Trenger hjelp med å bli kvitt virus. Hjelp !

[1915]

jeg har scannet mer SAS uten å bli kvitt spyware har også kjørt hijakthis uten å bli kvitt spyware. kommer opp poppupp fra IE. men jeg bruker aldri IE. bruker bare firefox. tar heller ikke windows update. for det stoler jeg ikke på

 

hvordan skal jeg bli kvitt viruset ? noen som kan hjelpe ? =)

 

Hijackthis

Klikk for å se/fjerne innholdet nedenfor

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:22:47, on 19.01.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\Programfiler\LogMeIn\x86\RaMaint.exe

C:\Programfiler\LogMeIn\x86\LogMeIn.exe

C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

C:\Programfiler\LogMeIn\x86\LogMeInSystray.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\programfiler\powerstrip\pstrip.exe

C:\Programfiler\EmvSmartCardReader\SmartMON.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Programfiler\BandwidthMeterPro\BWMeterPro.exe

C:\Programfiler\Messenger\msmsgs.exe

C:\Programfiler\Internet Explorer\IEXPLORE.EXE

C:\Programfiler\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Winamp\winamp.exe

C:\Programfiler\MSN Messenger\usnsvc.exe

C:\Programfiler\uTorrent\uTorrent.exe

C:\Programfiler\Steam\Steam.exe

C:\PROGRA~1\Mozilla Firefox\firefox.exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\DOCUME~1\qq\LOKALE~1\Temp\Rar$EX00.110\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Online Start Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Programfiler\Telenor\Online Start\IEFixItNowPlugin.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programfiler\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [PowerStrip] c:\programfiler\powerstrip\pstrip.exe

O4 - HKLM\..\Run: [smartMon] C:\Programfiler\EmvSmartCardReader\SmartMON.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [uTorrent] "C:\Programfiler\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [bandwidthMeterPro] C:\Programfiler\BandwidthMeterPro\BWMeterPro.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Pilemeet] C:\DOCUME~1\qq\PROGRA~1\DELETE~1\medialongjugs.exe

O4 - HKCU\..\Run: [steam] "c:\programfiler\steam\steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{1626B1E9-8EC6-4663-AAC3-6471E8EE439C}: NameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\..\{B59E9FDF-1448-4DE0-BD76-DAE8EAEEBC8D}: NameServer = 10.0.0.138

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Programfiler\LogMeIn\x86\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Programfiler\LogMeIn\x86\LogMeIn.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 5906 bytes

 

 

Combofix

Klikk for å se/fjerne innholdet nedenfor

Start Time= 19.01.2008 16:45:49,35

 

QuickScan did not find any signs of infected files

 

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

2008-01-19 14:36:26 ( .D... ) "C:\Programfiler\Steam"

2008-01-18 22:35:30 ( .D... ) "C:\Documents and Settings\qq\Programdata\vlc"

2008-01-18 19:59:48 ( .D... ) "C:\Programfiler\Sitecom SIM editor"

2008-01-18 19:42:42 ( .D... ) "C:\Programfiler\EmvSmartCardReader"

2008-01-18 18:44:32 ( .D... ) "C:\Documents and Settings\qq\Programdata\WinRAR"

2008-01-17 00:21:44 ( .D... ) "C:\Programfiler\Delete vga bias"

2008-01-08 19:55:46 ( .D... ) "C:\Programfiler\BearShare"

2008-01-06 18:54:30 ( .D... ) "C:\Documents and Settings\qq\Programdata\Thunderbird"

2008-01-06 18:54:26 ( .D... ) "C:\Programfiler\Mozilla Thunderbird"

2008-01-06 14:07:48 ( .D... ) "C:\Documents and Settings\qq\Programdata\AVG7"

2008-01-06 14:07:32 499712 ( A.... ) "C:\WINDOWS\system32\msvcp71.dll"

2008-01-06 14:07:32 348160 ( A.... ) "C:\WINDOWS\system32\msvcr71.dll"

2008-01-06 14:07:26 ( .D... ) "C:\Programfiler\Grisoft"

2008-01-06 14:06:40 ( .D... ) "C:\Programfiler\SUPERAntiSpyware"

2008-01-06 14:06:38 ( .D... ) "C:\Documents and Settings\qq\Programdata\SUPERAntiSpyware.com"

2008-01-06 14:06:26 ( .D... ) "C:\Programfiler\Fellesfiler\Wise Installation Wizard"

2008-01-06 14:05:56 ( .D... ) "C:\Programfiler\1234"

2008-01-06 14:05:38 ( .D... ) "C:\Programfiler\123"

2008-01-06 05:34:28 ( .D... ) "C:\Programfiler\Circle Developement"

2008-01-06 05:34:20 ( .D... ) "C:\Programfiler\Windows Live"

2008-01-06 01:16:20 ( .D... ) "C:\Documents and Settings\qq\Programdata\Nero"

2008-01-06 01:14:44 ( .D... ) "C:\Programfiler\Nero"

2008-01-06 01:14:44 ( .D... ) "C:\Programfiler\Fellesfiler\Nero"

2008-01-06 01:12:30 ( .D... ) "C:\Programfiler\DAEMON Tools"

2008-01-06 01:10:36 ( .D... ) "C:\Documents and Settings\qq\Programdata\Adobe"

2008-01-06 01:00:18 ( .D... ) "C:\Programfiler\LogMeIn"

2008-01-06 00:58:00 ( .D... ) "C:\Documents and Settings\qq\Programdata\Sun"

2008-01-06 00:54:12 ( .D... ) "C:\Documents and Settings\qq\Programdata\Screenshot Sender"

2008-01-06 00:53:20 ( .D... ) "C:\Documents and Settings\qq\Programdata\Delete vga bias"

2008-01-06 00:52:50 ( .D... ) "C:\Documents and Settings\qq\Programdata\BWMeterPro"

2008-01-06 00:52:44 ( .D... ) "C:\Programfiler\AnMing"

2008-01-06 00:52:24 ( .D... ) "C:\Programfiler\BandwidthMeterPro"

2008-01-06 00:51:58 ( .D... ) "C:\Programfiler\Messenger Plus! Live"

2008-01-06 00:50:52 ( .D... ) "C:\Programfiler\Java"

2008-01-06 00:50:50 ( .D... ) "C:\Programfiler\Fellesfiler\Java"

2008-01-06 00:50:44 ( .D... ) "C:\Programfiler\PowerISO"

2008-01-06 00:50:00 ( .D... ) "C:\Programfiler\Winamp"

2008-01-06 00:50:00 ( .D... ) "C:\Documents and Settings\qq\Programdata\Winamp"

2008-01-06 00:47:56 ( .D... ) "C:\Programfiler\ImgBurn"

2008-01-06 00:47:22 ( .D... ) "C:\Programfiler\DVDFab Decrypter 3"

2008-01-06 00:46:00 ( .D... ) "C:\Programfiler\uTorrent"

2008-01-06 00:45:30 ( .D... ) "C:\Programfiler\VideoLAN"

2008-01-06 00:45:16 ( .D... ) "C:\Programfiler\PowerStrip"

2008-01-06 00:44:20 ( .D... ) "C:\Documents and Settings\qq\Programdata\Mozilla"

2008-01-06 00:44:06 ( .D... ) "C:\Documents and Settings\qq\Programdata\uTorrent"

2008-01-06 00:43:48 ( .D... ) "C:\Programfiler\Mozilla Firefox"

2008-01-06 00:43:42 ( .D... ) "C:\Programfiler\Yahoo!"

2008-01-06 00:43:36 ( .D... ) "C:\Programfiler\CCleaner"

2008-01-06 00:43:22 ( .D... ) "C:\Programfiler\Fellesfiler\Adobe"

2008-01-06 00:43:22 ( .D... ) "C:\Programfiler\Adobe"

2008-01-06 00:43:02 ( .D... ) "C:\Documents and Settings\qq\Programdata\Macromedia"

2008-01-06 00:42:50 ( .D... ) "C:\Programfiler\Telenor"

2008-01-06 00:42:26 ( .D... ) "C:\Programfiler\WinRAR"

2008-01-06 00:42:18 ( .D... ) "C:\Programfiler\MSN Messenger"

2008-01-06 00:41:12 ( .D... ) "C:\Programfiler\Guitar Pro 4"

2008-01-05 23:23:38 ( .D... ) "C:\Programfiler\Fellesfiler\ODBC"

2008-01-05 23:23:36 ( .D... ) "C:\Programfiler\Fellesfiler\SpeechEngines"

2008-01-05 23:23:34 ( .D... ) "C:\Programfiler\Fellesfiler\Microsoft Shared"

2008-01-05 23:23:34 ( .D... ) "C:\Programfiler\Fellesfiler"

2008-01-05 23:23:14 62 ( A.SH. ) "C:\Documents and Settings\qq\Programdata\desktop.ini"

2008-01-05 23:00:30 ( .D... ) "C:\Programfiler\ESET"

2008-01-05 22:55:26 ( .D... ) "C:\Programfiler\Intel"

2008-01-05 22:53:58 ( .D.H. ) "C:\Programfiler\InstallShield Installation Information"

2008-01-05 22:53:58 ( .D... ) "C:\Programfiler\SigmaTel"

2008-01-05 22:53:20 ( .D... ) "C:\Programfiler\Fellesfiler\InstallShield"

2008-01-05 22:46:18 ( .D... ) "C:\Documents and Settings\qq\Programdata\Identities"

2008-01-05 22:46:16 ( .D.H. ) "C:\Programfiler\Uninstall Information"

2008-01-05 22:46:10 ( .DS.. ) "C:\Documents and Settings\qq\Programdata\Microsoft"

2008-01-05 22:36:24 ( .D... ) "C:\Programfiler\xerox"

2008-01-05 22:36:24 ( .D... ) "C:\Programfiler\microsoft frontpage"

2008-01-05 22:36:06 0 ( A.... ) "C:\AUTOEXEC.BAT"

2008-01-05 22:34:56 ( .D.H. ) "C:\Programfiler\WindowsUpdate"

2008-01-05 22:34:54 ( .D... ) "C:\Programfiler\Elektroniske tjenester"

2008-01-05 22:34:16 ( .D... ) "C:\Programfiler\Fellesfiler\Tjenester"

2008-01-05 22:34:12 ( .D... ) "C:\Programfiler\Fellesfiler\MSSoap"

2008-01-05 22:34:02 ( .D... ) "C:\Programfiler\Movie Maker"

2008-01-05 22:33:54 ( .D... ) "C:\Programfiler\NetMeeting"

2008-01-05 22:33:50 ( .D... ) "C:\Programfiler\Outlook Express"

2008-01-05 22:33:46 ( .D... ) "C:\Programfiler\Fellesfiler\System"

2008-01-05 22:33:44 ( .D... ) "C:\Programfiler\Internet Explorer"

2008-01-05 22:33:14 ( .D... ) "C:\Programfiler\ComPlus Applications"

2008-01-05 22:33:04 ( .D... ) "C:\Programfiler\Windows Media Player"

2008-01-05 22:32:58 ( .D... ) "C:\Programfiler\Messenger"

2008-01-05 22:32:56 ( .D... ) "C:\Programfiler\MSN Gaming Zone"

2008-01-05 22:32:34 ( .D... ) "C:\Programfiler\Windows NT"

2007-12-05 02:53:08 356352 ( A.... ) "C:\WINDOWS\system32\NVUNINST.EXE"

2007-12-05 01:41:00 8523776 ( A.... ) "C:\WINDOWS\system32\nvcpl.dll"

2007-12-05 01:41:00 6901760 ( A.... ) "C:\WINDOWS\system32\nvoglnt.dll"

2007-12-05 01:41:00 6549504 ( A.... ) "C:\WINDOWS\system32\nvdisps.dll"

2007-12-05 01:41:00 5773568 ( A.... ) "C:\WINDOWS\system32\nv4_disp.dll"

2007-12-05 01:41:00 5611520 ( A.... ) "C:\WINDOWS\system32\nvdispsr.dll"

2007-12-05 01:41:00 3715072 ( A.... ) "C:\WINDOWS\system32\nvvitvsr.dll"

2007-12-05 01:41:00 3710976 ( A.... ) "C:\WINDOWS\system32\nvvitvs.dll"

2007-12-05 01:41:00 3420160 ( A.... ) "C:\WINDOWS\system32\nvgames.dll"

2007-12-05 01:41:00 3334144 ( A.... ) "C:\WINDOWS\system32\nvgamesr.dll"

2007-12-05 01:41:00 2854912 ( A.... ) "C:\WINDOWS\system32\nvmoblsr.dll"

2007-12-05 01:41:00 2519040 ( A.... ) "C:\WINDOWS\system32\nvwssr.dll"

2007-12-05 01:41:00 2498560 ( A.... ) "C:\WINDOWS\system32\nvwss.dll"

2007-12-05 01:41:00 1703936 ( A.... ) "C:\WINDOWS\system32\nvwdmcpl.dll"

2007-12-05 01:41:00 1626112 ( A.... ) "C:\WINDOWS\system32\nwiz.exe"

2007-12-05 01:41:00 1474560 ( A.... ) "C:\WINDOWS\system32\nview.dll"

2007-12-05 01:41:00 1339392 ( A.... ) "C:\WINDOWS\system32\nvdspsch.exe"

2007-12-05 01:41:00 1228800 ( A.... ) "C:\WINDOWS\system32\nvmobls.dll"

2007-12-05 01:41:00 1089536 ( A.... ) "C:\WINDOWS\system32\nvcuda.dll"

2007-12-05 01:41:00 1073152 ( A.... ) "C:\WINDOWS\system32\nvcpluir.dll"

2007-12-05 01:41:00 1019904 ( A.... ) "C:\WINDOWS\system32\nvwimg.dll"

2007-12-05 01:41:00 753664 ( A.... ) "C:\WINDOWS\system32\nvcplui.exe"

2007-12-05 01:41:00 466944 ( A.... ) "C:\WINDOWS\system32\nvshell.dll"

2007-12-05 01:41:00 458752 ( A.... ) "C:\WINDOWS\system32\nvmccssr.dll"

2007-12-05 01:41:00 442368 ( A.... ) "C:\WINDOWS\system32\nvappbar.exe"

2007-12-05 01:41:00 425984 ( A.... ) "C:\WINDOWS\system32\keystone.exe"

2007-12-05 01:41:00 385024 ( A.... ) "C:\WINDOWS\system32\nvapi.dll"

2007-12-05 01:41:00 356352 ( A.... ) "C:\WINDOWS\system32\nvudisp.exe"

2007-12-05 01:41:00 335872 ( A.... ) "C:\WINDOWS\system32\nvwrses.dll"

2007-12-05 01:41:00 335872 ( A.... ) "C:\WINDOWS\system32\nvwrsel.dll"

2007-12-05 01:41:00 327680 ( A.... ) "C:\WINDOWS\system32\nvwrsfr.dll"

2007-12-05 01:41:00 327680 ( A.... ) "C:\WINDOWS\system32\nvwrsesm.dll"

2007-12-05 01:41:00 327680 ( A.... ) "C:\WINDOWS\system32\nvrshe.dll"

2007-12-05 01:41:00 327680 ( A.... ) "C:\WINDOWS\system32\nvrsar.dll"

2007-12-05 01:41:00 323584 ( A.... ) "C:\WINDOWS\system32\nvwrspt.dll"

2007-12-05 01:41:00 323584 ( A.... ) "C:\WINDOWS\system32\nvwrsit.dll"

2007-12-05 01:41:00 319488 ( A.... ) "C:\WINDOWS\system32\nvwrsptb.dll"

2007-12-05 01:41:00 319488 ( A.... ) "C:\WINDOWS\system32\nvwrsnl.dll"

2007-12-05 01:41:00 315392 ( A.... ) "C:\WINDOWS\system32\nvwrsru.dll"

2007-12-05 01:41:00 315392 ( A.... ) "C:\WINDOWS\system32\nvwrshu.dll"

2007-12-05 01:41:00 311296 ( A.... ) "C:\WINDOWS\system32\nvwrsde.dll"

2007-12-05 01:41:00 307200 ( A.... ) "C:\WINDOWS\system32\nvexpbar.dll"

2007-12-05 01:41:00 303104 ( A.... ) "C:\WINDOWS\system32\nvwrstr.dll"

2007-12-05 01:41:00 303104 ( A.... ) "C:\WINDOWS\system32\nvwrssl.dll"

2007-12-05 01:41:00 303104 ( A.... ) "C:\WINDOWS\system32\nvwrsfi.dll"

2007-12-05 01:41:00 299008 ( A.... ) "C:\WINDOWS\system32\nvwrssk.dll"

2007-12-05 01:41:00 299008 ( A.... ) "C:\WINDOWS\system32\nvwrsno.dll"

2007-12-05 01:41:00 294912 ( A.... ) "C:\WINDOWS\system32\nvwrssv.dll"

2007-12-05 01:41:00 294912 ( A.... ) "C:\WINDOWS\system32\nvwrspl.dll"

2007-12-05 01:41:00 294912 ( A.... ) "C:\WINDOWS\system32\nvwrsda.dll"

2007-12-05 01:41:00 290816 ( A.... ) "C:\WINDOWS\system32\nvwrsth.dll"

2007-12-05 01:41:00 286720 ( A.... ) "C:\WINDOWS\system32\nvwrseng.dll"

2007-12-05 01:41:00 286720 ( A.... ) "C:\WINDOWS\system32\nvwrscs.dll"

2007-12-05 01:41:00 286720 ( A.... ) "C:\WINDOWS\system32\nvnt4cpl.dll"

2007-12-05 01:41:00 282624 ( A.... ) "C:\WINDOWS\system32\nvwrsar.dll"

2007-12-05 01:41:00 282624 ( A.... ) "C:\WINDOWS\system32\nvrsfr.dll"

2007-12-05 01:41:00 282624 ( A.... ) "C:\WINDOWS\system32\nvrses.dll"

2007-12-05 01:41:00 282624 ( A.... ) "C:\WINDOWS\system32\nvrsel.dll"

2007-12-05 01:41:00 278528 ( A.... ) "C:\WINDOWS\system32\nvwrshe.dll"

2007-12-05 01:41:00 278528 ( A.... ) "C:\WINDOWS\system32\nvrsit.dll"

2007-12-05 01:41:00 278528 ( A.... ) "C:\WINDOWS\system32\nvrsde.dll"

2007-12-05 01:41:00 274432 ( A.... ) "C:\WINDOWS\system32\nvrspt.dll"

2007-12-05 01:41:00 274432 ( A.... ) "C:\WINDOWS\system32\nvrsnl.dll"

2007-12-05 01:41:00 274432 ( A.... ) "C:\WINDOWS\system32\nvrsesm.dll"

2007-12-05 01:41:00 270336 ( A.... ) "C:\WINDOWS\system32\nvrsru.dll"

2007-12-05 01:41:00 266240 ( A.... ) "C:\WINDOWS\system32\nvrsptb.dll"

2007-12-05 01:41:00 266240 ( A.... ) "C:\WINDOWS\system32\nvrsja.dll"

2007-12-05 01:41:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrstr.dll"

2007-12-05 01:41:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrssl.dll"

2007-12-05 01:41:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrssk.dll"

2007-12-05 01:41:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrsko.dll"

2007-12-05 01:41:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrshu.dll"

2007-12-05 01:41:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrsth.dll"

2007-12-05 01:41:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrssv.dll"

2007-12-05 01:41:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrspl.dll"

2007-12-05 01:41:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrsno.dll"

2007-12-05 01:41:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrsda.dll"

2007-12-05 01:41:00 249856 ( A.... ) "C:\WINDOWS\system32\nvrsfi.dll"

2007-12-05 01:41:00 249856 ( A.... ) "C:\WINDOWS\system32\nvrscs.dll"

2007-12-05 01:41:00 245760 ( A.... ) "C:\WINDOWS\system32\nvrseng.dll"

2007-12-05 01:41:00 229376 ( A.... ) "C:\WINDOWS\system32\nvmccs.dll"

2007-12-05 01:41:00 225280 ( A.... ) "C:\WINDOWS\system32\nvrszhc.dll"

2007-12-05 01:41:00 212992 ( A.... ) "C:\WINDOWS\system32\nvwrsja.dll"

2007-12-05 01:41:00 196608 ( A.... ) "C:\WINDOWS\system32\nvwrsko.dll"

2007-12-05 01:41:00 188416 ( A.... ) "C:\WINDOWS\system32\nvmccss.dll"

2007-12-05 01:41:00 167936 ( A.... ) "C:\WINDOWS\system32\nvwrszht.dll"

2007-12-05 01:41:00 163840 ( A.... ) "C:\WINDOWS\system32\nvwrszhc.dll"

2007-12-05 01:41:00 155716 ( A.... ) "C:\WINDOWS\system32\nvsvc32.exe"

2007-12-05 01:41:00 147456 ( A.... ) "C:\WINDOWS\system32\nvcolor.exe"

2007-12-05 01:41:00 126976 ( A.... ) "C:\WINDOWS\system32\nvrszht.dll"

2007-12-05 01:41:00 81920 ( A.... ) "C:\WINDOWS\system32\nvwddi.dll"

2007-12-05 01:41:00 81920 ( A.... ) "C:\WINDOWS\system32\nvmctray.dll"

2007-12-05 01:41:00 45056 ( A.... ) "C:\WINDOWS\system32\nvmccsrs.dll"

2007-12-05 01:41:00 35328 ( A.... ) "C:\WINDOWS\system32\nvcodins.dll"

2007-12-05 01:41:00 35328 ( A.... ) "C:\WINDOWS\system32\nvcod.dll"

2007-11-15 18:46:40 83288 ( A.... ) "C:\WINDOWS\system32\LMIRfsClientNP.dll"

2007-11-15 18:46:26 21496 ( A.... ) "C:\WINDOWS\system32\LMIport.dll"

2007-11-15 18:46:24 10040 ( A.... ) "C:\WINDOWS\system32\lmimirr2.dll"

2007-11-15 18:46:22 87352 ( A.... ) "C:\WINDOWS\system32\LMIinit.dll"

2007-11-15 18:46:22 23736 ( A.... ) "C:\WINDOWS\system32\lmimirr.dll"

2007-10-23 14:20:08 972072 ( A.... ) "C:\WINDOWS\UNNeroMediaHome.exe"

2007-10-22 08:51:32 972072 ( A.... ) "C:\WINDOWS\UNRecode.exe"

 

 

((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))))

 

*Note* empty entries are not shown

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

"SunJavaUpdateSched"="\"C:\\Programfiler\\Java\\jre1.6.0_03\\bin\\jusched.exe\""

"LogMeIn GUI"="\"C:\\Programfiler\\LogMeIn\\x86\\LogMeInSystray.exe\""

"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"

"PowerStrip"="c:\\programfiler\\powerstrip\\pstrip.exe"

"SmartMon"="C:\\Programfiler\\EmvSmartCardReader\\SmartMON.exe"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

"MsnMsgr"="\"C:\\Programfiler\\MSN Messenger\\MsnMsgr.Exe\" /background"

"uTorrent"="\"C:\\Programfiler\\uTorrent\\uTorrent.exe\""

"BandwidthMeterPro"="C:\\Programfiler\\BandwidthMeterPro\\BWMeterPro.exe"

"MSMSGS"="\"C:\\Programfiler\\Messenger\\msmsgs.exe\" /background"

"Pilemeet"="C:\\DOCUME~1\\qq\\PROGRA~1\\DELETE~1\\medialongjugs.exe"

"Steam"="\"c:\\programfiler\\steam\\steam.exe\" -silent"

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Adobe Reader Speed Launch.lnk]

"path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\Adobe Reader Speed Launch.lnk"

"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"

"location"="Common Startup"

"command"="C:\\PROGRA~1\\Adobe\\READER~1.0\\Reader\\READER~1.EXE "

"item"="Adobe Reader Speed Launch"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Adobe Reader Synchronizer.lnk]

"path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\Adobe Reader Synchronizer.lnk"

"backup"="C:\\WINDOWS\\pss\\Adobe Reader Synchronizer.lnkCommon Startup"

"location"="Common Startup"

"command"="C:\\PROGRA~1\\Adobe\\READER~1.0\\Reader\\ADOBEC~1.EXE "

"item"="Adobe Reader Synchronizer"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NMBgMonitor"

"hkey"="HKCU"

"command"="\"C:\\Programfiler\\Fellesfiler\\Nero\\Lib\\NMBgMonitor.exe\""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBKeyScan"

"hkey"="HKLM"

"command"="\"C:\\Programfiler\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NeroCheck"

"hkey"="HKLM"

"command"="C:\\Programfiler\\Fellesfiler\\Nero\\Lib\\NeroCheck.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="nwiz"

"hkey"="HKLM"

"command"="nwiz.exe /install"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pilemeet]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="medialongjugs"

"hkey"="HKCU"

"command"="C:\\DOCUME~1\\qq\\PROGRA~1\\DELETE~1\\medialongjugs.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="stsystra"

"hkey"="HKLM"

"command"="stsystra.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SUPERAntiSpyware"

"hkey"="HKCU"

"command"="C:\\Programfiler\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System Files Updater]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="System Files Updater"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\FlyakiteOSX\\Tools\\System Files Updater.exe /S"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telenor Online Start]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Telenor"

"hkey"="HKLM"

"command"="\"C:\\Programfiler\\Telenor\\Online Start\\Telenor.exe\""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="winampa"

"hkey"="HKLM"

"command"="C:\\Programfiler\\Winamp\\winampa.exe"

"inimapping"="0"

 

 

Contents of the 'Scheduled Tasks' folder

C:\WINDOWS\tasks\9CDDDFFDA53E5A45.job

 

Completion time: 19.01.2008 16:46:44,20

ComboFix ver 06.06.17 - This logfile is located at C:\ComboFix.txt

Endret 19. januar 2008 av Danielsm

[Pixl.]

enkleste er nok og reinstalere hele dritten..

ellers kan du jo skaffe deg ett annet virus program og se om det klarer og sette de infirsert filene i karantene..

[1915]

for å si det helt rett ut nå. er du DOOOM?

 

jeg formaterte for 1 månde siden og har såvidt brukt pcn.

du kunne heller la vært å svaret siden du ikke hadde noe ide om dette

Endret 19. januar 2008 av Danielsm

[Pixl.]

skal ikke mange minutene til på en pc for og få virus heller da..

sikkert ikke hatt ett godt nok virusprogram liggende inne da, eller lastet ned noe du ikke burde ha lastet, evt mange besøk til usikkre sider.

skaffe deg ett nytt anti prog(anbefaler AVG sterkt)

[1915]

skal ikke mange minutene til på en pc for og få virus heller da..

sikkert ikke hatt ett godt nok virusprogram liggende inne da, eller lastet ned noe du ikke burde ha lastet, evt mange besøk til usikkre sider.

skaffe deg ett nytt anti prog(anbefaler AVG sterkt)

1: jeg bruker avg

2: jeg er aldri inne på slike umske sider.

3: jeg laster ikke ned

 

jeg bor på hybel og har denne pcn hjemme. bruker den når jeg er hjemme de få gangene.

er ikke mye den er brukt heller

 

det er faktisk en dell pc ;O

dell dimension 9150 med windows xp pro sp2 på =)

Endret 19. januar 2008 av Danielsm