Hjelp, virus kupper alle anti-virus progr mine

kjea4 · 3. mai 2007

Hjelp, virus kupper alle anti-virus progr mine, har slettet gjennopprettings tidspunkt da maskinen var uinfisert. Har også endret maskinens dato frem i tid til 17 juli 2007 som datoen idag.

Når jeg virus-scanner maskinen så "kupper"(låser) et mulig virus scanningen og jeg får derfor ikke fjernet det.

Legger ved nyttig informasjon om maskinen og HijackThis informasjon om det er noen som er så grei og vil hjelpe meg.

Mvh Kjell

Logfile of HijackThis v1.99.1

Scan saved at 14:39:35, on 02.05.2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe

C:\Programfiler\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

c:\programfiler\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

C:\Programfiler\Sony\Net MD Simple Burner\NetMDSB.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Mozilla Firefox\firefox.exe

C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe

C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wuauclt.exe

C:\DOCUME~1\Eier\LOKALE~1\Temp\Midlertidig mappe 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.overture.com/d/search/p/hp/over..._pre_desk_panel

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - URLSearchHook: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Programfiler\iMesh applications\iMesh MediaBar\MediaBar.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll

O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar2.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll

O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Programfiler\iMesh applications\iMesh MediaBar\MediaBar.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145276187875

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1172527434531

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\programfiler\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: Net MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Programfiler\Sony\Net MD Simple Burner\NetMDSB.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FELLES~1\SONYSH~1\AVLib\Sptisrv.exe

Property Value

Manufacturer Compaq Presario 061

Product Name PL345AA-B1V SR1100ND EL430

Version 0qq0411RE101NEON210

Serial Number CZB4340HF7

Chassis Desktop

Infrared (IR) Supported No

Machine Type AT/AT COMPATIBLE

UUID 0A97D000-F3D3-11D8-B48A-8AE127278698

Disk Space Disk C: 15 GB Available, 71 GB Total, 15 GB Free

Disk D: 524 MB Available, 3352 MB Total, 524 MB Free

Physical Memory 376 MB Total, 65 MB Free

Memory Load 82%

Virtual Memory 716 MB Total, 383 MB Free

PageFile Name \??\C:\pagefile.sys

PageFile Size 372 MB

In use 78 MB

Max used 78 MB

Registry Size 4 MB (current), 54 MB (maximum)

Profile GUID {1d1c70c0-3c6b-11d8-bdcb-806d6172696f}

The system clock interval 15 ms

Warning! Accuracy of DMI data cannot be guaranteed

Property Value

Name Windows XP (Personal) Service Pack 2

Terminal Services in Remote Admin Mode

Uniprocessor Free

Running on the console.

OEM Version

Activation Status Activated

Checked Build No

Boot Device \Device\HarddiskVolume2

System Device \Device\HarddiskVolume2

Kernel Version 5.1.2600.3093

Security 128 bits

Serial Number 55721-OEM-0011903-00106

Product Key MK48G-CG8VJ-BRVBB-38MQ9-3PMFT

Product Name Microsoft Windows XP

Build Lab 2600.xpsp_sp2_gdr.070227-2254

Hardware DEP Available No

DEP for 32 Bits Applications No

DEP for Drivers No

DEP Policy OptIn (only Windows system binaries)

Automatic Updates Automatic (Recommended)

Next Detection Time 2007-05-04 03:40:53

Scheduled Install Every Day @ 3:00 AM

System Restore Enabled

Owner

Organization

Machine GUID dec63ef2-0926-4b98-b56e-6d65780094b7

Workgroup ARBEIDSGRUPPE

Computer Name FIRMANAV-S90BNC

Language Norsk (bokmål)

Installation Time 01/21/2006 18:19:33.781

Boot Time 05/03/2007 17:00:27.500

Running Time 22 minutes 44 seconds

Number of Open Programs 4

Screen Saver Direct3D - flyvende objekter

Wait 10 minutes

Active Desktop Installed

Program Version Date Key

Adobe Flash Player 9 ActiveX 9 ShockwaveFlash

Adobe Reader 7.0.9 - Norsk 7.0.9 2007-02-25 {AC76BA86-7AD7-1044-7B44-A70900000002}

Agere Systems PCI Soft Modem Agere Systems Soft Modem

Apple Software Update 1.0.2.1 2006-11-25 {A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}

ArcSoft Multimedia Email {DD54CF66-090B-43E7-97C1-110EF526474D}

ArcSoft PhotoImpression 5 {FC888095-A35E-4993-A9E0-366BF6F0CCE0}

Audacity 1.2.3 Audacity_is1

avast! Antivirus 4.7 avast!

AVG Anti-Spyware 7.5 AVGAntiSpyware75

Canon i550 CANONBJ_Deinstall_CNMCP49.DLL

CCleaner (remove only) CCleaner

Confidence Online for Web Applications Confidence Online EE

Creative WebCam Center Creative WebCam Center

Creative WebCam Instant Driver (1.00.08.0416) Creative PD0620

Disc2Phone 1.1.0.44 2006-04-15 {5E977DEC-5BB4-44C7-9FE5-9357D2DB4FCB}

DVD Decrypter (Remove Only) DVD Decrypter

GOM Player GOM Player

Google Desktop Search - Google Desktop

Google Toolbar for Internet Explorer {2318C2B1-4965-11d4-9B18-009027A5CD4F}

Guitar Pro 5.2 Guitar Pro 5_is1

High Definition Audio Driver Package - KB835221 20040219.000000 KB835221WXP

HijackThis 1.99.1 1.99.1 HijackThis

Hotfix for Windows Media Format 11 SDK (KB929399) 2007-03-27 KB929399

Hotfix for Windows XP (KB915865) 10 2007-04-17 KB915865

Hotfix for Windows XP (KB926239) 2 2007-01-06 KB926239

HpSdpAppCoreApp 3.00.0000 2004-01-01 {DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}

Hurtigreparasjon for Windows XP (KB914440) 12 2007-04-17 KB914440

Intel® Extreme Graphics Driver {8A708DD8-A5E6-11D4-A706-000629E95E20}

InterVideo WinDVD Creator 2 2.0.14.323 {2FCE4FC5-6930-40E7-A4F1-F862207424EF}

InterVideo WinDVD Player 4.0-B11.412 {98E8A2EF-4EAE-43B8-A172-74842B764777}

iTunes 7.0.2.16 2006-11-25 {446DBFFA-4088-48E3-8932-74316BA4CAE4}

J2SE Runtime Environment 5.0 Update 7 1.5.0.70 2006-06-02 {3248F0A8-6813-11D6-A77B-00B0D0150070}

KBD KBD

LimeWire 4.12.6 4.12.6 LimeWire

Micrografx Windows Draw 6 Limited Edition WindowsDrawLE

Microsoft .NET Framework 1.1 1.1.4322 Microsoft .NET Framework 1.1 (1033)

Microsoft .NET Framework 1.1 Hotfix (KB886903) M886903

Microsoft .NET Framework 1.1 Norwegian Language Pack 1.1.4322 2004-01-01 {3EAC35F4-FF26-4123-9404-0B5B93DAB570}

Microsoft Compression Client Pack 1.0 for Windows XP 1 2007-01-06 MSCompPackV1

Microsoft Internationalized Domain Names Mitigation APIs 2007-04-17 IDNMitigationAPIs

Microsoft National Language Support Downlevel APIs 2007-04-17 NLSDownlevelMapping

Microsoft Office XP Standard 10.0.6626.0 2007-03-29 {91120414-6000-11D3-8CFE-0050048383C9}

Microsoft User-Mode Driver Framework Feature Pack 1.0 2006-09-30 Wudf01000

Microsoft XML Parser 8.0.7820.0 2006-04-07 {C7340571-7773-4A8C-9EBC-4E4243B38C76}

Mozilla Firefox (2.0.0.3) 2.0.0.3 (nb-NO) Mozilla Firefox (2.0.0.3)

MSN Messenger 7.5 7.5.0324.0 2006-05-13 {8295247E-03ED-11DA-BFBD-00065BBDC0B5}

MSN-verktøylinjen MSN Toolbar

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 2006-11-24 {37477865-A3F1-4772-AD43-AAFC6BCFF99F}

Music Visualizer Library 1.4.00 {3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}

Net MD Simple Burner 1.2 {47E09785-B2FB-11D5-B8EE-00B0D0D26B88}

OpenMG Limited Patch 3.2-03-02-21-08 OpenMG HotFix3.2-03-01-16-01

OpenMG Limited Patch 3.2-03-04-17-02 OpenMG HotFix3.2-03-01-16-02

Oppdatering for Windows XP (KB894391) 1 2005-08-12 KB894391

Oppdatering for Windows XP (KB898461) 1 2005-07-04 KB898461

Oppdatering for Windows XP (KB900485) 2 2006-04-25 KB900485

Oppdatering for Windows XP (KB904942) 2 2007-04-17 KB904942

Oppdatering for Windows XP (KB910437) 1 2006-04-19 KB910437

Oppdatering for Windows XP (KB916595) 1 2006-07-21 KB916595

Oppdatering for Windows XP (KB920872) 1 2006-09-14 KB920872

Oppdatering for Windows XP (KB922582) 1 2006-09-14 KB922582

Oppdatering for Windows XP (KB929338) 1 2007-03-27 KB929338

Oppdatering for Windows XP (KB931836) 1 2007-02-16 KB931836

PC On Off Time 1.0 1.0 PC On Off Time 1.0

Presario PC Help Presario PC Help

PS2 PS2

QuickTime 7.1.3.170 2006-11-25 {50D8FFDD-90CD-4859-841F-AA1961C7767A}

RecordNow! 7.10 2006-01-21 {9541FED0-327F-4DF0-8B96-EF57EF622F19}

Shockwave Director 10.1.1 Shockwave

Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB928090) 20070117.120000 2007-04-20 KB928090-IE7

Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB929969) 20061222.120000 2007-04-20 KB929969

Sikkerhetsoppdatering for Windows Media Player (KB911564) 2006-04-19 KB911564

Sikkerhetsoppdatering for Windows Media Player 10 (KB911565) 2006-04-19 KB911565

Sikkerhetsoppdatering for Windows Media Player 10 (KB917734) 2006-06-13 KB917734_WMP10

Sikkerhetsoppdatering for Windows Media Player 6.4 (KB925398) 2006-12-16 KB925398_WMP64

Sikkerhetsoppdatering for Windows XP (KB890046) 1 2005-07-04 KB890046

Sikkerhetsoppdatering for Windows XP (KB893756) 1 2005-08-12 KB893756

Sikkerhetsoppdatering for Windows XP (KB896358) 1 2005-07-04 KB896358

Sikkerhetsoppdatering for Windows XP (KB896422) 1 2005-07-04 KB896422

Sikkerhetsoppdatering for Windows XP (KB896423) 1 2005-08-12 KB896423

Sikkerhetsoppdatering for Windows XP (KB896424) 1 2005-11-11 KB896424

Sikkerhetsoppdatering for Windows XP (KB896428) 1 2005-07-04 KB896428

Sikkerhetsoppdatering for Windows XP (KB899587) 1 2005-08-12 KB899587

Sikkerhetsoppdatering for Windows XP (KB899591) 1 2005-08-12 KB899591

Sikkerhetsoppdatering for Windows XP (KB900725) 1 2005-10-12 KB900725

Sikkerhetsoppdatering for Windows XP (KB901017) 1 2005-10-12 KB901017

Sikkerhetsoppdatering for Windows XP (KB901214) 1 2005-07-14 KB901214

Sikkerhetsoppdatering for Windows XP (KB902400) 1 2005-10-12 KB902400

Sikkerhetsoppdatering for Windows XP (KB904706) 2 2006-04-19 KB904706

Sikkerhetsoppdatering for Windows XP (KB905414) 1 2005-10-12 KB905414

Sikkerhetsoppdatering for Windows XP (KB905749) 1 2005-10-12 KB905749

Sikkerhetsoppdatering for Windows XP (KB908519) 1 2006-04-18 KB908519

Sikkerhetsoppdatering for Windows XP (KB908531) 1 2006-04-19 KB908531

Sikkerhetsoppdatering for Windows XP (KB911280) 1 2006-06-13 KB911280

Sikkerhetsoppdatering for Windows XP (KB911562) 1 2006-04-19 KB911562

Sikkerhetsoppdatering for Windows XP (KB911567) 1 2006-04-18 KB911567

Sikkerhetsoppdatering for Windows XP (KB911927) 1 2006-04-19 KB911927

Sikkerhetsoppdatering for Windows XP (KB912812) 1 2006-04-19 KB912812

Sikkerhetsoppdatering for Windows XP (KB912919) 1 2006-04-19 KB912919

Sikkerhetsoppdatering for Windows XP (KB913446) 1 2006-04-18 KB913446

Sikkerhetsoppdatering for Windows XP (KB913580) 1 2006-05-11 KB913580

Sikkerhetsoppdatering for Windows XP (KB914388) 1 2006-07-21 KB914388

Sikkerhetsoppdatering for Windows XP (KB914389) 1 2006-06-13 KB914389

Sikkerhetsoppdatering for Windows XP (KB916281) 1 2006-06-13 KB916281

Sikkerhetsoppdatering for Windows XP (KB917159) 1 2006-07-21 KB917159

Sikkerhetsoppdatering for Windows XP (KB917344) 1 2006-06-13 KB917344

Sikkerhetsoppdatering for Windows XP (KB917422) 1 2006-08-25 KB917422

Sikkerhetsoppdatering for Windows XP (KB917953) 1 2006-06-13 KB917953

Sikkerhetsoppdatering for Windows XP (KB918118) 1 2007-02-16 KB918118

Sikkerhetsoppdatering for Windows XP (KB918439) 1 2006-06-13 KB918439

Sikkerhetsoppdatering for Windows XP (KB918899) 1 2006-08-25 KB918899

Sikkerhetsoppdatering for Windows XP (KB919007) 1 2006-09-14 KB919007

Sikkerhetsoppdatering for Windows XP (KB920213) 1 2006-11-24 KB920213

Sikkerhetsoppdatering for Windows XP (KB920214) 1 2006-08-25 KB920214

Sikkerhetsoppdatering for Windows XP (KB920670) 1 2006-08-25 KB920670

Sikkerhetsoppdatering for Windows XP (KB920683) 1 2006-08-25 KB920683

Sikkerhetsoppdatering for Windows XP (KB920685) 1 2006-09-14 KB920685

Sikkerhetsoppdatering for Windows XP (KB921398) 1 2006-08-25 KB921398

Sikkerhetsoppdatering for Windows XP (KB921883) 1 2006-08-25 KB921883

Sikkerhetsoppdatering for Windows XP (KB922616) 1 2006-08-25 KB922616

Sikkerhetsoppdatering for Windows XP (KB922760) 1 2006-11-24 KB922760

Sikkerhetsoppdatering for Windows XP (KB922819) 1 2006-10-13 KB922819

Sikkerhetsoppdatering for Windows XP (KB923191) 1 2006-10-13 KB923191

Sikkerhetsoppdatering for Windows XP (KB923414) 1 2006-10-13 KB923414

Sikkerhetsoppdatering for Windows XP (KB923694) 1 2006-12-16 KB923694

Sikkerhetsoppdatering for Windows XP (KB923980) 1 2006-11-24 KB923980

Sikkerhetsoppdatering for Windows XP (KB924191) 1 2006-10-13 KB924191

Sikkerhetsoppdatering for Windows XP (KB924270) 1 2006-11-24 KB924270

Sikkerhetsoppdatering for Windows XP (KB924496) 1 2006-10-13 KB924496

Sikkerhetsoppdatering for Windows XP (KB924667) 1 2007-02-16 KB924667

Sikkerhetsoppdatering for Windows XP (KB925454) 1 2006-12-16 KB925454

Sikkerhetsoppdatering for Windows XP (KB925486) 1 2006-09-27 KB925486

Sikkerhetsoppdatering for Windows XP (KB925902) 1 2007-04-05 KB925902

Sikkerhetsoppdatering for Windows XP (KB926255) 1 2006-12-16 KB926255

Sikkerhetsoppdatering for Windows XP (KB926436) 1 2007-02-16 KB926436

Sikkerhetsoppdatering for Windows XP (KB927779) 1 2007-02-16 KB927779

Sikkerhetsoppdatering for Windows XP (KB927802) 1 2007-02-16 KB927802

Sikkerhetsoppdatering for Windows XP (KB928090) 1 2007-02-16 KB928090

Sikkerhetsoppdatering for Windows XP (KB928255) 1 2007-02-16 KB928255

Sikkerhetsoppdatering for Windows XP (KB928843) 1 2007-02-16 KB928843

Sikkerhetsoppdatering for Windows XP (KB930178) 1 2007-04-13 KB930178

Sikkerhetsoppdatering for Windows XP (KB931261) 1 2007-04-13 KB931261

Sikkerhetsoppdatering for Windows XP (KB931784) 1 2007-04-13 KB931784

Sikkerhetsoppdatering for Windows XP (KB932168) 1 2007-04-17 KB932168

SIW 1.68 1.68.626 2007-05-03 {95D3658E-D526-4891-822D-B2A6C3DED9CE}

Sonic Update Manager 2.9 2006-01-21 {09DA4F91-2A09-4232-AB8C-6BC740096DE3}

SonicStage 1.5.53 {71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}

Sony Ericsson PC Suite 1.20.173 1.20.173 2006-08-07 {C5ADA65A-7828-4D85-B071-ECC52B51F794}

TweakNow RegCleaner Standard v2.6.5 TweakNow RegCleaner Standard_is1

Update Service 2.6.11.7 Update Service

VideoLAN VLC media player 0.8.5 0.8.5 VLC media player

WebFldrs XP 9.50.6513 2004-01-01 {350C9414-3D7C-4EE8-BAA9-00BCB3D54227}

WG111v2 Configuration Utility 1.00 2006-05-26 {E0F252A6-DE85-4E93-A93B-DFC3537B3965}

Windows Defender 1.1.1593.14 2007-04-20 {A06275F4-324B-4E85-95E6-87B2CD729401}

Windows Genuine Advantage Notifications (KB905474) 1.7.0017.0 2006-10-04 WgaNotify

Windows Genuine Advantage Validation Tool (KB892130) 1.5.0530.0 2006-04-17 WGA

Windows Installer 3.1 (KB893803) 3.1 KB893803v2

Windows Internet Explorer 7 20061107.210142 2007-04-17 ie7

Windows Media Format 11 runtime Windows Media Format Runtime

Windows Media Player 11 Windows Media Player

Windows XP hurtigreparasjon - KB873339 20041117.092459 KB873339

Windows XP hurtigreparasjon - KB883667 20040812.104353 KB883667

Windows XP hurtigreparasjon - KB885250 20050118.202711 KB885250

Windows XP hurtigreparasjon - KB885626 20040909.122822 KB885626

Windows XP hurtigreparasjon - KB885835 20041027.181713 KB885835

Windows XP hurtigreparasjon - KB885836 20041028.173203 KB885836

Windows XP hurtigreparasjon - KB885884 20040924.025457 KB885884

Windows XP hurtigreparasjon - KB886185 20041021.090540 KB886185

Windows XP hurtigreparasjon - KB887472 20041014.162858 KB887472

Windows XP hurtigreparasjon - KB887742 20041103.095002 KB887742

Windows XP hurtigreparasjon - KB888113 20041116.131036 KB888113

Windows XP hurtigreparasjon - KB888302 20041207.111426 KB888302

Windows XP hurtigreparasjon - KB890859 1 2005-04-17 KB890859

Windows XP hurtigreparasjon - KB891781 20050110.165439 KB891781

Windows XP Service Pack 2 20040803.231316 Windows XP Service Pack

Property Value

Number of CPU(s) One Physical Processor / One Core / One Logical Processor

Vendor GenuineIntel

CPU Full Name Intel Celeron D

CPU Name Intel® Celeron® CPU 2.80GHz

CPU Code Name Prescott-256K

Technology 0.09µ

Platform Name Socket 478

Type Original OEM processor

FSB Mode QDR

Platform ID 2

Microcode ID 0B

Type ID 0

CPU Clock 2839.40

System Bus Clock 540.84

System Clock 135.21

Multiplier 21.00

Original Clock 2800.00

Original Bus Clock 533.33

Original System Clock 133.33

Original Multiplier 21.00

Overclock 1.41%

L2 Cache Speed 2839.40 MHz

L2 Cache Speed Full

CPU Family / Model / Stepping F / 3 / 3

Family Extended 00

HyperThreading 1

L1 T-Cache 12 KµOps

L1 D-Cache 16 KB

L2 Cache 256 KB

RDMSR 00000000 00000000 15110715 00000000

MMX Yes

SSE Yes

SSE2 Yes

SSE3 Yes

SSSE3 No

DualCore No

HyperThreading No

IA-64 No

Intel 64 (EM64T) No

XD No

VT No

SpeedStep No

Architecture x86

norbat · 3. mai 2007

Last ned DrWeb og legg det på skrivebordet.

Last ned SAS (free edition), installer og oppdater.

Restart i sikker modus (tapp F8 under oppstart)

Kjør drweb-cureit.exe (si ja til å kjøre en express scan)

Når dette er ferdig klikker du på Option -> Change settings.

Under fanearket Scan, fjerner du haken ved Heuristic analysis.

Under fanearket Actions, skal alle punkt under Malware settes til Rename.

Velg partisjon du vil scanne og klikk deretter på den grønne pilen for

å starte scanningen. Velg "yes to all" når det finner noe for første gang.

Kjør deretter en full scan med SAS

Restart i normal tilstand

Post en ny HJT-logg + loggen fra SAS (preferences->statistics/logs).

kjea4 · 8. mai 2007

Last ned DrWeb og legg det på skrivebordet.

Last ned SAS (free edition), installer og oppdater.

Restart i sikker modus (tapp F8 under oppstart)

Kjør drweb-cureit.exe (si ja til å kjøre en express scan)

Når dette er ferdig klikker du på Option -> Change settings.

Under fanearket Scan, fjerner du haken ved Heuristic analysis.

Under fanearket Actions, skal alle punkt under Malware settes til Rename.

Velg partisjon du vil scanne og klikk deretter på den grønne pilen for

å starte scanningen. Velg "yes to all" når det finner noe for første gang.

Kjør deretter en full scan med SAS

Restart i normal tilstand

Post en ny HJT-logg + loggen fra SAS (preferences->statistics/logs).

8530202[/snapback]

HEI NORBAT, TAKKER SÅ MYE FOR HJELPEN. DET HAR HJULPET NOE,MEN ER NOK IKKE HELT KVITT VIRUS ENDA(OM IKKE DET ER NOE ANNET DA). HAR INSTALLERT NORTON ANTIVIRUS 2007 ETTER MYE OM OG MEN OG KJØRT FULL SCANNING OG PR. IDAG FINNER DEN INTET. MEN STADIG FÅR JEG MELDINGEN OM AT NOE HAR SKJEDD OG EXPLORER MÅ LUKKES. TEKN MELDINER DERFRA GÅR STADIG PÅ C:DOCUME/EIER/LOKALE/TEMP97A5_APPCOMPAT.TXT OG LIGNENDE(KOMMER OPP NÅR JEG VIL SØKE ETTER FILER PÅ EGEN DATAMASKIN). MIN SISTE LOGFILE SER SLIK UT OM DU VIL HJELPE MEG VIDERE. TAKKER FOR UTMERKET HJELP SÅ LANGT:- )

Logfile of HijackThis v1.99.1

Scan saved at 21:34:32, on 07.05.2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe

c:\programfiler\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\DOCUME~1\Eier\LOKALE~1\Temp\Midlertidig mappe 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.overture.com/d/search/p/hp/over..._pre_desk_panel

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - URLSearchHook: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar2.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Programfiler\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"