Gjest Slettet+891234 Skrevet 10. desember 2006 Del Skrevet 10. desember 2006 (endret) Hei. Har prøvd med x antall programmer, og laget et såpass vanvittig kaos på PC-en at jeg nok må formatere. Men jeg har ikke lyst å ty til den enkle løsningen og la virusmakerne "vinne", kan noen hjelpe meg å bli kvitt 888toolbar m.m.? Logfile of HijackThis v1.99.1Scan saved at 23:17:12, on 10.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Logitech\iTouch\iTouch.exe C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Logitech\MouseWare\system\em_exec.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Opera\Opera.exe C:\Programfiler\Fellesfiler\{48B23721-07CB-1044-0810-06070606002f}\Update.exe C:\Documents and Settings\Sindre \Skrivebord\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...B_PVER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FELLES~1\{38B23~1\Bar888.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\utorrent.exe" O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O18 - Protocol: bw+0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programfiler\Fellesfiler\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe Endret 12. desember 2006 av Slettet+891234 Lenke til kommentar
morra Skrevet 10. desember 2006 Del Skrevet 10. desember 2006 Jeg lot hijackthis.de gjøre grovarbeidet og satt igjen med denne (jeg har skjult alle Logitech Desktop Messenger-filene): C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe - UnknownC:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe - Unknown C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe - Unknown C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe - Unknown C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe - Unknown C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe - Unknown C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe - Unknown R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger - Nasty O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FELLES~1\{38B23~1\Bar888.dll - Unknown O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit - Unknown O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe - Unknown O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized - Unknown O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\utorrent.exe" - Unknown O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) - Possibly nasty O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) - Possibly nasty O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab - Possibly nasty Klikk for å se/fjerne innholdet nedenfor O18 - Protocol: bw+0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nastyO18 - Protocol: bw+0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw-0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw-0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw00 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw00s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw10 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw10s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw20 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw20s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw30 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw30s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw40 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw40s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw50 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw50s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw60 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw60s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw70 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw70s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw80 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw80s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw90 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bw90s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwa0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwa0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwb0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwb0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwc0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwc0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwd0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwd0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwe0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwe0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwf0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwf0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwg0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwg0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwh0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwh0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwi0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwi0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwj0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwj0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwk0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwk0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwl0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwl0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwm0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwm0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwn0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwn0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwo0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwo0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwp0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwp0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwq0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwq0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwr0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwr0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bws0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bws0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwt0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwt0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwu0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwu0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwv0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwv0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bww0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bww0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwx0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwx0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwy0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwy0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwz0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: bwz0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Protocol: offline-8876480 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll - Possibly nasty O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - Possibly nasty Den i bold er jeg veldig sikker på at har noe med 888toolbar å gjøre De i italic er jeg usikker på om er farlige, men jeg tviler sterkt på at det er de du leter etter De andre tror jeg er sikre Lenke til kommentar
norbat Skrevet 11. desember 2006 Del Skrevet 11. desember 2006 Avinstaller 888bar og logitech desktop messenger fra legg til/fjern programmer Kjør HJT og fix: O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FELLES~1\{38B23~1\Bar888.dll - Unknown Alle O18 - Protocol: bw.. med logitech desktop messenger Last ned CCleaner og kjør noen ganger rens Oppdater AVG antispyware og kjør en full scan. Legg ut en ny HJT-logg samt loggen fra AVG-antispyware. Lenke til kommentar
Gjest Slettet+891234 Skrevet 11. desember 2006 Del Skrevet 11. desember 2006 (endret) ---------------------------------------------------------AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 21:57:53 11.12.2006 + Scan result: C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP63\A0005228.exe -> Adware.Maxifiles : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP63\A0005266.exe -> Adware.Maxifiles : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP67\A0012850.exe -> Adware.Maxifiles : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP62\A0005217.dll -> Adware.Softomate : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP67\A0012983.dll -> Adware.Virtumonde : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP68\A0015058.dll -> Adware.Virtumonde : No action taken. HKU\S-1-5-21-1016518447-1626165325-3537029909-1004\Software\ToolBar -> Adware.WebSearch : No action taken. HKU\S-1-5-21-1016518447-1626165325-3537029909-1004\Software\ToolBar\all -> Adware.WebSearch : No action taken. HKU\S-1-5-21-1016518447-1626165325-3537029909-1004\Software\ToolBar\all\History -> Adware.WebSearch : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP67\A0011815.exe -> Dropper.Agent.azs : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP67\A0012904.dll -> Logger.Delf.mk : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP66\A0008775.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP63\A0005269.exe -> Trojan.Small : No action taken. C:\System Volume Information\_restore{069C0C47-255E-49C2-861B-FE01392D882D}\RP67\A0011818.exe -> Trojan.Small : No action taken. ::Report end Logfile of HijackThis v1.99.1Scan saved at 22:01:11, on 11.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Logitech\iTouch\iTouch.exe C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Fellesfiler\{48B23721-07CA-1044-0810-06070606002f}\Update.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\uTorrent\utorrent.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Opera\Opera.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\VideoLAN\VLC\vlc.exe C:\Documents and Settings\Sindre \Skrivebord\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...B_PVER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FELLES~1\{38B23~2\Bar888.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [frsvabb.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\frsvabb.dll,mhomdtd O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\utorrent.exe" O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O18 - Protocol: bw+0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programfiler\Fellesfiler\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {BACDC053-904E-4FF9-B51C-D854FA408EBB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe Desktop Messenger ble jeg ikke kvitt. Endret 12. desember 2006 av Slettet+891234 Lenke til kommentar
norbat Skrevet 11. desember 2006 Del Skrevet 11. desember 2006 Last ned og kjør Combofix Kjør HJT og fix: O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FELLES~1\{38B23~2\Bar888.dll O4 - HKLM\..\Run: [frsvabb.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\frsvabb.dll,mhomdtd Ang. Logitech Desktop messenger - fikk du avinstallert den fra legg til/fjern programmer? Hvis ikke, avinstaller det og deretter fjern tidligere nevnte 018-linjer vha. HJT. Legg ut en ny HJT-logg samt loggen fra Combofix. Lenke til kommentar
Gjest Slettet+891234 Skrevet 11. desember 2006 Del Skrevet 11. desember 2006 (endret) Sindre - 06-12-11 22:56:50,00 Service Pack 2ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Sindre \Skrivebord" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Programfiler\Fellesfiler\{38B23721-07CA-1044-0810-06070606002f} C:\Programfiler\Fellesfiler\{38B23721-07CB-1044-0810-06070606002f} C:\Programfiler\Fellesfiler\{48B23721-07CB-1044-0810-06070606002f} C:\Programfiler\Fellesfiler\{48B23721-07CA-1044-0810-06070606002f} ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\QooBox\Purity\WINDOWS\system32\ASKS~1 ((((((((((((((((((((((((((((((( Files Created from 2006-11-11 to 2006-12-11 )))))))))))))))))))))))))))))))))) 2006-12-11 22:57 42,516 --a------ C:\WINDOWS\system32\emddcako.dll 2006-12-11 22:54 88,340 --a------ C:\WINDOWS\system32\ptxuauih.exe 2006-12-11 22:54 126,996 --a------ C:\WINDOWS\system32\dfngbaaj.dll 2006-12-11 21:59 <DIR> dr-h----- C:\Documents and Settings\Sindre \Siste 2006-12-11 21:23 126,996 --a------ C:\WINDOWS\system32\xuahdsct.dll 2006-12-11 21:19 93,696 --a------ C:\WINDOWS\system32\frsvabb.dll 2006-12-11 21:19 71,680 --a------ C:\WINDOWS\system32\viyjhai.dll 2006-12-11 20:37 88,340 --a------ C:\WINDOWS\system32\drlypwfn.exe 2006-12-11 20:37 126,996 --a------ C:\WINDOWS\system32\layeroxk.dll 2006-12-11 20:37 <DIR> d-------- C:\Programfiler\VSAdd-in 2006-12-10 23:31 <DIR> d-------- C:\Programfiler\Windows Live Safety Center 2006-12-10 23:18 90,164 ---hs---- C:\WINDOWS\system32\mlljg.dll 2006-12-10 22:56 <DIR> d-------- C:\Documents and Settings\Sindre \DoctorWeb 2006-12-10 20:54 90,164 ---hs---- C:\WINDOWS\system32\mlljj.dll 2006-12-10 20:52 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2006-12-10 20:52 <DIR> d-------- C:\Programfiler\Grisoft 2006-12-10 20:25 <DIR> d-------- C:\WINDOWS\network diagnostic 2006-12-10 20:23 <DIR> d-------- C:\b663a584ecb71c621b892fd5c08490 2006-12-10 19:15 24,576 --a------ C:\WINDOWS\system32\STKIT432.DLL 2006-12-10 19:15 <DIR> d-------- C:\Programfiler\Registry Mechanic 2006-12-10 19:05 <DIR> d-------- C:\Programfiler\xerox 2006-12-10 18:26 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe 2006-12-10 18:13 <DIR> d-------- C:\Programfiler\Spybot - Search & Destroy 2006-12-10 18:13 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2006-12-10 18:06 <DIR> d-------- C:\Documents and Settings\Sindre \.housecall6.6 2006-12-10 18:00 126,996 --a------ C:\WINDOWS\system32\gebpgmic.dll 2006-12-10 15:50 88,340 --a------ C:\WINDOWS\system32\aqmmtruc.exe 2006-12-09 17:29 126,996 --a------ C:\WINDOWS\system32\bsbwpwkd.dll 2006-12-09 17:28 <DIR> d-------- C:\Programfiler\CCleaner 2006-12-09 15:53 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2006-12-09 15:53 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2006-12-09 15:52 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2006-12-09 15:52 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2006-12-09 15:52 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2006-12-09 15:52 