Babyloner Skrevet 8. november 2007 Del Skrevet 8. november 2007 Heisann... Har en god del problemer med PC-en min..så skal ta å fikse et etter et.. det problemet jeg har kommet til nå dette med bufferoverløp. Får denne feilmeldingen ( som vises på bildet) hver gang jeg starter PC-en.. Så det jeg lurer på er hva jeg skal gjøre for å få dette fikset. Hadde vært fint om noe kunne fortelle meg hva som egentlig er problemet og hva som er årsaken. Håper på rask hjelp Takk MyoK Lenke til kommentar
norbat Skrevet 8. november 2007 Del Skrevet 8. november 2007 Du kan poste en hjt-logg. Den kan fortelle om det evt. ligger noe på PC-en som bør vekk: Last ned Hijackthis. Legg det i en egen mappe på skrivebordet. Start programmet, velg "Do a system scan and save a logfile". Loggfilen kopierer du og poster. Lenke til kommentar
Babyloner Skrevet 9. november 2007 Forfatter Del Skrevet 9. november 2007 Da er det gjort... håper du/dere kan finne hva som er galt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:29:40, on 09.11.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\Programfiler\Dell Network Assistant\hnm_svc.exe C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Programfiler\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Programfiler\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programfiler\Norton Ghost\Agent\VProSvc.exe C:\Programfiler\iPod\bin\iPodService.exe C:\PROGRA~1\FELLES~1\McAfee\EmProxy\emproxy.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\mcafee.com\agent\mcagent.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Norton Ghost\Agent\GhostTray.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\McAfee\MSK\MskAgent.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Programfiler\QuickTime\QTTask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\Programfiler\McAfee\MPS\mpsevh.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.no/ig/dell?hl=no&client=dell-row&channel=no&ibd=0061012 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.no/ig/dell?hl=no&client=dell-row&channel=no&ibd=0061012 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.no/ig/dell?hl=no&client=dell-row&channel=no&ibd=0061012 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\programfiler\mcafee\virusscan\scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programfiler\BAE\BAE.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [CTDVDDET] "C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Programfiler\Norton Ghost\Agent\GhostTray.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programfiler\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [ppmate] C:\Programfiler\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Programfiler\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\nnijygwm.dll",forkonce O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-21-3932646041-246590233-1598219946-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Mathu') O4 - HKUS\S-1-5-21-3932646041-246590233-1598219946-1008\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe" (User 'Mathu') O4 - HKUS\S-1-5-21-3932646041-246590233-1598219946-1008\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (User 'Mathu') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Dell Network Assistant.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0304421194599958) (0304421194599958mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP30442~1.EXE O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programfiler\IVT Corporation\BlueSoleil\BTNtService.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FELLES~1\McAfee\EmProxy\emproxy.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Programfiler\Dell Network Assistant\hnm_svc.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programfiler\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Programfiler\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Programfiler\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 14711 bytes Lenke til kommentar
norbat Skrevet 9. november 2007 Del Skrevet 9. november 2007 Du har en liten infeksjon liggende så gjør følgende: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (vanligvis c:\combofix.txt) Lenke til kommentar
Babyloner Skrevet 9. november 2007 Forfatter Del Skrevet 9. november 2007 Da var det også gjort ComboFix 07-11-08.1 - ******** 2007-11-09 16:48:12.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.1477 [GMT 1:00] Running from: C:\Documents and Settings\Mayoo\Skrivebord\ComboFix.exe . Unable to gain System Privileges ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\xpdx.sys . ---- Previous Run ------- . C:\WINDOWS\system32\mwgyjinn.ini C:\WINDOWS\system32\mwgyjinn.ini2 C:\WINDOWS\system32\mwgyjinn.tmp C:\WINDOWS\system32\nnijygwm.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\LEGACY_NTMLSVC -------\NtmlSvc -------\xpdx -------\LEGACY_DOMAINSERVICE -------\LEGACY_NTMLSVC -------\NtmlSvc -------\xpdx ((((((((((((((((((((((((( Files Created from 2007-10-09 to 2007-11-09 ))))))))))))))))))))))))))))))) . 2007-11-09 16:41 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-11-09 16:38 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL 2007-11-09 16:38 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS 2007-11-09 15:28 <DIR> d-------- C:\Programfiler\Trend Micro 2007-11-09 10:19 <DIR> C:\WINDOWS\LastGood.Tmp 2007-11-09 00:34 <DIR> d-------- C:\Documents and Settings\Mathu\Programdata\DivX 2007-11-07 18:49 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe 2007-10-24 17:13 <DIR> d-------- C:\Programfiler\Webcam Simulator 2007-10-24 17:13 10,624 --a------ C:\WINDOWS\system32\drivers\vcam.sys 2007-10-24 17:07 17,024 --a------ C:\WINDOWS\system32\drivers\mcclib.sys 2007-10-24 17:07 4,864 --a------ C:\WINDOWS\system32\drivers\mcctl.sys 2007-10-20 01:56 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-10-20 01:56 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-10-20 01:56 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe 2007-10-20 01:56 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-10-20 01:54 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2007-10-20 01:54 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll 2007-10-20 01:54 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll 2007-10-20 01:54 739,840 --a------ C:\WINDOWS\system32\DivX.dll 2007-10-20 01:54 196,608 --a------ C:\WINDOWS\system32\dtu100.dll 2007-10-20 01:54 81,920 --a------ C:\WINDOWS\system32\dpl100.dll 2007-10-19 16:16 <DIR> d-------- C:\Programfiler\Red Kawa 2007-10-19 16:16 <DIR> d-------- C:\Programfiler\AviSynth 2.5 2007-10-18 10:06 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2007-10-18 10:03 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll 2007-10-18 10:03 344,064 --a------ C:\WINDOWS\system32\dpus11.dll 2007-10-18 10:03 294,912 --a------ C:\WINDOWS\system32\dpu11.dll 2007-10-18 10:03 294,912 --a------ C:\WINDOWS\system32\dpu10.dll 2007-10-18 10:03 57,344 --a------ C:\WINDOWS\system32\dpv11.dll 2007-10-18 10:03 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll 2007-10-18 10:02 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll 2007-10-10 09:06 582,656 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-09 15:52 --------- d---a-w C:\Documents and Settings\All Users\Programdata\TEMP 2007-11-09 15:46 --------- d-----w C:\Programfiler\Winamp 2007-11-09 15:20 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\LimeWire 2007-11-09 09:19 --------- d-----w C:\Programfiler\McAfee 2007-11-08 19:51 --------- d--h--w C:\Programfiler\Creative Installation Information 2007-11-08 19:51 --------- d-----w C:\Programfiler\Creative 2007-11-08 19:51 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\Creative 2007-11-08 19:51 --------- d-----w C:\Documents and Settings\All Users\Programdata\Creative 2007-11-08 19:50 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-11-08 15:58 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\uTorrent 2007-11-07 17:49 --------- d-----w C:\Programfiler\DivX 2007-10-24 16:19 --------- d-----w C:\Programfiler\Fake Webcam 2007-10-21 11:32 --------- d-----w C:\Programfiler\Dell Network Assistant 2007-10-20 00:56 129,784 ------w C:\WINDOWS\system32\pxafs.dll 2007-10-20 00:56 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe 2007-10-08 15:16 --------- d-----w C:\Programfiler\Java 2007-10-07 17:53 --------- d-----w C:\Documents and Settings\Mathu\Programdata\dvdcss 2007-10-01 09:02 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-10-01 09:02 --------- d--h--w C:\Programfiler\Zero G Registry 2007-10-01 09:02 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\Sports Interactive 2007-09-17 18:38 1,400 ----a-w C:\Documents and Settings\Mathu\Programdata\wklnhst.dat 2007-09-15 16:26 --------- d-----w C:\Programfiler\TVAnts 2007-09-15 16:23 --------- d-----w C:\Programfiler\MSN Messenger 2007-09-15 16:22 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\ppStream 2007-09-11 14:30 76,560 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys 2007-08-21 06:18 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-08-21 06:18 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll 2007-08-20 10:03 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll 2007-08-20 10:03 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll 2007-08-20 10:03 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll 2007-08-20 10:03 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll 2007-08-20 10:03 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-08-20 10:03 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-08-20 10:03 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-08-20 10:03 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll 2007-08-20 10:03 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-08-20 10:03 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-08-20 10:03 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-08-20 10:03 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-08-20 10:03 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll 2007-08-20 10:03 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll 2007-08-20 10:03 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-08-20 10:03 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll 2007-08-20 10:03 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll 2007-08-20 10:03 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-08-20 10:03 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll 2007-08-20 10:03 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll 2007-08-20 10:03 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll 2007-08-20 10:03 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll 2007-08-20 10:03 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll 2007-08-17 10:24 63,488 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-08-17 10:24 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe 2007-08-17 10:24 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-08-17 07:34 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll 2007-04-21 19:50 168 ----a-w C:\Documents and Settings\Mayoo\Programdata\wklnhst.dat 2007-06-24 21:55:17 6,369 --sh--w C:\WINDOWS\system32\ggjlm.bak1 2007-06-27 09:55:41 1,174,541 --sh--w C:\WINDOWS\system32\ggjlm.bak2 2007-06-27 11:21:07 1,204,383 --sh--w C:\WINDOWS\system32\ggjlm.ini2 . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-01 02:54] "CTHelper"="CTHELPER.EXE" [2005-11-08 12:30 C:\WINDOWS\CTHELPER.EXE] "CTxfiHlp"="CTXFIHLP.EXE" [2006-03-02 04:00 C:\WINDOWS\system32\CTXFIHLP.EXE] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11] "IAAnotif"="C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 07:15] "DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [] "CTDVDDET"="C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00] "VolPanel"="C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01] "AudioDrvEmulator"="C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00] "ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2004-12-13 15:30] "Norton Ghost 10.0"="C:\Programfiler\Norton Ghost\Agent\GhostTray.exe" [2005-12-07 16:05] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20] "ISUSPM Startup"="C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50] "Google Desktop Search"="C:\Programfiler\Google\Google Desktop Search\GoogleDesktop.exe" [2006-10-12 21:04] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Programfiler\Google\Gmail Notifier\gnotify.exe" [2005-07-15 22:48] "ppmate"="C:\Programfiler\PPMate\PPMate\ppmate.exe" [] "NeroFilterCheck"="C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40] "MskAgentexe"="C:\Programfiler\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 14:32] "LogitechCameraAssistant"="C:\Programfiler\Logitech\Video\CameraAssistant.exe" [2005-12-07 09:26] "LogitechVideo[inspector]"="C:\Programfiler\Logitech\Video\InstallHelper.exe" [2005-12-07 09:33] "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 16:22] "QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2007-06-29 05:24] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-07-31 17:44] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00] "MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-10-13 17:24] "MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:54] "LDM"="C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-08 21:47] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Adobe Reader Speed Launch.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26] BlueSoleil.lnk - C:\Programfiler\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-04-10 18:50:31] Dell Network Assistant.lnk - C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe [2006-10-12 21:06:13] Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-08 21:47:09] WinZip Quick Pick.lnk - C:\Programfiler\WinZip\WZQKPICK.EXE [2007-06-24 22:55:36] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R1 V2IMount;V2IMount;C:\WINDOWS\system32\drivers\V2IMount.sys R2 IAANTMON;Intel® Matrix Storage Event Monitor;C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaantmon.exe R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys R3 LVPrcMon;Logitech LVPrcMon Driver;\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys R3 OMNUSB;Omnikey AG CardMan 2020 USB-smartkortleser;C:\WINDOWS\system32\DRIVERS\sccmusbm.sys S2 0304421194599958mcinstcleanup;McAfee Application Installer Cleanup (0304421194599958);C:\WINDOWS\TEMP\030442~1.EXE C:\PROGRA~1\FELLES~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service S4 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a9aedb5-235e-11dc-a35b-001676dbeff7}] \Shell\AutoRun\command - K:\LaunchU3.exe -a *Newly Created Service* - 0304421194599958MCINSTCLEANUP *Newly Created Service* - ASPI32 . Contents of the 'Scheduled Tasks' folder "2007-10-10 20:56:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" "2007-11-02 17:30:01 C:\WINDOWS\Tasks\McAfee.com Scan for virus - Denne computer (KIRI-Mayoo).job" - c:\programfiler\mcafee.com\vso\mcmnhdlr.exe "2007-02-22 13:45:22 C:\WINDOWS\Tasks\McDefragTask.job" - c:\programfiler\mcafee\mqc\QcConsol.exe "2007-09-30 23:00:01 C:\WINDOWS\Tasks\McQcTask.job" - c:\programfiler\mcafee\mqc\QcConsol.exe . ************************************************************************** catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-09 16:52:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\\Programfiler\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe" "LogitechCameraAssistant"="C:\\Programfiler\\Logitech\\Video\\CameraAssistant.exe" . Completion time: 2007-11-09 16:53:34 - machine was rebooted . --- E O F --- Lenke til kommentar
norbat Skrevet 9. november 2007 Del Skrevet 9. november 2007 (endret) Hent Avenger og pakk det ut. Start programmet, sett prikk i "Input Script Manually" og klikk på lupen. I vinduet som kommer opp kopierer du og limer inn det som er i fet skrift under: Files to delete: C:\WINDOWS\system32\ggjlm.bak1 C:\WINDOWS\system32\ggjlm.bak2 C:\WINDOWS\system32\ggjlm.ini2 Klikk på Trafikklyset. Restart PC-en. Etter restart vil det komme en loggfil som forteller hva som har skjedd, du trenger ikke å poste den, men post en ny hjt-logg. Endret 9. november 2007 av norbat Lenke til kommentar
Babyloner Skrevet 9. november 2007 Forfatter Del Skrevet 9. november 2007 (endret) Hent Avenger og pakk det ut. Start programmet, sett prikk i "Input Script Manually" og klikk på lupen. I vinduet som kommer opp kopierer du og limer inn det som er i fet skrift under: Files to delete: C:\WINDOWS\system32\ggjlm.bak1 C:\WINDOWS\system32\ggjlm.bak2 C:\WINDOWS\system32\ggjlm.ini2 Klikk på Trafikklyset. Restart PC-en. Etter restart vil det komme en loggfil som forteller hva som har skjedd, du trenger ikke å poste den, men post en ny hjt-logg. Lupen vil si lyset azza? EDIT: fant det ut.. Endret 9. november 2007 av MyoK Lenke til kommentar
Babyloner Skrevet 9. november 2007 Forfatter Del Skrevet 9. november 2007 Da var det også gjort.. Her er den nye hjt-loggen: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:53:43, on 09.11.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\Programfiler\Dell Network Assistant\hnm_svc.exe C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Programfiler\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Programfiler\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Norton Ghost\Agent\GhostTray.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Google\Google Desktop Search\GoogleDesktop.exe C:\Programfiler\Google\Gmail Notifier\gnotify.exe C:\Programfiler\Norton Ghost\Agent\VProSvc.exe C:\Programfiler\McAfee\MSK\MskAgent.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Programfiler\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Programfiler\QuickTime\QTTask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Programfiler\McAfee\MPS\mpsevh.exe C:\Programfiler\Dell Network Assistant\ezi_hnm2.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\notepad.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.no/ig/dell?hl=no&client=dell-row&channel=no&ibd=0061012 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.no/ig/dell?hl=no&client=dell-row&channel=no&ibd=0061012 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\programfiler\mcafee\virusscan\scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programfiler\BAE\BAE.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [CTDVDDET] "C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Programfiler\Norton Ghost\Agent\GhostTray.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programfiler\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programfiler\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [ppmate] C:\Programfiler\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Programfiler\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Dell Network Assistant.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0304421194599958) (0304421194599958mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP30442~1.EXE (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programfiler\IVT Corporation\BlueSoleil\BTNtService.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FELLES~1\McAfee\EmProxy\emproxy.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Programfiler\Dell Network Assistant\hnm_svc.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programfiler\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Programfiler\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Programfiler\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 14219 bytes Ser alt ut til å være bra nå? Lenke til kommentar
norbat Skrevet 9. november 2007 Del Skrevet 9. november 2007 Ja, det ser greit ut dette. Du kan godt fixe disse med hjt (start hjt, velg "Do a system scan only", sett merke framfor linjene og klikk Fix checked): O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programfiler\BAE\BAE.dll (file missing O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe (file missing) Det virker også som om du har noen prosesser knyttet til Norton antivirus liggende. Dette bør avinstalleres/fjernes, da jeg antar det er McAfee du bruker. Hvis du tidligere har hatt av-prog fra Norton, kan du bruke Norton Removal Tool Lenke til kommentar
Babyloner Skrevet 9. november 2007 Forfatter Del Skrevet 9. november 2007 Takk for hjelpen..håper alt virker nå.. Ja..hadde Norton Ghost..fikk den sammen med PC-en.. Det er en ting til jeg lurer på, kan like så godt spørre deg; Hver gang jeg kjører en virusscan, så klikker PC-en. Det skjer omtrent når jeg kommer til fil nummer 140 000...Jeg får aldr med meg hvilken fil det er snakk om. Det som skjer er at jeg får en blå skjerm, der det står at det har oppstått en feil og at hvis problemet fortsetter så bør jeg ta kontakt med systemansvarlig.. Har du en ide på hva som kan være galt? Lenke til kommentar
norbat Skrevet 9. november 2007 Del Skrevet 9. november 2007 Tror vi sjekker dette litt nærmere... Hvis du ikke bruker noe fra Norton nå, fjerner du det. La oss ta en scan til som kanskje kan si noe mer: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Post loggfilen fra combofix (c:\combofix.txt). Lenke til kommentar
Babyloner Skrevet 9. november 2007 Forfatter Del Skrevet 9. november 2007 ja..da har jeg kjørt Combofix på nytt.. her er loggen : ComboFix 07-11-08.1 - Mayoo 2007-11-09 20:19:42.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.47.1044.18.1505 [GMT 1:00] Running from: C:\Documents and Settings\Mayoo\Skrivebord\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-10-09 to 2007-11-09 ))))))))))))))))))))))))))))))) . 2007-11-09 16:41 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-11-09 16:38 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL 2007-11-09 16:38 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS 2007-11-09 15:28 <DIR> d-------- C:\Programfiler\Trend Micro 2007-11-09 00:34 <DIR> d-------- C:\Documents and Settings\Mathu\Programdata\DivX 2007-11-07 18:49 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe 2007-10-24 17:13 <DIR> d-------- C:\Programfiler\Webcam Simulator 2007-10-24 17:13 10,624 --a------ C:\WINDOWS\system32\drivers\vcam.sys 2007-10-24 17:07 17,024 --a------ C:\WINDOWS\system32\drivers\mcclib.sys 2007-10-24 17:07 4,864 --a------ C:\WINDOWS\system32\drivers\mcctl.sys 2007-10-20 01:56 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-10-20 01:56 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-10-20 01:56 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe 2007-10-20 01:56 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-10-20 01:54 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2007-10-20 01:54 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll 2007-10-20 01:54 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll 2007-10-20 01:54 739,840 --a------ C:\WINDOWS\system32\DivX.dll 2007-10-20 01:54 196,608 --a------ C:\WINDOWS\system32\dtu100.dll 2007-10-20 01:54 81,920 --a------ C:\WINDOWS\system32\dpl100.dll 2007-10-19 16:16 <DIR> d-------- C:\Programfiler\Red Kawa 2007-10-19 16:16 <DIR> d-------- C:\Programfiler\AviSynth 2.5 2007-10-18 10:06 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2007-10-18 10:03 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll 2007-10-18 10:03 344,064 --a------ C:\WINDOWS\system32\dpus11.dll 2007-10-18 10:03 294,912 --a------ C:\WINDOWS\system32\dpu11.dll 2007-10-18 10:03 294,912 --a------ C:\WINDOWS\system32\dpu10.dll 2007-10-18 10:03 57,344 --a------ C:\WINDOWS\system32\dpv11.dll 2007-10-18 10:03 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll 2007-10-18 10:02 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll 2007-10-10 09:06 582,656 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-09 19:17 --------- d---a-w C:\Documents and Settings\All Users\Programdata\TEMP 2007-11-09 19:13 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared 2007-11-09 15:46 --------- d-----w C:\Programfiler\Winamp 2007-11-09 15:20 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\LimeWire 2007-11-09 09:19 --------- d-----w C:\Programfiler\McAfee 2007-11-08 19:51 --------- d--h--w C:\Programfiler\Creative Installation Information 2007-11-08 19:51 --------- d-----w C:\Programfiler\Creative 2007-11-08 19:51 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\Creative 2007-11-08 19:51 --------- d-----w C:\Documents and Settings\All Users\Programdata\Creative 2007-11-08 19:50 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-11-08 15:58 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\uTorrent 2007-11-07 17:49 --------- d-----w C:\Programfiler\DivX 2007-10-24 16:19 --------- d-----w C:\Programfiler\Fake Webcam 2007-10-21 11:32 --------- d-----w C:\Programfiler\Dell Network Assistant 2007-10-20 00:56 129,784 ------w C:\WINDOWS\system32\pxafs.dll 2007-10-20 00:56 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe 2007-10-08 15:16 --------- d-----w C:\Programfiler\Java 2007-10-07 17:53 --------- d-----w C:\Documents and Settings\Mathu\Programdata\dvdcss 2007-10-01 09:02 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-10-01 09:02 --------- d--h--w C:\Programfiler\Zero G Registry 2007-10-01 09:02 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\Sports Interactive 2007-09-17 18:38 1,400 ----a-w C:\Documents and Settings\Mathu\Programdata\wklnhst.dat 2007-09-15 16:26 --------- d-----w C:\Programfiler\TVAnts 2007-09-15 16:23 --------- d-----w C:\Programfiler\MSN Messenger 2007-09-15 16:22 --------- d-----w C:\Documents and Settings\Mayoo\Programdata\ppStream 2007-09-11 14:30 76,560 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys 2007-08-21 06:18 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-08-21 06:18 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll 2007-08-20 10:03 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll 2007-08-20 10:03 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll 2007-08-20 10:03 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll 2007-08-20 10:03 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll 2007-08-20 10:03 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-08-20 10:03 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-08-20 10:03 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-08-20 10:03 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll 2007-08-20 10:03 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-08-20 10:03 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-08-20 10:03 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-08-20 10:03 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-08-20 10:03 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll 2007-08-20 10:03 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll 2007-08-20 10:03 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-08-20 10:03 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll 2007-08-20 10:03 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll 2007-08-20 10:03 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-08-20 10:03 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll 2007-08-20 10:03 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll 2007-08-20 10:03 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll 2007-08-20 10:03 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll 2007-08-20 10:03 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll 2007-08-17 10:24 63,488 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-08-17 10:24 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe 2007-08-17 10:24 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-08-17 07:34 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll 2007-04-21 19:50 168 ----a-w C:\Documents and Settings\Mayoo\Programdata\wklnhst.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-01 02:54] "CTHelper"="CTHELPER.EXE" [2005-11-08 12:30 C:\WINDOWS\CTHELPER.EXE] "CTxfiHlp"="CTXFIHLP.EXE" [2006-03-02 04:00 C:\WINDOWS\system32\CTXFIHLP.EXE] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11] "IAAnotif"="C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 07:15] "DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [] "CTDVDDET"="C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00] "VolPanel"="C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01] "AudioDrvEmulator"="C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20] "ISUSPM Startup"="C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50] "Google Desktop Search"="C:\Programfiler\Google\Google Desktop Search\GoogleDesktop.exe" [2006-10-12 21:04] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Programfiler\Google\Gmail Notifier\gnotify.exe" [2005-07-15 22:48] "ppmate"="C:\Programfiler\PPMate\PPMate\ppmate.exe" [] "NeroFilterCheck"="C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40] "MskAgentexe"="C:\Programfiler\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 14:32] "LogitechCameraAssistant"="C:\Programfiler\Logitech\Video\CameraAssistant.exe" [2005-12-07 09:26] "LogitechVideo[inspector]"="C:\Programfiler\Logitech\Video\InstallHelper.exe" [2005-12-07 09:33] "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 16:22] "QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2007-06-29 05:24] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-07-31 17:44] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00] "MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-10-13 17:24] "MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:54] "LDM"="C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-08 21:47] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Adobe Reader Speed Launch.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26] BlueSoleil.lnk - C:\Programfiler\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-04-10 18:50:31] Dell Network Assistant.lnk - C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe [2006-10-12 21:06:13] Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-08 21:47:09] WinZip Quick Pick.lnk - C:\Programfiler\WinZip\WZQKPICK.EXE [2007-06-24 22:55:36] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R2 IAANTMON;Intel® Matrix Storage Event Monitor;C:\Programfiler\Intel\Intel Matrix Storage Manager\Iaantmon.exe R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys R3 LVPrcMon;Logitech LVPrcMon Driver;\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys R3 OMNUSB;Omnikey AG CardMan 2020 USB-smartkortleser;C:\WINDOWS\system32\DRIVERS\sccmusbm.sys S2 0304421194599958mcinstcleanup;McAfee Application Installer Cleanup (0304421194599958);C:\WINDOWS\TEMP\030442~1.EXE C:\PROGRA~1\FELLES~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service S4 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a9aedb5-235e-11dc-a35b-001676dbeff7}] \Shell\AutoRun\command - K:\LaunchU3.exe -a . Contents of the 'Scheduled Tasks' folder "2007-10-10 20:56:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" "2007-11-09 17:30:02 C:\WINDOWS\Tasks\McAfee.com Scan for virus - Denne computer (KIRI-Mayoo).job" - c:\programfiler\mcafee.com\vso\mcmnhdlr.exe "2007-02-22 13:45:22 C:\WINDOWS\Tasks\McDefragTask.job" - c:\programfiler\mcafee\mqc\QcConsol.exe "2007-09-30 23:00:01 C:\WINDOWS\Tasks\McQcTask.job" - c:\programfiler\mcafee\mqc\QcConsol.exe . ************************************************************************** catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-09 20:21:21 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\\Programfiler\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe" "LogitechCameraAssistant"="C:\\Programfiler\\Logitech\\Video\\CameraAssistant.exe" . Completion time: 2007-11-09 20:21:59 C:\ComboFix2.txt ... 2007-11-09 16:53 . --- E O F --- Lenke til kommentar
norbat Skrevet 9. november 2007 Del Skrevet 9. november 2007 Loggen ser ok ut. Du kan avinstallere combofix: Klikk Start->Kjør. Skriv: ComboFix /u Når programmet starter opp, velger du valg 2. Står det ikke noe mer på denne blåskjermen som kan si noe om evt. hvilken fil som kan være problemet? Forsøk å scanne fra sikker modus (tapp F8 under oppstart, velg sikkermodus) Lenke til kommentar
Babyloner Skrevet 9. november 2007 Forfatter Del Skrevet 9. november 2007 Nei..det står faktisk ikke noe annet som kan si hvilken fil det er.. Men kan prøve å kjøre virus programmet om igjen imorra..så kan vi se videre på det da... Men takk for hjelpen igjen.. Jeg fortsetter å poste i denne tråden..elr hva? Lenke til kommentar
Babyloner Skrevet 10. november 2007 Forfatter Del Skrevet 10. november 2007 Tok en Virusscan idag..og alt gikk helt fint.. Ser ut som det var det buffer-problemet som var årsaken.. Så da er alt fint her Takk for hjelpen Lenke til kommentar
norbat Skrevet 10. november 2007 Del Skrevet 10. november 2007 Fint. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av Systemgjenopprettingen .....", restart pc, fjern merket igjen for å aktivere funksjonen. Surf trygt. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå