tuppetroll Skrevet 18. mars 2007 Del Skrevet 18. mars 2007 Har hatt Avast lenge, men har hatt mistanke om at den ikke har funket så godt. Alt har gått meget tregt her en stund, og Avast har ikke funnet noe feil. Jeg tok dermed noen søk via sånne online spyware søk, som fant masse rart. Deriblant en versjon av Win32. Jeg har forsøkt ørti forskjellige virusfjernere nå, men enten så finner de ikke noe virus, eller så kan de ikke fjerne noe for meg uten å ha ørti dollar for det. Symptomer; Alt går tregt, ting henger seg ofte, internetthastigheten blir sterkt begrenset. Jeg har ikke lastet ned noe som jeg tror kan ha direkte sammenheng med problemene på pcen nå. HijackThis log; Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 19:22:45, on 18.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Norman\Bin\Zanda.exe C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe C:\WINDOWS\system32\sistray.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexStoreSvr.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Helene\Skrivebord\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.f868.mail.yahoo.com/ym/login?.rand=96l0sooo1112b R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] "C:\Programfiler\ASUS\ASUS Live Update\ALU.exe" O4 - HKLM\..\Run: [NB Probe] "C:\Programfiler\ASUS\NB Probe\NBProbe.exe" O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [siSPower] "Rundll32.exe" SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [screenPrint32] C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Programfiler\Opanda\IExif 2.25\IExifMap.htm O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Programfiler\Opanda\IExif 2.25\IExifCom.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.dafont.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D1EA8D3D-F511-4388-B754-4A0CC14A4778} (Aurigma Image Uploader 3.0 Control) - http://eurofoto.no/activex/ImageUploader3.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programfiler\Fellesfiler\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Programfiler\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Programfiler\Spyware Doctor\swdsvc.exe O23 - Service: spmgr - Unknown owner - C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe Noen som kan hjelpe meg?? Lenke til kommentar
norbat Skrevet 18. mars 2007 Del Skrevet 18. mars 2007 Hei, tuppetroll Jeg ber deg om å kjøre gjennom veiledningen (langversjonen) i følgende post: https://www.diskusjon.no/index.php?showtopic=691246, så tar vi det derfra. Lenke til kommentar
tuppetroll Skrevet 18. mars 2007 Forfatter Del Skrevet 18. mars 2007 Tok tid dette gitt.. Programmet fant ikke noe virus, men masse annet tracking cookies og stæsj. Klikk for å se/fjerne innholdet nedenfor ---------------------------------------------------------AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 21:43:57 18.03.2007 + Scan result: :mozilla.363:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.232:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.233:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.28:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.29:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.30:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.31:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.130:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.131:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.172:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.173:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.174:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.175:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.176:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.211:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Clickhype : Cleaned. :mozilla.212:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Clickhype : Cleaned. :mozilla.240:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Com : Cleaned. :mozilla.163:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.256:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.257:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.258:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.259:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.260:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.216:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.217:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.218:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.219:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.220:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.221:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.296:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.153:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.154:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.155:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.156:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.157:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.158:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.159:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.328:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.329:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.355:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.356:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.357:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.237:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.354:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.358:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.352:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned. :mozilla.134:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.135:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.136:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.137:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.138:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.139:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.278:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.53:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.54:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.55:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.56:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.57:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.58:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.59:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.60:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.61:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.62:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.63:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.64:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.65:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.66:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.67:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.68:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.132:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.133:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.46:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.47:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.48:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.49:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.50:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.206:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.128:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.91:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.92:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.93:C:\Documents and Settings\Helene\Programdata\Mozilla\Firefox\Profiles\67eczbe8.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. ::Report end HijackThis (jada, jeg greide å slette i stad - og slettet hele mailboksen min ) Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 22:29:14, on 18.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Norman\Bin\Zanda.exe C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programfiler\ASUS\ASUS Live Update\ALU.exe C:\Programfiler\ASUS\NB Probe\NBProbe.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe C:\WINDOWS\system32\sistray.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Helene\Skrivebord\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.f868.mail.yahoo.com/ym/login?.rand=96l0sooo1112b R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] "C:\Programfiler\ASUS\ASUS Live Update\ALU.exe" O4 - HKLM\..\Run: [NB Probe] "C:\Programfiler\ASUS\NB Probe\NBProbe.exe" O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [siSPower] "Rundll32.exe" SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [screenPrint32] C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Programfiler\Opanda\IExif 2.25\IExifMap.htm O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Programfiler\Opanda\IExif 2.25\IExifCom.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\spyware doctor\filterlsp.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.dafont.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D1EA8D3D-F511-4388-B754-4A0CC14A4778} (Aurigma Image Uploader 3.0 Control) - http://eurofoto.no/activex/ImageUploader3.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programfiler\Fellesfiler\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Programfiler\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Programfiler\Spyware Doctor\swdsvc.exe O23 - Service: spmgr - Unknown owner - C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe Lenke til kommentar
norbat Skrevet 18. mars 2007 Del Skrevet 18. mars 2007 Du kan kjøre HJT, sett merke framfor følgende linjer og klikk 'Fix checked': O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) HJT-loggen ser fin ut Last ned Rootchk til skrivebordet. Kjør programmet. Det tar bare noen sekunder. Det lager en logg som du kan poste om det finner noe. Bruker du Spyware Doctor eller er det en 'demo'? Hvordan kjører forøvrig pc'n? Lenke til kommentar
tuppetroll Skrevet 18. mars 2007 Forfatter Del Skrevet 18. mars 2007 Den fant ikke noe. Søkte med spyware doctor før i dag, men der måtte jeg betale og det gadd jeg ikke. Lastet ned AVG i stad. Hvordan kjører? Lenke til kommentar
johome Skrevet 18. mars 2007 Del Skrevet 18. mars 2007 Kutt ut Avast ! Jeg prøvde programmet for en stund siden. Alt som skjedde var at Pc'en frøs umiddelbart. Jeg klarte heller ikke å avinstallere programmet på vanlig måte , men måtte gjøre det i sikker modus. Bruker nå Avira som funker helt fint. Lenke til kommentar
norbat Skrevet 19. mars 2007 Del Skrevet 19. mars 2007 - i såfall kan du avinstallere Spyware Doctor. Norman antivirus ligger på pc'n din og du bør ikke bruke flere enn ett antivirusprogrammer på pc'n (du nevnte at du laster ned AVG). Er pc'n fortsatt treg ...... Lenke til kommentar
tuppetroll Skrevet 19. mars 2007 Forfatter Del Skrevet 19. mars 2007 - i såfall kan du avinstallere Spyware Doctor. Norman antivirus ligger på pc'n din og du bør ikke bruke flere enn ett antivirusprogrammer på pc'n (du nevnte at du laster ned AVG). Er pc'n fortsatt treg ...... 8185586[/snapback] Norman ligger bare og søker når jeg vil - nå innstallerte jeg Avira, og den fant 2 virus med en gang. Tror jeg dropper Norman da ass.. Det er fortsatt noe som ikke stemmer, men ikke så ille som tidligere. Lenke til kommentar
tuppetroll Skrevet 27. mars 2007 Forfatter Del Skrevet 27. mars 2007 (endret) Jeg sliter fortsatt med dataen - flere programmer samtidig går nesten ikke, og alle høyreklikkfunksjoner, hover osv. i Windows tar et halvt minutt minst, før dukker opp. Jeg har søkt gjennom hele dataen flere ganger, og den finner ikke noe virus. Har derfor kjørt ComboScan søk, og håper noen kan hjelpe. Klikk for å se/fjerne innholdet nedenfor ComboScan v20070306.20 run by Helene on 2007-03-27 at 22:03:57Supplementary logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: Norwegian CPU 0: Mobile AMD Sempron Processor 3000+ Percentage of Memory in Use: 62% Physical Memory (total/avail): 383.36 MiB / 144.02 MiB Pagefile Memory (total/avail): 920.84 MiB / 522.41 MiB Virtual Memory (total/avail): 2047.88 MiB / 1980.48 MiB C: is Fixed (FAT32) - 43.67 GiB total, 9 GiB free. D: is Fixed (FAT32) - 28.97 GiB total, 23.8 GiB free. E: is CDROM (Unformatted) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FirstRunDisabled is set. AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Helene\Programdata CLASSPATH=.;C:\Programfiler\Java\jre1.5.0_06\lib\ext\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Programfiler\Fellesfiler COMPUTERNAME=FIRMANAV-4175B9 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Helene LOGONSERVER=\\FIRMANAV-4175B9 NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Programfiler\Mozilla Firefox;C:\Programfiler\Mozilla Thunderbird\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Programfiler\Fellesfiler\Adobe\AGL;C:\Programfiler\QuickTime\QTSystem\;C:\Programfiler\Microsoft SQL Server\80\Tools\Binn\;C:\Programfiler\Pinnacle\Shared Files;C:\Programfiler\Pinnacle\Shared Files\Filter;C:\Programfiler\Fellesfiler\Ahead\Lib\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 44 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=2c02 ProgramFiles=C:\Programfiler PROMPT=$P$G QTJAVA=C:\Programfiler\Java\jre1.5.0_06\lib\ext\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Helene\LOKALE~1\Temp TMP=C:\DOCUME~1\Helene\LOKALE~1\Temp USERDOMAIN=FIRMANAV-4175B9 USERNAME=Helene USERPROFILE=C:\Documents and Settings\Helene windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Helene (admin) Administrator (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> "C:\Programfiler\InstallShield Installation Information\{F37167DD-4436-4641-90B6-329D60632DDA}\Setup.exe" REMOVEALL --u:{F37167DD-4436-4641-90B6-329D60632DDA} --> C:\Programfiler\DivX\ConverterUninstall.exe /CONVERTER --> C:\Programfiler\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNNMP.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\SETUP.EXE" -l0x14 -uninst --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware SE Plus --> C:\PROGRA~1\NORMAN\NORMAN~1\UNWISE.EXE C:\PROGRA~1\NORMAN\NORMAN~1\INSTALL.LOG Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Illustrator CS2 --> msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601} Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Reader 8 - Norsk --> MsiExec.exe /I{AC76BA86-7AD7-1044-7B44-A80000000000} Adobe Stock Photos 1.0 --> MsiExec.exe /I{BC467935-A9A5-4D0F-BD89-94F36CDF0524} Adobe SVG Viewer 3.0 --> C:\Programfiler\Fellesfiler\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programfiler\Fellesfiler\Adobe\SVG Viewer 3.0\Uninstall\Install.log Asus ChkMail --> C:\WINDOWS\IsUninst.exe -f"C:\Programfiler\Asus\Asus ChkMail\Uninst.isu" ASUS Live Update --> C:\WINDOWS\IsUninst.exe -f"C:\Programfiler\ASUS\ASUS Live Update\Uninst.isu" -c"C:\Programfiler\ASUS\ASUS Live Update\Uninst.dll" ASUS Video Security --> c:\PROGRA~1\FELLES~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{169E414A-37C7-434E-9021-27A03AE087CD} ASUS WLAN Card Utilities/Driver --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{8F722FA9-B994-4C9B-B292-FD32D6206EDF}\SETUP.EXE" -l0x9 ATK0100 ACPI UTILITY --> C:\WINDOWS\ATK0100\XPunin.exe µTorrent --> "C:\Programfiler\uTorrent\uninstall.exe" Avant DVD/DivX Player --> C:\Programfiler\AvantDVDPlayer\unins000.exe AVG Anti-Spyware 7.5 --> C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe AVI Codec Pack --> C:\Programfiler\AVI Codec Pack\uninstall.exe Avira AntiVir PersonalEdition Classic --> C:\Programfiler\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE BisonCam, USB2.0 --> C:\WINDOWS\Bs350u2r.exe BitTorrent 5.0.7 --> "C:\Programfiler\BitTorrent\uninstall.exe" Canon Camera Support Core Library --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5662C158-CA24-4228-BF6C-596FADA08682} /l1033 Canon EOS Kiss_N REBEL_XT 350D WIA Driver --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{33CF7CDF-9805-4500-9CC7-D19D52AD63C4} /x Canon Internet Library for ZoomBrowser EX --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A} Canon PhotoRecord --> MsiExec.exe /X{862983D7-FA08-493E-A9ED-6B7859E069D3} Canon RAW Image Task for ZoomBrowser EX --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED} Canon RemoteCapture Task for ZoomBrowser EX --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA} Canon Utilities Digital Photo Professional 1.6.1 --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{789CF5F1-3326-4B7B-9D01-31047E0F5651} /x Canon Utilities EOS Capture 1.5 --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{589D17BB-C997-48C0-BCD2-CC8DC3375FE8} Canon Utilities PhotoStitch 3.1 --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA} Canon ZoomBrowser EX --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} CCleaner (remove only) --> "C:\Programfiler\CCleaner\uninst.exe" DC++ 0.698 --> "C:\Programfiler\DC++\uninstall.exe" DivX Codec --> C:\Programfiler\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Programfiler\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Programfiler\DivX\ConverterUninstall.exe /CONVERTER DivX Player --> C:\Programfiler\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Programfiler\DivX\DivXWebPlayerUninstall.exe /PLUGIN HijackThis 1.99.1 --> C:\PROGRA~1\HIJACK~1\HijackThis.exe /uninstall Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hurtigreparasjon for Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" J2SE Development Kit 5.0 Update 10 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150100} J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} LEAD H.264 Professional Video Encoder --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{BB196582-C6FA-446D-915D-0B5CAAD59F87}\setup.exe" -l0x9 -removeonly Macromedia Extension Manager --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall Macromedia Flash Player 8 --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe Messenger Plus! Live --> "C:\Programfiler\Messenger Plus! Live\Uninstall.exe" Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9} Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50) --> MsiExec.exe /X{2E5A5B57-57FC-4C79-A239-9DB280ADEC2A} Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mozilla Firefox (2.0.0.2) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe Mozilla Firefox (2.0.0.3) --> C:\Programfiler\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (1.5) --> C:\Programfiler\Mozilla Thunderbird\uninstall\uninstall.exe /ua "1.5 (nb-NO)" NB Probe --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.exe" -l0x9 Nero 7 --> MsiExec.exe /I{FC98FBE9-E931-494C-8717-497185371044} Nero Suite --> C:\Programfiler\Fellesfiler\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID="" Norman Ad-Aware SE Professional --> C:\PROGRA~1\NORMAN\NORMAN~1\UNWISE.EXE C:\PROGRA~1\NORMAN\NORMAN~1\INSTALL.LOG Nvu 1.0 --> "C:\Programfiler\Nvu\unins000.exe" Opanda IExif 2.25 --> "C:\Programfiler\Opanda\IExif 2.25\unins000.exe" Opera 9.10 --> MsiExec.exe /X{750B9AD1-4C63-4143-94C5-6FB304199BAD} Oppdatering for Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Oppdatering for Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" PhotoFilter 1.0 --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{0C127331-DAFB-4797-BAAE-1F3D042030CC}\Setup.exe" PowerISO --> "C:\Programfiler\PowerISO\uninstall.exe" QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} ScreenPrint32 v3.5 --> C:\WINDOWS\st6unst.exe -n "C:\Programfiler\ScreenPrint32 v3\ST6UNST.LOG" Sikkerhetsoppdatering for Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Sikkerhetsoppdatering for Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R,oem3.inf SiSAGP driver --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\SETUP.EXE" -l0x14 SoftV92 Data Fax Modem with SmartCP --> C:\Programfiler\CONEXANT\CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_70131039\HXFSETUP.EXE -U -Iasu1816k.inf Spybot - Search & Destroy 1.4 --> "C:\Programfiler\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver --> rundll32.exe "C:\Programfiler\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Windows Live Messenger --> MsiExec.exe /I{B4C75EAB-B1B8-4120-B9AF-0852EAE4A434} Windows Live Sign-in Assistant --> MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows XP hurtigreparasjon - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB887742 --> C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Windows XP hurtigreparasjon - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Windows XP hurtigreparasjon - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe WinFlash --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9 WinRAR archiver --> C:\Programfiler\WinRAR\uninstall.exe Endret 27. mars 2007 av tuppetroll Lenke til kommentar
norbat Skrevet 27. mars 2007 Del Skrevet 27. mars 2007 Savner en HJT-logg, tuppetroll Lenke til kommentar
tuppetroll Skrevet 27. mars 2007 Forfatter Del Skrevet 27. mars 2007 Her kjem'an, Norbat Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 23:27:23, on 27.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\ASUS\NB Probe\NBProbe.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Norman\Bin\Zanda.exe C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\sistray.exe C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\uTorrent\uTorrent.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Program Files\WS_FTP\WS_FTP95.exe C:\Programfiler\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.f868.mail.yahoo.com/ym/login?.rand=96l0sooo1112b R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] "C:\Programfiler\ASUS\ASUS Live Update\ALU.exe" O4 - HKLM\..\Run: [NB Probe] "C:\Programfiler\ASUS\NB Probe\NBProbe.exe" O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [siSPower] "Rundll32.exe" SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [screenPrint32] C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Programfiler\Opanda\IExif 2.25\IExifMap.htm O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Programfiler\Opanda\IExif 2.25\IExifCom.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.dafont.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D1EA8D3D-F511-4388-B754-4A0CC14A4778} (Aurigma Image Uploader 3.0 Control) - http://eurofoto.no/activex/ImageUploader3.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: spmgr - Unknown owner - C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe Lenke til kommentar
norbat Skrevet 27. mars 2007 Del Skrevet 27. mars 2007 Hvis du har bestemt deg for å bruke AntiVir, avinstallerer du Norman. Når du er ferdig med det, poster du en ny HJT-logg Lenke til kommentar
tuppetroll Skrevet 27. mars 2007 Forfatter Del Skrevet 27. mars 2007 Ifølge dataen min har jeg det ikke installert. Dvs - det ligger i programoversikten under startmenyen, men jeg finner det ikke i "legg til/fjern programmer". Lenke til kommentar
norbat Skrevet 27. mars 2007 Del Skrevet 27. mars 2007 Prøv denne: http://www.norman.com/Support/Knowledge_ba...ion/11640/en-us Lenke til kommentar
tuppetroll Skrevet 27. mars 2007 Forfatter Del Skrevet 27. mars 2007 Logfile of HijackThis v1.99.1 Scan saved at 00:29:14, on 28.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\ASUS\NB Probe\NBProbe.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Norman\Bin\Zanda.exe C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\sistray.exe C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\divxsm.exe C:\Programfiler\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.f868.mail.yahoo.com/ym/login?.rand=96l0sooo1112b R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] "C:\Programfiler\ASUS\ASUS Live Update\ALU.exe" O4 - HKLM\..\Run: [NB Probe] "C:\Programfiler\ASUS\NB Probe\NBProbe.exe" O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [siSPower] "Rundll32.exe" SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [screenPrint32] C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Programfiler\Opanda\IExif 2.25\IExifMap.htm O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Programfiler\Opanda\IExif 2.25\IExifCom.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O10 - Unknown file in Winsock LSP: c:\programfiler\fellesfiler\pc tools\lsp\pctlsp.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.dafont.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D1EA8D3D-F511-4388-B754-4A0CC14A4778} (Aurigma Image Uploader 3.0 Control) - http://eurofoto.no/activex/ImageUploader3.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE (file missing) O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe O23 - Service: spmgr - Unknown owner - C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe Lenke til kommentar
norbat Skrevet 28. mars 2007 Del Skrevet 28. mars 2007 Klikk Start -> Kjør Skriv: services.msc Finn og stopp følgende tjenester: NipSvc (Norman API-hooking helper) Norman NJeeves Norman ZANDA Dobbeltklikk på tjenestene og under oppstartstype velger du: Deaktivert. Kjør HJT, sett merke framfor følgende linjer og klikk 'Fix checked': O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE (file missing) O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe Bruk utforsker og slett (i fet): C:\Norman (mulig du må gjøre dette fra sikker modus) Er denne nettadressen noe du kjenner til: www.dafont.com (ref. 015-linja i hjt-loggen) Bruker du noe software fra pc-tool? (ref. 010- linja i hjt-loggen Lenke til kommentar
tuppetroll Skrevet 28. mars 2007 Forfatter Del Skrevet 28. mars 2007 (endret) Klikk Start -> KjørSkriv: services.msc Finn og stopp følgende tjenester: NipSvc (Norman API-hooking helper) Norman NJeeves Norman ZANDA Dobbeltklikk på tjenestene og under oppstartstype velger du: Deaktivert. Kjør HJT, sett merke framfor følgende linjer og klikk 'Fix checked': O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE (file missing) O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe Bruk utforsker og slett (i fet): C:\Norman (mulig du må gjøre dette fra sikker modus) Er denne nettadressen noe du kjenner til: www.dafont.com (ref. 015-linja i hjt-loggen) Bruker du noe software fra pc-tool? (ref. 010- linja i hjt-loggen 8256720[/snapback] Takk for svar og hjelp Kjører ikke noe software fra pc-tool, men dafont.com kjenner jeg til (en skriftside på nettet). Edit; alle de 3 oppgavene jeg skulle stoppe var allerede stoppet, men ikke fjernet fra tjenestelisten. Endret 28. mars 2007 av tuppetroll Lenke til kommentar
norbat Skrevet 28. mars 2007 Del Skrevet 28. mars 2007 Hent http://www.majorgeeks.com/download4372.html]Winsockfix[/url], og kjør programmet. Pc'n vil restarte. Post deretter en ny HJT-logg og fortell hvordan pc'n fungerer. Lenke til kommentar
tuppetroll Skrevet 28. mars 2007 Forfatter Del Skrevet 28. mars 2007 HijackThis sier nå dette; Logfile of HijackThis v1.99.1 Scan saved at 23:20:02, on 28.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programfiler\ASUS\ASUS Live Update\ALU.exe C:\Programfiler\ASUS\NB Probe\NBProbe.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\Rundll32.exe C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Programfiler\BitTorrent\bittorrent.exe C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\sistray.exe C:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\HijackThis\HijackThis.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.f868.mail.yahoo.com/ym/login?.rand=96l0sooo1112b R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] "C:\Programfiler\ASUS\ASUS Live Update\ALU.exe" O4 - HKLM\..\Run: [NB Probe] "C:\Programfiler\ASUS\NB Probe\NBProbe.exe" O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [siSPower] "Rundll32.exe" SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [screenPrint32] C:\Programfiler\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Programfiler\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programfiler\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Programfiler\Opanda\IExif 2.25\IExifMap.htm O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Programfiler\Opanda\IExif 2.25\IExifCom.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.dafont.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D1EA8D3D-F511-4388-B754-4A0CC14A4778} (Aurigma Image Uploader 3.0 Control) - http://eurofoto.no/activex/ImageUploader3.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe O23 - Service: spmgr - Unknown owner - C:\Programfiler\ASUS\NB Probe\SPM\spmgr.exe Lenke til kommentar
norbat Skrevet 28. mars 2007 Del Skrevet 28. mars 2007 (endret) Klikk Start -> Kjør Skriv eller kopier og lim inn linja under (i fet) i kjør-feltet: sc delete NipSvc ----------------------------------------------------------------------- Loggen din ser forøvrig fin ut. ----------------------------------------------------------------------- Hent (hvis du ikke allerede har programmet) CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Kjør også noen runder med 'Saker' til det ikke finner flere feil (når du får valg om å lage backup av registeret, svarer du nei). ------------------------------------------------------------------------ Du kan nullstille gjenopprettingsmappa Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av .....", restart pc, fjern merket igjen for å aktivere funksjonen. Etterpå lager du deg et gjenopprettingspunkt manuelt Tilbehør->systemverktøy->systemgjenoppretting . Velg å opprette et nytt. Navgi det og klikk opprett. ------------------------------------------------------------------------- Sjekk om pc'n trenger en diskdefragmentering: Tilbehør->systemverktøy->diskdefragmentering . Kjør en analyse og følg anbefalingen. ------------------------------------------------------------------------ FORTELL så hvordan pc'n kjører Endret 28. mars 2007 av norbat Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå