kentove91 Skrevet 10. august 2008 Del Skrevet 10. august 2008 Hei. nå har jeg gjort det store. jeg har avinstalert alle programmer som kan være skadelig. men kjørte en test med comboFix. Åssen ser det ut? ComboFix 08-08-09.06 - 19020KEBA 2008-08-10 16:52:55.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.1192 [GMT 2:00] Running from: C:\Documents and Settings\19020KEBA\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\19020KEBA\Programdata\macromedia\Flash Player\#SharedObjects\7Z6UWD73\interclick.com C:\Documents and Settings\19020KEBA\Programdata\macromedia\Flash Player\#SharedObjects\7Z6UWD73\interclick.com\ud.sol C:\Documents and Settings\19020KEBA\Programdata\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com C:\Documents and Settings\19020KEBA\Programdata\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol C:\WINDOWS\Downloaded Program Files\setup.inf C:\WINDOWS\sysdat.dll C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\mFuqhg6y.dll C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pthreadVC.dll C:\WINDOWS\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Service_NPF ((((((((((((((((((((((((( Files Created from 2008-07-10 to 2008-08-10 ))))))))))))))))))))))))))))))) . 2008-08-10 15:56 . 2008-08-10 15:56 4,096 --a------ C:\WINDOWS\system32\crash 2008-08-10 15:55 . 2008-08-10 15:55 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Programdata\ATI 2008-08-08 19:58 . 2008-08-08 19:58 44 --a------ C:\WINDOWS\SMWizard.INI 2008-08-06 20:17 . 2008-08-06 20:20 <DIR> d-------- C:\Programfiler\Xfire 2008-08-06 20:17 . 2008-08-07 17:46 <DIR> d-------- C:\Documents and Settings\19020KEBA\Programdata\Xfire 2008-08-06 02:31 . 2008-08-06 02:31 10,333 --a------ C:\Lol.docx 2008-08-04 15:14 . 2008-07-03 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe 2008-08-04 15:13 . 2008-08-04 15:13 <DIR> d-------- C:\ATI 2008-08-02 13:53 . 2008-08-04 14:45 <DIR> d-------- C:\Programfiler\Essentials Codec Pack 2008-08-02 13:51 . 2008-08-02 13:51 <DIR> d-------- C:\Programfiler\Cucusoft 2008-08-02 13:51 . 2008-08-02 13:52 <DIR> d-------- C:\ConverterOutput 2008-08-02 13:51 . 2007-03-25 00:51 3,049,984 --a------ C:\WINDOWS\system32\libavcodec.dll 2008-08-02 13:51 . 2007-03-25 21:40 2,174,976 --a------ C:\WINDOWS\system32\ffdshow.ax 2008-08-02 13:51 . 2007-03-25 00:51 404,480 --a------ C:\WINDOWS\system32\libmplayer.dll 2008-08-02 13:51 . 2003-03-30 20:08 372,736 --a------ C:\WINDOWS\system32\xvid.ax 2008-08-02 13:51 . 2007-01-01 05:30 200,704 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll 2008-08-02 13:51 . 2007-03-25 00:51 114,688 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll 2008-08-02 13:51 . 2004-09-10 13:50 34,820 --a------ C:\WINDOWS\system32\ffdshow.reg 2008-07-29 21:01 . 2008-07-29 21:01 268 --ah----- C:\sqmdata16.sqm 2008-07-29 21:01 . 2008-07-29 21:01 244 --ah----- C:\sqmnoopt16.sqm 2008-07-25 02:17 . 2008-07-25 02:17 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\TEMP 2008-07-25 02:17 . 2008-07-25 02:33 <DIR> d-------- C:\Documents and Settings\19020KEBA\Programdata\Eltima Software 2008-07-25 02:08 . 2008-08-10 16:43 <DIR> d-------- C:\Programfiler\Riva 2008-07-25 02:08 . 2008-07-25 02:08 <DIR> d-------- C:\Programfiler\Fellesfiler\SWF Studio 2008-07-25 02:02 . 2008-07-25 02:04 <DIR> d-------- C:\Programfiler\TextNational Client 2008-07-25 00:27 . 2008-07-25 02:00 <DIR> d-------- C:\Programfiler\weblin 2008-07-25 00:24 . 2008-07-25 02:00 <DIR> d-------- C:\Documents and Settings\19020KEBA\Programdata\zweitgeist 2008-07-24 16:55 . 2008-07-24 16:56 <DIR> d-------- C:\Programfiler\Winamp 2008-07-24 16:55 . 