larsevenes Skrevet 17. februar 2007 Del Skrevet 17. februar 2007 Har en pc med windows xp (sp 2), norton antivirus som har vært scannet med Ad-aware og search & destroy. Likevel går den tregt som sirup, særlig i oppstarten, men også ellers. Har lest igjennom mye på forumet her, men vil likevel gjerne ha noen med litt mer kunnskap enn meg til å se på denne hijackthis loggen om det kan være noe som burde ordnes. Logfile of HijackThis v1.99.1: Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 00:52:35, on 17.02.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Creative\SBLive\Diagnostics\diagent.exe C:\Programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Programfiler\Eicon\Diva\DiTask.exe C:\Programfiler\Eicon\Diva\Divamon.exe C:\Programfiler\Eicon\Diva\watch.exe C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Windows Defender\MSASCui.exe C:\Programfiler\Fellesfiler\Nokia\NCLTools\NclConf.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/no/nor/gen/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.online.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.no/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [diagent] C:\Programfiler\Creative\SBLive\Diagnostics\diagent.exe startup O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [DiTask.exe] "C:\Programfiler\Eicon\Diva\DiTask.exe" O4 - HKLM\..\Run: [Divamon.exe] "C:\Programfiler\Eicon\Diva\Divamon.exe" O4 - HKLM\..\Run: [Eicon TechnologyLAN_DAEMON] "C:\Programfiler\Eicon\Diva\watch.exe" O4 - HKLM\..\Run: [CGServer] "C:\Programfiler\Eicon\Diva\cgserver.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg_305b.dll" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [Nokia Connection Monitor] "C:\Programfiler\Fellesfiler\Nokia\NCLTools\NclConf.exe" O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg_305b.dll" O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.online.no/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {358DFA15-D48C-4296-8D16-7405F918333B} (OES2Control Class) - http://fronter.com/vestfold/links/fronter_oes2.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200211...meInstaller.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase9602.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.icanal.no/spill/commerce/catalo...es/ExentCtl.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe Lenke til kommentar
norbat Skrevet 17. februar 2007 Del Skrevet 17. februar 2007 (endret) Hei, HHoward Kjør HJT igjen og merk følgende linjer og klikk Fix checked: O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg_305b.dll" O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg_305b.dll" O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200211...meInstaller.exe Sørg for at du kan se skjulte filer og mapper (kontrollpanel->mappealt.->vis->"vis skjulte filer og mapper" Last ned CCleaner, installer programmet Last ned SAS, installer og oppdater. Restart i sikker modus (tapp f8 under oppstart. Velg Sikker modus). Bruk utforsker til å finne og slette (i bold): C:\WINDOWS\System32\sfg_305b.dll Start CCleaner Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Kjør en 'Complete' scan med SAS, slett alt den finner. Restart i normal modus Post en ny HJT-logg sammen med loggen fra SAS (preferences -> statistics/logs) Endret 17. februar 2007 av norbat Lenke til kommentar
larsevenes Skrevet 17. februar 2007 Forfatter Del Skrevet 17. februar 2007 (endret) Takk for hjelp så langt. Da var HJT kjørt igjen og de bestemte linjene fikset. Jeg fant ikke filen "sfg_305b.dll" på denne plaseringen C:\WINDOWS\System32\sfg_305b.dll. Fant derimot tre andre sfg...dll-filer som jeg ikke gjorde noe med. (sfg2c7a.dll, sfg696c.dll, sfg_77c8.dll). Ccleaner er kjørt i sikker modus. SAS er kjørt i sikker modus. Her følger den nye loggen for HJT og SAS. Logfile of HijackThis v1.99.1 Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1 Scan saved at 14:48:31, on 17.02.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Programfiler\Eicon\Diva\DiTask.exe C:\Programfiler\Eicon\Diva\Divamon.exe C:\Programfiler\Eicon\Diva\watch.exe C:\Programfiler\Creative\SBLive\Diagnostics\diagent.exe C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Windows Defender\MSASCui.exe C:\Programfiler\Fellesfiler\Nokia\NCLTools\NclConf.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programfiler\hijackthis\HijackThis.exe C:\Programfiler\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/no/nor/gen/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.online.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.no/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [diagent] C:\Programfiler\Creative\SBLive\Diagnostics\diagent.exe startup O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [DiTask.exe] "C:\Programfiler\Eicon\Diva\DiTask.exe" O4 - HKLM\..\Run: [Divamon.exe] "C:\Programfiler\Eicon\Diva\Divamon.exe" O4 - HKLM\..\Run: [Eicon TechnologyLAN_DAEMON] "C:\Programfiler\Eicon\Diva\watch.exe" O4 - HKLM\..\Run: [CGServer] "C:\Programfiler\Eicon\Diva\cgserver.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [Nokia Connection Monitor] "C:\Programfiler\Fellesfiler\Nokia\NCLTools\NclConf.exe" O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.online.no/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {358DFA15-D48C-4296-8D16-7405F918333B} (OES2Control Class) - http://fronter.com/vestfold/links/fronter_oes2.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase9602.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.icanal.no/spill/commerce/catalo...es/ExentCtl.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe SUPERAntiSpyware Scan Log Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan LogGenerated 02/17/2007 at 03:47 PM Application Version : 3.5.1016 Core Rules Database Version : 3184 Trace Rules Database Version: 1194 Scan type : Complete Scan Total Scan Time : 00:55:45 Memory items scanned : 498 Memory threats detected : 0 Registry items scanned : 5948 Registry threats detected : 0 File items scanned : 50412 File threats detected : 38 Adware.Tracking Cookie C:\Documents and Settings\anonym\Cookies\anonym@1071009974[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][2].txt C:\Documents and Settings\anonym\Cookies\[email protected][2].txt C:\Documents and Settings\anonym\Cookies\anonym@doubleclick[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][2].txt C:\Documents and Settings\anonym\Cookies\[email protected][2].txt C:\Documents and Settings\anonym\Cookies\[email protected][2].txt C:\Documents and Settings\anonym\Cookies\anonym@xiti[1].txt C:\Documents and Settings\anonym\Cookies\anonym@superstats[1].txt C:\Documents and Settings\anonym\Cookies\anonym@mediamax[2].txt C:\Documents and Settings\anonym\Cookies\anonym@s[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\anonym@partners[1].txt C:\Documents and Settings\anonym\Cookies\anonym@serviceswitching[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][2].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\anonym@belnk[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\anonym@resaweb[1].txt C:\Documents and Settings\anonym\Cookies\anonym@cgi-bin[2].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\anonym@mb[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\anonym@1072524168[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt C:\Documents and Settings\anonym\Cookies\anonym@europcar[1].txt C:\Documents and Settings\anonym\Cookies\anonym@europcar-com[1].txt C:\Documents and Settings\anonym\Cookies\anonym@1071193322[1].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt Adware.SafeGuardProtect C:\SYSTEM VOLUME INFORMATION\_RESTORE{2A9C6254-3BD0-4F37-BD86-1CDFD44D33E7}\RP1038\A0116882.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{2A9C6254-3BD0-4F37-BD86-1CDFD44D33E7}\RP1038\A0116883.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{2A9C6254-3BD0-4F37-BD86-1CDFD44D33E7}\RP1038\A0116884.DLL Mulig den SAS scannen ble kjørt i vanlig modus og ikke sikker modus. Jeg får ta en ny scan av den når jeg har tid. SAS LOGG KJØRT I SIKKER MODUS: Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan LogGenerated 02/17/2007 at 05:04 PM Application Version : 3.5.1016 Core Rules Database Version : 3165 Trace Rules Database Version: 1176 Scan type : Complete Scan Total Scan Time : 01:02:17 Memory items scanned : 185 Memory threats detected : 0 Registry items scanned : 5943 Registry threats detected : 0 File items scanned : 50228 File threats detected : 2 Adware.Tracking Cookie C:\Documents and Settings\anonym\Cookies\[email protected][2].txt C:\Documents and Settings\anonym\Cookies\[email protected][1].txt Men hva sier du til loggene nå? Endret 17. februar 2007 av HHoward Lenke til kommentar
norbat Skrevet 17. februar 2007 Del Skrevet 17. februar 2007 Loggen er ren Filene sfg_****.dll er rester etter PCShield og kan godt slettes. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av .....", restart pc, fjern merket igjen for å aktivere funksjonen. Etterpå lager du deg et gjenopprettingspunkt manuelt Tilbehør->systemverktøy->systemgjenoppretting . Velg å opprette et nytt. Navgi det og klikk opprett. Det kan også være lurt å sette på "skjul filer og mapper" igjen slik at man ikke ved en miss sletter noen viktige systemfiler. Hvordan kjører forøvrig pc'n? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå