Antagelig virus - hjelp?

Legobilen · 13. mars 2008

Jeg har i lengre tid hatt mistanke om virus på PC-en min. Har alltid hatt SAS, som har fungert helt ok til nylig. Når jeg nå kjører SAS, så henger PC-en seg og jeg må restarte. Ofte kjører den da chkdsk. Dette hjelper ikke. Gidder noen skjekke loggene mine?

HJT:

Klikk for å se/fjerne innholdet nedenfor

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:08:49, on 13.03.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Programfiler\iTunes\iTunesHelper.exe

C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Programfiler\DAEMON Tools\daemon.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Programfiler\Logitech\SetPoint\SetPoint.exe

C:\Programfiler\Fellesfiler\Logishrd\KHAL2\KHALMNPR.EXE

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Programfiler\Hamachi\hamachi.exe

C:\Programfiler\Opera\Opera.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programfiler\F-Secure Internet Security\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programfiler\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: hamachi.lnk = C:\Programfiler\Hamachi\hamachi.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1204574947796

O18 - Protocol: bw+0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: offline-8876480 - {C0496EBE-0606-4398-891D-10CAB11EF9BB} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - Unknown owner - C:\Programfiler\F-Secure Internet Security\FSAUA\program\fsaua.exe (file missing)

O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Programfiler\F-Secure Internet Security\Common\FSMA32.EXE (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programfiler\Fellesfiler\Logitech\Bluetooth\LBTServ.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 18528 bytes

ComboFix:

Klikk for å se/fjerne innholdet nedenfor

ComboFix 08-03-10.1 - Arne 2008-03-13 17:50:45.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.2855 [GMT 1:00]

Running from: C:\Documents and Settings\Arne\Programdata\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2008-02-13 to 2008-03-13 )))))))))))))))))))))))))))))))

.

2008-03-13 17:48 . 2008-03-13 17:48 <DIR> d-------- C:\Programfiler\CCleaner

2008-03-13 17:12 . 2008-03-13 17:12 <DIR> d--hs---- C:\found.001

2008-03-13 17:07 . 2008-03-13 17:07 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\F-Secure

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> dr------- C:\Documents and Settings\Administrator\Start-meny

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> d--h----- C:\Documents and Settings\Administrator\Skrivere

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> d-------- C:\Documents and Settings\Administrator\Skrivebord

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> d--h----- C:\Documents and Settings\Administrator\Siste

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> dr-h----- C:\Documents and Settings\Administrator\Programdata

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> d-------- C:\Documents and Settings\Administrator\Mine dokumenter

2008-03-13 16:12 . 2008-03-03 20:33 <DIR> d--h----- C:\Documents and Settings\Administrator\Maler

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> d--h----- C:\Documents and Settings\Administrator\Lokale innstillinger

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> d-------- C:\Documents and Settings\Administrator\Favoritter

2008-03-13 16:12 . 2008-03-03 19:32 <DIR> d--h----- C:\Documents and Settings\Administrator\AndrMask

2008-03-13 16:10 . 2008-03-13 16:29 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\F-Secure

2008-03-13 16:09 . 2008-03-13 16:09 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\fssg

2008-03-11 16:59 . 2008-03-11 16:59 <DIR> d-------- C:\Programfiler\Hamachi

2008-03-11 16:59 . 2008-03-13 17:44 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\Hamachi

2008-03-11 16:59 . 2008-03-11 16:59 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys

2008-03-11 13:55 . 2008-03-11 13:55 <DIR> d--hs---- C:\found.000

2008-03-08 13:03 . 2008-03-08 13:03 <DIR> d-------- C:\Fraps

2008-03-08 13:03 . 2008-03-08 13:03 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\TEMP

2008-03-08 13:02 . 2008-03-08 13:02 <DIR> d-------- C:\Programfiler\Fellesfiler\Blizzard Entertainment

2008-03-08 13:00 . 2008-03-10 18:11 <DIR> d-------- C:\Programfiler\World of Warcraft

2008-03-08 12:49 . 2008-03-12 19:13 <DIR> d-------- C:\Programfiler\Windows Live Safety Center

2008-03-07 21:21 . 2008-03-07 21:35 <DIR> d-------- C:\Programfiler\LastChaosUSA

2008-03-07 21:17 . 2008-03-07 21:17 <DIR> d-------- C:\Programfiler\Trend Micro

2008-03-04 23:24 . 2008-03-04 23:24 <DIR> d-------- C:\Programfiler\MSXML 6.0

2008-03-04 18:35 . 2008-03-08 17:13 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\dvdcss

2008-03-04 16:31 . 2008-03-04 16:31 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\vlc

2008-03-04 14:59 . 2008-03-04 14:59 <DIR> d-------- C:\Programfiler\Ventrilo

2008-03-03 23:00 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll

2008-03-03 23:00 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll

2008-03-03 23:00 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll

2008-03-03 23:00 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll

2008-03-03 23:00 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll

2008-03-03 23:00 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll

2008-03-03 23:00 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll

2008-03-03 22:57 . 2008-03-03 22:57 <DIR> d-------- C:\Programfiler\Electronic Arts

2008-03-03 22:55 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll

2008-03-03 22:53 . 2008-03-03 22:53 <DIR> d-------- C:\Programfiler\Microsoft.NET

2008-03-03 22:53 . 2008-03-03 22:53 <DIR> d-------- C:\Programfiler\Microsoft Works

2008-03-03 22:51 . 2008-03-03 22:53 <DIR> d-------- C:\WINDOWS\SHELLNEW

2008-03-03 22:51 . 2008-03-03 22:51 <DIR> d-------- C:\Programfiler\Microsoft Visual Studio 8

2008-03-03 22:50 . 2008-03-03 22:50 <DIR> dr-h----- C:\MSOCache

2008-03-03 22:50 . 2008-03-03 22:55 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Microsoft Help

2008-03-03 22:49 . 2008-03-03 22:49 <DIR> d-------- C:\Team17

2008-03-03 22:48 . 2008-03-03 22:50 <DIR> d-------- C:\Programfiler\TrackMania Nations ESWC

2008-03-03 22:48 . 2008-03-03 22:48 <DIR> d-------- C:\Programfiler\oDC

2008-03-03 22:47 . 2008-03-03 22:47 <DIR> d--h----- C:\WINDOWS\PIF

2008-03-03 22:47 . 2008-03-05 19:05 <DIR> d-------- C:\Programfiler\VentSrv

2008-03-03 22:23 . 2008-03-04 14:58 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\Ventrilo

2008-03-03 22:16 . 2008-03-04 12:03 <DIR> d-------- C:\Documents and Settings\Arne\Contacts

2008-03-03 22:13 . 2008-03-05 16:28 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware

2008-03-03 22:13 . 2008-03-04 14:59 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-03-03 22:13 . 2008-03-03 22:13 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\SUPERAntiSpyware.com

2008-03-03 22:13 . 2008-03-03 22:13 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com

2008-03-03 22:11 . 2008-03-03 22:11 <DIR> d-------- C:\Programfiler\MSN Messenger

2008-03-03 22:09 . 2008-03-03 22:09 <DIR> d-------- C:\Programfiler\DAEMON Tools

2008-03-03 22:07 . 2008-03-03 22:07 <DIR> d-------- C:\WINDOWS\system32\XPSViewer

2008-03-03 22:07 . 2008-03-03 22:07 <DIR> d-------- C:\Programfiler\VideoLAN

2008-03-03 22:07 . 2008-03-03 22:53 <DIR> d-------- C:\Programfiler\MSBuild

2008-03-03 22:07 . 2008-03-03 22:07 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys

2008-03-03 22:06 . 2008-03-03 22:06 <DIR> d-------- C:\Programfiler\Reference Assemblies

2008-03-03 22:06 . 2008-03-03 22:08 <DIR> d-------- C:\fc5711e58f77bcc149b4171e35

2008-03-03 22:06 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll

2008-03-03 22:05 . 2008-03-07 18:50 <DIR> d-------- C:\Programfiler\mIRC

2008-03-03 22:05 . 2008-03-07 20:46 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\mIRC

2008-03-03 22:04 . 2008-03-03 22:04 <DIR> d-------- C:\Programfiler\Windows Media Connect 2

2008-03-03 22:04 . 2008-03-03 22:04 <DIR> d-------- C:\Program Files

2008-03-03 22:04 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb

2008-03-03 22:04 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb

2008-03-03 22:04 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2008-03-03 22:03 . 2008-03-03 22:04 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

2008-03-03 22:03 . 2008-03-13 17:43 <DIR> d-------- C:\Programfiler\Steam

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Programfiler\QuickTime

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Programfiler\iTunes

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Programfiler\iPod

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Programfiler\Fellesfiler\Apple

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Programfiler\Bonjour

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Programfiler\Apple Software Update

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\Apple Computer

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Apple Computer

2008-03-03 22:03 . 2008-03-03 22:03 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Apple

2008-03-03 22:03 . 2008-03-13 17:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-03-03 22:03 . 2008-03-03 22:03 1,409 --a------ C:\WINDOWS\QTFont.for

2008-03-03 22:02 . 2008-03-03 22:02 <DIR> d-------- C:\Programfiler\uTorrent

2008-03-03 22:02 . 2008-03-13 15:52 <DIR> d-------- C:\Documents and Settings\Arne\Programdata\uTorrent

2008-03-03 21:56 . 2008-03-03 21:56 <DIR> d-------- C:\Programfiler\AMD

2008-03-03 21:54 . 2008-03-03 21:54 <DIR> d-------- C:\WINDOWS\nview

2008-03-03 21:54 . 2008-03-03 21:54 <DIR> d-------- C:\NVIDIA

2008-03-03 21:54 . 2007-12-05 01:41 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe

2008-03-03 21:54 . 2008-03-04 14:20 163,353 --a------ C:\WINDOWS\system32\nvapps.xml

2008-03-03 21:54 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll

2008-03-03 21:54 . 2007-12-05 01:41 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu

2008-03-03 21:52 . 2008-03-03 21:52 <DIR> d-------- C:\Programfiler\Opera

2008-03-03 21:51 . 2006-08-21 10:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys

2008-03-03 21:51 . 2006-08-21 10:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe

2008-03-03 21:51 . 2006-08-21 13:28 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll

2008-03-03 21:50 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-07 20:21 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-03-03 20:29 --------- d-----w C:\Programfiler\Fellesfiler\Logitech

2008-03-03 20:11 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield

2008-03-03 19:58 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe

2008-03-03 19:57 --------- d-----w C:\Programfiler\Logitech

2008-03-03 19:36 --------- d-----w C:\Programfiler\microsoft frontpage

2008-03-03 19:35 558,142 ----a-w C:\WINDOWS\java\Packages\V7T7RXZF.ZIP

2008-03-03 19:35 155,995 ----a-w C:\WINDOWS\java\Packages\JB9NFFBZ.ZIP

2008-03-03 19:34 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester

2008-03-03 19:33 --------- d-----w C:\Programfiler\Elektroniske tjenester

2008-01-14 12:52 81,920 ----a-w C:\WINDOWS\system32\frapsvid.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360]

"LDM"="C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-03-03 20:58 32768]

"Steam"="C:\Programfiler\Steam\Steam.exe" [2008-03-03 22:04 1266936]

"DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2007-08-22 13:06 167368]

"MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]

"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-03-05 16:28 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 03:47 16208384 C:\WINDOWS\RTHDCPL.exe]

"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 02:17 55824 C:\WINDOWS\KHALMNPR.Exe]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]

"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]

"QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]

"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

"GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]

"F-Secure Manager"="C:\Programfiler\F-Secure Internet Security\Common\FSM32.exe" [ ]

"F-Secure TNB"="C:\Programfiler\F-Secure Internet Security\FSGUI\TNBUtil.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]

C:\Documents and Settings\Arne\Start-meny\Programmer\Oppstart\

hamachi.lnk - C:\Programfiler\Hamachi\hamachi.exe [2008-03-11 16:59:41 624416]

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

Adobe Gamma Loader.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-03 21:34:42 113664]

Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-03-03 20:58:05 450560]

Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2008-03-03 21:29:34 789008]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

c:\programfiler\fellesfiler\logitech\bluetooth\LBTWlgn.dll 2008-01-09 12:30 72208 c:\Programfiler\Fellesfiler\Logitech\Bluetooth\LBTWLgn.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\uTorrent\\uTorrent.exe"=

"C:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

"C:\\Programfiler\\iTunes\\iTunes.exe"=

"C:\\Programfiler\\Steam\\Steam.exe"=

"C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\MSN Messenger\\livecall.exe"=

"C:\\Programfiler\\TrackMania Nations ESWC\\TmNationsESWC.exe"=

"C:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Programfiler\\Microsoft Office\\Office12\\GROOVE.EXE"=

"C:\\Programfiler\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"C:\\Programfiler\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=

"C:\\Programfiler\\Steam\\steamapps\\horseofcourse\\counter-strike\\hl.exe"=

"C:\\Programfiler\\Steam\\steamapps\\horseofcourse\\counter-strike source\\hl2.exe"=

"C:\\Programfiler\\VentSrv\\ventrilo_srv.exe"=

"C:\\Programfiler\\mIRC\\mirc.exe"=

"C:\\Programfiler\\LastChaosUSA\\LC.exe"=

S3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Programfiler\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys []

S4 F-Secure Filter;F-Secure File System Filter;C:\Programfiler\F-Secure Internet Security\Anti-Virus\Win2K\FSfilter.sys []

S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Programfiler\F-Secure Internet Security\Anti-Virus\Win2K\FSrec.sys []

*Newly Created Service* - APPMGMT

.

Contents of the 'Scheduled Tasks' folder

"2008-03-10 16:12:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-13 17:52:26

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-03-13 17:52:44

.

2008-03-12 22:32:27 --- E O F ---

snippsat · 13. mars 2008

Sett over loggene ser greit ut.

Uinstall denne ligger og søker i bakgrunn.

"Logitech Desktop Messenger"

Litt opprydding.

Last ned kjør CCleaner

Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere xx.

Kjør register-renser og.

Defragmere + Pagedefrag

Hdd sjekk.

Hd Tune

Error scan.

Start->kjør->cmd

CHKDSK /F

CHKDSK /R

Etter dette prøv og kjør sas.

Viss den henger seg,prøve og se hvor.

Kan være noen filer som er låst av minne eller annen software.

Endret 13. mars 2008 av SNIPPSAT

Legobilen · 13. mars 2008

"Logitech Desktop Messenger" - Slettet

Ccleaner: Ferdig

Har defragmentert C:

Men det virker som om systemet ikke takler HD-tune. Den har hengt seg to ganger nå.. HW'n min står på profil, det er snakk om den stasjonære.

Harddisken som XP ligger på er denne

Merkelig nok funker HD-tune på D-disken min.. Men ikke på C..

Innimellom får jeg også slike 'popups':

Endret 13. mars 2008 av En kaktus?

snippsat · 13. mars 2008

Kjør chkdsk fra recovery console.

http://itpro.no/art/9467.html

CHKDSK /F

CHKDSK /R

Meldinger som det,fås ofte når hdd begynner og bli dårlig.

http://www.ultimatebootcd.com/

Hard Disk Diagnostic Tools

Kjør test for ditt merke.

Kjør også test for minnet.

Memtest86+ 1.70(ligger på ubcd)

Endret 14. mars 2008 av SNIPPSAT

Legobilen · 14. mars 2008

Fikk kjørt chkdsk i gårkveld. Da var det 5 steg isteden for de 3 vanlige. Merkelig at det skal være hdd som fusker, da jeg kjøpte den for noen uker siden. Får vel kontakte komplett da. Skal kjøre ultimatebootcd når jeg kommer hjem

Endret 14. mars 2008 av En kaktus?

Logg inn

Antagelig virus - hjelp?

Anbefalte innlegg

Legobilen

Lenke til kommentar

Videoannonse

snippsat

Lenke til kommentar

Legobilen

Lenke til kommentar

snippsat

Lenke til kommentar

Legobilen

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Populær nå

Skal man selv avbryte sykemelding om man blir bedre under sykemelding? Selv om arbeidsgiver er grunnen 1 2 3

Feil politikk å sende penger til Ukraina 1 2 3 4 5

Marius Borg Høiby og vold 1 2 3 4 66

Hvem er aktive 0 medlemmer