Just nu i M3-nätverket
Gå till innehåll

Borsellini

Medlem
  • Antal inlägg

    9
  • Gick med

  • Senaste besök

    Aldrig
  1. Hej, Nästan varje gång jag försöker streama ljud eller video som kräver Media Player (har version 10) hänger sig webbläsaren (både Firefox och Explorer). Däremot funkar det alltid fint med Realplayer och quicktime. Har 100 Mb så det är verkligen inte där felet ligger och brandväggen är avstängd. Någon som kan hjälpa?
  2. Tack! Jag har tagit bort C:\WINDOWS\system32\nvsvcd.exe enligt dina instruktioner. Kan jag nu på något sätt kolla att allt skit försvunnit? S & D: [log]--- Search result list --- Windows Security Center.FirewallDisableNotify: Settings (Registry change, fixed) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0 Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, fixed) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0 --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2005-11-10 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2005-05-31 advcheck.dll (1.0.2.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2005-05-31 Tools.dll (2.0.0.2) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2006-01-27 Includes\Cookies.sbi (*) 2006-01-27 Includes\Dialer.sbi (*) 2006-01-27 Includes\Hijackers.sbi (*) 2006-01-27 Includes\Keyloggers.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2006-01-27 Includes\Malware.sbi (*) 2006-01-27 Includes\PUPS.sbi (*) 2006-01-27 Includes\Revision.sbi (*) 2006-01-27 Includes\Security.sbi (*) 2006-01-27 Includes\Spybots.sbi (*) 2005-02-17 Includes\Tracks.uti 2006-01-27 Includes\Trojans.sbi (*) --- System information --- Windows XP (Build: 2600) Service Pack 2 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / Step By Step Interactive Training / SP2: Säkerhetsuppdatering för Step by Step Interactive Training (KB898458) / Windows XP / SP3: Windows XP Hotfix - KB873339 / Windows XP / SP3: Windows XP Hotfix - KB883667 / Windows XP / SP3: Windows XP Hotfix - KB885250 / Windows XP / SP3: Windows XP Hotfix - KB885835 / Windows XP / SP3: Windows XP Hotfix - KB885836 / Windows XP / SP3: Windows XP Hotfix - KB886185 / Windows XP / SP3: Windows XP Hotfix - KB887472 / Windows XP / SP3: Windows XP Hotfix - KB887742 / Windows XP / SP3: Windows XP Hotfix - KB888113 / Windows XP / SP3: Windows XP Hotfix - KB888302 / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB890046) / Windows XP / SP3: Windows XP Hotfix - KB890859 / Windows XP / SP3: Windows XP Hotfix - KB891781 / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB893066) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB893756) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Uppdatering för Windows XP (KB894391) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896358) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896422) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896423) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896424) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896428) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896688) / Windows XP / SP3: Uppdatering för Windows XP (KB898461) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB899587) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB899591) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB900725) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB901017) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB901214) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB902400) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB904706) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB905414) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB905749) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB905915) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB908519) / Windows XP / SP3: Uppdatering för Windows XP (KB910437) / Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB912919) / Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221 --- Startup entries list --- Located: HK_LM:Run, ccApp command: "C:\Program\Delade filer\Symantec Shared\ccApp.exe" file: C:\Program\Delade filer\Symantec Shared\ccApp.exe size: 58992 MD5: 823c748837bf1f57f151bdb6035fb7b5 Located: HK_LM:Run, HPHUPD06 command: c:\Program\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe file: c:\Program\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe size: 49152 MD5: eca65cc095bd6d541a4798294f61e52a Located: HK_LM:Run, hpsysdrv command: c:\windows\system\hpsysdrv.exe file: c:\windows\system\hpsysdrv.exe size: 52736 MD5: 06a1ecb63df139ec639e084d4ab3c9d7 Located: HK_LM:Run, IgfxTray command: C:\WINDOWS\system32\igfxtray.exe file: C:\WINDOWS\system32\igfxtray.exe size: 155648 MD5: 8bbbada96ffe1449edd39256eda99cd8 Located: HK_LM:Run, NvCplDaemon command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE size: 33280 MD5: 67feedf5974c7a4511bdb23c0ade34f2 Located: HK_LM:Run, NvMediaCenter command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE size: 33280 MD5: 67feedf5974c7a4511bdb23c0ade34f2 Located: HK_LM:Run, Recguard command: C:\WINDOWS\SMINST\RECGUARD.EXE file: C:\WINDOWS\SMINST\RECGUARD.EXE size: 233472 MD5: 310f1e8a0781887ba1c217448c0e4d48 Located: HK_LM:Run, SiSPower command: Rundll32.exe SiSPower.dll,ModeAgent file: C:\WINDOWS\SYSTEM32\Rundll32.exe size: 33280 MD5: 67feedf5974c7a4511bdb23c0ade34f2 Located: HK_LM:Run, Symantec NetDriver Monitor command: C:\Program\SYMNET~1\SNDMon.exe /Consumer file: C:\Program\SYMNET~1\SNDMon.exe size: 100056 MD5: f9418981ee4d7e995d359833adab59d5 Located: HK_LM:Run, UpdReg command: C:\WINDOWS\UpdReg.EXE file: C:\WINDOWS\UpdReg.EXE size: 90112 MD5: c419df63e0121d72411285780c2fc6cc Located: HK_CU:Run, MSMSGS command: "C:\Program\Messenger\msmsgs.exe" /background file: C:\Program\Messenger\msmsgs.exe size: 1694208 MD5: 74e6e96c6f0e2eca4edbb7f7a468f259 Located: Startup (disabled), Adobe Gamma Loader (DISABLED) command: C:\Program\DELADE~1\Adobe\CALIBR~1\ADOBEG~1.EXE file: C:\Program\DELADE~1\Adobe\CALIBR~1\ADOBEG~1.EXE size: 113664 MD5: c2ff17734176cd15221c10044ef0ba1a Located: Startup (disabled), HP Digital Imaging Monitor (DISABLED) command: C:\Program\HP\DIGITA~1\bin\hpqtra08.exe file: C:\Program\HP\DIGITA~1\bin\hpqtra08.exe size: 241664 MD5: 16e91805cc071039372ae0037aaa9a2b Located: Startup (disabled), NkbMonitor.exe (DISABLED) command: C:\Program\Nikon\PICTUR~1\NKBMON~1.EXE file: C:\Program\Nikon\PICTUR~1\NKBMON~1.EXE size: 118784 MD5: 8c920dfe944b0dce788db3cb0320b336 Located: System.ini, crypt32chain command: crypt32.dll file: crypt32.dll Located: System.ini, cryptnet command: cryptnet.dll file: cryptnet.dll Located: System.ini, cscdll command: cscdll.dll file: cscdll.dll Located: System.ini, igfxcui command: igfxsrvc.dll file: igfxsrvc.dll Located: System.ini, ScCertProp command: wlnotify.dll file: wlnotify.dll Located: System.ini, Schedule command: wlnotify.dll file: wlnotify.dll Located: System.ini, sclgntfy command: sclgntfy.dll file: sclgntfy.dll Located: System.ini, SensLogn command: WlNotify.dll file: WlNotify.dll Located: System.ini, termsrv command: wlnotify.dll file: wlnotify.dll Located: System.ini, WgaLogon command: WgaLogon.dll file: WgaLogon.dll Located: System.ini, wlballoon command: wlnotify.dll file: wlnotify.dll --- Browser helper object list --- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class) BHO name: CLSID name: AcroIEHlprObj Class description: Adobe Acrobat reader classification: Legitimate known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll info link: http://www.adobe.com/products/acrobat/readstep2.html info source: TonyKlein Path: C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX Long name: AcroIEHelper.dll Short name: ACROIE~1.DLL Date (created): 2003-11-03 21:17:44 Date (last access): 2006-01-27 18:21:12 Date (last write): 2003-11-03 21:17:44 Filesize: 54248 Attributes: archive MD5: FC7850324464E4D19A24A03D882B5CC4 CRC32: 452E8571 Version: 6.0.1.1091 {53707962-6F74-2D53-2644-206D7942484F} () BHO name: CLSID name: description: Spybot-S&D IE Browser plugin classification: Legitimate known filename: SDhelper.dll info link: http://spybot.eon.net.au/ info source: Patrick M. Kolla Path: C:\Program\SPYBOT~1 Long name: SDHelper.dll Short name: Date (created): 2005-11-10 22:58:36 Date (last access): 2006-01-27 17:33:36 Date (last write): 2005-05-31 01:04:00 Filesize: 853672 Attributes: archive MD5: 250D787A5712D7768DDC133B3E477759 CRC32: D4589A41 Version: 1.4.0.0 {9ECB9560-04F9-4bbc-943D-298DDF1699E1} (Norton Internet Security) BHO name: Norton Internet Security CLSID name: CNisExtBho Class description: NIS 2004, classification: Legitimate known filename: NISShExt.dll info link: http://www.symantec.com/sabu/nis/nis_pe/ info source: TonyKlein Path: C:\Program\Delade filer\Symantec Shared\AdBlocking Long name: NISShExt.dll Short name: Date (created): 2004-09-15 18:06:12 Date (last access): 2006-01-27 18:06:40 Date (last write): 2004-09-15 18:06:12 Filesize: 103552 Attributes: archive MD5: AB001D62CB2C4B6E238511AFCE9361F5 CRC32: F21FE1C6 Version: 8.0.0.64 {BDF3E430-B101-42AD-A544-FADC6B084872} (NAV Helper) BHO name: NAV Helper CLSID name: CNavExtBho Class description: Norton Antivirus classification: Legitimate known filename: NavShExt.dll info link: http://www.symantec.com/nav/nav_9xnt/ info source: TonyKlein Path: C:\Program\Norton Internet Security\Norton AntiVirus Long name: NAVSHEXT.DLL Short name: Date (created): 2004-09-08 10:53:12 Date (last access): 2006-01-27 17:33:36 Date (last write): 2005-11-29 14:25:30 Filesize: 218760 Attributes: archive MD5: AAE28767F9AC6A32697765AA97F5AFC9 CRC32: E0C3B14A Version: 11.0.16.2 --- ActiveX list --- {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) DPF name: CLSID name: HouseCall Control Installer: C:\WINDOWS\Downloaded Program Files\xscan60.inf Codebase: http://housecall60.trendmicro.com/housecall/xscan60.cab'>http://housecall60.trendmicro.com/housecall/xscan60.cab description: classification: Legitimate known filename: xscan60.ocx info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\DOWNLO~1 Long name: xscan60.ocx Short name: Date (created): 2005-05-03 11:45:54 Date (last access): 2006-01-27 16:27:28 Date (last write): 2005-05-03 11:45:54 Filesize: 475190 Attributes: archive MD5: 145C288D55A91D6469223136EA93A406 CRC32: A36DBA2A Version: 6.0.0.1261 {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) DPF name: CLSID name: Windows Genuine Advantage Validation Tool Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf Codebase: http://go.microsoft.com/fwlink/?linkid=39204'>http://go.microsoft.com/fwlink/?linkid=39204 description: classification: Legitimate known filename: LegitCheckControl.DLL info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\system32 Long name: LegitCheckControl.dll Short name: LEGITC~1.DLL Date (created): 2005-07-12 18:04:22 Date (last access): 2006-01-27 18:11:56 Date (last write): 2005-11-09 11:30:32 Filesize: 534280 Attributes: archive MD5: 37B2092E98644ED842906D5B82754442 CRC32: EFFC266D Version: 1.4.393.0 {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) DPF name: CLSID name: ICSScannerLight Class Installer: C:\WINDOWS\Downloaded Program Files\ICSScannerLight.inf Codebase: http://download.zonelabs.com/bin/free/cm/ICSCM.cab'>http://download.zonelabs.com/bin/free/cm/ICSCM.cab description: classification: Open for discussion known filename: ICSScannerLight.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\Downloaded Program Files Long name: ICSScannerLight.dll Short name: ICSSCA~1.DLL Date (created): 2004-03-29 16:42:32 Date (last access): 2006-01-27 18:02:20 Date (last write): 2004-03-29 16:42:32 Filesize: 786432 Attributes: archive MD5: 1D9B3A211E5A3AE2BD77384A8A825410 CRC32: 6A70E9F6 Version: 1.0.5.1 {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) DPF name: CLSID name: Symantec AntiVirus scanner Installer: C:\WINDOWS\Downloaded Program Files\avsniff.inf Codebase: http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab'>http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab description: Symantec online scanner classification: Legitimate known filename: AVSNIFF.DLL info link: info source: Patrick M. Kolla Path: C:\WINDOWS\Downloaded Program Files Long name: avsniff.dll Short name: Date (created): 2005-11-17 14:03:22 Date (last access): 2006-01-27 18:02:18 Date (last write): 2005-11-17 14:03:22 Filesize: 202400 Attributes: archive MD5: BCE679811E5A7441A24C250803A87F26 CRC32: B9D953A5 Version: 2004.12.14.55 {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) DPF name: CLSID name: Symantec RuFSI Utility Class Installer: C:\WINDOWS\Downloaded Program Files\CabSA.inf Codebase: http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab'>http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab description: classification: Legitimate known filename: rufsi.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\Downloaded Program Files Long name: rufsi.dll Short name: Date (created): 2005-11-17 14:03:36 Date (last access): 2006-01-27 18:02:20 Date (last write): 2005-11-17 14:03:36 Filesize: 161480 Attributes: archive MD5: 1A3A17DEC5DB03CD99ADCF3DABD4A3D0 CRC32: A399EBC2 Version: 2004.6.23.42 {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) DPF name: CLSID name: F-Secure Online Scanner 2.1 Installer: Codebase: http://support.f-secure.com/ols/fscax.cab'>http://support.f-secure.com/ols/fscax.cab Path: C:\WINDOWS\Downloaded Program Files Long name: fscax.dll Short name: Date (created): 2005-12-08 15:29:02 Date (last access): 2006-01-27 18:02:20 Date (last write): 2005-12-08 15:29:02 Filesize: 652736 Attributes: archive MD5: C5C7A32B7BFBD919CDE78F340815DB26 CRC32: 3A1561D8 Version: 2.1.1.0 --- Process list --- PID: 0 ( 0) [system] PID: 552 ( 4) \SystemRoot\System32\smss.exe PID: 604 ( 552) \??\C:\WINDOWS\system32\csrss.exe PID: 628 ( 552) \??\C:\WINDOWS\SYSTEM32\winlogon.exe PID: 680 ( 628) C:\WINDOWS\system32\services.exe size: 108032 MD5: 0DF00535E2F5AEFAEAD3A800F75137AF PID: 692 ( 628) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: BA428312D9A0726E4C07C2037E882520 PID: 864 ( 680) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 22D8A75754B7B9ECC4753E3C09A56B18 PID: 928 ( 680) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 22D8A75754B7B9ECC4753E3C09A56B18 PID: 1008 ( 680) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 22D8A75754B7B9ECC4753E3C09A56B18 PID: 1056 ( 680) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 22D8A75754B7B9ECC4753E3C09A56B18 PID: 1152 ( 680) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 22D8A75754B7B9ECC4753E3C09A56B18 PID: 1204 ( 680) C:\Program\Delade filer\Symantec Shared\ccProxy.exe size: 235120 MD5: CAD1447217E90DFE6629989781B86A1A PID: 1232 ( 680) C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe size: 181872 MD5: 4BE62B29494D7E7A8910DD4017F2DB77 PID: 1260 ( 680) C:\Program\Norton Internet Security\ISSVC.exe size: 83584 MD5: 64BC5239264896C8D8FCE558CFBA029B PID: 1272 ( 680) C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe size: 206552 MD5: 443E397643965E08C5AB6A6CAA732B97 PID: 1432 ( 680) C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe size: 198256 MD5: 5CA41885BEC5BB5F2FAFB70AD300992B PID: 1552 (1512) C:\WINDOWS\Explorer.EXE size: 1032704 MD5: 87A3C8EAD27CF3591713D629D8BCB990 PID: 1860 ( 680) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F PID: 320 ( 680) C:\WINDOWS\system32\CTSvcCDA.EXE size: 44032 MD5: 3C8B6609712F4FF78E521F6DCFC4032B PID: 400 ( 680) c:\Program\Delade filer\LightScribe\LSSrvc.exe size: 38912 MD5: 75F8FDF480DBED5358188E0EAA2020D9 PID: 428 ( 680) C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe size: 177288 MD5: 1DDDD368C8BFD34892557AC8D5CF90E0 PID: 456 ( 680) C:\WINDOWS\system32\nvsvc32.exe size: 131139 MD5: A3B67AA9F60533557FD9141BCA9FA4A9 PID: 760 ( 680) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 22D8A75754B7B9ECC4753E3C09A56B18 PID: 988 ( 680) C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe size: 819352 MD5: F11341CD0D1DC5EFF5FEFFCC7424984E PID: 1088 ( 680) C:\WINDOWS\system32\wdfmgr.exe size: 38912 MD5: AB0A7CA90D9E3D6A193905DC1715DED0 PID: 1188 ( 680) C:\WINDOWS\system32\MsPMSPSv.exe size: 53520 MD5: 581176F60885AEF8F78C6E38DCC3CDF9 PID: 1400 ( 680) c:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe size: 316544 MD5: 67C5AF84809468061121FBCBECB19285 PID: 2308 ( 680) C:\WINDOWS\System32\alg.exe size: 44544 MD5: 674AD0546272F9ADB8028B9CA0D0658F PID: 2336 (1552) C:\windows\system\hpsysdrv.exe size: 52736 MD5: 06A1ECB63DF139EC639E084D4AB3C9D7 PID: 2436 (1552) C:\Program\Delade filer\Symantec Shared\ccApp.exe size: 58992 MD5: 823C748837BF1F57F151BDB6035FB7B5 PID: 3980 (1552) C:\Program\Spybot - Search & Destroy\SpybotSD.exe size: 4393096 MD5: 09CA174A605B480318731E691DC98539 PID: 4000 (1552) C:\Program\Mozilla Firefox\firefox.exe size: 7162979 MD5: F375D4684A1F72D279A7CFA7A5DE1A9C PID: 3676 ( 864) C:\Program\Messenger\msmsgs.exe size: 1694208 MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259 PID: 4 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 2006-01-27 18:28:27 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- Protocol 0: MSAFD Tcpip [TCP/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 1: MSAFD Tcpip [uDP/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 2: MSAFD Tcpip [RAW/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 3: RSVP UDP Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\rsvpsp.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Protocol 4: RSVP TCP Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\rsvpsp.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AD9F55DE-5EB8-4278-B163-184813051B60}] SEQPACKET 5 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AD9F55DE-5EB8-4278-B163-184813051B60}] DATAGRAM 5 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C25EFA7D-4378-474F-9888-758C39E356C2}] SEQPACKET 4 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C25EFA7D-4378-474F-9888-758C39E356C2}] DATAGRAM 4 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2A6F0F2E-F949-4853-826D-0831EB2D9051}] SEQPACKET 3 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2A6F0F2E-F949-4853-826D-0831EB2D9051}] DATAGRAM 3 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A4E6F39D-C2D2-4D68-8332-49EDAEC92C5B}] SEQPACKET 0 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A4E6F39D-C2D2-4D68-8332-49EDAEC92C5B}] DATAGRAM 0 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A919080A-EB70-449D-86F2-D0E03E1ACDAC}] SEQPACKET 1 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A919080A-EB70-449D-86F2-D0E03E1ACDAC}] DATAGRAM 1 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{78FE1FB3-0CC5-4458-9D42-1AA5B2D5D324}] SEQPACKET 2 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{78FE1FB3-0CC5-4458-9D42-1AA5B2D5D324}] DATAGRAM 2 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Namespace Provider 0: Tcpip GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B} Filename: %SystemRoot%\System32\mswsock.dll Description: Microsoft Windows NT/2k/XP TCP/IP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: TCP/IP Namespace Provider 1: NTDS GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC} Filename: %SystemRoot%\System32\winrnr.dll Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\winrnr.dll DB protocol: NTDS Namespace Provider 2: Namnområde för NLA (Network Location Awareness) GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} Filename: %SystemRoot%\System32\mswsock.dll Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: NLA-Namespace [/log] Hijack: [log]Logfile of HijackThis v1.99.1 Scan saved at 18:29:33, on 2006-01-27 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\Delade filer\Symantec Shared\ccProxy.exe C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe C:\Program\Norton Internet Security\ISSVC.exe C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTSvcCDA.EXE c:\Program\Delade filer\LightScribe\LSSrvc.exe C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\MsPMSPSv.exe c:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe C:\windows\system\hpsysdrv.exe C:\Program\Delade filer\Symantec Shared\ccApp.exe C:\Program\Mozilla Firefox\firefox.exe C:\Program\Messenger\msmsgs.exe C:\Program\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Unknown owner - C:\Program\iPod\bin\iPodService.exe (file missing) O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program\Delade filer\LightScribe\LSSrvc.exe O23 - Service: Norton AntiVirus Auto Protect-tjänst (navapsvc) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe [/log] [inlägget ändrat 2006-01-27 18:52:50 av Anders N]
  3. AntiVir Found Worm/IRCBot.NM.1 ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found Trojan.Boxed.C ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found Backdoor.Win32.IRCBot.nm NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found Backdoor.Win32.IRCBot.nm This is a report processed by VirusTotal on 01/27/2006 at 14:56:22 (CET) after scanning the file "nvsvcd.exe" file. Antivirus Version Update Result AntiVir 6.33.0.77 01.27.2006 Worm/IRCBot.NM.1 Avast 4.6.695.0 01.26.2006 no virus found AVG 718 01.27.2006 no virus found Avira 6.33.0.77 01.27.2006 Worm/IRCBot.NM.1 BitDefender 7.2 01.27.2006 Trojan.Boxed.C CAT-QuickHeal 8.00 01.27.2006 no virus found ClamAV devel-20051123 01.27.2006 no virus found DrWeb 4.33 01.27.2006 no virus found eTrust-InoculateIT 23.71.61 01.27.2006 no virus found eTrust-Vet 12.4.2058 01.27.2006 no virus found Ewido 3.5 01.27.2006 Backdoor.IRCBot.nm Fortinet 2.54.0.0 01.27.2006 no virus found F-Prot 3.16c 01.26.2006 no virus found Ikarus 0.2.59.0 01.27.2006 no virus found Kaspersky 4.0.2.24 01.27.2006 no virus found McAfee 4683 01.26.2006 no virus found NOD32v2 1.1382 01.27.2006 no virus found Norman 5.70.10 01.27.2006 no virus found Panda 9.0.0.4 01.27.2006 Trj/Agent.BAF Sophos 4.01.0 01.27.2006 no virus found Symantec 8.0 01.27.2006 no virus found TheHacker 5.9.3.082 01.27.2006 no virus found UNA 1.83 01.27.2006 Backdoor.IRCBot VBA32 3.10.5 01.27.2006 Backdoor.Win32.IRCBot.nm
  4. Ska genomföra en Italienresa i sommar med kameran i högsta hugg. Fotar helst i Raw-format (tar mycket plats. Minneskortet blir snabbt fyllt.) och behöver därför kunna överföra bilderna till någon form av extern hårddisk. Har hört att det ska finnas små, externa hårddiskar med en liten LCD-skärm med vilken man kan överföra bilder direkt från kameran till hårddisken via USB. Vad heter dem och kan ni rekommendera någon särskild?
  5. ...en gång för alla. Använder Spybot Search & Destroy, men dessa spyware återkommer ständigt så det verkar inte som att S & D lyckas ta bort dem. Spywaren heter "Fake.Wget", "Windows Security Center.AntivirusDisableNotify" och "Windows Security Center.FirewallDisableNotify" Körde en koll i hijackthis. Här är loggen: [log]Logfile of HijackThis v1.99.1 Scan saved at 16:02:06, on 2006-01-21 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\Delade filer\Symantec Shared\ccProxy.exe C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe C:\Program\Norton Internet Security\ISSVC.exe C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTSvcCDA.EXE c:\Program\Delade filer\LightScribe\LSSrvc.exe C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\MsPMSPSv.exe c:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe C:\windows\system\hpsysdrv.exe C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe C:\Program\Delade filer\Symantec Shared\ccApp.exe C:\WINDOWS\AGRSMMSG.exe C:\Program\Messenger\msmsgs.exe C:\Program\Mozilla Firefox\firefox.exe C:\Program\Spybot - Search & Destroy\SpybotSD.exe C:\Documents and Settings\HP_Ägaren\Lokala inställningar\Temp\wz2bf7\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q105&bd=pavilion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Unknown owner - C:\Program\iPod\bin\iPodService.exe (file missing) O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program\Delade filer\LightScribe\LSSrvc.exe O23 - Service: Norton AntiVirus Auto Protect-tjänst (navapsvc) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing) O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe [/log]
  6. Hej, jag har tänkt uppgradera minnet i datorn. Hur ser jag vilken minnestyp jag har?
  7. "Den personliga brandväggen" i Norton hänger sig så fort jag ska lägga till ett program i "tillåt". Jävligt frustrerande och mycket begränsande. Vad göra åt detta? Någon som har liknande erfarenheter?
  8. Tack så mycket för ditt svar. Körde dxdiag, inget var fel eller på annat sätt konstigt. Glömde att säga i mitt förra inlägg att spelet faktiskt startar ibland, förutsatt att man stänger av Norton. Vet verkligen inte varför det där meddelandet kommer fram och vad man kan göra åt det. Vill inte behöva stänga av Antivirusprogrammet varje gång jag ska spela spelet.
  9. Köpte Far Cry (ett datorspel) nyligen, men får det inte att starta. Har installerat den senaste patchen till både spelet och grafikkortet. Har en dator på 3,4 Ghz, Geforce 6800Gt 256mb, 2 Gig ram; borde alltså inte vara några som helst problem att få igång spelet. Men när det ska starta kommer ett meddelande upp från Norton Antivirus: "Varning: Far Cry.exe försöker ansluta till en DNS-server". Varefter jag väljer "tillåt anslutning". Men därefter händer inget och spelet vägrar starta. Använder Windows-brandväggen och har testat att lägga till Far Cry.exe under tillåt, utan resultat. Vad är en DNS-server och hur kan jag få det satans spelet att starta? Vore oerhört tacksam för ett svar /Christian
×
×
  • Skapa nytt...