Featured Skrevet 17. januar 2007 Del Skrevet 17. januar 2007 Maskinen min har i det siste begynt å gå en del saktere. IE forsøkte også å åpne en nettside, uten min tillatelse da jeg skrudde på IE (dette ble stoppet av brannmuren). Har sjekka m Norman antivirus, ad-aware, AVG anti-spyware og spyware terminator uten at dette har hjulpet på problemene. Har laget en log med "hijack this", det hadde vært veldig fint hvis noen kunne se igjennom den! På forhånd takk! Logfile of HijackThis v1.99.1 Scan saved at 00:17:54, on 16.01.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\System32\1XConfig.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\System32\CTSvcCDA.EXE C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programfiler\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe C:\Programfiler\norman\NPF\NPFSVICE.EXE C:\Programfiler\norman\bin\ZANDA.EXE C:\WINDOWS\System32\RegSrvc.exe C:\Programfiler\Dantz\Retrospect\retrorun.exe C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe C:\Programfiler\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\BCMSMMSG.exe C:\Programfiler\Apoint\Apoint.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\WINDOWS\system32\WDBtnMgr.exe C:\Programfiler\norman\bin\ZLH.EXE C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe C:\Programfiler\Logitech\SetPoint\kem.exe C:\Programfiler\norman\Nvc\BIN\NVCSCHED.EXE C:\Programfiler\norman\NPF\NPFMSG.EXE C:\Programfiler\norman\Nvc\BIN\NIP.EXE C:\PROGRAMFILER\LOGITECH\SETPOINT\KHALMNPR.EXE C:\Programfiler\Apoint\Apntex.exe C:\Programfiler\norman\Nvc\BIN\nipsvc.exe C:\WINDOWS\System32\wbem\wmiprvse.exe C:\Programfiler\norman\bin\NJEEVES.EXE C:\Programfiler\norman\Nvc\bin\nvcoas.exe C:\WINDOWS\System32\alg.exe C:\Programfiler\norman\Nvc\bin\cclaw.exe C:\WINDOWS\System32\wbem\wmiprvse.exe C:\Programfiler\Java\jre1.5.0_08\bin\jucheck.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\hijack_this\test.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aho.no/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - Default URLSearchHook is missing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programfiler\TEXTware\QUICKfind\PlugIns\IEHelp.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\System32\ZCfgSvc.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programfiler\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [Norman ZANDA] C:\Programfiler\norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [RegistryMechanic] C:\Programfiler\Registry Mechanic\RegMech.exe /QS O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [spywareTerminator] "C:\Programfiler\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Programfiler\Fellesfiler\Autodesk Shared\acstart16.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: NPF Messenger.lnk = ? O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1107770569059 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1152567419613 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - Winlogon Notify: LBTServ - C:\Programfiler\Fellesfiler\Logitech\Bluetooth\lbtserv.dll O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Programfiler\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Programfiler\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programfiler\Intel\NCS\Sync\NetSvc.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Programfiler\norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Programfiler\norman\bin\NJEEVES.EXE O23 - Service: Norman Type-R - Unknown owner - C:\Programfiler\norman\NPF\NPFSVICE.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Programfiler\norman\bin\ZANDA.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Programfiler\norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Programfiler\Dantz\Retrospect\retrorun.exe O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programfiler\Spyware Terminator\sp_rsser.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe Lenke til kommentar
norbat Skrevet 17. januar 2007 Del Skrevet 17. januar 2007 Last ned CCleaner og kjør noen ganger rens + saker. (før du renser kan du gå til 'Valg->avansert. Fjern evt. avkryssing framfor "Bare slett midlertidige.........." Kjør HJT og fix: R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) Du kan også oppdatere java (mener siste versjon er 1.5.0_10) Restart pc'n (Du vet ikke hvilken side som nettleseren henter?) Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå