Kubus Skrevet 1. november 2006 Del Skrevet 1. november 2006 Jeg har fått virus i MSN, dvs. msn driver å sender ut en link til alle jeg chatter med. Fikk et tips om jeg må sjekke HJT-loggen. Er det noen som vil sjekke vedlagte logg. Jeg vil også gjerna ha tips for hvordan jeg retter problemet, sletting av linjer ved hjelp av HJT eller må jeg bruke andre program for å rette problemet? Her er loggen: Logfile of HijackThis v1.99.1 Scan saved at 13:29:53, on 01.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\crypserv.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe C:\Norman\Bin\Zanda.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\Launch Manager\LaunchAp.exe C:\Programfiler\Launch Manager\HotkeyApp.exe C:\Programfiler\Launch Manager\OSD.exe C:\Programfiler\Launch Manager\Wbutton.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Home Cinema\PowerCinema\PCMService.exe C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe C:\Norman\bin\ZLH.EXE C:\WINDOWS\Dit.exe C:\Programfiler\Creative\PC-CAM Center\CAMTRAY.EXE C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe C:\windows\system32\svhoskil.exe C:\windows\system\msmnsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe C:\WINDOWS\system32\rundll32.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Programfiler\MSN Toolbar Suite\DS\02.05.0001.1119\nb-no\bin\WindowsSearch.exe C:\Programfiler\MUSICMATCH\MUSICMATCH Jukebox\mim.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\MSN Toolbar Suite\DS\02.05.0001.1119\nb-no\bin\WindowsSearchIndexer.exe C:\WINDOWS\DitExp.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\BIN\nipsvc.exe C:\Norman\bin\NJEEVES.EXE C:\WINDOWS\System32\alg.exe C:\Norman\Nvc\bin\cclaw.exe C:\Programfiler\MSN Toolbar Suite\DS\02.05.0001.1119\nb-no\bin\WindowsSearchFilter.exe G:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar2.dll O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LaunchAp] C:\Programfiler\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Programfiler\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Programfiler\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Programfiler\Launch Manager\OSD.exe O4 - HKLM\..\Run: [Wbutton] "C:\Programfiler\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Programfiler\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programfiler\Creative\PC-CAM Center\CAMTRAY.EXE O4 - HKLM\..\Run: [bearShare] "C:\Programfiler\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [sweetIM] C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [svhoskil] "C:\windows\system32\svhoskil.exe" O4 - HKLM\..\Run: [Messenger] c:\windows\system\msmnsgr.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [sweetIM] C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PC-søk i Windows.lnk = C:\Programfiler\MSN Toolbar Suite\DS\02.05.0001.1119\nb-no\bin\WindowsSearch.exe O8 - Extra context menu item: &Google Search - res://c:\programfiler\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &MSN Search - res://C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll/search.htm O8 - Extra context menu item: &Translate English Word - res://c:\programfiler\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\programfiler\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programfiler\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\programfiler\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\programfiler\google\GoogleToolbar1.dll/cmtrans.html O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/229?fabd5920b9934092ae34e67916313ac O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/230?fabd5920b9934092ae34e67916313ac O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programfiler\Fellesfiler\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/ O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1075172761515 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15023/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Lenke til kommentar
janfredrik Skrevet 1. november 2006 Del Skrevet 1. november 2006 Fjern C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe C:\windows\system\msmnsgr.exe R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) Lenke til kommentar
Kubus Skrevet 1. november 2006 Forfatter Del Skrevet 1. november 2006 FjernC:\Programfiler\Macrogaming\SweetIM\SweetIM.exe C:\windows\system\msmnsgr.exe R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) 7197984[/snapback] Hvordan sletter jeg da? Lenke til kommentar
norbat Skrevet 1. november 2006 Del Skrevet 1. november 2006 Det ligger noe mer i loggen din så gjør følgende: Last ned Killbox (bruk google). Kjør programmet og klipp/lim inn: C:\windows\system\msmnsgr.exe C:\windows\system32\svhoskil.exe Kjør HJT (do a system scan only) og sett merke framfor C:\windows\system\msmnsgr.exe R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O4 - HKLM\..\Run: [svhoskil] "C:\windows\system32\svhoskil.exe" Avinstaller MSN fra legg til/fjern programmer Last ned CCleaner (google) Last ned Superantispyware (google), installer og oppdater Restart i sikker modus (tapp f8 under oppstart) Kjør ccleaner Kjør en full scan med Superanti..... Post en ny HJT Lenke til kommentar
Kubus Skrevet 1. november 2006 Forfatter Del Skrevet 1. november 2006 Det ligger noe mer i loggen din så gjør følgende: Last ned Killbox (bruk google). Kjør programmet og klipp/lim inn: C:\windows\system\msmnsgr.exe C:\windows\system32\svhoskil.exe Kjør HJT (do a system scan only) og sett merke framfor C:\windows\system\msmnsgr.exe R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) O4 - HKLM\..\Run: [svhoskil] "C:\windows\system32\svhoskil.exe" Avinstaller MSN fra legg til/fjern programmer Last ned CCleaner (google) Last ned Superantispyware (google), installer og oppdater Restart i sikker modus (tapp f8 under oppstart) Kjør ccleaner Kjør en full scan med Superanti..... Post en ny HJT 7198242[/snapback] Huff... Finnes det ikke en enklere måte å gjøre dette på da? Lenke til kommentar
norbat Skrevet 1. november 2006 Del Skrevet 1. november 2006 Se om du får mulighet for å kjøre en systemgjenoppretting Start -> Alle programmer -> Tilbehør -> Systemverktøy -> Systemgjenoppretting. Velg å gjenopprette pc'n til et tidligere tidspkt. Velg en dato da du vet at alt virket ok Post en ny HJT om du evt. får til dette. Lenke til kommentar
Kubus Skrevet 1. november 2006 Forfatter Del Skrevet 1. november 2006 Se om du får mulighet for å kjøre en systemgjenoppretting Start -> Alle programmer -> Tilbehør -> Systemverktøy -> Systemgjenoppretting. Velg å gjenopprette pc'n til et tidligere tidspkt. Velg en dato da du vet at alt virket ok Post en ny HJT om du evt. får til dette. 7198575[/snapback] Maskina vil ikke kjøre systemgjenoppretting. Ska kjøre Recovery Cd-en som tilhører maskina, men det blir ikke før i morra....... Lenke til kommentar
norbat Skrevet 1. november 2006 Del Skrevet 1. november 2006 Prøv tidligere nevnte anvisning. Direktelinker til programmene du skal bruke følger under: Killbox CCleaner SAS Dette tar deg ca. 1 - 1,5 t. Lenke til kommentar
hallvar86 Skrevet 1. november 2006 Del Skrevet 1. november 2006 Noen som gidder å sjekke denne her også..? fått det "check lol" viruset.. Har gjort alt norbat anbefalte. Dvs. fjerna msn, scanna med drweb-cureit, sas og kjørt combofix, alt etter angitt prosedyre... Logfile of HijackThis v1.99.1 Scan saved at 21:41:51, on 01.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\WINDOWS\system32\msasvc.exe C:\Norman\Bin\Zanda.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\bin\NJEEVES.EXE C:\Norman\Nvc\BIN\nipsvc.exe C:\Programfiler\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe C:\WINDOWS\System32\00THotkey.exe C:\WINDOWS\system32\TFNF5.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\TOSHIBA\TouchED\TouchED.Exe C:\WINDOWS\LTSMMSG.exe C:\Programfiler\TOSHIBA\TOSHIBA-kontroller\TFncKy.exe C:\WINDOWS\system32\TPSMain.exe C:\Norman\bin\ZLH.EXE C:\Programfiler\Winamp\winampa.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\system32\hphmon06.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe C:\Norman\Nvc\bin\cclaw.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\RAMASST.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Programfiler\Microsoft Office\Office\WINWORD.EXE C:\Programfiler\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Documents and Settings\Marthe\Skrivebord\hjt\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftenposten.no/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.ub.ntnu.no/ubit.pac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [sigmaTel StacMon] C:\Programfiler\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TouchED] C:\Programfiler\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe O4 - HKLM\..\Run: [HPHUPD06] C:\Programfiler\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\digital imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Hurtigstart.lnk = C:\Programfiler\HP\digital imaging\bin\hpqthb08.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1122235333857 O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programfiler\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Lenke til kommentar
norbat Skrevet 1. november 2006 Del Skrevet 1. november 2006 (endret) Hei og velkommen til forumet Kjør HJT og fjern: O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file) Hvordan virker pc'n forøvrig? Du kan godt disable systemgjenopprettingen, restarte og slå den på igjen (Kontrollpanel -> System -> Systemgjenoppretting) PS. Hvorfor skrive i en annens tråd når du får lov til å opprette en egen Endret 1. november 2006 av norbat Lenke til kommentar
hallvar86 Skrevet 1. november 2006 Del Skrevet 1. november 2006 Tusen takk for hjelpa:) Den ser ut til å funke helt greit. Bortsett fra at den bruker sabla lang tid på å starte. Men det er ikke min pc, og det er temmelig håpløst å få noen fornuftige svar fra dama om dette.... Det som er litt besynderlig, er at når jeg prøver å åpne windows-brannmuren får jeg meldingen: "Kan ikke vise instillinger for Windows-brannmuren på grunn av et uidentifisert problem." Men som sagt så ser pc'en ut til å funke fint nå.. Lenke til kommentar
norbat Skrevet 1. november 2006 Del Skrevet 1. november 2006 Kjører pc'n zonealarm? Dette er vel en brannmur og den skulle holde i lange baner framfor windows sin. Lenke til kommentar
hallvar86 Skrevet 1. november 2006 Del Skrevet 1. november 2006 jepp, den kjører zonealarm nå.. Lenke til kommentar
norbat Skrevet 1. november 2006 Del Skrevet 1. november 2006 Ang. tregheten i oppstarten: Hvis du har winXP cd'n i nærheten kan du i start -> kjør , skrive sfc /scannow og la den scanne ferdig. Se om det ikke kan hjelpe litt. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå