Januar333 Skrevet 28. januar 2010 Del Skrevet 28. januar 2010 (endret) Kort fortalt får jeg feilmelding deretter kommer en timer som teller ned ifra 1 minutt før den skrur seg av. Dette har jeg har prøvd: -kjørt adaware, finner ingen feil -kjørt malware, finner ingen feil -kjørt symantec blast worm remover, ingen feil det jeg har gjort er å skru av dcom process launcer ifra service.msc dette gjorde at den ikke skrur seg av, men hender fortsatt at jeg får den "det har oppstått et problem meldingen" (eller hva det nå enn heter). Trenger sårt hjelp med dette, så alle forslag setter jeg stor pris på. Endret 28. januar 2010 av freddy85 Lenke til kommentar
Januar333 Skrevet 28. januar 2010 Forfatter Del Skrevet 28. januar 2010 Takk, legger det ut i morgen tidelig Lenke til kommentar
Januar333 Skrevet 29. januar 2010 Forfatter Del Skrevet 29. januar 2010 ComboFix: ComboFix 10-01-28.05 - Eier 29.01.2010 16:03:33.2.1 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.511.244 [GMT 1:00] Kjører fra: c:\documents and settings\Eier\Skrivebord\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-12-28 til 2010-01-29 ))))))))))))))))))))))))))))))))) . 2010-01-29 14:52 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-01-29 14:52 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-01-29 14:52 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-01-29 14:52 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-01-29 14:52 . 2010-01-29 14:52 -------- d-----w- c:\programfiler\Avira 2010-01-29 14:52 . 2010-01-29 14:52 -------- d-----w- c:\documents and settings\All Users\Programdata\Avira 2010-01-28 17:38 . 2010-01-28 17:38 -------- d-----w- c:\programfiler\CCleaner 2010-01-28 17:24 . 2001-01-01 13:40 -------- dc----w- c:\windows\system32\DRVSTORE 2010-01-28 17:21 . 2001-01-01 13:40 -------- d-----w- c:\documents and settings\All Users\Programdata\Lavasoft 2010-01-13 08:08 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-29 14:50 . 2003-08-08 15:44 -------- d-----w- c:\programfiler\Fellesfiler\Symantec Shared 2010-01-23 08:06 . 2009-08-15 06:50 -------- d-----w- c:\programfiler\Microsoft Silverlight 2009-12-21 19:10 . 2003-09-01 17:09 916480 ------w- c:\windows\system32\wininet.dll 2009-12-10 08:15 . 2003-08-08 17:58 386046 ----a-w- c:\windows\system32\perfh014.dat 2009-12-10 08:15 . 2003-08-08 17:58 61158 ----a-w- c:\windows\system32\perfc014.dat 2009-12-03 10:12 . 2009-09-09 08:21 -------- d-----w- c:\documents and settings\Eier\Programdata\Move Networks 2009-11-21 16:03 . 2003-09-01 17:05 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2005-06-19 16:56 . 2005-06-19 16:56 32 --sha-w- c:\windows\{2AC414B4-3FD3-4DD0-B9C1-4BAF8DC63EFC}.dat 2005-06-19 16:57 . 2005-06-19 16:57 32 --sha-w- c:\windows\{3892891D-FD1A-4034-87C9-465DF1FF1F58}.dat 2005-06-19 16:55 . 2005-06-19 16:55 32 --sha-w- c:\windows\{4447532B-B7B4-445A-8E60-25DAE1586A9E}.dat 2005-06-19 16:57 . 2005-06-19 16:57 32 --sha-w- c:\windows\{93C77BFF-4D83-458E-9CFE-1447C3159B63}.dat 2005-06-19 16:55 . 2005-06-19 16:55 32 --sha-w- c:\windows\{A793B48D-E73A-495D-97E5-0AA7F38B8090}.dat 2005-06-19 16:55 . 2005-06-19 16:55 32 --sha-w- c:\windows\{A9B5EC8D-748A-4609-8953-B34F8CC8DD1A}.dat . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVIEW"="nview.dll" [2003-05-02 835654] "MSMSGS"="c:\programfiler\Messenger\msmsgs.exe" [2008-04-14 1695232] "Google Update"="c:\documents and settings\Eier\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" [2009-06-16 133104] "BackupNotify"="c:\programfiler\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe" [2003-06-22 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StorageGuard"="c:\programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" [2003-02-13 155648] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2009-01-05 413696] "PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920] "nwiz"="nwiz.exe" [2003-05-02 323584] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768] "KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "HPHUPD05"="c:\programfiler\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-23 49152] "HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-05-23 483328] "HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-07 114688] "CamMonitor"="c:\programfiler\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [2002-10-07 90112] "ATIPTA"="c:\programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-07-19 335872] "avgnt"="c:\programfiler\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] c:\documents and settings\Default User\Start-meny\Programmer\Oppstart\ AutoTBar.exe [2003-6-20 53248] mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136] c:\documents and settings\Administrator\Start-meny\Programmer\Oppstart\ mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ Adobe Gamma Loader.lnk - c:\programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2004-8-16 113664] HP Digital Imaging Monitor.lnk - c:\programfiler\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-9-24 282624] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programfiler\Avira\AntiVir Desktop\sched.exe [29.01.2010 15:52 108289] --- Andre tjenester/drivere lastet i minnet --- *NewlyCreated* - ATI_HOTKEY_POLLER *NewlyCreated* - SSMDRV . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-01-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100469651-1929162705-2147031943-1003Core.job - c:\documents and settings\Eier\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2009-06-16 16:29] 2010-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100469651-1929162705-2147031943-1003UA.job - c:\documents and settings\Eier\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2009-06-16 16:29] 2010-01-29 c:\windows\Tasks\User_Feed_Synchronization-{18CAE509-23B3-4DC8-8BF7-B0313010582E}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.online.no/ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-29 16:10 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(644) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(788) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Tidspunkt ferdig: 2010-01-29 16:12:38 ComboFix-quarantined-files.txt 2010-01-29 15:12 ComboFix2.txt 2001-01-01 03:59 Pre-Run: 95 536 549 888 byte ledig Post-Run: 95 522 635 776 byte ledig - - End Of File - - E53144E2C9887C6A60AACEE05208DF73 Hijackthis: Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 16:19:35, on 29.01.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Avira\AntiVir Desktop\sched.exe C:\HP\KBD\KBD.EXE C:\windows\system\hpsysdrv.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programfiler\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Programfiler\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Programfiler\Internet Explorer\IEXPLORE.EXE C:\Programfiler\Internet Explorer\IEXPLORE.EXE C:\Programfiler\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: HP-visning - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programfiler\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O4 - HKLM\..\Run: [storageGuard] "C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Programfiler\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Programfiler\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eier\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [backupNotify] c:\Programfiler\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM') O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user') O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1234010620365 O23 - Service: Adobe LM Service - Unknown owner - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programfiler\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programfiler\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe -- End of file - 5633 bytes malwarebyte glemte jeg å save loggen, men var ikke noe nyttig som sto der(trur jeg) Lenke til kommentar
norbat Skrevet 29. januar 2010 Del Skrevet 29. januar 2010 Der er ikke noe i loggene som kan fortelle hva problemet skyldes. Malware er det mest sannsynlig ikke. Du kunne ha sjekket om systemfilene er i ordne. Fra kjør-feltet (start->kjør), skriv: sfc /scannow Lenke til kommentar
Januar333 Skrevet 29. januar 2010 Forfatter Del Skrevet 29. januar 2010 ja, trur jeg bare formaterer skiten og installerer windows 7. Lenke til kommentar
norbat Skrevet 29. januar 2010 Del Skrevet 29. januar 2010 Ja, har du tilgang til win 7, så er det å anbefale Lenke til kommentar
norbat Skrevet 4. februar 2010 Del Skrevet 4. februar 2010 Ble det 'oppgradering' til Win 7? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå