Fiskeoppdretter Skrevet 24. november 2006 Del Skrevet 24. november 2006 Kan noen si meg om det enda er noe galt? Har brukt Removal tool fra Symantec for å fjerne Istbar. Denne ble scannet av Hijackthis i sikkerhetsmodus. Logfile of HijackThis v1.99.1 Scan saved at 13:24:47, on 24.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\HCR\Skrivebord\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {987BE4AC-3DA3-7982-3CA5-64A68A1AB388} - C:\PROGRA~1\toolcash\OBJOPTION.exe (file missing) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programfiler\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] c:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunServices: [Windows Dialog Verify] mslpar.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programfiler\Creative\Shared Files\CamTray.exe" O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkvMon.exe.lnk = C:\Programfiler\Nikon\NkView6\NkvMon.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O15 - Trusted Zone: *.sf-anytime.com O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5CF549B1-E178-4D8C-ADEF-73F226644F12} (Room328 Designer Setup) - http://designer.room328.com/app/WebVDSetUp.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155767547140 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/no/big/1.1....g/GoogleNav.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {A0F3DE0D-9308-4650-82A0-53F0C17D7D65} (Web2D Control) - http://designer.room328.com/app/WebVD.vcb O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A46EFBC4-961B-4D8E-8588-C3A24DCB0B96}: NameServer = 0.0.0.0 O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: CDRecorder025 - {A3BC5E20-0235-1ABF-9CE1-00AA00512025} - C:\WINDOWS\system32\tjoi32.dll (file missing) O21 - SSODL: DCOM Server 2243 - {2C1CD3D7-86AC-4068-93BC-A02304BB2243} - C:\WINDOWS\system32\tfsjjfq.dll (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Programfiler\B54 Wireless Monitor\WLService.exe Lenke til kommentar
norbat Skrevet 24. november 2006 Del Skrevet 24. november 2006 Mest opprydding igjen. Vil gjerne se en logg fra normal modus Lenke til kommentar
Fiskeoppdretter Skrevet 24. november 2006 Forfatter Del Skrevet 24. november 2006 Her er en logg fra normal modus. Det er noe alvorlig feil. Rett etter at Hijackthis var ferdig ble det bluescreen... Fikk i heldigvis loggen: Logfile of HijackThis v1.99.1 Scan saved at 19:59:37, on 24.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\B54 Wireless Monitor\WLService.exe C:\Programfiler\B54 Wireless Monitor\WLanCfgG.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\Creative\Shared Files\CamTray.exe C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programfiler\Nikon\NkView6\NkvMon.exe C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe c:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\HCR\Skrivebord\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {987BE4AC-3DA3-7982-3CA5-64A68A1AB388} - C:\PROGRA~1\toolcash\OBJOPTION.exe (file missing) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programfiler\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] c:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\RunServices: [Windows Dialog Verify] mslpar.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programfiler\Creative\Shared Files\CamTray.exe" O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkvMon.exe.lnk = C:\Programfiler\Nikon\NkView6\NkvMon.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O15 - Trusted Zone: *.sf-anytime.com O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5CF549B1-E178-4D8C-ADEF-73F226644F12} (Room328 Designer Setup) - http://designer.room328.com/app/WebVDSetUp.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155767547140 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/no/big/1.1....g/GoogleNav.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {A0F3DE0D-9308-4650-82A0-53F0C17D7D65} (Web2D Control) - http://designer.room328.com/app/WebVD.vcb O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A46EFBC4-961B-4D8E-8588-C3A24DCB0B96}: NameServer = 0.0.0.0 O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: CDRecorder025 - {A3BC5E20-0235-1ABF-9CE1-00AA00512025} - C:\WINDOWS\system32\tjoi32.dll (file missing) O21 - SSODL: DCOM Server 2243 - {2C1CD3D7-86AC-4068-93BC-A02304BB2243} - C:\WINDOWS\system32\tfsjjfq.dll (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Programfiler\B54 Wireless Monitor\WLService.exe Lenke til kommentar