2008-07-24 19:21 <DIR> d-------- C:\Documents and Settings\19020KEBA\Programdata\Winamp 2008-07-23 03:00 . 2008-07-23 03:54 <DIR> d-------- C:\Programfiler\Audacity 2008-07-22 20:48 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys 2008-07-22 20:48 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys 2008-07-22 02:41 . 2008-07-22 02:41 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll 2008-07-16 00:52 . 2008-07-16 00:52 <DIR> dr------- C:\Documents and Settings\NetworkService\Favoritter 2008-07-15 16:21 . 2008-07-15 16:21 0 --a------ C:\WINDOWS\system32\5f2242L7.exe.a_a 2008-07-14 20:46 . 2008-07-28 23:25 35,842 --a------ C:\WINDOWS\system32\5f2242L7.exe_ 2008-07-14 20:46 . 2008-07-29 01:30 35,842 --a------ C:\WINDOWS\system32\5f2242L7.exe 2008-07-14 08:18 . 2008-07-14 08:17 29,760 --a------ C:\WINDOWS\system32\DbQd8S3N.exe 2008-07-14 08:18 . 2008-07-14 08:18 0 --a------ C:\WINDOWS\system32\DbQd8S3N.exe.a_a 2008-07-14 02:06 . 2008-07-14 02:06 268 --ah----- C:\sqmdata15.sqm 2008-07-14 02:06 . 2008-07-14 02:06 244 --ah----- C:\sqmnoopt15.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-10 14:59 --------- d-----w C:\Programfiler\Steam 2008-08-10 14:45 --------- d-----w C:\Programfiler\MAIET 2008-08-10 14:45 --------- d-----w C:\Programfiler\ElastoManiaRegistered 2008-08-10 14:42 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2008-08-10 10:52 --------- d-----w C:\Documents and Settings\19020KEBA\Programdata\Azureus 2008-08-08 13:51 --------- d-----w C:\Documents and Settings\19020KEBA\Programdata\dvdcss 2008-08-02 21:30 --------- d-----w C:\Programfiler\StepMania 2008-07-25 01:23 --------- d-----w C:\Documents and Settings\All Users\Programdata\Microsoft Help 2008-07-24 22:00 --------- d-----w C:\Documents and Settings\19020KEBA\Programdata\LimeWire 2008-07-15 18:43 --------- d-----w C:\Programfiler\LimeWire 2008-07-05 14:52 --------- d-----w C:\Documents and Settings\19020KEBA\Programdata\uTorrent 2008-07-04 13:16 --------- d-----w C:\Programfiler\Azureus 2008-07-04 06:33 3,230,720 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys 2008-07-04 02:28 53,248 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll 2008-06-28 18:27 --------- d-----w C:\Programfiler\Avanquest update 2008-06-28 18:22 --------- d-----w C:\Programfiler\FrostWire 2008-06-28 18:22 --------- d-----w C:\Programfiler\AskSBar 2008-06-28 18:22 --------- d-----w C:\Documents and Settings\19020KEBA\Programdata\FrostWire 2008-06-26 02:02 --------- d-----w C:\Programfiler\Counter-Strike 1.6 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-19 19:10 --------- d-----w C:\Programfiler\Java 2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-14 14:54 --------- d-----w C:\Documents and Settings\All Users\Programdata\ATI 2008-06-14 14:39 --------- d-----w C:\Programfiler\ATI Technologies 2008-06-14 14:19 --------- d-----w C:\Programfiler\Image-Line 2008-04-11 13:00 32 ----a-w C:\Documents and Settings\All Users\Programdata\ezsid.dat 2000-02-02 00:01 45,056 --sh--r C:\WINDOWS\system32\sonp32drv.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360] "Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 17:19 356352] "Steam"="c:\programfiler\steam\steam.exe" [2008-06-25 03:57 1271032] "msnmsgr"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] "AdobeUpdater"="C:\Programfiler\Fellesfiler\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 10:37 2321600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2007-06-07 17:47 827392] "AccelerometerSysTrayApplet"="C:\WINDOWS\system32\AccelerometerSt.exe" [2007-01-24 14:28 124928] "SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [2007-01-05 17:36 872448] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792] "OfficeScanNT Monitor"="C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" [2006-02-07 16:16 356352] "QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "TkBellExe"="C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" [2008-04-29 18:09 185896] "snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-09-15 13:21 675840] "StartCCC"="C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ BTTray.lnk - C:\Programfiler\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 15:14:00 561213] Microsoft Firewall Client Management.lnk - C:\Programfiler\Microsoft Firewall Client 2004\FwcMgmt.exe [2006-12-09 19:04:10 117568] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableLockWorkstation"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Scripts\Startup\0\0] "Script"=Startup.bat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3799992752-535036049-2774849586-38235\Scripts\Logon\0\0] "Script"=Eksamensmaler.bat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3799992752-535036049-2774849586-38235\Scripts\Logon\1\0] "Script"=Logon Script Prosekt.bat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3799992752-535036049-2774849586-38236\Scripts\Logon\0\0] "Script"=Eksamensmaler.bat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3799992752-535036049-2774849586-38236\Scripts\Logon\1\0] "Script"=Logon Script Prosekt.bat [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CurseClient] --a------ 2008-05-19 16:57 1400832 C:\Programfiler\Curse\CurseClient.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-04-01 11:39 486856 C:\Programfiler\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-10-18 11:34 5724184 C:\Programfiler\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] --a------ 2008-06-25 03:57 1271032 C:\Programfiler\Steam\Steam.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\uTorrent\\uTorrent.exe"= "C:\\Programfiler\\LimeWire\\LimeWire.exe"= "C:\\Programfiler\\Steam\\steamapps\\kenten91\\counter-strike\\hl.exe"= "C:\\Programfiler\\Teamspeak2_RC2\\server_windows.exe"= "C:\\Programfiler\\Steam\\steamapps\\kenten91\\counter-strike source\\hl2.exe"= "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 R2 FwcAgent;Firewall Client Agent;C:\Programfiler\Microsoft Firewall Client 2004\FwcAgent.exe [2006-12-09 19:04] R2 SWIHPWMI;SWIHPWMI;C:\Programfiler\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [2006-12-04 16:13] R2 vuiovf;vuiovf;C:\WINDOWS\system32\svchost.exe [2004-08-04 01:03] R2 yuiovfyw;yuiovfyw;C:\WINDOWS\system32\drivers\amlckl.sys [2004-08-04 01:03] R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-01-23 19:13] S3 HP24X;HP PC Card Smart Card Reader;C:\WINDOWS\system32\DRIVERS\HP24X.sys [2006-10-19 01:23] S3 P0630VID;Creative WebCam Live!;C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2004-07-30 09:55] S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-04-09 11:38] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] vuiovf REG_MULTI_SZ vuiovf . Contents of the 'Scheduled Tasks' folder 2008-08-09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57] . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) HKCU-Run-DriverUpdaterPro - C:\Programfiler\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe HKLM-Run-Media Codec Update Service - C:\Programfiler\Essentials Codec Pack\update.exe MSConfigStartUp-Skype - C:\Programfiler\Skype\Phone\Skype.exe MSConfigStartUp-Veoh - C:\Programfiler\Veoh Networks\Veoh\VeohClient.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\19020KEBA\Programdata\Mozilla\Firefox\Profiles\lapd6a6v.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll FF -: plugin - C:\Programfiler\Mozilla Firefox\plugins\NPAskSBr.dll FF -: plugin - C:\Programfiler\Unity\WebPlayer\loader\npUnity3D32.dll ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-10 16:59:00 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> c:\windows\system32\amlckl.dll . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Programfiler\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\scardsvr.exe C:\WINDOWS\system32\agrsmsvc.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\mdm.exe C:\Programfiler\Trend Micro\OfficeScan Client\NTRtScan.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Programfiler\Trend Micro\OfficeScan Client\TmListen.exe C:\WINDOWS\temp\CMF76B.EXE C:\Programfiler\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe C:\Programfiler\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CCC.exe . ************************************************************************** . Completion time: 2008-08-10 17:04:44 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-10 15:04:41 Pre-Run: 17,298,292,736 byte ledig Post-Run: 21,720,129,536 byte ledig 236 --- E O F --- 2008-07-25 01:23:34 Lenke til kommentar
HaterDiskus Skrevet 10. august 2008 Del Skrevet 10. august 2008 Tror du får bedre hjelp til dette om du poster i 'Antivirusprogrammer og datasikkerhet'. Lenke til kommentar
r2d290 Skrevet 12. august 2008 Del Skrevet 12. august 2008 (endret) Hei. Beklager sent svar. Trykk Start - Alle Programmer - Tilbehør - Notisblokk Kopier og Lim inn teksten i kodeboksen nedenfor, inn i Notisblokken: File:: C:\WINDOWS\system32\5f2242L7.exe.a_a C:\WINDOWS\system32\5f2242L7.exe_ C:\WINDOWS\system32\5f2242L7.exe C:\WINDOWS\system32\DbQd8S3N.exe C:\WINDOWS\system32\DbQd8S3N.exe.a_a Lagre det som CFScript Dra CFScript over ComboFix.exe som ligger på Skrivebordet, slik animasjonen nedenfor viser. Dette vil starte ComboFix igjen. Hvis maskinen ber om en omstart, lar du den gjøre det med én gang. Post innholdet til ComboFix.txt inn i ditt neste svar på forumet. Mange virus blir spredt via programmer som LimeWire (som er installert på maskinen din). Bruk dette programmet med forsiktighet. Hvis det er film/musikk du bruker dette programmet til, bør du i størst mulig grad prøve å bruke torrenter fra kjente sider istede. Kan du poste en HijackThis-logg også? Gjør følgende: Last ned 'HijackThis'. Lagre den i en permanent mappe, f.eks i C:\HJT\, dobbelklikk på HijackThis.exe, og trykk Do a system scan and save a logfile. Når Notisblokk-vinduet åpnes, trykker du Ctrl-A for å markere hele teksten, kopierer det Ctrl-C og limer det inn i din neste post på forumet Ctrl-V. Mesteparten av innholdet i lista er trygt. Ikke fiks noe enda. Du vil da få en logg tilsvarende den i spoiler nedenfor: Logfile of HijackThis v1.99.1 Scan saved at 17:06:11, on 08.09.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\Java\jre1.5.0_07\bin\jusched.exe C:\Programfiler\Ahead\InCD\InCD.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Kenneth\Skrivebord\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://stealthy.foolishgames.net/news.php R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Programfiler\RivaTuner v2.0 RC 16\RivaTuner.exe" /S O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programfiler\Sygate\SPF\smc.exe[/code] Helt til slutt: fortell hvordan maskinen din fungerer nå. Merker du noen flere problemer? Endret 12. august 2008 av r2d290 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå