strikkepinne Skrevet 7. juni 2007 Del Skrevet 7. juni 2007 (endret) Loggen min: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 01:59:25, on 07.06.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Video ActiveX Access\iesmn.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\Program Files\Video ActiveX Access\iesmin.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\usbtapnp.exe C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG7\avgwb.dat D:\Documents and Settings\astrid\Desktop\New Folder\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://athome.statoil.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Program Files\Video ActiveX Access\iesplg.dll O3 - Toolbar: Protection Bar - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - C:\Program Files\Video ActiveX Access\iesbpl.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [uSBTA] C:\WINDOWS\system32\usbtapnp.exe O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163514418031 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: auditioned - {44e670f2-d57b-4815-a576-955d17dbbf2d} - C:\WINDOWS\system32\eeuydc.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod-tjeneste (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 11043 bytes Gult ikon med utropstegn står og blinker i hjørnet. Mystisk..... Endret 12. juni 2007 av strikkepinne Lenke til kommentar
norbat Skrevet 7. juni 2007 Del Skrevet 7. juni 2007 Ja, du har en typisk variant, så last ned SAS, installer og oppdater. Kjør en full scan. Post SAS-loggen (preferences->statistics/logs) + en ny HJT-logg, så ser vi hva som er igjen. Lenke til kommentar
strikkepinne Skrevet 7. juni 2007 Forfatter Del Skrevet 7. juni 2007 Tusen takk for hjelp. Det skal jeg gjøre. Lenke til kommentar
nahojdat Skrevet 7. juni 2007 Del Skrevet 7. juni 2007 (endret) Spylocked er ikke det verste å bli kvitt, fjernet den på dama sin maskin for noen dager siden. Et google søk så finner du verktøy til å fjerne spylocked med raskt og effektivt. Endret 7. juni 2007 av nahojdat Lenke til kommentar
Gjest medlem-105082 Skrevet 7. juni 2007 Del Skrevet 7. juni 2007 Det verktøyet tar man etter scannen med SAS, hvis ikke alt er borte. Lenke til kommentar
strikkepinne Skrevet 7. juni 2007 Forfatter Del Skrevet 7. juni 2007 (endret) Heisann. Takk for svar. Her er hijackthis og sas loggen SAS: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 06/07/2007 at 12:09 PM Application Version : 3.8.1002 Core Rules Database Version : 3250 Trace Rules Database Version: 1261 Scan type : Complete Scan Total Scan Time : 00:50:50 Memory items scanned : 537 Memory threats detected : 2 Registry items scanned : 5271 Registry threats detected : 139 File items scanned : 46872 File threats detected : 29 Trojan.Media-Codec/V3 C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESMIN.EXE C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESMIN.EXE C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESMN.EXE C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESMN.EXE [user32.dll] C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESMN.EXE HKLM\Software\Classes\CLSID\{B8C5186E-EC37-4889-9C2E-F73649FFB7BB} HKCR\CLSID\{B8C5186E-EC37-4889-9C2E-F73649FFB7BB} HKCR\CLSID\{B8C5186E-EC37-4889-9C2E-F73649FFB7BB}#xxx HKCR\CLSID\{B8C5186E-EC37-4889-9C2E-F73649FFB7BB}\InprocServer32 HKCR\CLSID\{B8C5186E-EC37-4889-9C2E-F73649FFB7BB}\InprocServer32#ThreadingModel C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESPLG.DLL HKLM\Software\Classes\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF} HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF} HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF} HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\Implemented Categories HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\InprocServer32 HKCR\CLSID\{DF4E7A0C-E233-4906-B4C1-A404356541FF}\InprocServer32#ThreadingModel C:\PROGRAM FILES\VIDEO ACTIVEX ACCESS\IESBPL.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8C5186E-EC37-4889-9C2E-F73649FFB7BB} HKLM\Software\Microsoft\Internet Explorer\Toolbar#{DF4E7A0C-E233-4906-B4C1-A404356541FF} HKCR\CLSID\{B8C5186E-EC37-4889-9C2E-F73649FFB7BB} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar#UninstallString C:\Program Files\Video ActiveX Access\iesbunst.exe C:\Program Files\Video ActiveX Access\iesunst.exe C:\Program Files\Video ActiveX Access\imsunst.exe C:\Program Files\Video ActiveX Access\ot.ico C:\Program Files\Video ActiveX Access\ts.ico C:\Program Files\Video ActiveX Access\uninst.exe C:\Program Files\Video ActiveX Access C:\WINDOWS\Prefetch\IESMN.EXE-15D14ED5.pf C:\WINDOWS\Prefetch\UNINST.EXE-3AE0878A.pf Trojan.Smitfraud Variant HKLM\Software\Classes\CLSID\{44e670f2-d57b-4815-a576-955d17dbbf2d} HKCR\CLSID\{44E670F2-D57B-4815-A576-955D17DBBF2D} HKCR\CLSID\{44E670F2-D57B-4815-A576-955D17DBBF2D}\InProcServer32 HKCR\CLSID\{44E670F2-D57B-4815-A576-955D17DBBF2D}\InProcServer32#ThreadingModel C:\WINDOWS\SYSTEM32\EEUYDC.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{44e670f2-d57b-4815-a576-955d17dbbf2d} Trojan.Security Toolbar D:\Documents and Settings\All Users\Start Menu\Online Security Guide.url D:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url Trojan.Media-Codec HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object#URLInfoAbout HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object#DisplayVersion HKCR\VideoAXObject.Chl HKCR\VideoAXObject.Chl\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#user32.dll [ C:\Program Files\Video ActiveX Access\iesmn.exe ] Malware.SpyLocked HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708} HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\aYApccbzvpl HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\HrgxhBCcr HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\InprocServer32 HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\InprocServer32#ThreadingModel HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\IQxWpprjoam HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\lnuZmLazWY HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\nfQtxWqxeuuHg HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\ProgID HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\quuiohz HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\VersionIndependentProgID HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\VhczDznp HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString HKCR\TypeLib\{9F99FD1A-5C53-4B82-981A-92A0F587D59B} HKCR\TypeLib\{9F99FD1A-5C53-4B82-981A-92A0F587D59B}\1.0 HKCR\TypeLib\{9F99FD1A-5C53-4B82-981A-92A0F587D59B}\1.0\0 HKCR\TypeLib\{9F99FD1A-5C53-4B82-981A-92A0F587D59B}\1.0\0\win32 HKCR\TypeLib\{9F99FD1A-5C53-4B82-981A-92A0F587D59B}\1.0\FLAGS HKCR\TypeLib\{9F99FD1A-5C53-4B82-981A-92A0F587D59B}\1.0\HELPDIR HKCR\Interface\{1D3F4979-14F0-4344-95F9-D019C75ED669} HKCR\Interface\{1D3F4979-14F0-4344-95F9-D019C75ED669}\ProxyStubClsid HKCR\Interface\{1D3F4979-14F0-4344-95F9-D019C75ED669}\ProxyStubClsid32 HKCR\Interface\{1D3F4979-14F0-4344-95F9-D019C75ED669}\TypeLib HKCR\Interface\{1D3F4979-14F0-4344-95F9-D019C75ED669}\TypeLib#Version HKCR\Interface\{1DEAC6D1-27B1-4804-8309-86F80E64D91F} HKCR\Interface\{1DEAC6D1-27B1-4804-8309-86F80E64D91F}\ProxyStubClsid HKCR\Interface\{1DEAC6D1-27B1-4804-8309-86F80E64D91F}\ProxyStubClsid32 HKCR\Interface\{1DEAC6D1-27B1-4804-8309-86F80E64D91F}\TypeLib HKCR\Interface\{1DEAC6D1-27B1-4804-8309-86F80E64D91F}\TypeLib#Version HKCR\Interface\{21EE18CF-E24C-4AD8-A279-C34EEB5F18A9} HKCR\Interface\{21EE18CF-E24C-4AD8-A279-C34EEB5F18A9}\ProxyStubClsid HKCR\Interface\{21EE18CF-E24C-4AD8-A279-C34EEB5F18A9}\ProxyStubClsid32 HKCR\Interface\{21EE18CF-E24C-4AD8-A279-C34EEB5F18A9}\TypeLib HKCR\Interface\{21EE18CF-E24C-4AD8-A279-C34EEB5F18A9}\TypeLib#Version HKCR\Interface\{22489F95-AA2E-4DFE-A00C-4F5D0DFDAFD6} HKCR\Interface\{22489F95-AA2E-4DFE-A00C-4F5D0DFDAFD6}\ProxyStubClsid HKCR\Interface\{22489F95-AA2E-4DFE-A00C-4F5D0DFDAFD6}\ProxyStubClsid32 HKCR\Interface\{22489F95-AA2E-4DFE-A00C-4F5D0DFDAFD6}\TypeLib HKCR\Interface\{22489F95-AA2E-4DFE-A00C-4F5D0DFDAFD6}\TypeLib#Version HKCR\Interface\{273582F0-3C1E-4BFC-B2A4-8348AE47F717} HKCR\Interface\{273582F0-3C1E-4BFC-B2A4-8348AE47F717}\ProxyStubClsid HKCR\Interface\{273582F0-3C1E-4BFC-B2A4-8348AE47F717}\ProxyStubClsid32 HKCR\Interface\{273582F0-3C1E-4BFC-B2A4-8348AE47F717}\TypeLib HKCR\Interface\{273582F0-3C1E-4BFC-B2A4-8348AE47F717}\TypeLib#Version HKCR\Interface\{27491041-2CCB-4A37-9297-FB84134ECAD4} HKCR\Interface\{27491041-2CCB-4A37-9297-FB84134ECAD4}\ProxyStubClsid HKCR\Interface\{27491041-2CCB-4A37-9297-FB84134ECAD4}\ProxyStubClsid32 HKCR\Interface\{27491041-2CCB-4A37-9297-FB84134ECAD4}\TypeLib HKCR\Interface\{27491041-2CCB-4A37-9297-FB84134ECAD4}\TypeLib#Version HKCR\Interface\{464B2A01-EB39-4CF6-B6BB-6262776B79DA} HKCR\Interface\{464B2A01-EB39-4CF6-B6BB-6262776B79DA}\ProxyStubClsid HKCR\Interface\{464B2A01-EB39-4CF6-B6BB-6262776B79DA}\ProxyStubClsid32 HKCR\Interface\{464B2A01-EB39-4CF6-B6BB-6262776B79DA}\TypeLib HKCR\Interface\{464B2A01-EB39-4CF6-B6BB-6262776B79DA}\TypeLib#Version HKCR\Interface\{60DDD776-BD47-421A-9B75-C5965C1AAEB3} HKCR\Interface\{60DDD776-BD47-421A-9B75-C5965C1AAEB3}\ProxyStubClsid HKCR\Interface\{60DDD776-BD47-421A-9B75-C5965C1AAEB3}\ProxyStubClsid32 HKCR\Interface\{60DDD776-BD47-421A-9B75-C5965C1AAEB3}\TypeLib HKCR\Interface\{60DDD776-BD47-421A-9B75-C5965C1AAEB3}\TypeLib#Version HKCR\Interface\{6C2AD1F2-670F-4096-9CF5-6FBEA48D2E38} HKCR\Interface\{6C2AD1F2-670F-4096-9CF5-6FBEA48D2E38}\ProxyStubClsid HKCR\Interface\{6C2AD1F2-670F-4096-9CF5-6FBEA48D2E38}\ProxyStubClsid32 HKCR\Interface\{6C2AD1F2-670F-4096-9CF5-6FBEA48D2E38}\TypeLib HKCR\Interface\{6C2AD1F2-670F-4096-9CF5-6FBEA48D2E38}\TypeLib#Version HKCR\Interface\{A45C94F8-E114-48EB-84C9-DE1B871E1A3A} HKCR\Interface\{A45C94F8-E114-48EB-84C9-DE1B871E1A3A}\ProxyStubClsid HKCR\Interface\{A45C94F8-E114-48EB-84C9-DE1B871E1A3A}\ProxyStubClsid32 HKCR\Interface\{A45C94F8-E114-48EB-84C9-DE1B871E1A3A}\TypeLib HKCR\Interface\{A45C94F8-E114-48EB-84C9-DE1B871E1A3A}\TypeLib#Version HKCR\Interface\{B48F25A0-49A8-46AE-B506-A789F8E91A51} HKCR\Interface\{B48F25A0-49A8-46AE-B506-A789F8E91A51}\ProxyStubClsid HKCR\Interface\{B48F25A0-49A8-46AE-B506-A789F8E91A51}\ProxyStubClsid32 HKCR\Interface\{B48F25A0-49A8-46AE-B506-A789F8E91A51}\TypeLib HKCR\Interface\{B48F25A0-49A8-46AE-B506-A789F8E91A51}\TypeLib#Version HKCR\Interface\{D3F81C5A-3A2D-464C-B617-289495AE52DD} HKCR\Interface\{D3F81C5A-3A2D-464C-B617-289495AE52DD}\ProxyStubClsid HKCR\Interface\{D3F81C5A-3A2D-464C-B617-289495AE52DD}\ProxyStubClsid32 HKCR\Interface\{D3F81C5A-3A2D-464C-B617-289495AE52DD}\TypeLib HKCR\Interface\{D3F81C5A-3A2D-464C-B617-289495AE52DD}\TypeLib#Version HKCR\Interface\{E6BC961E-2230-4A37-B7DC-F311773C7DBE} HKCR\Interface\{E6BC961E-2230-4A37-B7DC-F311773C7DBE}\ProxyStubClsid HKCR\Interface\{E6BC961E-2230-4A37-B7DC-F311773C7DBE}\ProxyStubClsid32 HKCR\Interface\{E6BC961E-2230-4A37-B7DC-F311773C7DBE}\TypeLib HKCR\Interface\{E6BC961E-2230-4A37-B7DC-F311773C7DBE}\TypeLib#Version HKCR\Interface\{F8681E4A-3B1B-46C5-9A0E-E4BDCD240A92} HKCR\Interface\{F8681E4A-3B1B-46C5-9A0E-E4BDCD240A92}\ProxyStubClsid HKCR\Interface\{F8681E4A-3B1B-46C5-9A0E-E4BDCD240A92}\ProxyStubClsid32 HKCR\Interface\{F8681E4A-3B1B-46C5-9A0E-E4BDCD240A92}\TypeLib HKCR\Interface\{F8681E4A-3B1B-46C5-9A0E-E4BDCD240A92}\TypeLib#Version HKCR\Interface\{FA08D9EC-0C7B-4C37-8D7A-E7837B997E90} HKCR\Interface\{FA08D9EC-0C7B-4C37-8D7A-E7837B997E90}\ProxyStubClsid HKCR\Interface\{FA08D9EC-0C7B-4C37-8D7A-E7837B997E90}\ProxyStubClsid32 HKCR\Interface\{FA08D9EC-0C7B-4C37-8D7A-E7837B997E90}\TypeLib HKCR\Interface\{FA08D9EC-0C7B-4C37-8D7A-E7837B997E90}\TypeLib#Version HKCR\Interface\{FC51DED7-D056-45E5-A4FF-A308E2DECFA5} HKCR\Interface\{FC51DED7-D056-45E5-A4FF-A308E2DECFA5}\ProxyStubClsid HKCR\Interface\{FC51DED7-D056-45E5-A4FF-A308E2DECFA5}\ProxyStubClsid32 HKCR\Interface\{FC51DED7-D056-45E5-A4FF-A308E2DECFA5}\TypeLib HKCR\Interface\{FC51DED7-D056-45E5-A4FF-A308E2DECFA5}\TypeLib#Version D:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP100\A0023091.EXE Browser Hijacker.Favorites D:\DOCUMENTS AND SETTINGS\ASTRID\FAVORITES\ONLINE SECURITY TEST.URL Adware.Tracking Cookie D:\Documents and Settings\\Cookies\[email protected][2].txt D:\Documents and Settings\\Cookies\[email protected][1].txt D:\Documents and Settings\\Cookies\si@advertising[1].txt D:\Documents and Settings\\Cookies\si@doubleclick[1].txt D:\Documents and Settings\\Cookies\[email protected][1].txt D:\Documents and Settings\\Cookies\si@imrworldwide[2].txt D:\Documents and Settings\\Cookies\si@indexstats[2].txt D:\Documents and Settings\\Cookies\si@mediaplex[1].txt D:\Documents and Settings\\Cookies\[email protected][1].txt D:\Documents and Settings\\Cookies\si@tradedoubler[2].txt D:\Documents and Settings\\Cookies\si@xiti[1].txt HiJackThis logg: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 12:12:37, on 07.06.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\usbtapnp.exe C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\NetWaiting\netWaiting.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe D:\Documents and Settings\astrid\Desktop\Sikkerhet\HiJackThis\HiJackThis_v2.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://athome.statoil.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [uSBTA] C:\WINDOWS\system32\usbtapnp.exe O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163514418031 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod-tjeneste (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- Tusen takk for hjelp. Vet ikke hva jeg skulle gjort uten dere her inne. Endret 7. juni 2007 av strikkepinne Lenke til kommentar
norbat Skrevet 7. juni 2007 Del Skrevet 7. juni 2007 (endret) Kjør HJT, sett merke framfor følgende linje og klikk 'Fix checked': O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe Hent Avenger og pakk det ut. Start programmet, sett prikk i "Input Script Manually" og klikk på lupen. I vinduet som kommer opp kopierer du og limer inn det som er i fet skrift under: Folders to delete: C:\Program Files\Video ActiveX Access Klikk på Trafikklyset. Restart pc'n. Etter restart vil det komme en loggfil som forteller hva som har skjedd. Du trenger ikke å poste den. (Mulig at denne mappe er slettet (vha SAS). Loggen vil da si at den ikke klarte å slette mappa fordi den ikke fantes) Post en ny HJT-logg for en siste sjekk. Ut over dette, bør du oppdatere JAVA: http://java.com/en/download/index.jsp Du bør også nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av Systemgjenopprettingen .....", restart pc, fjern merket igjen for å aktivere funksjonen. Endret 7. juni 2007 av norbat Lenke til kommentar
strikkepinne Skrevet 7. juni 2007 Forfatter Del Skrevet 7. juni 2007 (endret) Har nå gjort alt du sa i siste innlegg. Avenger loggen kom opp tom når dataen gikk på igjen. Fersk logg: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 01:20:59, on 08.06.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\usbtapnp.exe C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe D:\Documents and Settings\astrid\Desktop\Sikkerhet\HiJackThis\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://athome.statoil.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [uSBTA] C:\WINDOWS\system32\usbtapnp.exe O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163514418031 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod-tjeneste (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 10657 bytes Endret 7. juni 2007 av strikkepinne Lenke til kommentar
norbat Skrevet 7. juni 2007 Del Skrevet 7. juni 2007 (endret) Fix følgende linje med HJT: O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - (no file) Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av Systemgjenopprettingen .....", restart pc, fjern merket igjen for å aktivere funksjonen. HJT-loggen vil være ren etter dette. Hvordan kjører pc'n? Edit: Hvis du har 2 antivirusprogram, bør du avinstallere det ene. De kan komme i konflikt med hverandre. Endret 7. juni 2007 av norbat Lenke til kommentar
strikkepinne Skrevet 12. juni 2007 Forfatter Del Skrevet 12. juni 2007 Gjorde som du sa Avinnstallerte avg så nå har jeg kun Trend micro og superantispyware. Funker disse bra i lag? Lurer på noe i CCleaner; der går det ann å søke etter feil og når jeg gjør det kommer det opp en utrolig lang liste. Bør jeg gjøre noe med de? Tusen takk for all hjelp! Maskinen funker ok! Fersk logg: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 02:21:33, on 12.06.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\usbtapnp.exe C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\NetWaiting\netWaiting.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Documents and Settings\astrid\Desktop\Sikkerhet\HiJackThis\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://athome.statoil.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [uSBTA] C:\WINDOWS\system32\usbtapnp.exe O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163514418031 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod-tjeneste (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 9682 bytes Lenke til kommentar
norbat Skrevet 12. juni 2007 Del Skrevet 12. juni 2007 Å kjøre 'Saker' i CCleaner skal være rimelig harmløst, så du kan gjerne la programmet fixe feilene. Du vil bli bedt om å lage en backup når du kjører dette. Om du velger det så skulle du være på den sikre siden selv om jeg selv aldri har opplevd at CCleaner har rotet det til. Lenke til kommentar
strikkepinne Skrevet 12. juni 2007 Forfatter Del Skrevet 12. juni 2007 ok, da skal jeg prøve det! Igjen, tusen takk for hjelpen! Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå