r2d290 Skrevet 27. november 2008 Rapporter Del Skrevet 27. november 2008 Start->kjør Skriv: msconfig velg fanen "oppstart" Du kan deaktivere det du vet hva er og vet at du ikke trenger i oppstart. Spør hvis du lurer på noe. etter dette kan vi prøve å defragmentere og gjøre litt diverse triks som vil gjøre maskina raskere Lenke til kommentar
raWrz Skrevet 27. november 2008 Rapporter Del Skrevet 27. november 2008 (endret) tips til kjapere oppstart. vista bruker bare EN kjerne av prosessoren når den starter opp så hvis du vil at den skal bruke begge gå inn i msconfig som r2d290 sa - boot - avangserte alternativer - kryss av på antall prosessorer og klikk på så mange du har Endret 27. november 2008 av Submit Lenke til kommentar
HLSolbjorg Skrevet 27. november 2008 Rapporter Del Skrevet 27. november 2008 1. Jeg kan ikke trykke på noenting i ->boot :S 2. Er dette riktig?? Lenke til kommentar
norbat Skrevet 27. november 2008 Forfatter Rapporter Del Skrevet 27. november 2008 Oppfordrer alle til å starte egen tråd (Nytt Emne) da denne tråden i utg.pkt ikke er en supporttråd. På forhåndt takk. Lenke til kommentar
Printerstøv Skrevet 28. november 2008 Rapporter Del Skrevet 28. november 2008 (endret) Hei, Er plaget med popup spesielt da jeg surfer på youtube. Her er loggfilene: MBAM: Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.30Database versjon: 1431 Windows 5.1.2600 Service Pack 2 28.11.2008 16:58:06 mbam-log-2008-11-28 (16-58-06).txt Skanntype: Rask Skann Objekter skannet: 43627 Tid tilbakelagt: 2 minute(s), 43 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 6 Registerverdier infisert: 1 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 6 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75abcf92-9764-4dfa-a83f-5142c3905052} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75abcf92-9764-4dfa-a83f-5142c3905052} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. Registerverdier infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{75abcf92-9764-4dfa-a83f-5142c3905052} (Trojan.Vundo) -> Quarantined and deleted successfully. Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: C:\WINDOWS\system32\fzskie.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\whgkwtmk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\utytqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uughuxaj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ofzaol.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pblmoaly.dll (Trojan.Vundo) -> Quarantined and deleted successfully. Combofix: Klikk for å se/fjerne innholdet nedenfor ComboFix 08-11-27.07 - Fredrik Sandvik 2008-11-28 17:01:13.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1465 [GMT 1:00] Running from: c:\documents and settings\Fredrik Sandvik\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\windows\Downloaded Program Files\setup.inf c:\windows\MFCKINF.dll c:\windows\system32\dwnmsrrf.ini c:\windows\system32\hrclxt.dll c:\windows\system32\jubfagph.dll c:\windows\system32\lxjycsvt.ini c:\windows\system32\puvpvgws.ini ----- BITS: Possible infected sites ----- hxxp://www.securityenchancement.com . ((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 ))))))))))))))))))))))))))))))) . 2008-11-28 16:53 . 2008-11-28 16:53 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-11-28 16:53 . 2008-11-28 16:53 <DIR> d-------- c:\documents and settings\Fredrik Sandvik\Application Data\Malwarebytes 2008-11-28 16:53 . 2008-11-28 16:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-11-28 16:53 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-11-28 16:53 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-11-14 18:09 . 2008-11-14 18:09 <DIR> d-------- c:\program files\Lavasoft 2008-11-14 18:08 . 2008-11-14 18:08 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-11-14 18:08 . 2008-11-14 18:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-11-08 20:51 . 2008-11-08 20:51 <DIR> d-------- c:\documents and settings\Fredrik Sandvik\Application Data\OpenOffice.org 2008-11-04 17:27 . 2008-11-04 17:27 112 --a------ c:\windows\MFCKIO.CRC 2008-11-04 17:26 . 2008-11-04 17:27 <DIR> d-------- c:\program files\EasyViewer 2008-11-04 17:26 . 2002-06-28 21:30 793,536 --a------ c:\windows\wmpcdcs8.exe 2008-11-04 17:26 . 2001-05-11 13:18 420,240 --a------ c:\windows\system32\mpg4c32.dll 2008-11-04 17:26 . 2001-05-16 17:54 309,616 --a------ c:\windows\system32\wmv8dmod.dll 2008-11-04 17:26 . 2001-03-26 04:41 245,760 --a------ c:\windows\system32\mp4sds32.ax 2008-11-04 17:26 . 2007-05-12 09:48 57,344 --a------ c:\windows\system32\KRTilte.ax 2008-11-04 17:26 . 2008-01-03 07:11 375 -ra------ c:\windows\MFCKINSTALL.dll 2008-11-04 17:26 . 2007-08-28 14:07 26 --a------ c:\windows\MFCKSYS.dll 2008-11-04 17:14 . 2004-08-03 23:07 59,264 --a------ c:\windows\system32\drivers\USBAUDIO.sys 2008-11-04 17:14 . 2004-08-03 23:07 59,264 --a--c--- c:\windows\system32\dllcache\usbaudio.sys 2008-11-03 16:24 . 2008-11-15 14:56 <DIR> d-------- c:\program files\SpywareBlaster 2008-11-03 16:24 . 2008-11-15 14:56 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP 2008-11-02 10:22 . 2008-11-03 18:17 153 --a------ c:\windows\wininit.ini 2008-11-02 03:00 . 2008-11-12 23:15 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-11-02 03:00 . 2008-11-15 16:20 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-01 19:46 . 2008-11-01 19:46 <DIR> d-------- c:\program files\Google 2008-11-01 19:11 . 2008-11-01 19:11 <DIR> d-------- c:\program files\PowerQuest 2008-11-01 19:03 . 2008-11-01 19:03 <DIR> d-------- c:\program files\OpenOffice.org 3 2008-11-01 18:55 . 2008-11-01 18:55 <DIR> d-------- c:\program files\DAEMON Tools Lite 2008-11-01 18:53 . 2008-11-01 18:53 717,296 --a------ c:\windows\system32\drivers\sptd.sys 2008-11-01 18:52 . 2008-11-01 18:52 <DIR> d-------- c:\documents and settings\Fredrik Sandvik\Application Data\DAEMON Tools . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-01 18:10 --------- d-----w c:\program files\Common Files\InstallShield 2008-11-01 18:07 --------- d-----w c:\program files\Vuze 2008-11-01 18:07 --------- d-----w c:\documents and settings\Fredrik Sandvik\Application Data\Azureus 2008-10-23 21:37 --------- d-----w c:\program files\Active WebCam 2008-10-23 21:36 --------- d-----w c:\documents and settings\All Users\Application Data\PY_Software 2008-10-21 13:14 --------- d-----w c:\documents and settings\Fredrik Sandvik\Application Data\vlc 2008-10-18 11:24 --------- d-----w c:\program files\Java 2008-10-18 11:23 --------- d-----w c:\program files\Common Files\Java 2008-10-18 10:35 --------- d-----w c:\program files\Driver Sweeper 2008-10-18 10:04 --------- d-----w c:\program files\Auslogics 2008-10-18 10:04 --------- d-----w c:\documents and settings\Fredrik Sandvik\Application Data\Auslogics 2008-10-13 20:43 --------- d--h--w c:\program files\InstallShield Installation Information 2008-10-13 20:43 --------- d-----w c:\program files\Common Files\Remote Control USB Driver 2008-10-13 20:43 --------- d-----w c:\program files\Common Files\Remote Control Software Shared 2008-10-13 20:39 --------- d-----w c:\program files\Logitech 2008-10-02 08:07 453,152 ----a-w c:\windows\system32\NVUNINST.EXE 2008-09-30 19:30 --------- d-----w c:\program files\Winamp 2008-09-30 19:11 --------- d-----w c:\documents and settings\All Users\Application Data\Azureus 2008-09-30 18:48 --------- d-----w c:\program files\VideoLAN 2008-09-28 20:53 --------- d-----w c:\program files\Microsoft.NET 2008-09-28 20:45 --------- d-----w c:\program files\Microsoft ActiveSync 2008-09-13 15:43 127,034 ------r c:\windows\bwUnin-8.1.1.50-8876480SL.exe 2008-09-06 21:24 10,520 ----a-w c:\windows\system32\avgrsstx.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-09-13 692224] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll hrclxt.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 01:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2007-06-01 09:21 153136 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] --a------ 2006-11-13 16:56 1289000 c:\program files\Microsoft ActiveSync\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2007-05-08 15:24 54840 c:\program files\Hp\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] --a------ 2007-04-11 14:32 56080 c:\windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Com4QLBEx"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-09-06 97928] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-09-06 875288] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-06 231704] R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-09-06 76040] R2 StkASSrv;Syntek STK1160 Service;c:\windows\System32\StkASv2K.exe [2008-11-04 24576] S3 crtaud;Conexant Riptide WDM Audio Driver;c:\windows\system32\drivers\crtaud.sys [2008-09-07 42112] S3 StkAMini;Syntek STK1160;c:\windows\system32\Drivers\StkAMini.sys [2008-11-04 242139] S3 StkScan;Syntek STK1160 Still Image;c:\windows\system32\Drivers\StkScan.sys [2008-11-04 4772] S4 Com4QLBEx;Com4QLBEx;"c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [2008-09-06 193840] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . - - - - ORPHANS REMOVED - - - - BHO-{6d18b39b-8d18-469b-9afe-9b7d6d6539b2} - c:\windows\system32\hrclxt.dll BHO-{EFBFFBB3-008E-41AB-AD38-6B80FB295B00} - (no file) Notify-fcccyYOG - fcccyYOG.dll MSConfigStartUp-nwiz - nwiz.exe . ------- Supplementary Scan ------- . FireFox -: Profile - c:\documents and settings\Fredrik Sandvik\Application Data\Mozilla\Firefox\Profiles\dcooniun.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - www.startsiden.no . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-28 17:03:36 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\program files\Synaptics\SynTP\SynTPEnh.exe c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.exe c:\windows\system32\wdfmgr.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\AVG\AVG8\avgrsx.exe c:\program files\AVG\AVG8\avgrsx.exe . ************************************************************************** . Completion time: 2008-11-28 17:05:05 - machine was rebooted ComboFix-quarantined-files.txt 2008-11-28 16:05:02 Pre-Run: 8 240 816 128 bytes free Post-Run: 8,170,770,432 bytes free 184 HJT: Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:23:31, on 28.11.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\StkASv2K.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\WINDOWS\explorer.exe C:\Program Files\AVG\AVG8\avgrsx.exe C:\Program Files\AVG\AVG8\avgrsx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll hrclxt.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: Syntek STK1160 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe -- End of file - 4711 bytes Beklager, så ikke siste post om å starte ny tråd for dette! Håper noen har tid å titte på dette uansett, send gjerne en PM for ordensskyld Tusen takk på fårhånd! Mvh. Fredrik Endret 28. november 2008 av AlpejoHn Lenke til kommentar
skylinepower Skrevet 28. november 2008 Rapporter Del Skrevet 28. november 2008 Hijackthis logg. Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:04:09, on 28.11.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\Bonjour\mDNSResponder.exe C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\igfxtray.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe C:\Programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe C:\DOCUME~1\Bruker\LOKALE~1\Temp\RtkBtMnt.exe C:\Programfiler\Windows Live\Messenger\usnsvc.exe C:\Programfiler\Opera\opera.exe C:\Documents and Settings\Bruker\Mine dokumenter\mbam-setup.exe C:\DOCUME~1\Bruker\LOKALE~1\Temp\is-V0Q7S.tmp\mbam-setup.tmp C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe C:\Programfiler\Malwarebytes' Anti-Malware\mbam.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.rd.yahoo.com/customize/ycomp/def.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/def...://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/def...://uk.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg/startp...0848351F6F32535 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programfiler\AVG\AVG8\avgtoolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programfiler\AVG\AVG8\avgtoolbar.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Programfiler\Realtek\Audio\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programfiler\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 8558 bytes Malware logg. Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.30 Database versjon: 1433 Windows 5.1.2600 Service Pack 3 28.11.2008 19:27:33 mbam-log-2008-11-28 (19-27-33).txt Skanntype: Rask Skann Objekter skannet: 46653 Tid tilbakelagt: 22 minute(s), 50 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) Mvh Jonas Lenke til kommentar
raWrz Skrevet 28. november 2008 Rapporter Del Skrevet 28. november 2008 lag egene poster er dere snille Lenke til kommentar
mona14 Skrevet 1. desember 2008 Rapporter Del Skrevet 1. desember 2008 HJT logg Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:08:08, on 01.12.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe C:\Windows\System32\mobsync.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\PROGRA~1\AVG\AVG8\aAvgApi.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [css] C:\Program Files\Comodo\Css\cssurf.exe /s O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Host Process] C:\Users\Lene\svchost.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper og Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: HP Utklippsbok - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Smart valgmetode - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u...ows-i586-jc.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: C:\PROGRA~1\Comodo\Css\cssdll32.dll,avgrsstx.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 11427 bytes Lenke til kommentar
r2d290 Skrevet 1. desember 2008 Rapporter Del Skrevet 1. desember 2008 Mona14: Vi gir ikke lenger support i denne tråden, så hvis du vil ha hjelp, må du lage en NY TRÅD i kategorien "Antivirus og datasikkerhet" Lenke til kommentar
2ball_ Skrevet 3. desember 2008 Rapporter Del Skrevet 3. desember 2008 ser ut som om han har piratkopier windows og den eneste utveien er og betale en lisens Jeg har i hele tatt ikke piratkopiert noe .. Går det ikke an og installere på nytt, vis jeg finner cd-key`en ? problemet er sikkert løst for lenge siden, men vist du ringer til servistelefonen så pleier man å få en ny kode.. Lenke til kommentar
trilobitt Skrevet 3. desember 2008 Rapporter Del Skrevet 3. desember 2008 ComboFix 08-12-02.02 - Jim Westby 2008-12-03 16:47:25.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.2216 [GMT 1:00] Kjører fra: c:\documents and settings\Jim Westby\Skrivebord\ComboFix.exe * Opprettet nytt gjenopprettingspunkt . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-03 til 2008-12-03 ))))))))))))))))))))))))))))))))) . 2008-12-03 16:42 . 2008-12-03 16:42 <DIR> d-------- c:\programfiler\Malwarebytes' Anti-Malware 2008-12-03 16:42 . 2008-12-03 16:42 <DIR> d-------- c:\documents and settings\Jim Westby\Programdata\Malwarebytes 2008-12-03 16:42 . 2008-12-03 16:42 <DIR> d-------- c:\documents and settings\All Users\Programdata\Malwarebytes 2008-12-03 16:42 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-03 16:42 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-03 16:23 . 2008-12-03 16:31 493 --a------ c:\windows\wininit.ini 2008-12-03 16:05 . 2008-12-03 16:06 <DIR> d-------- c:\programfiler\Spybot - Search & Destroy 2008-12-03 16:05 . 2008-12-03 16:31 <DIR> d-------- c:\documents and settings\All Users\Programdata\Spybot - Search & Destroy 2008-12-03 15:21 . 2008-12-03 15:26 <DIR> d-------- c:\documents and settings\Jim Westby\Contacts 2008-12-03 15:20 . 2008-12-03 15:20 <DIR> d----c--- c:\windows\system32\DRVSTORE 2008-12-03 15:20 . 2008-12-03 15:20 <DIR> d-------- c:\windows\LastGood 2008-12-03 15:18 . 2008-12-03 15:20 <DIR> d-------- c:\programfiler\Windows Live 2008-12-03 15:18 . 2008-12-03 15:20 <DIR> d--hsc--- c:\programfiler\Fellesfiler\WindowsLiveInstaller 2008-12-03 15:18 . 2008-12-03 15:18 <DIR> d-------- c:\documents and settings\All Users\Programdata\WLInstaller 2008-12-03 15:09 . 2008-12-03 15:09 <DIR> d-------- c:\programfiler\Lavasoft 2008-12-03 15:09 . 2008-12-03 15:14 <DIR> d-------- c:\documents and settings\All Users\Programdata\Lavasoft 2008-12-03 15:07 . 2008-04-14 17:22 221,184 --a------ c:\windows\system32\wmpns.dll 2008-12-03 15:04 . 2008-12-03 15:04 <DIR> d-------- c:\programfiler\Fellesfiler\Wise Installation Wizard 2008-12-03 15:01 . 2008-12-03 15:01 <DIR> d-------- c:\windows\LastGood.Tmp 2008-12-03 14:58 . 2008-12-03 14:58 <DIR> d-------- c:\windows\system32\no 2008-12-03 14:58 . 2008-12-03 14:58 <DIR> d-------- c:\windows\system32\bits 2008-12-03 14:58 . 2008-12-03 14:58 <DIR> d-------- c:\windows\l2schemas 2008-12-03 14:57 . 2008-12-03 15:29 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-12-03 14:56 . 2008-12-03 14:56 <DIR> d-------- c:\windows\ServicePackFiles 2008-12-03 14:41 . 2008-12-03 14:43 <DIR> d-------- c:\windows\system32\drivers\Avg 2008-12-03 14:41 . 2008-12-03 14:41 <DIR> d-------- c:\programfiler\Java 2008-12-03 14:41 . 2008-12-03 14:41 <DIR> d-------- c:\programfiler\AVG 2008-12-03 14:41 . 2008-12-03 14:41 <DIR> d-------- c:\documents and settings\All Users\Programdata\avg8 2008-12-03 14:41 . 2008-12-03 14:41 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-03 14:41 . 2008-12-03 14:41 98,440 --a------ c:\windows\system32\drivers\avgldx86.sys 2008-12-03 14:41 . 2008-12-03 14:41 90,632 --a------ c:\windows\system32\drivers\avgtdix.sys 2008-12-03 14:41 . 2008-12-03 14:41 73,728 --a------ c:\windows\system32\javacpl.cpl 2008-12-03 14:41 . 2008-12-03 14:41 12,936 --a------ c:\windows\system32\drivers\avgrkx86.sys 2008-12-03 14:41 . 2008-12-03 14:41 10,520 --a------ c:\windows\system32\avgrsstx.dll 2008-12-03 13:25 . 2008-12-03 13:25 <DIR> d-------- c:\programfiler\VideoLAN 2008-12-03 11:19 . 2008-12-03 14:58 <DIR> d-------- c:\windows\system32\nb-no 2008-12-03 11:06 . 2008-12-03 11:09 <DIR> d-------- c:\programfiler\LimeWire 2008-12-03 11:05 . 2008-12-03 11:05 176,128 --a------ c:\windows\system32\djifvot.dll 2008-12-03 10:56 . 2008-12-03 10:56 <DIR> d-------- c:\documents and settings\All Users\Programdata\ESET 2008-12-03 10:41 . 2008-12-03 10:41 <DIR> d-------- c:\programfiler\uTorrent 2008-12-03 10:41 . 2008-12-03 15:24 <DIR> d-------- c:\documents and settings\Jim Westby\Programdata\uTorrent 2008-12-03 10:35 . 2008-12-03 10:35 0 --a------ c:\windows\nsreg.dat 2008-12-02 23:50 . 2008-08-14 14:27 2,190,976 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2008-12-02 23:50 . 2008-08-14 14:27 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-12-02 23:50 . 2008-08-14 14:27 2,067,840 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-12-02 23:50 . 2008-08-14 14:27 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2008-12-02 23:50 . 2008-09-15 16:29 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys 2008-12-02 23:50 . 2008-04-11 20:06 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll 2008-12-02 23:50 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-12-02 23:50 . 2008-10-15 17:38 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll 2008-12-02 23:50 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys 2008-12-02 23:50 . 2008-08-14 11:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys 2008-12-02 23:49 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys 2008-12-02 23:16 . 2008-12-03 11:18 <DIR> d--h----- c:\windows\$hf_mig$ 2008-12-02 23:16 . 2008-06-14 18:36 272,256 --------- c:\windows\system32\drivers\bthport.sys 2008-12-02 23:16 . 2008-06-14 18:36 272,256 -----c--- c:\windows\system32\dllcache\bthport.sys 2008-12-02 23:13 . 2008-12-02 23:13 <DIR> d-------- c:\documents and settings\All Users\Programdata\Blizzard 2008-12-02 23:08 . 2008-12-03 13:29 <DIR> d-------- c:\programfiler\Fellesfiler\Blizzard Entertainment 2008-12-02 22:58 . 2008-10-16 14:09 43,544 --a------ c:\windows\system32\wups2.dll 2008-12-02 22:58 . 2008-10-16 14:08 31,768 --a------ c:\windows\system32\wucltui.dll.mui 2008-12-02 22:58 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuaucpl.cpl.mui 2008-12-02 22:58 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui 2008-12-02 22:58 . 2008-10-16 14:07 18,968 --a------ c:\windows\system32\wuaueng.dll.mui 2008-12-02 22:57 . 2008-12-02 22:57 <DIR> d---s---- c:\documents and settings\Jim Westby\UserData 2008-12-02 22:27 . 2008-12-02 22:27 <DIR> d-------- c:\windows\system32\msmq 2008-12-02 22:27 . 2008-12-02 22:27 <DIR> d-------- c:\windows\system32\Logfiles 2008-12-02 22:27 . 2008-12-02 22:27 <DIR> d-------- C:\Inetpub 2008-12-02 21:15 . 2008-04-13 19:45 172,416 --a------ c:\windows\system32\drivers\kmixer.sys 2008-12-02 21:15 . 2008-04-13 17:39 142,592 --a------ c:\windows\system32\drivers\aec.sys 2008-12-02 21:15 . 2008-04-13 20:17 83,072 --a------ c:\windows\system32\drivers\wdmaud.sys 2008-12-02 21:15 . 2008-04-13 20:15 60,800 --a------ c:\windows\system32\drivers\sysaudio.sys 2008-12-02 21:15 . 2008-04-13 19:45 56,576 --a------ c:\windows\system32\drivers\swmidi.sys 2008-12-02 21:15 . 2008-04-13 19:45 52,864 --a------ c:\windows\system32\drivers\dmusic.sys 2008-12-02 21:15 . 2008-04-13 19:39 7,552 --a------ c:\windows\system32\drivers\mskssrv.sys 2008-12-02 21:15 . 2008-04-13 19:45 6,272 --a------ c:\windows\system32\drivers\splitter.sys 2008-12-02 21:15 . 2008-04-13 19:39 5,376 --a------ c:\windows\system32\drivers\mspclock.sys 2008-12-02 21:15 . 2008-04-13 19:39 4,992 --a------ c:\windows\system32\drivers\mspqm.sys 2008-12-02 21:15 . 2008-04-13 19:45 2,944 --a------ c:\windows\system32\drivers\drmkaud.sys 2008-12-02 21:14 . 2008-12-02 21:14 <DIR> d-------- c:\programfiler\Analog Devices 2008-12-02 21:14 . 2001-09-11 14:20 1,285,632 --------- c:\windows\system32\SMMedia.dll 2008-12-02 21:14 . 2008-04-13 20:19 146,048 --a------ c:\windows\system32\drivers\portcls.sys 2008-12-02 21:14 . 2008-04-14 17:23 129,536 --a------ c:\windows\system32\ksproxy.ax 2008-12-02 21:14 . 2008-04-13 19:45 60,160 --a------ c:\windows\system32\drivers\drmk.sys 2008-12-02 21:14 . 2005-05-04 08:20 53,248 --------- c:\windows\system32\wdmioctl.dll 2008-12-02 21:14 . 2006-07-10 14:42 49,152 --------- c:\windows\system32\DSndUp.exe 2008-12-02 21:14 . 2002-04-17 14:05 45,056 --------- c:\windows\system32\CleanUp.exe 2008-12-02 21:14 . 2007-08-10 08:22 26,488 --a------ c:\windows\system32\spupdsvc.exe 2008-12-02 21:14 . 2008-04-14 17:22 4,096 --a------ c:\windows\system32\ksuser.dll 2008-12-02 21:10 . 2005-01-12 02:56 78,336 --a------ c:\windows\system32\SilSupp.cpl 2008-12-02 21:10 . 2005-01-20 06:30 67,200 -ra------ c:\windows\system32\drivers\SI3132.sys 2008-12-02 21:10 . 2004-11-02 03:21 10,368 -ra------ c:\windows\system32\drivers\SiWinAcc.sys 2008-12-02 21:09 . 2008-12-02 21:09 <DIR> d-------- c:\programfiler\NVIDIA Corporation 2008-12-02 21:09 . 2008-12-02 21:09 1,024 --a------ C:\.rnd 2008-12-02 21:09 . 2008-12-02 21:09 22 --a------ c:\windows\FileName 2008-12-02 21:07 . 2006-03-23 19:53 442,368 --a------ c:\windows\system32\CapabilityTable.exe 2008-12-02 21:07 . 2006-08-18 18:28 208,896 --------- c:\windows\system32\nvuide.exe 2008-12-02 21:07 . 2006-06-01 23:32 1,570 --------- c:\windows\system32\nvide.nvu 2008-12-02 21:06 . 2006-09-12 01:06 356,352 --a------ c:\windows\system32\nvunrm.exe 2008-12-02 21:06 . 2006-09-12 00:14 3,903 --a------ c:\windows\system32\nvnrm.nvu 2008-12-02 21:06 . 2006-08-14 20:09 1,428 --a------ c:\windows\system32\drivers\nvphy.bin 2008-12-02 21:05 . 2008-12-02 21:08 <DIR> d-------- c:\programfiler\Fellesfiler\InstallShield 2008-12-02 21:03 . 2008-12-02 21:14 <DIR> d--h----- c:\programfiler\InstallShield Installation Information 2008-12-02 21:03 . 2008-12-02 21:03 <DIR> d-------- c:\programfiler\D-Link 2008-12-02 21:03 . 2008-12-02 21:03 <DIR> d-------- c:\documents and settings\Jim Westby\Programdata\InstallShield 2008-12-02 21:02 . 2008-12-02 21:02 <DIR> d-------- c:\windows\nview 2008-12-02 21:02 . 2008-12-02 21:02 <DIR> d-------- C:\NVIDIA 2008-12-02 21:02 . 2008-10-02 10:07 453,152 --a------ c:\windows\system32\NVUNINST.EXE 2008-12-02 21:02 . 2008-10-07 13:33 453,152 --a------ c:\windows\system32\nvudisp.exe 2008-12-02 21:02 . 2008-12-03 15:07 200,819 --a------ c:\windows\system32\nvapps.xml 2008-12-02 21:02 . 2008-10-07 13:33 18,477 --a------ c:\windows\system32\nvdisp.nvu . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-02 19:30 --------- d-----w c:\programfiler\microsoft frontpage 2008-12-02 19:29 --------- d-----w c:\programfiler\Elektroniske tjenester 2008-12-02 19:28 --------- d-----w c:\programfiler\Fellesfiler\Tjenester 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-09-15 15:29 1,846,400 ----a-w c:\windows\system32\win32k.sys 2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34B4DFE0-E110-4936-BE49-C4F3684FB458}] 2008-12-03 11:05 176128 --a------ c:\windows\system32\djifvot.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MsnMsgr"="c:\programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ Wireless Connection Manager.lnk - c:\programfiler\D-Link\D-Link DWA-556 Xtreme N PCIe Desktop Adapter\wirelesscm.exe [2008-12-02 20525056] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Programfiler\\uTorrent\\uTorrent.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgam.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-12-03 12936] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-03 98440] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-12-03 90632] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-03 874776] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-03 231704] R3 JSWSCIMD;jswscimd Service;c:\windows\system32\DRIVERS\jswscimd.sys [2008-12-02 57376] R3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-03 38496] R3 WSIMD;wsimd Service;c:\windows\system32\DRIVERS\wsimd.sys [2008-12-02 57344] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9d3f99d-c0aa-11dd-ae69-b548704665d1}] \Shell\AutoRun\command - wd_windows_tools\setup.exe *Newly Created Service* - AAWSERVICE *Newly Created Service* - AD-WATCH_CONNECT_FILTER *Newly Created Service* - AD-WATCH_REAL-TIME_SCANNER *Newly Created Service* - AD-WATCH_REGISTRY_FILTER *Newly Created Service* - CSISCANNER *Newly Created Service* - MBAMSWISSARMY *Newly Created Service* - PROCEXP90 *Newly Created Service* - USNJSVC *Newly Created Service* - WLSETUPSVC . . ------- Tilleggsskanning ------- . FireFox -: Profile - c:\documents and settings\Jim Westby\Programdata\Mozilla\Firefox\Profiles\9z4cjb57.default\ FF -: plugin - c:\programfiler\Java\jre6\bin\new_plugin\npdeploytk.dll FF -: plugin - c:\programfiler\Java\jre6\bin\new_plugin\npjp2.dll FF -: plugin - c:\programfiler\Mozilla Firefox\plugins\npdeploytk.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-03 16:47:56 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(876) c:\windows\system32\avgrsstx.dll - - - - - - - > 'lsass.exe'(988) c:\windows\system32\avgrsstx.dll c:\windows\system32\nvappfilter.dll . Tidspunkt ferdig: 2008-12-03 16:48:19 ComboFix-quarantined-files.txt 2008-12-03 15:48:16 Pre-Run: 32 021 491 712 byte ledig Post-Run: 32,043,548,672 byte ledig WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 219 --- E O F --- 2008-12-03 14:02:15 Noen som kan hjelpe meg ? : p Lenke til kommentar
Tosha0007 Skrevet 3. desember 2008 Rapporter Del Skrevet 3. desember 2008 trilobitt: oppfordrer deg til å lage din eigen tråd her slik at support vert lettare å gjennomføre. Klikk "nytt emne" oppe til høgre på sida og post loggane. Hugs å køyre Malwarebyte's, Combofix og HijackThis i denne rekkjefølgen Lenke til kommentar
r2d290 Skrevet 3. desember 2008 Rapporter Del Skrevet 3. desember 2008 (endret) trilobitt: For det første: vi gir ikke lenger support i denne tråden. Hvis du vil ha hjelp, oppretter du et Nytt emne For det andre: hvis du tror du har virus eller andre problemer med pc-en, følger du veiledningen til norbat i førsteposten til denne tråden. edit: litt sent ute Endret 3. desember 2008 av r2d290 Lenke til kommentar
Li19 Skrevet 4. desember 2008 Rapporter Del Skrevet 4. desember 2008 er det flere enn meg som har problemer med å oppdatere mbam i dag? Lenke til kommentar
Tosha0007 Skrevet 4. desember 2008 Rapporter Del Skrevet 4. desember 2008 ser sånn ut diverre, veit ikkje om det kan ha samanheng med Telenor sine problem. Lenke til kommentar
rvenes Skrevet 6. desember 2008 Rapporter Del Skrevet 6. desember 2008 Antivirus 2009 var slem! mbam eller combofix starter ikkje... men fant ut at om eg renamer exefila til mbam så starter den... Lenke til kommentar
The Ghost Skrevet 6. desember 2008 Rapporter Del Skrevet 6. desember 2008 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:15:31, on 06.12.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\System Control Manager\MSIService.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\System Control Manager\MGSysCtrl.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programfiler\Opera\opera.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtKbd.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msi.com.tw R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.msi.com.tw/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [MGSysCtrl] C:\Programfiler\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.msi.com.tw O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: Micro Star SCM - Unknown owner - C:\Programfiler\System Control Manager\MSIService.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 5052 bytes Lenke til kommentar
raWrz Skrevet 6. desember 2008 Rapporter Del Skrevet 6. desember 2008 venligst lag egene tråder og dere får hjelp der Lenke til kommentar
seruz Skrevet 8. desember 2008 Rapporter Del Skrevet 8. desember 2008 hei, her er hijackthis loggen min, har hatt problemer med pcen, der 100% av cpu er i bruk , når det viser jeg bare bruker rundt 6 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:59, on 2008-12-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\D-Link\AirPlus G\AirGCFG.exe C:\Programfiler\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Programfiler\Analog Devices\Core\smax4pnp.exe C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programfiler\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Lol\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Windows Live\Messenger\usnsvc.exe D:\Games\Steam\Steam.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programfiler\AVG\AVG8\avgtoolbar.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programfiler\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programfiler\DAEMON Tools Toolbar\DTToolbar.dll (file missing) O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programfiler\AVG\AVG8\avgtoolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programfiler\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programfiler\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programfiler\Fellesfiler\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Lol\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: DesktopVideoPlayer.LNK = C:\Programfiler\vghd\vghd.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O12 - Plugin for .pdf: C:\Programfiler\Internet Explorer\PLUGINS\nppdf32.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programfiler\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6154 bytes Lenke til kommentar
raWrz Skrevet 8. desember 2008 Rapporter Del Skrevet 8. desember 2008 venligst lag en ny tråd mye lettere og hjelpe deg da Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå