Just nu i M3-nätverket
Jump to content

nu har jag fått virus igen!!!


tob_ekl

Recommended Posts

hej. datorn är väldigt långsam plötsligt särskillt på internet, så jag har väl fått virus.

 

trendmicro funkar inte.

panda går det inte att rensa virus med.

finns något annat bra onlinescanprogram?

 

eller vad göra? tack på förhand. tobbe

 

Link to comment
Share on other sites

Testa att köra en onlinescan här,http://www.kaspersky.com/virusscanner

Skulle detta inte heller funka,så är det dags för HijackThis

 

http://www.majorgeeks.com/download3155.html

Installera,kör,scanna,spara loggen i en egen mapp,men inte på

skrivbordet.

 

I ditt svar bifogar du HijackThis-loggen på följande sätt

 

Tryck på LOG-knappen i besvara-fönstret

Klistra in loggen

Tryck på LOG-knappen igen

 

Så kan någon av experterna här på forumet ta en titt

på loggen.

 

[inlägget ändrat 2006-11-18 15:18:17 av Brynäsarn]

Link to comment
Share on other sites

jag körde kaspersky och den hittade elva virus men det går ju inte att rensa med det onlineprogrammet..

 

hur ska jag göra nu? köra hijack ändå?

 

 

Link to comment
Share on other sites

här kommer hijack loggen. kaspersky håller jag på att köra igen för jag stängde ner det..

 

[log]

 

Logfile of HijackThis v1.99.1

Scan saved at 18:00:51, on 2006-11-18

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Java\jre1.5.0_09\bin\jusched.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\WINDOWS\system32\Smartscaps.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\ATI Technologies\ATI.ACE\cli.exe

C:\Program\ATI Technologies\ATI.ACE\cli.exe

C:\Program\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Program\Skype\Phone\Skype.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\Program\MICROS~2\Office10\OUTLOOK.EXE

C:\Program\Messenger\msmsgs.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\hijack this\HijackThis.exe

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dll

O3 - Toolbar: MSN Verktygslåda - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar\01.01.1601.0\sv\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar3.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ATICCC] "C:\Program\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_09\bin\ssv.dll

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -

 

http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -

O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.virustest.se/cod/cabs/cssweb.cab

O16 - DPF: {C8CE8EAB-8B03-484B-B348-A2442D38E7AF} (Intermezzon Player Control) - http://download.intermezzon.com/3.3/designerplayer.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -

 

http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4899/mcfscan.cab

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel

 

32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: SmartTrust Smart Card Server (Smartscaps) - SmartTrust - C:\WINDOWS\system32\Smartscaps.exe

 

[/log]

 

Link to comment
Share on other sites

här är kasperskys:

 

[log]

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Saturday, November 18, 2006 7:09:31 PM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 18/11/2006

Kaspersky Anti-Virus database records: 229056

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: standard

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

A: C: D: E: F:

Scan Statistics:

Total number of scanned objects: 71080

Number of viruses found: 11

Number of infected objects: 35 / 0

Number of suspicious objects: 0

Duration of the scan process: 00:56:57

 

Infected Object Name / Virus Name / Last Action

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Lokala inställningar\Tidigare\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Tobbe\.housecall\Quarantine\Hidden and Dangerous 2 NO CD Crack.exe.bac_a02460 Infected: P2P-Worm.Win32.Tibick.d skipped

C:\Documents and Settings\Tobbe\.housecall\Quarantine\javainstaller.jar-5aa0b436-7225b280.zip.bac_a02376/javainstaller/InstallerApplet.class Infected: Trojan-Downloader.Java.OpenStream.w skipped

C:\Documents and Settings\Tobbe\.housecall\Quarantine\javainstaller.jar-5aa0b436-7225b280.zip.bac_a02376 ZIP: infected - 1 skipped

C:\Documents and Settings\Tobbe\.housecall\Quarantine\javainstaller.jar-5aa0b436-7225b280.zip.bac_a02376 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Tobbe\Application Data\Microsoft\Outlook\Tobias.srs Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\cert8.db Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\formhistory.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\history.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\key3.db Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Mozilla\Firefox\Profiles\2toe3det.default\parent.lock Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\call256.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\callmember256.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\chat512.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\chatmsg1024.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\chatmsg256.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\chatmsg512.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\contactgroup256.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\index2.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\profile4096.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\transfer256.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\transfer512.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\user1024.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\user16384.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\user4096.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Application Data\Skype\tobiaseklund\voicemail256.dbb Object is locked skipped

C:\Documents and Settings\Tobbe\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Application Data\ApplicationHistory\cli.exe.65d44588.ini.inuse Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Application Data\Microsoft\Outlook\archive.pst Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Application Data\Microsoft\Outlook\Outlook2.pst Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Temp\Perflib_Perfdata_770.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Temp\Perflib_Perfdata_a54.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Temp\Perflib_Perfdata_a60.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Tidigare\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Tobbe\Lokala inställningar\Tidigare\History.IE5\MSHist012006111820061119\index.dat Object is locked skipped

C:\Documents and Settings\Tobbe\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Tobbe\ntuser.dat.LOG Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077295.dll Infected: not-virus:Hoax.Win32.Renos.ej skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077296.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077298.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077321.dll Infected: not-virus:Hoax.Win32.Renos.ej skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077322.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077323.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077329.exe Infected: not-virus:Hoax.Win32.Renos.fh skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077330.exe Infected: Trojan-Downloader.Win32.Zlob.alm skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077333.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077339.dll Infected: not-virus:Hoax.Win32.Renos.du skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077355.dll Infected: not-virus:Hoax.Win32.Renos.ej skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077356.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077357.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077365.dll Infected: not-virus:Hoax.Win32.Renos.ej skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077366.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077367.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077381.dll Infected: Trojan-Downloader.Win32.Zlob.aeg skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP376\A0077388.exe Infected: Trojan-Downloader.Win32.Zlob.aco skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP377\A0077402.exe Infected: Trojan-Downloader.Win32.Zlob.aco skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP377\A0077414.dll Infected: not-virus:Hoax.Win32.Renos.ej skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP377\A0077415.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP377\A0077416.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP378\A0077430.dll Infected: not-virus:Hoax.Win32.Renos.ej skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP378\A0077431.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP378\A0077432.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP379\A0081494.dll Infected: not-virus:Hoax.Win32.Renos.ej skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP379\A0081495.exe Infected: Trojan-Downloader.Win32.Zlob.aed skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP379\A0081497.exe Infected: not-virus:Hoax.Win32.Renos.fh skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP379\A0081498.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP379\A0081499.exe Infected: Trojan-Downloader.Win32.Zlob.yt skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP385\A0082270.exe Infected: Virus.Win32.VB.ab skipped

C:\System Volume Information\_restore{47A6BC11-64C5-4AF8-B8B3-03095110E635}\RP453\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{9DA41D6A-9473-4356-8D43-D79C28804B53}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

Scan process completed.

 

[/log]

 

Link to comment
Share on other sites

C:\System Volume Information\_restore är stället där systemåterställningsfunktionen lagrar olika systemåterställningspunkter. Det betyder att medan din dator var infekterad så skapade Windows en systemåterställningspunkt. Så länge som otrevligheterna ligger i den mappen så är de ofarliga. Däremot så om du återställer till en tidpunkt då datorn var infekterad så blir även otrevligheterna återställda.

 

Du kan ta bort samtliga systemåterställningspunkter genom att stänga av systemåterställningsfunktionen, starta om datorn och så slå på funktionen igen. Systemåterställningsfunktionen slår man av och på här:

Högerklick på Den här datorn - Egenskaper - Systemåterställning.

 

Förutom ovanstående så hittar Kaspersky bara otrevligheter i Housecalls karantän, dvs filer som Housecall har tagit bort från deras ursprungliga plats.

 

Jag ser inget otrevligt i loggen, dock så vet jag inte om detta är något pålitligt:

O16 - DPF: {C8CE8EAB-8B03-484B-B348-A2442D38E7AF} (Intermezzon Player Control) - http://download.intermezzon.com/3.3/designerplayer.cab

Är det en webbplats du känner till och brukar besöka?

 

Har du fortfarande problem? I så fall installera en brandvägg så att du är säker på att upptäcka om något otrevligt vill ut på internet, t ex gratis ZoneAlarm:

http://www.zonelabs.com/store/content/home.jsp

 

 

Link to comment
Share on other sites

Skanna med HijackThis och bocka för:

 

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -

O16 - DPF: {C8CE8EAB-8B03-484B-B348-A2442D38E7AF} (Intermezzon Player Control) - http://download.intermezzon.com/3.3/designerplayer.cab

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn.

 

Installera ett antivirusprogram. Finns gratis från t ex Avast, Antivir och AVG.

 

Här kommer mina vanliga råd för en säkrare dator, men det är så klart viktigt att man använder sitt förnuft också.

 

Uppdatera från Windows Update och kör antispionprogrammen AVG Anti-Spyware (Ewido), Spybot S&D och/eller Ad-aware regelbundet.

http://www.ewido.net/en/

http://www.safer-networking.org/en/download/index.html

http://www.lavasoft.com

 

Komplettera antivirusprogrammet med några online-skanningar då och då:

http://housecall.trendmicro.com/

http://www.bitdefender.com/scan8/ie.html

http://www.pandasoftware.com/products/activescan/

 

Använd en brandvägg (bättre än den inbyggda i XP), finns gratis från t ex ZoneLabs.

http://www.zonelabs.com/store/content/home.jsp

 

Om man använder Internet Explorer så kan det vara lämpligt att ha programmen SpywareBlaster och SpywareGuard, vilka hindrar en hel del otrevliga program från att laddas ner resp. köras:

http://www.javacoolsoftware.com

 

Se över säkerhetsinställningarna i Internet Explorer, det finns en hel del tips här:

http://www.spywarewarrior.com/uiuc/btw/ie/ie-opts.htm

 

Samt kör IE-SpyAd som lägger en hel massa otrevliga webbplatser i zonen Ej tillförlitliga i Internet Explorer så att de inte kan göra något med datorn:

http://www.spywarewarrior.com/uiuc/resource.htm

 

Om man byter webbläsare så är det bara SpywareGuard som behövs. Andra webbläsare är t ex Mozilla Firefox och Opera:

http://www.mozilla.org

http://www.opera.com

 

Allt gratis för hemanvändare/personligt bruk.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...