kizzykazz Skrevet 26. mai 2007 Del Skrevet 26. mai 2007 Heisann. En kompis av meg har ein del problem med datan, og her er HJT-loggen: Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 5:47:58 PM, on 26/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Intel\NCS\PROSet\PRONoMgr.exe C:\Programfiler\Analog Devices\SoundMAX\SMax4PNP.exe C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Programfiler\Logitech\iTouch\iTouch.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\Logitech\MouseWare\system\em_exec.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe F:\Programfiler\Antispyware microsoft\gcasDtServ.exe C:\Programfiler\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\winstall.exe C:\Programfiler\ATI Multimedia\RemCtrl\ATIRW.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe W:\creative\Detector\CTDetect.exe C:\Programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Programfiler\SMC\SMC2802W 2.4GHz 54 Mbps Wireless PCI Adapter\Installer\WINXP\SMC11GMonitor.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWSabout.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programfiler\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: (no name) - {2EE8FA61-F88E-4013-A35D-4A684255D663} - C:\WINDOWS\system32\ssqro.dll (file missing) O2 - BHO: (no name) - {3EC7FD41-0746-2BEA-9DB3-FAE1582FDB77} - blank (file missing) O2 - BHO: (no name) - {650408E7-9A98-2FB2-CB8A-E1079CFA43BB} - blank (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {F18F04B0-9CF1-4b93-B004-77A288BEE28B} - C:\WINDOWS\system32\olbqlxtn.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programfiler\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\Program(installfiler)\daemon\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [gcasServ] "F:\Programfiler\Antispyware microsoft\gcasServ.exe" O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ATICCC] "C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvvuk.dll,startup O4 - HKLM\..\Run: [explorer] C:\WINDOWS\system32\winstall.exe O4 - HKCU\..\Run: [ATI Launchpad] "C:\Programfiler\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI Remote Control] C:\Programfiler\ATI Multimedia\RemCtrl\ATIRW.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [Creative Detector] W:\creative\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [updateMgr] "C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [steam] F:\spel\cs 1.6 on andreas\valve\Steam.exe -silent O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEMON.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEMON.EXE O4 - Global Startup: SMC2802W 54Mbps WLAN Monitor.lnk = C:\Programfiler\SMC\SMC2802W 2.4GHz 54 Mbps Wireless PCI Adapter\Installer\WINXP\SMC11GMonitor.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZBzeb032YYNO O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Programfiler\ATI Multimedia\tv\EXPLBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Programfiler\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - W:\i pod\iPod\bin\iPodService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programfiler\Intel\NCS\Sync\NetSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) Om nokon vil sjekke ut denne, så tusen takk Lenke til kommentar
norbat Skrevet 26. mai 2007 Del Skrevet 26. mai 2007 Hei, Det var litt rammel der så gjør følgende: Hent CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Hent SAS, installer, oppdater og kjør en full (Complete) scan. Post deretter en ny HJT-logg + loggen fra SAS (preferences->statistics/logs), så ser vi hva som bør gjøres videre. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå