win32 Skrevet 10. januar 2007 Rapporter Del Skrevet 10. januar 2007 (endret) i det siste har pcen min blitt veldig treg, og det hender titt og ofte at programmene mine "ikke svarer" og avsluttes dette problemet kom for kanskje 4-5 dager siden, og da kom avast! bipende med alarmer og ulte om at jeg hadde fått virus, som ble fjernet. Så gikk det 2-3 dager fram til i går, pcen ble igjen veldig treg, har kjørt med avast! og Ad-Aware, og sistnevnte fant 13 spyware i form av cookies eller noe slikt. problemet er at den fortsatt er treg, programmene svarer ikke og jeg blir irritert siden problemene oppstod har jeg også fått endel nye prosesser, har 40-45 no mens jeg hadde rundt 25-30 før disse problemene. en prosess som jeg VET er ny, er en som heter ASH+ mange forskjellige etternavn, blandt annen ASHSMPL.exe håper at det er noen der ute som har litt peiling og muligens har en idè til hva jeg kan gjøre? -win32 Endret 11. januar 2007 av win32 Lenke til kommentar
CCola Skrevet 11. januar 2007 Rapporter Del Skrevet 11. januar 2007 Oppdater Antivirusen, søk etter virus. Og last ned Spyware/Adware. Jeg anbefaler Adware. Her finner du noen treff. Oppdater Adware'en, og scan. Deretter restart. Lenke til kommentar
norbat Skrevet 11. januar 2007 Rapporter Del Skrevet 11. januar 2007 Anbefaler https://www.diskusjon.no/index.php?showtopic=691246 Lenke til kommentar
win32 Skrevet 11. januar 2007 Forfatter Rapporter Del Skrevet 11. januar 2007 ok takk, skal prøve litt Lenke til kommentar
win32 Skrevet 11. januar 2007 Forfatter Rapporter Del Skrevet 11. januar 2007 har nå kjørt ccleaner og hjt, ccleaner hjalp egentlig ikke så mye, så jeg poster hjt-log, noen som gidder ta seg tid til å se over? Logfile of HijackThis v1.99.1 Scan saved at 14:03:31, on 11.01.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe C:\Programfiler\ASUS\ASUS Remote\RemoteControlAppl.exe C:\WINDOWS\system32\qttask.exe C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Programfiler\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programfiler\Cyberlink\Shared files\RichVideo.exe C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\System32\msiexec.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\DOCUME~1\sjefen\LOKALE~1\Temp\Rar$EX00.860\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iSUSPM] C:\Programfiler\Fellesfiler\InstallShield\UpdateService\ISUSPM.exe -scheduler O4 - HKLM\..\Run: [RemoteControl] C:\Programfiler\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [PCMService] "C:\Programfiler\CyberLink\PowerCinema\PCMService.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1167532558921 O18 - Protocol: bw+0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {D89BBE89-2827-4F3F-8AF6-039042CE4E8B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programfiler\Cyberlink\Shared files\RichVideo.exe Lenke til kommentar
norbat Skrevet 11. januar 2007 Rapporter Del Skrevet 11. januar 2007 Avinstaller fra legg til /fjern programmer: Logitech desktop messenger Kjør HJT og fix: Alle O18 - Protocol: bw (med Logitech desktop messenger) Last ned DrWeb Restart i sikker modus (tapp f8 under oppstart) Kjør drweb-cureit.exe (si ja til å kjøre en express scan) Når dette er ferdig klikker du på Option -> Change settings. Under fanearket Scan, fjerner du haken ved Heuristic analysis. Under fanearket Actions, skal alle punkt under Malware settes til Rename. Velg partisjon du vil scanne og klikk deretter på den grønne pilen for å starte scanningen. Velg "yes to all" når det finner noe for første gang. Når scanningen er ferdig, trykk 'file' – trykk 'Save Report list'. Det vil da ligge en fil som heter "drweb.csv" på skrivebordet. Restart i normal modus Post en ny HJT-logg (NB! Forandre navnet hijackthis.exe til noe annet, f.eks. test.exe, før du kjører programmet) samt loggen fra Drweb. Lenke til kommentar
win32 Skrevet 11. januar 2007 Forfatter Rapporter Del Skrevet 11. januar 2007 okey takk for svar, ser den clean ut ellers? Lenke til kommentar
win32 Skrevet 11. januar 2007 Forfatter Rapporter Del Skrevet 11. januar 2007 ok her er jeg igjen drweb: ChrisTV.exe;C:\Programfiler\ChrisTV Lite;Probably BACKDOOR.Trojan;; SetupDTSB.exe;C:\Programfiler\DAEMON Tools;Adware.SaveNow;; HJT: Logfile of HijackThis v1.99.1 Scan saved at 19:19:37, on 11.01.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programfiler\Cyberlink\Shared files\RichVideo.exe C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\WINDOWS\System32\svchost.exe C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe C:\Programfiler\ASUS\ASUS Remote\RemoteControlAppl.exe C:\WINDOWS\system32\qttask.exe C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\System32\msiexec.exe C:\Programfiler\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\sjefen\Skrivebord\hijackthis\test.exe.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iSUSPM] C:\Programfiler\Fellesfiler\InstallShield\UpdateService\ISUSPM.exe -scheduler O4 - HKLM\..\Run: [RemoteControl] C:\Programfiler\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [PCMService] "C:\Programfiler\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_10\bin\ssv.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1167532558921 O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programfiler\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programfiler\Cyberlink\Shared files\RichVideo.exe Lenke til kommentar
norbat Skrevet 11. januar 2007 Rapporter Del Skrevet 11. januar 2007 (endret) Loggen ser fin ut Virker pc'n fortsatt treg og plages du fortsatt med programmene som lukker seg? Du kan prøve dette: Klikk Start -> Kjør, skriv: sfc /scannow (oppirom mellom sfc og / ) Du trenger winXP cd'n Endret 11. januar 2007 av norbat Lenke til kommentar
win32 Skrevet 11. januar 2007 Forfatter Rapporter Del Skrevet 11. januar 2007 ok skal prøve det takk ja den er fortsatt veldig treg, mer og mer synes no jeg Lenke til kommentar
norbat Skrevet 15. januar 2007 Rapporter Del Skrevet 15. januar 2007 Har det skjedd noe etter sfc /scannow? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå