mina

Medlemmer
  • Innholdsteller

    10
  • Ble med

  • Besøkte siden sist


Nettsamfunnsomdømme

0 ProPoeng

Om mina

  • Rang
    Nyansatt

mina sin aktivitet

  1. mina la til et emne i Annen programvare   

    Slap-tekster
    Har dere et tips om et irc script uten for mye fancy funksjoner, men som har endel fine slap-tekster?

    Med f.eks slike:

    Mina shoots fireworks for Ond^Sofa 4*~~~~~|#####> `';:*,.,*:;'` Ond^Sofa 12*~~~~~|#####> `';:*,.,*:;'` Ond^Sofa 3*~~~~~|#####> `';:*,.,*:;'`Ond^Sofa 4*~~~~~|#####> `';:*,.,*:;'`
    • 2 svar
    • visninger
  2. mina la til et innlegg i et emne Finner ikke viruset   

    Neeei..

    Systemgjennoppretting var ikke det lureste jeg kunne gjordt

    Stilte inn at jeg skulle opprette 5 dager tilbake i tid. Dessverre så er maskina så treg at systemgjennopprettingen låste seg halvveis! Til slutt slo datamaskina seg av selv. Vel.. nå får jeg ikke startet maskinen i det hele tatt. Den kommer forbi windowslogoen og der etter kommer det opp en luke om at systemgjennoppretting er ufullstendig. Maskinen vil ikke gå videre forbi dette puntet hverken i sikkerhetsmodus eller vanlig modus
    • 0
  3. mina la til et innlegg i et emne Finner ikke viruset   


    Jeg prøvde oppskriften din, men de internettvirusprogrammene ville ikke åpne seg hos meg pga noe rart med IE. I tillegg forsøkte jeg å kjøre de andre virusprogrammene i sikkerhetsmodus, men dette hjelpte ikke på problemet.

    Tar å forsøker systemgjennoppretting nå.
    • 0
  4. mina la til et innlegg i et emne Finner ikke viruset   


    Jeg har bare orginalprogram på pc'en samt det er lenge siden jeg har brukt msn.

    De største krumspringene jeg gjør på nettet er vg, travian og facebook... så skulle ikke tro jeg var så veldig utsatt for kjempe nasty virus

    Her er en ny HijackThis log:

    Logfile of HijackThis v1.99.1
    Scan saved at 01:56:20, on 05.09.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
    C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
    C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE
    C:\Programfiler\Norman\Npm\Bin\Zanda.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programfiler\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
    C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\fxssvc.exe
    c:\programfiler\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
    C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
    C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe
    C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Programfiler\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
    C:\Programfiler\Norman\Npm\bin\ZLH.EXE
    C:\Programfiler\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programfiler\Norman\Nvc\BIN\NIP.EXE
    C:\Programfiler\Norman\Nvc\bin\cclaw.exe
    C:\Programfiler\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\igfxext.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Programfiler\Webroot\Spy Sweeper\SSU.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\Linda Våge\Skrivebord\HijackThis.exe
    C:\Programfiler\Norman\Nvc\bin\NVCOA.EXE
    C:\Programfiler\Norman\Nvc\bin\nvcoas.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [EPM-DM] "c:\acer\Empowering Technology\ePower\epm-dm.exe"
    O4 - HKLM\..\Run: [Acer ePower Management] "C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"
    O4 - HKLM\..\Run: [PDUiP6000DMon] "C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe"
    O4 - HKLM\..\Run: [PDUiP6000DTskbr] "C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe"
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [uSBToolTip] "C:\Programfiler\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"
    O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
    O4 - HKLM\..\Run: [Easy SpyRemover] C:\Programfiler\Easy SpyRemover\EasySpyRemover.exe /smart
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [userFaultCheck] C:\WINDOWS\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [spySweeper] C:\Programfiler\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [uniblue RegistryBooster2] "C:\Programfiler\Uniblue\RegistryBooster 2\RegistryBooster.exe" /S
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/229?ca3c9cffa575446bacaaeeb0e575bc6b
    O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/230?ca3c9cffa575446bacaaeeb0e575bc6b
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O11 - Options group: [iNTERNATIONAL] International*
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1180972105750
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Programfiler\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
    O23 - Service: Norman NJeeves - Unknown owner - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: Canon PIXMA iP6000D Memory Card Manager (PDUiP6000DMemCrdMgr) - CANON INC. - C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\programfiler\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe
    • 0
  5. mina la til et innlegg i et emne Finner ikke viruset   


    Fjernet ene virusprogrammet, og det er ingen forandring i det hele tatt. PC'en er like ille.
    • 0
  6. mina la til et innlegg i et emne Finner ikke viruset   

    Da logget jeg meg på sikkerhetsmodus og da gikk maskinen knirkefritt. Ikke gikk viften for fult, den var rask og tastaturet fungerte. Dessverre så klarte jeg ikke å åpne de virusprogrammene på internett fordi det var noe feil med IE stod det. Så jeg kjørte heller en ny scann med Norman og NOD32, og da fant den litt småsnusk. Jeg restartet deretter maskinen i normal instilling. Dessverre så ble maskinen mye verre. Den bruke 15 min på å starte opp og da den endelig startet så kom opp over 40 melding om at "taskmgr.exe - programfeil". Det er umulig å gjøre noe som helt videre med den nå i normal mode.

    Så hva gjør jeg nå da? Jeg har mange filer/program på maskinen som er uerstattlige

    Systemgjennoppretting.. kan dette gjøres i sikkerhetsmodus? Og kan jeg stille maskinen 5 dager tilbake i tid uten å miste noe annet enn de 5 dagene?
    • 0
  7. mina la til et innlegg i et emne Finner ikke viruset   

    Takk for svar!

    Men hadde ikke dere kunne gitt meg en liste over hva jeg bør slette fra loggen? Jeg er redd jeg sletter noe viktig, samt det var bare stod det var en feil om var veldig Nasty.

    Resten av oppskriften skal jeg prøve til natta
    • 0
  8. mina la til et innlegg i et emne Finner ikke viruset   

    Nå burde jeg vel tatt et virussøk i sikkerhetsmodus først, men siden et søk tar minst 12 timer i denne tilstanden pc'n er i nå så tenkte jeg at jeg kunne ta det til natta. Så jeg prøvde den HijackThis først.

    Det ble litt veldig gresk for meg Hadde noen kanskje kunne sett på loggen?

    Logfile of HijackThis v1.99.1
    Scan saved at 20:13:54, on 04.09.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
    C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
    C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE
    C:\Programfiler\Norman\Npm\Bin\Zanda.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programfiler\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Programfiler\Eset\nod32krn.exe
    C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
    c:\programfiler\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
    C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
    C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe
    C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Programfiler\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
    C:\Programfiler\Norman\Npm\bin\ZLH.EXE
    C:\Programfiler\Eset\nod32kui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programfiler\WinZip\WZQKPICK.EXE
    C:\Programfiler\Norman\Nvc\BIN\NIP.EXE
    C:\WINDOWS\system32\igfxext.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Programfiler\Norman\Nvc\bin\cclaw.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Programfiler\Eset\nod32.exe
    C:\DOCUME~1\LINDAV~1\LOKALE~1\Temp\Rar$EX08.766\HijackThis.exe
    C:\Programfiler\Norman\Nvc\bin\nvcoas.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programfiler\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Programfiler\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programfiler\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programfiler\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programfiler\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [EPM-DM] "c:\acer\Empowering Technology\ePower\epm-dm.exe"
    O4 - HKLM\..\Run: [Acer ePower Management] "C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"
    O4 - HKLM\..\Run: [PDUiP6000DMon] "C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe"
    O4 - HKLM\..\Run: [PDUiP6000DTskbr] "C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe"
    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [uSBToolTip] "C:\Programfiler\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"
    O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
    O4 - HKLM\..\Run: [Easy SpyRemover] C:\Programfiler\Easy SpyRemover\EasySpyRemover.exe /smart
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [nod32kui] "C:\Programfiler\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [spySweeper] C:\Programfiler\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKCU\..\Run: [uniblue RegistryBooster2] "C:\Programfiler\Uniblue\RegistryBooster 2\RegistryBooster.exe" /S
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/229?ca3c9cffa575446bacaaeeb0e575bc6b
    O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/230?ca3c9cffa575446bacaaeeb0e575bc6b
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O11 - Options group: [iNTERNATIONAL] International*
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1180972105750
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Programfiler\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programfiler\Eset\nod32krn.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: Canon PIXMA iP6000D Memory Card Manager (PDUiP6000DMemCrdMgr) - CANON INC. - C:\Programfiler\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\programfiler\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe
    • 0
  9. mina la til et innlegg i et emne Finner ikke viruset   

    Hvordan starter jeg sikkerhetsmodus da?

    Når jeg trykker på nedlasting i linker du ga så gikk det ikke, men fikk opp denne feilmeldingen: Warning: include(language/lang-norw.php) [function.include]: failed to open stream: No such file or directory in /home/itpro/www/mainfile.php on line 105
    • 0
  10. mina la til et emne i Virus og antivirus   

    Finner ikke viruset
    Jeg har en Acer Aspire 1640z som har fungert utmerket helt frem til i går. Når jeg skulle slå på maskinen så gikk alt veldig tregt og jeg klarte ikke skrive på tastaturet eller bruke musen pga forsinkelsene. Heldigvis hadde jeg en trådløs mus om fungerte, så jeg har klart å gjøre endel ting.

    Jeg oppdaget fort at maskinen bruker 100% cpu, men det merkelige er at det ikke er noen spesifikk fil eller program som tar mesteparten. Det ser ut som det er mer fordelt utover.

    Først kjørte jeg Norman antivirus som fant 2 trojanere. Etter jeg fjernet dette så er maskinen fortsatt like ille. Etterpå kjørte jeg derfor spy sweeper med antivirus siden denne har fått gode tilbakemeldinger. Denne fant rundt 20 spy cookies, men ingen endring på maskinen. Til slutt har jeg nå kjørt full sweep med NOD32 uten resultat!

    Hva gjør jeg nå da? For det må vel være et virus eller noe siden makinen ble slik over natta?
    • 21 svar
    • visninger