Sjøbanan Skrevet 16. mai 2006 Del Skrevet 16. mai 2006 (endret) Jeg fikk plutselig opp Virus Alret! og masse programmer reklame for hvordan og fjerne dette. Nede i gjørnet der msn osv pleier og ligge, har det nå havnet ett blinkede irriterende varsel. Dette er jo bare reklame til programmer man kan kjøpe for og så fjerne dritten. Til nå har jeg prøvd S&D og Ad-aware og begge fant en masse dritt. Men de klarer ikke fjerne alt ! noen forslag ? Har postet dette under programmer, men blir jo selvfølgelig henvist hit Men jeg fikk forslag av Thor. 1: last ned HijackThis 2: Legg ut loggen du får 3: la en på forumet granske loggen. Edit: har lagt ut loggen i Vis/Skjul den skjulte teksten! som Thor. Anbefalte Skjult tekst: (Marker innholdet i feltet for å se teksten): Logfile of HijackThis v1.99.1 Scan saved at 00:30:54, on 17.05.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\atmclk.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\Programfiler\MSI\Live Update 3\LMonitor.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\ting og tang\programmer\QuickTime 6\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\ctfmon.exe C:\Programfiler\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Ting og tang\Programmer\Opera\Opera.exe C:\WINDOWS\System32\taskmgr.exe C:\Ting og tang\Programmer\Winrar\WinRAR.exe C:\DOCUME~1\STIANH~1.JEN\LOKALE~1\Temp\Rar$EX00.656\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O1 - Hosts: 66.216.246.119 www.symantec.com O1 - Hosts: 66.216.246.119 symantec.com O1 - Hosts: 66.216.246.119 securityresponse.symantec.com O1 - Hosts: 23.56.220.171 symantecstore.com O1 - Hosts: 23.56.220.171 www.symantecstore.com O1 - Hosts: 23.56.220.171 sarc.com O1 - Hosts: 15.9.156.220 www.sarc.com O1 - Hosts: 15.9.156.220 s O1 - Hosts: 108.215.172.194 www.symantec.com O1 - Hosts: 65.183.19.246 symantec.com O1 - Hosts: 65.183.19.246 securityresponse.symantec.com O1 - Hosts: 57.8.210.40 symantecstore.com O1 - Hosts: 14.231.185.92 www.symantecstore.com O1 - Hosts: 5.57.121.141 sarc.com O1 - Hosts: 5.57.121.141 www.sarc.com O1 - Hosts: 39.73.6.40 f-prot.com O1 - Hosts: 39.73.6.40 www.f-prot.com O1 - Hosts: 233.232.158.92 mcafee.net O1 - Hosts: 191.72.132.144 housecall.trendmicro.com O1 - Hosts: 182.25.69.193 pandasoftware.com O1 - Hosts: 182.25.69.193 www.pandasoftware.com O1 - Hosts: 182.25.69.193 free.grisoft.com O1 - Hosts: 139.120.43.245 clamav.net O1 - Hosts: 139.120.43.245 www.clamav.net O1 - Hosts: 96.215.145.42 free-av.com O1 - Hosts: 96.215.145.42 www.free-av.com O1 - Hosts: 96.215.145.42 www.avast.com O1 - Hosts: 96.215.145.42 avast.com O1 - Hosts: 88.168.81.91 cert.org O1 - Hosts: 88.168.81.91 www.cert.org O1 - Hosts: 88.168.81.91 www.microsoft.com O1 - Hosts: 88.168.81.91 microsoft.com O1 - Hosts: 173.8.55.144 www.virustotal.com O1 - Hosts: 173.8.55.144 virustotal.com O1 - Hosts: 173.8.55.144 www.teamanti-virus.org O1 - Hosts: 173.8.55.144 teamanti-virus.org O1 - Hosts: 165.217.246.193 www.drsolomon.com O1 - Hosts: 165.217.246.193 drsolomon.com O1 - Hosts: 165.217.246.193 www.virusbtn.com O1 - Hosts: 165.217.246.193 virusbtn.com O1 - Hosts: 122.56.221.245 update.microsoft.com O1 - Hosts: 122.56.221.245 www.avgbulgaria.com O1 - Hosts: 122.56.221.245 avgbulgaria.com O1 - Hosts: 79.24.195.42 www.vet.com.au O1 - Hosts: 79.24.195.42 vet.com.au O1 - Hosts: 79.24.195.42 antivirus.about.com O1 - Hosts: 79.24.195.42 www.avg-antivirus.net O1 - Hosts: 70.233.131.91 avg-antivirus.net O1 - Hosts: 70.233.131.91 nod32.com O1 - Hosts: 70.233.131.91 www.nod32.com O1 - Hosts: 70.233.131.91 virus-radar.com O1 - Hosts: 27.72.106.143 www.virus-radar.com O1 - Hosts: 27.72.106.143 bitdefender.com O1 - Hosts: 27.72.106.143 www.bitdefender.com O1 - Hosts: 27.72.106.143 www.freebyte.com O1 - Hosts: 112.167.207.196 freebyte.com O1 - Hosts: 112.167.207.196 www.zonelabs.com O1 - Hosts: 112.167.207.196 zonelabs.com O1 - Hosts: 112.167.207.196 download.zonelabs.com O1 - Hosts: 104.121.143.245 smb.sygate.com O1 - Hosts: 104.121.143.245 www.agnitum.com O1 - Hosts: 104.121.143.245 agnitum.com O1 - Hosts: 104.121.143.245 kasperskyusa.com O1 - Hosts: 61.215.118.42 www.kasperskyusa.com O1 - Hosts: 61.215.118.42 www.kaspersky.com.au O1 - Hosts: 61.215.118.42 kaspersky.com.au O1 - Hosts: 61.215.118.42 www.kaspersky.co.uk O1 - Hosts: 53.169.54.91 kaspersky.co.uk O1 - Hosts: 53.169.54.91 www.kaspersky-me.com O1 - Hosts: 53.169.54.91 kaspersky-me.com O1 - Hosts: 53.169.54.91 www.kaspersky-antivirus.dk O1 - Hosts: 222.231.3.195 kaspersky.de O1 - Hosts: 222.231.3.195 kaspersky.telechargement.fr O1 - Hosts: 222.231.3.195 www.kaspersky.telechargement.fr O1 - Hosts: 222.231.3.195 www.kaspersky.pl O1 - Hosts: 214.57.194.244 kaspersky.pl O1 - Hosts: 214.57.194.244 www.norman.no O1 - Hosts: 214.57.194.244 norman.no O1 - Hosts: 214.57.194.244 sandbox.norman.no O1 - Hosts: 44.25.169.42 norman.com O1 - Hosts: 44.25.169.42 sandbox.norman.com O1 - Hosts: sandbox.norman.com O1 - Hosts: man.com O1 - Hosts: man.com O1 - Hosts: man.com O1 - Hosts: norman.com O1 - Hosts: m O1 - Hosts: 2 sandbox.norman.com O1 - Hosts: om O2 - BHO: Nothing - {f79fd28e-36ee-4989-aa61-9dd8e30a82fa} - C:\WINDOWS\System32\hpDCD9.tmp O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [LiveMonitor] C:\Programfiler\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [D_V_T] C:\\dvt.exe /S \C:\\d_v_t.reg\ O4 - HKLM\..\Run: [QuickTime Task] "C:\ting og tang\programmer\QuickTime 6\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ATICCC] "C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\RunServices: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\RunServices: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AudioDeck.lnk = C:\Programfiler\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Ting og tang\Programmer\Adobe Reader 7.0.7\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Ting og tang\Programmer\Microsoft Office Xp\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\TINGOG~1\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O21 - SSODL: msiv32.dll - {2A98808F-1F47-9E13-16F7-64325EB498E2} - c:\windows\system32\msiv32.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Ting og tang\Programmer\Norman\Nvc\BIN\nipsvc.exe (file missing) Endret 16. mai 2006 av Stian2345 Lenke til kommentar
Thor. Skrevet 16. mai 2006 Del Skrevet 16. mai 2006 bare å legge ut loggen det om du klarer det kopier og lim inn i en spoiler tag Lenke til kommentar
Pozzolan Skrevet 17. mai 2006 Del Skrevet 17. mai 2006 (endret) Hei! Den loggen der så ikke bra ut!' Først av alt vil jeg at du kjører hijackthis os slette disse oppføringene. En liten guide til hijackthis kan du finne her. Slå av "System Restore" Slett ALLE oppføringene som begynner på O1 - Hosts: da disse blokkerer for diverse antivirussider. Slett O2 - BHO: Nothing - {f79fd28e-36ee-4989-aa61-9dd8e30a82fa} - C:\WINDOWS\System32\hpDCD9.tmp O4 - HKLM\..\Run: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe Unknown O4 - HKLM\..\Run: [D_V_T] C:\\dvt.exe /S \C:\\d_v_t.reg\ O4 - HKLM\..\RunServices: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe O4 - HKCU\..\RunServices: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll (file missing) O21 - SSODL: msiv32.dll - {2A98808F-1F47-9E13-16F7-64325EB498E2} - c:\windows\system32\msiv32.dll (file missing) O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Ting og tang\Programmer\Norman\Nvc\BIN\nipsvc.exe (file missing) Last ned SmitfraudFix og kjør denne. Last ned CCleaner fre ccleaner.com og rens pcen med denne. Til slutt kjører du Panda online scan som du finner i signaturen min og Housecall. Post loggen fra panda her og en ny hijackthis log. Husk det er bare å spørre om det er noe du ikke skjønner. PS: Kjør windows update for å oppdatere til SP2. Endret 17. mai 2006 av stealthy Lenke til kommentar
Thor. Skrevet 17. mai 2006 Del Skrevet 17. mai 2006 var ikke småtteri det nei Se her. Loggen i bedre format. midlertidig Lenke til kommentar
Sjøbanan Skrevet 17. mai 2006 Forfatter Del Skrevet 17. mai 2006 (endret) Har fått 12 popups nå :O Har akuratt stått opp, så jeg skal prøve meg gjennom "Kokeboken" Edit: har slettet alt som stealthy ba meg gjøre Ny Hijack logg etter sletting. (Gjeller bare for Hijack programmet) O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Ting og tang\Programmer\Norman\Nvc\BIN\nipsvc.exe (file missing) Vill ikke bort Edit: Skjult tekst: (Marker innholdet i feltet for å se teksten): Logfile of HijackThis v1.99.1 Scan saved at 11:04:38, on 17.05.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\atmclk.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\Programfiler\MSI\Live Update 3\LMonitor.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\ting og tang\programmer\QuickTime 6\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\ctfmon.exe C:\Programfiler\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Ting og tang\Programmer\Opera\Opera.exe C:\WINDOWS\System32\taskmgr.exe C:\Ting og tang\Programmer\Ventrilo\Ventrilo 2.1.2\Ventrilo.exe C:\Ting og tang\Programmer\VentriloMIX\Ventrilo 2.1.4.exe C:\Documents and Settings\Stian H. Jensen\Skrivebord\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [LiveMonitor] C:\Programfiler\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\ting og tang\programmer\QuickTime 6\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ATICCC] "C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AudioDeck.lnk = C:\Programfiler\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Ting og tang\Programmer\Adobe Reader 7.0.7\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Ting og tang\Programmer\Microsoft Office Xp\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\TINGOG~1\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Ting og tang\Programmer\Norman\Nvc\BIN\nipsvc.exe (file missing) Endret 17. mai 2006 av Stian2345 Lenke til kommentar
Pozzolan Skrevet 17. mai 2006 Del Skrevet 17. mai 2006 O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Ting og tang\Programmer\Norman\Nvc\BIN\nipsvc.exe (file missing)Vill ikke bort Dette er egentlig ikke så farlig. Du har fortsatt filen atmclk.exe. Nå vil jeg at du laster ned og kjører SmitfraudFix som du finner i min forrige post og poster en ny log etter at du er ferdig med det. Lenke til kommentar
Sjøbanan Skrevet 17. mai 2006 Forfatter Del Skrevet 17. mai 2006 O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Ting og tang\Programmer\Norman\Nvc\BIN\nipsvc.exe (file missing)Vill ikke bort Dette er egentlig ikke så farlig. Du har fortsatt filen atmclk.exe. Nå vil jeg at du laster ned og kjører SmitfraudFix som du finner i min forrige post og poster en ny log etter at du er ferdig med det. 6119331[/snapback] Nå har jeg kjørt SmitfraudFix i safemode Hijacklogg Skjult tekst: (Marker innholdet i feltet for å se teksten): Logfile of HijackThis v1.99.1 Scan saved at 11:20:48, on 17.05.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\CNYHKey.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\Programfiler\MSI\Live Update 3\LMonitor.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\ting og tang\programmer\QuickTime 6\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\ctfmon.exe C:\Programfiler\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe C:\Ting og tang\Programmer\Adobe Reader 7.0.7\Reader\reader_sl.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Ting og tang\Programmer\Opera\Opera.exe C:\Documents and Settings\Stian H. Jensen\Skrivebord\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [LiveMonitor] C:\Programfiler\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\ting og tang\programmer\QuickTime 6\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ATICCC] "C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AudioDeck.lnk = C:\Programfiler\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Ting og tang\Programmer\Adobe Reader 7.0.7\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Ting og tang\Programmer\Microsoft Office Xp\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\TINGOG~1\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Ting og tang\Programmer\Norman\Nvc\BIN\nipsvc.exe (file missing) Lenke til kommentar
Pozzolan Skrevet 17. mai 2006 Del Skrevet 17. mai 2006 Den så egentlig ren ut Sliter du fortsatt eller har det gitt seg? Lenke til kommentar
Sjøbanan Skrevet 17. mai 2006 Forfatter Del Skrevet 17. mai 2006 Nei ser ut til at alt driten er borte, men jeg kjører scan med CCleaner uansett Guiden din er foresten kjempe bra Tusentakk til alle som har hjelpt meg Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå