fxwz Skrevet 21. april 2007 Del Skrevet 21. april 2007 (endret) Fulgte norbats guide for å få hjelp til å fjerne eventuelle spywares. Kan hende blåskjermen skyldes hardware feil, men greit å få utelukket ukoselig snusk. Klikk for å se/fjerne innholdet nedenfor HJTlogg: Logfile of HijackThis v1.99.1 Scan saved at 16:43:59, on 21.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE S:\Programmer\UTILITIES\Java\bin\jusched.exe C:\Programfiler\QuickTime\qttask.exe S:\Programmer\Apple\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe S:\Programmer\Internett\MSN Messenger\msnmsgr.exe S:\Programmer\VirusProtection\SAS\SUPERAntiSpyware.exe S:\Programmer\Utilities\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Tor-Arne\Skrivebord\Rens\rens.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - S:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - S:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - S:\Programmer\UTILITIES\Java\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - S:\Programmer\Nedlasting\NetXfer\NXIEHelper.dll O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - S:\Programmer\Nedlasting\NetXfer\NXToolBar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - S:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "S:\Programmer\UTILITIES\Java\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "S:\Programmer\Apple\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "S:\Programmer\Internett\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] S:\Programmer\VirusProtection\SAS\SUPERAntiSpyware.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://S:\PROGRA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - S:\PROGRA~1\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...cat-no-eula.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - S:\Programmer\Yahoo!\Common\yinsthelper.dll O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - S:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing) O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programfiler\Fellesfiler\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - S:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing) O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FELLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - S:\Programmer\VirusProtection\SAS\SASWINLO.dll O20 - Winlogon Notify: WBSrv - S:\PROGRA~1\WINDOW~3\wbsrv.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - S:\Programmer\Utilities\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Messenger Sharing Folders USN Journal Reader-tjeneste (usnjsvc) - Unknown owner - S:\Programmer\MSN Messenger\usnsvc.exe (file missing) Rootchk logg ********************************* ROOTCHK-(20-04-07)-LOG, by ejvindh 21.04.2007 16:44:17,56 The rootkits that are detected by this tool were not found. ********************************* ROOTCHK-LOG-end catchme 0.3.657 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-04-21 16:44:17 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 SASlogg SUPERAntiSpyware Scan Log Generated 04/21/2007 at 03:57 PM Application Version : 3.6.1000 Core Rules Database Version : 3190 Trace Rules Database Version: 1200 Scan type : Complete Scan Total Scan Time : 00:13:48 Memory items scanned : 187 Memory threats detected : 0 Registry items scanned : 4282 Registry threats detected : 0 File items scanned : 26602 File threats detected : 0 Det ser jo egentlig veldig bra ut Takker på forhånd for hjelpen Endret 21. april 2007 av Smallville Lenke til kommentar
norbat Skrevet 21. april 2007 Del Skrevet 21. april 2007 (endret) Loggen er ren Kom blåskjermen før eller etter veiledningen? Hvis det var før: Sjekk om det begynner å bli støvfullt inni pc'n. Trenger ikke å være mer enn det Hvis blåskjermen kom etter veiledningen, så bør vi ta noen ekstrarunder Endret 21. april 2007 av norbat Lenke til kommentar
fxwz Skrevet 21. april 2007 Forfatter Del Skrevet 21. april 2007 (endret) Den kom før veiledningen. Følgende har jeg gjort idag: installert Nokia PC Suite og Nokia Softwareupdater Lastet ned "trial" smartmovie(program for å se film på mobilen) fra limewire Fikk noe feilmelding fra F-prot, som satte filen i karantene. Så tror det ble ordnet. Har forresten avinstallert F-prot nå(gikk ut på dato) Men skal forsøke å støvsuge litt Endret 21. april 2007 av Smallville Lenke til kommentar
Gjest medlem-105082 Skrevet 22. april 2007 Del Skrevet 22. april 2007 Og laste ned trailer fra LimeWire er vel ikke det lureste Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå