Sander92 Skrevet 22. juni 2008 Del Skrevet 22. juni 2008 Har et problem med internett, dette er bare på 1 av 4 maskiner på et nettverk. Jef bruker firefox som browser men funker heller ikke i IE. På en god del nettsider kommer jeg meg ikke inn. Jeg har lekt litt i prossesene, og fant til slutt ut at med en gang jeg tok av Explorer.exe (Startmeny, og alt på oppgavelinjen) funker internetten igjen, explorer.exe som er funnet i WINDOWS mappen. Med en gang jeg tar på explorer.exe igjen, går internetten av. Noen som har/hatt dette problemet som vet om en løsning? Mulig virus? mvh, Sander. Lenke til kommentar
Sander92 Skrevet 23. juni 2008 Forfatter Del Skrevet 23. juni 2008 Trenger fortsatt hjelp. Lenke til kommentar
snippsat Skrevet 23. juni 2008 Del Skrevet 23. juni 2008 Last ned HijackThis legg i egen mappe på skrivebordet. Start programmet og velg "Trykk scan og save log" Post HijackThis.txt Lenke til kommentar
Sander92 Skrevet 23. juni 2008 Forfatter Del Skrevet 23. juni 2008 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38:24, on 23.06.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\TortoiseSVN\bin\TSVNCache.exe C:\Programfiler\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Programfiler\Analog Devices\Core\smax4pnp.exe C:\Programfiler\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Seagate\Basics\Service\SyncServicesBasics.exe C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe C:\Programfiler\DNA\btdna.exe C:\Programfiler\Viewpoint\Common\ViewpointService.exe C:\Programfiler\ICQ6\ICQ.exe C:\Programfiler\AIM6\aim6.exe C:\Programfiler\AIM6\aolsoftware.exe C:\Programfiler\Windows Live\Messenger\usnsvc.exe C:\Programfiler\Java\jre1.6.0_02\bin\jucheck.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Sander\Skrivebord\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programfiler\AOL\AIM Toolbar 5.0\aoltb.dll R3 - URLSearchHook: (no name) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - (no file) R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: {1a4e53cf-0074-b638-cb44-a2559fad9f10} - {01f9daf9-552a-44bc-836b-4700fc35e4a1} - C:\WINDOWS\system32\ywoasjan.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {3bde8315-c089-4f68-b542-9a9f650866a8} - C:\WINDOWS\system32\ksjtkmcl.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FELLES~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {EDFF80B4-2567-4E10-A51E-9B856F94D26B} - C:\WINDOWS\system32\fccaBuro.dll O2 - BHO: (no name) - {F86B11F3-0CE1-475F-9541-5329BF7B3597} - C:\WINDOWS\system32\ddcYqnlm.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programfiler\AOL\AIM Toolbar 5.0\aoltb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\Sander\LOKALE~1\Temp\UIUCU.EXE -CLEAN_UP -S O4 - HKLM\..\Run: [basicsmssmenu] "C:\Programfiler\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [Telenorhjelpen] "C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programfiler\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [BMdb5cec3d] Rundll32.exe "C:\WINDOWS\system32\dlaktgsm.dll",s O4 - HKLM\..\Run: [d86fdfa1] rundll32.exe "C:\WINDOWS\system32\mhyvudqh.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programfiler\DNA\btdna.exe" O4 - HKCU\..\Run: [ICQ] "C:\Programfiler\ICQ6\ICQ.exe" silent O4 - HKCU\..\Run: [Aim6] "C:\Programfiler\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &AIM Search - c:\programfiler\aol\aim toolbar 5.0\resources\en-us\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programfiler\AOL\AIM Toolbar 5.0\aoltb.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programfiler\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programfiler\ICQ6\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212602604931 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212757839703 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O20 - Winlogon Notify: ddcYqnlm - C:\WINDOWS\SYSTEM32\ddcYqnlm.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Automatisk LiveUpdate-planlegging (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Programfiler\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\VAScanner\comHost.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FELLES~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Programfiler\Viewpoint\Common\ViewpointService.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 9783 bytes Der har du HJT loggen. Håper det hjelper. Lenke til kommentar
snippsat Skrevet 23. juni 2008 Del Skrevet 23. juni 2008 Ja du har mye grums,så her må vi gå hardere tilverks Last Combofix ned ,legg på skrivebordet. Ikke klikk på vindu mens programet kjører. post logg C:\combofix.txt Lenke til kommentar
Sander92 Skrevet 23. juni 2008 Forfatter Del Skrevet 23. juni 2008 (endret) fikk ikke noe logg, programmet kjørte, pc'en skrudde seg av og den gikk på, stod at den "skrev loggfilen" men den er ikke i c:\ Edit: Fant det, var en mappe kalt combofix ComboFix 08-06-20.4 - Sander 2008-06-23 11:50:18.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.564 [GMT 2:00] Running from: C:\Documents and Settings\Sander\Skrivebord\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BMdb5cec3d.xml C:\WINDOWS\pskt.ini C:\WINDOWS\system32\bgqshriv.ini C:\WINDOWS\system32\fccaBuro.dll C:\WINDOWS\system32\hqduvyhm.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\oruBaccf.ini C:\WINDOWS\system32\oruBaccf.ini2 C:\WINDOWS\system32\pccrohej.ini . ((((((((((((((((((((((((( Files Created from 2008-05-23 to 2008-06-23 ))))))))))))))))))))))))))))))) . 2008-06-23 11:55 . 2008-06-23 11:55 321,536 --a------ C:\WINDOWS\system32\ljJAQHwt.dll 2008-06-23 11:55 . 2008-06-23 11:55 345 --ahs---- C:\WINDOWS\system32\twHQAJjl.ini2 2008-06-23 11:55 . 2008-06-23 11:55 345 --ahs---- C:\WINDOWS\system32\twHQAJjl.ini 2008-06-23 11:38 . 2008-06-23 11:38 80,896 --a------ C:\WINDOWS\system32\mhyvudqh.dll 2008-06-23 11:37 . 2008-06-23 11:37 <DIR> d-------- C:\Programfiler\Trend Micro 2008-06-23 11:37 . 2008-06-23 11:37 99,328 --a------ C:\WINDOWS\system32\ywoasjan.dll 2008-06-23 11:37 . 2008-06-23 11:37 91,136 --a------ C:\WINDOWS\system32\dlaktgsm.dll 2008-06-22 22:58 . 2008-06-22 22:58 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\Symantec 2008-06-22 22:55 . 2008-06-22 22:55 <DIR> d-------- C:\Programfiler\Windows Sidebar 2008-06-22 22:53 . 2008-06-23 08:40 <DIR> d-------- C:\Programfiler\Norton Internet Security 2008-06-22 22:51 . 2008-06-23 09:30 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-06-22 22:51 . 2008-06-23 09:30 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2008-06-22 22:51 . 2008-06-23 09:30 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-06-22 22:51 . 2008-06-23 09:30 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-06-22 22:50 . 2008-06-23 09:30 <DIR> d-------- C:\Programfiler\Symantec 2008-06-22 22:49 . 2008-06-22 22:49 <DIR> dr-h----- C:\Documents and Settings\Sander\Siste 2008-06-22 22:46 . 2008-06-22 22:46 <DIR> d-------- C:\Programfiler\Yahoo! 2008-06-22 22:46 . 2008-06-23 11:53 <DIR> d-------- C:\Programfiler\Fellesfiler\Symantec Shared 2008-06-22 22:46 . 2008-06-22 22:46 <DIR> d-------- C:\Programfiler\CCleaner 2008-06-22 17:04 . 2008-06-22 17:04 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\Apple Computer 2008-06-22 16:26 . 2008-06-22 16:28 <DIR> d-------- C:\Programfiler\QuickTime 2008-06-22 16:26 . 2008-06-22 16:26 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Apple Computer 2008-06-22 16:25 . 2008-06-22 16:25 <DIR> d-------- C:\Programfiler\Apple Software Update 2008-06-22 16:25 . 2008-06-22 16:25 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Apple 2008-06-21 23:59 . 2008-06-21 23:59 99,328 --a------ C:\WINDOWS\system32\ksjtkmcl.dll 2008-06-21 23:56 . 2008-06-21 23:56 90,112 --a------ C:\WINDOWS\system32\wfgcpgjn.dll 2008-06-21 20:28 . 2008-06-21 20:28 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\ICQ Toolbar 2008-06-21 12:02 . 2008-06-21 12:05 <DIR> d-------- C:\Programfiler\Diablo II 2008-06-21 11:49 . 2008-06-21 11:49 24,576 --a------ C:\WINDOWS\system32\ddcYqnlm.dll 2008-06-20 21:18 . 2008-06-20 21:18 <DIR> d-------- C:\WINDOWS\PrimoPDF4 2008-06-20 21:18 . 2008-06-20 21:18 <DIR> d-------- C:\Programfiler\activePDF 2008-06-20 21:18 . 2006-12-11 22:12 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll 2008-06-20 21:06 . 2008-06-20 21:06 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe 2008-06-19 22:47 . 2008-06-19 22:47 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\acccore 2008-06-19 22:46 . 2008-06-19 22:46 <DIR> d-------- C:\Programfiler\Viewpoint 2008-06-19 22:46 . 2008-06-19 22:46 <DIR> d-------- C:\Programfiler\AIM Search 2008-06-19 22:46 . 2008-06-19 22:46 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Viewpoint 2008-06-19 22:46 . 2008-06-19 22:46 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\acccore 2008-06-19 22:45 . 2008-06-19 22:45 <DIR> d-------- C:\Programfiler\Fellesfiler\AOL 2008-06-19 22:45 . 2008-06-19 22:47 <DIR> d-------- C:\Programfiler\AIM6 2008-06-19 22:45 . 2008-06-19 22:48 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\AOL OCP 2008-06-19 22:45 . 2008-06-19 22:45 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\AOL 2008-06-19 22:45 . 2008-06-19 22:47 370 --ah----- C:\IPH.PH 2008-06-15 21:52 . 2008-04-14 18:22 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-06-15 21:50 . 2008-06-15 21:50 <DIR> d-------- C:\Programfiler\Riva 2008-06-15 21:50 . 2008-06-15 21:50 <DIR> d-------- C:\Programfiler\Fellesfiler\SWF Studio 2008-06-15 21:43 . 2008-06-15 21:44 <DIR> d-------- C:\Documents and Settings\Sander\dwhelper 2008-06-15 21:40 . 2008-06-15 21:40 <DIR> d-------- C:\WINDOWS\Replay Media Catcher 2008-06-15 21:38 . 2008-06-15 21:40 <DIR> d-------- C:\Programfiler\Replay Media Catcher 2008-06-15 21:38 . 2008-06-15 21:38 7,710,016 --a------ C:\Programfiler\FLV PlayerRCATSetup.exe 2008-06-15 21:38 . 2007-03-04 13:55 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll 2008-06-15 21:38 . 2008-06-15 21:37 737,280 --a------ C:\WINDOWS\iun6002.exe 2008-06-15 21:38 . 2007-03-04 13:55 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll 2008-06-15 21:37 . 2008-06-15 21:37 <DIR> d-------- C:\Programfiler\Replay Converter 2008-06-15 21:37 . 2008-06-15 21:37 <DIR> d-------- C:\Program Files 2008-06-15 21:36 . 2008-06-15 21:37 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\GetRightToGo 2008-06-15 21:36 . 2008-06-15 21:36 411,248 --a------ C:\Programfiler\FLV PlayerRCSetup.exe 2008-06-15 21:35 . 2008-06-15 21:35 <DIR> d-------- C:\WINDOWS\Applian FLV Player 2008-06-15 21:35 . 2008-06-15 21:35 <DIR> d-------- C:\Programfiler\FLV Player 2008-06-15 19:13 . 2008-06-15 19:13 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\SmartFTP 2008-06-15 19:06 . 2008-06-15 19:06 <DIR> d-------- C:\Programfiler\SmartFTP Client 2008-06-15 19:03 . 2008-06-15 19:03 <DIR> d-------- C:\Programfiler\SmartFTP Client 3.0 Setup Files 2008-06-15 12:49 . 2008-06-21 20:29 <DIR> d-------- C:\Programfiler\ICQToolbar 2008-06-15 12:49 . 2008-06-15 12:54 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\ICQ 2008-06-15 12:47 . 2008-06-15 12:54 <DIR> d-------- C:\Programfiler\ICQ6 2008-06-14 21:02 . 2008-06-15 21:35 <DIR> d-------- C:\Programfiler\World of Warcraft 2008-06-14 17:59 . 2008-06-14 17:59 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\teamspeak2 2008-06-14 17:58 . 2008-06-14 17:58 34,064 --a------ C:\WINDOWS\system32\lhacm.acm 2008-06-14 17:52 . 2008-06-14 18:02 <DIR> d-------- C:\Programfiler\Teamspeak2_RC2 2008-06-14 13:13 . 2008-06-14 13:13 261 --a------ C:\WINDOWS\WPE PRO - modified.INI 2008-06-13 20:09 . 2008-06-13 20:09 <DIR> d-------- C:\Programfiler\Microsoft.NET 2008-06-13 20:09 . 2008-06-13 20:12 <DIR> d-------- C:\Programfiler\Microsoft Visual Studio 9.0 2008-06-13 20:09 . 2008-06-13 20:10 <DIR> d-------- C:\Programfiler\Fellesfiler\Merge Modules 2008-06-13 20:09 . 2008-06-13 20:14 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Microsoft Help 2008-06-13 20:08 . 2008-06-13 20:08 <DIR> d-------- C:\Programfiler\Microsoft SDKs 2008-06-13 19:58 . 2008-03-09 04:00 2,121,728 --a------ C:\WINDOWS\system32\libmySQL.dll 2008-06-13 19:58 . 2008-03-09 04:00 1,028,096 --a------ C:\WINDOWS\system32\libeay32.dll 2008-06-13 19:52 . 2008-06-13 19:52 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\Subversion 2008-06-13 19:47 . 2008-06-13 19:47 <DIR> d-------- C:\Programfiler\TortoiseSVN 2008-06-13 14:45 . 2008-06-13 14:45 579,464 --a------ C:\WINDOWS\system32\SymNeti.dll 2008-06-13 14:45 . 2008-06-13 14:45 207,240 --a------ C:\WINDOWS\system32\SymRedir.dll 2008-06-13 14:14 . 2008-06-13 14:14 31,280 --a------ C:\WINDOWS\system32\drivers\SymIM.sys 2008-06-13 14:14 . 2008-06-13 14:14 13,093 --a------ C:\WINDOWS\system32\drivers\SymRedir.cat 2008-06-13 14:14 . 2008-06-13 14:14 1,611 --a------ C:\WINDOWS\system32\drivers\SymRedir.inf 2008-06-13 14:13 . 2008-06-13 14:13 184,240 --a------ C:\WINDOWS\system32\drivers\symtdi.sys 2008-06-13 14:13 . 2008-06-13 14:13 96,432 --a------ C:\WINDOWS\system32\drivers\symfw.sys 2008-06-13 14:13 . 2008-06-13 14:13 41,008 --a------ C:\WINDOWS\system32\drivers\symndisv.sys 2008-06-13 14:13 . 2008-06-13 14:13 38,576 --a------ C:\WINDOWS\system32\drivers\symids.sys 2008-06-13 14:13 . 2008-06-13 14:13 37,424 --a------ C:\WINDOWS\system32\drivers\symndis.sys 2008-06-13 14:13 . 2008-06-13 14:13 22,320 --a------ C:\WINDOWS\system32\drivers\symredrv.sys 2008-06-13 14:13 . 2008-06-13 14:13 13,616 --a------ C:\WINDOWS\system32\drivers\symdns.sys 2008-06-11 15:20 . 2008-06-11 15:20 <DIR> d-------- C:\Programfiler\Windows Journal Viewer 2008-06-10 11:55 . 2008-06-10 11:55 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Emotum 2008-06-10 11:49 . 2008-06-10 12:19 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Telenor 2008-06-10 11:48 . 2008-06-10 12:19 <DIR> d-------- C:\Programfiler\Telenor 2008-06-10 11:48 . 2008-06-23 00:14 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Symantec 2008-06-08 08:04 . 2008-06-12 09:17 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\SQLyog 2008-06-08 07:32 . 2008-06-08 07:32 <DIR> d-------- C:\Programfiler\SQLyog Community 2008-06-08 07:29 . 2008-06-08 07:29 <DIR> d-------- C:\Programfiler\PremiumSoft 2008-06-08 07:29 . 2008-06-08 07:29 <DIR> d-------- C:\Programfiler\HeidiSQL 2008-06-08 07:29 . 2008-06-08 07:29 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\HeidiSQL 2008-06-08 07:29 . 2006-04-13 11:30 1,073,152 --a------ C:\WINDOWS\system32\libmysql_c.dll 2008-06-07 22:01 . 2008-06-07 22:01 <DIR> d-------- C:\Programfiler\Microsoft Silverlight 2008-06-07 21:59 . 2008-06-07 21:59 <DIR> d-------- C:\WINDOWS\system32\URTTEMP 2008-06-07 20:17 . 2008-04-14 18:22 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2008-06-07 20:17 . 2008-04-14 18:22 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll 2008-06-07 16:15 . 2008-06-07 16:15 <DIR> d-------- C:\WINDOWS\Sun 2008-06-07 10:20 . 2008-06-07 10:22 <DIR> d-------- C:\wamp 2008-06-07 00:32 . 2008-06-07 00:32 0 --a------ C:\WINDOWS\WoWEmuHackSettings.ini 2008-06-07 00:31 . 2008-06-07 00:31 <DIR> d-------- C:\Programfiler\Cheat Engine 2008-06-07 00:31 . 2006-09-04 19:16 1,970,176 --a------ C:\WINDOWS\system32\d3dx9.dll 2008-06-07 00:31 . 2006-09-04 19:16 679,936 --a------ C:\WINDOWS\system32\D3DX81ab.dll 2008-06-06 23:24 . 2008-06-17 23:19 <DIR> d-------- C:\Programfiler\JGlideMon 2008-06-06 23:24 . 2008-06-06 23:24 <DIR> d-------- C:\Programfiler\Java 2008-06-06 23:24 . 2008-06-06 23:24 <DIR> d-------- C:\Programfiler\Fellesfiler\Java 2008-06-06 23:24 . 2007-07-12 02:22 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-06-06 14:54 . 2008-06-06 14:54 <DIR> d-------- C:\Programfiler\MSBuild 2008-06-06 14:49 . 2008-06-06 15:07 <DIR> d-------- C:\WINDOWS\system32\XPSViewer 2008-06-06 14:49 . 2008-06-06 14:49 <DIR> d-------- C:\Programfiler\Reference Assemblies 2008-06-06 14:49 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2008-06-05 19:00 . 2008-06-05 19:00 <DIR> d-------- C:\Programfiler\DNA 2008-06-05 19:00 . 2008-06-05 19:00 <DIR> d-------- C:\Programfiler\BitTorrent 2008-06-05 19:00 . 2008-06-23 11:53 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\DNA 2008-06-05 19:00 . 2008-06-21 17:13 <DIR> d-------- C:\Documents and Settings\Sander\Programdata\BitTorrent 2008-06-05 17:31 . 2008-06-05 17:31 <DIR> d-------- C:\Logs . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-15 19:22 5,771,623,446 ----a-w C:\Programfiler\World of Warcraft.rar 2008-06-15 10:50 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2008-06-04 18:00 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield 2008-06-04 17:52 --------- d-----w C:\Programfiler\Intel 2008-06-04 17:50 --------- d-----w C:\Programfiler\Analog Devices 2008-06-04 17:39 --------- d-----w C:\Programfiler\microsoft frontpage 2008-06-04 17:36 --------- d-----w C:\Programfiler\Elektroniske tjenester 2008-06-04 17:35 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester 2008-04-14 16:23 69,120 ----a-w C:\WINDOWS\notepad.exe 2008-04-14 16:23 32,866 ------w C:\WINDOWS\slrundll.exe 2008-04-14 16:23 283,648 ----a-w C:\WINDOWS\winhlp32.exe 2008-04-14 16:23 147,456 ----a-w C:\WINDOWS\regedit.exe 2008-04-14 16:21 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll 2008-04-14 16:21 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll 2008-04-14 16:21 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll 2008-04-14 16:21 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll 2008-04-14 16:21 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll 2008-04-14 16:21 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll 2007-03-09 07:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01f9daf9-552a-44bc-836b-4700fc35e4a1}] 2008-06-23 11:37 99328 --a------ C:\WINDOWS\system32\ywoasjan.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{366CBAB8-3546-4D96-BD35-AB65D1545539}] 2008-06-23 11:55 321536 --a------ C:\WINDOWS\system32\ljJAQHwt.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3bde8315-c089-4f68-b542-9a9f650866a8}] 2008-06-21 23:59 99328 --a------ C:\WINDOWS\system32\ksjtkmcl.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] 2007-08-25 05:51 316784 --a------ C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] 2008-06-23 00:13 116088 --a------ C:\PROGRA~1\FELLES~1\SYMANT~1\IDS\IPSBHO.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EDFF80B4-2567-4E10-A51E-9B856F94D26B}] C:\WINDOWS\system32\fccaBuro.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F86B11F3-0CE1-475F-9541-5329BF7B3597}] 2008-06-21 11:49 24576 --a------ C:\WINDOWS\system32\ddcYqnlm.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseSVN] @={30351346-7B7D-4FCC-81B4-1E394CA267EB} [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseSVN] @={30351347-7B7D-4FCC-81B4-1E394CA267EB} [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseSVN] @={30351348-7B7D-4FCC-81B4-1E394CA267EB} [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseSVN] @={3035134B-7B7D-4FCC-81B4-1E394CA267EB} [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseSVN] @={3035134C-7B7D-4FCC-81B4-1E394CA267EB} [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseSVN] @={3035134D-7B7D-4FCC-81B4-1E394CA267EB} [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseSVN] @={3035134E-7B7D-4FCC-81B4-1E394CA267EB} [HKEY_CLASSES_ROOT\CLSID\{30351346-7B7D-4FCC-81B4-1E394CA267EB}] 2008-02-16 12:35 536576 --a------ C:\Programfiler\TortoiseSVN\bin\tortoisesvn.dll [HKEY_CLASSES_ROOT\CLSID\{30351347-7B7D-4FCC-81B4-1E394CA267EB}] 2008-02-16 12:35 536576 --a------ C:\Programfiler\TortoiseSVN\bin\tortoisesvn.dll [HKEY_CLASSES_ROOT\CLSID\{30351348-7B7D-4FCC-81B4-1E394CA267EB}] 2008-02-16 12:35 536576 --a------ C:\Programfiler\TortoiseSVN\bin\tortoisesvn.dll [HKEY_CLASSES_ROOT\CLSID\{3035134B-7B7D-4FCC-81B4-1E394CA267EB}] 2008-02-16 12:35 536576 --a------ C:\Programfiler\TortoiseSVN\bin\tortoisesvn.dll [HKEY_CLASSES_ROOT\CLSID\{3035134C-7B7D-4FCC-81B4-1E394CA267EB}] 2008-02-16 12:35 536576 --a------ C:\Programfiler\TortoiseSVN\bin\tortoisesvn.dll [HKEY_CLASSES_ROOT\CLSID\{3035134D-7B7D-4FCC-81B4-1E394CA267EB}] 2008-02-16 12:35 536576 --a------ C:\Programfiler\TortoiseSVN\bin\tortoisesvn.dll [HKEY_CLASSES_ROOT\CLSID\{3035134E-7B7D-4FCC-81B4-1E394CA267EB}] 2008-02-16 12:35 536576 --a------ C:\Programfiler\TortoiseSVN\bin\tortoisesvn.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:22 15360] "MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "BitTorrent DNA"="C:\Programfiler\DNA\btdna.exe" [2008-06-05 19:00 289088] "ICQ"="C:\Programfiler\ICQ6\ICQ.exe" [2008-04-01 12:40 172280] "Aim6"="C:\Programfiler\AIM6\aim6.exe" [2008-06-12 22:47 50528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [2004-10-14 15:42 1404928] "ATIPTA"="C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 12:52 339968] "UIUCU"="C:\DOCUME~1\Sander\LOKALE~1\Temp\UIUCU.EXE" [ ] "basicsmssmenu"="C:\Programfiler\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 16:21 169328] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496] "Telenorhjelpen"="C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe" [2008-02-07 16:35 189120] "Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2008-05-27 10:50 413696] "ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2008-02-14 11:01 51048] "osCheck"="C:\Programfiler\Norton Internet Security\osCheck.exe" [2007-08-25 06:53 714608] "d86fdfa1"="C:\WINDOWS\system32\acllpfdq.dll" [2008-06-23 11:58 80896] "BMdb5cec3d"="C:\WINDOWS\system32\pshsqshs.dll" [2008-06-23 11:58 91136] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 18:22 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{F86B11F3-0CE1-475F-9541-5329BF7B3597}"= C:\WINDOWS\system32\ddcYqnlm.dll [2008-06-21 11:49 24576] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcYqnlm] ddcYqnlm.dll 2008-06-21 11:49 24576 C:\WINDOWS\system32\ddcYqnlm.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.iac2"= C:\PROGRA~2\REPLAY~1\iac25_32.ax [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\ljJAQHwt [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "C:\\Programfiler\\TmNationsForever\\TmForever.exe"= "C:\\Programfiler\\DNA\\btdna.exe"= "C:\\Programfiler\\BitTorrent\\bittorrent.exe"= "C:\\wamp\\bin\\apache\\apache2.2.8\\bin\\httpd.exe"= "C:\\Documents and Settings\\Sander\\Skrivebord\\Server\\Ascent 4552\\ascent-logonserver.exe"= "C:\\Documents and Settings\\Sander\\Skrivebord\\Server\\Ascent 4552\\ascent-world.exe"= "C:\\Programfiler\\Telenor\\Telenorhjelpen\\Telenor.exe"= "C:\\Documents and Settings\\Sander\\Skrivebord\\Entropy Repack V2\\Arc Emu\\ascent-logonserver.exe"= "C:\\Documents and Settings\\Sander\\Skrivebord\\Entropy Repack V2\\Arc Emu\\ascent-world.exe"= "C:\\Documents and Settings\\Sander\\Skrivebord\\AoC-US-EarlyAccess.exe"= "C:\\Programfiler\\Teamspeak2_RC2\\server_windows.exe"= "C:\\Programfiler\\ICQ6\\ICQ.exe"= "C:\\Programfiler\\SmartFTP Client\\SmartFTP.exe"= "C:\\Programfiler\\Fellesfiler\\AOL\\Loader\\aolload.exe"= "C:\\Programfiler\\AIM6\\aim6.exe"= "C:\\Documents and Settings\\Sander\\Skrivebord\\Glider2\\uralqup.exe"= "C:\\Documents and Settings\\Sander\\Skrivebord\\Glider\\fazenpayv.exe"= R2 Basics Service;Basics Service;C:\Programfiler\Seagate\Basics\Service\SyncServicesBasics.exe [2007-10-09 16:21] R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe" /h ccCommon [] R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Programfiler\Viewpoint\Common\ViewpointService.exe" [2007-01-04 23:38] S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-03-06 21:32] S3 Kewl;Kewl;C:\Documents and Settings\Sander\Skrivebord\Glider\Kewl.sys [2008-06-22 23:33] S3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" -k runservice [] S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe wampmysqld [] *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder "2008-06-22 14:25:56 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe "2008-06-22 21:37:20 C:\WINDOWS\Tasks\Norton Internet Security Online - Kjør full systemskanning - Sander.job" Endret 23. juni 2008 av Sander92 Lenke til kommentar
Sander92 Skrevet 23. juni 2008 Forfatter Del Skrevet 23. juni 2008 ComboFix ser ut til og ha fikset problemet. Ivertfall de sidene jeg hadde problemer med før fungerer nå. Tusen takk. Lenke til kommentar
snippsat Skrevet 23. juni 2008 Del Skrevet 23. juni 2008 Edit: Fant det, var en mappe kalt combofix Du må følge insruksjoner,combofix skal ligge på skrivebordet. Har du plassert den et annet sted må du legge den på skrivebordet nå. Kopiere fet tekst under bildet->åpne notisblokk og lim inn. Lagre på skrivebordet som CFScript.txt Gjør som på bildet combofix vil starte,Post logg c:\combofix.txt File:: C:\WINDOWS\system32\ljJAQHwt.dll C:\WINDOWS\system32\twHQAJjl.ini2 C:\WINDOWS\system32\twHQAJjl.ini C:\WINDOWS\system32\mhyvudqh.dll C:\WINDOWS\system32\ywoasjan.dll C:\WINDOWS\system32\dlaktgsm.dll C:\WINDOWS\system32\ksjtkmcl.dll C:\WINDOWS\system32\wfgcpgjn.dll C:\WINDOWS\system32\ddcYqnlm.dll C:\WINDOWS\system32\ksjtkmcl.dll C:\WINDOWS\system32\wfgcpgjn.dll C:\WINDOWS\system32\ddcYqnlm.dll Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01f9daf9-552a-44bc-836b-4700fc35e4a1}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{366CBAB8-3546-4D96-BD35-AB65D1545539}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3bde8315-c089-4f68-b542-9a9f650866a8}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EDFF80B4-2567-4E10-A51E-9B856F94D26B}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F86B11F3-0CE1-475F-9541-5329BF7B3597}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "d86fdfa1"=- "BMdb5cec3d"=- [-hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] [-HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] --- Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t. Kjør register-renser"svar ja til og reparere"(kjør en par ganger til alle feil er borte) --- Last ned oppdatere og kjør full scan SAS free Post loggen fra SAS (preferences->statistics/logs) --- Restart og lag en ny HijackThis logg. Lenke til kommentar
Sander92 Skrevet 27. juni 2008 Forfatter Del Skrevet 27. juni 2008 Når jeg kjørte ComboFix med den listen ble windows ødelagt, den slettet isass.exe eller noe, gjører nå i "siste fungerende" eller noe. Tror jeg bare reformaterer Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå