mona14 Skrevet 22. mars 2008 Rapporter Del Skrevet 22. mars 2008 HijackThis logg: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:50:56, on 22.03.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Juniper Networks\Common Files\dsNcService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Programfiler\Telenor\ecc\ecc.exe C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Programfiler\Java\jre1.6.0_03\bin\jucheck.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\HP\Smart Web Printing\hpswp_clipbook.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programfiler\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programfiler\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programfiler\MyWebSearch\bar\2.bin\MWSBAR.DLL O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programfiler\MyWebSearch\bar\2.bin\MWSBAR.DLL O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46" O4 - HKLM\..\Run: [EPSON Stylus C46 Series (Kopier 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P34 "EPSON Stylus C46 Series (Kopier 1)" /O6 "USB001" /M "Stylus C46" O4 - HKLM\..\Run: [ecc] C:\Programfiler\Telenor\ecc\ecc.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [EPSON Stylus C46 Series (Kopier 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P34 "EPSON Stylus C46 Series (Kopier 1)" /M "Stylus C46" /EF "HKCU" O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxmk142YYNO O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: HP Utklippsbok - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programfiler\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Smart valgmetode - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programfiler\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Programfiler\Juniper Networks\Common Files\dsNcService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- End of file - 9019 bytes Problemer med at dataen går ekstremt treigt, henger seg opp og låser seg. Lenke til kommentar
norbat Skrevet 22. mars 2008 Forfatter Rapporter Del Skrevet 22. mars 2008 Avinstaller, om mulig, fra legg til/fjern programmer: MyWebSearch Bearshare Kjør en full (complete) scan med SAS (gratisversjonen). Post ny HJT-logg + loggen fra SAS (preferences->statistics/logs), fortrinnsvis i en egen tråd som du oppretter ved å klikke 'Nytt Emne'-knappen Lenke til kommentar
mona14 Skrevet 24. mars 2008 Rapporter Del Skrevet 24. mars 2008 Ny HijackThis logg: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:41:07, on 24.03.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Telenor\ecc\ecc.exe C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Juniper Networks\Common Files\dsNcService.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\Programfiler\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Java\jre1.6.0_03\bin\jucheck.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programfiler\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programfiler\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46" O4 - HKLM\..\Run: [EPSON Stylus C46 Series (Kopier 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P34 "EPSON Stylus C46 Series (Kopier 1)" /O6 "USB001" /M "Stylus C46" O4 - HKLM\..\Run: [ecc] C:\Programfiler\Telenor\ecc\ecc.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [EPSON Stylus C46 Series (Kopier 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P34 "EPSON Stylus C46 Series (Kopier 1)" /M "Stylus C46" /EF "HKCU" O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxmk142YYNO O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: HP Utklippsbok - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programfiler\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Smart valgmetode - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programfiler\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Programfiler\Juniper Networks\Common Files\dsNcService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- End of file - 8240 bytes SAS logg : SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 03/23/2008 at 03:51 PM Application Version : 4.0.1154 Core Rules Database Version : 3423 Trace Rules Database Version: 1415 Scan type : Complete Scan Total Scan Time : 01:49:07 Memory items scanned : 478 Memory threats detected : 1 Registry items scanned : 4435 Registry threats detected : 0 File items scanned : 21953 File threats detected : 355 Adware.MyWebSearch C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE C:\PROGRAMFILER\MYWEBSEARCH\BAR\2.BIN\MWSOEMON.EXE C:\WINDOWS\Prefetch\MWSOEMON.EXE-0250F76E.pf Adware.Tracking Cookie C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@atdmt[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@1065744044[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adtech[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@tradedoubler[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@partypoker[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@pornorotten[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@mywebsearch[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@32[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@sexdebut[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@revsci[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@2o7[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@toplist[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adultadworld[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@cgi-bin[5].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@newfrm6[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@alladultchannel[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@doubleclick[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@indextools[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@serving-sys[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@advertising[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@windowsmedia[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@gomyron[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@tacoda[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@dk-sex[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@indexstats[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@toplist[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@statcounter[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@porno[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@zedo[2].txt C:\Documents and Settings\Administrator.LENE-0B9D407562\Cookies\administrator@atdmt[2].txt C:\Documents and Settings\Administrator.LENE-0B9D407562\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0B9D407562\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0B9D407562\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0B9D407562\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0B9D407562\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@hitbox[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@atdmt[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@azjmp[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@findwhat[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@pornoarkivet[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@indextools[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@2o7[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@dagligsex[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adtech[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@3d-sexgames[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adtech[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@pornhub[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@upspiral[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@smileycentral[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@webpower[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@yourmomhassex[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@statcounter[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@sexynatalie[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@pornyube[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@mywebsearch[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@kiamedia[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adrevolver[3].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adrevolver[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@goclick[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@sexdating[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@questionmarket[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@mikes_apartment_blonde_porn_video[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@gostats[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adbrite[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@sexkanaler[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@revsci[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@specificclick[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@pornspree[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@porno[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@partypoker[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@pornofilm[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@maxserving[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@indexstats[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@mediaplex[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@mediaplex[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@clickbank[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@sextracker[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@tradedoubler[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@atwola[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@apmebf[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@gratis-porno[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@lejsexfilm[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@websitestats[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@porntube[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@porndirt[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@tribalfusion[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@socialmedia[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@adultadworld[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@youporn[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Cookies\administrator@doubleclick[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@indextools[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@adtech[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@statcounter[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@sexynatalie[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@mywebsearch[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@zedo[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@adbrite[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@mediaplex[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@adultfriendfinder[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@advertising[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@indexstats[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@nordiskporno[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@tradedoubler[2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@casalemedia[1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][2].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temp\Cookies\administrator@doubleclick[2].txt C:\Documents and Settings\Administrator.LENE-A8AE0B268C\Cookies\[email protected][1].txt C:\Documents and Settings\Elisabeth Sylling\Cookies\elisabeth [email protected][1].txt C:\Documents and Settings\Elisabeth Sylling\Cookies\elisabeth [email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][4].txt C:\Documents and Settings\Gjest\Cookies\gjest@kanoodle[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@serving-sys[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@adknowledge[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@tribalfusion[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][3].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@tripod[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@doubleclick[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@pornoarkivet[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@exitexchange[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@indextools[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@atdmt[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@stats[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@webstats4u[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@free-porn[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@revs=sc9sex[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@atwola[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@revs=sc9sex[3].txt C:\Documents and Settings\Gjest\Cookies\gjest@statcounter[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@revenue[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@smileycentral[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@mywebsearch[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@paycounter[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@upspiral[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@trafficmp[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@sexlist[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@sexkanaler[3].txt C:\Documents and Settings\Gjest\Cookies\gjest@sexkanaler[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@hotlog[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@advertising[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@zedo[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@hitbox[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@indexstats[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@247realmedia[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@tradedoubler[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@belnk[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@fastclick[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@overture[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@2o7[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@toplist[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@gratis-porno[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@minitrackmania[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@sextracker[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@toplist[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@mediaplex[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][3].txt Adware.WebHancer C:\Programfiler\whInstall\whAgent.inf C:\Programfiler\whInstall\whInstaller.ini C:\Programfiler\whInstall Malware.SpyLocked C:\Programfiler\SpyLocked\ignored.lst C:\Programfiler\SpyLocked\sd.ini C:\Programfiler\SpyLocked C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F3419E5-2C41-49D4-BD23-3B8A8F01B814}\RP1019\A0260493.EXE Adware.Search-Exe C:\ISP\TISCALI\DATA\SE.EXE Trojan.ErrorSafe C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F3419E5-2C41-49D4-BD23-3B8A8F01B814}\RP1017\A0259467.LNK C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F3419E5-2C41-49D4-BD23-3B8A8F01B814}\RP1038\A0261051.EXE Trojan.Media-Codec/Installer C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F3419E5-2C41-49D4-BD23-3B8A8F01B814}\RP1019\A0260494.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F3419E5-2C41-49D4-BD23-3B8A8F01B814}\RP1019\A0260496.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F3419E5-2C41-49D4-BD23-3B8A8F01B814}\RP1019\A0260500.EXE Trojan.Smitfraud Variant C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F3419E5-2C41-49D4-BD23-3B8A8F01B814}\RP1038\A0261052.EXE Trace.Known Threat Sources C:\Documents and Settings\Administrator.LENE-0DB330A0CE\Lokale innstillinger\Temporary Internet Files\Content.IE5\P3V5F9N8\askeladd[1].htm Lenke til kommentar
norbat Skrevet 24. mars 2008 Forfatter Rapporter Del Skrevet 24. mars 2008 Start hjt, velg "Do a system scan only", sett merke framfor følgende linjer og klikk Fix checked: R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file) O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dl O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxmk142YYNO O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab Slett, om mulig, følgende mapper: C:\Programfiler\BearShare Applications C:\PROGRAMFILER\MYWEBSEARCH Fortell hvordan PC-en kjører. Lenke til kommentar
mona14 Skrevet 24. mars 2008 Rapporter Del Skrevet 24. mars 2008 hm, har prøvd å slette BEARSHARE og MYWEBSEARCH på legg til/fjern programmer.. er det ikke blitt gjort riktig? eller er det bare enkelt mappene jeg skal slette? Lenke til kommentar
norbat Skrevet 24. mars 2008 Forfatter Rapporter Del Skrevet 24. mars 2008 Det er riktig å avintallere de fra legg til/fjern programmer, men ofte så blir mappene liggende. Lenke til kommentar
retepnad Skrevet 25. mars 2008 Rapporter Del Skrevet 25. mars 2008 Hei, har et problem med spyware eller en trojan er ikke sikker siden jeg ikke har så mye peiling på dette... Kommer hele tiden frem en "falsk" ting som sier jeg har virus/spyware og skal klikke inn på den. Er rimelig sikker på at dette er tull, men klarer ikke fjerne den. Kommer frem i ny og ne. Noen som vet hva jeg kan gjøre for å fjerne den? Har Vista og virusprogram er Norton 360 (den sier det ikke er noe virus). Takker for hjelp! Lenke til kommentar
mona14 Skrevet 25. mars 2008 Rapporter Del Skrevet 25. mars 2008 Okej, da skal jeg se om jeg finner mappene og slette dem. Har fått tilbakemelding fra eieren av pc-en om at den går fint nå. Så har jeg en ny HijackThis logg fra en annen pc. Fått beskjed om at det er de samme problemene på denne - treg og henger seg opp. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:07:40, on 15.12.2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SMINST\scheduler.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\PDF Complete\pdfsty.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\F-Secure\common\FSM32.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\BearShare Applications\BearShare\BearShare.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...b&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...b&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [startCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send bilde til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send side til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: HP Utklippsbok - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Smart valgmetode - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 11512 bytes Lenke til kommentar
norbat Skrevet 25. mars 2008 Forfatter Rapporter Del Skrevet 25. mars 2008 Hei, har et problem med spyware eller en trojan er ikke sikker siden jeg ikke har så mye peiling på dette... Kommer hele tiden frem en "falsk" ting som sier jeg har virus/spyware og skal klikke inn på den. Er rimelig sikker på at dette er tull, men klarer ikke fjerne den. Kommer frem i ny og ne. Noen som vet hva jeg kan gjøre for å fjerne den? Har Vista og virusprogram er Norton 360 (den sier det ikke er noe virus). Takker for hjelp! Hei, retepnad. Kjør gjennom langversjonen i 1.post og post loggene i en egen tråd som du oppretter ved å klikke på NYTT EMNE-knappen. Lenke til kommentar
norbat Skrevet 25. mars 2008 Forfatter Rapporter Del Skrevet 25. mars 2008 mona14, Det er ingen opplagte ting i loggen som skulle tilsi problemene, men vil anbefale å kjøre gjennom langversjonen i 1.post. Loggene poster du, helst i en egen tråd som du oppretter ved å klikke NYTT EMNE-knappen. Lenke til kommentar
elZiko Skrevet 27. mars 2008 Rapporter Del Skrevet 27. mars 2008 (endret) Logfile of HijackThis v1.99.1 Scan saved at 15:40:05, on 27.03.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\arwbyron\ancfytmd.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Steam\Steam.exe C:\WINDOWS\system32\ebidonwt.exe C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE C:\Program Files\Pidgin\pidgin.exe C:\PROGRA~1\MOZILL~2\FIREFOX.EXE C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Fredeh\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O2 - BHO: GNX Bingo - {C6B9885D-B686-49A0-806B-062D4D3B9091} - C:\WINDOWS\kdftlboedsb.dll (file missing) O3 - Toolbar: qvdntlmw - {66D17C3E-C589-4E86-B772-B03D50846900} - C:\WINDOWS\qvdntlmw.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [antiviirus] C:\Program Files\antiviirus.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ejjbgroh] C:\WINDOWS\system32\ebidonwt.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206545745479 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O21 - SSODL: VolumeSetup - {f3d88ca2-4888-44cc-8e3c-a2d8a2963be5} - C:\WINDOWS\Installer\{f3d88ca2-4888-44cc-8e3c-a2d8a2963be5}\VolumeSetup.dll O21 - SSODL: zip - {25237d75-aef0-4d2e-87be-6f19cc384bc7} - C:\WINDOWS\Installer\{25237d75-aef0-4d2e-87be-6f19cc384bc7}\zip.dll O21 - SSODL: vbgtorfd - {28B05049-8FDD-43A5-8366-63D68BBFB0B4} - C:\WINDOWS\vbgtorfd.dll O21 - SSODL: dwnrpofk - {FDA762CA-8BA4-446C-9B52-D1513EFF743F} - C:\WINDOWS\dwnrpofk.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe Noen som kan gå igjenom denne ? Endret 27. mars 2008 av elZiko Lenke til kommentar
r2d290 Skrevet 27. mars 2008 Rapporter Del Skrevet 27. mars 2008 (endret) Hallo elZiko Gå gjennom LANGVERSONEN av denne guiden (se første post). Posten det blir spurt etter, lager du i en egen tråd (ved å trykke "NY TOPIC"). Du har litt grums på maskinen som må renskes opp i, og det er mer ryddig å gjøre dette i en egen tråd Endret 27. mars 2008 av r2d290 Lenke til kommentar
CorradoPower Skrevet 27. mars 2008 Rapporter Del Skrevet 27. mars 2008 Hei virus godtfolk! Sliter med treig data for tiden, har kjørt hijack og lurer på om noen snille sjeler kunne sett over loggen? Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 22:55:40, on 27.03.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe D:\instalert\DAEMON Tools\daemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\LG PC Suite 2\LGPCSuiteLanucher_Setup.exe D:\instalert\sas\SUPERAntiSpyware.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe D:\instalasjonsfiler\hijackthisNY\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "D:\instalert\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\instalert\sas\SUPERAntiSpyware.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by117fd.bay117.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1172252406404 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - D:\instalert\sas\SASWINLO.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe Lenke til kommentar
norbat Skrevet 27. mars 2008 Forfatter Rapporter Del Skrevet 27. mars 2008 CorradoPower: Loggen viser ingen infiserte filer. Du kunne ha prøvd følgende: Last ned CCleaner. Under installasjonen får du valget om å installere Yahoo Toolbar. Det ønsker du kanskje ikke. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Sjekk om PC-en trenger en diskdefragmentering: Tilbehør->systemverktøy->diskdefragmentering. ---- Ble PC-en plutselig treg, eller har det gradvis skjedd? Installerte du noe rett før PC-en ble treg? Lenke til kommentar
CorradoPower Skrevet 27. mars 2008 Rapporter Del Skrevet 27. mars 2008 Takk skal du ha:) Holder på å gå gjennom langversjon-sjekken nå, kan legge ut log når det er ferdig. Den har blitt gradvis treig, med gradvis mener jeg to-tre uker. Har ikke instalert noe spesiellet i den perioden! Kan kjøre defragmentering inatt, men hvordan kan jeg "se" om jeg trenger en egentlig? Lenke til kommentar
norbat Skrevet 27. mars 2008 Forfatter Rapporter Del Skrevet 27. mars 2008 Du klikker bare på 'Analyser', så får du en anbefaling om hva du bør gjøre. Lenke til kommentar
CorradoPower Skrevet 28. mars 2008 Rapporter Del Skrevet 28. mars 2008 Og her er sas loggen! Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan Loghttp://www.superantispyware.com Generated 03/28/2008 at 00:43 AM Application Version : 4.0.1154 Core Rules Database Version : 3426 Trace Rules Database Version: 1418 Scan type : Complete Scan Total Scan Time : 01:45:03 Memory items scanned : 593 Memory threats detected : 0 Registry items scanned : 5634 Registry threats detected : 0 File items scanned : 50497 File threats detected : 148 Adware.Tracking Cookie C:\Documents and Settings\Lukas\Cookies\lukas@sexyteenlatinas[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@advertising[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@adrevolver[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@tradedoubler[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@tribalfusion[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@mediaplex[1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\lukas@questionmarket[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\lukas@vortexmediagroup[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@tdstats[1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@pornhub[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@onlysexybutt[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@burstnet[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@freebuttpornvideo[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\lukas@interclick[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@fuckedmature[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@tacoda[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@doubleclick[1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@4xxxtremepleasures[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@euros4click[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\lukas@roiservice[1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@zedo[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@serving-sys[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@imrworldwide[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@xxxblackbook[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@clicksor[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@indexstats[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@atdmt[1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\lukas@adtech[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@adbrite[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][3].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@overture[2].txt C:\Documents and Settings\Lukas\Cookies\lukas@specificclick[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\lukas@statcounter[1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][3].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@casalemedia[2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][4].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\lukas@revsci[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@clickshift[1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][3].txt C:\Documents and Settings\Lukas\Cookies\[email protected][1].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\[email protected][2].txt C:\Documents and Settings\Lukas\Cookies\lukas@linksynergy[1].txt C:\Documents and Settings\Lukas\Cookies\lukas@bizrate[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@qualitylatinaporn[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@freebuttpornvideo[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@yadro[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@vortexmediagroup[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@xxxblackbook[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@adnetserver[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@famouspornstars[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@clickaider[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@onlysexybutt[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@xiti[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@imrworldwide[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@superstats[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][6].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@clicktorrent[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@sexynatalie[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@coolsextoons[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@burstnet[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@precisionclick[1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@atwola[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\lukas@4xxxtremepleasures[2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt E:\Users\lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@imrworldwide[1].txt Lenke til kommentar
r2d290 Skrevet 28. mars 2008 Rapporter Del Skrevet 28. mars 2008 SAS tok en del... Hvordan kjører pc-en nå? Lenke til kommentar
CorradoPower Skrevet 28. mars 2008 Rapporter Del Skrevet 28. mars 2008 Hei, joda den tok en del! Virker mye raskere nå, takk skal dere ha:) Lenke til kommentar
r2d290 Skrevet 28. mars 2008 Rapporter Del Skrevet 28. mars 2008 fortsett med resten av loggene, så ser vi om det er noe igjen Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå