xclusive_danny Skrevet 1. mai 2007 Del Skrevet 1. mai 2007 (endret) Her er loggen fra HijackThis : Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 21:10:14, on 01.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Java\jre1.5.0_11\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe C:\Programfiler\Analog Devices\Core\smax4pnp.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe C:\Programfiler\DriveCleaner 2006 Free\UDC2006.exe C:\Programfiler\DriveCleaner 2006 Free\udc6cw.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Steam\Steam.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDCountdown.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDPOP3.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDClock.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDMedia.exe C:\Programfiler\ASUS WiFi-AP Solo\RtWLan.exe C:\Programfiler\SEC\MagicTune3.6\GammaTray.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\MessengerDiscovery\MessengerDiscovery Live.exe C:\Programfiler\SEC\Natural Color\NaturalColorLoad.exe C:\Programfiler\Fellesfiler\Logitech\khalshared\KHALMNPR.EXE C:\Programfiler\SEC\MagicTune3.6\MagicTune.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Xfire\xfire.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Windows Media Player\wmplayer.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\MessengerDiscovery\MessengerDiscovery Live.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\HWLAN\Skrivebord\Ny mappe (2)\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cinet.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cinet.no R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Programfiler\Fellesfiler\Logitech\khalshared\KHALMNPR.EXE" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [soundMAX] "C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Programfiler\DriveCleaner 2006 Free\UDC2006.exe" /min O4 - HKLM\..\Run: [udc6cw] "C:\Programfiler\DriveCleaner 2006 Free\udc6cw.exe" -c O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Telefonkatalogen Ring] C:\Programfiler\Telefonkatalogen\Telefonkatalogen Ring\Ring.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O4 - Global Startup: Color Calibration.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: MagicTune 3.6.lnk = ? O4 - Global Startup: NaturalColorLoad.lnk = ? O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\yyt.dll O14 - IERESET.INF: START_PAGE_URL=http://www.cinet.no O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe Setter pris på om noe kan hjelpe meg her. Les også i den andre posten min; https://www.diskusjon.no/index.php?showtopi...2entry8514702 Takker på forhånd. Endret 1. mai 2007 av xclusive_danny Lenke til kommentar
norbat Skrevet 1. mai 2007 Del Skrevet 1. mai 2007 Hent Winsockfix og legg det på skrivebordet. Dette fixet bruker du om du skulle miste nettforbindelsen under rensingen. Se om du får avinstallert fra legg til / fjern programmer: DriveCleaner 2006 Free Last ned SDFix.exe. Pakk ut programmet. Last ned SAS, installer og oppdater. Restart i sikker modus (tapp f8 under oppstart) Kjør RunThis.bat i SDfix-mappa. Det lages en rapport (Report.txt) Kjør en full scan med SAS. Restart i normal modus Post en ny HJT-logg sammen med loggen fra SDfix og SAS (Preferences->statistics/logs) Lenke til kommentar
xclusive_danny Skrevet 1. mai 2007 Forfatter Del Skrevet 1. mai 2007 Ok, takk for svar norbat . Gjør det i morgen så¨kommer jeg med full rapport Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå