katet Skrevet 12. september 2007 Del Skrevet 12. september 2007 Lurer på om jeg har fått et virus etter som svara jeg får på ganske mange av meldingene jeg sender på msn er: hAllo Følgende melding kan ikke leveres til alle mottakere: hAllo Er kun et par dager siden jeg formaterte maskina så den var "ren" for ikke så lenge sida. Det som skjer i Mozilla Firefox er att nettleseren av og til ikke vil laste sider. Kan trykke mange ganger på startsiden for eks. uten at det skjer noe. Den loader i en brøkdel av et sekund å så stopper det uten noe resulat. Er dette et virus, i tilfelle hvordan kan jeg få fjerna det ? Takker for svar Lenke til kommentar
norbat Skrevet 12. september 2007 Del Skrevet 12. september 2007 Kortversjonen: https://www.diskusjon.no/index.php?showtopic=691246 Loggen poster du her. Lenke til kommentar
katet Skrevet 12. september 2007 Forfatter Del Skrevet 12. september 2007 Her er loggen jeg fikk: Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 22:31:03, on 12.09.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programfiler\Norton AntiVirus\navapsvc.exe C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\Programfiler\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Realtek\InstallShield\AzMixerSel.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Acer\OrbiCam\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe C:\Programfiler\Lavasoft\Ad-Aware 2007\AAWTray.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\BitTorrent_DNA\dna.exe C:\Programfiler\BitTorrent\bittorrent.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programfiler\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [ntiMUI] C:\Programfiler\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1 O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Acer\OrbiCam\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Acer\OrbiCam\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [imageItEncrypt] C:\WINDOWS\system32\ImageItEncrypt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [AAWTray] C:\Programfiler\Lavasoft\Ad-Aware 2007\AAWTray.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Programfiler\BitTorrent_DNA\dna.exe" O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = ? O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programfiler\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programfiler\WinPcap\rpcapd.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 12309 bytes Lenke til kommentar
norbat Skrevet 12. september 2007 Del Skrevet 12. september 2007 Det er ingen ting i loggen som viser at du har noen form for infeksjoner. Du kan forsøke å kjøre Combofix og poste loggen. Den kan fortelle litt mer: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (vanligvis c:\combofix.txt) Lenke til kommentar
katet Skrevet 13. september 2007 Forfatter Del Skrevet 13. september 2007 Her er loggen jeg fikk i Combofix: Klikk for å se/fjerne innholdet nedenfor ComboFix 07-09-13.3 - "Tore" 2007-09-13 16:12:30.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.47.1044.18.359 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pthreadVC.dll C:\WINDOWS\system32\WanPacket.dll C:\WINDOWS\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\NPF ((((((((((((((((((((((((( Files Created from 2007-08-13 to 2007-09-13 ))))))))))))))))))))))))))))))) . 2007-09-13 16:11 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-12 22:30 <DIR> d-------- C:\Programfiler\Trend Micro 2007-09-09 22:40 <DIR> d-------- C:\Programfiler\K-Lite Codec Pack 2007-09-09 22:40 <DIR> d-------- C:\DOCUME~1\Tore\PROGRA~1\Real 2007-09-09 22:40 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\PROGRA~1\Real 2007-09-09 22:32 <DIR> d-------- C:\DOCUME~1\Tore\PROGRA~1\vlc 2007-09-09 22:31 <DIR> d-------- C:\Programfiler\VideoLAN 2007-09-09 21:57 <DIR> d-------- C:\Programfiler\BitTorrent 2007-09-09 21:57 <DIR> d-------- C:\DOCUME~1\Tore\PROGRA~1\BitTorrent 2007-09-09 21:56 <DIR> d-------- C:\Programfiler\BitTorrent_DNA 2007-09-09 21:56 <DIR> d-------- C:\DOCUME~1\Tore\PROGRA~1\BitTorrent DNA 2007-09-09 21:06 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2007-09-09 21:04 <DIR> d-------- C:\WINDOWS\SHELLNEW 2007-09-09 21:04 <DIR> d-------- C:\Programfiler\Microsoft.NET 2007-09-09 21:04 <DIR> d-------- C:\Programfiler\Microsoft Works 2007-09-09 11:52 188 --a------ C:\WINDOWS\system32\eDataSecurity.dat 2007-09-09 10:07 <DIR> d-------- C:\Programfiler\Norton Security Scan 2007-09-08 21:14 <DIR> d-------- C:\Programfiler\DAEMON Tools 2007-09-08 20:43 <DIR> d-------- C:\Programfiler\iTunes 2007-09-08 20:43 <DIR> d-------- C:\Programfiler\iPod 2007-09-08 20:43 <DIR> d-------- C:\DOCUME~1\Tore\PROGRA~1\Apple Computer 2007-09-08 20:42 <DIR> d-------- C:\Programfiler\QuickTime 2007-09-08 20:42 <DIR> d-------- C:\Programfiler\Fellesfiler\Apple 2007-09-08 20:42 <DIR> d-------- C:\Programfiler\Apple Software Update 2007-09-08 20:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\PROGRA~1\Apple Computer 2007-09-08 20:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\PROGRA~1\Apple 2007-09-08 19:58 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-09-08 19:53 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-09-08 19:53 <DIR> d-------- C:\Programfiler\Lavasoft 2007-09-08 19:53 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2007-09-08 19:53 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\PROGRA~1\Lavasoft 2007-09-08 19:51 26,496 --a------ C:\WINDOWS\system32\dllcache\usbstor.sys 2007-09-08 19:47 <DIR> d-------- C:\DOCUME~1\Tore\Shared 2007-09-08 19:47 <DIR> d-------- C:\DOCUME~1\Tore\Incomplete 2007-09-08 19:45 <DIR> d-------- C:\DOCUME~1\Tore\PROGRA~1\LimeWire 2007-09-08 19:43 <DIR> d-------- C:\Programfiler\LimeWire 2007-09-08 19:41 1,152 --a------ C:\WINDOWS\mozver.dat 2007-09-08 19:38 <DIR> d-------- C:\DOCUME~1\Tore\Contacts 2007-09-08 19:37 <DIR> d-------- C:\WINDOWS\system32\DRVSTORE 2007-09-08 19:37 <DIR> d-------- C:\Programfiler\MSN Messenger 2007-09-08 19:26 0 --a------ C:\WINDOWS\nsreg.dat 2007-09-08 19:18 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-09-08 19:18 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys 2007-09-08 19:18 <DIR> d-------- C:\Programfiler\MSXML 4.0 2007-09-08 19:17 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-09-08 19:17 9,600 --a------ C:\WINDOWS\system32\dllcache\hidusb.sys 2007-09-08 19:17 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2007-09-08 19:17 31,616 --a------ C:\WINDOWS\system32\dllcache\usbccgp.sys 2007-09-08 18:28 <DIR> d--hs---- C:\Recycled 2007-09-08 17:45 40,960 --a------ C:\WINDOWS\system32\ImageItEncrypt.exe 2007-09-08 17:39 935,424 --a------ C:\WINDOWS\system32\ERUpdateHidden.EXE 2007-09-08 17:39 258,048 --a------ C:\WINDOWS\system32\Uninstall_eRecovery.exe 2007-09-08 17:39 258,048 --a------ C:\WINDOWS\system32\CheckD2DSystem.exe 2007-09-08 17:39 16,384 --a------ C:\WINDOWS\system32\ClearEvent.exe 2007-09-08 17:39 159,744 --a------ C:\WINDOWS\system32\CloseProcessWindow.dll 2007-09-08 17:35 <DIR> d-------- C:\Programfiler\Fellesfiler\Logitech 2007-09-08 17:35 <DIR> d-------- C:\Programfiler\Fellesfiler\Acer 2007-09-08 17:35 <DIR> d-------- C:\Programfiler\Acer 2007-09-08 17:34 78,208 --a------ C:\WINDOWS\system32\drivers\epm-shd.sys 2007-09-08 17:34 4,096 --a------ C:\WINDOWS\system32\drivers\epm-psd.sys 2007-09-08 17:34 21,275 --a------ C:\WINDOWS\system32\drivers\AegisP.sys 2007-09-08 17:34 <DIR> d-------- C:\Programfiler\WinPCap 2007-09-08 17:33 868,352 --a------ C:\WINDOWS\system32\WirelessMgr.dll 2007-09-08 17:33 5,120 --a------ C:\WINDOWS\system32\FILTRCOI.DLL 2007-09-08 17:33 49,152 --a------ C:\WINDOWS\system32\QtBtLib.dll 2007-09-08 17:33 49,152 --a------ C:\WINDOWS\system32\acerGina.dll 2007-09-08 17:33 16,896 --a------ C:\WINDOWS\system32\drivers\DKbFltr.SYS 2007-09-08 17:33 147,456 --a------ C:\WINDOWS\UNINST32.EXE 2007-09-08 17:33 <DIR> d-------- C:\Programfiler\Launch Manager 2007-09-08 17:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\PROGRA~1\Intel 2007-09-08 17:32 53,248 --a------ C:\WINDOWS\system32\acpimof.dll 2007-09-08 17:32 45,056 --a------ C:\WINDOWS\system32\Epm-Po.dll 2007-09-08 17:31 <DIR> d-------- C:\WINDOWS\Acer 2007-09-08 17:30 <DIR> dr-h----- C:\DOCUME~1\Tore\Siste 2007-09-08 17:30 <DIR> dr------- C:\DOCUME~1\Tore\Start-meny 2007-09-08 17:30 <DIR> dr------- C:\DOCUME~1\Tore\Mine dokumenter 2007-09-08 17:30 <DIR> dr------- C:\DOCUME~1\Tore\Favoritter 2007-09-08 17:30 <DIR> d--h----- C:\DOCUME~1\Tore\Skrivere 2007-09-08 17:30 <DIR> d--h----- C:\DOCUME~1\Tore\Programdata 2007-09-08 17:30 <DIR> d--h----- C:\DOCUME~1\Tore\Maler 2007-09-08 17:30 <DIR> d--h----- C:\DOCUME~1\Tore\Lokale innstillinger 2007-09-08 17:30 <DIR> d--h----- C:\DOCUME~1\Tore\AndrMask 2007-09-08 17:30 <DIR> d-------- C:\DOCUME~1\Tore\Skrivebord 2007-09-08 17:30 <DIR> d-------- C:\DOCUME~1\Tore\PROGRA~1\Symantec . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-08-07 13:58 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-08-07 13:56 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-06-26 16:15 658432 --a------ C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-26 15:57 851968 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2007-06-19 15:33 282112 --a------ C:\WINDOWS\system32\gdi32.dll 2007-06-19 15:33 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll 2007-06-14 20:11 96768 --a------ C:\WINDOWS\system32\dllcache\inseng.dll 2007-06-14 20:11 615424 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-14 20:11 55808 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-14 20:11 532480 --a------ C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-14 20:11 474112 --a------ C:\WINDOWS\system32\dllcache\shlwapi.dll 2007-06-14 20:11 449024 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-14 20:11 39424 --a------ C:\WINDOWS\system32\dllcache\pngfilt.dll 2007-06-14 20:11 357888 --a------ C:\WINDOWS\system32\dllcache\dxtmsft.dll 2007-06-14 20:11 3079680 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll 2007-06-14 20:11 251392 --a------ C:\WINDOWS\system32\dllcache\iepeers.dll 2007-06-14 20:11 205312 --a------ C:\WINDOWS\system32\dllcache\dxtrans.dll 2007-06-14 20:11 16384 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-14 20:11 151552 --a------ C:\WINDOWS\system32\dllcache\cdfview.dll 2007-06-14 20:11 1494528 --a------ C:\WINDOWS\system32\dllcache\shdocvw.dll 2007-06-14 20:11 146432 --a------ C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-14 20:11 1054720 --a------ C:\WINDOWS\system32\dllcache\danim.dll 2007-06-14 20:11 1023488 --a------ C:\WINDOWS\system32\dllcache\browseui.dll 2007-06-14 16:07 18432 --a------ C:\WINDOWS\system32\dllcache\iedw.exe 2007-06-13 15:24 1033216 --a------ C:\WINDOWS\system32\dllcache\explorer.exe 2007-06-13 15:24 1033216 --a------ C:\WINDOWS\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [] "AGRSMMSG"="AGRSMMSG.exe" [2006-03-16 17:24 C:\WINDOWS\AGRSMMSG.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-02-27 17:28 C:\WINDOWS\RTHDCPL.exe] "AzMixerSel"="C:\Programfiler\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 14:21] "SynTPLpr"="C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 07:17] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 07:16] "PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-03-23 00:12] "ntiMUI"="C:\Programfiler\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 17:15] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 20:00] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 20:00] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00] "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 15:00] "Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 16:39] "ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2005-09-17 15:27] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-28 13:55] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-11-28 13:52] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-28 13:55] "ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-04-04 18:08] "Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 22:12] "LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 13:56] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2006-04-06 19:22] "LogitechCameraAssistant"="C:\Programfiler\Acer\OrbiCam\CameraAssistant.exe" [2006-04-06 19:00] "LogitechVideo[inspector]"="C:\Programfiler\Acer\OrbiCam\InstallHelper.exe" [2006-04-06 19:06] "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 18:22] "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 16:43] "ImageItEncrypt"="C:\WINDOWS\system32\ImageItEncrypt.exe" [2005-12-30 14:02] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "AAWTray"="C:\Programfiler\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53] "Symantec PIF AlertEng"="C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30] "QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2007-06-29 06:24] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-09-07 16:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00] "MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54] "DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2007-08-29 17:09] "BitTorrent DNA"="C:\Programfiler\BitTorrent_DNA\dna.exe" [2007-09-09 21:56] "BitTorrent"="C:\Programfiler\BitTorrent\bittorrent.exe" [2007-09-03 14:11] C:\DOCUME~1\ALLUSE~1\START-~1\PROGRA~1\Oppstart\ Adobe Reader Speed Launch.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06] Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-03-27 11:37:58] R0 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys R0 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys R2 EpmPsd;Acer EPM Power Scheme Driver;\??\C:\WINDOWS\system32\drivers\epm-psd.sys R2 EpmShd;Acer EPM System Hardware Driver;\??\C:\WINDOWS\system32\drivers\epm-shd.sys R2 int15;int15;\??\C:\WINDOWS\system32\drivers\int15.sys R2 tvicport;tvicport;\??\C:\WINDOWS\system32\drivers\tvicport.sys R3 DKbFltr;Dritek Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\DKbFltr.sys R3 lv321av;Logitech USB PC Camera (VC0321);C:\WINDOWS\system32\Drivers\lv321av.sys R3 LVPrcMon;Logitech LVPrcMon Driver;\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys R3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys R3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys . Contents of the 'Scheduled Tasks' folder "2007-09-08 18:06:30 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Tore.job" - C:\PROGRA~1\NORTON~1\Navw32.exe "2007-09-08 18:42:46 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-13 16:16:20 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechCameraAssistant"="C:\\Programfiler\\Acer\\OrbiCam\\CameraAssistant.exe" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aawservice] "ImagePath"="\"C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe\"" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\viaagp] "ImagePath"="system32\DRIVERS\viaagp.sys" . Completion time: 2007-09-13 16:18:03 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-13 16:18 . --- E O F --- Lenke til kommentar
norbat Skrevet 13. september 2007 Del Skrevet 13. september 2007 Ok, Plages du fortsatt med problemet? Uavhengig av det, kan det være greit å gjøre følgende: Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Last ned SAS, installer, oppdater og kjør en full (Complete) scan. Lenke til kommentar
katet Skrevet 13. september 2007 Forfatter Del Skrevet 13. september 2007 takker for svar Det er litt opp og ned.. Trur det kjem ann på kor lenge dataen har stått på (1 dag - 2 veker). PR. nå fungerar allt. Skal laste ned programma og sjå om det skjer fleire gongr Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå