Just nu i M3-nätverket
Gå till innehåll

filipt

Medlem
  • Antal inlägg

    38
  • Gick med

  • Senaste besök

    Aldrig

Allt postat av filipt

  1. Har tänkt lite och kom på att vi nyligen skaffat nytt modem från bredbandsbolaget. Detta modem delar en funktion med D-link routern, nämligen DHCP, som innebär att modemet och den trådlösa routern förser datorn med IP adresser mm. Det kan inte bli någon krock där med tanke på att båda försökar sig på samma sak vilket kanske leder till att routern inte fungerar som den ska då den hela tiden försöker tilldela nya ip adresser trots att det inte går då detta är upptaget av bredbands modemet och då i samma veva statar o startar om sig som den gör?
  2. vad innebär dubbel postering?
  3. haha så hette det ja inte "compartable" sry hoppas det löser sig
  4. Hej jag har haft exakt samma problem, jag hade inte häller någon s-video utan körde också med scart. kommer itne ihåg allt men jag pulade med det där länge till jag hittade en inställning på grafikkortet. man skulle slå över så att den skickade någon annan sorts signaler, försökt hitta det nu på min egen men hittar itne tillbaka men jag vet att det går att lösa bara en inställningsfråga, typ nått med stil "compartable" lr nått sånt var det (kanske ganska värdelöst inlägg men ändå, hoppas det kanske kan vara till någon liten hjälp vet iaf att det går att fixa)
  5. Okej.. jo har provat att starta om den helt som du föreslår har inte hjälp, jag har däremot inte provat att uppdatera ("firmwiren"?) ska prova det, tack så mkt
  6. Hej alla glada! jag sitter på en d-link DI-624+ trådlös nätverks rauter, den har fungerat fint till det att vi fick srömavbrott i huset elapaptern dog helt och jag bytte till en annan. Nu fungerar strömen i den men den är itne som innan den lever sitt eget liv, nu fungerar inte den trådlösa funktionen (med nätverkssladd fungerar det mellan datorerna genom rautern) men anslutningen till lokala närverket upphör stup i kvarten det verkar som att rautern startar om sig själv hela tiden. Tidigare har den gått som en klocka och vi har itne ändrat några inställningar. vad kan det vara för fel? kan det vara en inställningsfråga lr kan rautern blivit skadad vid stömavbrottet? All hjälp /tips är välkomna MVH Filip
  7. Sluta surfa porr:P (skämt å sido)
  8. Okej ska ta och läsa på lite tänkte jag kanske man kan lösa det själv nästa gång
  9. Föresten är det någon ide att ta fram en ny hijack log och spara den, sen spara en log efter varje nytt program man installerar så att man kan se vad som ska vara där sen om det skulle komma oväntat besök så kan man bara köra hijack och ta bort dem? lr är det bara onödigt kan virusen gömma sig ändå? är det enkelt att förstå sig på combofix, förståer inte när jag ser en combofix log lr finns det någon sida man kan läsa om combofix och lära sig läsa av den?
  10. Okej du ska ha ett stort tack för din hjälp och tid du lagt ner poäng till dig
  11. Joop + att nyare batterier är väldigt tåliga och slits inte i första taget, förr var det viktigt att ladda ur/ladda upp helt men idag är det andra bullar. så om det inte är helt färdigladdat så spelar det ingen roll för du kommer ändå inte märka någon större skillnad, dock på lång sikt kanske du märker en marginel skillnad..
  12. Okej det är gjort nu, "C:\Program\DeluxeCommonucations\" hittade jag inte på C:\ men jag bockade i den i hijack. Här är en ny hijack log efter omstart: [log]Logfile of HijackThis v1.99.1 Scan saved at 16:01:17, on 2006-10-03 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program\Winamp\winampa.exe C:\WINDOWS\system32\PROMon.exe C:\Program\NORTON~1\navapw32.exe C:\Program\Norton Internet Security\IAMAPP.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe C:\Documents and Settings\Compaq\Start-meny\Program\Autostart\GameMinimizer.exe C:\Program\Norton AntiVirus\navapsvc.exe C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\Program\Compaq\EASYAC~1\BttnServ.exe C:\Program\Norton Internet Security\NISUM.EXE C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program\Norton Internet Security\SymProxySvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program\Norton Internet Security\NISSERV.EXE C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe C:\Program\Delade filer\Teleca Shared\Generic.exe C:\Program\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe C:\Program\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\Internet Explorer\iexplore.exe D:\virus\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac'>http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=041d&s=search&ap=b204 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NAV Agent] C:\Program\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [iamapp] C:\Program\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "C:\Program\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - Startup: GameMinimizer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program\Norton Internet Security\NISUM.EXE O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe [/log] MVH Filip
  13. Okej. här är en ny hijacklog från samma konto som combofix logen: [log]Logfile of HijackThis v1.99.1 Scan saved at 23:52:55, on 2006-10-02 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program\Winamp\winampa.exe C:\WINDOWS\system32\PROMon.exe C:\Program\NORTON~1\navapw32.exe C:\Program\Norton Internet Security\IAMAPP.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Personal\bin\Personal.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\Documents and Settings\Compaq\Start-meny\Program\Autostart\GameMinimizer.exe C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe C:\Program\Norton AntiVirus\navapsvc.exe C:\Program\Compaq\EASYAC~1\BttnServ.exe C:\Program\Norton Internet Security\NISUM.EXE C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program\Norton Internet Security\SymProxySvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program\Norton Internet Security\NISSERV.EXE C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe C:\Program\Delade filer\Teleca Shared\Generic.exe C:\Program\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe C:\Program\Messenger\msmsgs.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\DAEMON Tools\daemon.exe C:\Program\DC++\DCPlusPlus.exe D:\virus\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac'>http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=041d&s=search&ap=b204 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NAV Agent] C:\Program\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [iamapp] C:\Program\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "C:\Program\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [bullGuard] "C:\Program\BullGuard Software\BullGuard\bullguard.exe" O4 - HKCU\..\Run: [Oibr] "C:\Program\STEM32~1\winlogon.exe" -vt yazb O4 - HKCU\..\Run: [Emwjrw] C:\Documents and Settings\Compaq\Mina dokument\??sks\r?ndll.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program\DeluxeCommunications\Dxc.exe O4 - Startup: GameMinimizer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program\Norton Internet Security\NISUM.EXE O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe [/log] Är väldigt tacksam för hjälpen
  14. Tjaa! öppna burken och damma ur ordentligt, damma av grafikkortsfläkten och fläkten till prosessorn det kan göra underverk, damma in bara på den synliga fläkten du ser utifrån
  15. Jag har haft samma problem, men jag har inte orkat lägga ner tid på det så jag har bara avinstalerat och sedan instalerat om skrivaren ( om du har cd-skiva till) men finns säkert bättre lösningar det har iaf fungerat för mig..
  16. filipt

    Hej hallå

    Ah tack för hjälpen "regcleaner" hjälpte
  17. Ja hijack logen är från det kontot som krånglade (verkar bete sig normalt nu), har kört en ny combofix och här är logen: [log]Compaq - 06-10-02 23:05:01,21 Service Pack 2 ComboFix 06.09.27 - Running from: "D:\virus" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\QooBox\Purity\Documents and Settings\Compaq\Mina dokument\MBOLS~1 C:\QooBox\Purity\Documents and Settings\Compaq\Mina dokument\SKS~1 C:\QooBox\Purity\Documents and Settings\Compaq\Mina dokument\SKS~1\r?ndll.exe C:\QooBox\Purity\Program\STEM32~1 C:\QooBox\Purity\Program\STEM~1 C:\QooBox\Purity\Program\STEM32~1\??stem32 ((((((((((((((((((((((((((((((( Files Created from 2006-09-02 to 2006-10-02 )))))))))))))))))))))))))))))))))) 2006-09-11 00:25 368,912 --a------ C:\WINDOWS\system32\Vbar332.dll 2006-09-11 00:25 252,176 --a------ C:\WINDOWS\system32\Msrd2x35.dll 2006-09-11 00:25 24,848 --a------ C:\WINDOWS\system32\Msjter35.dll 2006-09-11 00:25 142,608 --a------ C:\WINDOWS\system32\Msjint35.dll 2006-09-11 00:25 1,056,768 --a------ C:\WINDOWS\system32\Msjet35.dll 2006-09-11 00:24 796,672 --a------ C:\WINDOWS\GPInstall.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-02 22:52 -------- d-------- C:\Program\Delade filer\Symantec Shared 2006-10-02 22:52 -------- d-------- C:\Program\Delade filer 2006-10-02 22:46 -------- d-------- C:\Program\Norton Internet Security 2006-10-02 10:40 -------- d-------- C:\Program\DC++ 2006-10-01 23:25 -------- d-------- C:\Program\TPTEST5 2006-10-01 23:24 -------- d-------- C:\Program\Hijackthis 2006-10-01 23:24 -------- d-------- C:\Program\Call of Duty 2006-10-01 23:13 -------- d-------- C:\Program\Symantec 2006-10-01 23:07 -------- d-------- C:\Documents and Settings\Compaq\Application Data\Teleca 2006-10-01 18:27 -------- d-------- C:\Program\Sony Ericsson 2006-10-01 18:27 -------- d-------- C:\Program\Delade filer\Teleca Shared 2006-10-01 18:03 -------- d-------- C:\Program\Delade filer\Softwin 2006-09-27 23:47 -------- d-------- C:\Program\Compaqnet SE 2006-09-27 23:28 0 --a------ C:\Documents and Settings\Compaq\Application Data\t9.tmp 2006-09-27 23:16 0 --a------ C:\Documents and Settings\Compaq\Application Data\tF.tmp 2006-09-27 22:06 -------- d-------- C:\Program\RegistryFix 2006-09-26 16:33 0 --a------ C:\Documents and Settings\Compaq\Application Data\tD.tmp 2006-09-25 21:38 0 --a------ C:\Documents and Settings\Compaq\Application Data\t5A.tmp 2006-09-25 21:30 0 --a------ C:\Documents and Settings\Compaq\Application Data\t57.tmp 2006-09-25 17:30 0 --a------ C:\Documents and Settings\Compaq\Application Data\tC.tmp 2006-09-25 01:16 0 --a------ C:\Documents and Settings\Compaq\Application Data\t37.tmp 2006-09-25 01:12 0 --a------ C:\Documents and Settings\Compaq\Application Data\t2D.tmp 2006-09-25 01:12 -------- d-------- C:\Program\PartyGaming 2006-09-25 01:03 0 --a------ C:\Documents and Settings\Compaq\Application Data\t17.tmp 2006-09-24 23:44 -------- d-------- C:\Program\DAEMON Tools 2006-09-24 22:19 455 --a------ C:\Program\INSTALL.LOG 2006-09-24 02:08 -------- d-------- C:\Program\MSN Messenger 2006-09-22 12:05 -------- d-------- C:\Documents and Settings\Compaq\Application Data\BullGuard 2006-09-22 11:10 -------- d-------- C:\Program\Personal 2006-09-21 23:28 -------- d-------- C:\Program\Delade filer\Microsoft Shared 2006-09-21 22:38 -------- d-------- C:\Documents and Settings\Compaq\Application Data\MSN6 2006-09-15 22:52 91904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2006-09-15 22:52 124016 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2006-09-11 00:25 -------- d-------- C:\Program\Pro Music 2006-08-30 19:30 -------- d-------- C:\Program\Delade filer\InstallShield 2006-08-21 23:11 -------- d-------- C:\Documents and Settings\Compaq\Application Data\vlc 2006-08-21 14:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-08-21 11:14 128896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys 2006-08-11 03:02 -------- d-------- C:\Program\Internet Explorer 2006-07-27 15:26 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-07-21 10:30 72704 --a------ C:\WINDOWS\system32\hlink.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="\"C:\\Program\\MSN Messenger\\msnmsgr.exe\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "Steam"="\"C:\\Program\\Valve\\Steam\\Steam.exe\" -silent" "BullGuard"="\"C:\\Program\\BullGuard Software\\BullGuard\\bullguard.exe\"" "Oibr"="\"C:\\Program\\STEM32~1\\winlogon.exe\" -vt yazb" "Emwjrw"="C:\\Documents and Settings\\Compaq\\Mina dokument\\??sks\\r?ndll.exe" "MSMSGS"="\"C:\\Program\\Messenger\\msmsgs.exe\" /background" "DeluxeCommunications"="C:\\Program\\DeluxeCommunications\\Dxc.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WINDVDPatch"="CTHELPER.EXE" "WinampAgent"="C:\\Program\\Winamp\\winampa.exe" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "Symantec NetDriver Monitor"="C:\\Program\\SYMNET~1\\SNDMon.exe /Consumer" "srmclean"="C:\\Cpqs\\Scom\\srmclean.exe" "PROMon.exe"="PROMon.exe" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "NAV Agent"="C:\\Program\\NORTON~1\\navapw32.exe" "Jet Detection"="C:\\Program\\Creative\\SBAudigy\\PROGRAM\\ADGJDet.exe" "iamapp"="C:\\Program\\Norton Internet Security\\IAMAPP.EXE" "HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb05.exe" "DAEMON Tools"="\"C:\\Program\\DAEMON Tools\\daemon.exe\" -lang 1033" "CPQEASYACC"="C:\\Program\\COMPAQ\\Easy Access Button Support\\StartEAK.exe" "AdaptecDirectCD"="\"C:\\Program\\Roxio\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\"" @="" "Sony Ericsson PC Suite"="\"C:\\Program\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Compaq] "SetRefresh"="C:\\Program\\Compaq\\SetRefresh\\SetRefresh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Min aktuella startsida" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,c4,02,00,00,00, 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02, 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02, 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] @="" "NoDriveTypeAutoRun"=hex:5f,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Norton AntiVirus - S”k igenom datorn.job C:\WINDOWS\tasks\Symantec NetDetect.job Completion time: 2006-10-02 23:05:51.93 ComboFix.txt ComboFix2.txt [/log] Förstår mig inte på LOG lr hur man målar ibland fungrar det och ibland inte nu får jag iaf itne till det :S MVH Filip Lagt in LOG-taggar Cecilia - Moderator för Virus - Antivirus [inlägget ändrat 2007-05-28 15:24:58 av Cecilia]
  18. Hej igen! Det verkar ha löst sig, datorn beter sig normalt igen och du ska ha ett väldigt STORT tack för all hjälp du gett mig + att jag lärt mig väldigt mkt. Jag skickar iaf med en hijack log som jag tog nyss. [log] Logfile of HijackThis v1.99.1 Scan saved at 23:07:55, on 2006-10-01 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe C:\Program\Norton AntiVirus\navapsvc.exe C:\Program\Norton Internet Security\NISUM.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program\Norton Internet Security\SymProxySvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program\Norton Internet Security\NISSERV.EXE C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program\Winamp\winampa.exe C:\WINDOWS\system32\PROMon.exe C:\Program\NORTON~1\navapw32.exe C:\Program\Norton Internet Security\IAMAPP.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\Program\DAEMON Tools\daemon.exe C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program\Hijackthis\HijackThis.exe C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE C:\Program\Delade filer\Teleca Shared\CapabilityManager.exe C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE C:\Program\Valve\Steam\Steam.exe C:\Program\Compaq\EASYAC~1\BttnServ.exe C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\Program\Personal\bin\Personal.exe C:\Documents and Settings\Compaq\Start-meny\Program\Autostart\GameMinimizer.exe C:\Program\Messenger\msmsgs.exe C:\Program\Delade filer\Teleca Shared\Generic.exe C:\Program\Sony Ericsson\Mobile2\Connection Wizard\ConnectionWizard.exe C:\Program\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac'>http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=041d&s=search&ap=b204 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NAV Agent] C:\Program\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [iamapp] C:\Program\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "C:\Program\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [bullGuard] "C:\Program\BullGuard Software\BullGuard\bullguard.exe" O4 - HKCU\..\Run: [Oibr] "C:\Program\STEM32~1\winlogon.exe" -vt yazb O4 - HKCU\..\Run: [Emwjrw] C:\Documents and Settings\Compaq\Mina dokument\??sks\r?ndll.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program\DeluxeCommunications\Dxc.exe O4 - Startup: GameMinimizer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program\Norton Internet Security\NISUM.EXE O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe [/log] MVH FILIP
  19. filipt

    Hej hallå

    Hej alla glada Jag har ett spel som inte går att ta bort. Jag har provar att avinstallera men den säger bara att programet andvänds och inte går att ta bort. spelet är "crackat" (om det nu har någon betydese) någon som vet hur man tar bort det? lr om man kan använda något program som tar bort det? MVH FILIP [inlägget ändrat 2006-10-01 23:42:13 av filipt]
  20. Okej nu har jag gjort det, men jag hittar inte "C:\WINDOWS\system32\prcbu.dll (file missing)" i loggen så den kunde jag inte bocka av, spelar det någon roll? Men datorn beter sig inte som den ska, alla popups är borta och datorn är mkt snabbare nu. MEN jag har två windows andvändare när jag går in på den jag är inne på nu så beter sig datorn normalt, men om jag loggar in på den andra användaren så blir den helt seg och stänger av sig själv varje gång så fort man kommit in. Vad kan det bero på? (båda andvändarna fungerar som anministratörer) Måste säga att du beskriver på ett mkt proffsigt sätt och är väldigt hjälpsam och det tackar jag för
  21. Okej, det är gjort nu i egenskaper för wnscpsv.exe hittade jag inget vettigt här kommer nya hijack loggen: [log]Logfile of HijackThis v1.99.1 Scan saved at 15:20:53, on 2006-09-30 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program\Winamp\winampa.exe C:\WINDOWS\system32\PROMon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\NORTON~1\navapw32.exe C:\Program\Norton Internet Security\IAMAPP.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe C:\Program\Softwin\BitDefender9\bdswitch.exe C:\Program\Softwin\BitDefender9\bdoesrv.exe C:\Program\Softwin\BitDefender9\bdnagent.exe C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program\BullGuard Software\BullGuard\BullGuardUpdate.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe C:\Program\Norton AntiVirus\navapsvc.exe C:\Program\Norton Internet Security\NISUM.EXE C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\Program\Compaq\EASYAC~1\BttnServ.exe C:\WINDOWS\System32\svchost.exe C:\Program\Norton Internet Security\SymProxySvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program\Norton Internet Security\NISSERV.EXE C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe C:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe C:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe C:\Program\Softwin\BitDefender9\vsserv.exe C:\Program\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR'>http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac'>http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=041d&s=search&ap=b204 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redirectors/presario/deskredir2.dll?s=consumer&ap=b201&c=1c02&lc=041d&ac R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file) O2 - BHO: (no name) - {3231A96B-1F89-4E27-A4DA-1243B312F5CF} - C:\WINDOWS\system32\prcbu.dll (file missing) O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NAV Agent] C:\Program\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [iamapp] C:\Program\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [bDSwitchAgent] "c:\program\softwin\bitdefender9\bdswitch.exe" O4 - HKLM\..\Run: [bDOESRV] "C:\Program\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "c:\program\softwin\bitdefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDMCon] "C:\Program\Softwin\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://promo.dollarrevenue.com/activex/promocache/313133352D2D2D.exe O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program\Delade filer\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program\BullGuard Software\BullGuard\BullGuardUpdate.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program\Delade filer\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program\Norton Internet Security\NISUM.EXE O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program\Delade filer\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) [/log] Väldigt tacksam för hjälpen poäng till dig!
  22. Oj såg just att dem inte blivit ordentligt scanade?? det står 0 i file size på några utav dem, ska jag scana om dem? lr har det ingen betydelse?
  23. STATUS: FINISHED Complete scanning result of "Dxcuknwrd.dll", received in VirusTotal at 09.28.2006, 16:05:10 (CET). Antivirus Version Update Result AntiVir n - no virus found Authentium n - no virus found Avast n - no virus found AVG n - no virus found BitDefender n - no virus found CAT-QuickHeal n - no virus found ClamAV n - no virus found DrWeb n - no virus found eTrust-InoculateIT n - no virus found eTrust-Vet n - no virus found Ewido n - no virus found Fortinet n - no virus found F-Prot n - no virus found F-Prot4 n - no virus found Ikarus n - no virus found Kaspersky n - no virus found McAfee n - no virus found Microsoft n - no virus found NOD32v2 n - no virus found Norman n - no virus found Panda n - no virus found Sophos n - no virus found Symantec n - no virus found TheHacker n - no virus found UNA n - no virus found VBA32 n - no virus found VirusBuster n - no virus found Aditional Information File size: 0 bytes MD5: d41d8cd98f00b204e9800998ecf8427e SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 STATUS: FINISHED Complete scanning result of "wnscpsv.exe", received in VirusTotal at 09.28.2006, 17:00:21 (CET). Antivirus Version Update Result AntiVir 7.2.0.18 09.28.2006 no virus found Authentium 4.93.8 09.28.2006 no virus found Avast 4.7.892.0 09.27.2006 no virus found AVG 386 09.27.2006 no virus found BitDefender 7.2 09.28.2006 no virus found CAT-QuickHeal 8.00 09.28.2006 no virus found ClamAV devel-20060426 09.28.2006 no virus found DrWeb 4.33 09.28.2006 no virus found eTrust-InoculateIT 23.73.7 09.28.2006 no virus found eTrust-Vet 30.3.3104 09.28.2006 no virus found Ewido 4.0 09.28.2006 no virus found Fortinet 2.82.0.0 09.28.2006 no virus found F-Prot 3.16f 09.28.2006 no virus found F-Prot4 4.2.1.29 09.28.2006 no virus found Ikarus 0.2.65.0 09.28.2006 no virus found Kaspersky 4.0.2.24 09.28.2006 no virus found McAfee 4862 09.28.2006 no virus found Microsoft 1.1603 09.28.2006 no virus found NOD32v2 1.1781 09.28.2006 no virus found Norman 5.90.23 09.28.2006 no virus found Panda 9.0.0.4 09.27.2006 no virus found Sophos 4.10.0 09.28.2006 no virus found Symantec 8.0 09.28.2006 no virus found TheHacker 6.0.1.085 09.28.2006 no virus found UNA 1.83 09.27.2006 no virus found VBA32 3.11.1 09.28.2006 no virus found VirusBuster 4.3.7:9 09.28.2006 no virus found Aditional Information File size: 2 bytes MD5: 4f3dd0ffb3e41c5f74b5b0d8c1f10bb5 SHA1: e688cf7414fb701c4495010d43a4eaaaeac71768 VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity STATUS: FINISHED Complete scanning result of "prcbu.dll", received in VirusTotal at 09.28.2006, 22:09:44 (CET). Antivirus Version Update Result AntiVir 7.2.0.18 09.28.2006 ADSPY/PurityScan.AK.108 Authentium 4.93.8 09.28.2006 no virus found Avast 4.7.892.0 09.27.2006 Win32:Agent-RY AVG 386 09.27.2006 Adware Generic.QOU BitDefender 7.2 09.28.2006 no virus found CAT-QuickHeal 8.00 09.28.2006 no virus found ClamAV devel-20060426 09.28.2006 Trojan.PurityScan.AK eTrust-InoculateIT 23.73.7 09.28.2006 no virus found eTrust-Vet 30.3.3104 09.28.2006 Win32/Clspring!generic DrWeb 4.33 09.28.2006 no virus found Ewido 4.0 09.28.2006 Adware.PurityScan Fortinet 2.82.0.0 09.28.2006 Adware/ClickSpring F-Prot 3.16f 09.28.2006 no virus found F-Prot4 4.2.1.29 09.28.2006 no virus found Ikarus 0.2.65.0 09.28.2006 no virus found Kaspersky 4.0.2.24 09.28.2006 not-a-virus:AdWare.Win32.PurityScan.ak McAfee 4862 09.28.2006 potentially unwanted program Adware-ClickSpring Microsoft 1.1603 09.28.2006 no virus found NOD32v2 1.1781 09.28.2006 a variant of Win32/Adware.PurityScan Norman 5.80.02 09.28.2006 W32/PurityScan.ADW Panda 9.0.0.4 09.28.2006 Suspicious file Sophos 4.10.0 09.28.2006 no virus found Symantec 8.0 09.28.2006 no virus found TheHacker 6.0.1.085 09.28.2006 no virus found UNA 1.83 09.28.2006 no virus found VBA32 3.11.1 09.28.2006 AdWare.Win32.PurityScan.ak VirusBuster 4.3.7:9 09.28.2006 Adware.ClickSpring.Gen Aditional Information File size: 131072 bytes MD5: 79dc27fb954ef8830a386378a1f3675b SHA1: 018e3d077bff49f92a8c3a34917d93597f7bb26e STATUS: FINISHED Complete scanning result of "GPInstall.exe", received in VirusTotal at 09.28.2006, 23:46:09 (CET). Antivirus Version Update Result AntiVir 7.2.0.18 09.28.2006 no virus found Authentium 4.93.8 09.28.2006 no virus found Avast 4.7.892.0 09.27.2006 no virus found AVG 386 09.27.2006 no virus found BitDefender 7.2 09.28.2006 no virus found CAT-QuickHeal 8.00 09.28.2006 no virus found ClamAV devel-20060426 09.28.2006 no virus found DrWeb 4.33 09.28.2006 no virus found eTrust-InoculateIT 23.73.7 09.28.2006 no virus found eTrust-Vet 30.3.3104 09.28.2006 no virus found Ewido 4.0 09.28.2006 no virus found Fortinet 2.82.0.0 09.28.2006 no virus found F-Prot 3.16f 09.28.2006 no virus found F-Prot4 4.2.1.29 09.28.2006 no virus found Ikarus 0.2.65.0 09.28.2006 no virus found Kaspersky 4.0.2.24 09.28.2006 no virus found McAfee 4862 09.28.2006 no virus found Microsoft 1.1603 09.28.2006 no virus found NOD32v2 1.1781 09.28.2006 no virus found Norman 5.90.23 09.28.2006 no virus found Panda 9.0.0.4 09.28.2006 no virus found Sophos 4.10.0 09.28.2006 no virus found Symantec 8.0 09.28.2006 no virus found TheHacker 6.0.1.085 09.28.2006 no virus found UNA 1.83 09.28.2006 no virus found VBA32 3.11.1 09.28.2006 no virus found VirusBuster 4.3.7:9 09.28.2006 no virus found Aditional Information File size: 796672 bytes MD5: a75a03e2fe261297c3cbb128c32be3d8 STATUS: FINISHED Complete scanning result of "t5A.tmp", received in VirusTotal at 09.29.2006, 00:18:09 (CET). Antivirus Version Update Result AntiVir n - no virus found Authentium n - no virus found Avast n - no virus found AVG n - no virus found BitDefender n - no virus found CAT-QuickHeal n - no virus found ClamAV n - no virus found DrWeb n - no virus found eTrust-InoculateIT n - no virus found eTrust-Vet n - no virus found Ewido n - no virus found Fortinet n - no virus found F-Prot n - no virus found F-Prot4 n - no virus found Ikarus n - no virus found Kaspersky n - no virus found McAfee n - no virus found Microsoft n - no virus found NOD32v2 n - no virus found Norman n - no virus found Panda n - no virus found Sophos n - no virus found Symantec n - no virus found TheHacker n - no virus found UNA n - no virus found VBA32 n - no virus found VirusBuster n - no virus found Aditional Information File size: 0 bytes MD5: d41d8cd98f00b204e9800998ecf8427e SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 STATUS: FINISHED Complete scanning result of "t2D.tmp", received in VirusTotal at 09.29.2006, 00:34:53 (CET). Antivirus Version Update Result AntiVir n - no virus found Authentium n - no virus found Avast n - no virus found AVG n - no virus found BitDefender n - no virus found CAT-QuickHeal n - no virus found ClamAV n - no virus found DrWeb n - no virus found eTrust-InoculateIT n - no virus found eTrust-Vet n - no virus found Ewido n - no virus found Fortinet n - no virus found F-Prot n - no virus found F-Prot4 n - no virus found Ikarus n - no virus found Kaspersky n - no virus found McAfee n - no virus found Microsoft n - no virus found NOD32v2 n - no virus found Norman n - no virus found Panda n - no virus found Sophos n - no virus found Symantec n - no virus found TheHacker n - no virus found UNA n - no virus found VBA32 n - no virus found VirusBuster n - no virus found Aditional Information File size: 0 bytes MD5: d41d8cd98f00b204e9800998ecf8427e SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Så ser det ut det är ju iaf en som inte är som den ska, hur ska jag åtgärda detta?
  24. Hoppas jag gjorde rätt nu.. gick inte att måla eller trycka på log då ville den itne posta de : S UPPSKATTAR VERKLIGEN HJÄLPEN
×
×
  • Skapa nytt...