M-J Skrevet 23. juli 2008 Del Skrevet 23. juli 2008 (endret) noen som kan sjekke loggen til pcn til onkel? SUPERAntiSpyware Scan Log SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 05/23/2008 at 03:16 PM Application Version : 4.15.1000 Core Rules Database Version : 3512 Trace Rules Database Version: 1503 Scan type : Complete Scan Total Scan Time : 00:22:41 Memory items scanned : 636 Memory threats detected : 1 Registry items scanned : 4108 Registry threats detected : 7 File items scanned : 15977 File threats detected : 4 Trojan.Downloader-NewJuan/VM C:\WINDOWS\SYSTEM32\LPADBGKN.DLL C:\WINDOWS\SYSTEM32\LPADBGKN.DLL MyWay Search Assistant Computers HKLM\Software\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32 HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32#ThreadingModel HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\Programmable C:\PROGRAMFILER\MYWAYSA\SRCHASDE\DESRCAS.DLL HKU\S-1-5-21-4194210238-3594653640-3167489370-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{4D25F926-B9FE-4682-BF72-8AB8210D6D75} Adware.Tracking Cookie C:\Documents and Settings\Steinar\Cookies\steinar@advertising[3].txt C:\Documents and Settings\Steinar\Cookies\steinar@advertising[2].txt Logfile of HijackThis Logfile of HijackThis v1.99.1 Scan saved at 15:33:44, on 23.05.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\EXPLORER.EXE C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programfiler\Dell Photo AIO Printer 924\dlccmon.exe C:\Programfiler\Corel\Corel Photo Album 6\MediaDetect.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\NetWaiting\netwaiting.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\dlcccoms.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\OpenOffice.org 2.3\program\soffice.exe C:\Programfiler\OpenOffice.org 2.3\program\soffice.BIN C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\notepad.exe C:\Programfiler\Opera\Opera.exe C:\Programfiler\Intel\Wireless\Bin\iFrmewrk.exe C:\Documents and Settings\Steinar\Skrivebord\Hijackthis\sletteslett.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/del...ebar.jhtml?p=EG R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....;l=no&s=gen R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....;l=no&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file) O2 - BHO: {c3b2bf0d-4758-b70a-1cc4-a9e7ada96b96} - {69b69ada-7e9a-4cc1-a07b-8574d0fb2b3c} - C:\WINDOWS\system32\lpadbgkn.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [ATICCC] "C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [showLOMControl] O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [MSKDetectorExe] C:\Programfiler\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [dlccmon.exe] "C:\Programfiler\Dell Photo AIO Printer 924\dlccmon.exe" O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Programfiler\Corel\Corel Photo Album 6\MediaDetect.exe O4 - HKLM\..\Run: [bM93ccc8cc] Rundll32.exe "C:\WINDOWS\system32\uvtwxkkv.dll",s O4 - HKLM\..\Run: [90fffb50] rundll32.exe "C:\WINDOWS\system32\akqgbgst.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ModemOnHold] C:\Programfiler\NetWaiting\netwaiting.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programfiler\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: Digital Line Detect.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - AppInit_DLLs: avgrsstx.dll lpadbgkn.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe får bare feilmeldin når jeg prøver å kjøre combofix: Endret 24. juli 2008 av M-J Lenke til kommentar
norbat Skrevet 23. juli 2008 Del Skrevet 23. juli 2008 Restart pc'n i sikker modus (tapp F8 under oppstart, velg sikker modus) og prøv og kjør Combofix derfra. Lenke til kommentar
M-J Skrevet 24. juli 2008 Forfatter Del Skrevet 24. juli 2008 Restart pc'n i sikker modus (tapp F8 under oppstart, velg sikker modus) og prøv og kjør Combofix derfra. har prøvd det og det fungerer heller ikke! men har rensa med forskjelige programmener nå og virker som pcn fungerer greit, men er nok fremdeles ikke ren En ny HJT logg hvertfall: Logfile of HijackThis v1.99.1 Scan saved at 15:26:34, on 24.05.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\stsystra.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programfiler\Dell Photo AIO Printer 924\dlccmon.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Programfiler\Corel\Corel Photo Album 6\MediaDetect.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\NetWaiting\netwaiting.exe C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\dlcccoms.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\OpenOffice.org 2.3\program\soffice.exe C:\Programfiler\OpenOffice.org 2.3\program\soffice.BIN C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Opera\Opera.exe C:\Documents and Settings\Steinar\Skrivebord\Hijackthis\sletteslett.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/del...ebar.jhtml?p=EG R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....;l=no&s=gen R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....;l=no&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [ATICCC] "C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [showLOMControl] O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [MSKDetectorExe] C:\Programfiler\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [dlccmon.exe] "C:\Programfiler\Dell Photo AIO Printer 924\dlccmon.exe" O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Programfiler\Corel\Corel Photo Album 6\MediaDetect.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ModemOnHold] C:\Programfiler\NetWaiting\netwaiting.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programfiler\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: Digital Line Detect.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe Lenke til kommentar
snippsat Skrevet 24. juli 2008 Del Skrevet 24. juli 2008 Kjør deckard,bruker denne når combofix ikke virker. Hent Deckard legg på skrivebord. Kjør dss.exe og følge veiledningen. Når scanningen er ferdig, åpnes det en logg (main.txt). Den kopierer du og poster Lenke til kommentar
norbat Skrevet 24. juli 2008 Del Skrevet 24. juli 2008 Grunnen til at combofix ikke kjører er at datoen på pc'n din er feil (24.05.2008) Dobbeltklikk på klokka nede i høyre hjørne og still dato riktig. Last ned ny combofix og kjør programmet. Lenke til kommentar
M-J Skrevet 24. juli 2008 Forfatter Del Skrevet 24. juli 2008 gikk bedre da ja. skal poste når den er ferdig tar sikkert litt tid! Lenke til kommentar
M-J Skrevet 24. juli 2008 Forfatter Del Skrevet 24. juli 2008 Sånn Her er Combofix-loggen ComboFix 08-07-22.4 - Steinar 2008-07-24 19:39:44.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.340 [GMT 2:00] Running from: C:\Documents and Settings\Steinar\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BM93ccc8cc.txt C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\aimfxrtd.dll C:\WINDOWS\system32\awsvwgop.dll C:\WINDOWS\system32\bbeOnXyb.ini C:\WINDOWS\system32\bbeOnXyb.ini2 C:\WINDOWS\system32\dbqikmnw.dll C:\WINDOWS\system32\dcqhkhwi.dll C:\WINDOWS\system32\dtlvsopa.dll C:\WINDOWS\system32\efabofga.ini C:\WINDOWS\system32\emqenqve.dll C:\WINDOWS\system32\eyshehhc.ini C:\WINDOWS\system32\gcqecynj.dll C:\WINDOWS\system32\hgwvnutc.dll C:\WINDOWS\system32\hibvrrjp.dll C:\WINDOWS\system32\hrkoklqv.ini C:\WINDOWS\system32\iketckgt.dll C:\WINDOWS\system32\lciewiwh.ini C:\WINDOWS\system32\lnnuhwwu.ini C:\WINDOWS\system32\lnxwgcjn.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\MSINET.oca C:\WINDOWS\system32\NUwvxyay.ini C:\WINDOWS\system32\NUwvxyay.ini2 C:\WINDOWS\system32\OUxIRXbc.ini C:\WINDOWS\system32\OUxIRXbc.ini2 C:\WINDOWS\system32\pac.txt C:\WINDOWS\system32\pfybyutr.dll C:\WINDOWS\system32\pstvvGgh.ini C:\WINDOWS\system32\pstvvGgh.ini2 C:\WINDOWS\system32\sgqbbfdw.ini C:\WINDOWS\system32\sufqoban.ini C:\WINDOWS\system32\tAGfgMoq.ini C:\WINDOWS\system32\tAGfgMoq.ini2 C:\WINDOWS\system32\tsgbgqka.ini C:\WINDOWS\system32\vbhcgjpn.dll C:\WINDOWS\system32\vmcfgcra.ini C:\WINDOWS\system32\vuttuBeg.ini C:\WINDOWS\system32\vuttuBeg.ini2 C:\WINDOWS\system32\xwunxupp.ini C:\WINDOWS\system32\xyabyqas.ini C:\WINDOWS\system32\ykpfktvl.dll C:\WINDOWS\system32\yxHOoUvw.ini C:\WINDOWS\system32\yxHOoUvw.ini2 . ((((((((((((((((((((((((( Files Created from 2008-06-24 to 2008-07-24 ))))))))))))))))))))))))))))))) . 2008-06-25 14:58 . 2004-09-28 19:15 <DIR> dr------- C:\Documents and Settings\Ilmi-Celine\Start-meny 2008-06-25 14:58 . 2004-09-28 19:15 <DIR> d--h----- C:\Documents and Settings\Ilmi-Celine\Skrivere 2008-06-25 14:58 . 2004-09-28 19:15 <DIR> d-------- C:\Documents and Settings\Ilmi-Celine\Skrivebord 2008-06-25 14:58 . 2004-09-28 19:30 <DIR> dr-h----- C:\Documents and Settings\Ilmi-Celine\Siste 2008-06-25 14:58 . 2006-05-03 08:07 <DIR> d-------- C:\Documents and Settings\Ilmi-Celine\Programdata\Intel 2008-06-25 14:58 . 2006-05-03 08:13 <DIR> d-------- C:\Documents and Settings\Ilmi-Celine\Programdata\Corel 2008-06-25 14:58 . 2006-05-03 08:09 <DIR> d-------- C:\Documents and Settings\Ilmi-Celine\Programdata\ATI 2008-06-25 14:58 . 2006-05-03 08:13 <DIR> dr-h----- C:\Documents and Settings\Ilmi-Celine\Programdata 2008-06-25 14:58 . 2006-05-03 08:12 <DIR> dr------- C:\Documents and Settings\Ilmi-Celine\Mine dokumenter 2008-06-25 14:58 . 2004-09-28 19:15 <DIR> d--h----- C:\Documents and Settings\Ilmi-Celine\Maler 2008-06-25 14:58 . 2008-07-24 19:43 <DIR> d--h----- C:\Documents and Settings\Ilmi-Celine\Lokale innstillinger 2008-06-25 14:58 . 2004-09-28 19:30 <DIR> dr------- C:\Documents and Settings\Ilmi-Celine\Favoritter 2008-06-25 14:58 . 2004-09-28 19:15 <DIR> d--h----- C:\Documents and Settings\Ilmi-Celine\AndrMask 2008-06-25 14:58 . 2008-06-25 14:58 <DIR> d-------- C:\Documents and Settings\Ilmi-Celine 2008-06-25 05:25 . 2004-09-28 19:15 <DIR> dr------- C:\Documents and Settings\Administrator\Start-meny 2008-06-25 05:25 . 2004-09-28 19:15 <DIR> d--h----- C:\Documents and Settings\Administrator\Skrivere 2008-06-25 05:25 . 2004-09-28 19:15 <DIR> d-------- C:\Documents and Settings\Administrator\Skrivebord 2008-06-25 05:25 . 2004-09-28 19:30 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste 2008-06-25 05:25 . 2006-05-03 08:07 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Intel 2008-06-25 05:25 . 2006-05-03 08:13 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Corel 2008-06-25 05:25 . 2006-05-03 08:09 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\ATI 2008-06-25 05:25 . 2008-05-23 13:53 <DIR> dr-h----- C:\Documents and Settings\Administrator\Programdata 2008-06-25 05:25 . 2006-05-03 08:12 <DIR> dr------- C:\Documents and Settings\Administrator\Mine dokumenter 2008-06-25 05:25 . 2004-09-28 19:15 <DIR> d--h----- C:\Documents and Settings\Administrator\Maler 2008-06-25 05:25 . 2008-07-24 19:43 <DIR> d--h----- C:\Documents and Settings\Administrator\Lokale innstillinger 2008-06-25 05:25 . 2004-09-28 19:30 <DIR> dr------- C:\Documents and Settings\Administrator\Favoritter 2008-06-25 05:25 . 2004-09-28 19:15 <DIR> d--h----- C:\Documents and Settings\Administrator\AndrMask 2008-06-25 05:25 . 2008-06-25 05:25 <DIR> d-------- C:\Documents and Settings\Administrator . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-24 17:51 21,829,664 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-07-24 17:51 --------- d-----w C:\Documents and Settings\Steinar\Programdata\OpenOffice.org2 2008-07-24 17:48 --------- d-----w C:\Programfiler\Dl_cats 2008-07-24 17:46 256,412 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-20 19:41 1,538,560 ----a-w C:\WINDOWS\Internet Logs\xDB1D.tmp 2008-06-19 17:33 1,940,992 ----a-w C:\WINDOWS\Internet Logs\xDB1C.tmp 2008-06-14 19:45 --------- d-----w C:\Documents and Settings\Steinar\Programdata\AdobeUM 2008-06-14 18:43 2,799,616 ----a-w C:\WINDOWS\Internet Logs\xDB1A.tmp 2008-06-14 18:43 1,506,304 ----a-w C:\WINDOWS\Internet Logs\xDB1B.tmp 2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-14 07:30 --------- d-----w C:\Programfiler\Google 2008-06-02 17:08 --------- d-----w C:\Documents and Settings\Steinar\Programdata\Template 2008-06-02 16:45 2,759,168 ----a-w C:\WINDOWS\Internet Logs\xDB19.tmp 2008-06-01 22:00 1,482,752 ----a-w C:\WINDOWS\Internet Logs\xDB18.tmp 2008-05-31 13:32 3,425,280 ----a-w C:\WINDOWS\Internet Logs\xDB17.tmp 2008-05-26 14:45 473,088 ----a-w C:\WINDOWS\Internet Logs\xDB15.tmp 2008-05-26 14:45 1,476,096 ----a-w C:\WINDOWS\Internet Logs\xDB16.tmp 2008-05-26 03:37 2,174,976 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp 2008-05-25 14:29 --------- d-----w C:\Programfiler\Dell Photo AIO Printer 924 2008-05-25 14:28 2,756,608 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp 2008-05-25 14:28 1,476,096 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp 2008-05-24 17:07 2,862,592 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp 2008-05-24 17:07 1,470,464 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp 2008-05-23 18:18 3,751,936 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp 2008-05-23 18:18 1,469,440 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp 2008-05-21 12:46 21,305,153 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2008_05_21_07_12_50_full.dmp.zip 2008-05-21 12:46 21,298,812 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2008_05_21_07_13_21_full.dmp.zip 2008-05-18 13:20 2,242,299 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip 2008-05-17 02:11 2,832,384 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp 2008-05-16 03:07 2,391,040 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp 2008-05-15 14:15 2,983,936 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp 2008-05-15 14:15 1,447,936 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp 2008-05-11 18:11 2,507,776 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp 2008-05-11 18:11 1,443,328 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp 2008-05-09 23:55 2,646,016 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp 2008-05-09 23:55 1,443,328 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp 2008-05-09 07:44 316,416 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp 2008-05-09 07:44 1,443,328 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp 2008-05-09 06:30 2,110,976 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-05-09 00:44 2,748,416 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp 2008-05-07 17:46 1,426,432 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp 2008-04-25 15:20 1,549,824 ----a-w C:\WINDOWS\Internet Logs\xDB1E.tmp . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360] "ModemOnHold"="C:\Programfiler\NetWaiting\netwaiting.exe" [2003-09-10 03:24 20480] "MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208] "swg"="C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-06-14 09:30 171448] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 15:43 45056] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 05:56 761947] "Dell QuickSet"="C:\Programfiler\Dell\QuickSet\quickset.exe" [2005-12-15 11:44 839680] "IntelZeroConfig"="C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 12:55 667718] "IntelWireless"="C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 12:56 602182] "DVDLauncher"="C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 21:29 49152] "DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02 86016] "ISUSPM Startup"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-06-10 11:44 249856] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-06-10 11:44 81920] "MSKDetectorExe"="C:\Programfiler\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 20:05 1117184] "ZoneAlarm Client"="C:\Programfiler\Zone Labs\ZoneAlarm\zlclient.exe" [2008-04-02 20:07 919016] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-23 13:24 1232152] "DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-09-14 01:50 73728] "dlccmon.exe"="C:\Programfiler\Dell Photo AIO Printer 924\dlccmon.exe" [2005-10-21 03:41 430080] "Corel Photo Downloader"="C:\Programfiler\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-10 00:34 106496] "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2005-09-28 20:13 169984] "SigmatelSysTrayApp"="stsystra.exe" [2005-11-16 22:35 397312 C:\WINDOWS\stsystra.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360] C:\Documents and Settings\Steinar\Start-meny\Programmer\Oppstart\ OpenOffice.org 2.3.lnk - C:\Programfiler\OpenOffice.org 2.3\program\quickstart.exe [2007-11-14 17:32:04 393216] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Digital Line Detect.lnk - C:\Programfiler\Digital Line Detect\DLG.exe [2006-05-03 08:05:41 24576] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla] --a------ 2004-12-06 02:05 127035 C:\WINDOWS\system32\dla\tfswctrl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-02-22 04:25 144784 C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\LimeWire\\LimeWire.exe"= "C:\\Programfiler\\Messenger\\msmsgs.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-23 13:24] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-23 13:24] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-23 13:24] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-23 13:24] . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-90fffb50 - C:\WINDOWS\system32\akqgbgst.dll . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=no&l=no&s=gen R1 -: HKCU-Internet Connection Wizard,ShellNext = hxxp://www1.euro.dell.com/content/default.aspx?c=no&l=no&s=gen ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-24 19:49:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... C:\WINDOWS\TEMP\0c10771f-046a-469a-b4b0-925d1a3ac39c.tmp 0 bytes scan completed successfully hidden files: 1 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKEEPER.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\ati2evxx.exe C:\Programfiler\Dell\NicConfigSvc\NicConfigSvc.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\dlcccoms.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Programfiler\OpenOffice.org 2.3\program\soffice.exe C:\Programfiler\OpenOffice.org 2.3\program\soffice.bin C:\Programfiler\Windows Live\Messenger\usnsvc.exe C:\Programfiler\AVG\AVG8\avgrsx.exe . ************************************************************************** . Completion time: 2008-07-24 19:55:00 - machine was rebooted ComboFix-quarantined-files.txt 2008-07-24 17:54:50 Pre-Run: 58,459,955,200 byte ledig Post-Run: 58,603,687,936 byte ledig 241 --- E O F --- 2008-05-23 15:33:05 Lenke til kommentar
norbat Skrevet 24. juli 2008 Del Skrevet 24. juli 2008 Åpne notisblokk og kopier inn det som står i fet skrift under, lagre fila på skrivebordet som CFScript.txt. Dra deretter fila over Combofix-iconet. Combofix vil starte igjen. File:: C:\WINDOWS\Internet Logs\xDB1D.tmp C:\WINDOWS\Internet Logs\xDB1C.tmp C:\WINDOWS\Internet Logs\xDB1A.tmp C:\WINDOWS\Internet Logs\xDB1B.tmp C:\WINDOWS\Internet Logs\xDB19.tmp C:\WINDOWS\Internet Logs\xDB18.tmp C:\WINDOWS\Internet Logs\xDB17.tmp C:\WINDOWS\Internet Logs\xDB15.tmp C:\WINDOWS\Internet Logs\xDB16.tmp C:\WINDOWS\Internet Logs\xDB14.tmp C:\WINDOWS\Internet Logs\xDB12.tmp C:\WINDOWS\Internet Logs\xDB13.tmp C:\WINDOWS\Internet Logs\xDB10.tmp C:\WINDOWS\Internet Logs\xDB11.tmp C:\WINDOWS\Internet Logs\xDBE.tmp C:\WINDOWS\Internet Logs\xDBF.tmp C:\WINDOWS\Internet Logs\vsmon_on_demand_2008_05_21_07_12_50_full.dmp.zip C:\WINDOWS\Internet Logs\vsmon_on_demand_2008_05_21_07_13_21_full.dmp.zip C:\WINDOWS\Internet Logs\tvDebug.zip C:\WINDOWS\Internet Logs\xDBD.tmp C:\WINDOWS\Internet Logs\xDBC.tmp C:\WINDOWS\Internet Logs\xDBA.tmp C:\WINDOWS\Internet Logs\xDBB.tmp C:\WINDOWS\Internet Logs\xDB8.tmp C:\WINDOWS\Internet Logs\xDB9.tmp C:\WINDOWS\Internet Logs\xDB6.tmp C:\WINDOWS\Internet Logs\xDB7.tmp C:\WINDOWS\Internet Logs\xDB4.tmp C:\WINDOWS\Internet Logs\xDB5.tmp C:\WINDOWS\Internet Logs\xDB3.tmp C:\WINDOWS\Internet Logs\xDB2.tmp C:\WINDOWS\Internet Logs\xDB1.tmp C:\WINDOWS\Internet Logs\xDB1E.tmp C:\WINDOWS\TEMPc10771f-046a-469a-b4b0-925d1a3ac39c.tmp Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Hvordan kjører pc'n? Lenke til kommentar
M-J Skrevet 24. juli 2008 Forfatter Del Skrevet 24. juli 2008 nå virker det mer normalt ja. Før jeg starta begynte ikke engang Explorer.exe når jeg starta pcn klarte å fjerne en del før jeg la ut logg her, men er greit å få fjernet alt når jeg først er i gang Da har jeg fjernet HJT og Combofix. Tusen takk for hjelp Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå