kristianguffen

26. januar 2010

Hei. Fikk min jet for noen dager siden, og skulle gjerne fått litt hjelp!

Jeg har prøvd å koble den på wifi-nettet hjemme. Fikk det til, det står prikker bort til nettverket, og symbolet for wifi på forsiden er grønt. Så går jeg inn på Internett, men der står den bare og søker, det går ikke an å laste opp noen sider! Etter noen minutter står det: "Tjenesten er utilgjengelig". HJELP!

Jeg har en iPod touch fra før, den kommer på nettet mitt med en gang. Jeg kjenner en som også har Jet, og han kom inn med en gang hjemme hos seg. Han forklarte meg hva jeg måtte gjøre, men det var akkurat sånn jeg hadde gjort det.

Er det kanskje noe galt med innstillingene på telefonen min??

9. juni 2008

Jeg har tenkt å kjøpe sony ericsson k660 i lime on white (den sorte er stygg!). Er den bra, burde jeg kjøpe den? Noen som vet noe om den?

22. januar 2008

Hei! Jeg skriver noe i skriveprogrammet Word, men vet ikke hvordan man skriver grader celsius, sånn at det kommer en sånn liten runding bak tallet.. Håper noen kan hjelpe meg... :dontgetit:

22. januar 2008

Hei! Jeg skriver noe i skriveprogrammet Word, men vet ikke hvordan man skriver grader celsius, sånn at det kommer en sånn liten runding bak tallet.. Håper noen kan hjelpe meg... :dontgetit:

12. januar 2008

Tusen takk for all hjelp! Men er jeg helt virusfri nå da?

12. januar 2008

Sånn? :

Klikk for å se/fjerne spoilerteksten nedenfor

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:27:56, on 12.01.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe

C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Acer\eManager\anbmServ.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\acer\epm\epm-dm.exe

C:\Programfiler\CyberLink\PowerDVD\PDVDServ.exe

C:\Programfiler\Launch Manager\LaunchAp.exe

C:\Programfiler\Launch Manager\PowerKey.exe

C:\Programfiler\Launch Manager\HotkeyApp.exe

C:\Programfiler\Launch Manager\OSDCtrl.exe

C:\Programfiler\Launch Manager\Wbutton.exe

C:\Programfiler\Acer\eRecovery\Monitor.exe

C:\Programfiler\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\explorer.exe

C:\Programfiler\internet explorer\iexplore.exe

C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Programfiler\Trend Micro\Test\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.handball.no/p1.asp?site=2

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.handball.no

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programfiler\Windows Live\Tryggere for familien\fssbho.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe

O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot

O4 - HKLM\..\Run: [RemoteControl] C:\Programfiler\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [LaunchAp] "C:\Programfiler\Launch Manager\LaunchAp.exe"

O4 - HKLM\..\Run: [PowerKey] "C:\Programfiler\Launch Manager\PowerKey.exe"

O4 - HKLM\..\Run: [LManager] "C:\Programfiler\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [CtrlVol] "C:\Programfiler\Launch Manager\CtrlVol.exe"

O4 - HKLM\..\Run: [LMgrOSD] "C:\Programfiler\Launch Manager\OSDCtrl.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Programfiler\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [eRecoveryService] C:\Programfiler\Acer\eRecovery\Monitor.exe

O4 - HKLM\..\Run: [EEventManager] C:\Programfiler\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Programfiler\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [fssui] "C:\Programfiler\Windows Live\Tryggere for familien\fssui.exe" -autorun

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BB3C942F-A086-4448-A457-BE230215A261}: NameServer = 148.122.208.99,148.122.161.3

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe

O24 - Desktop Component 0: (no name) - http://tbn0.google.com/images?q=tbn:u3rHuh...toareg_main.jpg

O24 - Desktop Component 1: (no name) - http://www.in.gr/auto/parousiaseis/foto_bi...aab_9-7X_01.jpg

O24 - Desktop Component 10: (no name) - http://www.lscm.com.my/admin/news/liverpool%20logo.jpg

O24 - Desktop Component 2: (no name) - http://www.ruotequipe.com/media/galleria/e...ck%20-%20Q7.jpg

O24 - Desktop Component 3: (no name) - http://www.amotor.no/images/saab/saab_9_7x.jpg

O24 - Desktop Component 4: (no name) - http://www.dn.no/multimedia/archive/00094/..._GL-_94819i.jpg

O24 - Desktop Component 5: (no name) - http://www.moller.no/media/urs/e/f/c/l/505...dC7U/sfs2K7.jpg

O24 - Desktop Component 6: (no name) - http://tbn0.google.com/images?q=tbn:mHD373...ouareg_PS_V.jpg

O24 - Desktop Component 7: (no name) - http://www.edmunds.com/media/reviews/top10....sclass.500.jpg

O24 - Desktop Component 8: (no name) - http://magazine.avtoindex.com/images/forum...-class_2009.jpg

O24 - Desktop Component 9: (no name) - http://www.arabalarmax.com/data/media/29/w...urbo_2007_1.jpg

--

End of file - 10173 bytes

Klikk for å se/fjerne spoilerteksten nedenfor

12. januar 2008

Jeg har ingen erfaring med noen av disse bilene, men jeg liker best mazda6

12. januar 2008

Her er den nye combofix-loggen:

ComboFix 08-01-11.3 - Ragnhild 2008-01-12 11:53:42.2 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.174 [GMT 1:00]

Running from: C:\Documents and Settings\Ragnhild\Skrivebord\ComboFix.exe

Command switches used :: C:\Documents and Settings\Ragnhild\Skrivebord\CFScript.txt..txt

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\All Users\Programdata\file joy proc deaf

C:\Documents and Settings\All Users\Programdata\file joy proc deaf\link mapi.exe

C:\Documents and Settings\NFU A-A 3\Programdata\castdrawface

C:\Documents and Settings\Ragnhild\Programdata\castdrawface

C:\Documents and Settings\Ragnhild\Programdata\castdrawface\Support Tick User.exe

C:\Programfiler\castdrawface

C:\Programfiler\Fellesfiler\BOONTY Shared

C:\Programfiler\Fellesfiler\BOONTY Shared\Service\Boonty.exe

D:\Autorun.inf

.

((((((((((((((((((((((((( Files Created from 2007-12-12 to 2008-01-12 )))))))))))))))))))))))))))))))

.

2008-01-12 11:43 . 2008-01-12 11:43 106 --a------ C:\delete.bat

2008-01-12 00:31 . 2008-01-12 00:32 <DIR> d-------- C:\Programfiler\Microsoft CAPICOM 2.1.0.2

2008-01-11 22:48 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys

2008-01-11 22:46 . 2008-01-11 22:46 <DIR> d-------- C:\Programfiler\Windows Live Toolbar

2008-01-11 22:45 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2008-01-11 22:43 . 2008-01-11 22:43 <DIR> d-------- C:\Programfiler\Microsoft SQL Server Compact Edition

2008-01-11 22:29 . 2008-01-11 22:29 <DIR> d--hs---- C:\Programfiler\Fellesfiler\WindowsLiveInstaller

2008-01-11 22:28 . 2008-01-11 22:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WLInstaller

2008-01-11 21:53 . 2008-01-11 21:53 <DIR> d-------- C:\NoLopBackups

2008-01-10 23:41 . 2008-01-11 22:44 1,374 --a------ C:\WINDOWS\imsins.BAK

2008-01-10 20:01 . 2008-01-10 20:01 <DIR> d-------- C:\Programfiler\Trend Micro

2008-01-10 19:53 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe

2008-01-10 18:42 . 2008-01-10 18:42 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware

2008-01-10 18:42 . 2008-01-10 18:42 <DIR> d-------- C:\Documents and Settings\Ragnhild\Programdata\SUPERAntiSpyware.com

2008-01-10 18:42 . 2008-01-10 18:42 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com

2008-01-10 18:41 . 2008-01-10 18:41 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-01-10 18:37 . 2008-01-10 18:37 <DIR> dr-h----- C:\Documents and Settings\Ragnhild\Siste

2008-01-10 18:34 . 2008-01-10 18:34 <DIR> d-------- C:\Programfiler\CCleaner

2008-01-10 16:40 . 2008-01-10 16:40 <DIR> d-------- C:\Programfiler\iTunes

2008-01-10 16:40 . 2008-01-10 16:40 <DIR> d-------- C:\Programfiler\iPod

2008-01-10 16:40 . 2008-01-10 16:40 <DIR> d-------- C:\Documents and Settings\Ragnhild\Programdata\Apple Computer

2008-01-10 16:40 . 2008-01-12 11:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-01-10 16:40 . 2008-01-10 16:40 1,409 --a------ C:\WINDOWS\QTFont.for

2008-01-10 16:38 . 2008-01-10 16:38 <DIR> d-------- C:\Programfiler\QuickTime

2008-01-10 16:34 . 2008-01-10 16:34 <DIR> d-------- C:\Programfiler\Apple Software Update

2008-01-10 16:30 . 2008-01-10 16:30 <DIR> d-------- C:\Programfiler\Fellesfiler\Apple

2008-01-02 21:25 . 2008-01-02 21:25 268 --ah----- C:\sqmdata08.sqm

2008-01-02 21:25 . 2008-01-02 21:25 244 --ah----- C:\sqmnoopt08.sqm

2007-12-27 19:09 . 2007-12-27 19:09 <DIR> d-------- C:\Programfiler\Circle Developement

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-11-14 07:29 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll

2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

2007-11-07 09:30 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll

2007-11-07 09:30 721,920 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll

2007-11-06 13:58 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

2007-10-30 18:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll

2007-10-30 18:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll

2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys

2007-10-30 10:20 3,079,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll

2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\quartz.dll

2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll

2007-10-25 16:57 8,460,800 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll

2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll

2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll

2007-10-23 16:49 586,240 ----a-w C:\WINDOWS\WLXPGSS.SCR

2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll

.

((((((((((((((((((((((((((((( snapshot@2008-01-10_19.56.59,68 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-01-10 18:54:18 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT

+ 2008-01-12 10:53:18 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT

- 2008-01-10 18:54:18 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat

+ 2008-01-12 10:53:18 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat

- 2008-01-10 18:54:18 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT

+ 2008-01-12 10:53:18 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT

- 2008-01-10 18:54:18 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat

+ 2008-01-12 10:53:18 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat

- 2008-01-10 18:54:18 3,452,928 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT

+ 2008-01-12 10:53:18 3,452,928 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT

- 2008-01-10 18:54:18 12,288 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat

+ 2008-01-12 10:53:18 12,288 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat

+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\F3M\ERDNT.EXE

+ 2008-01-11 21:44:32 125,472 ----a-r C:\WINDOWS\Installer\{21667E3B-5BD0-49F9-A1EE-BB50D5A306F4}\WLXPhotoGalleryIcon.exe

+ 2008-01-11 21:38:42 86,746 ----a-r C:\WINDOWS\Installer\{29CB1674-DE1D-4D39-A871-FA0194FC58E9}\wlmail.exe

- 2007-09-27 16:37:54 12,288 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2008-01-11 23:31:54 12,288 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2007-09-27 16:37:54 135,168 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2008-01-11 23:31:54 135,168 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2007-09-27 16:37:54 11,264 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2008-01-11 23:31:56 11,264 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2007-09-27 16:37:54 27,136 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2008-01-11 23:31:56 27,136 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2007-09-27 16:37:54 4,096 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2008-01-11 23:31:56 4,096 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2007-09-27 16:37:54 794,624 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2008-01-11 23:31:56 794,624 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2007-09-27 16:37:54 249,856 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2008-01-11 23:31:54 249,856 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2007-09-27 16:37:54 23,040 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2008-01-11 23:31:56 23,040 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2007-09-27 16:37:54 286,720 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2008-01-11 23:31:54 286,720 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2007-09-27 16:37:54 409,600 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2008-01-11 23:31:54 409,600 ----a-r C:\WINDOWS\Installer\{91120414-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2008-01-11 21:41:14 29,926 ----a-r C:\WINDOWS\Installer\{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}\MsblIco.Exe

- 2004-08-04 16:00:00 49,152 ----a-w C:\WINDOWS\system32\dllcache\wdigest.dll

+ 2006-03-24 04:39:58 49,152 ----a-w C:\WINDOWS\system32\dllcache\wdigest.dll

- 2006-04-20 12:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

+ 2007-10-30 17:20:56 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

+ 2007-10-17 12:53:16 43,816 ----a-w C:\WINDOWS\system32\DRVSTORE\fssfltr_FB301EB9307D2FAB641A9804E59C568C22487732\fssfltr.sys

- 2007-12-02 23:00:06 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe

+ 2008-01-02 18:21:36 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe

- 2006-08-08 09:40:06 41,842 ----a-w C:\WINDOWS\system32\perfc009.dat

+ 2008-01-11 22:29:10 42,102 ----a-w C:\WINDOWS\system32\perfc009.dat

- 2006-08-08 09:40:06 48,338 ----a-w C:\WINDOWS\system32\perfc014.dat

+ 2008-01-11 22:29:10 48,648 ----a-w C:\WINDOWS\system32\perfc014.dat

- 2006-08-08 09:40:06 316,184 ----a-w C:\WINDOWS\system32\perfh009.dat

+ 2008-01-11 22:29:10 316,444 ----a-w C:\WINDOWS\system32\perfh009.dat

- 2006-08-08 09:40:06 323,110 ----a-w C:\WINDOWS\system32\perfh014.dat

+ 2008-01-11 22:29:10 323,404 ----a-w C:\WINDOWS\system32\perfh014.dat

+ 2006-10-24 11:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll

- 2006-09-25 16:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll

+ 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll

- 2006-09-25 16:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe

+ 2006-10-16 15:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe

- 2004-08-04 14:00:00 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll

+ 2006-03-24 04:39:58 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll

+ 2006-10-24 11:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll

+ 2006-10-24 11:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll

+ 2006-10-24 11:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll

+ 2005-09-22 22:48:08 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

+ 2005-09-22 22:48:08 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

+ 2005-09-22 22:48:06 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]

2007-10-17 13:53 57384 --a------ C:\Programfiler\Windows Live\Tryggere for familien\fssbho.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15:00 15360]

"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"preload"="C:\Windows\RUNXMLPL.exe" [2005-05-19 17:09 32768]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-01-23 10:36 155648]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-01-23 10:31 126976]

"SoundMan"="SOUNDMAN.EXE" [2005-04-15 11:01 77824 C:\WINDOWS\SOUNDMAN.EXE]

"SynTPLpr"="C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe" [2005-02-04 11:12 102490]

"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-02-04 11:11 708698]

"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-06-01 14:17 192512]

"ePowerManagement"="C:\Acer\ePM\ePM.exe" [2005-03-15 10:03 2893824]

"RemoteControl"="C:\Programfiler\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 01:07 32768]

"LaunchAp"="C:\Programfiler\Launch Manager\LaunchAp.exe" [2005-07-25 13:36 32768]

"PowerKey"="C:\Programfiler\Launch Manager\PowerKey.exe" [2002-08-30 15:02 94208]

"LManager"="C:\Programfiler\Launch Manager\HotkeyApp.exe" [2005-06-06 11:52 69632]

"CtrlVol"="C:\Programfiler\Launch Manager\CtrlVol.exe" [2003-09-16 14:28 20480]

"LMgrOSD"="C:\Programfiler\Launch Manager\OSDCtrl.exe" [2005-07-25 10:45 241664]

"Wbutton"="C:\Programfiler\Launch Manager\Wbutton.exe" [2005-07-25 13:34 81920]

"eRecoveryService"="C:\Programfiler\Acer\eRecovery\Monitor.exe" [2005-06-29 17:26 352256]

"EEventManager"="C:\Programfiler\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2005-04-08 14:09 102400]

"ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2007-01-09 21:59 115816]

"osCheck"="C:\Programfiler\Norton Internet Security\osCheck.exe" [2006-10-16 16:16 26248]

"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-12-11 10:56 286720]

"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]

"fssui"="C:\Programfiler\Windows Live\Tryggere for familien\fssui.exe" [2007-10-17 13:53 243240]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15:00 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

R0 esff;esff;C:\WINDOWS\system32\drivers\esff.sys [2005-10-07 10:49]

R0 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 17:14]

R0 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 23:07]

R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 11:27]

R2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-10-16 16:16]

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]

R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]

R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53]

R2 fsssvc;Windows Live OneCare Tryggere for familien;"C:\Programfiler\Windows Live\Tryggere for familien\fsssvc.exe" [2007-10-17 13:53]

R2 int15.sys;int15.sys;C:\Programfiler\Acer\eRecovery\int15.sys [2005-01-13 14:46]

R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 16:37]

R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]

R3 POWERKEY;POWERKEY;C:\Programfiler\Launch Manager\POWERKEY.sys [2000-12-19 18:29]

S0 wasfsd;wasfsd;C:\WINDOWS\system32\drivers\wasfsd.sys []

S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys []

S4 Boonty Games;Boonty Games;"C:\Programfiler\Fellesfiler\BOONTY Shared\Service\Boonty.exe" []

*Newly Created Service* - COMHOST

.

Contents of the 'Scheduled Tasks' folder

"2008-01-11 19:35:44 C:\WINDOWS\Tasks\Norton Internet Security Online - Kjør fullstendig systemsøk - NFU A-A 3.job"

- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exec/TASK:

"2008-01-11 23:13:02 C:\WINDOWS\Tasks\Se etter oppdateringer for Windows Live Toolbar.job"

- C:\Programfiler\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-01-12 11:55:35

Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-01-12 11:56:04

ComboFix-quarantined-files.txt 2008-01-12 10:56:02

ComboFix2.txt 2008-01-10 18:57:22

.

2008-01-11 23:31:59 --- E O F ---

Men Jeg har jo ikke noen ny hjt-logg, jeg scannet jo uten at den lagret noen logg..? Skal jeg scanne på nytt, sånn at den lagrer en logg, eller? :ermm:

10. januar 2008

Vi kan gjøre et forsøk:

Kjør gjennom langversjonen i følgende post: https://www.diskusjon.no/index.php?showtopic=691246.

Loggene det spørres etter, legger du i en egen tråd som du oppretter ved å klikk på Nytt emne-knappen.

Tusen takk for hjelpen! :thumbup: Skal prøve på dette

10. januar 2008

Her er SAS-loggen:

SUPERAntiSpyware Scan Log

<a href="http://www.superantispyware.com" target="_blank"><a href="http://www.superantispyware.com" target="_blank">http://www.superantispyware.com</a></a>

Generated 01/10/2008 at 07:28 PM

Application Version : 3.9.1008

Core Rules Database Version : 3259

Trace Rules Database Version: 1270

Scan type : Complete Scan

Total Scan Time : 00:44:07

Memory items scanned : 525

Memory threats detected : 0

Registry items scanned : 4505

Registry threats detected : 0

File items scanned : 31862

File threats detected : 107

Trojan.ErrorSafe

C:\WINDOWS\SYSTEM32\ERRORSAFESETUP.EXE

Malware.DriveCleaner

C:\WINDOWS\DOWNLOADED PROGRAM FILES\UDC6H_0001_D19M0709NETINSTALLER.EXE

C:\DOCUMENTS AND SETTINGS\NFU A-A 3\LOKALE INNSTILLINGER\TEMP\ICD1.TMP\UDC6H_0001_D19M0709NETINSTALLER.EXE

Trojan.WinAntiSpyware/WinAntiVirus 2006

C:\DOCUMENTS AND SETTINGS\NFU A-A 3\LOKALE INNSTILLINGER\TEMP\~WA6PSETUP.EXE

Adware.Tracking Cookie

Hijackthis-loggen:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:01:58, on 10.01.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe

C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Acer\eManager\anbmServ.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\acer\epm\epm-dm.exe

C:\Programfiler\CyberLink\PowerDVD\PDVDServ.exe

C:\Programfiler\Launch Manager\LaunchAp.exe

C:\Programfiler\Launch Manager\PowerKey.exe

C:\Programfiler\Launch Manager\HotkeyApp.exe

C:\Programfiler\Launch Manager\OSDCtrl.exe

C:\Programfiler\Launch Manager\Wbutton.exe

C:\Programfiler\Acer\eRecovery\Monitor.exe

C:\Programfiler\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Programfiler\Trend Micro\Test\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.handball.no/p1.asp?site=2" target="_blank"><a href="http://www.handball.no/p1.asp?site=2" target="_blank">http://www.handball.no/p1.asp?site=2</a></a>

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://global.acer.com/" target="_blank"><a href="http://global.acer.com/" target="_blank">http://global.acer.com/</a></a>

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.handball.no" target="_blank"><a href="http://www.handball.no" target="_blank">http://www.handball.no</a></a>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll