Gå til innhold

» Data » Programvare

annalyser Hijackthis logfil for meg?

lassaron-jon

Av lassaron-jon
4. mars 2006 i Programvare

Anbefalte innlegg

lassaron-jon

lassaron-jon

Skrevet 4. mars 2006

Skrevet 4. mars 2006

søstera mi sin PC virka litt fucka so eg laga ei loggfil i Hijachthis:

Logfile of HijackThis v1.99.1

Scan saved at 13:34:40, on 04.03.2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\WINDOWS\Explorer.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\winhelp\smss.exe

C:\WINDOWS\System32\STDSB.exe

C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\Programfiler\Winamp\Winampa.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINDOWS\System32\P2P Networking\P2P Networking.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\program files\altnet\points manager\points manager.exe

C:\Programfiler\Java\jre1.5.0_03\bin\jusched.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\WINDOWS\system32\slserv.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\WINDOWS\Downloaded Program Files\UERSH_0001_N68M0602NetInstaller.exe

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\Telenor\Online Start\OnlineStart.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Programfiler\Messenger\msmsgs.exe

C:\Programfiler\TBONBin\tbon.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Programfiler\NETGEAR\WG511v2\wlancfg5.exe

C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe

C:\WINDOWS\System32\msiexec.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\cleanmgr.exe

C:\Documents and Settings\Min\Lokale innstillinger\Temp\Midlertidig mappe 3 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENONO/SAOS01

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer by Tele2

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\winhelp\smss.exe

O1 - Hosts: 242.57.64.24 www.symantec.com

O1 - Hosts: 242.57.64.24 symantec.com

O1 - Hosts: 24.68.64.56 securityresponse.symantec.com

O1 - Hosts: 24.68.64.56 symantecstore.com

O1 - Hosts: 24.68.64.56 www.symantecstore.com

O1 - Hosts: 188.80.191.89 service1.symantec.com

O1 - Hosts: 188.80.191.89 sarc.com

O1 - Hosts: 188.80.191.89 www.sarc.com

O1 - Hosts: 225.219.192.122 www.sophos.com

O1 - Hosts: 7.230.192.154 sophos.com

O1 - Hosts: 7.230.192.154 www.mcafee.com

O1 - Hosts: 7.230.192.154 mcafee.com

O1 - Hosts: 171.114.64.187 customer.symantec.com

O1 - Hosts: 209.126.64.220 liveupdate.symantec.com

O1 - Hosts: 209.126.64.220 liveupdate.symantecliveupdate.com

O1 - Hosts: 209.126.64.220 www.viruslist.com

O1 - Hosts: 246.10.64.252 viruslist.com

O1 - Hosts: 246.10.64.252 f-secure.com

O1 - Hosts: 246.10.64.252 www.f-secure.com

O1 - Hosts: 155.21.64.30 f-prot.com

O1 - Hosts: 155.21.64.30 www.f-prot.com

O1 - Hosts: 229.172.191.95 kaspersky.com

O1 - Hosts: 138.55.191.128 kaspersky-labs.com

O1 - Hosts: 138.55.191.128 www.avp.com

O1 - Hosts: 175.67.63.161 avp.com

O1 - Hosts: 178.220.102.197 www.kaspersky.com

O1 - Hosts: 178.220.102.197 www.networkassociates.com

O1 - Hosts: 178.220.102.197 networkassociates.com

O1 - Hosts: 87.232.102.229 www.ca.com

O1 - Hosts: 87.232.102.229 www3.ca.com

O1 - Hosts: 128.68.228.235 ca.com

O1 - Hosts: 74.219.228.46 mast.mcafee.com

O1 - Hosts: 74.219.228.46 my-etrust.com

O1 - Hosts: 111.231.100.78 www.my-etrust.com

O1 - Hosts: 111.231.100.78 dispatch.mcafee.com

O1 - Hosts: 111.231.100.78 secure.nai.com

O1 - Hosts: 21.114.100.111 nai.com

O1 - Hosts: 21.114.100.111 www.nai.com

O1 - Hosts: 58.126.100.144 vil.nai.com

O1 - Hosts: 58.126.100.144 update.symantec.com

O1 - Hosts: 95.10.101.176 updates.symantec.com

O1 - Hosts: 4.21.228.209 us.mcafee.com

O1 - Hosts: 41.160.228.242 mcafee.net

O1 - Hosts: 41.160.228.242 rads.mcafee.com

O1 - Hosts: 78.172.228.19 download.mcafee.com

O1 - Hosts: 242.56.100.52 trendmicro.com

O1 - Hosts: 242.56.100.52 www.trendmicro.com

O1 - Hosts: 62.79.100.117 housecall.trendmicro.com

O1 - Hosts: 62.79.100.117 pandasoftware.com

O1 - Hosts: 62.79.100.117 www.pandasoftware.com

O1 - Hosts: 8.229.227.183 www.trendmicro.com

O1 - Hosts: 45.113.227.215 free.grisoft.com

O1 - Hosts: 45.113.227.215 www.grisoft.com

O1 - Hosts: 45.113.227.215 grisoft.com

O1 - Hosts: 209.125.227.248 clamav.net

O1 - Hosts: 209.125.227.248 www.clamav.net

O1 - Hosts: 246.9.227.26 free-av.com

O1 - Hosts: 246.9.227.26 www.free-av.com

O1 - Hosts: 156.20.99.58 www.avast.com

O1 - Hosts: 156.20.99.58 avast.com

O1 - Hosts: 139.54.226.156 cert.org

O1 - Hosts: 176.66.227.189 www.cert.org

O1 - Hosts: 213.78.227.222 www.microsoft.com

O1 - Hosts: 213.78.227.222 microsoft.com

O1 - Hosts: 122.217.227.254 www.virustotal.com

O1 - Hosts: 122.217.227.254 virustotal.com

O1 - Hosts: 160.228.99.32 www.teamanti-virus.org

O1 - Hosts: 160.228.99.32 teamanti-virus.org

O1 - Hosts: 160.228.99.32 www.drsolomon.com

O1 - Hosts: 197.112.99.64 drsolomon.com

O1 - Hosts: 197.112.99.64 www.virusbtn.com

O1 - Hosts: 197.112.99.64 virusbtn.com

O1 - Hosts: 143.7.226.130 update.microsoft.com

O1 - Hosts: 143.7.226.130 windowsupdate.microsoft.com

O1 - Hosts: 143.7.226.130 www.avgbulgaria.com

O1 - Hosts: 143.7.226.130 avgbulgaria.com

O1 - Hosts: 180.19.226.162 www.vet.com.au

O1 - Hosts: 180.19.226.162 vet.com.au

O1 - Hosts: 89.158.226.195 antivirus.about.com

O1 - Hosts: 89.158.226.195 www.avg-antivirus.net

O1 - Hosts: 126.170.226.228 avg-antivirus.net

O1 - Hosts: 126.170.226.228 nod32.com

O1 - Hosts: 126.170.226.228 www.nod32.com

O1 - Hosts: 163.181.98.5 virus-radar.com

O1 - Hosts: 163.181.98.5 www.virus-radar.com

O1 - Hosts: 163.181.98.5 bitdefender.com

O1 - Hosts: 73.65.98.38 www.bitdefender.com

O1 - Hosts: 73.65.98.38 www.freebyte.com

O1 - Hosts: 73.65.98.38 freebyte.com

O1 - Hosts: 73.65.98.38 www.zonelabs.com

O1 - Hosts: 110.77.98.71 zonelabs.com

O1 - Hosts: 110.77.98.71 download.zonelabs.com

O1 - Hosts: 110.77.98.71 smb.sygate.com

O1 - Hosts: 147.215.225.103 www.agnitum.com

O1 - Hosts: 56.227.225.136 agnitum.com

O1 - Hosts: 56.227.225.136 kasperskyusa.com

O1 - Hosts: 56.227.225.136 www.kasperskyusa.com

O1 - Hosts: 93.111.226.169 www.kaspersky.com.au

O1 - Hosts: 93.111.226.169 kaspersky.com.au

O1 - Hosts: 93.111.226.169 www.kaspersky.co.uk

O1 - Hosts: 93.111.226.169 kaspersky.co.uk

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programfiler\Need2Find\bar\1.bin\ND2FNBAR.DLL

O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programfiler\INSTAFINK\instafink.dll

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Programfiler\RXToolBar\sfcont.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Programfiler\RXToolBar\RXToolBar.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [sTDSB] C:\WINDOWS\System32\STDSB.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Programfiler\Norton Internet Security\UrlLstCk.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Programfiler\Winamp\Winampa.exe"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [KAZAA] C:\Programfiler\Kazaa\kazaa.exe /SYSTRAY

O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s

O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_03\bin\jusched.exe

O4 - HKLM\..\Run: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [NI.UERSH_0001_N68M0602] "C:\WINDOWS\Downloaded Program Files\UERSH_0001_N68M0602NetInstaller.exe" -nag

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ecc] C:\Programfiler\Telenor\Online Start\OnlineStart.exe

O4 - HKLM\..\RunServices: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [tbon] C:\Programfiler\TBONBin\tbon.exe /r

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe

O4 - HKCU\..\RunServices: [PK Guard 32] C:\WINDOWS\System32\winhelp\smss.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O4 - Global Startup: NETGEAR WG511v2 Wireless Assistant.lnk = ?

O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.meadroid.com/scriptx/ScriptX.cab

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Programfiler\RXToolBar\sfcont.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

Videoannonse

Annonse

berxter

berxter

Skrevet 4. mars 2006

Skrevet 4. mars 2006

Du har rett, maskina er f*cked med flere ting. Jeg synes tråden skal flyttes til Sikkerhet, men du kan jo kjøre den Javabaserte Housecall først. Før du får fikset Hostsfila er vel det en av de få du kommer til.

Kan nevne at disse er svineri:

C:\WINDOWS\System32\P2P Networking\P2P Networking.exe

C:\program files\altnet\points manager\points manager.exe

Alle 01 Hostsgreiene

O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programfiler\Need2Find\bar\1.bin\ND2FNBAR.DLL

O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programfiler\INSTAFINK\instafink.dll

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Programfiler\RXToolBar\sfcont.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Programfiler\RXToolBar\RXToolBar.dll

O4 - HKLM\..\Run: [KAZAA] C:\Programfiler\Kazaa\kazaa.exe /SYSTRAY

O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s

O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Programfiler\RXToolBar\sfcont.dll

og du kan få HJT til å fikse dem, men det vil ikke løse hele problemet.

Få HJT til å fikse det over, kjør Housecall, restart maskina og legg ut en HJTlogg på "Sikkerhet"

Bernt K

lassaron-jon

lassaron-jon

Skrevet 5. mars 2006

Forfatter

Skrevet 5. mars 2006

Tusen takk! 1414

lassaron-jon

lassaron-jon

Skrevet 5. mars 2006

Forfatter

Skrevet 5. mars 2006

Eg får ikkje house call til å funke, det skjer ingenting når eg tar test PC now

berxter

berxter

Skrevet 5. mars 2006

Skrevet 5. mars 2006

Neivel, da får du prøve Ewido . Den så heller ikke ut til å bli redirected.

Last ned Ewido, installer den og oppdater definisjonene. Når du installerer, fjern haka i "Install background guard" og "Install scan via context menu". IKKE kjør Ewido i normal modus.

Få HJT til å fikse punktene jeg nevnte, restart maskina i safe mode (f8 under boot), se til at ingen applikasjoner går (bruk ctrl-alt-del og se på Task manager og stopp evt Applications som går, inkludert nettlesere).

Kjør Ewido i safe mode; den lager en heslig lang logg, save den. Dette tar gjerne en times tid.

Kjør HJT i normal mode.

Hun kjører både Norton og AVG i oppstart. Det er ikke noe problem å ha flere AVprogrammer installert, men flere i autostart er ikke alltid så lyckad. Det er ikke noe problem å kjøre Ewido sammen med andre; den er skreddersydd for det.

Så er det på tide å installere og kjøre minst ett Antispywareprogram, MS Windows Defender , og Adaware er gode. Se til at begge er oppdatert før de kjøres.

Etter dette bør du kunne kjøre Housecall.

Bernt K

lassaron-jon

lassaron-jon

Skrevet 5. mars 2006

Forfatter

Skrevet 5. mars 2006

bøyer meg i støvet....

lassaron-jon

lassaron-jon

Skrevet 5. mars 2006

Forfatter

Skrevet 5. mars 2006

Logfile of HijackThis v1.99.1

Scan saved at 14:17:26, on 05.03.2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\STDSB.exe

C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe

C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\Telenor\Online Start\OnlineStart.exe

C:\WINDOWS\System32\ctfmon.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Programfiler\Messenger\msmsgs.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\Programfiler\ewido anti-malware\ewidoctrl.exe

C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

C:\Programfiler\NETGEAR\WG511v2\wlancfg5.exe

C:\WINDOWS\system32\slserv.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\Min\Skrivebord\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\no\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O4 - HKLM\..\Run: [sTDSB] C:\WINDOWS\System32\STDSB.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Programfiler\Norton Internet Security\UrlLstCk.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ecc] C:\Programfiler\Telenor\Online Start\OnlineStart.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O4 - Global Startup: NETGEAR WG511v2 Wireless Assistant.lnk = ?

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.meadroid.com/scriptx/ScriptX.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: ewido security suite control - ewido networks - C:\Programfiler\ewido anti-malware\ewidoctrl.exe

O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe

Og:

---------------------------------------------------------

ewido anti-malware - Scan report

---------------------------------------------------------

+ Created on: 14:10:10, 05.03.2006

+ Report-Checksum: A3CF7E0C

+ Scan result:

HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Ignored

HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Ignored

HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Adware.Altnet : Ignored

HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\instafink.INSTAFINK -> Adware.InstaFinder : Cleaned with backup

HKLM\SOFTWARE\Classes\instafink.INSTAFINK\Clsid -> Adware.InstaFinder : Cleaned with backup

HKLM\SOFTWARE\Classes\RXToolBar.TBInfo -> Adware.RXToolbar : Cleaned with backup

HKLM\SOFTWARE\Classes\RXToolBar.TBInfo\CLSID -> Adware.RXToolbar : Cleaned with backup

HKLM\SOFTWARE\Classes\RXToolBar.TBInfo\CurVer -> Adware.RXToolbar : Cleaned with backup

HKLM\SOFTWARE\Classes\RXToolBar.TBInfo.1 -> Adware.RXToolbar : Cleaned with backup

HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Cleaned with backup

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\INSTAFINK -> Adware.InstaFinder : Cleaned with backup

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RXToolBar -> Adware.RXToolbar : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\INSTAFINK -> Adware.InstaFinder : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\INSTAFINK\Reports -> Adware.InstaFinder : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\INSTAFINK\Reports\38781 -> Adware.InstaFinder : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\INSTAFINK\Reports\38781\Objects -> Adware.InstaFinder : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\INSTAFINK\Reports\38781\Objects\5 -> Adware.InstaFinder : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\INSTAFINK\Stat -> Adware.InstaFinder : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1053 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4492 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4496 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4543 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1053 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1116 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1524 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1553 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1641 -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Queue -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Status -> Adware.Cydoor : Cleaned with backup

HKU\S-1-5-21-4127525854-1157428300-3793383549-1005\Software\RX Toolbar -> Adware.RXToolbar : Cleaned with backup

C:\Documents and Settings\Min\Cookies\min@bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup

C:\Documents and Settings\Min\Cookies\min@cliks[1].txt -> TrackingCookie.Cliks : Cleaned with backup

C:\Documents and Settings\Min\Skrivebord\a.exe -> Backdoor.IRCBot.lo : Cleaned with backup

C:\Programfiler\INSTAFINK -> Adware.404Search : Cleaned with backup

C:\Programfiler\INSTAFINK\Cache -> Adware.404Search : Cleaned with backup

C:\Programfiler\INSTAFINK\Cache\ErrorLog.txt -> Adware.404Search : Cleaned with backup

C:\Programfiler\INSTAFINK\Cache\instafinktb0302.cfg -> Adware.404Search : Cleaned with backup

C:\Programfiler\INSTAFINK\Cache\NewCfg -> Adware.404Search : Cleaned with backup

C:\Programfiler\INSTAFINK\instafink.dll -> Adware.404Search : Cleaned with backup

C:\Programfiler\INSTAFINK\Uninstall.exe -> Adware.404Search : Cleaned with backup

C:\Programfiler\TBONBin -> Adware.BetterInternet : Cleaned with backup

C:\Programfiler\TBONBin\tbon.exe -> Adware.BetterInternet : Cleaned with backup

C:\Programfiler\TBONBin\tboninst.cfg -> Adware.BetterInternet : Cleaned with backup

C:\Programfiler\TBONBin\TBONUnst.htm -> Adware.BetterInternet : Cleaned with backup

C:\Programfiler\TBONBin\TBONWnd.EXE -> Adware.BetterInternet : Cleaned with backup

C:\Programfiler\TBONBin\Uninstall.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052299.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052308.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052334.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052356.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052361.dll -> Adware.RXBar : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052375.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052388.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052404.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0052419.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0053419.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0053434.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0054434.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0055434.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0055450.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0055460.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0056460.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0056470.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0056485.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP102\A0056497.exe -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058550.EXE -> Adware.BetterInternet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058620.exe -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058622.dll -> Adware.BrilliantDigital : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058624.exe -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058627.dll -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058628.dll -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058629.exe -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058631.dll -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058632.dll -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058633.dll -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058634.exe -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058636.dll -> Adware.Altnet : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058640.dll -> Adware.RXBar : Cleaned with backup

C:\System Volume Information\_restore{7F22AF43-FA5C-49B1-A111-D0311B043FF6}\RP103\A0058641.dll -> Adware.RXBar : Cleaned with backup

C:\WINDOWS\Downloaded Program Files\UERSH_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup

C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_0_0_105300.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_0_0_106800.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_0_0_107400.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_1_0_449200.gif -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_1_0_449200.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_1_0_449600.gif -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_1_0_449600.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_1_0_454300.gif -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_1_0_454300.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_2_0_105300.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_2_0_106800.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_2_0_107400.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_3_0_105300.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_3_0_106800.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_3_0_107400.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_4_0_111600.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_4_0_152400.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_4_0_155300.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\AdCache\B_329_4_0_164100.htm -> Adware.Cydoor : Cleaned with backup

C:\WINDOWS\system32\winhelp\smss.exe -> Backdoor.IRCBot.lo : Cleaned with backup

::Report End

lassaron-jon

lassaron-jon

Skrevet 5. mars 2006

Forfatter

Skrevet 5. mars 2006

eg ser berre, bilda til venstre. og linja heilt nede. det er KOKO

lassaron-jon

lassaron-jon

Skrevet 5. mars 2006

Forfatter

Skrevet 5. mars 2006

No har eg:

renska med Hijackthis

renska med Ewido

Innstallert service pack 2

fjerna utdatert ulisensert norton antivirus 04

innstallert ZoneAlarm brannmur

oppdatert AVG antivirus

sletta masse skit

brukt automatisk oppdatering.

men eg har ikkje fått til house call.

Det er bedre, men ikkje bra nok

berxter

berxter

Skrevet 5. mars 2006

Skrevet 5. mars 2006

Neivel, da er det på tide å prøve Panda Activescan . Denne Krever at du bruker IE, husk see report og save report. HJT-loggen din er ikke helt blodfersk?

Få HJT til å fikse disse:

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.meadroid.com/scriptx/ScriptX.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Pandaloggen er liten og nett og vi ser den gjerne sammen med en fersk HJT-logg.

Bernt K

9hdoksaet4

9hdoksaet4

Skrevet 5. mars 2006

Skrevet 5. mars 2006

Jeg vil bare si at å innstallere Kazaa er en enkel måte å rasere pc'ens ytelse på, som det var gjort på den aktuelle maskinen.

Ellers vil jeg si at alle råd er gitt her tidligere, men det går også an å kjøre CWShredder fra Trend i tillegg til de andre.

Et annet kjekt program for å renske opp i registeret o.l er CCleaner.

lassaron-jon

lassaron-jon

Skrevet 5. mars 2006

Forfatter

Skrevet 5. mars 2006

Kazaa bør avinstallerast? no har eg ikkje tillgang på PCen før til helga igjen...

9hdoksaet4

9hdoksaet4

Skrevet 5. mars 2006

Skrevet 5. mars 2006

Min "sjef" på jobben har innstallert Kazaa på jobb pc'en! En gang tok jeg et lite søk med Panda-activescan på den, og Panda fant vel noe sånn som 1344 filer av tvilsom karakter og 4 Hacker-tools.

Den er utrolig treg nå og full av pop-ups hele tiden.

Jeg for min del ville brukt Firefox også, men siden det ikke er min pc gir jeg en god F###.

Folk med peiling bruker Torrents, og det er definitivt fremtiden innen fildeling.

Stadig flere selskaper bruker det, en av dem er Nero, og flere blir det etterhvert.

zjulik

zjulik

Skrevet 5. mars 2006

Skrevet 5. mars 2006

På dette tidspunkt ville jeg lastet ned det aldeles uunnværlige Microsoft Baseline Security Analyzer:

http://www.majorgeeks.com/Microsoft_Baseli...yzer_d4105.html

Og kjørt en scan. Der vil du blant annet få beskjed om feil i internett-innstillinger.

Ta også en kikk i c/windows/system32/drivers/etc og se om det befinner seg linjer i filen som heter hosts. Gjør det det, skriv igjen.

lassaron-jon

lassaron-jon

Skrevet 7. mars 2006

Forfatter

Skrevet 7. mars 2006

litt OT: korleis ser du om ein torrent er rask eller ikkje. ka er seeders og sånm

Theoneask

Theoneask

Skrevet 7. mars 2006

Skrevet 7. mars 2006

litt OT: korleis ser du om ein torrent er rask eller ikkje. ka er seeders og sånm

5716125[/snapback]

Seeders = antall folk som har lastet ned alt, og som berre sender den videre til andre.

Leechers ( veit ikkje korleis det skrivast ) = Folk som heller på og laste ned fila, og samtidig sender den videre.

Jo fleire seeders, jo beidre fart får du.

lassaron-jon

lassaron-jon

Skrevet 8. mars 2006

Forfatter

Skrevet 8. mars 2006

ka om det står 6/7 på seeders?

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå

Gå til emneliste

Populær nå
- Stortingsvalget 8.september 2025 1 2 3 4 92
  
  Av Vokteren, 1. mai i Politikk og samfunn
  - 1 829 svar
  - 46 918 visninger
- Krigen mellom Israel og Hamas 1 2 3 4 1250
  
  Av Snikpellik, 12. oktober 2023 i Politikk og samfunn
  - 24 992 svar
  - 1 199 508 visninger
Hvem er aktive 0 medlemmer
- Ingen innloggede medlemmer aktive

×

×

Opprett ny...