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe 2006-12-09 15:52 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2006-12-09 15:52 <DIR> d-------- C:\Programfiler\Alwil Software 2006-12-09 15:48 <DIR> d-------- C:\WINDOWS\Minidump 2006-12-09 15:44 <DIR> d-------- C:\WINDOWS\system32\appmgmt 2006-12-09 15:35 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\Lavasoft 2006-12-09 15:24 <DIR> d--hs---- C:\Config.Msi 2006-12-09 14:25 88,340 --a------ C:\WINDOWS\system32\tothojpn.exe 2006-12-09 14:25 88,340 --a------ C:\WINDOWS\system32\mjdcrqxj.exe 2006-12-09 14:25 598,784 ---hs---- C:\WINDOWS\system32\dcbeg.bak2 2006-12-07 22:48 88,340 --a------ C:\WINDOWS\system32\bqnuencm.exe 2006-12-07 22:48 585,909 ---hs---- C:\WINDOWS\system32\dcbeg.bak1 2006-12-07 22:48 126,996 --a------ C:\WINDOWS\system32\vuwgtxgr.dll 2006-12-07 22:47 276,532 ---hs---- C:\WINDOWS\system32\gebcd.dll 2006-12-07 21:56 19,456 --a------ C:\WINDOWS\system32\winmxw32.dll 2006-12-07 19:46 11,500 --a------ C:\oedyde.exe 2006-12-07 01:38 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\AdobeUM 2006-12-07 01:37 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\Adobe 2006-12-05 17:27 <DIR> d-------- C:\Programfiler\GameSpy Arcade 2006-12-05 17:07 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\vlc 2006-12-05 17:04 <DIR> d-------- C:\Programfiler\VideoLAN 2006-12-05 16:35 <DIR> d-------- C:\Programfiler\Winamp 2006-12-05 15:36 <DIR> d-------- C:\Programfiler\Codemasters 2006-12-04 02:24 94,297 --a------ C:\WINDOWS\system32\SynTPAPI.dll 2006-12-04 02:24 82,012 --a------ C:\WINDOWS\system32\SynCOM.dll 2006-12-04 02:24 81,920 --a------ C:\WINDOWS\system32\SynTPCo2.dll 2006-12-04 02:24 69,721 --a------ C:\WINDOWS\system32\SynTPFcs.dll 2006-12-04 02:24 191,936 --a------ C:\WINDOWS\system32\drivers\SynTP.sys 2006-12-04 02:24 114,688 --a------ C:\WINDOWS\system32\SynCtrl.dll 2006-12-04 02:24 <DIR> d-------- C:\Programfiler\Synaptics 2006-12-03 15:41 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll 2006-12-03 15:41 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2006-12-03 15:41 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll 2006-12-03 15:41 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2006-12-03 15:41 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll 2006-12-03 15:41 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-12-03 15:41 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll 2006-12-03 15:36 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\nView_Profiles 2006-12-03 15:25 <DIR> d-------- C:\Programfiler\Electronic Arts 2006-12-03 15:05 <DIR> d-------- C:\Documents and Settings\Sindre Programdata\uTorrent 2006-12-03 14:37 <DIR> d-------- C:\Programfiler\uTorrent 2006-12-03 02:15 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Windows Genuine Advantage 2006-12-03 02:14 <DIR> d---s---- C:\Documents and Settings\Sindre UserData 2006-12-03 01:57 <DIR> d-------- C:\Programfiler\Google 2006-12-03 01:20 178,408 --a------ C:\WINDOWS\system32\muweb.dll 2006-12-03 01:20 127,720 --a------ C:\WINDOWS\system32\mucltui.dll 2006-12-03 01:15 <DIR> d-------- C:\Programfiler\Microsoft Works 2006-12-03 01:15 <DIR> d-------- C:\Programfiler\Fellesfiler\DESIGNER 2006-12-03 01:14 <DIR> dr-h----- C:\MSOCache 2006-12-03 01:14 <DIR> d-------- C:\WINDOWS\SHELLNEW 2006-12-03 01:14 <DIR> d-------- C:\Programfiler\Microsoft Office 2006-12-03 01:14 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Microsoft Help 2006-12-03 01:02 <DIR> d-------- C:\Programfiler\DAEMON Tools 2006-12-03 00:55 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2006-12-03 00:52 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\Macromedia 2006-12-03 00:47 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe 2006-12-03 00:47 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Adobe 2006-12-03 00:46 <DIR> d-------- C:\Programfiler\Adobe 2006-12-03 00:43 <DIR> d-------- C:\Programfiler\Lavasoft 2006-12-03 00:38 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\Ahead 2006-12-03 00:37 <DIR> d-------- C:\Programfiler\Nero 2006-12-03 00:37 <DIR> d-------- C:\Programfiler\Fellesfiler\Ahead 2006-12-03 00:22 <DIR> d-------- C:\Programfiler\WinRAR 2006-12-03 00:17 <DIR> d-------- C:\Documents and Settings\Sindre \Contacts 2006-12-03 00:15 <DIR> d-------- C:\Programfiler\MSN Messenger 2006-12-03 00:12 <DIR> d-------- C:\Programfiler\MSXML 4.0 2006-12-02 23:55 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy 2006-12-02 23:54 <DIR> d--hs---- C:\WINDOWS\CSC 2006-12-02 23:48 <DIR> d-------- C:\WINDOWS\pss 2006-12-02 23:41 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2006-12-02 23:41 <DIR> d-------- C:\WINDOWS\system32\PreInstall 2006-12-02 23:16 <DIR> d-------- C:\Programfiler\PowerQuest 2006-12-02 23:05 <DIR> d-------- C:\Programfiler\Opera 2006-12-02 23:03 <DIR> d--hs---- C:\RECYCLER 2006-12-02 22:58 81,920 -r------- C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe 2006-12-02 22:57 97,792 --a------ C:\WINDOWS\system32\LGUICOM.DLL 2006-12-02 22:57 70,801 --a------ C:\WINDOWS\system32\drivers\LMouFlt2.Sys 2006-12-02 22:57 51,729 --a------ C:\WINDOWS\system32\drivers\L8042pr2.Sys 2006-12-02 22:57 3,568 --a------ C:\WINDOWS\system32\LMOUSE16.DLL 2006-12-02 22:57 25,505 --a------ C:\WINDOWS\system32\drivers\LHidFlt2.Sys 2006-12-02 22:57 23,375 --a------ C:\WINDOWS\system32\LCoInst.Dll 2006-12-02 22:57 19,968 --------- C:\WINDOWS\LOGI_MWX.EXE 2006-12-02 22:57 16,896 --a------ C:\WINDOWS\system32\LMOUSE32.DLL 2006-12-02 22:57 155,648 --a------ C:\WINDOWS\system32\ifc21.dll 2006-12-02 22:57 152,064 --------- C:\WINDOWS\system32\lmoufrc.dll 2006-12-02 22:57 104,960 --a------ C:\WINDOWS\system32\COMNCTR.DLL 2006-12-02 22:56 54,784 --a------ C:\WINDOWS\system32\MSVCI70.DLL 2006-12-02 22:56 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2006-12-02 22:56 37,887 --a------ C:\WINDOWS\system32\drivers\LHidUsb.sys 2006-12-02 22:56 14,095 --a------ C:\WINDOWS\system32\drivers\LCcfltr.sys 2006-12-02 22:56 12,953 --a------ C:\WINDOWS\system32\drivers\itchfltr.sys 2006-12-02 22:56 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2006-12-02 22:56 <DIR> d-------- C:\Programfiler\Logitech 2006-12-02 22:56 <DIR> d-------- C:\Programfiler\Fellesfiler\Logitech 2006-12-02 22:55 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2006-12-02 22:55 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2006-12-02 22:55 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2006-12-02 22:55 14,720 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2006-12-02 22:44 <DIR> d-------- C:\Programfiler\Trend Micro 2006-12-02 22:33 <DIR> d-------- C:\WINDOWS\SMSC 2006-12-02 22:31 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2006-12-02 22:30 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2006-12-02 22:30 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2006-12-02 22:30 348,160 -ra------ C:\WINDOWS\system32\msvcr71.dll 2006-12-02 22:30 227,840 -ra------ C:\WINDOWS\system32\drivers\usbvm321.sys 2006-12-02 22:30 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2006-12-02 22:30 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2006-12-02 22:30 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2006-12-02 22:30 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2006-12-02 22:30 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2006-12-02 22:29 310,016 -ra------ C:\WINDOWS\system32\drivers\rixdptsk.sys 2006-12-02 22:29 28,672 -ra------ C:\WINDOWS\system32\drivers\rimmptsk.sys 2006-12-02 22:29 16,480 -ra------ C:\WINDOWS\system32\rixdicon.dll 2006-12-02 22:28 90,112 -ra------ C:\WINDOWS\system32\snymsico.dll 2006-12-02 22:28 50,560 -ra------ C:\WINDOWS\system32\drivers\rimsptsk.sys 2006-12-02 22:25 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe 2006-12-02 22:25 45,056 --------- C:\WINDOWS\system32\CleanUp.exe 2006-12-02 22:25 142,848 -ra------ C:\WINDOWS\system32\drivers\ADIHdAud.sys 2006-12-02 22:25 <DIR> d-------- C:\Programfiler\Analog Devices 2006-12-02 22:24 136,832 -ra------ C:\WINDOWS\system32\drivers\m3aux.sys 2006-12-02 22:23 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-12-02 22:19 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups 2006-12-02 22:12 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2006-12-02 22:12 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys 2006-12-02 22:12 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2006-12-02 22:12 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2006-12-02 22:12 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2006-12-02 22:12 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2006-12-02 22:12 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2006-12-02 22:12 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys 2006-12-02 22:12 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2006-12-02 22:12 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2006-12-02 22:12 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2006-12-02 22:10 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2006-12-02 22:10 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2006-12-02 22:10 136,960 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2006-12-02 22:09 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2006-12-02 22:04 <DIR> d-------- C:\Programfiler\Toshiba 2006-12-02 22:03 21,419 --a------ C:\WINDOWS\system32\drivers\AegisP.sys 2006-12-02 22:03 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\Intel 2006-12-02 22:02 561,152 --a------ C:\WINDOWS\system32\NETw3c32.dll 2006-12-02 22:02 2,732,032 --a------ C:\WINDOWS\system32\NETw3r32.dll 2006-12-02 22:02 1,707,776 --a------ C:\WINDOWS\system32\drivers\NETw3x32.sys 2006-12-02 22:02 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2006-12-02 22:02 <DIR> d-------- C:\Programfiler\Intel 2006-12-02 22:02 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Intel 2006-12-02 21:43 5,632 --a------ C:\WINDOWS\system32\drivers\ATKACPI.sys 2006-12-02 21:43 <DIR> d-------- C:\WINDOWS\ATK0100 2006-12-02 21:40 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution 2006-12-02 21:38 78,976 --a------ C:\WINDOWS\system32\drivers\Rtenicxp.sys 2006-12-02 21:38 <DIR> d--h----- C:\Programfiler\InstallShield Installation Information 2006-12-02 21:38 <DIR> d-------- C:\WINDOWS\OPTIONS 2006-12-02 21:30 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe 2006-12-02 21:30 <DIR> d-------- C:\WINDOWS\nview 2006-12-02 21:29 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2006-12-02 21:29 <DIR> d-------- C:\Programfiler\Fellesfiler\InstallShield 2006-12-02 19:45 <DIR> dr-h----- C:\Documents and Settings\Sindre \SendTo 2006-12-02 19:45 <DIR> dr-h----- C:\Documents and Settings\Sindre \Programdata\. 2006-12-02 19:45 <DIR> dr-h----- C:\Documents and Settings\Sindre \Programdata 2006-12-02 19:45 <DIR> dr------- C:\Documents and Settings\Sindre \Start-meny 2006-12-02 19:45 <DIR> dr------- C:\Documents and Settings\Sindre \Favoritter 2006-12-02 19:45 <DIR> d--h----- C:\Programfiler\Uninstall Information 2006-12-02 19:45 <DIR> d--h----- C:\Documents and Settings\Sindre \Skrivere 2006-12-02 19:45 <DIR> d--h----- C:\Documents and Settings\Sindre \Maler 2006-12-02 19:45 <DIR> d--h----- C:\Documents and Settings\Sindre \Lokale innstillinger 2006-12-02 19:45 <DIR> d--h----- C:\Documents and Settings\Sindre \AndrMask 2006-12-02 19:45 <DIR> d---s---- C:\Documents and Settings\Sindre \Programdata\Microsoft 2006-12-02 19:45 <DIR> d---s---- C:\Documents and Settings\Sindre \Cookies 2006-12-02 19:45 <DIR> d-------- C:\Documents and Settings\Sindre \Skrivebord 2006-12-02 19:45 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\Identities 2006-12-02 19:45 <DIR> d-------- C:\Documents and Settings\Sindre \Programdata\.. 2006-12-02 19:45 <DIR> d-------- C:\Documents and Settings\Sindre \.. 2006-12-02 19:45 <DIR> d-------- C:\Documents and Settings\Sindre \. 2006-12-02 19:39 <DIR> d--hs---- C:\System Volume Information 2006-12-02 19:39 <DIR> d--hs---- C:\Recycled 2006-12-02 19:39 <DIR> d---s---- C:\WINDOWS\system32\Microsoft 2006-12-02 19:39 <DIR> d-------- C:\WINDOWS\SoftwareDistribution 2006-12-02 19:39 <DIR> d-------- C:\WINDOWS\Prefetch 2006-12-02 19:34 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2006-12-02 19:34 0 -rahs---- C:\MSDOS.SYS 2006-12-02 19:34 0 -rahs---- C:\IO.SYS 2006-12-02 19:34 0 --a------ C:\CONFIG.SYS 2006-12-02 19:34 0 --a------ C:\AUTOEXEC.BAT 2006-12-02 19:34 <DIR> d-------- C:\WINDOWS\system32\xircom 2006-12-02 19:34 <DIR> d-------- C:\Programfiler\microsoft frontpage 2006-12-02 19:33 <DIR> dr------- C:\WINDOWS\Offline Web Pages 2006-12-02 19:33 <DIR> d--hs---- C:\Documents and Settings\All Users\DRM 2006-12-02 19:33 <DIR> d--h----- C:\Programfiler\WindowsUpdate 2006-12-02 19:33 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files 2006-12-02 19:33 <DIR> d-------- C:\Programfiler\Elektroniske tjenester 2006-12-02 19:32 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2006-12-02 19:32 81,920 --a------ C:\WINDOWS\system32\ils.dll 2006-12-02 19:32 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll 2006-12-02 19:32 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2006-12-02 19:32 73,344 --a------ C:\WINDOWS\system32\drivers\sr.sys 2006-12-02 19:32 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll 2006-12-02 19:32 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2006-12-02 19:32 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-12-02 19:32 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2006-12-02 19:32 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2006-12-02 19:32 64,512 --a------ C:\WINDOWS\system32\acctres.dll 2006-12-02 19:32 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2006-12-02 19:32 47,616 --a------ C:\WINDOWS\system32\inetres.dll 2006-12-02 19:32 465,176 --a------ C:\WINDOWS\system32\wuapi.dll 2006-12-02 19:32 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2006-12-02 19:32 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2006-12-02 19:32 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll 2006-12-02 19:32 41,240 --a------ C:\WINDOWS\system32\wups.dll 2006-12-02 19:32 382,464 --a------ C:\WINDOWS\system32\qmgr.dll 2006-12-02 19:32 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2006-12-02 19:32 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2006-12-02 19:32 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2006-12-02 19:32 29,696 --a------ C:\WINDOWS\system32\safrdm.dll 2006-12-02 19:32 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2006-12-02 19:32 278,528 --a------ C:\WINDOWS\system32\inetcfg.dll 2006-12-02 19:32 275,968 --a------ C:\WINDOWS\system32\mstask.dll 2006-12-02 19:32 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2006-12-02 19:32 240,128 --a------ C:\WINDOWS\system32\srrstr.dll 2006-12-02 19:32 23,040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-12-02 19:32 194,840 --a------ C:\WINDOWS\system32\wuaueng1.dll 2006-12-02 19:32 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll 2006-12-02 19:32 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2006-12-02 19:32 174,360 --a------ C:\WINDOWS\system32\wuauclt1.exe 2006-12-02 19:32 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2006-12-02 19:32 170,496 --a------ C:\WINDOWS\system32\srsvc.dll 2006-12-02 19:32 16,896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-12-02 19:32 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2006-12-02 19:32 128,896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys 2006-12-02 19:32 127,768 --a------ C:\WINDOWS\system32\wucltui.dll 2006-12-02 19:32 124,696 --a------ C:\WINDOWS\system32\wuauclt.exe 2006-12-02 19:32 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2006-12-02 19:32 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2006-12-02 19:32 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2006-12-02 19:32 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2006-12-02 19:32 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2006-12-02 19:32 <DIR> d---s---- C:\WINDOWS\Tasks 2006-12-02 19:32 <DIR> d-------- C:\WINDOWS\system32\Restore 2006-12-02 19:32 <DIR> d-------- C:\WINDOWS\system32\Macromed 2006-12-02 19:32 <DIR> d-------- C:\WINDOWS\system32\DirectX 2006-12-02 19:32 <DIR> d-------- C:\WINDOWS\srchasst 2006-12-02 19:32 <DIR> d-------- C:\Programfiler\Outlook Express 2006-12-02 19:32 <DIR> d-------- C:\Programfiler\NetMeeting 2006-12-02 19:32 <DIR> d-------- C:\Programfiler\Movie Maker 2006-12-02 19:32 <DIR> d-------- C:\Programfiler\Internet Explorer 2006-12-02 19:32 <DIR> d-------- C:\Programfiler\Fellesfiler\Tjenester 2006-12-02 19:32 <DIR> d-------- C:\Programfiler\Fellesfiler\System 2006-12-02 19:32 <DIR> d-------- C:\Programfiler\Fellesfiler\MSSoap 2006-12-02 19:31 97,792 --a------ C:\WINDOWS\system32\comrepl.dll 2006-12-02 19:31 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll 2006-12-02 19:31 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2006-12-02 19:31 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll 2006-12-02 19:31 9,728 --a------ C:\WINDOWS\system32\reset.exe 2006-12-02 19:31 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2006-12-02 19:31 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2006-12-02 19:31 80,384 --a------ C:\WINDOWS\system32\charmap.exe 2006-12-02 19:31 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2006-12-02 19:31 67,072 --a------ C:\WINDOWS\system32\rdshost.exe 2006-12-02 19:31 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2006-12-02 19:31 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll 2006-12-02 19:31 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe 2006-12-02 19:31 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2006-12-02 19:31 60,928 --a------ C:\WINDOWS\system32\remotepg.dll 2006-12-02 19:31 60,416 --a------ C:\WINDOWS\system32\colbact.dll 2006-12-02 19:31 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2006-12-02 19:31 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2006-12-02 19:31 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2006-12-02 19:31 56,832 --a------ C:\WINDOWS\system32\sol.exe 2006-12-02 19:31 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2006-12-02 19:31 55,296 --a------ C:\WINDOWS\system32\freecell.exe 2006-12-02 19:31 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2006-12-02 19:31 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2006-12-02 19:31 538,624 --a------ C:\WINDOWS\system32\spider.exe 2006-12-02 19:31 5,632 --a------ C:\WINDOWS\system32\write.exe 2006-12-02 19:31 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2006-12-02 19:31 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll 2006-12-02 19:31 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2006-12-02 19:31 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2006-12-02 19:31 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll 2006-12-02 19:31 408,064 --a------ C:\WINDOWS\system32\mstsc.exe 2006-12-02 19:31 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2006-12-02 19:31 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2006-12-02 19:31 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2006-12-02 19:31 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2006-12-02 19:31 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2006-12-02 19:31 348,672 --a------ C:\WINDOWS\system32\hypertrm.dll 2006-12-02 19:31 344,064 --a------ C:\WINDOWS\system32\mspaint.exe 2006-12-02 19:31 33,792 --a------ C:\WINDOWS\system32\regini.exe 2006-12-02 19:31 294,912 --a------ C:\WINDOWS\system32\termsrv.dll 2006-12-02 19:31 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2006-12-02 19:31 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2006-12-02 19:31 228,864 --a------ C:\WINDOWS\system32\avtapi.dll 2006-12-02 19:31 225,792 --a------ C:\WINDOWS\system32\catsrv.dll 2006-12-02 19:31 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2006-12-02 19:31 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2006-12-02 19:31 20,992 --a------ C:\WINDOWS\system32\msg.exe 2006-12-02 19:31 20,480 --a------ C:\WINDOWS\system32\qprocess.exe 2006-12-02 19:31 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2006-12-02 19:31 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2006-12-02 19:31 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2006-12-02 19:31 186,368 --a------ C:\WINDOWS\system32\cmprops.dll 2006-12-02 19:31 185,344 --a------ C:\WINDOWS\system32\accwiz.exe 2006-12-02 19:31 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2006-12-02 19:31 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll 2006-12-02 19:31 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2006-12-02 19:31 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe 2006-12-02 19:31 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2006-12-02 19:31 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2006-12-02 19:31 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe 2006-12-02 19:31 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2006-12-02 19:31 15,360 --a------ C:\WINDOWS\system32\logoff.exe 2006-12-02 19:31 147,968 --a------ C:\WINDOWS\system32\rdchost.dll 2006-12-02 19:31 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2006-12-02 19:31 140,288 --a------ C:\WINDOWS\system32\sessmgr.exe 2006-12-02 19:31 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe 2006-12-02 19:31 14,848 --a------ C:\WINDOWS\system32\tscon.exe 2006-12-02 19:31 14,848 --a------ C:\WINDOWS\system32\shadow.exe 2006-12-02 19:31 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2006-12-02 19:31 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2006-12-02 19:31 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe 2006-12-02 19:31 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2006-12-02 19:31 127,488 --a------ C:\WINDOWS\system32\mshearts.exe 2006-12-02 19:31 123,392 --a------ C:\WINDOWS\system32\mplay32.exe 2006-12-02 19:31 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2006-12-02 19:31 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2006-12-02 19:31 114,688 --a------ C:\WINDOWS\system32\calc.exe 2006-12-02 19:31 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2006-12-02 19:31 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2006-12-02 19:31 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2006-12-02 19:31 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe 2006-12-02 19:31 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2006-12-02 19:31 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd 2006-12-02 19:31 <DIR> d-------- C:\WINDOWS\system32\MsDtc 2006-12-02 19:31 <DIR> d-------- C:\WINDOWS\system32\Com 2006-12-02 19:31 <DIR> d-------- C:\WINDOWS\Registration 2006-12-02 19:31 <DIR> d-------- C:\Programfiler\Windows NT 2006-12-02 19:31 <DIR> d-------- C:\Programfiler\Windows Media Player 2006-12-02 19:31 <DIR> d-------- C:\Programfiler\MSN Gaming Zone 2006-12-02 19:31 <DIR> d-------- C:\Programfiler\Messenger 2006-12-02 19:31 <DIR> d-------- C:\Programfiler\ComPlus Applications 2006-12-02 19:29 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2006-12-02 19:28 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys 2006-12-02 19:28 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys 2006-12-02 19:28 8,192 --a------ C:\WINDOWS\system32\wshirda.dll 2006-12-02 19:28 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2006-12-02 19:28 57,344 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2006-12-02 19:28 48,128 --a------ C:\WINDOWS\system32\drivers\smcirda.sys 2006-12-02 19:28 27,136 --a------ C:\WINDOWS\system32\irmon.dll 2006-12-02 19:28 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys 2006-12-02 19:28 152,576 --a------ C:\WINDOWS\system32\irftp.exe 2006-12-02 19:28 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys 2006-12-02 19:28 14,080 --a------ C:\WINDOWS\system32\drivers\battc.sys 2006-12-02 19:27 74,240 --a------ C:\WINDOWS\system32\usbui.dll 2006-12-02 19:26 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2006-12-02 19:26 9,008 --a------ C:\WINDOWS\system\VER.DLL 2006-12-02 19:26 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll 2006-12-02 19:26 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL 2006-12-02 19:26 8,704 --a------ C:\WINDOWS\system32\batt.dll 2006-12-02 19:26 74,752 --a------ C:\WINDOWS\system32\storprop.dll 2006-12-02 19:26 69,824 --a------ C:\WINDOWS\system\AVICAP.DLL 2006-12-02 19:26 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE 2006-12-02 19:26 68,976 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2006-12-02 19:26 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2006-12-02 19:26 33,072 --a------ C:\WINDOWS\system\COMMDLG.DLL 2006-12-02 19:26 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2006-12-02 19:26 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2006-12-02 19:26 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2006-12-02 19:26 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2006-12-02 19:26 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2006-12-02 19:26 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2006-12-02 19:26 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2006-12-02 19:26 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2006-12-02 19:26 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2006-12-02 19:26 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2006-12-02 19:26 <DIR> dr-h----- C:\Documents and Settings\All Users\Programdata\. 2006-12-02 19:26 <DIR> dr-h----- C:\Documents and Settings\All Users\Programdata 2006-12-02 19:26 <DIR> dr------- C:\Programfiler\Fellesfiler\.. 2006-12-02 19:26 <DIR> dr------- C:\Programfiler\. 2006-12-02 19:26 <DIR> dr------- C:\Programfiler 2006-12-02 19:26 <DIR> dr------- C:\Documents and Settings\All Users\Start-meny 2006-12-02 19:26 <DIR> dr------- C:\Documents and Settings\All Users\Dokumenter 2006-12-02 19:26 <DIR> d--hs---- C:\WINDOWS\Installer 2006-12-02 19:26 <DIR> d--hs---- C:\Programfiler\.. 2006-12-02 19:26 <DIR> d--h----- C:\Documents and Settings\All Users\Maler 2006-12-02 19:26 <DIR> d---s---- C:\Documents and Settings\All Users\Programdata\Microsoft 2006-12-02 19:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot2 2006-12-02 19:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot 2006-12-02 19:26 <DIR> d-------- C:\Programfiler\Fellesfiler\SpeechEngines 2006-12-02 19:26 <DIR> d-------- C:\Programfiler\Fellesfiler\ODBC 2006-12-02 19:26 <DIR> d-------- C:\Programfiler\Fellesfiler\Microsoft Shared 2006-12-02 19:26 <DIR> d-------- C:\Programfiler\Fellesfiler\. 2006-12-02 19:26 <DIR> d-------- C:\Programfiler\Fellesfiler 2006-12-02 19:26 <DIR> d-------- C:\Documents and Settings\All Users\Skrivebord 2006-12-02 19:26 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\.. 2006-12-02 19:26 <DIR> d-------- C:\Documents and Settings\All Users\Favoritter 2006-12-02 19:26 <DIR> d-------- C:\Documents and Settings\All Users\.. 2006-12-02 19:26 <DIR> d-------- C:\Documents and Settings\All Users\. 2006-12-02 19:26 <DIR> d-------- C:\Documents and Settings 2006-12-02 19:25 <DIR> d-------- C:\VALUEADD 2006-12-02 19:25 <DIR> d-------- C:\SUPPORT 2006-12-02 19:22 <DIR> dr-hs---- C:\WINDOWS\system32\dllcache 2006-12-02 19:22 <DIR> dr--s---- C:\WINDOWS\Fonts 2006-12-02 19:22 <DIR> dr------- C:\WINDOWS\Web 2006-12-02 19:22 <DIR> d-a------ C:\WINDOWS\system32\drivers\.. 2006-12-02 19:22 <DIR> d-a------ C:\WINDOWS\system32\. 2006-12-02 19:22 <DIR> d-a------ C:\WINDOWS\system32 2006-12-02 19:22 <DIR> d--hs---- C:\WINDOWS\.. 2006-12-02 19:22 <DIR> d--h----- C:\WINDOWS\inf 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\WinSxS 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\twain_32 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Temp 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\wins 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\wbem 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\usmt 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\spool 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\ShellExt 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\Setup 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\ras 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\oobe 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\npp 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\mui 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\inetsrv 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\IME 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\icsxml 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\ias 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\export 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\drivers\etc 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\drivers\. 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\drivers 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\dhcp 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\config 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\3com_dmi 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\3076 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\2052 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1054 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1044 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1042 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1041 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1037 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1033 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1031 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1028 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\1025 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system32\.. 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system\.. 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system\. 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\system 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\security 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Resources 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\repair 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Provisioning 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\PeerNet 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\pchealth 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\mui 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\msapps 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\msagent 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Media 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\java 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\ime 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Help 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\ehome 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Driver Cache 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Debug 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Cursors 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Connection Wizard 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\Config 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\AppPatch 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\addins 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS\. 2006-12-02 19:22 <DIR> d-------- C:\WINDOWS (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) Rootkit driver pe386 is present. A rootkit scan is required (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Programfiler\\MSN Messenger\\MsnMsgr.Exe\" /background" "µTorrent"="\"C:\\Programfiler\\uTorrent\\utorrent.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit" "HControl"="C:\\WINDOWS\\ATK0100\\HControl.exe" "IntelZeroConfig"="\"C:\\Programfiler\\Intel\\Wireless\\bin\\ZCfgSvc.exe\"" "IntelWireless"="\"C:\\Programfiler\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless" "Snarvei til egenskapsside for High Definition Audio"="HDAShCut.exe" "zBrowser Launcher"="C:\\Programfiler\\Logitech\\iTouch\\iTouch.exe" "Logitech Utility"="Logi_MwX.Exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Programfiler\\Google\\Gmail Notifier\\gnotify.exe" "SynTPEnh"="C:\\Programfiler\\Synaptics\\SynTP\\SynTPEnh.exe" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "!AVG Anti-Spyware"="\"C:\\Programfiler\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" "frsvabb.dll"="C:\\WINDOWS\\system32\\rundll32.exe C:\\WINDOWS\\system32\\frsvabb.dll,mhomdtd" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Min gjeldende hjemmeside" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,ff,00,00,00,00,00,00,00,01,04,00,00,e4,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,66,03,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,66,03,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" "{9B0C7A02-A17A-4C81-BD7D-30A622701C36}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "ERSvc"=dword:00000002 "PolicyAgent"=dword:00000002 "Themes"=dword:00000002 "W32Time"=dword:00000002 HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebcd HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifghed HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljjjhgh HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winmxw32 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Completion time: 06-12-11 23:00:04.28 C:\ComboFix.txt ... 06-12-11 23:00 Logfile of HijackThis v1.99.1Scan saved at 23:04:19, on 11.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Logitech\iTouch\iTouch.exe C:\Programfiler\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Opera\Opera.exe C:\Documents and Settings\Sindre \Skrivebord\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...B_PVER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\utorrent.exe" O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe Endret 12. desember 2006 av Slettet+891234 Lenke til kommentar
norbat Skrevet 11. desember 2006 Del Skrevet 11. desember 2006 Vi skal se om vi får has på en evt. Rootkit'n Last ned Rustbfix på skrivebordet og kjør programmet. Programmet vil føre til at pc'n restarter noen ganger. Den vil lage 1 evt. 2 logger. Post denne/disse loggene sammen med en ny HJT-logg Lenke til kommentar
Gjest Slettet+891234 Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 ************************* Rustock.b-fix -- By ejvindh *************************12.12.2006 0:58:28,40 ******************* Pre-run Status of system ******************* Rootkit driver PE386 is found. Starting the unload-procedure.... Examine the Avenger-logfile in order to assess the success of the unload-procedure Rustock.b-ADS attached to the System32-folder: :lzx32.sys 68968 Total size: 68968 bytes. Attempting to remove ADS... system32: deleted 68968 bytes in 1 streams. ******************* Post-run Status of system ******************* Rustock.b-driver on the system: NONE! Rustock.b-ADS attached to the System32-folder: No streams found. ******************************* End of Logfile ******************************** Logfile of The Avenger version 1, by Swandog46Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\ym^lugqk ******************* Script file located at: \??\C:\WINDOWS\system32\ghjxeejw.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Driver PE386 unloaded successfully. Program C:\Rustbfix\2run.bat successfully set up to run once on reboot. Completed script processing. ******************* Finished! Terminate. Lenke til kommentar
norbat Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 Det er ønskelig med en ny HJT-logg (før du kjører programmet, forandrer du hijackthis.exe til noe annet, eks. test.exe) Lenke til kommentar
Gjest Slettet+891234 Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 (endret) Å, beklager! Så ikke at du etterspurte HJT-loggen. Forandret Hijackthis.exe til test.exe. Logfile of HijackThis v1.99.1Scan saved at 14:22:01, on 12.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Logitech\iTouch\iTouch.exe C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Logitech\MouseWare\system\em_exec.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\uTorrent\utorrent.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Opera\Opera.exe C:\Documents and Settings\Sindre \Skrivebord\test.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...B_PVER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {7411F8BA-29A3-3216-9DE7-024AC0AAB9F6} - C:\WINDOWS\system32\viyjhai.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FELLES~1\{38B23~2\Bar888.dll (file missing) O2 - BHO: (no name) - {EE99F702-3C72-4315-B16D-66EA82DC2EF5} - C:\WINDOWS\system32\gebcd.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\utorrent.exe" O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: gebcd - C:\WINDOWS\system32\gebcd.dll O20 - Winlogon Notify: iifghed - iifghed.dll (file missing) O20 - Winlogon Notify: ljjjhgh - ljjjhgh.dll (file missing) O20 - Winlogon Notify: winmxw32 - C:\WINDOWS\SYSTEM32\winmxw32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe Endret 12. desember 2006 av Slettet+891234 Lenke til kommentar
norbat Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 Last ned Vundofix og kjør programmet. Last ned SAS, installer og oppdater (vent med å kjøre programmet) Sørg for at du ser skjulte filer og mapper (kontrollpanel->mappealt.->vis->"vis skjulte filer og mapper" Kjør HJT og fix: O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - (no file) O2 - BHO: (no name) - {7411F8BA-29A3-3216-9DE7-024AC0AAB9F6} - C:\WINDOWS\system32\viyjhai.dll O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FELLES~1\{38B23~2\Bar888.dll (file missing) O2 - BHO: (no name) - {EE99F702-3C72-4315-B16D-66EA82DC2EF5} - C:\WINDOWS\system32\gebcd.dll O20 - Winlogon Notify: gebcd - C:\WINDOWS\system32\gebcd.dll O20 - Winlogon Notify: iifghed - iifghed.dll (file missing) O20 - Winlogon Notify: ljjjhgh - ljjjhgh.dll (file missing) O20 - Winlogon Notify: winmxw32 - C:\WINDOWS\SYSTEM32\winmxw32.dll Restart i sikker modus (tapp f8 under oppstart) Bruk utforsker til å finne og slette (i bold): C:\WINDOWS\system32\viyjhai.dll C:\WINDOWS\system32\gebcd.dll C:\WINDOWS\SYSTEM32\winmxw32.dll Kjør en complete scan med SAS Restart i normal modus Post en ny HJT-logg sammen med loggen fra SAS (preferences->statistics/logs) Lenke til kommentar
Gjest Slettet+891234 Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 (endret) Logfile of HijackThis v1.99.1Scan saved at 17:07:57, on 12.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Logitech\iTouch\iTouch.exe C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\MouseWare\system\em_exec.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Opera\Opera.exe C:\Documents and Settings\Sindre \Skrivebord\test.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...B_PVER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe SUPERAntiSpyware Scan LogGenerated 12/12/2006 at 04:16 PM Application Version : 3.4.1000 Core Rules Database Version : 3146 Trace Rules Database Version: 1162 Scan type : Complete Scan Total Scan Time : 00:06:03 Memory items scanned : 161 Memory threats detected : 1 Registry items scanned : 4257 Registry threats detected : 14 File items scanned : 2064 File threats detected : 4 Trojan.Mezzia/Resident C:\WINDOWS\SYSTEM32\WINMXW32.DLL C:\WINDOWS\SYSTEM32\WINMXW32.DLL Trojan.Downloader-FatB Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\winmxw32 Adware.Tracking Cookie C:\Documents and Settings\Sindre Cookies\sindre @atdmt[1].txt C:\Documents and Settings\Sindre \Cookies\sindre @mediaplex[1].txt Trojan.Unknown Origin HKLM\SOFTWARE\Microsoft\MSSMGR HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV HKLM\SOFTWARE\Microsoft\MSSMGR#SCLIST HKLM\SOFTWARE\Microsoft\MSSMGR#SSLIST HKLM\SOFTWARE\Microsoft\MSSMGR#Data HKLM\SOFTWARE\Microsoft\MSSMGR#LSTV HKLM\SOFTWARE\Microsoft\MSSMGR#MSLIST HKLM\SOFTWARE\Microsoft\MSSMGR#BPTV HKLM\SOFTWARE\Microsoft\MSSMGR#Rid HKLM\SOFTWARE\Microsoft\MSSMGR#LID HKLM\SOFTWARE\Microsoft\MSSMGR#PSTV Trojan.Downloader-DoneDU C:\DOCUMENTS AND SETTINGS\SINDRE \SKRIVEBORD\BACKUPS\BACKUP-20061212-155744-940.DLL Den eneste av .dll-filene uthevet i din forrige post jeg fant, var winmxw32.dll og den lot seg ikke slette. Endret 12. desember 2006 av Slettet+891234 Lenke til kommentar
norbat Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 Ok, HJT viser det ikke mer, men vi kan se om den allikevel ligger der. Last ned Avenger, pakk den ut på skrivebordet. Under "Script file to execute" velg "Input Script Manually". Kopier inn følgende (i bold): C:\WINDOWS\SYSTEM32\winmxw32.dll Klikk på trafikklyset for å kjøre programmet Kopier c:\avenger.txt og legg den her sammen med en ny HJT-logg Lenke til kommentar
Gjest Slettet+891234 Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 (endret) ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Error: selected file does not appear to be a valid script. Error code: 0 Logfile of HijackThis v1.99.1Scan saved at 18:15:43, on 12.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Logitech\iTouch\iTouch.exe C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\MouseWare\system\em_exec.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Opera\Opera.exe C:\Documents and Settings\Sindre \Skrivebord\test.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...B_PVER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe Endret 12. desember 2006 av Slettet+891234 Lenke til kommentar
norbat Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 Denne loggen så da rimelig pen ut Det kan være en ide å slå av systemgjenopprettingen, restarte og slå den på igjen (kontrollpanel->system->systemgjenoppretting) Hvordan kjører forøvrig pc'n? Lenke til kommentar
Gjest Slettet+891234 Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 Først: Tusen takk for hjelpen, norbat. Flott at du tok deg tid. Systemgjenoppretting har jeg nå skrudd av, en forglemmelse etter installasjonen. Nå kjører PC-en fint etter mine begreper. 888toolbar var utrolig krevende å bli kvitt, må seriøst overveie å lage meg et ryddig og fint image for bruk hvis noe tilsvarende skulle skje igjen (selv om det ikke skulle være noen grunner for det ). Lenke til kommentar
norbat Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 888toolbar var vel det minste problemet. De andre infeksjonene du hadde var langt værre Lenke til kommentar
Gjest Slettet+891234 Skrevet 12. desember 2006 Del Skrevet 12. desember 2006 (endret) Ja, forsto at det dreide seg om en "totalpakke". Ja til skuddpremie på programmererne av slikt. Endret 12. desember 2006 av Slettet+891234 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå