Just nu i M3-nätverket
Gå till innehåll

Kenneth_Slite

Medlem
  • Antal inlägg

    43
  • Gick med

  • Senaste besök

Om Kenneth_Slite

  • Medlemstitel
    Användare
  • Födelsedag 1956-10-22

Kontaktinformation

  • Hemsida
    http://

Profil

  • Ort
    Slite
  1. Mitt problem är alltså att jag kopierade från kamerans minneskort (PC-formerat) till en Mac och sedan därifrån till ett USB. Filerna är hanterbara på Macen men när jag söker läsa filerna från USB i PC fungerar det inte. Jag uppfattar att Recoveryprogrammet återställer raderade filer, i mitt fall handlar det alltså om ett eventuellt konverteringsbehov, gissar jag. mvh Kenneth
  2. På den vackra ön Kanawa utanför Komodo, uppdagade jag att mitt minneskort var fullt. På ön fanns bara en Mac som jag använde för att tanka över filerna (CR2 filer RAW format från min Canon EOS 7d) från mitt minneskort till USB. Jag kollade extra noga att mina filer verkligen fanns på USBn innan minneskortet raderades. Idag kan jag se och titta på bilderna på Macen där de har rätt storlek, äver 20Mb. På min PC är filerna inte läsbara och upptar bara några kb. Så, hur gör jag för att kunna öppna och redigera filerna i RAW format på min PC? Mycket tacksam för hjälp! Kenneth
  3. Tack Zipp för all hjälp! Ska kolla allt lite noggrannare senare. Nu måste jag dock iväg. Mvh Kenneth
  4. Hej Nu gick det bättre! mbr loggfil; Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK
  5. Växeln , tillägget -f, accepteras inte. Samtidigt går det inte att påverka programmet när det väl har startats. Det betyder nog att programmet aldrig startats i -f läget, tror jag. Hur styr programmet att acceptera växeln? mvh K
  6. Har sökt mbr.exe och tagit bort. Installerat igen på skrivbordet och kört en gång. Loggfil nedan; Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully MBR rootkit code detected ! malicious code @ sector 0x950a600 size 0x1fd ! copy of MBR has been found in sector 62 ! MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.
  7. Ja Fast det verkar som det finns en kopia. Har kanske installerat det tidigare? Fick trixa en del för att få igång mbr.exe.
  8. Hej igen Har kört MBR m följande logg Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully MBR rootkit code detected ! malicious code @ sector 0x950a600 size 0x1fd ! copy of MBR has been found in sector 62 ! MBR rootkit infection detected ! Use: "mbr.exe -f" to fix
  9. Hej Loggen kommer här: Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully MBR rootkit code detected ! malicious code @ sector 0x950a600 size 0x1fd ! copy of MBR has been found in sector 62 ! MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.
  10. OK, Ska använda det i forts. Har du möjligen sett ngt i logfilerna som förklarar Advanced.... ? När jag tittat på egenskaperna till formuläret Advanced.. framgår en IP adress under rubr URL. ANtar det är mottagaren och man borde väl anmäla det till ngn. Polisen? Mvh Kenneth
  11. OK sent omsider fick jag comboFix att fungera. Bifogar logg. Mvh Kenneth [log]ComboFix 08-08-17.01 - KennethT 2008-08-17 23:50:27.3 - NTFSx86 NETWORK Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.750 [GMT 2:00] Running from: C:\Program\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-07-17 to 2008-08-17 ))))))))))))))))))))))))))))))) . 2008-08-17 23:32 . 2008-08-17 23:32 <KAT> d C:\WINDOWS\system32\config\systemprofile\Lokala instõllningar 2008-08-17 23:32 . 2008-08-17 23:32 <KAT> d C:\Documents and Settings\NetworkService.NT INSTANS\Lokala instõllningar 2008-08-17 23:32 . 2008-08-17 23:32 <KAT> d C:\Documents and Settings\LocalService.NT INSTANS\Lokala instõllningar 2008-08-17 23:32 . 2008-08-17 23:32 <KAT> d C:\Documents and Settings\KennethT\Lokala instõllningar 2008-08-17 23:32 . 2008-08-17 23:32 <KAT> d C:\Documents and Settings\Default User.WINDOWS\Lokala instõllningar 2008-08-17 23:32 . <KAT> C:\Documents and Settings\+sa 2008-08-17 23:07 . 2008-08-17 22:46 2,718,447 -ra C:\Program\ComboFix.exe 2008-08-17 16:21 . 2008-08-17 16:21 <KAT> d C:\Program\Malwarebytes' Anti-Malware 2008-08-17 16:21 . 2008-08-17 16:21 <KAT> d C:\Documents and Settings\KennethT\Application Data\Malwarebytes 2008-08-17 16:21 . 2008-08-17 16:21 <KAT> d C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes 2008-08-17 16:21 . 2008-07-30 20:07 38,472 a C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-17 16:21 . 2008-07-30 20:07 17,144 a C:\WINDOWS\system32\drivers\mbam.sys 2008-08-10 22:49 . 2005-01-14 02:41 11,254 a C:\WINDOWS\system32\locate.com 2008-08-10 22:46 . 2008-08-10 22:46 <KAT> d C:\Program\ISeeYouXP 2008-08-10 21:45 . 2008-08-10 21:46 <KAT> d C:\Program\ATF Cleaner 2008-08-09 15:31 . 2008-08-09 15:31 <KAT> d C:\ISeeYouXP 2008-08-09 15:26 . 2008-08-10 22:43 <KAT> d C:\Program\ExplorerXP 2008-08-09 15:20 . 2008-08-11 00:39 <KAT> d C:\Program\a-squared Free 2008-08-09 15:20 . 2008-08-09 15:20 <KAT> d C:\!KillBox 2008-08-09 13:50 . 2008-08-09 13:50 <KAT> d C:\Program\a-squared HiJackFree 2008-08-09 13:48 . 2008-08-09 13:48 <KAT> d C:\Program\Trend Micro 2008-08-03 18:32 . 2008-08-03 18:32 <KAT> d C:\Documents and Settings\KennethT\Application Data\Leadertech 2008-07-27 23:08 . 2008-07-27 23:08 <KAT> d C:\Program\Data Doctor Recovery Pen Drive (Demo) 2008-07-20 01:16 . 2008-07-20 01:16 <KAT> d C:\Program\Sun . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-17 21:17 - d-w C:\Program\Norton Internet Security 2008-08-03 20:53 30,319 a-w C:\Program\GRAFTEST.EXE 2008-07-19 23:15 - d-w C:\Program\Java 2008-07-19 22:15 - d-w C:\Program\DivX 2008-07-19 21:51 - d-w C:\Documents and Settings\KennethT\Application Data\ZoomBrowser EX 2008-06-29 20:43 - d-w C:\Documents and Settings\LocalService.NT INSTANS\Application Data\Personal 2008-06-18 17:52 161,096 a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-06-11 00:07 524,288 a-w C:\WINDOWS\system32\DivXsm.exe 2008-06-11 00:07 3,596,288 a-w C:\WINDOWS\system32\qt-dx331.dll 2008-06-11 00:04 200,704 a-w C:\WINDOWS\system32\ssldivx.dll 2008-06-11 00:04 1,044,480 a-w C:\WINDOWS\system32\libdivx.dll 2008-06-02 06:40 83,584 a-w C:\Documents and Settings\KennethT\Application Data\GDIPFONTCACHEV1.DAT 2008-05-22 22:18 12,288 a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2007-10-21 12:56 13,411,824 a-w C:\Program\Google_Earth_BZXV.exe 2007-02-04 23:15 777,530 a-w C:\Program\Ritningar.mpf 2007-02-04 23:15 337,047 a-w C:\Program\Ritningar.mpd 2007-01-19 21:48 2,097,920 a-w C:\Program\MPLABsmt.dat 2006-09-18 06:34 1,239,066 a-w C:\Program\WINISO53.EXE 2006-03-12 15:06 8,819,920 a-w C:\Program\ssf-snr-c-setup4259_1855040494.exe 2005-12-04 15:53 65 a-w C:\Program\Delade filer\appop.log 2005-11-14 12:12 3,227 a-w C:\Program\uninstal.log 2005-01-15 21:53 156,049 a-w C:\Program\scope3.zip 2004-06-15 22:13 696,320 a-w C:\Program\Geko201_250.exe 2004-03-01 09:58 561,424 a-w C:\Program\Delade filer\dao360.dll 2002-07-26 16:02 153,088 a-w C:\Program\UNWISE.EXE 2001-09-10 09:55 141,536 a-w C:\Program\Sw_rcsp.pdf 2001-09-10 09:36 138,861 a-w C:\Program\In_rcsp.pdf 2001-09-10 09:36 134,247 a-w C:\Program\La_rcsp.pdf 2001-09-10 09:36 127,777 a-w C:\Program\Ap_rcsp.pdf 2001-07-31 11:06 53,507 a-w C:\Program\amcap.exe 1998-05-14 22:00 73,184 a-w C:\Program\Delade filer\DAO2535.TLB 1998-04-26 21:00 570,128 a-w C:\Program\Delade filer\DAO350.DLL 1998-03-05 18:00 1,106,944 a-w C:\Program\CDLabel98.exe 1996-07-26 15:58 44,896 a-w C:\Program\VINDTEMP.EXE 1994-09-29 22:23 25,394 a-w C:\Program\RTLOLAT.EXE . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:34 15360] "Creative Detector"="C:\Program\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 18:23 102400] "swg"="C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-26 21:39 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-24 22:05 344064] "iamapp"="C:\Program\Norton Internet Security\IAMAPP.EXE" [2001-09-23 01:55 373888] "NAV Agent"="C:\Program\NORTON~2\navapw32.exe" [2001-09-10 12:24 74832] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "USBToolTip"="C:\Program\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" [2007-02-20 03:07 199752] "USB2Check"="C:\WINDOWS\system32\PCLECoInst.dll" [2004-04-06 20:05 61440] "M-Audio Taskbar Icon"="C:\WINDOWS\System32\M-AudioTaskBarIcon.exe" [2005-10-18 11:00 91136] "WinampAgent"="C:\Program\Winamp\winampa.exe" [2003-12-13 02:50 33792] "PCLEPCI"="C:\Program\Pinnacle\PPE\PPE.EXE" [2004-02-03 16:13 49152] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2006-08-24 10:53 282624] "RTHDCPL"="RTHDCPL.EXE" [2005-05-25 23:37 14477312 C:\WINDOWS\RTHDCPL.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 02:34 15360] "Spyware Doctor"="C:\Program\Spyware Doctor\swdoctor.exe" [2005-10-23 22:15 2076160] C:\Documents and Settings\All Users.WINDOWS\Start-meny\Program\AutostartM-Audio Ozone Control Panel Launcher.lnk - C:\Program\M-Audio Ozone\OZTask.exe [2003-01-31 20:34:50 98304] Personal.lnk - C:\Program\Personal\bin\Personal.exe [2008-02-24 21:19:41 894504] Windows Desktop Search.lnk - C:\Program\Windows Desktop Search\WindowsSearch.exe [2006-03-26 22:44:08 257752] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 13:11 233472] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.asv2"= asusasv2.dll "midi1"= usbnz1x1.dll "midi3"= usbnz1x1.dll "VIDC.MJPG"= Pvmjpg30.dll "VIDC.PIM1"= pclepim1.dll "VIDC.I420"= vdrcodec.dll "VIDC.MJPX"= PICVideo MJPEG Codec "msacm.ac3filter"= ac3filter.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Program^Autostart^Acrobat Assistant.lnk] backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start-meny^Program^Autostart^AutoCAD Startup Accelerator.lnk] backup=C:\WINDOWS\pss\AutoCAD Startup Accelerator.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^KennethT^Mina dokument^Start-meny^Program^Autostart^Handelsbankens säkerhetsprogram.lnk] backup=C:\WINDOWS\pss\Handelsbankens säkerhetsprogram.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^KennethT^Mina dokument^Start-meny^Program^Autostart^PowerReg SchedulerV2.exe] backup=C:\WINDOWS\pss\PowerReg SchedulerV2.exeStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] a 2005-06-06 23:46 57344 C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HeavyWeatherPublisher] a 2004-02-23 00:23 1302528 C:\Program\HeavyWeather\HeavyWeatherPublisher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] a 2006-02-23 16:45 278528 C:\Program\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] - 2005-09-16 17:41 1961984 C:\Program\Ahead\Nero BackItUp\NBJ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] a 2006-08-24 10:53 282624 C:\Program\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] a 2007-10-26 21:39 68856 C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] a 2005-01-21 03:47 270336 C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "mnmsrvc"=3 (0x3) "matlabserver"=2 (0x2) "iPodService"=3 (0x3) "gusvc"=3 (0x3) "CCALib8"=2 (0x2) "Autodesk Licensing Service"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program\\Shareaza\\Shareaza.exe"= "C:\\Program\\iTunes\\iTunes.exe"= "C:\\Program\\Messenger\\msmsgs.exe"= "C:\\WINDOWS\\system32\\mmc.exe"= "C:\\Program\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"= "C:\\Program\\SmartFTP Client 2.0\\SmartFTP.exe"= "C:\\Program\\Pinnacle\\Studio 10\\programs\\RM.exe"= "C:\\Program\\Pinnacle\\Studio 10\\programs\\Studio.exe"= "C:\\Program\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"= "C:\\Program\\Pinnacle\\Studio 10\\programs\\umi.exe"= "C:\\Program\\DC++\\DCPlusPlus.exe"= "C:\\Program\\Microsoft Office\\Office10\\FRONTPG.EXE"= "C:\\Program\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"= "C:\\PROGRAM FILES\\Real\\RealPlayer\\realplay.exe"= R0 ivicd;Ivi CDVD Filter Driver;C:\WINDOWS\system32\drivers\ivicd.sys [2005-01-12 07:29] S2 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2005-05-30 10:01] S2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;C:\Program\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 17:26] S2 NISSERV;Norton Internet Security Service;C:\Program\Norton Internet Security\NISSERV.EXE [2001-08-30 01:32] S3 iviudf;iviudf;C:\WINDOWS\system32\drivers\IviUdf.sys [2005-01-12 21:28] S3 ma763008;M-Audio Ozone;C:\WINDOWS\system32\drivers\MA763008.sys [2005-10-18 18:45] S3 MADFU008;MADFU008;C:\WINDOWS\system32\DRIVERS\MADFU008.sys [2005-10-18 18:46] S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-11-10 18:23] S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-11-10 18:23] S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-11-10 18:23] S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-11-10 18:23] S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-11-10 18:23] S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-11-10 18:23] S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-11-10 18:24] S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;C:\Program\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 17:23] S3 USBNZ1X1;M-Audio Ozone Midi;C:\WINDOWS\system32\drivers\usbnz1x1.sys [2005-06-22 11:37] S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [2004-07-06 20:56] *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder 2008-01-04 C:\WINDOWS\Tasks\Norton AntiVirus - Sök igenom datorn.job - C:\Program\NORTON~2\NAVW32.exe [2001-09-10 12:25] 2008-08-17 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program\Symantec\LiveUpdate\NDETECT.EXE [2001-08-08 16:29] . . - Supplementary Scan - . R0 -: HKCU-Main,Start Page = hxxp://web.telia.com/~u80901546/index.htm R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s O8 -: Add to AMV Converter... - C:\Program\MP3 Player Utilities 4.18\AMVConverter\grab.html O8 -: E&xport to Microsoft Excel - C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 -: {5CC384BB-1326-11D5-F4AE-00C04923F885} O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-17 23:54:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-08-18 0:02:36 ComboFix-quarantined-files.txt 2008-08-17 22:02:35 ComboFix2.txt 2008-08-17 21:32:31 Pre-Run: 12,573,859,840 byte ledigt Post-Run: 12,561,387,520 byte ledigt 213 [/log] Lagt till LOG-taggar När du har klistrat in en logg så var vänlig och markera loggen och tryck sedan på LOG-knappen som finns på samma rad som i inläggsfönstret. Cecilia - Moderator för Virus, skadliga program & botemedel [inlägget ändrat 2008-08-18 00:24:11 av Cecilia]
  12. OK, sorry för sent svar. Blev tvungen att skjutsa en yngre fotbollspelare. Loggen bifogas. Kenneth [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:43:59, on 2008-08-17 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe C:\Program\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program\Norton AntiVirus\navapsvc.exe C:\Program\Norton Internet Security\NISUM.EXE C:\Program\M-Audio\Ozone\Install\ozinst.exe C:\Program\Spyware Doctor\sdhelp.exe C:\WINDOWS\System32\svchost.exe C:\Program\Norton Internet Security\SymProxySvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program\Norton Internet Security\NISSERV.EXE C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program\Norton Internet Security\IAMAPP.EXE C:\Program\NORTON~2\navapw32.exe C:\WINDOWS\RTHDCPL.EXE C:\Program\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe C:\WINDOWS\System32\M-AudioTaskBarIcon.exe C:\Program\Winamp\winampa.exe C:\Program\Java\jre1.6.0_07\bin\jusched.exe C:\Program\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Creative\MediaSource\Detector\CTDetect.exe C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program\M-Audio Ozone\OZTask.exe C:\Program\Personal\bin\Personal.exe C:\Program\Windows Desktop Search\WindowsSearch.exe C:\Program\Windows Desktop Search\WindowsSearchIndexer.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program\a-squared Free\a2service.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Corel\Graphics9\Programs\capture.exe C:\Program\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\System32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web.telia.com/~u80901546/index.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program\Windows Desktop Search\dsWebAllow.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program\SPYWAR~2\tools\iesdpb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [iamapp] C:\Program\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [NAV Agent] C:\Program\NORTON~2\navapw32.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [uSBToolTip] "C:\Program\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" O4 - HKLM\..\Run: [uSB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [PCLEPCI] C:\Program\Pinnacle\PPE\PPE.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative Detector] C:\Program\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: M-Audio Ozone Control Panel Launcher.lnk = C:\Program\M-Audio Ozone\OZTask.exe O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Add to AMV Converter... - C:\Program\MP3 Player Utilities 4.18\AMVConverter\grab.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program\SPYWAR~2\tools\iesdpb.dll O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program\a-squared Free\a2service.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program\Norton Internet Security\NISUM.EXE O23 - Service: M-Audio Ozone Installer (OzoneInstallerService) - Nemesis - C:\Program\M-Audio\Ozone\Install\ozinst.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program\Spyware Doctor\sdhelp.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe -- End of file - 10002 bytes[/log]
×
×
  • Skapa nytt...