zulo Skrevet 14. september 2007 Rapporter Del Skrevet 14. september 2007 Noen som kan sjekke hijackthis loggen? Internet har vært treg i det siste+pcn har vært rar. Måtte også oppgradere til msn live i dag for 7.5 funker ikke lenger:( plutselig får jeg ikke klikket på programmer nede på oppgavelinjen..får heller ikke opp startmenyen osv..den reagerer ikke der nede på musklikk:( Har xp x64 forresten. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:23:01, on 14.09.2007 Platform: Windows 2003 SP2 (WinNT 5.02.3790) MSIE: Internet Explorer v6.00 SP2 (6.00.3790.1830) Boot mode: Normal Running processes: C:\Program Files (x86)\Eset\nod32krn.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files (x86)\DAEMON Tools\daemon.exe C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\svehost.exe C:\Program Files (x86)\VMware\VMware Workstation\hqtray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\WINDOWS\SysWOW64\CTXFISPI.EXE C:\Program Files (x86)\Eset\nod32kui.exe C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\MSN Messenger\usnsvc.exe C:\Program Files (x86)\iPod\bin\iPodService.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe F:\s\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webtv.tv2.no/webtv/ F2 - REG:system.ini: UserInit=userinit O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [RCSystem] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Workstation\hqtray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageWorkstation\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageWorkstation\TimounterMonitor.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files (x86)\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\SysWow64\NeroCheck.exe O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing) O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing) O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing) O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files (x86)\Eset\nod32krn.exe O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing) O23 - Service: O&O Defrag - Unknown owner - C:\WINDOWS\system32\oodag.exe (file missing) O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing) O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing) O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing) -- End of file - 8661 bytes Lenke til kommentar
Aleksander- Skrevet 14. september 2007 Rapporter Del Skrevet 14. september 2007 (endret) svehost.exe known as wincap90 spyware svehost Denne var den eneste jeg fant som ikke skulle være der. Denne tror jeg skal klare å fjerne den Endret 14. september 2007 av alex503 Lenke til kommentar
Aleksander- Skrevet 14. september 2007 Rapporter Del Skrevet 14. september 2007 Dersom du har tid kan du også sjekke alt som står etter 023. Dette er Services. Her har du en liste over alle servicene, kopier navnet på dem du har, og sjekk dem opp mot lista. L betyr Legitimate, X betyr Malware Lenke til kommentar
norbat Skrevet 14. september 2007 Rapporter Del Skrevet 14. september 2007 Hvordan går det med infeksjonen? Last ned SDFix.exe. Pakk ut programmet. Last ned SAS, installer og oppdater. Restart i sikker modus (tapp f8 under oppstart) Kjør RunThis.bat i SDfix-mappa. Det lages en rapport (Report.txt) som du kan poste senere Kjør en full scan med SAS. Restart i normal modus Post ny HJT-logg sammen med loggen fra SDfix og SAS (Preferences->statistics/logs) Lenke til kommentar
zulo Skrevet 16. september 2007 Forfatter Rapporter Del Skrevet 16. september 2007 Hva er sdfix til? Skjønte ikke helt om du hadde sett andre infeksjoner eller om sdfix er til for å fjerne svehost.exe? Hvordan går det med infeksjonen? Last ned SDFix.exe. Pakk ut programmet. Last ned SAS, installer og oppdater. Restart i sikker modus (tapp f8 under oppstart) Kjør RunThis.bat i SDfix-mappa. Det lages en rapport (Report.txt) som du kan poste senere Kjør en full scan med SAS. Restart i normal modus Post ny HJT-logg sammen med loggen fra SDfix og SAS (Preferences->statistics/logs) 9497015[/snapback] Lenke til kommentar
norbat Skrevet 16. september 2007 Rapporter Del Skrevet 16. september 2007 Hei, Tenke først og fremst på svehost, men også evt. andre filer som følger med. Ellers var det mest et spm. om du hadde fått fjernet det vha. det programmet alex503 henviste til Lenke til kommentar
zulo Skrevet 17. september 2007 Forfatter Rapporter Del Skrevet 17. september 2007 Heien, det programmet som alex pekte på fikk PC-en min til å ikke boote...jeg lurte egentlig på bare hva det programmet du nevnte gjorde? (sdfix og sas )kan jeg bruke det til å fjerne svehost? Hei,Tenke først og fremst på svehost, men også evt. andre filer som følger med. Ellers var det mest et spm. om du hadde fått fjernet det vha. det programmet alex503 henviste til 9509732[/snapback] Lenke til kommentar
norbat Skrevet 17. september 2007 Rapporter Del Skrevet 17. september 2007 Ja, kjør begge i henhold til veiledningen Lenke til kommentar
zulo Skrevet 22. september 2007 Forfatter Rapporter Del Skrevet 22. september 2007 sdfix fikk jeg ikke startet,dos vinduet kom opp og jeg så antydning til noe blått i vinduet men så lukket det med en gang. kjørte superantispyware da i 2 timer..fant flere svehost filer :s I går kom det plutselig en melding på skjermen om at PC-en måtte restarte og den telte ned,hadde ikke muligheten til å stoppe det..det høres ut som et virus men.. Her er den nye hijackthis loggen: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 11:01:40, on 22.09.2007 Platform: Windows 2003 SP2 (WinNT 5.02.3790) Boot mode: Normal Running processes: C:\Program Files (x86)\Eset\nod32krn.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files (x86)\DAEMON Tools\daemon.exe C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\WINDOWS\SysWOW64\CTXFISPI.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe C:\Program Files (x86)\VMware\VMware Workstation\hqtray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Acronis\TrueImageWorkstation\TrueImageMonitor.exe C:\Program Files (x86)\Acronis\TrueImageWorkstation\TimounterMonitor.exe C:\Program Files (x86)\Eset\nod32kui.exe C:\Program Files (x86)\iPod\bin\iPodService.exe C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\MSN Messenger\msnmsgr.exe C:\Program Files (x86)\MSN Messenger\usnsvc.exe F:\s\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webtv.tv2.no/webtv/ F2 - REG:system.ini: UserInit=userinit O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [RCSystem] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Workstation\hqtray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageWorkstation\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageWorkstation\TimounterMonitor.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files (x86)\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\SysWow64\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SysWOW64\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SysWOW64\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing) O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing) O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing) O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files (x86)\Eset\nod32krn.exe O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing) O23 - Service: O&O Defrag - Unknown owner - C:\WINDOWS\system32\oodag.exe (file missing) O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing) O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing) O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing) -- End of file - 9418 bytes Ja, kjør begge i henhold til veiledningen 9515906[/snapback] Lenke til kommentar
norbat Skrevet 22. september 2007 Rapporter Del Skrevet 22. september 2007 Den siste hjt-loggen ser da mye bedre ut Ang. SDfix: Dette programmet må kjøres fra Sikker modus. Det høres nesten ut som om at du kjørte det fra vanlig tilstand. Vi kan sjekke med et annet program, Combofix: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (vanligvis c:\combofix.txt) Lenke til kommentar
zulo Skrevet 22. september 2007 Forfatter Rapporter Del Skrevet 22. september 2007 Heisann, Jeg kjørte det fra sikkermodus men jeg tenkte at det kansje hadde noe å gjøre med at det er xp 64-bit jeg har.. Skal teste combofix nå Den siste hjt-loggen ser da mye bedre ut Ang. SDfix: Dette programmet må kjøres fra Sikker modus. Det høres nesten ut som om at du kjørte det fra vanlig tilstand. Vi kan sjekke med et annet program, Combofix: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (vanligvis c:\combofix.txt) 9547786[/snapback] Lenke til kommentar
zulo Skrevet 22. september 2007 Forfatter Rapporter Del Skrevet 22. september 2007 Combofix går heller ikke, vinduet kommer opp men så lukker det seg igjen..prøvd i sikkermodus. Heisann,Jeg kjørte det fra sikkermodus men jeg tenkte at det kansje hadde noe å gjøre med at det er xp 64-bit jeg har.. Skal teste combofix nå Den siste hjt-loggen ser da mye bedre ut Ang. SDfix: Dette programmet må kjøres fra Sikker modus. Det høres nesten ut som om at du kjørte det fra vanlig tilstand. Vi kan sjekke med et annet program, Combofix: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (vanligvis c:\combofix.txt) 9547786[/snapback] 9548211[/snapback] Lenke til kommentar
norbat Skrevet 22. september 2007 Rapporter Del Skrevet 22. september 2007 Ok, Hvordan kjører forresten PC-en? Lenke til kommentar
zulo Skrevet 22. september 2007 Forfatter Rapporter Del Skrevet 22. september 2007 Ok,Hvordan kjører forresten PC-en? 9549638[/snapback] hm, hva mener du med det? om den er overklokket osv? Lenke til kommentar
norbat Skrevet 22. september 2007 Rapporter Del Skrevet 22. september 2007 Tenker på startmenyen, er PC-en fortsatt rar......... Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå