kan noen sjekke loggen min?

[hernil]

legger ut en logg her, pc'en er litt treig + at jeg har hatt noen virus før etc.

hadde vært fint hvis noen gadd å sjekke den! (min første Hijackthis logg

*rørende øyeblikk*)

Klikk for å se/fjerne innholdet nedenfor

Logfile of HijackThis v1.99.1

Scan saved at 11:30:02, on 28.12.2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe

C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\Programfiler\Norton Internet Security\ISSVC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\Logitech\Video\CameraAssistant.exe

C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe

C:\WINDOWS\system32\ElkCtrl.exe

C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe

C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe

C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Programfiler\Dell\QuickSet\quickset.exe

C:\WINDOWS\system32\lvcomsx.exe

C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Programfiler\Apoint\Apoint.exe

C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe

C:\Programfiler\Apoint\Apntex.exe

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Prog telecharger\MouseTrack\MouseTrack.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Programfiler\Digital Line Detect\DLG.exe

C:\Programfiler\Logitech\SetPoint\KEM.exe

C:\Programfiler\Logitech\SetPoint\KHALMNPR.EXE

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Programfiler\Mozilla Firefox\firefox.exe

C:\Programfiler\MyPhoneExplorer\MyPhoneExplorer.exe

C:\Documents and Settings\nils herde\Skrivebord\HijackThis.exe

C:\Programfiler\Messenger\msmsgs.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.n3sport.no/Organisation.asp?Org...50&CatId=602055

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.18.44.220:8099

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Patch] C:\WINDOWS\Patch.exe /nomsg

O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bMT] C:\Prog telecharger\MouseTrack\MouseTrack.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Konverter koblingsmål til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter koblingsmål til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter valgte koblinger til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Konverter valgte koblinger til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Konverterer utvalg til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverterer utvalg til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktank...ownloadCtrl.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O18 - Protocol: bw+0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {910214BE-2E10-4BE6-A008-2BFB1D2A74C8} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: IntelWireless - C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Abel - Unknown owner - E:\Pogrammer\Cain\Abel.exe (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Pacsptisvr.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Sptisrv.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

Endret 30. desember 2006 av hernil

[norbat]

Avinstaller fra legg til/fjern programmer:

Logitech desktop messenger

 

Kjør HJT og fix:

Alle O18 - Protocol: bw (de med logitech desktop messenger)

 

Last ned CCleaner, installer og kjør en rens.

 

Last ned SAS, installer, oppdater og kjør en complete scan.

 

Legg deretter ut en ny HJT-logg (forandre hijackthis.exe til noe annet, eks. test.exe før du kjører programmet) + loggen fra SAS (preferences->statistics/logs)

Endret 28. desember 2006 av norbat

[hernil]

hvorfor avinstallere logitech desktop messenger?

[norbat]

Vel, Logitech (m. flere) bruker BackWeb for å informere/sjekke om/etter oppdateringer etc. Dette er ikke spyware, men kan bli det. Derfor, om dette ikke er noe man må ha kjørende på pc'n (det finnes jo manuelle måter å gjøre ting på), slett det.

[hernil]

ok her kommer det:

 

Hijack this logg:

Klikk for å se/fjerne innholdet nedenfor

Logfile of HijackThis v1.99.1

Scan saved at 20:51:08, on 29.12.2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\Programfiler\Norton Internet Security\ISSVC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\Logitech\Video\CameraAssistant.exe

C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe

C:\WINDOWS\system32\ElkCtrl.exe

C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe

C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe

C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Programfiler\Dell\QuickSet\quickset.exe

C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Programfiler\Apoint\Apoint.exe

C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\lvcomsx.exe

C:\Programfiler\Apoint\Apntex.exe

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Prog telecharger\MouseTrack\MouseTrack.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Programfiler\Digital Line Detect\DLG.exe

C:\Programfiler\Logitech\SetPoint\KEM.exe

C:\Programfiler\Logitech\SetPoint\KHALMNPR.EXE

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Programfiler\Logitech\Video\VideoEffectsWatcher.exe

C:\Programfiler\Windows Media Player\wmplayer.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\nils herde\Skrivebord\HT.exe

C:\Programfiler\Messenger\msmsgs.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.n3sport.no/Organisation.asp?Org...50&CatId=602055

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.18.44.220:8099

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Patch] C:\WINDOWS\Patch.exe /nomsg

O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bMT] C:\Prog telecharger\MouseTrack\MouseTrack.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Konverter koblingsmål til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter koblingsmål til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter valgte koblinger til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Konverter valgte koblinger til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Konverterer utvalg til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverterer utvalg til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktank...ownloadCtrl.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: IntelWireless - C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Abel - Unknown owner - E:\Pogrammer\Cain\Abel.exe (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Pacsptisvr.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Sptisrv.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

 

 

SAS logg:

Klikk for å se/fjerne innholdet nedenfor

SUPERAntiSpyware Scan Log

Generated 12/29/2006 at 08:16 PM

 

Application Version : 3.4.1000

 

Core Rules Database Version : 3155

Trace Rules Database Version: 1171

 

Scan type : Complete Scan

Total Scan Time : 00:30:11

 

Memory items scanned : 521

Memory threats detected : 0

Registry items scanned : 6414

Registry threats detected : 0

File items scanned : 27758

File threats detected : 3

 

Adware.Tracking Cookie

C:\Documents and Settings\nils herde\Cookies\nils herde@cgi-bin[2].txt

C:\Documents and Settings\nils herde\Cookies\nils herde@tradedoubler[1].txt

C:\Documents and Settings\nils herde\Cookies\nils herde@casalemedia[1].txt

 

venter i spenning...

[norbat]

Last ned DrWeb

 

Kjør HJT og fix:

O4 - HKLM\..\Run: [Patch] C:\WINDOWS\Patch.exe /nomsg (hvis du ikke bruker Trend micro da det også har en fil med dette navn)

O23 - Service: Abel - Unknown owner - E:\Pogrammer\Cain\Abel.exe (file missing)

 

Sørg for at du kan se skjulte filer og mapper (kontrollpanel->mappealt.->vis->"vis skjulte filer og mapper"

 

Restart i sikker modus (tapp f8 under oppstart)

 

Bruk utforsker til å finne og slette: (i bold)

C:\WINDOWS\Patch.exe (se over)

E:\Pogrammer\Cain\Abel.exe

 

Kjør drweb

-den vil kjøre en expresscan.

-når det er ferdig velger du Options->Change settings.

i fanebladet Scan, fjern merke ved Heuristic analysis.

i fanebladet Actions, forandres punktene under Malware til Rename.

-velg partisjon og kjør en scan

 

Den lager en logg som du godt kan poste sammen med en ny HJT-logg.

Endret 29. desember 2006 av norbat

[hernil]

HJT logg:

Klikk for å se/fjerne innholdet nedenfor

Logfile of HijackThis v1.99.1

Scan saved at 18:05:41, on 30.12.2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\Programfiler\Norton Internet Security\ISSVC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\Logitech\Video\CameraAssistant.exe

C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe

C:\WINDOWS\system32\ElkCtrl.exe

C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe

C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe

C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Programfiler\Dell\QuickSet\quickset.exe

C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Programfiler\Apoint\Apoint.exe

C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\lvcomsx.exe

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Prog telecharger\MouseTrack\MouseTrack.exe

C:\Programfiler\Apoint\Apntex.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Programfiler\Digital Line Detect\DLG.exe

C:\Programfiler\Logitech\SetPoint\KEM.exe

C:\Programfiler\Logitech\SetPoint\KHALMNPR.EXE

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Prog telecharger\drweb\drweb-cureit.exe

C:\DOCUME~1\NILSHE~1\LOKALE~1\Temp\RarSFX1\_start.exe

C:\DOCUME~1\NILSHE~1\LOKALE~1\Temp\RarSFX1\cureit.exe

C:\Programfiler\Mozilla Firefox\firefox.exe

C:\Documents and Settings\nils herde\Skrivebord\HT.exe

C:\Programfiler\Messenger\msmsgs.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.n3sport.no/Organisation.asp?Org...50&CatId=602055

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.18.44.220:8099

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bMT] C:\Prog telecharger\MouseTrack\MouseTrack.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Konverter koblingsmål til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter koblingsmål til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter valgte koblinger til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Konverter valgte koblinger til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Konverterer utvalg til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverterer utvalg til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx

O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktank...ownloadCtrl.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: IntelWireless - C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Pacsptisvr.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Sptisrv.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

 

 

fiksa de to, men jeg fant ikke filene jeg skulle slette...

fant heller ikke DrWeb loggen.

 

takk for all hjelp hittil

[norbat]

Loggen din ser fin ut.

 

Ang. filene du skulle finne i utforsker var det mappa i bold du skulle finne og slette

E:\Pogrammer\Cain\ , ikke fila abel.exe. Min feil.

 

Prøv dette i stedet:

Last ned Avenger, pakk det ut og start programmet.

 

Sett merke i 'Input Script Manually' og klikk på lupen.

 

I vinduet som kommer opp skal du sette inn følgende i bold under (kopier og lim inn) :

 

Files to delete:

C:\WINDOWS\Patch.exe

 

Folders to delete:

E:\Pogrammer\Cain

 

Det er mulig at disse er borte, men kontrollere det gjerne manuelt også (via utforsker). Viktig at du har satt mappealt. til å vise skjulte filer og mapper.

[hernil]

gjør det noe om jeg avinstallerer Dr.Web, SAS og Avenger når jeg er ferdig med å bruke dem?

[norbat]

Nei, du kan selvfølgelig avinstallere dem

[Lars-H]

- Men de er jo greie å ha, i tilfelle det skjer noe senere...

[hernil]

legger til en siste HJT logg og en avenger logg.

venter på godkjennelse av dem

HJT logg:

Klikk for å se/fjerne innholdet nedenfor

Logfile of HijackThis v1.99.1

Scan saved at 12:48:20, on 01.01.2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\Programfiler\Norton Internet Security\ISSVC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\Logitech\Video\CameraAssistant.exe

C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe

C:\WINDOWS\system32\ElkCtrl.exe

C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe

C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe

C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Programfiler\Dell\QuickSet\quickset.exe

C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Programfiler\Apoint\Apoint.exe

C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Prog telecharger\MouseTrack\MouseTrack.exe

C:\Programfiler\Apoint\Apntex.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\WINDOWS\system32\notepad.exe

C:\Programfiler\Digital Line Detect\DLG.exe

C:\WINDOWS\system32\notepad.exe

C:\Programfiler\Logitech\SetPoint\KEM.exe

C:\Programfiler\Logitech\SetPoint\KHALMNPR.EXE

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Programfiler\MyPhoneExplorer\MyPhoneExplorer.exe

C:\Programfiler\Mozilla Firefox\firefox.exe

C:\Programfiler\Messenger\msmsgs.exe

C:\Documents and Settings\nils herde\Skrivebord\HT.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.n3sport.no/Organisation.asp?Org...50&CatId=602055

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.18.44.220:8099

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bMT] C:\Prog telecharger\MouseTrack\MouseTrack.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Konverter koblingsmål til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter koblingsmål til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverter til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konverter valgte koblinger til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Konverter valgte koblinger til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Konverterer utvalg til Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konverterer utvalg til eksisterende PDF-fil - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx

O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktank...ownloadCtrl.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: IntelWireless - C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Pacsptisvr.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\Sptisrv.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

 

 

avenger logg:

Klikk for å se/fjerne innholdet nedenfor

//////////////////////////////////////////

Avenger Pre-Processor log

//////////////////////////////////////////

 

Error: could not create zip file.

Error code: 0

 

 

//////////////////////////////////////////

 

 

Logfile of The Avenger version 1, by Swandog46

Running from registry key:

\Registry\Machine\System\CurrentControlSet\Services\afkaoovk

 

*******************

 

Script file located at: \??\C:\WINDOWS\system32\ytbwcllr.txt

Script file opened successfully.

 

Script file read successfully

 

Backups directory opened successfully at C:\Avenger

 

*******************

 

Beginning to process script file:

 

 

 

File C:\WINDOWS\Patch.exe not found!

Deletion of file C:\WINDOWS\Patch.exe failed!

 

Could not process line:

C:\WINDOWS\Patch.exe

Status: 0xc0000034

 

 

 

Could not open folder E:\Pogrammer\Cain for deletion

Deletion of folder E:\Pogrammer\Cain failed!

 

Could not process line:

E:\Pogrammer\Cain

Status: 0xc000003a

 

 

Completed script processing.

 

*******************

 

Finished! Terminate.//////////////////////////////////////////

 

 

Logfile of The Avenger version 1, by Swandog46

Running from registry key:

\Registry\Machine\System\CurrentControlSet\Services\p^pyhdpa

 

*******************

 

Script file located at: \??\C:\WINDOWS\fxdgdamu.txt

Script file opened successfully.

 

Script file read successfully

 

Backups directory opened successfully at C:\Avenger

 

*******************

 

Beginning to process script file:

 

 

 

File C:\WINDOWS\Patch.exe not found!

Deletion of file C:\WINDOWS\Patch.exe failed!

 

Could not process line:

C:\WINDOWS\Patch.exe

Status: 0xc0000034

 

 

 

Could not open folder E:\Pogrammer\Cain for deletion

Deletion of folder E:\Pogrammer\Cain failed!

 

Could not process line:

E:\Pogrammer\Cain

Status: 0xc000003a

 

 

Completed script processing.

 

*******************

 

Finished! Terminate.

[norbat]

HJT-loggen ser fin ut

 

Det kan være en ide å tømme systemgjenopprettingen slik at ikke 'dårlige' filer blir gjenopprettet ved en evt. systemgjenoppretting.

 

Kontrollpanel->system->systemgjenoppretting.

Sett merke fram for -"slå av ......"

Restart pc'n

Fjern avmerkingen slik at du slår på systemgjenopprettingen igjen.

[hernil]

ok.

 

tusen takk for all hjelp!

[norbat]

Glemte å spørre om hvordan pc'n kjører?

[hernil]

bedre enn før (tror jeg), men fortsatt litt treg i oppstarten (syns jeg).

ved innloggingsvinduet står det litt lenge "velkommen" og etterpå kommer skrivebordet mitt uten ikoner en (god) stund for jeg kan begynne å bruke pc'en.

hva er det som er vanlig innloggingstid/oppstartstid?

[norbat]

Det kommer helt an på hvor mange programmer etc. som skal lastes i starten.

 

Du kan sjekke om pc'n trenger en diskdefragmentering

Tilbehør->systemverktøy->diskdefragmentering.

Endret 2. januar 2007 av norbat

[hernil]

syns bestemt at pc'en starter opp fortere, men defragmenteringa gjorde lite tror jeg.

hadde gjort det for ikke så lenge siden...

 

nok en gang takk for hjelpen