Zirion Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 Jeg har noen få problemer med pcn, f.eks. at både Firefox og IE laster ned ufullstendige og korrupte arkiver og filer, og at program som burde fungere fint lukker seg (crysis, cs, photoshop ++) Tenkte kanskje at jeg hadde virus eller noe sånt, så har kjørt CCcleaner, combofix, superantispyware og hijackthis, men finner ingenting. Her er loggene: Sas: Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan Loghttp://www.superantispyware.com Generated 12/31/2007 at 02:07 AM Application Version : 3.9.1008 Core Rules Database Version : 3371 Trace Rules Database Version: 1366 Scan type : Complete Scan Total Scan Time : 00:34:57 Memory items scanned : 611 Memory threats detected : 0 Registry items scanned : 6201 Registry threats detected : 0 File items scanned : 66496 File threats detected : 0 Combofix: Klikk for å se/fjerne innholdet nedenfor ComboFix 07-12-21.4 - Christian 2007-12-31 1:37:05.1 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1044.18.2111 [GMT 1:00] Running from: C:\Users\Christian\Desktop\ComboFix(2).exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-11-28 to 2007-12-31 ))))))))))))))))))))))))))))))) . 2007-12-31 01:30 . 2007-12-31 01:30 <DIR> d-------- C:\Users\Christian\AppData\Roaming\SUPERAntiSpyware.com 2007-12-31 01:30 . 2007-12-31 01:30 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com 2007-12-31 01:30 . 2007-12-31 01:30 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com 2007-12-31 01:29 . 2007-12-31 01:29 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-29 01:59 . 2007-12-29 19:12 <DIR> d-------- C:\Program Files\Common Files\Steam 2007-12-29 01:58 . 2007-12-29 19:40 <DIR> d-------- C:\Program Files\Steam 2007-12-29 00:11 . 2007-12-29 00:11 <DIR> d-------- C:\Program Files\EA GAMES 2007-12-28 13:48 . 2007-12-28 13:48 2,923,520 --a------ C:\Windows\explorer.exe 2007-12-28 13:47 . 2007-12-28 13:47 8,147,968 --a------ C:\Windows\System32\wmploc.DLL 2007-12-28 13:47 . 2007-12-28 13:47 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll 2007-12-28 13:47 . 2007-12-28 13:47 1,686,528 --a------ C:\Windows\System32\gameux.dll 2007-12-28 13:47 . 2007-12-28 13:47 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll 2007-12-28 13:47 . 2007-12-28 13:47 229,888 --a------ C:\Windows\System32\msshsq.dll 2007-12-28 13:47 . 2007-12-28 13:47 7,680 --a------ C:\Windows\System32\spwmp.dll 2007-12-28 13:47 . 2007-12-28 13:47 4,096 --a------ C:\Windows\System32\msdxm.ocx 2007-12-28 13:47 . 2007-12-28 13:47 4,096 --a------ C:\Windows\System32\dxmasf.dll 2007-12-28 13:44 . 2007-12-28 13:44 974,336 --a------ C:\Windows\System32\crypt32.dll 2007-12-28 01:13 . 2007-12-07 23:32 18,016,322 --a------ C:\Program Files\Floola.exe 2007-12-27 15:27 . 2007-12-27 15:27 0 --a------ C:\Windows\ativpsrm.bin 2007-12-27 14:48 . 2007-12-27 14:48 45 --a------ C:\Windows\System32\initdebug.nfo 2007-12-26 02:00 . 2007-12-26 02:00 <DIR> d-------- C:\Users\Christian\AppData\Roaming\vlc 2007-12-25 16:32 . 2007-12-25 16:32 <DIR> d-------- C:\Program Files\RivaTuner v2.06 2007-12-25 13:45 . 2007-12-25 13:45 <DIR> dr-h----- C:\Users\Christian\AppData\Roaming\SecuROM 2007-12-25 13:36 . 2007-12-25 13:36 <DIR> d-------- C:\Program Files\GameSpy 2007-12-25 13:34 . 2007-12-25 13:34 <DIR> d-------- C:\Windows\System32\URTTEMP 2007-12-25 12:42 . 2007-12-25 12:42 669,184 --a------ C:\Windows\System32\pbsvc.exe 2007-12-25 12:42 . 2007-12-25 12:42 103,736 --a------ C:\Windows\System32\PnkBstrB.exe 2007-12-25 12:42 . 2007-12-25 12:42 66,872 --a------ C:\Windows\System32\PnkBstrA.exe 2007-12-25 12:42 . 2007-12-25 12:42 22,328 --a------ C:\Windows\System32\drivers\PnkBstrK.sys 2007-12-25 12:42 . 2007-12-25 12:42 22,328 --a------ C:\Users\Christian\AppData\Roaming\PnkBstrK.sys 2007-12-25 12:41 . 2007-12-25 12:41 <DIR> d-------- C:\Users\All Users\Media Center Programs 2007-12-25 12:41 . 2007-12-25 12:41 <DIR> d-------- C:\ProgramData\Media Center Programs 2007-12-25 12:23 . 2007-12-29 02:28 <DIR> d-------- C:\Program Files\Electronic Arts 2007-12-25 11:48 . 2007-12-25 11:48 <DIR> d-------- C:\Users\Christian\AppData\Roaming\Talkback 2007-12-25 11:46 . 2007-12-25 11:46 0 --a------ C:\Users\Christian\AppData\Roaming\wklnhst.dat 2007-12-24 01:51 . 2007-12-24 01:51 <DIR> d-------- C:\Users\Christian\AppData\Roaming\COWON 2007-12-24 01:50 . 2007-12-28 14:00 <DIR> dr------- C:\Users\Christian\Searches 2007-12-24 01:50 . 2007-12-24 01:50 <DIR> dr------- C:\Users\Christian\Contacts 2007-12-24 01:50 . 2007-12-24 01:50 <DIR> d-------- C:\Users\Christian\AppData\Roaming\ATI 2007-12-24 01:43 . 2007-12-24 01:50 <DIR> dr------- C:\Users\Christian\Videos 2007-12-24 01:43 . 2007-12-24 01:50 <DIR> dr------- C:\Users\Christian\Saved Games 2007-12-24 01:43 . 2007-12-24 01:50 <DIR> dr------- C:\Users\Christian\Pictures 2007-12-24 01:43 . 2007-12-24 01:50 <DIR> dr------- C:\Users\Christian\Music 2007-12-24 01:43 . 2007-12-29 20:09 <DIR> dr------- C:\Users\Christian\Links 2007-12-24 01:43 . 2007-12-24 01:50 <DIR> dr------- C:\Users\Christian\Downloads 2007-12-24 01:43 . 2007-12-29 02:32 <DIR> dr------- C:\Users\Christian\Documents 2007-12-24 01:43 . 2006-11-02 13:37 <DIR> d-------- C:\Users\Christian\AppData\Roaming\Media Center Programs 2007-12-24 01:43 . 2007-12-24 01:50 <DIR> d--h----- C:\Users\Christian\AppData 2007-12-23 14:15 . 2007-12-23 14:15 <DIR> dr------- C:\Users\Christian\Videos 2007-12-23 14:15 . 2007-12-23 14:15 <DIR> dr------- C:\Users\Christian\Pictures 2007-12-23 14:15 . 2007-12-23 14:15 <DIR> dr------- C:\Users\Christian\Music 2007-12-22 20:23 . 2007-12-22 20:23 <DIR> dr------- C:\Users\Christian\Searches 2007-12-22 20:23 . 2007-12-22 20:23 <DIR> d-------- C:\Users\Christian\AppData\Roaming\ATI 2007-12-22 20:22 . 2007-12-22 20:23 <DIR> dr------- C:\Users\Christian\Saved Games 2007-12-22 20:22 . 2007-12-22 20:23 <DIR> dr------- C:\Users\Christian\Links 2007-12-22 20:22 . 2007-12-22 20:23 <DIR> dr------- C:\Users\Christian\Downloads 2007-12-22 20:22 . 2007-12-22 20:22 <DIR> dr------- C:\Users\Christian\Contacts 2007-12-22 20:22 . 2006-11-02 13:37 <DIR> d-------- C:\Users\Christian\AppData\Roaming\Media Center Programs 2007-12-22 20:22 . 2007-12-22 20:23 <DIR> d--h----- C:\Users\Christian\AppData 2007-12-22 15:23 . 2007-12-22 15:23 <DIR> d-------- C:\Program Files\Common Files\COWON 2007-12-22 14:34 . 2007-12-22 14:34 <DIR> d-------- C:\Program Files\psx emulation cheater 2007-12-22 14:12 . 2007-12-22 14:12 0 --a------ C:\Windows\nsreg.dat 2007-12-20 21:30 . 2007-12-20 21:30 <DIR> d-------- C:\Program Files\ImgBurn 2007-12-20 21:29 . 2007-12-20 21:29 <DIR> d-------- C:\Program Files\DVD Decrypter 2007-12-20 21:20 . 2007-12-22 20:37 <DIR> d-------- C:\Users\All Users\WLInstaller 2007-12-20 21:20 . 2007-12-22 20:37 <DIR> d-------- C:\ProgramData\WLInstaller 2007-12-20 21:20 . 2007-12-20 21:20 <DIR> d-------- C:\Program Files\Windows Live 2007-12-20 21:20 . 2007-12-20 21:25 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2007-12-20 21:08 . 2007-12-20 21:11 <DIR> d-------- C:\Program Files\BitLord 2007-12-20 18:37 . 2007-12-20 18:37 205,824 --a------ C:\Windows\System32\msoeacct.dll 2007-12-20 18:37 . 2007-12-20 18:37 87,040 --a------ C:\Windows\System32\msoert2.dll 2007-12-20 18:37 . 2007-12-20 18:37 39,424 --a------ C:\Windows\System32\ACCTRES.dll 2007-12-20 18:36 . 2007-12-20 18:36 376,320 --a------ C:\Windows\System32\winsrv.dll 2007-12-20 18:36 . 2007-12-20 18:36 374,456 --a------ C:\Windows\System32\mcupdate_GenuineIntel.dll 2007-12-20 18:36 . 2007-12-20 18:36 49,664 --a------ C:\Windows\System32\csrsrv.dll 2007-12-20 18:35 . 2007-12-20 18:35 414,208 --a------ C:\Windows\System32\msscp.dll 2007-12-20 18:35 . 2007-12-20 18:35 396,800 --a------ C:\Windows\System32\MPSSVC.dll 2007-12-20 18:35 . 2007-12-20 18:35 392,192 --a------ C:\Windows\System32\FirewallAPI.dll 2007-12-20 18:35 . 2007-12-20 18:35 178,688 --a------ C:\Windows\System32\iphlpsvc.dll 2007-12-20 18:35 . 2007-12-20 18:35 86,016 --a------ C:\Windows\System32\icfupgd.dll 2007-12-20 18:35 . 2007-12-20 18:35 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys 2007-12-20 18:35 . 2007-12-20 18:35 61,952 --a------ C:\Windows\System32\cmifw.dll 2007-12-20 18:35 . 2007-12-20 18:35 23,040 --a------ C:\Windows\System32\drivers\tunnel.sys 2007-12-20 18:35 . 2007-12-20 18:35 16,896 --a------ C:\Windows\System32\wfapigp.dll 2007-12-20 18:35 . 2007-12-20 18:35 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS 2007-12-20 18:34 . 2007-12-20 18:34 1,191,936 --a------ C:\Windows\System32\msxml3.dll 2007-12-20 18:34 . 2007-12-20 18:34 104,448 --a------ C:\Windows\System32\DWWIN.EXE 2007-12-20 18:34 . 2007-12-20 18:34 2,048 --a------ C:\Windows\System32\msxml3r.dll 2007-12-20 18:33 . 2007-12-20 18:33 1,335,296 --a------ C:\Windows\System32\msxml6.dll 2007-12-20 18:33 . 2007-12-20 18:33 1,327,104 --a------ C:\Windows\System32\quartz.dll 2007-12-20 18:33 . 2007-12-20 18:33 223,232 --a------ C:\Windows\System32\WMASF.DLL 2007-12-20 18:33 . 2007-12-20 18:33 9,728 --a------ C:\Windows\System32\LAPRXY.DLL 2007-12-20 18:33 . 2007-12-20 18:33 2,048 --a------ C:\Windows\System32\msxml6r.dll 2007-12-20 18:33 . 2007-12-20 18:33 2,048 --a------ C:\Windows\System32\asferror.dll 2007-12-20 18:31 . 2007-12-20 18:31 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe 2007-12-20 18:31 . 2007-12-20 18:31 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe 2007-12-20 18:31 . 2007-12-20 18:31 788,992 --a------ C:\Windows\System32\rpcrt4.dll 2007-12-20 18:31 . 2007-12-20 18:31 152,576 --a------ C:\Windows\System32\imagehlp.dll 2007-12-20 18:31 . 2007-12-20 18:31 130,048 --a------ C:\Windows\System32\drivers\srv2.sys 2007-12-20 18:31 . 2007-12-20 18:31 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-28 13:00 174 --sha-w C:\Program Files\desktop.ini 2007-12-28 12:57 --------- d-----w C:\Program Files\Windows Mail 2007-12-28 12:57 --------- d-----w C:\Program Files\Windows Defender 2007-12-28 12:57 --------- d-----w C:\Program Files\Windows Calendar 2007-12-28 12:49 8,192 ----a-w C:\Windows\System32\riched32.dll 2007-12-28 12:49 77,824 ----a-w C:\Windows\System32\rascfg.dll 2007-12-28 12:49 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys 2007-12-28 12:49 694,784 ----a-w C:\Windows\System32\localspl.dll 2007-12-28 12:49 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys 2007-12-28 12:49 52,736 ----a-w C:\Windows\System32\rasdiag.dll 2007-12-28 12:49 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys 2007-12-28 12:49 384,000 ----a-w C:\Windows\System32\netcfgx.dll 2007-12-28 12:49 33,280 ----a-w C:\Windows\System32\traffic.dll 2007-12-28 12:49 32,768 ----a-w C:\Windows\System32\rasmxs.dll 2007-12-28 12:49 286,208 ----a-w C:\Windows\System32\ipnathlp.dll 2007-12-28 12:49 22,016 ----a-w C:\Windows\System32\rasser.dll 2007-12-28 12:49 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys 2007-12-28 12:49 15,360 ----a-w C:\Windows\System32\pacerprf.dll 2007-12-28 12:49 134,656 ----a-w C:\Windows\System32\dps.dll 2007-12-28 12:49 13,824 ----a-w C:\Windows\System32\wshqos.dll 2007-12-28 12:49 13,824 ----a-w C:\Windows\System32\icsunattend.exe 2007-12-28 12:48 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr 2007-12-28 12:48 67,584 ----a-w C:\Windows\System32\wlanhlp.dll 2007-12-28 12:48 542,720 ----a-w C:\Windows\System32\sysmain.dll 2007-12-28 12:48 502,784 ----a-w C:\Windows\System32\wlansvc.dll 2007-12-28 12:48 47,104 ----a-w C:\Windows\System32\wlanapi.dll 2007-12-28 12:48 297,984 ----a-w C:\Windows\System32\wlansec.dll 2007-12-28 12:48 290,816 ----a-w C:\Windows\System32\wlanmsm.dll 2007-12-28 12:48 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys 2007-12-28 12:48 24,064 ----a-w C:\Windows\System32\wtsapi32.dll 2007-12-28 12:48 2,027,008 ----a-w C:\Windows\System32\win32k.sys 2007-12-28 12:47 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2007-12-28 12:47 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2007-12-28 12:47 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll 2007-12-28 12:47 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2007-12-28 12:46 8,704 ----a-w C:\Windows\System32\hcrstco.dll 2007-12-28 12:46 8,704 ----a-w C:\Windows\System32\hccoin.dll 2007-12-28 12:46 57,856 ----a-w C:\Windows\System32\SLUINotify.dll 2007-12-28 12:46 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll 2007-12-28 12:46 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys 2007-12-28 12:46 39,936 ----a-w C:\Windows\System32\slcinst.dll 2007-12-28 12:46 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys 2007-12-28 12:46 351,232 ----a-w C:\Windows\System32\SLUI.exe 2007-12-28 12:46 33,280 ----a-w C:\Windows\System32\slwmi.dll 2007-12-28 12:46 268,288 ----a-w C:\Windows\System32\mcbuilder.exe 2007-12-28 12:46 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys 2007-12-28 12:46 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys 2007-12-28 12:46 223,232 ----a-w C:\Windows\System32\SLC.dll 2007-12-28 12:46 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe 2007-12-28 12:46 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys 2007-12-28 12:46 186,368 ----a-w C:\Windows\System32\SLLUA.exe 2007-12-28 12:45 88,576 ----a-w C:\Windows\System32\avifil32.dll 2007-12-28 12:45 82,944 ----a-w C:\Windows\System32\mciavi32.dll 2007-12-28 12:45 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr 2007-12-28 12:45 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll 2007-12-28 12:45 69,632 ----a-w C:\Windows\System32\sendmail.dll 2007-12-28 12:45 65,024 ----a-w C:\Windows\System32\avicap32.dll 2007-12-28 12:45 61,440 ----a-w C:\Windows\System32\ntprint.exe 2007-12-28 12:45 53,760 ----a-w C:\Windows\system32\drivers\hdaudbus.sys 2007-12-28 12:45 31,232 ----a-w C:\Windows\System32\msvidc32.dll 2007-12-28 12:45 269,824 ----a-w C:\Windows\System32\schannel.dll 2007-12-28 12:45 220,160 ----a-w C:\Windows\System32\ntprint.dll 2007-12-28 12:45 123,904 ----a-w C:\Windows\System32\msvfw32.dll 2007-12-28 12:45 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll 2007-12-28 12:45 12,800 ----a-w C:\Windows\System32\msrle32.dll 2007-12-28 12:45 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll 2007-12-28 12:45 1,984,512 ----a-w C:\Windows\System32\authui.dll 2007-12-20 17:32 84,480 ----a-w C:\Windows\System32\INETRES.dll 2007-12-20 17:32 737,792 ----a-w C:\Windows\System32\inetcomm.dll 2007-12-20 17:32 56,320 ----a-w C:\Windows\System32\iesetup.dll 2007-12-20 17:32 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2007-12-20 17:32 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2007-12-05 02:56 43,520 ----a-w C:\Windows\System32\ati2edxx.dll 2007-12-05 02:56 274,432 ----a-w C:\Windows\System32\atipdlxx.dll 2007-12-05 02:56 159,744 ----a-w C:\Windows\System32\atitmmxx.dll 2007-12-05 02:55 245,760 ----a-w C:\Windows\System32\Ati2evxx.dll 2007-12-05 02:54 626,688 ----a-w C:\Windows\System32\Ati2evxx.exe 2007-12-05 02:43 3,117,568 ----a-w C:\Windows\System32\atiumdag.dll 2007-12-05 02:30 3,934,720 ----a-w C:\Windows\System32\atiumdva.dll 2007-11-18 11:24 --------- d-----w C:\Program Files\Microsoft Games 2007-11-13 09:10 --------- d-sh--w C:\ProgramData\Start-meny 2007-11-13 09:10 --------- d-sh--w C:\ProgramData\Skrivebord 2007-11-13 09:10 --------- d-sh--w C:\ProgramData\Programdata 2007-11-13 09:10 --------- d-sh--w C:\ProgramData\Maler 2007-11-13 09:10 --------- d-sh--w C:\ProgramData\Favoritter 2007-11-13 09:10 --------- d-sh--w C:\ProgramData\Dokumenter 2007-11-13 09:10 --------- d-sh--w C:\Program Files\Fellesfiler . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="C:\Users\Christian\Desktop\SAS\SUPERAntiSpyware.exe" [2007-06-21 14:06] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-28 13:48] "Acrobat Assistant 8.0"="D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46] "Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 11:35] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 11:37] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Jensen AirLink Utility.lnk - C:\Program Files\Jensen\Common\JensenUI.exe [2007-11-28 17:05:42] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Users\Christian\Desktop\SAS\SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Users\Christian.Neger\Desktop\SAS\SASWINLO.dll 2007-04-19 13:41 294912 C:\Users\Christian\Desktop\SAS\SASWINLO.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" R1 DLARTL_M;DLARTL_M;C:\Windows\system32\Drivers\DLARTL_M.SYS [2007-02-08 20:05] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-05 04:08] R3 netr28u;Jensen USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28u.sys [2007-04-30 19:29] S3 RivaTuner32;RivaTuner32;C:\Program Files\RivaTuner v2.06\RivaTuner32.sys [2007-10-30 19:05] S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService [] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService REG_MULTI_SZ nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc ehstart NetworkService REG_MULTI_SZ CryptSvc DHCP TermService KtmRm DNSCache NapAgent nlasvc WinRM WECSVC Tapisrv WerSvcGroup REG_MULTI_SZ wersvc swprv REG_MULTI_SZ swprv LocalServiceNetworkRestricted REG_MULTI_SZ DHCP eventlog AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc WPCSvc PnrpAutoReg regsvc REG_MULTI_SZ RemoteRegistry wcssvc REG_MULTI_SZ WcsPlugInService DcomLaunch REG_MULTI_SZ PlugPlay DcomLaunch wdisvc REG_MULTI_SZ WdiServiceHost sdrsvc REG_MULTI_SZ sdrsvc secsvcs REG_MULTI_SZ WinDefend HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs AeLookupSvc wercplsupport Themes CertPropSvc SCPolicySvc lanmanserver gpsvc IKEEXT AudioSrv FastUserSwitchingCompatibility Nla NWCWorkstation SRService Wmi WmdmPmSp TermService wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr iphlpsvc seclogon AppInfo msiscsi MMCSS ProfSvc EapHost winmgmt schedule SessionEnv browser hkmsvc *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 *Newly Created Service* - SASDIFSV *Newly Created Service* - SASENUM *Newly Created Service* - SASKUTIL . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-31 01:40:10 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\Windows\Explorer.exe [6.00.6000.16549] -> C:\Windows\system32\DLAAPI_W.DLL . Completion time: 2007-12-31 1:40:55 . 2007-12-30 14:04:51 --- E O F --- HiJack This: Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:02:23, on 31.12.2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Jensen\Common\JensenUI.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\BitLord\BitLord.exe C:\Windows\System32\notepad.exe C:\Windows\Explorer.exe C:\Users\Christian\Desktop\Ny mappe\Fhuu.exe C:\Windows\system32\notepad.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Users\Christian\Desktop\SAS\SUPERAntiSpyware.exe O4 - Global Startup: Jensen AirLink Utility.lnk = C:\Program Files\Jensen\Common\JensenUI.exe O8 - Extra context menu item: Append to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\FRONTP~1\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O20 - Winlogon Notify: !SASWinLogon - C:\Users\Christian\Desktop\SAS\SASWINLO.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 5814 bytes Kan noen se om det er noe feil her? Lenke til kommentar
norbat Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 Så langt øyet mitt rekker, er det ingen ting i disse loggene som tilsier at du er infisert med noe. Du vet sikkert selv hva denne fila er: C:\Users\navn\Desktop\Ny mappe\Fhuu.exe? Nå har Vista noe som kalles Pålitelighetsovervåking (tilgang fra Kontrollpanelet). Derfra kan det være mulig å finne ut hva som gjør PC-en ustabil. Sjekk dette, Zirion. Lenke til kommentar
Zirion Skrevet 31. desember 2007 Forfatter Del Skrevet 31. desember 2007 Fhuu.exe var faktisk det jeg renama Hijackthis til Pålitelighetsovervåking finner heller ingen feil. Det eneste jeg kommer på nå er å gjenopprette pcn helt. Har vista et sånt verktøy, eller må jeg bruke ultimate boot-cd e.l.? Lenke til kommentar
norbat Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 (endret) Jeg kjenner ikke så godt til pålitelighetsovervåkingen, men det er vel en graf som går litt opp og ned. Der grafen går ned, betyr det at PC-en er mer ustabil. Det skulle muligens gå an å klikke på grafen for å få opp noe info under som sier hvorfor? Å formatere/gjenopprette pc helt høres litt drastisk ut, hvis ikke du er typen som synes det er en grei affære da. Hvordan dette gjøres på PC-en kommer litt an på. Har du cd'er (recovery cd/dvd), ligger det en skjult partisjon med Vista-installasjonen som aktiveres vha noen taster (se i manualen) etc ... Har du sjekket at du har alle oppdateringer inne for Vista? Skjer det ofte at programmer lukker seg plutselig? Dobbeltsjekk i denne pålitelighetsovervåkingen for å se om den ikke kan avsløre noe om hvorfor dette skjer. Fhuu.exe var faktisk det jeg renama Hijackthis til Ja, det er lurt å forandre programnavnet. Men å kalle det noe likt en Vundo-infeksjon er kanskje ikke så lurt Endret 31. desember 2007 av norbat Lenke til kommentar
Zirion Skrevet 31. desember 2007 Forfatter Del Skrevet 31. desember 2007 (endret) Oppdateringer er installert, ja. Det skjer ikke så veldig ofte at programmene lukker seg. For meg er det de ufullstendige nedlastningene som er den største irritasjonsfaktoren. Fra den 20.12 til d.d. har programmer sluttet å virke 37 ganger i følge pålitelighetsovervåking. I tillegg er det et par installasjonsfeil, men det er pga de ufullstendige nedlastningene. Ingen feil i windows, diverse eller maskinvare. Jeg har prøvd å reinstallere firefox, men har ikke hatt noe hell med det. Endret 31. desember 2007 av Zirion Lenke til kommentar
norbat Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 Står noe noe om HVORFOR programmene slutter å virke? (se under grafen e.l. Burde finnes noe mer info om grunnen). Er det noen spesielle type programmer du laster ned som får denne 'ufullstendigheten'? Er det filer som er kompatible med Vista (det er det sikkert, men må bare spørre) Lenke til kommentar
Zirion Skrevet 31. desember 2007 Forfatter Del Skrevet 31. desember 2007 Mye mulig at det er jeg som er en komplett idiot, men ser ikke at det står noe om årsaken til at programmene avslutter. Med Internet Explorer er det setups og arkiver, og med Firefox er det for det meste bare arkiver. Jeg har prøvd mange forskjellige arkiver, både .rar, .zip og 7-zip, og på stedene og forumene jeg laster det ned fra oppgir andre at de fungerer perfekt. Jeg har prøvd å oppdatere og reinstallere winrar og 7-zip. Det går heller ikke ann å installere MSN Live. Setupen ser ut til å fungere, men når den er ferdig med å samle informasjon om tidligere MSN versjoner på pcn, oppstår det en feil. Lenke til kommentar
norbat Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 (endret) Er dette et problem som har oppstått i nyere tid? Hvis, så kan du forsøke å kjøre en systemgjenoppretting til en dato da ting og tang virket ok. Endret 31. desember 2007 av norbat Lenke til kommentar
Zirion Skrevet 31. desember 2007 Forfatter Del Skrevet 31. desember 2007 Igrunn ikke. Har vært tilstede helt siden jeg opprettet nettverket. Lenke til kommentar
norbat Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 Send en forespørsel til en moderator om å flytte denne tråden over til Vistadelen av forumet. Tror du kan få noe mer hjelp/info om veien videre der. Slik jeg ser det er det ikke virus/spyware relatert men mer en Vista som er litt korrupt? I XP kan man sjekke systemfilene ved å skrive sfc /scannow fra kjørvinduet. Du kan se om du ikke kan gjøre det samme i Vista. Det sjekker systemfilene og reparerer evt. feil. Lenke til kommentar
Zirion Skrevet 31. desember 2007 Forfatter Del Skrevet 31. desember 2007 Forespørsel sendt:) Tusen takk for all hjelpen Norbat:D Lenke til kommentar
Zirion Skrevet 31. desember 2007 Forfatter Del Skrevet 31. desember 2007 Kjørte et registerbooster program, og det fant 268 feil i registeret. Er litt redd for å reparere det, pga at jeg har ødelagt ting på den måten før. Programmet heter Uniblue RegistryBooster og virker pålitelig. Burde jeg reparere dette? Lenke til kommentar
norbat Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 268 trenger ikke å være så mye, og om du får tilbud om å lage en backup av registeret før du reparerer så skulle det være ok. ( CCleaner har også en registerrens som jeg synes er god og snill) Lenke til kommentar
Zirion Skrevet 31. desember 2007 Forfatter Del Skrevet 31. desember 2007 Reparert registerfeil, men problemet vedvarer. Når jeg skriver inn sfc /scannow åpnes det et kommando-vindu, men det lukkes igjen umiddelbart. Noen andre som vet om vista har en liknenede funksjon som fungerer? Lenke til kommentar
norbat Skrevet 31. desember 2007 Del Skrevet 31. desember 2007 http://support.microsoft.com/kb/929833/en-us Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå