Søg
Avatar billede newtothis Nybegynder
04. januar 2008 - 20:32 Der er 6 kommentarer

Min computer er blevet ustabil

Her på det sidste er min computer begyndt at fryse en gang i mellem, og nogle gange kan jeg ikke åbne mapper uden at genstarte explorer.exe, og generelt kører den bare langsommmere end normalt.
Derfor tror jeg, at jeg har fået virus/trojans af en art.

Jeg har prøvet at hente AVG Antispyware, CCleaner, ComboFix og SUPERAntispyware, men det alene har ikke gjort den så god som ny, selvom det har hjulpet lidt.

Er det muligt, at nogle kunne sige, hvordan jeg kan komme af med det, hvis jeg f.eks. ligger en HijackThis log ind her i forummet?

På forhånd tak for hjlæpen
Avatar billede fromsej Praktikant
04. januar 2008 - 20:44 #1
Kopier logfilen fra Combofix herind, sammen med en Hijackthislog.
Avatar billede fromsej Praktikant
04. januar 2008 - 20:46 #2
Velkommen til Eksperten, glemte jeg helt.
http://expfaq.dk/ - Eksperten: Sådan gør jeg.
Avatar billede newtothis Nybegynder
05. januar 2008 - 16:53 #3
Okay.. men det her bliver et lidt langt indlæg så...

ComboFix Log:

ComboFix 08-01-03.3 - bruger 2008-01-05 16:46:02.4 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1030.18.509 [GMT 1:00]
Running from: F:\Downloads\Sikkerhed\ComboFix\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\_install.exe blev ikke fundet.

.
(((((((((((((((((((((((((  Files Created from 2007-12-05 to 2008-01-05  )))))))))))))))))))))))))))))))
.

2008-01-04 13:44 . 2008-01-04 13:48    <DIR>    d--------    C:\Documents and Settings\bruger\DoctorWeb
2008-01-04 12:06 . 2008-01-04 12:06    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-01-03 22:49 . 2008-01-03 22:59    <DIR>    d--------    C:\Documents and Settings\Administrator\DoctorWeb
2008-01-03 20:48 . 2008-01-03 20:48    <DIR>    d--------    C:\Documents and Settings\bruger\Application Data\SUPERAntiSpyware.com
2008-01-03 20:48 . 2008-01-03 20:48    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-03 11:57 . 2008-01-03 11:57    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\Grisoft
2008-01-03 11:54 . 2008-01-04 15:21    <DIR>    d--------    C:\Documents and Settings\Administrator\Skrivebord
2008-01-03 11:54 . 2006-08-07 13:08    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Skabeloner
2008-01-03 11:54 . 2006-08-07 14:52    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Printere
2008-01-03 11:54 . 2006-08-07 14:52    <DIR>    dr-------    C:\Documents and Settings\Administrator\Menuen Start
2008-01-03 11:54 . 2008-01-04 18:30    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Lokale indstillinger
2008-01-03 11:54 . 2006-08-07 14:52    <DIR>    d--------    C:\Documents and Settings\Administrator\Foretrukne
2008-01-03 11:54 . 2008-01-04 15:17    <DIR>    d--------    C:\Documents and Settings\Administrator\Dokumenter
2008-01-03 11:54 . 2006-08-07 14:52    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Andre computere
2008-01-03 11:30 . 2008-01-03 11:30    <DIR>    d--------    C:\Documents and Settings\bruger\Application Data\Grisoft
2008-01-03 11:30 . 2007-05-30 13:10    10,872    --a------    C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-03 11:27 . 2000-08-31 08:00    51,200    --a------    C:\WINDOWS\NirCmd.exe
2007-12-29 01:53 . 2007-12-29 01:53    <DIR>    d--------    C:\Programmer\Fælles filer\DirectX
2007-12-29 01:45 . 2006-11-29 13:06    3,426,072    --a------    C:\WINDOWS\system32\d3dx9_32.dll
2007-12-29 01:45 . 2006-09-28 16:05    2,414,360    --a------    C:\WINDOWS\system32\d3dx9_31.dll
2007-12-29 01:45 . 2007-01-24 15:27    255,848    --a------    C:\WINDOWS\system32\xactengine2_6.dll
2007-12-29 01:45 . 2006-12-08 12:02    251,672    --a------    C:\WINDOWS\system32\xactengine2_5.dll
2007-12-29 01:45 . 2006-09-28 16:05    237,848    --a------    C:\WINDOWS\system32\xactengine2_4.dll
2007-12-29 01:45 . 2006-07-28 09:30    236,824    --a------    C:\WINDOWS\system32\xactengine2_3.dll
2007-12-29 01:45 . 2006-09-28 16:04    68,888    --a------    C:\WINDOWS\system32\xinput1_3.dll
2007-12-29 01:45 . 2006-07-28 09:30    62,744    --a------    C:\WINDOWS\system32\xinput1_2.dll
2007-12-29 01:45 . 2007-01-08 15:30    15,128    --a------    C:\WINDOWS\system32\x3daudio1_1.dll
2007-12-29 01:40 . 2007-12-29 01:40    <DIR>    d--------    C:\Documents and Settings\bruger\Application Data\TrojanHunter
2007-12-28 23:57 . 2007-12-28 23:57    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-28 23:11 . 2007-12-28 23:11    <DIR>    d--------    C:\Documents and Settings\bruger\Application Data\InstallShield
2007-12-20 14:51 . 2007-12-20 14:51    <DIR>    d--------    C:\Programmer\Fælles filer\CANON
2007-12-20 14:48 . 2007-12-20 14:48    <DIR>    d--h-----    C:\WINDOWS\system32\CanonIJ Uninstaller Information
2007-12-20 14:48 . 2007-12-20 14:48    <DIR>    d--h-----    C:\Programmer\CanonBJ
2007-12-20 14:48 . 2006-11-06 06:00    198,656    --a------    C:\WINDOWS\system32\CNMLM8N.DLL
2007-12-20 14:47 . 2007-12-20 14:54    <DIR>    d--------    C:\Programmer\Canon
2007-12-14 19:15 . 2007-12-14 19:15    197    --a------    C:\WINDOWS\system32\MRT.INI
2007-12-14 18:51 . 2007-12-14 18:51    167    --a------    C:\Documents and Settings\bruger\3486.bat
2007-12-14 14:35 . 2007-12-14 14:35    1,740    --a------    C:\Documents and Settings\bruger\x.dat
2007-12-14 14:35 . 2007-12-14 14:35    1,367    --a------    C:\Documents and Settings\bruger\z.dat
2007-12-14 14:35 . 2007-12-14 14:35    167    --a------    C:\Documents and Settings\bruger\2790.bat
2007-12-14 14:34 . 2008-01-03 13:57    <DIR>    d--------    C:\Temp
2007-12-14 14:34 . 2007-12-14 18:51    36,864    --a------    C:\Documents and Settings\bruger\winlogo.exe
2007-12-11 23:34 . 2007-12-11 23:34    1,044,480    --a------    C:\WINDOWS\system32\libdivx.dll
2007-12-11 23:34 . 2007-12-11 23:34    200,704    --a------    C:\WINDOWS\system32\ssldivx.dll
2007-12-09 23:23 . 2007-12-17 22:27    54,156    --ah-----    C:\WINDOWS\QTFont.qfn
2007-12-09 23:23 . 2007-12-09 23:23    1,409    --a------    C:\WINDOWS\QTFont.for
2007-12-09 23:21 . 2007-12-09 23:21    <DIR>    d--------    C:\Documents and Settings\bruger\Application Data\vlc
2007-12-07 21:18 . 2007-12-07 21:18    147,456    --a------    C:\WINDOWS\system32\vbzip10.dll
2007-12-07 21:18 . 2007-12-07 21:18    0    --a------    C:\WINDOWS\system32\taskkill.exe
2007-12-05 22:36 . 2007-11-29 23:30    129,784    ---------    C:\WINDOWS\system32\pxafs.dll
2007-12-05 22:36 . 2007-11-29 23:30    120,056    ---------    C:\WINDOWS\system32\pxcpyi64.exe
2007-12-05 22:36 . 2007-11-29 23:30    118,520    ---------    C:\WINDOWS\system32\pxinsi64.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-03 19:47    ---------    d-----w    C:\Programmer\Fælles filer\Wise Installation Wizard
2008-01-01 21:02    ---------    d-----w    C:\Documents and Settings\bruger\Application Data\LimeWire
2007-12-29 17:07    ---------    d-----w    C:\Programmer\Onlinetjenester
2007-12-29 00:41    ---------    d--h--w    C:\Programmer\InstallShield Installation Information
2007-12-04 01:33    823,296    ----a-w    C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 01:33    823,296    ----a-w    C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 01:33    802,816    ----a-w    C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 01:33    682,496    ----a-w    C:\WINDOWS\system32\DivX.dll
2007-11-29 22:30    524,288    ----a-w    C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30    43,528    ------w    C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-11-29 22:30    3,596,288    ----a-w    C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:28    81,920    ----a-w    C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28    196,608    -c--a-w    C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55    156,992    ----a-w    C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53    593,920    -c--a-w    C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53    57,344    -c--a-w    C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53    53,248    -c--a-w    C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53    344,064    -c--a-w    C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53    294,912    -c--a-w    C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53    294,912    -c--a-w    C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52    12,288    -c--a-w    C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-20 13:58    126,976    ----a-w    C:\WINDOWS\system32\UAService7.exe
2007-11-13 10:25    20,480    ----a-w    C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 13:21    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Protexis
2007-10-30 15:21    107,888    ----a-w    C:\WINDOWS\system32\CmdLineExt.dll
2007-10-29 22:44    1,291,776    ----a-w    C:\WINDOWS\system32\quartz.dll
2007-10-25 09:00    230,912    ----a-w    C:\WINDOWS\system32\wmasf.dll
.

(((((((((((((((((((((((((((((  snapshot@2008-01-03_14.03.34.67  )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-03 19:48:31    34,304    ----a-r    C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF1.exe
+ 2008-01-03 19:48:31    29,696    ----a-r    C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
.
(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 13:00 15360]
"SUPERAntiSpyware"="F:\Downloads\Sikkerhed\SuperAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46 1318128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 14:21 61952 C:\WINDOWS\system32\HdAShCut.exe]
"SoundMAXPnP"="C:\Programmer\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11 925696]
"SoundMAX"="C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 14:35 716800]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496]
"ATICCC"="C:\Programmer\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 00:07 61440]
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51 39792]
"!AVG Anti-Spyware"="F:\Downloads\Sikkerhed\AVG\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-27 13:00 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= F:\Downloads\Sikkerhed\SuperAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
F:\Downloads\Sikkerhed\SuperAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 F:\Downloads\Sikkerhed\SuperAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^BTTray.lnk]
path=C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\BTTray.lnk
backup=C:\WINDOWS\pss\BTTray.lnkCommon Startup
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-03-09 10:09    63712    --a------    C:\Programmer\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
            F:\Installs\Daemon Tools\daemon.exe -lang 1033
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
            C:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
            F:\Downloads\Quick Time\iTunesHelper.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
            C:\Programmer\MSN Messenger\MsnMsgr.Exe /background
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
            C:\Programmer\QuickTime\qttask.exe -atboottime
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
            F:\Downloads\VeohTV\VeohClient.exe /VeohHide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)
"btwdins"=2 (0x2)


.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-05 16:47:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-05 16:47:38
ComboFix-quarantined-files.txt  2008-01-05 15:47:36
ComboFix2.txt  2008-01-04 14:01:08
ComboFix3.txt  2008-01-03 13:03:56
.
2007-12-14 18:15:17    --- E O F --- 



HiJackThis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:48:33, on 05-01-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\Programmer\Analog Devices\SoundMAX\Smax4.exe
C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
F:\Downloads\Sikkerhed\AVG\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Downloads\Sikkerhed\SuperAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\ATI Technologies\ATI.ACE\CLI.exe
F:\Downloads\Sikkerhed\AVG\AVG Anti-Spyware 7.5\guard.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\UAService7.exe
F:\Downloads\Firefox 2.0.0.4\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\bruger\Skrivebord\Sikkerhed\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - F:\Downloads\VeohTV\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Programmer\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "F:\Downloads\Sikkerhed\AVG\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Downloads\Sikkerhed\SuperAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ATI CATALYST-proceslinje.lnk = C:\Programmer\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://F:\Installs\Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth-enhed... - F:\Installs\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Installs\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Installs\Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Installs\Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1154958223375
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O20 - Winlogon Notify: !SASWinLogon - F:\Downloads\Sikkerhed\SuperAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - F:\Downloads\Sikkerhed\AVG\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 5718 bytes
Avatar billede fromsej Praktikant
05. januar 2008 - 20:40 #4
Der er ikke meget at komme efter.
Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".
Find og slet de to her:
C:\WINDOWS\system32\vbzip10.dll
C:\WINDOWS\system32\taskkill.exe

Der er ikke andet.
Avatar billede newtothis Nybegynder
06. januar 2008 - 22:24 #5
Okay. Tak for hjælpen... :)
Avatar billede fromsej Praktikant
07. januar 2008 - 12:44 #6
Velbekomme. :-)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 19:26 Opstart af ny computer Af Bent i Windows
25/0120:06 Hjemmeside der virker både på mobil og computer Af Strawberry i PHP
25/0117:08 Problemer med borger.dk Af valby i Windows
25/0114:19 Fejl Af buls i Windows
25/0113:44 Adgang til Google konto via Ipad Af cyperbent i E-mail programmer
White papers
Flere white papers »