerISO\PWRISOVM.EXE C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\DLink\Bluetooth-programvare\BTTray.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Programfiler\DLink\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programfiler\Intel\Intel Application Accelerator\iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\Programfiler\Xfire\Xfire.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Sindre\Skrivebord\Spyware\Ny mappe\Test.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.online.no/proxy.pac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Programfiler\Dealio\kb103\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar4.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Programfiler\Dealio\kb103\Dealio.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar4.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programfiler\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [bearShare] "C:\Programfiler\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programfiler\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [au] C:\Programfiler\Dealio\DealioAU.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Programfiler\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Xfire.lnk = C:\Programfiler\Xfire\Xfire.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Grouper.lnk = C:\Programfiler\Grouper\Grouper.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Skyr@cer Pro PCI 154 Configuration Utility.lnk = ? O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Compare Prices with &Dealio - C:\Programfiler\Dealio\kb103\res\DealioSearch.html O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\DLink\Bluetooth-programvare\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\DLink\Bluetooth-programvare\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\DLink\Bluetooth-programvare\btsendto_ie.htm O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Programfiler\Dealio\kb103\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/180solutio.../bridge-c24.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programfiler\DLink\Bluetooth-programvare\bin\btwdins.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Programfiler\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe Lenke til kommentar
norbat Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 Antar du bruker AVG antivirus og ikke Norton: Klikk Start -> Kjør Skriv: services.msc Finn tjenesten Symantec Core LC og stopp den om den kjører. Høyreklikk på tjenesten og velg egenskaper. Sett oppstartsvalg til Deaktivert. Kjør HJT, sett merke framfor følgende linjer og klikk 'Fix checked': O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/180solutio.../bridge-c24.cab O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe Du kan slette hele mappe (i fet): C:\Programfiler\Fellesfiler\Symantec Shared Mulig dette må gjøres fra sikker modus (trykk F8 flere ganger under oppstart, velg sikker modus) Hent CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Kjør også noen runder med 'Saker' til det ikke finnere flere feil. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av .....", restart pc, fjern merket igjen for å aktivere funksjonen. Lenke til kommentar
Xarus Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 O23 - Service: Symantec Core LC - Symantec Corporation er ikke der, men fant den andre og merket den av og fixa den. Lenke til kommentar
Xarus Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 Antar du bruker AVG antivirus og ikke Norton: Klikk Start -> Kjør Skriv: services.msc Finn tjenesten Symantec Core LC og stopp den om den kjører. Høyreklikk på tjenesten og velg egenskaper. Sett oppstartsvalg til Deaktivert. Kjør HJT, sett merke framfor følgende linjer og klikk 'Fix checked': O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/180solutio.../bridge-c24.cab O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe Du kan slette hele mappe (i fet): C:\Programfiler\Fellesfiler\Symantec Shared Mulig dette må gjøres fra sikker modus (trykk F8 flere ganger under oppstart, velg sikker modus) Hent CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Kjør også noen runder med 'Saker' til det ikke finnere flere feil. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av .....", restart pc, fjern merket igjen for å aktivere funksjonen. 8541679[/snapback] Har gjort alt nå, er det mere jeg må gjøre ?? Lenke til kommentar
norbat Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 HJT-loggen din ser fin ut. Hold pc'n din oppdatert og surf trygt Lenke til kommentar
Xarus Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 (endret) HJT-loggen din ser fin ut. Hold pc'n din oppdatert og surf trygt 8542028[/snapback] Veldig bra Takk skal du ha! Endret 5. mai 2007 av Xarus Lenke til kommentar
Lauk Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 Jeg har en HJT-logg jeg gjerne vil ha litt hjelp til: Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 16:27:59, on 05.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Spyware Doctor\sdhelp.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\PuXpMan.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Dirkey2\dirkey.exe C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\Lars L\My Documents\Lars' mappe\Programmer, Installatører osv\Testtothe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.3:8080 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan.exe O4 - HKLM\..\Run: [PwrUpTweakMe] C:\WINDOWS\system32\PuXpTwks.exe /TWEAK O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Dirkey] C:\Program Files\Dirkey2\dirkey.exe O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: ATI Tray Tools.lnk = C:\Program Files\Radeon Omega Drivers\v3.8.291\2KXP_INF\SwpDrv\DelRad.exe O4 - Startup: OneNote 2007 Screen Clipper og Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: PowerReg Scheduler V3.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2006\\AddUrl.html O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2006\\Wizard.html O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2006\\Parser.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.5.107.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe På forhånd takk! Lenke til kommentar
norbat Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 Loggen ser grei ut den, Charamelo. Du kan imidlertid fjerne følgende linjer fra HJT-loggen: O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - Startup: PowerReg Scheduler V3.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) Var det bare en sjekk eller har du mistanke om noe? Lenke til kommentar
Donnie Darko Skrevet 5. mai 2007 Del Skrevet 5. mai 2007 (endret) . Endret 18. august 2013 av Donnie Darko Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå