min puter er meget langsom

prøv dette..O)
http://fp.tiscali.dk/fpe6x100713/guider/er%20computeren%20langsom.htm

Jeg har prøvet at scanne, men den har intet fundet :(
Jeg har haft samme problem en gang før, der var der en herinde der gav mig et link til noget der hed highjack (noget i den stil) og det virkede.. jeg skulle sende den liste den lavede da den var færdig med at scanne
kender du det program?

http://www.spywarefri.dk/vaerktoj.htm#hijackthis
Hent det her.
Scan og gem loggen. Kopier den herind, så ser vi på sagerne :O)

Her er så min log fra highjack:

Logfile of HijackThis v1.97.7
Scan saved at 21:43:21, on 24-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
D:\Programmer\Norton AntiVirus\navapsvc.exe
D:\Programmer\Norton AntiVirus\AdvTools\NPROTECT.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\AdGuard\ag.exe
D:\Programmer\QuickTime\qttask.exe
D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
D:\WINDOWS\System32\LXSUPMON.EXE
D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Programmer\Fælles filer\Microsoft Shared\Works Shared\wkcalrem.exe
D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
D:\Programmer\Fælles filer\Nokia\Services\ServiceLayer.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
D:\Programmer\Internet Explorer\iexplore.exe
D:\Programmer\Messenger Plus! 3\MsgPlus.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\DOCUME~1\jane\LOKALE~1\Temp\Rem35.exe
D:\Documents and Settings\jane\Dokumenter\Modtagne filer\hijackthis.exe
D:\Programmer\Messenger\msmsgs.exe
D:\Programmer\Microsoft Office\Office\WINWORD.EXE
D:\Programmer\Microsoft Works\MSWorks.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mysearchnow.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mysearchnow.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://mysearchnow.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mysearchnow.com/searchbar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://212.10.10.20
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {81B7840F-6889-4950-B555-E89C5E68B2EC} - D:\Programmer\AdGuard\adgnpu.dll
O2 - BHO: (no name) - {BCD729EA-A6AE-F248-B3E5-E55136BD7496} - D:\PROGRA~1\SOAPSH~1\Ooze First.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\WINDOWS\Downloaded Program Files\googlenav.dll
O3 - Toolbar: (no name) - {8FB0F3E2-5193-11d7-9F88-0050FC5441CB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Copy sect - {DEF1F7CF-BBF7-BC31-C949-C58905EA21FB} - D:\PROGRA~1\SOAPSH~1\Ooze First.dll
O4 - HKLM\..\Run: [AdGuard] D:\Programmer\AdGuard\ag.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
O4 - HKLM\..\Run: [DataLayer] D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [LXSUPMON] D:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "D:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [sign web] D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus2] "D:\Programmer\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: D:\Programmer\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37862.4859143519
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

det er sort for mig, så er glad for at i vil kigge på det!!

Jamen jeg løber lige din log igennem

takker MANGE gange :)

Først opretter du en mappe kun til hijackthis og lægger programmet derover.

Du skal nu til at i gang med at fixe. Allerførst skal du slå systemgendannelse fra. Hvis du ikke ved hvordan du gør det så kig her: http://www.arlet.dk/systemgendannelsen.htm derefter skal du åbne hijackthis. Du skal at sætte en vinge ud for disse filer jeg har skrevet nedeunder. Når du har gjort det så lukker du alle andre vinduer ned, det er meget vigtigt at det eneste vindue som er åbent er HijackThis vinduet. Klik på Fix checkede.

Her er de filer, du skal fixe:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mysearchnow.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mysearchnow.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://mysearchnow.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mysearchnow.com/searchbar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://212.10.10.20
O2 - BHO: (no name) - {BCD729EA-A6AE-F248-B3E5-E55136BD7496} - D:\PROGRA~1\SOAPSH~1\Ooze First.dll
O3 - Toolbar: (no name) - {8FB0F3E2-5193-11d7-9F88-0050FC5441CB} - (no file)
O3 - Toolbar: Copy sect - {DEF1F7CF-BBF7-BC31-C949-C58905EA21FB} - D:\PROGRA~1\SOAPSH~1\Ooze First.dll
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" –atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Programmer\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

Derefter genstarter du og sender en ny log ind til check
Du må ikke slå systemgendannelse til før vi har sagt god for din log.

D:\DOCUME~1\jane\LOKALE~1\Temp\Rem35.exe
Kender du denne?
Ellers skal den slettes i fejlsikret tilstand

O4 - HKLM\..\Run: [sign web] D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe
Tag hellere denne med også. Den skal også fixes

takker mange gange :D:D:D

bliver nød til at smutte nu, men sender den nye log senere :D

Iordn ;O)

Miaw.

Hej igen, sorry jeg ikke fik skrevet tilbage med den nye log i går, men den er her nu *S*


Logfile of HijackThis v1.97.7
Scan saved at 07:53:22, on 25-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
D:\Programmer\Norton AntiVirus\navapsvc.exe
D:\Programmer\Norton AntiVirus\AdvTools\NPROTECT.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\AdGuard\ag.exe
D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
D:\WINDOWS\System32\LXSUPMON.EXE
D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
D:\Programmer\Messenger Plus! 3\MsgPlus.exe
D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Programmer\Fælles filer\Nokia\Services\ServiceLayer.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
D:\Programmer\Messenger\msmsgs.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
D:\Documents and Settings\jane\Dokumenter\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearchnow.com/passthrough/index.html?http://about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {81B7840F-6889-4950-B555-E89C5E68B2EC} - D:\Programmer\AdGuard\adgnpu.dll
O2 - BHO: (no name) - {BCD729EA-A6AE-F248-B3E5-E55136BD7496} - D:\PROGRA~1\SOAPSH~1\Ooze First.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\WINDOWS\Downloaded Program Files\googlenav.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AdGuard] D:\Programmer\AdGuard\ag.exe
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
O4 - HKLM\..\Run: [DataLayer] D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [LXSUPMON] D:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [ccApp] "D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "D:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [sign web] D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: D:\Programmer\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37862.4859143519
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

Kramzz P

Hejsa igen

Du mangler disse:
O2 - BHO: (no name) - {BCD729EA-A6AE-F248-B3E5-E55136BD7496} - D:\PROGRA~1\SOAPSH~1\Ooze First.dll
O4 - HKLM\..\Run: [sign web] D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe
Den skal fixes.

Så skal du slette:
D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe

Derefter genstarter du og sender mig en ny log :O)

Hov denne fixes med også:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearchnow.com/passthrough/index.html?http://about:blank

takker, det var hurtigt du svarede :)

Jeg sender den nye log ind senere, skal på arb, endnu en gang TAK for hjælpen

Jeg sad kun og ventede på dig ;O)

Det var så lidt

sååååååå er jeg her med en ny log fra highjackthis :D

Logfile of HijackThis v1.97.7
Scan saved at 14:55:05, on 26-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
D:\Programmer\Norton AntiVirus\navapsvc.exe
D:\Programmer\Norton AntiVirus\AdvTools\NPROTECT.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\AdGuard\ag.exe
D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
D:\WINDOWS\System32\LXSUPMON.EXE
D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
D:\Programmer\Fælles filer\Nokia\Services\ServiceLayer.exe
D:\Programmer\Messenger Plus! 3\MsgPlus.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Messenger\msmsgs.exe
D:\Documents and Settings\jane\Dokumenter\hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mysearchnow.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://212.10.10.20/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mysearchnow.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {81B7840F-6889-4950-B555-E89C5E68B2EC} - D:\Programmer\AdGuard\adgnpu.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\WINDOWS\Downloaded Program Files\googlenav.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AdGuard] D:\Programmer\AdGuard\ag.exe
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
O4 - HKLM\..\Run: [DataLayer] D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [LXSUPMON] D:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [ccApp] "D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "D:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [sign web] D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: D:\Programmer\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37862.4859143519
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

håber den ser bedre ud ss

Kramzz P

Tjaaa den der mysearchnow er åbenbart ikke meget for at forlade bygningen :O)

Hent cwshredder her:
http://www.softpedia.com/public/cat/10/17/10-17-150.shtml
Check om der er opdateringer.
Start derefter programmet. Tryk på fix. Scan og fix det den finder.
MEN INDEN du gør det skal du hive netværkskablet ud af maskinen.
Genstart og giv mig så en ny log fil fra hijack.
Ked af at den er så slem at komme af med...

Logfile of HijackThis v1.97.7
Scan saved at 15:25:40, on 26-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
D:\Programmer\Norton AntiVirus\navapsvc.exe
D:\Programmer\Norton AntiVirus\AdvTools\NPROTECT.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\AdGuard\ag.exe
D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
D:\WINDOWS\System32\LXSUPMON.EXE
D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
D:\Programmer\Messenger Plus! 3\MsgPlus.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Programmer\Fælles filer\Nokia\Services\ServiceLayer.exe
D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
D:\Programmer\Messenger\msmsgs.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Documents and Settings\jane\Dokumenter\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://212.10.10.20/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {81B7840F-6889-4950-B555-E89C5E68B2EC} - D:\Programmer\AdGuard\adgnpu.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\WINDOWS\Downloaded Program Files\googlenav.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AdGuard] D:\Programmer\AdGuard\ag.exe
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programmer\iWare\iWare Mouse\3.2\lwbwheel.exe
O4 - HKLM\..\Run: [DataLayer] D:\Programmer\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] D:\Programmer\Fælles filer\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [LXSUPMON] D:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [ccApp] "D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "D:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [sign web] D:\PROGRA~1\ITCHRECTHEART\DEBUG NOUN.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = D:\Programmer\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: D:\Programmer\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37862.4859143519
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

Det er hvad den nu er kommet frem til :S

Så er du renset og kan godt slå din systemgendannelse til igen
http://www.eksperten.dk/artikler/144
http://www.eksperten.dk/artikler/254
Her er lidt godt om sikker surfing :O)

takker, du er bare en gud :D

*Rolf* MANGE TAK. Det er sq længe siden der er nogen der har kaldt mig det....
Tak for point
Og hav en fortsat fortryllende dag ;O)

takker ilm ;o)