mindre egenkapital

Magazine
Go Back   Computer Juice > Computer Software > Virus, spionprogrammer og sikkerhet
Reload this Page

Please help-datamaskinen kjører veldig treg, virus?

Registrer Site Spy Member List Donate Søke Dagens innlegg Marker forumene som lest Forum Rules

Register


 Default 

Please help-datamaskinen kjører veldig treg, virus?




Reply
Side 1 av 2 1 2
 
Thread Tools
  #1  
Old 26th Mar 2008, 15:42
New Member Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

HELLO - datamaskinen min etter de siste dagene har vært aktiv virkelig treg, jeg har kjørt Spybot, fant de en haug med ting og tilsynelatende ble kvitt den - men nå datamaskinen min er fremdeles trege .. Vennligst hjelp ... her er min HJT loggfilen ...
  #2  
Old 26th Mar 2008, 15:43
New Member Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

Logfile of HijackThis v1.99.1
Scan lagret 6:47:29 PM, on 3/26/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ PRISMSVC.EXE
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ PRISMSVR.EXE
C: \ WINDOWS \ ALCXMNTR.EXE
C: \ WINDOWS \ LTMSG.exe
C: \ WINDOWS \ system32 \ Spool \ drivers \ W32X86 \ 3 \ E_FATI9 FA.EXE
C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ Programfiler \ QuickTime \ QTTask.exe
C: \ Programfiler \ iTunes \ iTunesHelper.exe
C: \ Programfiler \ Adobe \ Adobe Photoshop Lightroom 1.2 \ apdproxy.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ BitTorrent \ bittorrent.exe
C: \ Programfiler \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programfiler \ Dell Wireless \ PRISMCFG.exe
C: \ Program Files \ LimeWire \ LimeWire.exe
C: \ Programfiler \ Stardock \ ObjectDock \ ObjectDock.exe
C: \ Programfiler \ Mozilla Firefox \ firefox.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ Documents and Settings \ neven \ Skrivebord \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.finderg.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Programfiler \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / installquiet / keeploaded / nodetect
O4 - HKLM \ .. \ Run: [LTMSG] LTMSG.exe 7
O4 - HKLM \ .. \ Run: [EPSON Stylus Photo R320 Series] C: \ WINDOWS \ system32 \ Spool \ drivers \ W32X86 \ 3 \ E_FATI9 FA.EXE / P30 "EPSON Stylus Photo R320 Series" / O6 "USB002" / M "Stylus Photo R320"
O4 - HKLM \ .. \ Run: [ProfileWatcher] C: \ Programfiler \ ProfileWatcher \ profilewatcher.exe
O4 - HKLM \ .. \ Run: [avast!] C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Programfiler \ Adobe \ Adobe Photoshop Lightroom 1.2 \ apdproxy.exe"
O4 - HKCU \ .. \ Run: [Yahoo! Personsøker] C: \ progra ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe stille
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent] "C: \ Programfiler \ BitTorrent \ bittorrent.exe" - force_start_minimized
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Programfiler \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - Startup: LimeWire On Startup.lnk = C: \ Program Files \ LimeWire \ LimeWire.exe
O4 - Startup: Stardock ObjectDock.lnk = C: \ Programfiler \ Stardock \ ObjectDock \ ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk =?
O8 - Extra sammenheng menyelement: & Search -? P = ZK
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ Programfiler \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra "Verktøy" MENUITEM: Spybot - Search & & Destroy Configuration - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ Programfiler \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra knappen: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Programfiler \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: (200B3EE9-7242-4EFD-B1E4-D97EE825BA53) (VerifyGMN klasse) -- http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) --
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Klassifikasjon) -- http://update.microsoft.com/windowsu...?1162589752500
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasse) -- http://update.microsoft.com/microsof...?1162829153500
O16 - DPF: (AB86CE53-AC9F-449F-9399-D8ABCA09EC09) (Get_ActiveX Control) -- https: / / h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: (D18F962A-3722-4B59-B08D-28BB9EB2281E) (PhotosCtrl klasse) -- http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: PRISMAPI.DLL - C: \ WINDOWS \ system32 \ PRISMAPI.DLL
O20 - Winlogon Notify: PRISMGNA.DLL - C: \ WINDOWS \ system32 \ PRISMGNA.DLL
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ system32 \ WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programfiler \ Fellesfiler \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C: \ Programfiler \ Alwil Software \ Avast4 \ ashMaiSv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Programfiler \ Fellesfiler \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: hpdj - Unknown owner - C: \ DOCUME ~ 1 \ Eier \ LOCALS ~ 1 \ Temp \ hpdj.exe (fil mangler)
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C: \ WINDOWS \ system32 \ PRISMSVC.EXE
  #3  
Old 26th Mar 2008, 16:35
Moderator Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

Du har noen malware vises i loggen. Vennligst gå HER og gjøre CCleaner, Superantispyware og MBAM skanner. Post loggene når komplett med en ny Hijackthis logg. Pass på at du ikke kjører Hijackthis før de andre skanner er fullført og datamaskinen har blitt startet på nytt.

Merk Det er foreslått å gå til Legg til / fjern programmer og avinstallere ProfileWatcher.

Sitat:
ProfileWatcher:
Infiltrates din MySpace-konto og sender annonser på alle vennene dine kommentarer siden.
__________________
  #4  
Old 2 apr 2008, 15:10
New Member Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

dette er malwarebytes logg
Vedlagte filer
File Type: txt mbam-log-3-28-2008 (19-53-55). txt (2,2 KB, 5 visninger)
  #5  
Old 2 apr 2008, 15:11
New Member Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

dette er hijackthis logg
Logfile of HijackThis v1.99.1
Scan lagret 6:16:51 PM, on 4/2/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ PRISMSVC.EXE
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ PRISMSVR.EXE
C: \ WINDOWS \ ALCXMNTR.EXE
C: \ WINDOWS \ LTMSG.exe
C: \ WINDOWS \ system32 \ Spool \ drivers \ W32X86 \ 3 \ E_FATI9 FA.EXE
C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ Programfiler \ QuickTime \ QTTask.exe
C: \ Programfiler \ iTunes \ iTunesHelper.exe
C: \ Programfiler \ Adobe \ Adobe Photoshop Lightroom 1.2 \ apdproxy.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programfiler \ Dell Wireless \ PRISMCFG.exe
C: \ Program Files \ LimeWire \ LimeWire.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ Programfiler \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Programfiler \ Mozilla Firefox \ firefox.exe
C: \ Documents and Settings \ neven \ Skrivebord \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.finderg.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Programfiler \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / installquiet / keeploaded / nodetect
O4 - HKLM \ .. \ Run: [LTMSG] LTMSG.exe 7
O4 - HKLM \ .. \ Run: [EPSON Stylus Photo R320 Series] C: \ WINDOWS \ system32 \ Spool \ drivers \ W32X86 \ 3 \ E_FATI9 FA.EXE / P30 "EPSON Stylus Photo R320 Series" / O6 "USB002" / M "Stylus Photo R320"
O4 - HKLM \ .. \ Run: [ProfileWatcher] C: \ Programfiler \ ProfileWatcher \ profilewatcher.exe
O4 - HKLM \ .. \ Run: [avast!] C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Programfiler \ Adobe \ Adobe Photoshop Lightroom 1.2 \ apdproxy.exe"
O4 - HKCU \ .. \ Run: [Yahoo! Personsøker] C: \ progra ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe stille
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent] "C: \ Programfiler \ BitTorrent \ bittorrent.exe" - force_start_minimized
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Programfiler \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Programfiler \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - Startup: LimeWire On Startup.lnk = C: \ Program Files \ LimeWire \ LimeWire.exe
O4 - Startup: Stardock ObjectDock.lnk = C: \ Programfiler \ Stardock \ ObjectDock \ ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk =?
O8 - Extra sammenheng menyelement: & Search -? P = ZK
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ Programfiler \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra "Verktøy" MENUITEM: Spybot - Search & & Destroy Configuration - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ Programfiler \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra knappen: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Programfiler \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: (200B3EE9-7242-4EFD-B1E4-D97EE825BA53) (VerifyGMN klasse) -- http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klasse) - C: \ Programfiler \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Klassifikasjon) -- http://update.microsoft.com/windowsu...?1162589752500
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasse) -- http://update.microsoft.com/microsof...?1162829153500
O16 - DPF: (AB86CE53-AC9F-449F-9399-D8ABCA09EC09) (Get_ActiveX Control) -- https: / / h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: (D18F962A-3722-4B59-B08D-28BB9EB2281E) (PhotosCtrl klasse) -- http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Programfiler \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Notify: PRISMAPI.DLL - C: \ WINDOWS \ system32 \ PRISMAPI.DLL
O20 - Winlogon Notify: PRISMGNA.DLL - C: \ WINDOWS \ system32 \ PRISMGNA.DLL
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ system32 \ WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programfiler \ Fellesfiler \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C: \ Programfiler \ Alwil Software \ Avast4 \ ashMaiSv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Programfiler \ Fellesfiler \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: hpdj - Unknown owner - C: \ DOCUME ~ 1 \ Eier \ LOCALS ~ 1 \ Temp \ hpdj.exe (fil mangler)
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C: \ WINDOWS \ system32 \ PRISMSVC.EXE
  #6  
Old 2 apr 2008, 15:13
New Member Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

og dette er superantispyware logge --- Jeg vet du hører dette mye - men du er virkelig en lifesaver takk ----

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/28/2008 at 08:37

Application Version: 4.0.1154

Core Rules Database Version: 3426
Trace Rules Database Version: 1418

Scan type: Complete Scan
Total Scan Time: 00:42:44

Minne eks skannet: 515
Minne trusler oppdages: 0
Registerelementene skannet: 5073
Registerverdi trusler oppdages: 0
Fil eks skannet: 15903
Fil trusler oppdages: 0


datamaskinen min er fortsatt treg - ingen endringer siden skanner ...
  #7  
Old 2 apr 2008, 15:20
Moderator Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

Vi trenger å kjøre en mer kraftfull skanner. Det vil ikke ta veldig lang.

Last ned Combofix av ubåter fra én av de nedenfor koblinger.
(Prøv alle tre om nødvendig)Viktig! Combofix.exe lagres til og løp fra Desktop.
  • Lukk alle åpne weblesere. (Firefox, Internet Explorer, osv.) før Combofix.
  • Viktig! Midlertidig deaktivere din antivirus, script blocking og eventuelle antispyware sanntid beskyttelse før utføre en skanning.
    • Klikk denne koblingen å se en liste over sikkerhetsprogrammer som skal være deaktivert og hvordan du deaktiverer dem.
    • Hvis din ikke er oppført og du ikke vet hvordan du deaktivere den, kan du spørre.
  • Advarsel: Combofix kobler maskinen fra Internett. Forbindelsen er automatisk gjenopprettet før Combofix fullfører sin kjøre.
  • Dobbeltklikk combofix.exe og følg instruksjonene.
    • Velg Ja for å godta Disclaimers.[
  • Når du er ferdig, vil den produsere en logg for deg.
  • Post denne loggen i din neste svaret.
Advarsel: Ikke mouseclick combofix's vinduet mens den kjører. Det kan føre til stall
  • Hvis Combofix kjører i vanskelighetsgrad og avsluttes tidlig, forbindelsen kan manuelt gjenopprettes ved å starte datamaskinen på nytt.
  • Viktig: Husk å aktivere din antivirus og antispyware før Kobler til på nytt til Internett.
__________________
  #8  
Old 2 apr 2008, 15:38
New Member Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

her er combofix log
Vedlagte filer
File Type: txt ComboFix.txt (8,7 KB, 8 visninger)
  #9  
Old 2 apr 2008, 15:57
Moderator Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

Åpne Hijackthis og velg Gjør et system skanne bare deretter plassere et merke ved siden av disse enteies.

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.finderg.com
O8 - Extra sammenheng menyelement: & Search -? P = ZK

Lukk alle vinduer unntatt Hijackthis og klikk Fix kontrollert.

----------

Kjør F-Secure Online Scanner

Merk: Dette Scanner fungerer med Internet Explorer Only!
  • Bla til nederst på siden og klikk Start scanning knappen. Et vindu vil komme opp.
  • Tillater Active X-kontroll til å være installert på datamaskinen, deretter godkjenningsknappen
  • Klikk Full System Scan og lar komponenter å laste ned og skanningen å fullføre.
  • Hvis malware er funnet, sjekk Sende vareprøver til F-Secure velg deretter Automatisk rensing
  • Når renhold har finitished Klikk Vis rapport (Dette åpner et Internet Explorer-vindu inneholder rapporten)
  • Marker og Kopier (Ctrl + C) fullstendig rapport og Lim inn (Ctrl + V) i en ny svare på dette innlegget
    • Hvis Automatisk rensing med Innsendingshjelp prøvene henger, klikk Avbryt, Deretter Nye Scan
  • Når renhold er presentert, Fjern merkingen Sende vareprøver til F-Secure
  • Klikk Automatisk rensing
  • Når renhold har finitished, klikk Vis rapport (dette vil åpne et Internet Explorer-vinduet inneholder rapporten)
  • Marker og Kopier (Ctrl + C) fullstendig rapport og Lim inn (Ctrl + V) i en ny svare på dette innlegget.

Denne skanningen kan ta en stund, så vær tålmodig
__________________
  #10  
Old 2 apr 2008, 17:41
New Member Group
  
Default Please help-datamaskinen kjører veldig treg, virus?

Scanning Report

Onsdag 02 april, 2008 19:19:08 - 20:30:00

Datamaskinnavnet: NEVEN-MS8XDAEE4
Scanning type: Scan system for malware, rootkits
Target: C: \
Resultat: 1 malware funnet

Tracking Cookie (spyware)
  • System
Statistikk

Skannet:
  • Files: 39253
  • System: 3397
  • Ikke skannes: 22
Handlinger:
  • Desinfiseres: 0
  • Omdøpt: 0
  • Slettet: 0
  • Ingen: 1
  • Submitted: 0
Filer som ikke skannes:
  • C: \ pagefile.sys
  • C: \ windows \ system32 \ config \ DEFAULT
  • C: \ windows \ system32 \ config \ SAM
  • C: \ WINDOWS \ system32 \ config \ security
  • C: \ windows \ system32 \ config \ SOFTWARE
  • C: \ WINDOWS \ SYSTEM32 \ CONFIG \ SYSTEM
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ CALLCONT.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ GDI32.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ H323.TSP
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ H323MSP.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ HELPCTR.EXE
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ IPNATHLP.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ Lsasrv.dll
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ MF3216.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ MSASN1.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ Msgina.dll
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ MST120.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ Netapi32.dll
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ NMCOM.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ RTCDLL.DLL
  • C: \ WINDOWS \ $ NTUNINSTALLKB835732 $ \ Schannel.dll
  • C: \ Documents and Settings \ NEVEN \ Lokale innstillinger \ Temp \ HSPERFDATA_NEVEN \ 2636
Valg

Scanning motorer:
  • F-Secure USS: 2.30.0
  • F-Secure Hydra: 2.8.8110, 2008-04-02
  • F-Secure AVP: 7.0.171, 2008-04-02
  • F-Secure Pegasus: 1.20.0, 2008-02-28
  • F-Secure Blacklight: 1.0.64
Skanne valg:
  • Scan definert filer: COM EXE SYS OV? BIN scr DLL SHS HTM HTML HTT VBS JS INF VXD gjøre? XL? RTF CPL WIZ hta PP? PWZ P? T mso pif. ACM ASP AX CNV CSC DRV INI mdb MPD MPP mpt OBD OBT ocx PCI TLB TSP wbk WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD jse VBE wsc CHM EML PRC shb lnk WSF (* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT mif PHP POT SWF WMF NWS TAR
  • Bruk Avansert heuristics
  • Copyright © 1998-2007 Produktstøtte |Send virus prøve til F-Secure

    F-Secure påtar seg ikke ansvar for materialet laget eller publisert av tredjeparter som F-Secure World Wide Web-sider som har en kobling til. Med mindre du har tydelig frem på annen måte, ved å sende inn materiale til en av våre servere, for eksempel via e-post eller via våre F-Secure's CGI E-post, godtar du at materialet du gjøre tilgjengelig kan være publisert i F-Secure World Bred sider eller hard-kopi publikasjoner. Du vil nå F-Secure offentlige nettsider ved å klikke på understrekede lenker. Mens du gjør dette, tilgang blir logget til vår private tilgang statistikk med domenet name.This informasjonen vil ikke bli gitt til noen tredjepart. Du samtykker til ikke å iverksette tiltak mot oss i forbindelse med materiale som du sender inn. Med mindre du har tydelig frem på annen måte, ved å sende inn materiale du garanterer at F-Secure mai innlemme alle konsepter beskrevet i det i F-Secure-produkter / publikasjoner uten erstatningsansvar.
Reply
Side 1 av 2 1 2

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Kontakt -- Personvern -- Sitemap -- Topp

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, gjennomgå webområdet, Inc.