Gå till innehåll

jacozer

Medlem
 Visa profil  Visa deras aktivitet

  • Innehållsantal

    2

  • Gick med

  • Besökte senast

 Innehållstyp 

Inlägg postade av jacozer

    Virus hjälp! Limit.exe

    i Borttagning av virus och andra skadliga program

    Postad

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 21:51:45, on 2008-12-29

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16762)

    Boot mode: Normal

    Running processes:

    C:WINDOWSSystem32smss.exe

    C:WINDOWSsystem32csrss.exe

    C:WINDOWSsystem32winlogon.exe

    C:WINDOWSsystem32services.exe

    C:WINDOWSsystem32lsass.exe

    C:WINDOWSsystem32Ati2evxx.exe

    C:WINDOWSsystem32svchost.exe

    C:WINDOWSsystem32svchost.exe

    C:WINDOWSSystem32svchost.exe

    C:WINDOWSsystem32svchost.exe

    C:WINDOWSsystem32svchost.exe

    C:WINDOWSsystem32svchost.exe

    C:WINDOWSsystem32spoolsv.exe

    C:ProgramSonyShared Plug-InsMedia ManagerMSSQL$SONY_MEDIAMGRBinnsqlservr.exe

    C:NormanBinZanda.exe

    C:WINDOWSSystem32spoolDRIVERSW32X863HP1006MC.EXE

    C:WINDOWSsystem32PnkBstrA.exe

    C:WINDOWSsystem32PnkBstrB.exe

    C:WINDOWSsystem32svchost.exe

    C:NormanbinNJEEVES.EXE

    C:NormanNvcBINNVCSCHED.EXE

    C:NormanNvcBINnipsvc.exe

    C:WINDOWSSystem32alg.exe

    C:WINDOWSSystem32svchost.exe

    C:WINDOWSsystem32Ati2evxx.exe

    C:WINDOWSExplorer.EXE

    C:WINDOWSSOUNDMAN.EXE

    C:ProgramATI TechnologiesATI.ACEcli.exe

    C:NormanBinZLH.EXE

    C:WINDOWSsystem32LVCOMSX.EXE

    C:ProgramD-Toolsdaemon.exe

    C:ProgramMicrosoft IntelliPointipoint.exe

    C:ProgramANIANIWZCS2 ServiceWZCSLDR2.exe

    C:ProgramD-LinkD-Link Wireless N DWA-140AirNCFG.exe

    C:ProgramJavajre1.6.0_05binjusched.exe

    C:ProgramMSN MessengerMsnMsgr.Exe

    C:NormanNvcBINNIP.EXE

    C:WINDOWSsystem32ctfmon.exe

    D:Steam.exe

    C:ProgramATI TechnologiesATI.ACEcli.exe

    C:ProgramATI TechnologiesATI.ACEcli.exe

    C:ProgramInternet Exploreriexplore.exe

    C:NormanNvcBINNVCOD.EXE

    C:ProgramTrend MicroHijackThisHijackThis.exe

    C:ProgramTrend MicroHijackThisjacozer.exe

    C:WINDOWSsystem32wbemwmiprvse.exe

    R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.bsplayer-search.com/startpage

    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar

    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:ProgramYahoo!CompanionInstallscpnyt.dll

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre1.6.0_05binssv.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programgooglegoogletoolbar2.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:ProgramYahoo!CompanionInstallscpnyt.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programgooglegoogletoolbar2.dll

    O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:ProgramBS.Player ControlBarBSToolbar.dll

    O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE

    O4 - HKLM..Run: [ATICCC] "C:ProgramATI TechnologiesATI.ACEcli.exe" runtime -Delay

    O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe

    O4 - HKLM..Run: [Norman ZANDA] C:NormanBinZLH.EXE /LOAD /SPLASH

    O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE

    O4 - HKLM..Run: [DAEMON Tools-1033] "C:ProgramD-Toolsdaemon.exe"  -lang 1033

    O4 - HKLM..Run: [intelliPoint] "C:ProgramMicrosoft IntelliPointipoint.exe"

    O4 - HKLM..Run: [ANIWZCS2Service] C:ProgramANIANIWZCS2 ServiceWZCSLDR2.exe

    O4 - HKLM..Run: [D-Link D-Link Wireless N DWA-140] C:ProgramD-LinkD-Link Wireless N DWA-140AirNCFG.exe

    O4 - HKLM..Run: [sunJavaUpdateSched] "C:ProgramJavajre1.6.0_05binjusched.exe"

    O4 - HKLM..Run: [] C:WINDOWSsystem32MSCONFIG.EXE

    O4 - HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

    O4 - HKCU..Run: [MsnMsgr] "C:ProgramMSN MessengerMsnMsgr.Exe" /background

    O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe

    O4 - HKCU..Run: [steam] "D:Steam.exe" -silent

    O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')

    O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')

    O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')

    O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:ProgramAdobeAcrobat 7.0Readerreader_sl.exe

    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe

    O4 - Global Startup: Microsoft Office.lnk = C:ProgramMicrosoft OfficeOffice10OSA.EXE

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_05binssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_05binssv.dll

    O9 - Extra button: Gnuf Poker - {A99C8F70-4D5B-482c-8854-05BC0BB8B182} - C:ProgramGnufPokerMPPoker.exe

    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:ProgramDelade filerMicrosoft SharedEncarta Search BarENCSBAR.DLL

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgramPartyGamingPartyPokerRunApp.exe (file missing)

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgramPartyGamingPartyPokerRunApp.exe (file missing)

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe (file missing)

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe (file missing)

    O9 - Extra button: NordicBet - {00000000-0000-0000-0000-000000000000} - C:MicroGamingPokerNordicBetMPPMPPoker.exe (HKCU)

    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1144090676562

    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u...ows-i586-jc.cab

    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:ProgramANIANIWZCS2 ServiceANIWZCSdS.exe

    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:ProgramGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe

    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:NormanNvcBINnipsvc.exe

    O23 - Service: Norman NJeeves - Unknown owner - C:NormanbinNJEEVES.EXE

    O23 - Service: Norman ZANDA - Unknown owner - C:NormanBinZanda.exe

    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:NormanNvcbinnvcoas.exe

    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:NormanNvcBINNVCSCHED.EXE

    O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe

    O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe

    --

    End of file - 8813 bytes

    Hoppas de hjälper för att hitta problemet!

    Tack för att ni försöker!!

    Virus hjälp! Limit.exe

    i Borttagning av virus och andra skadliga program

    Postad

    *********************************************

    2009-01-07:

    Tråden är nu låst.

    Tycker du att den är felaktigt låst, var god kontakta

    Malou

    *********************************************

    Tjenare!

    Har fått ett virus som heter limit.exe  när jag startar datorn kommer de upp en popup där en timer från 15 min tickar ned, när den är på 0 så stängs datorn av. den låster även regedit,task,cmd,msconfig. 

    Lyckades tanka hem backup filer på en sida på msconfig,regedit,task och jag starta task och tog bort processen msconfig.exe då försvann timerna iaf, men när jag startar datorn kommer samma upp, så viruset är inte borta.

    AVG går ej att installera viruset blocker någon regfil

    malwarebytes antimalware hittade inget.

    behöver hjälp!

    MVH!!

×
×
  • Skapa nytt...