Xarus Skrevet 10. september 2007 Del Skrevet 10. september 2007 hei, sliter litt her. Kom en melding på skjermen her: "windows has detected an tattack attempt.. Somebody's trying to infect your PC with spyware or harmful virues. Run full system scan now to proteft youre PC from internet attacks, hijacking attempts and spyware". Åsså click here to download spyware remover for total protection. Jeg er veldig sikker på at dette er noe spyware tull:/ Kommer også fram at startsiden min har blitt byttet mot noe annet.. "Softwareereferral.com" osv.. Noen som kan hjelpe meg ? Lenke til kommentar
norbat Skrevet 10. september 2007 Del Skrevet 10. september 2007 Last ned Hijackthis. Legg det i en egen mappe på skrivebordet. Start programmet, velg "Do a system scan and save a logfile". Loggfilen kopierer du og poster, så tar vi det derfra. Lenke til kommentar
Xarus Skrevet 10. september 2007 Forfatter Del Skrevet 10. september 2007 Last ned Hijackthis. Legg det i en egen mappe på skrivebordet. Start programmet, velg "Do a system scan and save a logfile". Loggfilen kopierer du og poster, så tar vi det derfra. 9466411[/snapback] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...=MjI6Ojg5&lid=2 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.online.no/proxy.pac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: MSVPS System - {3CB70CC2-303F-4A6C-824D-013AE8CFDB6B} - C:\WINDOWS\nsduo.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Programfiler\Dealio\kb106\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Programfiler\Dealio\kb106\Dealio.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar4.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programfiler\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programfiler\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [au] C:\Programfiler\Dealio\DealioAU.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Programfiler\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [VoipBuster] "C:\Programfiler\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Xfire.lnk = C:\Programfiler\Xfire\Xfire.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Skyr@cer Pro PCI 154 Configuration Utility.lnk = ? O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ? O8 - Extra context menu item: Compare Prices with &Dealio - C:\Programfiler\Dealio\kb106\res\DealioSearch.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Programfiler\Dealio\kb106\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O21 - SSODL: msmhost - {CA0B19B0-5D39-4C1F-8525-6EF02C9CFBF0} - C:\WINDOWS\msmhost.dll O21 - SSODL: msmdev - {707C9AA2-6D4F-47DF-9903-51C1B422328C} - C:\WINDOWS\msmdev.dll O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Programfiler\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE Lenke til kommentar
norbat Skrevet 10. september 2007 Del Skrevet 10. september 2007 Last ned SDFix til skrivebordet. Dobbeltklikk på SDFix.exe og det vil pakke seg ut til ei mappe i C:\SDFix Restart pc'n i sikker modus (tapp F8 under oppstart, velg sikker modus) Åpne SDFix-mappa og dobbeltklikk på 'RunThis.bat' for å starte programmet Velg Y for å starte rensingen Pc'n vil restarte, og SDFix vil fortsette. Når SDFix er ferdigkjørt, laster du ned SAS, installer, oppdater og kjør en full (Complete) scan. Post ny HJT-logg + loggen fra SDFix (vil ligge som Report.txt i SDFix-mappa) + SAS-logg (preferences->statistics/logs) Lenke til kommentar
Xarus Skrevet 10. september 2007 Forfatter Del Skrevet 10. september 2007 (endret) Last ned SDFix til skrivebordet. Dobbeltklikk på SDFix.exe og det vil pakke seg ut til ei mappe i C:\SDFix Restart pc'n i sikker modus (tapp F8 under oppstart, velg sikker modus) Åpne SDFix-mappa og dobbeltklikk på 'RunThis.bat' for å starte programmet Velg Y for å starte rensingen Pc'n vil restarte, og SDFix vil fortsette. Når SDFix er ferdigkjørt, laster du ned SAS, installer, oppdater og kjør en full (Complete) scan. Post ny HJT-logg + loggen fra SDFix (vil ligge som Report.txt i SDFix-mappa) + SAS-logg (preferences->statistics/logs) 9466482[/snapback] Fikk: "installerbar midlertidig enhetsdriver klarte ikke Dll-initialiseringen" Står at jeg må lukke SDfix.. Endret 10. september 2007 av Xarus Lenke til kommentar
norbat Skrevet 10. september 2007 Del Skrevet 10. september 2007 og du kjører fra Sikkermodus? Lenke til kommentar
Xarus Skrevet 10. september 2007 Forfatter Del Skrevet 10. september 2007 og du kjører fra Sikkermodus? 9466836[/snapback] ja, det gikk greit. Ingen ting som skjedde når jeg trykket på "lukk" og jeg fikk gjennomført det. Loggene kommer når sas scannen er over Lenke til kommentar
Xarus Skrevet 10. september 2007 Forfatter Del Skrevet 10. september 2007 Hijackthis: R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.online.no/proxy.pac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Programfiler\Dealio\kb106\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Programfiler\Dealio\kb106\Dealio.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar4.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programfiler\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programfiler\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [au] C:\Programfiler\Dealio\DealioAU.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Programfiler\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [VoipBuster] "C:\Programfiler\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Xfire.lnk = C:\Programfiler\Xfire\Xfire.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Skyr@cer Pro PCI 154 Configuration Utility.lnk = ? O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ? O8 - Extra context menu item: Compare Prices with &Dealio - C:\Programfiler\Dealio\kb106\res\DealioSearch.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Programfiler\Dealio\kb106\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Programfiler\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE SDfix: Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\SYSTEM32\\USMT\\MIGWIZ.EXE"="C:\\WINDOWS\\SYSTEM32\\USMT\\MIGWIZ.EXE:*:Enabled:Veiviser for overf›ring av filer og innstillinger" "C:\\Programfiler\\Messenger\\msmsgs.exe"="C:\\Programfiler\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Programfiler\\LimeWire\\LimeWire.exe"="C:\\Programfiler\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Programfiler\\Valve\\Steam\\Steam.exe"="C:\\Programfiler\\Valve\\Steam\\Steam.exe:*:Enabled:Steam" "C:\\Programfiler\\Valve\\Steam\\SteamApps\\afselius\\counter-strike source\\hl2.exe"="C:\\Programfiler\\Valve\\Steam\\SteamApps\\afselius\\counter-strike source\\hl2.exe:*:Enabled:hl2" "C:\\Programfiler\\Valve\\Steam\\SteamApps\\arning130\\counter-strike source\\hl2.exe"="C:\\Programfiler\\Valve\\Steam\\SteamApps\\arning130\\counter-strike source\\hl2.exe:*:Enabled:hl2" "C:\\Programfiler\\Valve\\Steam\\SteamApps\\arning130\\counter-strike\\hl.exe"="C:\\Programfiler\\Valve\\Steam\\SteamApps\\arning130\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher" "C:\\Programfiler\\Electronic Arts\\The Battle for Middle-earth II\\game.dat"="C:\\Programfiler\\Electronic Arts\\The Battle for Middle-earth II\\game.dat:*:Enabled:The Battle for Middle-earth II" "C:\\Programfiler\\Grouper\\Grouper.exe"="C:\\Programfiler\\Grouper\\Grouper.exe:*:Enabled:Grouper" "C:\\Documents and Settings\\Sindre\\Skrivebord\\utorrent.exe"="C:\\Documents and Settings\\Sindre\\Skrivebord\\utorrent.exe:*:Enabled:æTorrent" "C:\\Documents and Settings\\Sindre\\Mine dokumenter\\programmer\\utorrent.exe"="C:\\Documents and Settings\\Sindre\\Mine dokumenter\\programmer\\utorrent.exe:*:Enabled:æTorrent" "C:\\Programfiler\\Grisoft\\AVG Free\\avginet.exe"="C:\\Programfiler\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe" "C:\\Programfiler\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Programfiler\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Programfiler\\Xfire\\Xfire.exe"="C:\\Programfiler\\Xfire\\Xfire.exe:*:Enabled:Xfire" "C:\\program files\\mIRC\\mirc.exe"="C:\\program files\\mIRC\\mirc.exe:*:Enabled:mIRC" "C:\\Programfiler\\Valve\\Steam\\SteamApps\\oliverfrydenberg\\counter-strike\\hl.exe"="C:\\Programfiler\\Valve\\Steam\\SteamApps\\oliverfrydenberg\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher" "C:\\Programfiler\\MSN Messenger\\msncall.exe"="C:\\Programfiler\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Programfiler\\mIRC\\mirc.exe"="C:\\Programfiler\\mIRC\\mirc.exe:*:Enabled:mIRC" "C:\\Programfiler\\GameSpy Arcade\\Aphex.exe"="C:\\Programfiler\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade" "C:\\Programfiler\\Mozilla Firefox\\firefox.exe"="C:\\Programfiler\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox" "C:\\Programfiler\\TVUPlayer\\TVUPlayer.exe"="C:\\Programfiler\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVU Player Component" "C:\\Programfiler\\TVAnts\\Tvants.exe"="C:\\Programfiler\\TVAnts\\Tvants.exe:*:Disabled:TVAnts" "C:\\Programfiler\\Valve\\Steam\\SteamApps\\oliverfrydenberg\\half-life\\hl.exe"="C:\\Programfiler\\Valve\\Steam\\SteamApps\\oliverfrydenberg\\half-life\\hl.exe:*:Enabled:Half-Life Launcher" "C:\\Programfiler\\Valve\\Steam\\SteamApps\\torbratberg\\counter-strike\\hl.exe"="C:\\Programfiler\\Valve\\Steam\\SteamApps\\torbratberg\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher" "C:\\Programfiler\\Azureus\\Azureus.exe"="C:\\Programfiler\\Azureus\\Azureus.exe:*:Disabled:Azureus" "C:\\Programfiler\\DC++\\DCPlusPlus.exe"="C:\\Programfiler\\DC++\\DCPlusPlus.exe:*:Disabled:DC++" "C:\\Programfiler\\World of Warcraft\\WoW-1.6.1.4544-to-1.7.0-enGB-downloader.exe"="C:\\Programfiler\\World of Warcraft\\WoW-1.6.1.4544-to-1.7.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader" "C:\\Programfiler\\World of Warcraft\\WoW-1.6.0.4500-to-1.6.1-enGB-downloader.exe"="C:\\Programfiler\\World of Warcraft\\WoW-1.6.0.4500-to-1.6.1-enGB-downloader.exe:*:Enabled:Blizzard Downloader" "C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"="C:\\Programfiler\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Programfiler\\MSN Messenger\\livecall.exe"="C:\\Programfiler\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\\Programfiler\\Counter-Strike 1.6\\hl.exe"="C:\\Programfiler\\Counter-Strike 1.6\\hl.exe:*:Enabled:Half-Life Launcher" "C:\\Programfiler\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Programfiler\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader" "C:\\Programfiler\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"="C:\\Programfiler\\VoipBuster.com\\VoipBuster\\VoipBuster.exe:*:Enabled:VoipBuster" "C:\\Programfiler\\BitTorrent\\bittorrent.exe"="C:\\Programfiler\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Programfiler\\Skype\\Phone\\Skype.exe"="C:\\Programfiler\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programfiler\\MSN Messenger\\msncall.exe"="C:\\Programfiler\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"="C:\\Programfiler\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Programfiler\\MSN Messenger\\livecall.exe"="C:\\Programfiler\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" Remaining Files: --------------- File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes: C:\Documents and Settings\Sindre\Lokale innstillinger\Programdata\Microsoft\Messenger\[email protected]\Sharing Folders\[email protected]\Thumbs.db C:\Documents and Settings\Sindre\Lokale innstillinger\Programdata\Microsoft\Messenger\[email protected]\Sharing Folders\[email protected]\Thumbs.db C:\WINDOWS\SYSTEM32\233505DF60.sys C:\WINDOWS\SYSTEM32\KGyGaAvL.sys C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp Finished! Sas: Hvor finner jeg sas log ??.. husker ikke Lenke til kommentar
norbat Skrevet 10. september 2007 Del Skrevet 10. september 2007 Start SAS, velg Preferences->Statistics/logs Lenke til kommentar
Xarus Skrevet 10. september 2007 Forfatter Del Skrevet 10. september 2007 Start SAS, velg Preferences->Statistics/logs 9467724[/snapback] C:\Documents and Settings\Sindre\Cookies\sindre@serving-sys[2].txt C:\Documents and Settings\Sindre\Cookies\[email protected][1].txt C:\Documents and Settings\Sindre\Cookies\sindre@tacoda[1].txt C:\Documents and Settings\Sindre\Cookies\[email protected][2].txt C:\Documents and Settings\Sindre\Cookies\sindre@atdmt[2].txt C:\Documents and Settings\Sindre\Cookies\[email protected][2].txt C:\Documents and Settings\Sindre\Cookies\sindre@advertising[2].txt C:\Documents and Settings\Sindre\Cookies\sindre@doubleclick[1].txt C:\Documents and Settings\Sindre\Cookies\sindre@tradedoubler[1].txt C:\Documents and Settings\Sindre\Cookies\sindre@fastclick[2].txt C:\Documents and Settings\Sindre\Cookies\sindre@2o7[1].txt C:\Documents and Settings\Sindre\Cookies\[email protected][2].txt C:\Documents and Settings\Sindre\Cookies\sindre@imrworldwide[1].txt Trojan.DNSChanger-Codec HKCR\VAC.Video HKCR\VAC.Video\CLSID Trojan.VideoCach/Gen HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF} HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Control HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Implemented Categories HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\InprocServer32 HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\InprocServer32#ThreadingModel HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\MiscStatus HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\MiscStatus\1 HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\ProgID HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\ToolboxBitmap32 HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\TypeLib HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Version HKCR\CLSID\{BABA5BDB-4EFF-48DB-B443-679651D37128} HKCR\CLSID\{BABA5BDB-4EFF-48DB-B443-679651D37128}\InprocServer32 HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768} HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0 HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\0 HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\0\win32 HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\FLAGS HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\HELPDIR HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F} HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\ProxyStubClsid HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\ProxyStubClsid32 HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\TypeLib HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\TypeLib#Version HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1} HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\ProxyStubClsid HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\ProxyStubClsid32 HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\TypeLib HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\TypeLib#Version Der, nå har du alle tre^^ Lenke til kommentar
norbat Skrevet 10. september 2007 Del Skrevet 10. september 2007 Ok, og hvordan kjører pc'n? Lenke til kommentar
Xarus Skrevet 10. september 2007 Forfatter Del Skrevet 10. september 2007 (endret) Ok, og hvordan kjører pc'n? 9468185[/snapback] Som før virker det som Tusen takk for hjelpen Norbat:D Endret 10. september 2007 av Xarus Lenke til kommentar
norbat Skrevet 10. september 2007 Del Skrevet 10. september 2007 Fint. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av Systemgjenopprettingen .....", restart pc, fjern merket igjen for å aktivere funksjonen. Lenke til kommentar
Xarus Skrevet 10. september 2007 Forfatter Del Skrevet 10. september 2007 Fint. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av Systemgjenopprettingen .....", restart pc, fjern merket igjen for å aktivere funksjonen. 9468679[/snapback] Supert, skal gjøre det:P Takk igjenn Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå