Legobilen Skrevet 20. januar 2008 Skrevet 20. januar 2008 (endret) Hei.. kan noen skjekke loggene mine/ hjelpe meg? Kjørte SAS og fikk beskjeden; "-enellerannenfil- is damaged. Run chkdsk" elns. Har gjort dette, da ikke ser ut til å funke. Pcn henger seg ofte og har blitt merkbart treigere i det siste. Nå får jeg heller ikke til å kjøre iTunes, av en eller annen grunn :S HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:40:06, on 20.01.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\Programfiler\Java\j2re1.4.2_15\bin\jusched.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Messenger\MSMSGS.EXE C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\programfiler\steam\steam.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programfiler\Hotspot Shield\bin\openvpnas.exe C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\iTunes\iTunes.exe C:\Programfiler\Opera\Opera.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PKR Pal] "C:\Programfiler\PKR\pkrpal.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\j2re1.4.2_15\bin\jusched.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [AODAssist.exe] C:\Programfiler\AMD\AMD OverDrive\AODAssist.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [updateMgr] C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [steam] "c:\programfiler\steam\steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {070CA17A-4BD2-4612-83B4-32B1B9159B47} - http://uc.sina.com.cn/download/live/weblive2.4.0.0.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1188239318828 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) - http://javadl-esd.sun.com/update/1.4.2/jin...indows-i586.cab O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} (KooPlayer Control) - http://www.euchannels.net/UKooPlayer.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bw+0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: offline-8876480 - {6D9540E2-9D55-4ECB-B258-950DE7668F54} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Programfiler\Hotspot Shield\bin\openvpnas.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 20948 bytes ComboFix: ComboFix 08-01-20.1 - Arne M 2008-01-20 22:43:56.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.1260 [GMT 1:00] Running from: C:\Documents and Settings\Arne M\Programdata\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\_000007_.tmp.dll C:\WINDOWS\system32\_000008_.tmp.dll . ((((((((((((((((((((((((( Files Created from 2007-12-20 to 2008-01-20 ))))))))))))))))))))))))))))))) . 2008-01-20 22:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-20 22:38 . 2008-01-20 22:38 <DIR> d-------- C:\Programfiler\Trend Micro 2008-01-20 21:44 . 2008-01-20 22:20 <DIR> dr-h----- C:\Documents and Settings\Arne M\Siste 2008-01-19 23:18 . 2008-01-19 23:18 <DIR> d-------- C:\WINDOWS\system32\avsplugin 2008-01-19 23:18 . 2008-01-19 23:18 <DIR> d-------- C:\Programfiler\Smallvideosoft 2008-01-19 23:18 . 2007-04-19 15:15 7,277,568 --a------ C:\WINDOWS\system32\3gpcore.dll 2008-01-19 23:18 . 2004-05-26 20:37 719,872 --a------ C:\WINDOWS\system32\devil.dll 2008-01-19 23:18 . 2006-10-17 22:29 487,479 --a------ C:\WINDOWS\system32\SkinMagic.dll 2008-01-19 23:18 . 2006-12-31 10:16 313,344 --a------ C:\WINDOWS\system32\avisynth.dll 2008-01-19 23:18 . 2007-02-16 07:10 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll 2008-01-16 16:38 . 2008-01-16 16:38 <DIR> d-------- C:\Programfiler\iPod 2008-01-16 16:38 . 2008-01-20 22:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-16 16:38 . 2008-01-16 16:38 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-12 13:09 . 2008-01-12 13:09 <DIR> d-------- C:\Programfiler\Hotspot Shield 2008-01-11 22:11 . 2003-07-19 16:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd 2008-01-11 22:11 . 2005-01-03 07:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys 2008-01-10 15:27 . 2008-01-10 15:27 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx 2008-01-10 15:27 . 2008-01-10 15:27 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts 2008-01-01 12:23 . 2008-01-01 12:23 <DIR> d-------- C:\Programfiler\Audacity 1.3 Beta (Unicode) 2008-01-01 12:23 . 2008-01-05 18:45 <DIR> d-------- C:\Documents and Settings\Arne M\Programdata\Audacity . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-20 21:34 --------- d-----w C:\Programfiler\SUPERAntiSpyware 2008-01-20 21:32 --------- d-----w C:\Programfiler\Steam 2008-01-18 13:12 --------- d-----w C:\Documents and Settings\Arne M\Programdata\uTorrent 2008-01-16 21:58 --------- d-----w C:\Programfiler\Windows Live Safety Center 2008-01-16 21:36 --------- d-----w C:\Documents and Settings\Arne M\Programdata\mIRC 2008-01-16 20:27 --------- d-----w C:\Programfiler\mIRC 2008-01-16 15:38 --------- d-----w C:\Programfiler\iTunes 2008-01-16 15:37 --------- d-----w C:\Programfiler\QuickTime 2008-01-11 13:43 --------- d-----w C:\Programfiler\Google 2008-01-10 16:27 --------- d-----w C:\Programfiler\oDC 2008-01-08 18:32 --------- d-----w C:\Documents and Settings\Arne M\Programdata\dvdcss 2008-01-05 17:16 --------- d---a-w C:\Documents and Settings\All Users\Programdata\TEMP 2008-01-05 13:20 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-12-30 15:34 --------- d-----w C:\Programfiler\Opera 2007-12-20 16:27 --------- d-----w C:\Documents and Settings\Arne M\Programdata\Hamachi 2007-12-18 16:56 --------- d-----w C:\Programfiler\TrackMania Nations ESWC 2007-12-17 17:03 --------- d-----w C:\Programfiler\Creative 2007-12-17 17:03 --------- d-----w C:\Documents and Settings\Arne M\Programdata\Creative 2007-12-14 19:46 --------- d-----w C:\Programfiler\SpeedFan 2007-12-11 13:05 --------- d-----w C:\Programfiler\FDRLab 2007-12-03 19:44 --------- d-----w C:\Documents and Settings\Arne M\Programdata\AdobeUM 2007-12-01 23:03 --------- d-----w C:\Programfiler\Project64 1.6 2007-11-27 13:20 --------- d-----w C:\Programfiler\Fellesfiler\DirectX 2007-11-07 09:30 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-21 17:24 159,744 ----a-w C:\WINDOWS\system32\UCLiveCore.dll 2007-08-27 15:31 18 ----a-w C:\Documents and Settings\Arne M\autoexec.bat 2006-06-27 11:45 176,886 ----a-w C:\Documents and Settings\Arne M\FLASH895.EXE . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360] "LDM"="C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-27 19:24 32768] "MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:54 5674352] "MSMSGS"="C:\Programfiler\Messenger\MSMSGS.exe" [2004-10-13 17:24 1694208] "swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-29 14:45 68856] "DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2007-08-22 13:06 167368] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 13:06 1318912] "NVIDIA nTune"="C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 11:32 81920] "updateMgr"="C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472] "Steam"="c:\programfiler\steam\steam.exe" [2007-12-20 15:41 1266936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-05-27 03:47 16208384 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008] "nwiz"="nwiz.exe" [2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe] "GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47 31016] "PKR Pal"="C:\Programfiler\PKR\pkrpal.exe" [ ] "SunJavaUpdateSched"="C:\Programfiler\Java\j2re1.4.2_15\bin\jusched.exe" [2007-05-22 16:39 32881] "Microsoft Works Update Detection"="C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-25 06:20 28672] "AODAssist.exe"="C:\Programfiler\AMD\AMD OverDrive\AODAssist.exe" [2007-09-25 17:42 42496] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 17:14 81920] "QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2008-01-10 15:27 385024] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Adobe Gamma Loader.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2007-08-27 21:03:29 113664] Adobe Reader Speed Launch.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696] Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-08-27 19:24:41 450560] Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2007-08-27 19:23:53 528384] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll R3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2007-06-08 07:52] *Newly Created Service* - PROCEXP90 . Contents of the 'Scheduled Tasks' folder "2008-01-17 20:27:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-20 22:46:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-20 22:46:38 ComboFix-quarantined-files.txt 2008-01-20 21:46:24 . 2008-01-09 21:56:53 --- E O F --- EDIT: Når jeg kjørte SAS nå, kom det ikke feilmelding. Men jeg setter pris på at noen sjekker loggene alikevel Endret 20. januar 2008 av En kaktus?
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå