Jonas2 Skrevet 2. desember 2009 Del Skrevet 2. desember 2009 Heisann! Jeg har en maskin som jeg pleier å søke igjennom med Ad Aware fra tid til annen. Men når jeg i går skulle kjøre test, så så det lovende ut. Men når den kom til 5-6000 filer. Så begynte det å gå SVÆRT sakte. Snakk om 1 fil i minuttet. Når jeg skulle på jobb på morraen i dag var den ikke ferdig da engang. Det jeg har prøvd er å diskdefragmentere maskinen og avinstallere - installere nyeste versjon. Noen som har noe tips? Er ganske en ganske viktig jobbmaskin som jeg helst ikke vil ha noe trøbbel med. Men jeg er OK datakyndig, og har prøvd litt @ google. Men fant ingen konkrete svar BTW: De første 5000-7000 filene søkes igjennom som vanelig. Lenke til kommentar
norbat Skrevet 2. desember 2009 Del Skrevet 2. desember 2009 (endret) Last ned og kjør en rask skann med Malwarebytes (se veiledningen). Skjer det samme da? Endret 2. desember 2009 av norbat Lenke til kommentar
Jonas2 Skrevet 2. desember 2009 Forfatter Del Skrevet 2. desember 2009 Har desverre desverre ikke tilgang på maskinen før i morgen tidlig. Siden den er på jobb. Men skal ta å gjøre deg. Så skal jeg se hva som skjer:) Takk for tips! Lenke til kommentar
Jonas2 Skrevet 3. desember 2009 Forfatter Del Skrevet 3. desember 2009 Har nå testet med F-Secure. Det fryser også. Hva må jeg gjøre nå? Har ikke fått testet med Malwarebytes. Men kan det også senere i dag. Problemet mitt er at jeg må ta se på jobb og hadde vært fint å hatt med meg noen flere tips om hva jeg må gjøre! Mvh Jonas2 Lenke til kommentar
snippsat Skrevet 3. desember 2009 Del Skrevet 3. desember 2009 Har nå testet med F-Secure. Har du ikke antivirus installert? Husk kun et antivirus på systemet. Ad Aware er ikke noe problem det er anbefalt at du fjerne den, overhode ikke bra. Virker Malwarebytes bruker du den. Sjekk disk. Start->kjør->cmd chkdsk /r Finner skadede sektorer og gjenoppretter lesbar informasjon. chkdsk /f Retter feil på disken. Grei og rask defragmering. http://www.auslogics.com/en/software/disk-defrag Lenke til kommentar
Jonas2 Skrevet 3. desember 2009 Forfatter Del Skrevet 3. desember 2009 Har F-Secure installert. Men skal vis det fortsatt ikke funker. Skal jeg ta en HiJackThis logg å legge ut her på forumet? Mest sannsynlig er det et virus. Siden AdAware ble slik når vedkomne åpnet en mail. Lenke til kommentar
Jonas2 Skrevet 3. desember 2009 Forfatter Del Skrevet 3. desember 2009 (endret) Har fått disse loggene: Logfile of HijackThis v1.99.1 Scan saved at 19:59:33, on 03.12.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\stsystra.exe C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Winamp Remote\bin\OrbTray.exe C:\Programfiler\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Programfiler\Fellesfiler\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe C:\Programfiler\F-Secure\Anti-Virus\FSGK32.EXE C:\Programfiler\F-Secure\Anti-Virus\fssm32.exe C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programfiler\Norbits\Future\MSSQL$FUTURE\BinnMSSQL$Future\Binn\sqlservr.exe c:\Programfiler\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Programfiler\F-Secure\Common\FSMA32.EXE C:\Programfiler\F-Secure\Common\FSLAUNCH.EXE C:\Programfiler\F-Secure\Common\FSLAUNCH.EXE C:\WINDOWS\explorer.exe C:\Programfiler\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programfiler\Winamp Toolbar\winamptb.dll O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programfiler\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programfiler\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programfiler\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [bUSkvlt] "C:\Programfiler\BUS AS\BUSpek 2000\BUSkvalitet.exe" /auto O4 - Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe O4 - Global Startup: Service Manager.lnk = C:\Programfiler\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [iNTERNATIONAL] International O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136209396337 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E6ACF817-0A85-4EBE-9F0A-096C6488CFEA} (NTR ActiveX 1.1.8) - http://www.ntrsupport.com/nv/inquiero/mod/...tivex118_28.cab O16 - DPF: {FC647808-D789-43D4-97AE-4914A4394D4C} (RequestLoginX Control) - http://www.toleranceonline.com/RequestLoginProj1.ocx O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Programfiler\Fellesfiler\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: dkab_device - Dell - C:\WINDOWS\system32\DKabcoms.exe O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Programfiler\F-Secure\BackWeb\7681197\Program\fsbwlan.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Programfiler\F-Secure\Common\FSAA.EXE O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FSMA32.EXE O23 - Service: Googles oppdateringstjeneste (gupdate1ca3ffe3fddb83e) (gupdate1ca3ffe3fddb83e) - Unknown owner - C:\Programfiler\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programfiler\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Programfiler\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programfiler\Intel\PROSetWired\NCS\Sync\NetSvc.exe Og denne: ComboFix 09-12-02.08 - Vennesla Bilteknikk 03.12.2009 19:49.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.1022.596 [GMT 1:00] Kjører fra: c:\documents and settings\Vennesla Bilteknikk\Skrivebord\ComboFix.exe AV: F-Secure Anti-Virus 5.44 *On-access scanning enabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Vennesla Bilteknikk\Favoritter\Online Security Test.url c:\documents and settings\Vennesla Bilteknikk\Programdata\AdProtect NoSpam c:\documents and settings\Vennesla Bilteknikk\Programdata\AdProtect NoSpam\Settings.xml c:\programfiler\License_Manager . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-11-03 til 2009-12-03 ))))))))))))))))))))))))))))))))) . 2009-12-03 18:26 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-03 18:20 . 2009-12-03 18:30 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2009-12-02 14:30 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2009-12-02 14:27 . 2009-12-02 14:27 -------- dc-h--w- c:\documents and settings\All Users\Programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} 2009-12-02 14:27 . 2009-10-03 08:15 2924848 -c--a-w- c:\documents and settings\All Users\Programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe 2009-11-10 15:27 . 2009-11-10 15:27 -------- d-----w- c:\programfiler\Norbits 2009-11-10 15:22 . 2009-11-10 15:23 -------- d-----w- C:\Future . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-02 14:25 . 2008-02-01 14:00 -------- d-----w- c:\documents and settings\All Users\Programdata\Lavasoft 2009-12-02 14:25 . 2007-03-23 14:35 -------- d-----w- c:\programfiler\Lavasoft 2009-11-10 15:28 . 2004-09-28 13:07 512486 ----a-w- c:\windows\system32\perfh014.dat 2009-11-10 15:28 . 2004-09-28 13:07 106552 ----a-w- c:\windows\system32\perfc014.dat 2009-10-16 06:50 . 2006-01-02 12:32 -------- d-----w- c:\programfiler\Fellesfiler\Adobe 2009-10-14 06:15 . 2007-09-25 09:49 -------- d-----w- c:\programfiler\Microsoft SQL Server 2009-09-28 05:44 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2009-09-28 05:44 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2009-09-23 11:44 . 2006-01-03 13:38 25680 ----a-w- c:\documents and settings\Vennesla Bilteknikk\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2009-09-11 14:20 . 2004-09-28 13:07 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:05 . 2004-09-28 13:07 58880 ----a-w- c:\windows\system32\msasn1.dll 2006-04-12 12:09 . 2006-04-12 12:09 26922 ----a-w- c:\programfiler\moviepass Terms.html . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\programfiler\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\programfiler\Messenger\msmsgs.exe" [2008-04-14 1695232] "BUSkvlt"="c:\programfiler\BUS AS\BUSpek 2000\BUSkvalitet.exe" [2009-07-14 2500608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264] "ATIPTA"="c:\programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064] "DMXLauncher"="c:\programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "ISUSPM Startup"="c:\progra~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "F-Secure Manager"="c:\programfiler\F-Secure\Common\FSM32.EXE" [2005-09-19 106571] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 39792] "Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2005-03-23 339968] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Vennesla Bilteknikk\Start-meny\Programmer\Oppstart\ Task Manager.lnk - c:\windows\system32\taskmgr.exe [2004-9-28 136704] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ Service Manager.lnk - c:\programfiler\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2001-4-17 74308] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Frls\\MSM.EXE"= "c:\\WINDOWS\\system32\\DKabcoms.exe"= "c:\\Programfiler\\BUS AS\\BUSpek 2000\\BUSpek2.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Winamp Remote\\bin\\Orb.exe"= "c:\\Programfiler\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Programfiler\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "c:\\Frls\\FTP.EXE"= "c:\\Programfiler\\BUS AS\\BUSpek 2000\\BUSkvalitet.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [02.12.2009 15:30 64288] R2 F-Secure Filter;F-Secure File System Filter;c:\programfiler\F-Secure\Anti-Virus\win2k\FSfilter.sys [14.03.2006 20:30 48720] R2 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\programfiler\F-Secure\Anti-Virus\win2k\fsgk.sys [14.03.2006 20:30 48256] R2 F-Secure Recognizer;F-Secure File System Recognizer;c:\programfiler\F-Secure\Anti-Virus\win2k\FSrec.sys [14.03.2006 20:30 16048] R2 FSpm;F-Secure Policy Manager;c:\programfiler\F-Secure\Common\FSpm.sys [14.03.2006 20:30 65328] R2 MSSQL$Future;MSSQL$Future;c:\programfiler\Norbits\Future\MSSQL$FUTURE\BinnMSSQL$Future\Binn\sqlservr.exe -sFuture --> c:\programfiler\Norbits\Future\MSSQL$FUTURE\BinnMSSQL$Future\Binn\sqlservr.exe -sFuture [?] S2 BackWeb Client - 7681197;F-Secure BackWeb;c:\progra~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [14.03.2006 20:31 16384] S2 gupdate1ca3ffe3fddb83e;Googles oppdateringstjeneste (gupdate1ca3ffe3fddb83e);c:\programfiler\Google\Update\GoogleUpdate.exe [28.09.2009 06:40 133104] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programfiler\Lavasoft\Ad-Aware\AAWService.exe [24.09.2009 12:17 1184912] S3 dkab_device;dkab_device;c:\windows\system32\DKabcoms.exe -service --> c:\windows\system32\DKabcoms.exe -service [?] S3 SQLAgent$Future;SQLAgent$Future;c:\programfiler\Norbits\Future\MSSQL$FUTURE\BinnMSSQL$Future\Binn\sqlagent.EXE -i Future --> c:\programfiler\Norbits\Future\MSSQL$FUTURE\BinnMSSQL$Future\Binn\sqlagent.EXE -i Future [?] . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-12-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\programfiler\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 14:29] 2009-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2009-09-28 05:40] 2009-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2009-09-28 05:40] 2009-12-03 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.startsiden.no/ IE: &Winamp Search - c:\documents and settings\All Users\Programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: {FC647808-D789-43D4-97AE-4914A4394D4C} - hxxp://www.toleranceonline.com/RequestLoginProj1.ocx FF - ProfilePath - c:\documents and settings\Vennesla Bilteknikk\Programdata\Mozilla\Firefox\Profiles\epok67mb.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Winamp Search FF - prefs.js: browser.startup.homepage - hxxp://www.winamp.com?src=toolbar FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: c:\documents and settings\Vennesla Bilteknikk\Programdata\Mozilla\Firefox\Profiles\epok67mb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nppl3260.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nprjplug.dll FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nprpjplug.dll FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll FF - plugin: c:\programfiler\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\programfiler\Java\j2re1.4.2_03\bin\NPJava11.dll FF - plugin: c:\programfiler\Java\j2re1.4.2_03\bin\NPJava12.dll FF - plugin: c:\programfiler\Java\j2re1.4.2_03\bin\NPJava13.dll FF - plugin: c:\programfiler\Java\j2re1.4.2_03\bin\NPJava14.dll FF - plugin: c:\programfiler\Java\j2re1.4.2_03\bin\NPJava32.dll FF - plugin: c:\programfiler\Java\j2re1.4.2_03\bin\NPJPI142_03.dll FF - plugin: c:\programfiler\Java\j2re1.4.2_03\bin\NPOJI610.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npLegitCheckPlugin.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npnul32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\NPOFFICE.DLL FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nppdf32.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nppl3260.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nprjplug.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\progra~1\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . - - - - TOMME PEKERE FJERNET - - - - AddRemove-Ad-Aware - c:\documents and settings\All Users\Programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe REMOVE=TRUE MODIFY=FALSE AddRemove-Public Messenger ver 2.03 - c:\programfiler\Video ActiveX Object\pmunst.exe AddRemove-RealPlayer 12.0 - c:\programfiler\Fellesfiler\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 AddRemove-Winamp Toolbar for Firefox - c:\documents and settings\Vennesla Bilteknikk\Programdata\Mozilla\Firefox\Profiles\epok67mb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe AddRemove-notify - c:\programfiler\License_Manager\license_manager.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-03 19:54 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_USERS\S-1-5-21-71361166-495779642-2794606089-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . Tidspunkt ferdig: 2009-12-03 19:56 ComboFix-quarantined-files.txt 2009-12-03 18:56 Pre-Run: 219 679 129 600 byte ledig Post-Run: 221 561 675 776 byte ledig WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe - - End Of File - - DE6B60E49167146F1476D8BEE473B8FF Fikk ikke installert Malwarebytes. Denne installasjonen stopper. Det samme skjer vis jeg installer andre programmmer. Endret 4. desember 2009 av Jonas2 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå