Gå til innhold

Kuuket

Medlemmer
 Vis profil  Se deres aktivitet

  • Innlegg

    302

  • Ble med

  • Besøkte siden sist

 Innholdstype 

Innlegg skrevet av Kuuket

  7. Har fått virus(Popup virus + trojaner)

    i IKT-drift og sikkerhet

    Skrevet

    HJT-loggen:

    Klikk for å se/fjerne innholdet nedenfor
    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 16:17, on 2008-01-24

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Boot mode: Normal

     

    Running processes:

    C:\windows\System32\smss.exe

    C:\windows\system32\winlogon.exe

    C:\windows\system32\services.exe

    C:\windows\system32\lsass.exe

    C:\windows\system32\svchost.exe

    C:\windows\System32\svchost.exe

    C:\windows\system32\svchost.exe

    C:\windows\System32\wltrysvc.exe

    C:\windows\System32\bcmwltry.exe

    C:\WINDOWS\system32\LEXBCES.EXE

    C:\windows\system32\spoolsv.exe

    C:\WINDOWS\system32\LEXPPS.EXE

    C:\windows\Explorer.EXE

    C:\windows\CTHELPER.EXE

    C:\windows\system32\CTXFIHLP.EXE

    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

    C:\windows\system32\ctfmon.exe

    C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe

    C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    C:\Programfiler\Logitech\SetPoint\SetPoint.exe

    C:\Programfiler\OpenOffice.org 2.3\program\soffice.exe

    C:\Programfiler\OpenOffice.org 2.3\program\soffice.BIN

    C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE

    C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

    C:\Programfiler\Bonjour\mDNSResponder.exe

    C:\WINDOWS\system32\CTsvcCDA.exe

    C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe

    C:\windows\system32\nvsvc32.exe

    C:\windows\system32\PnkBstrA.exe

    C:\Programfiler\Silicon Image\3132-W-I32-R SATARAID5\SATARaid5ConfigService.exe

    C:\windows\system32\svchost.exe

    C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

    C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

    C:\windows\system32\wscntfy.exe

    C:\windows\system32\wuauclt.exe

    C:\Programfiler\Windows Live\Messenger\usnsvc.exe

    C:\Programfiler\Winamp\winamp.exe

    C:\Programfiler\internet explorer\iexplore.exe

    C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe

    C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

     

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hardware.no/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

    O2 - BHO: {7dd58b99-43f0-85ab-15f4-8e346bd20d37} - {73d02db6-43e8-4f51-ba58-0f3499b85dd7} - C:\windows\system32\alhvdlrp.dll (file missing)

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

    O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Programfiler\AGEIA Technologies\TrayIcon.exe

    O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Programfiler\ASUS\AI Booster\OverClk.exe"

    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Logitech\G-series Software\LCDMon.exe"

    O4 - HKLM\..\Run: [iSUSPM] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm .exe" -scheduler

    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe

    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask .exe" -atboottime

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

    O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

    O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background

    O4 - HKCU\..\Run: [MtdAcqu] "C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe" /s

    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [igndlm.exe] C:\Programfiler\IGN\Download Manager\DLM.exe /windowsstart /startifwork

    O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent .exe" --force_start_minimized

    O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programfiler\OpenOffice.org 2.3\program\quickstart.exe

    O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Stefan Bakken\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk

    O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Stefan Bakken\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1180224437421

    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

    O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1180224428937

    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL

    O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe (file missing)

    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

    O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\windows\system32\windows (file missing)

    O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe

    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe

    O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Programfiler\WinPcap\rpcapd.exe

    O23 - Service: SATARaid5 Configuration Service (SATARaid5 Config Service) - Unknown owner - C:\Programfiler\Silicon Image\3132-W-I32-R SATARAID5\SATARaid5ConfigService.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Programfiler\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\windows\System32\wltrysvc.exe

     

    --

    End of file - 12365 bytes

     

    VundoFix logg:

     

    Klikk for å se/fjerne innholdet nedenfor
    VundoFix V6.7.7

     

    Checking Java version...

     

    Sun Java not detected

    Scan started at 15:18:33 24.01.2008

     

    Listing files found while scanning....

     

    C:\windows\system32\alhvdlrp.dll

    C:\windows\system32\cbxvvst.dll

    C:\windows\system32\cccdd.ini

    C:\windows\system32\cccdd.ini2

    C:\windows\system32\ddccc.dll

    C:\windows\system32\ddccc.exe

    C:\windows\system32\gagixsei.dll

    C:\windows\system32\opnoolj.dll

    C:\windows\system32\qomkjhi.dll

    C:\windows\system32\sfrdipid.dll

    C:\windows\system32\sfrdipid.dllbox

    C:\windows\system32\uilecsad.exe

     

    Beginning removal...

     

    Attempting to delete C:\windows\system32\alhvdlrp.dll

    C:\windows\system32\alhvdlrp.dll Has been deleted!

     

    Attempting to delete C:\windows\system32\cbxvvst.dll

    C:\windows\system32\cbxvvst.dll Has been deleted!

     

    Attempting to delete C:\windows\system32\cccdd.ini

    C:\windows\system32\cccdd.ini Has been deleted!

     

    Attempting to delete C:\windows\system32\cccdd.ini2

    C:\windows\system32\cccdd.ini2 Has been deleted!

     

    Attempting to delete C:\windows\system32\ddccc.dll

    C:\windows\system32\ddccc.dll Has been deleted!

     

    Attempting to delete C:\windows\system32\ddccc.exe

    C:\windows\system32\ddccc.exe Has been deleted!

     

    Attempting to delete C:\windows\system32\gagixsei.dll

    C:\windows\system32\gagixsei.dll Has been deleted!

     

    Attempting to delete C:\windows\system32\opnoolj.dll

    C:\windows\system32\opnoolj.dll Could not be deleted.

     

    Attempting to delete C:\windows\system32\qomkjhi.dll

    C:\windows\system32\qomkjhi.dll Has been deleted!

     

    Attempting to delete C:\windows\system32\sfrdipid.dll

    C:\windows\system32\sfrdipid.dll Has been deleted!

     

    Attempting to delete C:\windows\system32\sfrdipid.dllbox

    C:\windows\system32\sfrdipid.dllbox Has been deleted!

     

    Attempting to delete C:\windows\system32\uilecsad.exe

    C:\windows\system32\uilecsad.exe Could not be deleted.

     

    Performing Repairs to the registry.

    Done!

     

    Beginning removal...

     

    Attempting to delete C:\windows\system32\opnoolj.dll

    C:\windows\system32\opnoolj.dll Could not be deleted.

     

    Attempting to delete C:\windows\system32\uilecsad.exe

    C:\windows\system32\uilecsad.exe Could not be deleted.

     

    Performing Repairs to the registry.

    Done!

     

    SAS logg:

    Klikk for å se/fjerne innholdet nedenfor
    SUPERAntiSpyware Scan Log

    http://www.superantispyware.com

     

    Generated 01/24/2008 at 04:12 PM

     

    Application Version : 3.9.1008

     

    Core Rules Database Version : 3259

    Trace Rules Database Version: 1270

     

    Scan type : Quick Scan

    Total Scan Time : 00:24:43

     

    Memory items scanned : 472

    Memory threats detected : 0

    Registry items scanned : 920

    Registry threats detected : 9

    File items scanned : 42402

    File threats detected : 226

     

    Adware.Tracking Cookie

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@clickbank[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan [email protected][2].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan [email protected][1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@adbrite[2].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@atdmt[2].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@partypoker[2].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@tradedoubler[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan [email protected][1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@counter-strike[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@bizadverts[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@adtech[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@advertising[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan [email protected][2].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@zedo[2].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@socialmedia[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan [email protected][2].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@doubleclick[1].txt

    C:\Documents and Settings\Stefan Bakken\Cookies\stefan bakken@ad[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@2adultflashgames[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@2o7[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@adbrite[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@adlegend[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@adrevolver[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][3].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@adtech[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@adultadworld[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@adultcheck[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@adultfriendfinder[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@advertising[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@apmebf[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@atdmt[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@athomesexnetwork[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@atwola[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@belnk[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@bluestreak[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@burstnet[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@casalemedia[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@click24[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@clickbank[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@clicktorrent[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@cpvfeed[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@dhdmedia[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@doubleclick[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@drivecleaner[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@fastclick[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@findwhat[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@hitbox[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@homemadeporn[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@hotbar[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@hotlog[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@indexstats[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@indextools[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@kmpads[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@latinadultery[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@livesex[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@mediaplex[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@optimost[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@overture[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@paycounter[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@pornaccess[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@pornoarkivet[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@pornsickle[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@precisionclick[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@qksrv[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@questionmarket[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@revenue[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@revsci[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@serving-sys[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@serving-sys[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@sexlist[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@sexsearchcom[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@sextracker[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@sextv1[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@spylog[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@statcounter[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@tacoda[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@teenpinkvideos[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@teensforcash[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@toplist[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@toplist[2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@tradedoubler[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@trafficmp[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@tribalfusion[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@tripod[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@usenext[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@virginteenlesbians[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@weborama[1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][3].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][3].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][4].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][3].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][2].txt

    F:\Documents and Settings\Aleksander\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@xiti[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@xxxcounter[1].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@yadro[2].txt

    F:\Documents and Settings\Aleksander\Cookies\aleksander@zedo[1].txt

    F:\Documents and Settings\Aleksander\Lokale innstillinger\Temp\Cookies\aleksander@atdmt[2].txt

    F:\Documents and Settings\Aleksander\Lokale innstillinger\Temp\Cookies\aleksander@doubleclick[2].txt

    F:\Documents and Settings\Aleksander\Lokale innstillinger\Temp\Cookies\[email protected][1].txt

    F:\Documents and Settings\Aleksander\Lokale innstillinger\Temp\Cookies\aleksander@mediaplex[1].txt

    F:\Documents and Settings\Aleksander\Lokale innstillinger\Temp\Cookies\[email protected][1].txt

     

    Adware.RX Toolbar

    HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}

    HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\InprocServer32

    HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\InprocServer32#ThreadingModel

    HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\ProgID

    HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\Programmable

    HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\TypeLib

    HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\VersionIndependentProgID

     

    Adware.WhenU

    HKCR\WUSE.1

    HKCR\WUSE.1#WUSE_Id

     

    Takker: )

     

    Mvh Stefan

  11. Har fått virus(Popup virus + trojaner)

    i IKT-drift og sikkerhet

    Skrevet

    Hei, har fått virus og er jo ikke den beste til og fjerne og fikse på akkurat detta:P

    Jeg har i allefall fått virus som Popup og at explorer klikker.

    Vis jeg kunne fått hjelp til og fjerne dette så hadde det vært fint : )

     

    Her har dere Hijackthis loggen:

    Klikk for å se/fjerne innholdet nedenfor
    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 21:34:52, on 23.01.2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Boot mode: Normal

     

    Running processes:

    C:\windows\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\windows\system32\services.exe

    C:\windows\system32\lsass.exe

    C:\windows\system32\svchost.exe

    C:\windows\System32\svchost.exe

    C:\windows\system32\svchost.exe

    C:\windows\System32\wltrysvc.exe

    C:\windows\System32\bcmwltry.exe

    C:\WINDOWS\system32\LEXBCES.EXE

    C:\windows\system32\spoolsv.exe

    C:\WINDOWS\system32\LEXPPS.EXE

    C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

    C:\Programfiler\Bonjour\mDNSResponder.exe

    C:\WINDOWS\system32\CTsvcCDA.exe

    C:\windows\system32\uilecsad.exe

    C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe

    C:\windows\system32\nvsvc32.exe

    C:\windows\system32\PnkBstrA.exe

    C:\Programfiler\Silicon Image\3132-W-I32-R SATARAID5\SATARaid5ConfigService.exe

    C:\windows\system32\svchost.exe

    C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

    C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

    C:\windows\system32\wscntfy.exe

    C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

    C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe

    C:\windows\CTHELPER.EXE

    C:\windows\system32\CTXFIHLP.EXE

    C:\Programfiler\AGEIA Technologies\TrayIcon.exe

    C:\Programfiler\Logitech\G-series Software\LGDCore.exe

    C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu .exe

    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

    C:\Programfiler\Logitech\G-series Software\LCDMon.exe

    C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm .exe

    C:\Programfiler\Creative\Shared Files\Module Loader\DLLML .exe

    C:\Programfiler\AGEIA Technologies\TrayIcon .exe

    C:\Programfiler\Logitech\G-series Software\LGDCore .exe

    C:\Programfiler\Logitech\Video\LogiTray.exe

    C:\Programfiler\Logitech\G-series Software\LCDMon .exe

    C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm .exe

    C:\Programfiler\iTunes\iTunesHelper.exe

    C:\Programfiler\Logitech\G-series Software\Applets\LCDClock.exe

    C:\Programfiler\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe

    C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

    C:\Programfiler\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe

    C:\Programfiler\Logitech\G-series Software\Applets\LCDMedia.exe

    C:\Programfiler\Logitech\Video\LogiTray .exe

    C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

    C:\Programfiler\iTunes\iTunesHelper .exe

    C:\Programfiler\Winamp\winampa.exe

    C:\Programfiler\Java\jre1.6.0_03\bin\jusched .exe

    C:\windows\system32\ctfmon.exe

    C:\WINDOWS\system32\LVComsX.exe

    C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher .exe

    C:\Programfiler\Winamp\winampa .exe

    C:\Programfiler\Logitech\Video\FxSvr2.exe

    C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe

    C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    C:\Programfiler\Logitech\SetPoint\SetPoint.exe

    C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE

    C:\Programfiler\OpenOffice.org 2.3\program\soffice.exe

    C:\Programfiler\OpenOffice.org 2.3\program\soffice.BIN

    C:\Programfiler\iPod\bin\iPodService.exe

    C:\Programfiler\Windows Live\Messenger\usnsvc.exe

    C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe

    C:\Programfiler\BitTorrent\bittorrent.exe

    C:\Programfiler\Winamp\winamp.exe

    C:\Programfiler\BitTorrent\bittorrent .exe

    C:\Programfiler\Windows Live\Messenger\msnmsgr.exe

    C:\Programfiler\Windows Live\Messenger\msnmsgr .exe

    C:\Programfiler\Internet Explorer\IEXPLORE.EXE

    C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe

    E:\Programfiler\Steam\Steam.exe

    C:\Programfiler\internet explorer\iexplore.exe

    C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\agent.exe

    C:\windows\explorer.exe

    C:\Programfiler\internet explorer\iexplore.exe

    C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

     

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hardware.no/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

    F3 - REG:win.ini: load=C:\windows\system32\ddccc.exe

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

    O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Programfiler\AGEIA Technologies\TrayIcon.exe

    O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Programfiler\ASUS\AI Booster\OverClk.exe"

    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Logitech\G-series Software\LCDMon.exe"

    O4 - HKLM\..\Run: [iSUSPM] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm .exe" -scheduler

    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe

    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask .exe" -atboottime

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

    O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

    O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe

    O4 - HKLM\..\Run: [38b51b0a] rundll32.exe "C:\windows\system32\fhlcmbye.dll",b

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr .exe" /background

    O4 - HKCU\..\Run: [MtdAcqu] "C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe" /s

    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [igndlm.exe] C:\Programfiler\IGN\Download Manager\DLM.exe /windowsstart /startifwork

    O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent .exe" --force_start_minimized

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programfiler\OpenOffice.org 2.3\program\quickstart.exe

    O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Stefan Bakken\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk

    O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Stefan Bakken\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1180224437421

    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

    O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1180224428937

    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe (file missing)

    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

    O23 - Service: DomainService - - C:\windows\system32\uilecsad.exe

    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

    O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe

    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe

    O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Programfiler\WinPcap\rpcapd.exe

    O23 - Service: SATARaid5 Configuration Service (SATARaid5 Config Service) - Unknown owner - C:\Programfiler\Silicon Image\3132-W-I32-R SATARAID5\SATARaid5ConfigService.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Programfiler\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\windows\System32\wltrysvc.exe

     

    --

    End of file - 13806 bytes

     

    Jeg fant ikke noen feil på Hijackthis.de

     

    Mvh Stefan

  16. Hjelp til kjøp av pc

    i Hjelp til kjøp og salg av PC

    Skrevet

    Hei, en kompis av meg skal kjøpe pc.

     

     

    Bare satt opp et forslag:

    GPU: Sapphire Radeon HD 3850 256MB GDDR3

    CPU: Intel Core 2 Duo E6750 2.67Ghz 1333Mhz Socket LGA775

    PSU: Chieftec 560W, Modulære Kabler

    HDD: Samsund SpinPoint T166 500GB SATA2 16MB 7200RPM

    Lydkort: Creative SB X-Fi XtremeGamer

    Minne: Corsair TWIN2X 6400 DDR2, 2048MB CL5

    Hk: ikke valgt

     

    Må bare bytte vis det finnes bedre deler til samme pris : )

    PCn skal brukes til alt mulig, skal også gå an og brukes til gaming CS 1.6 og kanskje andre spill.

    Pris: maks 7K

  22. Hvilken forsterker til Anlegget mitt?

    i Lyd og høyttalere

    Skrevet

    på Bilforsterker har jeg sett på denne Biltema forsterkeren . Men lurer da på hvor mye annet jeg trenger for å få anlegget opp å gå? Har ikke tenkt å bruke så mye penger bare å få anlegget opp å gå med en annen forsterker en den jeg har nå ( Noe billig dritt fra et gammelt anlegg vi hadde :p fulgte med 2 x 55 watt xD )

     

    Den biltema forsterkern leverer nok ikke det som står på den siden !

    Kjøp NAD forsterker du : )

×
×
  • Opprett ny...