Tack för alla svar allihopa!
Datorn har blivit extremt seg sen viruset kom och det är svårt att göra något överhuvudtaget. Varje gång jag startar datorn så har viruset avaktiverat min brandvägg och min "auto-protection" i Norton. Det går inte att aktivera Norton igen.
Jag har partioner av mina hårddiskar. Skulle det funka att rensa C: bara och installera om allt? Vågar man isåfall flytta saker från C: till dom andra partionerna eller följer viruset med då?
Bifogar en logg från HijackThis som "Orca69" tyckte att jag skulle göra. Vet inte om det är rätt och jag fattar noll av vad som står.
Logfile of HijackThis v1.99.1
Scan saved at 16:31:21, on 2006-11-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\MusicMatch\MusicMatch Jukebox\mm_tray.exe
C:\Program\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\QuickTime\qttask.exe
C:\WINDOWS\inet20004\services.exe
C:\WINDOWS\system32\kernels1118.exe
C:\Program\Internet Explorer\iexplore.exe
C:\DOCUME~1\BOBBYG~1\LOKALA~1\Temp\29162\gm.exe
C:\Program\MSN Messenger\MsnMsgr.Exe
C:\Program\Skype\Phone\Skype.exe
C:\winstall.exe
c:\program\intern~1\iexplore.exe
C:\Program\MusicMatch\MusicMatch Jukebox\mim.exe
C:\Program\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\services.exe
C:\Program\MusicMatch\MusicMatch Jukebox\MMDiag.exe
C:\Program\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\aspi487511.exe
C:\WINDOWS\system32\msasvc.exe
C:\Program\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\$NtUninstallKB0753594$\kavss.exe
C:\Documents and Settings\Bobby Green\Skrivbord\hijackthis\HijackThis.exe
C:\WINDOWS\system32\maxd641.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.sporthoj.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
F3 - REG:win.ini: run=C:\WINDOWS\inet20004\services.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program\NewDotNet\newdotnet7_22.dll
O2 - BHO: (no name) - {75568803-1876-B761-E77A-3AF873298FC0} - C:\DOCUME~1\BOBBYG~1\APPLIC~1\TESTUP~1\ListCamp.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\sv\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\sv\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program\Delade filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MMTray] C:\Program\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MimBoot] C:\Program\MusicMatch\MusicMatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\Program\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [scrticklinkbook] C:\Documents and Settings\All Users\Application Data\Second Sixth Scr Tick\Grid Win.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20004\services.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels1118.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\system32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [ms] C:\DOCUME~1\BOBBYG~1\LOKALA~1\Temp\29162\gm.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [media ooze] C:\DOCUME~1\BOBBYG~1\APPLIC~1\blehball\curbdenthide.exe
O4 - HKCU\..\Run: [adobemgr] C:\WINDOWS\system32\adobemgr.exe
O4 - HKCU\..\Run: [Skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20004\services.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [WinMedia] C:\WINDOWS\system32\start28765500.exe
O4 - HKCU\..\Run: [Winsty] C:\WINDOWS\system32\start28767468.exe
O4 - HKCU\..\Run: [Winstc] C:\WINDOWS\system32\start28767468.exe
O4 - HKCU\..\Run: [Winstu] C:\WINDOWS\system32\start2180578.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by10fd.bay10.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1106514144435
O21 - SSODL: DCOM Server 2234 - {2C1CD3D7-86AC-4068-93BC-A02304BB2234} - C:\WINDOWS\system32\xkmbep.dll
O21 - SSODL: DCOM Server 2236 - {2C1CD3D7-86AC-4068-93BC-A02304BB2236} - C:\WINDOWS\system32\efdm.dll
O23 - Service: Microsoft ASPI Manager (aspi113210) - Unknown owner - C:\WINDOWS\system32\aspi487511.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe