arlet- jeg havede både virus og trojan
jeg fulgte din vejledning på siden
http://www.arlet.dk/kaspersky.htmog da min computer både var langsom til at starte og der lagde sig startsider ind jeg ikke selv havede valgt
gjorde jeg hvad der stod.
og nu er min pc hurtig igen og har ikke virus mere
men gider du kikke på filen fra hijack..
Logfile of HijackThis v1.97.7
Scan saved at 13:04:23, on 17-02-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\COMETS~1\DM\bin\dmserver.exe
C:\WINDOWS\System32\PDesk\PDesk.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\WINDOWS\System32\alg.exe
D:\Programmer\iMesh\Client\iMeshClient.exe
d:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
d:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\mgabg.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\møller\Skrivebord\bla programmer\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://www.windowws.cc/sp.htm?id=5R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL =
http://drusearch.com/index4.htmlR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.signon.stofanet.dk/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://drusearch.com/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL =
http://drusearch.com/index4.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://drusearch.com/index4.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://drusearch.com/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://drusearch.com/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://drusearch.com/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.omega-search.com/go/panel_search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://teenhqpics.com/r/scr.phpR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
http://SIGNON.STOFANET.DK/PROXY.PACR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP =
http://www.boredlife.com/search/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {41353F8B-78CE-48A5-BE44-153ED293D192} - C:\Programmer\PopupPopper\PopLib.dll
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {FE6BC4EF-5676-484B-88AE-883323913256} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [DM_Server] C:\PROGRA~1\COMETS~1\DM\bin\dmserver.exe /onreboot
O4 - HKLM\..\Run: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbs
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [AVPCC] "C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus Personal\_avpcc.exe"
O4 - HKLM\..\Run: [THGuard] "D:\Programmer\TrojanHunter 3.8\THGuard.exe"
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] D:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\RunServices: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbs
O4 - HKCU\..\Run: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbs
O4 - Startup: iMesh.lnk = D:\Programmer\iMesh\Client\iMeshClient.exe
O4 - Global Startup: GStartup.lnk = ?
O4 - Global Startup: PrecisionTime.lnk = C:\Programmer\PrecisionTime\PrecisionTime.exe
O9 - Extra button: PopupPopper Kontrol Panel (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O13 - DefaultPrefix:
http://www.msn.com@showresult.com/search.php?O13 - WWW Prefix:
http://www.msn.com@showresult.com/search.php?O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabO16 - DPF: {197AB1D7-A7DD-4C86-A938-1FCC0DB21B85} (DMProxyCtl Class) -
http://dm.cometsystems.com/dm/dm_286.cabO16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -
http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1076429077774O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.6.cabO16 - DPF: {2CFB52FD-7CF2-479C-BF65-B27F8A834F31} (SecureSession Class) -
http://www.samsungtechwin.com/include/pki/SecuiTechIE.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com/download/cult.cabO16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} -
http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cabO16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www3.ca.com/virusinfo/webscan.cabO16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.napster.com/client/isetup.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38002.6717361111O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) -
https://www.stopzilla.com/_download/Auto_Installer/dwnldr.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabog hvis du gider hjælpe mig af med kaspersky også
så du fandme dagens helt