norbat Skrevet 25. november 2006 Del Skrevet 25. november 2006 Kjør HJT og fjern: R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file) O2 - BHO: (no name) - {987BE4AC-3DA3-7982-3CA5-64A68A1AB388} - C:\PROGRA~1\toolcash\OBJOPTION.exe (file missing) O4 - HKLM\..\RunServices: [Windows Dialog Verify] mslpar.exe O21 - SSODL: CDRecorder025 - {A3BC5E20-0235-1ABF-9CE1-00AA00512025} - C:\WINDOWS\system32\tjoi32.dll (file missing) O21 - SSODL: DCOM Server 2243 - {2C1CD3D7-86AC-4068-93BC-A02304BB2243} - C:\WINDOWS\system32\tfsjjfq.dll (file missing) O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing) Sørg for at du kan se skjulte filer og mapper (kontrollpanel->mappealternativer->Vis->"vis skjulte filer og mapper" Restart i sikker modus (tapp f8 under oppstart) Gå i utforsker og slett fila (i bold): C:\WINDOWS\system32\mslpar.exe C:\WINDOWS\system32\msasvc.exe (ikke sikkert den finnes) Restart i normal modus Last ned CCleaner, og kjør en rens samt noen ganger 'Saker' Last ned SAS, installer, oppdater og kjør en full scan. Slett alt den finner. Legg ut en ny HJT samt loggen til SAS (preferences->statistics/logs) Lenke til kommentar
Fiskeoppdretter Skrevet 26. november 2006 Forfatter Del Skrevet 26. november 2006 Har gjort det du sa, men fant ikke mslpar.exe og msasvc.exe. Kjørte først CCleaner, den fant mye rart som jeg slettet. SAS fant ingenting. Fremdeles feil på maskinen (får bluescreen i normal modus). Får heller ikke tilgang til Windows-brannmuren pga "Uidentifisert problem". Her er den nye HJT loggen: Logfile of HijackThis v1.99.1 Scan saved at 16:34:29, on 26.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\B54 Wireless Monitor\WLService.exe C:\Programfiler\B54 Wireless Monitor\WLanCfgG.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\The Cleaner\tca.exe C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe C:\Programfiler\The Cleaner\tcm.exe c:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Programfiler\Creative\Shared Files\CamTray.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programfiler\Nikon\NkView6\NkvMon.exe C:\Documents and Settings\Hans Christian Ryel\Skrivebord\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programfiler\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] c:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [tcactive] C:\Programfiler\The Cleaner\tca.exe O4 - HKLM\..\Run: [tcmonitor] C:\Programfiler\The Cleaner\tcm.exe O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programfiler\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkvMon.exe.lnk = C:\Programfiler\Nikon\NkView6\NkvMon.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O15 - Trusted Zone: *.sf-anytime.com O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5CF549B1-E178-4D8C-ADEF-73F226644F12} (Room328 Designer Setup) - http://designer.room328.com/app/WebVDSetUp.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155767547140 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/no/big/1.1....g/GoogleNav.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {A0F3DE0D-9308-4650-82A0-53F0C17D7D65} (Web2D Control) - http://designer.room328.com/app/WebVD.vcb O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A46EFBC4-961B-4D8E-8588-C3A24DCB0B96}: NameServer = 0.0.0.0 O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Programfiler\B54 Wireless Monitor\WLService.exe Lenke til kommentar
norbat Skrevet 27. november 2006 Del Skrevet 27. november 2006 (endret) Klikk på Start-kjør. Skriv: services.msc Tast OK. Finn følgende services, høyreklikk og velg egenskaper. Under oppstartstype velger du deaktivert. Microsoft authenticate service (MsaSvc) Last ned denne engangsscanneren: drweb Restart i sikker modus (tapp f8 under oppstart) Kjør drweb-cureit.exe (si ja til å kjøre en express scan) Når dette er ferdig klikker du på Option -> Change settings. Under fanearket Scan, fjerner du haken ved Heuristic analysis. Under fanearket Actions, skal alle punkt under Malware settes til Rename. Velg partisjon du vil scanne og klikk deretter på den grønne pilen for å starte scanningen. Velg "yes to all" når det finner noe for første gang. Restart i normal modus Klikk på Start-kjør, Skriv: sfc /scannow (NB! mellomrom mellom sfc og / ). Du trenger winXP cd'n. Du vil ikke få noen beskjed om det er reparert noen systemfile når programmet er ferdigkjørt. [Hvis alt virket rimelig ok før du kjørte fixet fra symantec, kan en systemgjenoppretting før denne dato sikkert være en løsning på bluescreen-problemet. Så kan du evt. legge ut en ny hjt-logg så tar vi det fra der] Endret 27. november 2006 av norbat Lenke til kommentar
Fiskeoppdretter Skrevet 28. november 2006 Forfatter Del Skrevet 28. november 2006 Nå ser det ut som det fungerer bedre, men får fremdeles ikke tilgang til Windows-brannmuren pga "Uidentifisert problem". Ingen bluescreen og ingen feilmeldinger bortsett fra denne: "application launcher" og under den står det "kan ikke laste inn konfigurasjon". Har ikke tatt systemgjenoppretting, da ingen datoer bortsett fra igår og i dag er tilgjengelig. Her er den nye HJT loggen: Logfile of HijackThis v1.99.1 Scan saved at 21:33:54, on 28.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\B54 Wireless Monitor\WLService.exe C:\Programfiler\B54 Wireless Monitor\WLanCfgG.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\The Cleaner\tca.exe C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe C:\Programfiler\The Cleaner\tcm.exe c:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Programfiler\Creative\Shared Files\CamTray.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Nikon\NkView6\NkvMon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Opera\Opera.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Grisoft\AVG Free\avgwb.dat C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe C:\Documents and Settings\Hans Christian Ryel\Skrivebord\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programfiler\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] c:\Programfiler\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [tcactive] C:\Programfiler\The Cleaner\tca.exe O4 - HKLM\..\Run: [tcmonitor] C:\Programfiler\The Cleaner\tcm.exe O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programfiler\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkvMon.exe.lnk = C:\Programfiler\Nikon\NkView6\NkvMon.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O15 - Trusted Zone: *.sf-anytime.com O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5CF549B1-E178-4D8C-ADEF-73F226644F12} (Room328 Designer Setup) - http://designer.room328.com/app/WebVDSetUp.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155767547140 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/no/big/1.1....g/GoogleNav.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {A0F3DE0D-9308-4650-82A0-53F0C17D7D65} (Web2D Control) - http://designer.room328.com/app/WebVD.vcb O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A46EFBC4-961B-4D8E-8588-C3A24DCB0B96}: NameServer = 0.0.0.0 O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Programfiler\B54 Wireless Monitor\WLService.exe Lenke til kommentar
Fiskeoppdretter Skrevet 28. november 2006 Forfatter Del Skrevet 28. november 2006 Etter 2 timer i normal modus var bluescreen tilbake! Lenke til kommentar
norbat Skrevet 28. november 2006 Del Skrevet 28. november 2006 Kommer det en feilmelding i bluescreenen? Lenke til kommentar
Fiskeoppdretter Skrevet 28. november 2006 Forfatter Del Skrevet 28. november 2006 (endret) Noterte ikke ned feilmeldingen, men skal notere den ned ved neste blueescreen. Edit: Må kanskje vente en stund på ny bluescreen... Men ved ny oppstart i normal modus kom denne feilmeldingen: "Systemet er gjenopprettet etter en alvorlig feil" BCCode: 1000008e BCP1: C0000005 BCP2: AAEE0B7C BCP3: A91B4A20 BCP4:00000000 Endret 28. november 2006 av Craigmick Lenke til kommentar
Fiskeoppdretter Skrevet 28. november 2006 Forfatter Del Skrevet 28. november 2006 Ny blueescreen: Teknisk informasjon Stopp: 0x0000008e (0xC0000005, 0xAAEE0B7C, 0xA91CCA20, 0x00000000) Rett før bluescreen kom følgende melding: Windows-systemfeil "Det finnes en IP-adressekonflikt med et annet system på nettverket" Lenke til kommentar
norbat Skrevet 28. november 2006 Del Skrevet 28. november 2006 En runde med driveroppdateringer kunne kanskje være på sin plass. Start med skjermkortdriveren. I HJT-linja: O17 - HKLM\System\CCS\Services\Tcpip\..\{A46EFBC4-961B-4D8E-8588-C3A24DCB0B96}: NameServer = 0.0.0.0 Er dette noe du kjenner til? Hvis dette er ukjent, kan du slette den. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå