Just nu i M3-nätverket
Gå till innehåll

ASKJGH1245

Medlem
  • Antal inlägg

    16
  • Gick med

  • Senaste besök

    Aldrig
  1. förlåt för alla dubbelinlägg men vilket gratis anti virus program tycker du är det bästa?
  2. här kmr loggen (de vanliga pop-up fönstrena är fortfarande kvar): ComboFix 08-03-04.5 - Rubbes data 2008-03-05 16:44:29.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.652 [GMT 1:00] Running from: C:\Documents and Settings\Rubbes data\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BM3baeaa2c.xml C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\aguqevxn.ini C:\WINDOWS\system32\apidlisc.ini C:\WINDOWS\system32\bxoaqjla.ini C:\WINDOWS\system32\crlgyaku.ini C:\WINDOWS\system32\dftneayl.ini C:\WINDOWS\system32\frvxfvny.ini C:\WINDOWS\system32\gbgidntu.ini C:\WINDOWS\system32\gmkcgnni.ini C:\WINDOWS\system32\gnhjwhyr.ini C:\WINDOWS\system32\grfpyilt.ini C:\WINDOWS\system32\hebeoyjb.ini C:\WINDOWS\system32\hmumwyay.ini C:\WINDOWS\system32\hnpqmamm.ini C:\WINDOWS\system32\iykoxsdg.ini C:\WINDOWS\system32\jenssrdv.ini C:\WINDOWS\system32\jwmrngdp.ini C:\WINDOWS\system32\jydnvwbq.ini C:\WINDOWS\system32\kipsiwjc.ini C:\WINDOWS\system32\lmuywefs.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mrcwhkce.ini C:\WINDOWS\system32\mtmwlcwr.ini C:\WINDOWS\system32\nimhthgc.ini C:\WINDOWS\system32\nywrjwdw.ini C:\WINDOWS\system32\oivjdlfg.dll C:\WINDOWS\system32\pcobrwdd.ini C:\WINDOWS\system32\rgdxfetg.ini C:\WINDOWS\system32\rqstv.bak2 C:\WINDOWS\system32\rqstv.ini C:\WINDOWS\system32\rqstv.tmp C:\WINDOWS\system32\shghxwxt.ini C:\WINDOWS\system32\tbwigbru.ini C:\WINDOWS\system32\treykgxj.ini C:\WINDOWS\system32\ukafjrby.ini C:\WINDOWS\system32\uqrubbca.ini C:\WINDOWS\system32\vqgjamka.ini C:\WINDOWS\system32\yeyciqqr.ini C:\WINDOWS\system32\ynxlvndt.ini C:\WINDOWS\system32\yooffljw.ini . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\DomainService ((((((((((((((((((((((((( Files Created from 2008-02-05 to 2008-03-05 ))))))))))))))))))))))))))))))) . 2008-03-05 16:13 . 2004-08-10 13:00 388,608 --a------ C:\CF15311.exe 2008-03-04 19:45 . 2008-03-04 19:45 <DIR> d-------- C:\Program Files\Trend Micro 2008-03-04 18:56 . 2008-03-04 18:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-03-04 18:55 . 2008-03-04 18:56 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2008-03-04 18:55 . 2008-03-04 18:55 <DIR> d-------- C:\Documents and Settings\Rubbes data\Application Data\SUPERAntiSpyware.com 2008-02-21 15:29 . 2008-03-03 15:37 1,671,582 ---hs---- C:\WINDOWS\system32\dojpwrpe.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-05 15:48 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS 2008-03-05 15:31 --------- d-----w C:\Program Files\World of Warcraft 2008-03-04 17:55 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-02-18 15:09 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-16 21:51 --------- d-----w C:\Program Files\Toribash-3.04 2008-02-13 17:59 --------- d-----w C:\Program Files\Windows Live Toolbar 2007-01-06 01:23 5,380 ----a-w C:\Program Files\changelog.txt 2007-01-05 23:28 2,679,375 ----a-w C:\Program Files\DotA Allstars v6.39b.w3x . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:35 5724184] "BitComet"="C:\Program Files\BitComet\BitComet.exe" [ ] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:56 64512] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-21 05:07 7110656] "nwiz"="nwiz.exe" [2005-07-21 05:07 1519616 C:\WINDOWS\system32\nwiz.exe] "High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-17 16:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "Cmaudio"="cmicnfg.cpl" [] "Dit"="Dit.exe" [2004-07-20 18:18 90112 C:\WINDOWS\Dit.exe] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "Adobe"="C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" [2004-12-14 03:44 29696] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" [2006-10-12 03:10 49263] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576] "F-Secure Manager"="C:\Program Files\com hem security\Common\FSM32.exe" [2004-12-22 09:28 118832] "F-Secure TNB"="C:\Program Files\com hem security\TNB\TNBUtil.exe" [2005-01-25 16:13 684032] "F-Secure Startup Wizard"="C:\Program Files\com hem security\FSGUI\FSSW.exe" [2005-03-16 14:45 208896] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720] "389d99b0"="C:\WINDOWS\system32\gtefxdgr.dll" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\WINDOWS\\system32\\fxsclnt.exe"= "C:\\Program Files\\NetMeeting\\Conf.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Warcraft III\\Warcraft III.exe"= "C:\\Program Files\\MSN Gaming Zone\\Windows\\bckgzm.exe"= "C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"= "C:\\Program Files\\World of Warcraft\\WoW-2.0.12.6546-to-2.1.0.6692-enGB-downloader.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\com hem security\\backweb\\8910145\\Program\\fspex.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\World of Warcraft\\Launcher.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader "6112:TCP"= 6112:TCP:Blizzard Downloader "13734:TCP"= 13734:TCP:BitComet 13734 TCP "13734:UDP"= 13734:UDP:BitComet 13734 UDP "7139:TCP"= 7139:TCP:BitComet 7139 TCP "7139:UDP"= 7139:UDP:BitComet 7139 UDP [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-03-03 14:19] R2 BackWeb Plug-in - 8910145;com hem security;C:\PROGRA~1\COMHEM~1\backweb\8910145\Program\SERVIC~1.EXE [2007-06-26 14:48] R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\com hem security\Anti-Virus\Win2K\FSfilter.sys [2003-11-14 17:52] R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\com hem security\Anti-Virus\Win2K\FSgk.sys [2007-06-26 15:00] R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\com hem security\Anti-Virus\Win2K\FSrec.sys [2003-02-06 13:32] R3 3xHybrid;Pinnacle PCTV 300i Stereo DVB-T;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-09-02 14:43] R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 13:39] S2 FSIHS;F-Secure Installer restarter;"C:\WINDOWS\TEMP\Installer\00000001\bootstrap\fsihs.exe" [] S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-03-05 16:48] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \Shell\AutoRun\command - F:\autoplay.exe . Contents of the 'Scheduled Tasks' folder "2007-07-27 07:28:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-03-05 14:42:02 C:\WINDOWS\Tasks\Scheduled scanning task.job" - C:\PROGRA~1\COMHEM~1\ANTI-V~1\fsav.exeZ /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\COMHEM~1\ANTI-V~1\report.txt . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-05 16:49:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\com hem security\Anti-Virus\fsgk32st.exe C:\Program Files\com hem security\backweb\8910145\program\fsbwsys.exe C:\Program Files\com hem security\Anti-Virus\FSGK32.EXE C:\Program Files\com hem security\Anti-Virus\fssm32.exe C:\Program Files\com hem security\Common\FSMA32.EXE C:\Program Files\com hem security\Common\FSMB32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\com hem security\Common\FCH32.EXE C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\com hem security\Common\FAMEH32.EXE C:\WINDOWS\system32\dllhost.exe C:\Program Files\com hem security\FWES\Program\fsdfwd.exe C:\Program Files\com hem security\Anti-Virus\fsav32.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\com hem security\FSGUI\fsguiexe.exe . ************************************************************************** . Completion time: 2008-03-05 16:51:05 - machine was rebooted [Rubbes data] ComboFix-quarantined-files.txt 2008-03-05 15:51:01 . 2008-02-13 19:02:02 --- E O F ---
  3. Tack för era svar, jag ska göra som ni sagt och loggen kmr inom kort.
  4. här är loggen (vet dock inte om jag gjorde som det var tänkt): Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:46:46, on 2008-03-04 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMHEM~1\backweb\8910145\Program\SERVIC~1.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\com hem security\Anti-Virus\fsgk32st.exe C:\Program Files\com hem security\Anti-Virus\FSGK32.EXE C:\Program Files\com hem security\backweb\8910145\program\fsbwsys.exe C:\Program Files\com hem security\Common\FSMA32.EXE C:\Program Files\com hem security\Anti-Virus\fssm32.exe C:\Program Files\com hem security\Common\FSMB32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\Dit.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\com hem security\Common\FSM32.EXE C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\com hem security\Common\FCH32.EXE C:\Program Files\com hem security\Common\FAMEH32.EXE C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\com hem security\FWES\Program\fsdfwd.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\com hem security\Anti-Virus\fsav32.exe C:\Program Files\com hem security\FSGUI\fsguiexe.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe C:\Program Files\com hem security\backweb\8910145\Program\fspex.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.restoredhomepage.com/?cm=911038&lt=2&it=2007-11-29%2008%3A34%3A37&dt=2007-12-01%2012%3A35%3A28&q=http://go.microsoft.com/fwlink/?linkid=677 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.elkjop.no O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe] C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\com hem security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\com hem security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\com hem security\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [389d99b0] rundll32.exe "C:\WINDOWS\system32\gtefxdgr.dll",b O4 - HKLM\..\Run: [bM3baeaa2c] Rundll32.exe "C:\WINDOWS\system32\oivjdlfg.dll",s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing O14 - IERESET.INF: START_PAGE_URL=http://www.elkjop.no O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {274967E8-7BE3-4195-B719-CFE8878B2E39} (FotolaboUploader Control) - http://web1.ifi.fi/WebUpload/ActiveX/FotolaboUploader.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127724859466 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: com hem security (BackWeb Plug-in - 8910145) - Unknown owner - C:\PROGRA~1\COMHEM~1\backweb\8910145\Program\SERVIC~1.EXE O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\qlrtuyam.exe (file missing) O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\com hem security\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\com hem security\backweb\8910145\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\com hem security\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Installer restarter (FSIHS) - Unknown owner - C:\WINDOWS\TEMP\Installer\00000001\bootstrap\fsihs.exe (file missing) O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\com hem security\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7470 bytes
  5. ok, nej i felsäkert läge körde jag inte, ska jag göra det med denna?
  6. Nu har jag kört en virus scann i programmet (full scann) och när jag startade om datorn så fick jag ett nytt meddelande där det stog "RUNDLL" "Det gick inte att läsa in C:\WINDOWS\system32\gtefxdgr.dll" samt att den vanliga skylten också kom "Runner Error" "Runner file name (fspex.exe) lacks a - (the app id separator)".
  7. Hej. Jag har sen några månader tilbaka haft ett virusangrepp på min dator, när jag sedan för några dagar sen lånade några pc för alla tidningar på bibloteket så såg jag att ni hade detta forum, skulle vara väldigt tacksam för svar. Till att börja med så tar det mkt mkt längre tid att starta upp datorn och alla program än tidigare och jag får alltid en pop-up efter några sekunder där det står "Runner Error" "Runner file name (fspex.exe) lacks a - (the app id separator)". När jag är ute på internet tex denna sida så byts vissa bilder ut mot en text där det står ngt i stil med "Click here to download a free virus scann" eller "Your computer is infected, click here for a free scann", givetvis trycker jag inte på dessa eftersom de helt uppenbart är virus infekterade. När jag försöker spela spel tex BF2 eller WOW så hänger de sig när de försöker ansluta sig. För några månader sedan så var det riktigt riktigt illa och gick knappt att starta datorn, då ringde jag supporten för datorn och de sa att jag skulle göra en system återställning från det att datorn var helt fri från virus, detta gjorde jag men trojanen verkar ha överleft och det är nästan lika illa nu igen. jag har försökt med ett antal olika virus program å som F-secure men de säger bara "Det gick inte att ta bort, Filen bytte namn". Hoppas ni vet ngt som kan lösa detta, tack på förhand. /Ruben W
×
×
  • Skapa nytt...