lassaron-jon Skrevet 21. januar 2006 Skrevet 21. januar 2006 SHAIT eg blir litt bekymra no: ------------------------------------------------------------------------ Tjeneste messenger melding fra SYSTEM til ALERT den (dato og tid) STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION Windows has found CRITICAL SYSTEM ERRORS To fix the errors please do the following 1. Download Registry Cleaner from: http://www.fixer32.com 2. install registry cleander 3. run registry cleaner 4. reboot your computer FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORRUPTION. -------------------------------------------------------------------------------------- ?? slite eg?
quakie Skrevet 21. januar 2006 Skrevet 21. januar 2006 SHAIT eg blir litt bekymra no:------------------------------------------------------------------------ Tjeneste messenger melding fra SYSTEM til ALERT den (dato og tid) STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION Windows has found CRITICAL SYSTEM ERRORS To fix the errors please do the following 1. Download Registry Cleaner from: http://www.fixer32.com 2. install registry cleander 3. run registry cleaner 4. reboot your computer FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORRUPTION. -------------------------------------------------------------------------------------- ?? slite eg? 5475905[/snapback] Akkurat den samme mld fikk kameraten min en gang! Vi lurte på det samme, jeg trodde først det var et spyware prog elller lignende. Men lastet ned prog og rensket opp i register.. Meldingen kom kanskje 1 gang i timen, hvordan er det med deg?? Vi tok adaware test osv.. Fant litt rusk og rask. Men meld fortsatte og komme.. Han ryddet litt på PCn sin og pluteselig kom ikke meld lenger?
Pozzolan Skrevet 21. januar 2006 Skrevet 21. januar 2006 (endret) Last ned HijackThis og post logen her så vi kan analysere den. Endret 21. januar 2006 av stealthy
TCi Skrevet 22. januar 2006 Skrevet 22. januar 2006 Du kan deaktivere messenger tjenesten for å fjerne problemet. Men gjør som stealthy sier, kjør Hijackthis også. --- Finn fram til: kontrollpanelet -> administrative verktøy - tjenester/services Let opp Messenger tjenesten og dobbelklikk på den. I Oppstartstype velger du "Manuell" og i Tjeneste status trykker du på Stopp. Klikk OK. Notat: Dette går også ut over beskjeder via NET SEND.
lassaron-jon Skrevet 22. januar 2006 Forfatter Skrevet 22. januar 2006 ja. eller skrive net stop messenger i cmd
lassaron-jon Skrevet 22. januar 2006 Forfatter Skrevet 22. januar 2006 Logfile of HijackThis v1.99.1 Scan saved at 13:11:32, on 22.01.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Norton Internet Security\ISSVC.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\CyberLink\PowerDVD\PDVDServ.exe C:\BITWARE\NT\bwprnmon.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\System32\msnxpexe.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\WINDOWS\System32\ctfmon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Program Files\E-Color\Common\IconMgr.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\System32\CMMON32.EXE C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NSMdtr.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Winamp\winamp.exe C:\Documents and Settings\felix\Lokale innstillinger\Temp\Midlertidig mappe 1 for hijackthis_199.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hw.no/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Programfiler\NVIDIA Corporation\nTune\\nTune.exe" clear O4 - HKLM\..\Run: [RemoteControl] C:\Programfiler\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [bwprnmon.exe] C:\BITWARE\NT\bwprnmon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sW20] C:\WINDOWS\System32\sw20.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\System32\sw24.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [system Service] msnxpexe.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\RunServices: [system Service] msnxpexe.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - Global Startup: E-Color.lnk = C:\Program Files\E-Color\Common\IconMgr.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{49E442DF-1EC0-483F-A8AB-03F83C42E229}: NameServer = 194.29.200.10 213.142.64.171 O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe
TCi Skrevet 22. januar 2006 Skrevet 22. januar 2006 Du trenger vel ikke bumpe tråden.... Såg ingenting spesielt faretruende i den loggen. Men du kan ta en scan med f.eks. Ad-aware.
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå