jojo123 Skrevet 25. januar 2007 Del Skrevet 25. januar 2007 Logfile of HijackThis v1.99.1 Scan saved at 17:08:13, on 25.01.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe C:\Programfiler\Norton AntiVirus\navapsvc.exe C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Razer\Copperhead\razerhid.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Logitech\Video\LogiTray.exe C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\QuickTime\qttask.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Razer\Copperhead\razerofa.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\MSI\Core Center\CoreCenter.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\Logitech\Video\FxSvr2.exe C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\Programfiler\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE C:\WINDOWS\system32\svchost.exe C:\Programfiler\Last.fm\LastFM.exe c:\windows\system32\rlvknlg.exe c:\programfiler\winamp\winamp.exe C:\Programfiler\Opera9.10\Opera.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\LimeWire\LimeWire.exe C:\Programfiler\Opera9.10\Opera.exe C:\Programfiler\Microsoft Office\Office10\WINWORD.EXE C:\Documents and Settings\Jonas\Skrivebord\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CvgraphObj Object - {12355F3E-90C3-41AA-8705-15969AF7F210} - C:\WINDOWS\vgraph.dll O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programfiler\NewDotNet\newdotnet7_48.dll O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Mario Forever Toolbar Helper - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Mario Forever Toolbar - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [razer] C:\Programfiler\Razer\Copperhead\razerhid.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.ini" O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: CoreCenter.lnk = C:\Programfiler\MSI\Core Center\CoreCenter.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Privoxy.lnk = C:\Programfiler\Privoxy\privoxy.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe Lenke til kommentar
pedsti Skrevet 25. januar 2007 Del Skrevet 25. januar 2007 endre navn på Hijackthis.exe, noen programmer gjømmer seg fra denne prossensen.. Lenke til kommentar
jojo123 Skrevet 25. januar 2007 Forfatter Del Skrevet 25. januar 2007 Logfile of HijackThis v1.99.1 Scan saved at 18:01:16, on 25.01.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe C:\Programfiler\Norton AntiVirus\navapsvc.exe C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Razer\Copperhead\razerhid.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Logitech\Video\LogiTray.exe C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\QuickTime\qttask.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Razer\Copperhead\razerofa.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\MSI\Core Center\CoreCenter.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\Logitech\Video\FxSvr2.exe C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\Programfiler\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE C:\WINDOWS\system32\svchost.exe C:\Programfiler\Last.fm\LastFM.exe c:\windows\system32\rlvknlg.exe c:\programfiler\winamp\winamp.exe C:\Programfiler\Opera9.10\Opera.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\LimeWire\LimeWire.exe C:\Programfiler\Opera9.10\Opera.exe C:\Programfiler\Microsoft Office\Office10\WINWORD.EXE C:\Documents and Settings\Jonas\Skrivebord\endret navn.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CvgraphObj Object - {12355F3E-90C3-41AA-8705-15969AF7F210} - C:\WINDOWS\vgraph.dll O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programfiler\NewDotNet\newdotnet7_48.dll O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Mario Forever Toolbar Helper - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Mario Forever Toolbar - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [razer] C:\Programfiler\Razer\Copperhead\razerhid.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.ini" O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: CoreCenter.lnk = C:\Programfiler\MSI\Core Center\CoreCenter.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Privoxy.lnk = C:\Programfiler\Privoxy\privoxy.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe Lenke til kommentar
norbat Skrevet 25. januar 2007 Del Skrevet 25. januar 2007 (endret) Hei, Frichassé Du har noen ekle kryp så vi gjør følgende Last ned LSP-fix Kjør programmet. Merk "I know what i'm doing" og klikk rlls.dll filen (i 'Keep' delen) Velg >>-knappen og flytt rlls.dll til Remove delen Klikk Finish-knappen. Fixen kjører, klikk til slutt OK (Hvis fila allerede er i Remove-delen, klikk Finish) Last ned SAS, installer og oppdater. Sørg for at du kan se skjulte filer og mapper (Kontrollpanel->mappealt.->vis->"vis skjulte filer og mapper") Kjør HJT og fix: R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: CvgraphObj Object - {12355F3E-90C3-41AA-8705-15969AF7F210} - C:\WINDOWS\vgraph.dll O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programfiler\NewDotNet\newdotnet7_48.dll O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - (no file) O4 - HKLM\..\Run: [New.net Startup] rundll32 O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe Restart pc'n i sikker modus (tapp f8 under oppstart, velg Sikker modus) Bruk utforsker til å finne og slette (i bold): C:\WINDOWS\system32\Netverchk.exe C:\WINDOWS\system32\BastaYa.exe c:\windows\system32\rlvknlg.exe Kjør deretter en full (complete) scan med SAS Restart i normal modus Post en ny HJT-logg + loggen fra SAS (preferences->statistics/logs) Endret 25. januar 2007 av norbat Lenke til kommentar
jojo123 Skrevet 26. januar 2007 Forfatter Del Skrevet 26. januar 2007 Logfile of HijackThis v1.99.1 Scan saved at 15:51:28, on 26.01.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Razer\Copperhead\razerhid.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programfiler\Logitech\Video\LogiTray.exe C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Razer\Copperhead\razerofa.exe C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe C:\Programfiler\Logitech\Video\FxSvr2.exe C:\Programfiler\MSI\Core Center\CoreCenter.exe C:\WINDOWS\ATKKBService.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe C:\Programfiler\Norton AntiVirus\navapsvc.exe C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\Programfiler\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\System32\svchost.exe C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe c:\programfiler\winamp\winamp.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Last.fm\LastFM.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Jonas\Skrivebord\endret navn.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Mario Forever Toolbar Helper - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Mario Forever Toolbar - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [razer] C:\Programfiler\Razer\Copperhead\razerhid.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.ini" O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: CoreCenter.lnk = C:\Programfiler\MSI\Core Center\CoreCenter.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Privoxy.lnk = C:\Programfiler\Privoxy\privoxy.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\programfiler\bonjour\mdnsnsp.dll' missing O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Programfiler\Bonjour\mDNSResponder.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe SUPERAntiSpyware Scan Log Generated 01/26/2007 at 03:38 PM Application Version : 3.5.1016 Core Rules Database Version : 3172 Trace Rules Database Version: 1182 Scan type : Complete Scan Total Scan Time : 00:41:24 Memory items scanned : 489 Memory threats detected : 1 Registry items scanned : 7279 Registry threats detected : 11 File items scanned : 49208 File threats detected : 69 RelevantKnowledge Spyware Component C:\WINDOWS\SYSTEM32\RLLS.DLL C:\WINDOWS\SYSTEM32\RLLS.DLL SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000026 C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP353\SNAPSHOT\MFEX-1.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP354\SNAPSHOT\MFEX-1.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP355\A0126413.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP355\SNAPSHOT\MFEX-1.DAT C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129466.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129467.DLL Unclassified.Unknown Origin/System C:\WINDOWS\SYSTEM32\WBHLFHVE.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Mantsorn.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Mantsorn.exe#Path C:\WINDOWS\SYSTEM32\SLIMMJFI.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\timerp.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\timerp.exe#Path Adware.Tracking Cookie C:\Documents and Settings\Jonas\Cookies\jonas@adecn[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@indexstats[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@2o7[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@tribalfusion[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@adrevolver[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@indextools[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@clicktorrent[2].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@doubleclick[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@xiti[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@list[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@231213211232321[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@adbrite[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@statcounter[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@zedo[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@advertising[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][2].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@mb[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@admarketplace[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\jonas@mb[4].txt C:\Documents and Settings\Jonas\Cookies\jonas@adrevolver[1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][2].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][2].txt C:\Documents and Settings\Jonas\Cookies\jonas@valueclick[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@adtech[2].txt C:\Documents and Settings\Jonas\Cookies\[email protected][1].txt C:\Documents and Settings\Jonas\Cookies\[email protected][2].txt C:\Documents and Settings\Jonas\Cookies\[email protected][2].txt C:\Documents and Settings\Jonas\Cookies\[email protected][2].txt C:\Documents and Settings\Jonas\Cookies\jonas@mediaplex[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@cgi-bin[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@atwola[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@mb[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@casalemedia[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@yadro[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@fastclick[1].txt C:\Documents and Settings\Jonas\Cookies\jonas@atdmt[2].txt C:\Documents and Settings\Jonas\Cookies\jonas@tradedoubler[2].txt Trojan.NewDotNet HKU\S-1-5-21-1935655697-1801674531-725345543-1003\Software\New.net C:\DOCUMENTS AND SETTINGS\JONAS\SKRIVEBORD\BACKUPS\BACKUP-20070125-221310-340.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129468.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129469.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129470.EXE Adware.Mirar/NetNucleus C:\DOCUMENTS AND SETTINGS\JONAS\LOKALE INNSTILLINGER\TEMP\NNBAR_VCSETUP_876088_LOG.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129471.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129472.DLL Trojan.NewDotNet-Installer C:\DOCUMENTS AND SETTINGS\JONAS\LOKALE INNSTILLINGER\TEMP\SHNT288.EXE Trojan.SearchTool C:\SYSTEM VOLUME INFORMATION\_RESTORE{2D9D9640-20E0-4DA9-84CB-7CF43A6E6CE9}\RP367\A0129473.DLL C:\WINDOWS\SYSTEM32\SEARCHTOOL\NSKA64.DLL Lenke til kommentar
norbat Skrevet 26. januar 2007 Del Skrevet 26. januar 2007 (endret) Loggen er ren. Du kan, om du finner den, slette mappa (i bold): C:\Programfiler\NewDotNet Last ned CCleaner og kjør noen ganger rens (fjerner temp. filer etc.) Det er også lurt å nullstille gjenopprettingsmappa slik at man ikke blir infisert ved en evt. systemgjenoppretting. (Kontrollpanel->system->systemgjenoppretting . Sett hake, restart pc, fjern hake) Etterpå lager du deg et gjenopprettingspunkt manuelt (Tilbehør->systemverktøy->systemgjenoppretting . Velg å opprette et nytt. Navgi det og klikk opprett) Hvordan virker forøvrig pc'n? Endret 26. januar 2007 av norbat Lenke til kommentar
jojo123 Skrevet 26. januar 2007 Forfatter Del Skrevet 26. januar 2007 Hvordan virker forøvrig pc'n? 7803577[/snapback] Da var det gjort. Den er treig. Lenke til kommentar
norbat Skrevet 26. januar 2007 Del Skrevet 26. januar 2007 Gå til Start->Kjør, skriv: sfc /scannow (oppirom mellom sfc og / ). Du trenger winXP cd'n Lenke til kommentar
jojo123 Skrevet 26. januar 2007 Forfatter Del Skrevet 26. januar 2007 Gå til Start->Kjør, skriv: sfc /scannow (oppirom mellom sfc og / ). Du trenger winXP cd'n 7805899[/snapback] Hva gjør det? Lenke til kommentar
norbat Skrevet 26. januar 2007 Del Skrevet 26. januar 2007 (endret) Sjekker / reparerer evt. systemfiler. Du får ikke noen melding om det er fixet noe. Vi kan også prøve en scan til med en 'engangsscanner': DrWeb Last ned programmet Restart i sikker modus Kjør drweb-cureit.exe (si ja til å kjøre en express scan) Når dette er ferdig klikker du på Option -> Change settings. Under fanearket Scan, fjerner du haken ved Heuristic analysis. Under fanearket Actions, skal alle punkt under Malware settes til Rename. Velg partisjon du vil scanne og klikk deretter på den grønne pilen for å starte scanningen. Velg "yes to all" når det finner noe for første gang. Restart deretter i normal modus og post gjerne en ny HJT-logg. Endret 26. januar 2007 av norbat Lenke til kommentar
jojo123 Skrevet 26. januar 2007 Forfatter Del Skrevet 26. januar 2007 Logfile of HijackThis v1.99.1 Scan saved at 23:32:15, on 26.01.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Razer\Copperhead\razerhid.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programfiler\Logitech\Video\LogiTray.exe C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Razer\Copperhead\razerofa.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe C:\Programfiler\MSI\Core Center\CoreCenter.exe C:\Programfiler\Logitech\Video\FxSvr2.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\ATKKBService.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe C:\Programfiler\Norton AntiVirus\navapsvc.exe C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\Programfiler\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Opera9.10\Opera.exe C:\WINDOWS\System32\msiexec.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Jonas\Skrivebord\endret navn.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Mario Forever Toolbar Helper - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Mario Forever Toolbar - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - C:\Programfiler\Mario Forever Toolbar\v3.2.0.0\MarioForever_Toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [razer] C:\Programfiler\Razer\Copperhead\razerhid.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Programfiler\ScanSoft\NaturallySpeaking8\Program\ereg.ini" O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O4 - HKLM\..\RunOnce: [MessengerPlusLiveUninstall] "C:\DOCUME~1\Jonas\LOKALE~1\Temp\MsgPlusUninstall.exe" /Cleanup O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Programfiler\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: CoreCenter.lnk = C:\Programfiler\MSI\Core Center\CoreCenter.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\programfiler\bonjour\mdnsnsp.dll' missing O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Programfiler\Bonjour\mDNSResponder.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe Og pcen er fortsatt treig. Lenke til kommentar
norbat Skrevet 26. januar 2007 Del Skrevet 26. januar 2007 Vi prøver: Last ned SDfix. Pakk ut. Den legger seg antakelig i c:\SDfix Restart i sikker modus Åpne mappa SDfix og kjør RunThis.bat. Følg instruksjonen. Etterpå vil det ligge en logg i mappa, kalt Report.txt. Post den. Lenke til kommentar
jojo123 Skrevet 27. januar 2007 Forfatter Del Skrevet 27. januar 2007 Jeg tok bare og formaterte. Ble så lei av det. Lenke til kommentar
norbat Skrevet 27. januar 2007 Del Skrevet 27. januar 2007 Ja, hvorfor ikke. I mange tilfeller er det også den eneste måten å få en ren og kjapp pc igjen Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå