slaraffen Skrevet 22. august 2010 Del Skrevet 22. august 2010 Jeg var dum nok til å installere en såkalt DISLIKE button på Facebook- før det ble annonsert at dette var malware eller noe ondsinnet kode som skulle ha blitt lagt inn med det, Hadde da Firefox.. Etter dette funket Facebook dårlig og ellers gikk maskinenetregt i det hele. Har avinstalert Firefox og provd med Opera og IE med samme resultat. Bruker Norman Antivirus og har renset med ccleaner uten hjelp. Har noen en løsning eller svar på hva som kan gjøres ???? På forhånd takk Slaraffen Lenke til kommentar
Kris Skrevet 22. august 2010 Del Skrevet 22. august 2010 https://www.diskusjon.no/index.php?showtopic=691246 Gjør det som står der Lenke til kommentar
slaraffen Skrevet 22. august 2010 Forfatter Del Skrevet 22. august 2010 Takk for hjelpa er i ferd med dette nå -- Hvor sender jeg i tilfelle loggen ? Lenke til kommentar
slaraffen Skrevet 22. august 2010 Forfatter Del Skrevet 22. august 2010 Kan noen hjelpe meg utfraa disse MBAM og Combofix / DDS ComboFix 10-08-21.06 - Alf Gunnar 22.08.2010 20:07:51.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.1013.469 [GMT 2:00] Kjøraer fra: c:\documents and settings\Alf Gunnar\Skrivebord\ComboFix.exe AV: Norman Security Suite *On-access scanning enabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1} FW: Norman Security Suite *disabled* {83B29CE9-9DE2-2CB5-9AB3-780D70FF12B0} * Anti-virus er aktiv ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-07-22 til 2010-08-22 ))))))))))))))))))))))))))))))))) . 2010-08-22 17:49 . 2010-08-22 17:49 -------- d-----w- c:\documents and settings\Alf Gunnar\Programdata\Malwarebytes 2010-08-22 17:48 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-22 17:48 . 2010-08-22 17:48 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2010-08-22 17:48 . 2010-08-22 17:48 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2010-08-22 17:48 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-22 10:12 . 2010-08-22 18:00 -------- d--h--r- c:\documents and settings\Alf Gunnar\Siste 2010-08-19 20:07 . 2010-08-19 20:07 -------- d-sh--w- c:\documents and settings\Alf Gunnar\PrivacIE 2010-08-19 19:51 . 2010-08-19 19:51 -------- d-sh--w- c:\documents and settings\Alf Gunnar\IETldCache 2010-08-19 19:48 . 2010-08-21 00:04 -------- d-----w- c:\windows\ie8updates 2010-08-19 19:40 . 2010-08-19 19:42 -------- dc-h--w- c:\windows\ie8 2010-08-19 19:34 . 2010-06-24 12:27 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-08-19 19:34 . 2010-06-24 12:27 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-08-19 19:34 . 2010-06-24 12:27 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-08-19 19:33 . 2010-06-18 11:39 16896 -c----w- c:\windows\system32\dllcache\iecompat.dll 2010-08-17 21:56 . 2010-05-19 07:37 67664 ----a-w- c:\windows\system32\drivers\ale_nf64.sys 2010-08-17 21:56 . 2010-05-19 07:36 60960 ----a-w- c:\windows\system32\drivers\ale_nf.sys 2010-08-17 21:56 . 2010-05-10 08:13 376136 ----a-w- c:\windows\system32\drivers\tdi_nf.sys 2010-08-17 21:56 . 2010-06-21 12:54 48272 ----a-w- c:\windows\system32\drivers\nnetsec.sys 2010-08-17 21:56 . 2010-05-28 10:40 30584 ----a-w- c:\windows\system32\drivers\nnetsecl.sys 2010-08-17 21:56 . 2010-05-25 12:28 34192 ----a-w- c:\windows\system32\drivers\nnetsecl64.sys 2010-08-08 23:57 . 2010-08-08 23:57 -------- d-----w- c:\programfiler\Fellesfiler\Java 2010-08-07 15:29 . 2010-07-19 18:39 875296 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\JRERunOnce.exe 2010-08-04 21:51 . 2010-08-04 21:51 503808 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59013926-n\msvcp71.dll 2010-08-04 21:51 . 2010-08-04 21:51 499712 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59013926-n\jmc.dll 2010-08-04 21:51 . 2010-08-04 21:51 348160 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59013926-n\msvcr71.dll 2010-08-04 21:51 . 2010-08-04 21:51 61440 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-57095732-n\decora-sse.dll 2010-08-04 21:51 . 2010-08-04 21:51 12800 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-57095732-n\decora-d3d.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-22 09:55 . 2009-09-25 22:43 -------- d-----w- c:\programfiler\Opera 2010-08-14 08:40 . 2009-11-30 20:27 -------- d-----w- c:\programfiler\Norman 2010-08-11 21:41 . 2008-08-26 04:54 76990 ----a-w- c:\windows\system32\perfc014.dat 2010-08-11 21:41 . 2008-08-26 04:54 438852 ----a-w- c:\windows\system32\perfh014.dat 2010-08-09 19:38 . 2009-10-03 21:49 -------- d-----w- c:\programfiler\CCleaner 2010-08-08 23:57 . 2010-04-02 08:02 -------- d-----w- c:\programfiler\Java 2010-07-17 03:00 . 2010-05-01 07:40 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-30 12:33 . 2008-08-26 04:53 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2008-08-26 04:53 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:03 . 2008-08-26 04:53 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2008-08-26 04:53 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2008-08-26 04:53 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2008-08-25 20:07 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2008-08-26 04:53 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr 2010-06-03 02:13 . 2010-06-03 02:13 503808 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-60747d3d-n\msvcp71.dll 2010-06-03 02:13 . 2010-06-03 02:13 499712 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-60747d3d-n\jmc.dll 2010-06-03 02:13 . 2010-06-03 02:13 348160 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-60747d3d-n\msvcr71.dll 2010-05-26 21:51 . 2010-05-26 21:51 61440 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70610c2d-n\decora-sse.dll 2010-05-26 21:51 . 2010-05-26 21:51 12800 ----a-w- c:\documents and settings\Alf Gunnar\Programdata\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70610c2d-n\decora-d3d.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{6341761b-babe-406d-b0d6-8d99b81c2ee5}"= "c:\programfiler\Answers.com\tbAns1.dll" [2010-05-14 2515552] [HKEY_CLASSES_ROOT\clsid\{6341761b-babe-406d-b0d6-8d99b81c2ee5}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6341761b-babe-406d-b0d6-8d99b81c2ee5}] 2010-05-14 04:08 2515552 ----a-w- c:\programfiler\Answers.com\tbAns1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{6341761b-babe-406d-b0d6-8d99b81c2ee5}"= "c:\programfiler\Answers.com\tbAns1.dll" [2010-05-14 2515552] [HKEY_CLASSES_ROOT\clsid\{6341761b-babe-406d-b0d6-8d99b81c2ee5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{6341761B-BABE-406D-B0D6-8D99B81C2EE5}"= "c:\programfiler\Answers.com\tbAns1.dll" [2010-05-14 2515552] [HKEY_CLASSES_ROOT\clsid\{6341761b-babe-406d-b0d6-8d99b81c2ee5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "MGSysCtrl"="c:\programfiler\System Control Manager\MGSysCtrl.exe" [2008-07-29 684032] "ITSecMng"="c:\programfiler\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136] "Norman ZANDA"="c:\programfiler\Norman\Npm\Bin\ZLH.EXE" [2010-01-29 189824] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760] "SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2010-05-14 248552] "NPCTray"="c:\programfiler\Norman\npc\bin\npc_tray.exe" [2010-02-22 93616] "RTHDCPL"="RTHDCPL.EXE" [2008-05-08 16862208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ 1-Click Answers.lnk - c:\programfiler\1-Click Answers\answers.exe [2009-7-26 806912] Microsoft Office.lnk - c:\programfiler\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= P2 NPFSvc32;Norman Personal Firewall Service;c:\programfiler\Norman\Npf\Bin\npfsvc32.exe [30.11.2009 22:27 286328] R1 NGS;Norman General Security Driver;c:\programfiler\Norman\Ngs\Bin\ngs.sys [17.08.2010 23:56 26744] R1 NPROSEC;Norman Security driver;c:\programfiler\Norman\Ngs\Bin\nprosec.sys [17.08.2010 23:56 72392] R1 tdi_nf;Norman Network Filter TDIL driver;c:\windows\system32\drivers\tdi_nf.sys [17.08.2010 23:56 376136] R2 Ndiskio;Ndiskio;c:\programfiler\Norman\Nse\Bin\Ndiskio.sys [30.11.2009 22:27 22880] R2 NNFSVC;Norman Network Filtering service;c:\programfiler\Norman\Ngs\Bin\nnf.exe [17.08.2010 23:56 219904] R2 NPROSECSVC;Norman Security service;c:\programfiler\Norman\Ngs\Bin\nprosec.exe [17.08.2010 23:56 103016] R2 nregsec;Norman Registry Security driver;c:\programfiler\Norman\Ngs\Bin\nregsec.sys [17.08.2010 23:56 40384] R2 NVOY;Norman Resource Provider;c:\programfiler\Norman\Npm\Bin\nvoy.exe [30.11.2009 22:27 98776] R2 SesamService;Sesam Control Service;c:\programfiler\Telenor\Mobilt Bredbånd\Sesam\BIN\SecMIPService.exe [09.05.2008 18:01 1216296] R3 nnetsec;Norman Network Security service;c:\windows\system32\drivers\nnetsec.sys [17.08.2010 23:56 48272] R3 NNetSecC;Norman Network Filter NDIS common driver;c:\programfiler\Norman\Ngs\Bin\nnetsecc.sys [17.08.2010 23:56 29968] R3 nsesvc;Norman Scanner Engine Service;c:\programfiler\Norman\Nse\Bin\Nsesvc.exe [18.06.2010 01:06 282624] R3 NUAA;Norman User Activity Agent;c:\programfiler\Norman\Npc\Bin\nuaa.exe [18.08.2010 22:10 99656] R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [30.11.2009 22:27 21832] R3 nvcoas;Norman Virus Control on-access component;c:\programfiler\Norman\nvc\bin\Nvcoas.exe [30.11.2009 22:27 210248] R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [25.08.2008 22:49 156160] R3 Scheduler;Norman Scheduler Service;c:\programfiler\Norman\Npm\Bin\scheduler.exe [30.11.2009 22:27 133272] R3 wtsmpadap;Sesam Virtual Adapter;c:\windows\system32\drivers\wtsmpadap.sys [29.04.2008 17:24 39720] R3 WtSmpFlt;Sesam Adapter;c:\windows\system32\drivers\wtsmpflt.sys [29.04.2008 17:24 272424] S2 Micro Star SCM;Micro Star SCM;c:\programfiler\System Control Manager\MSIService.exe [25.08.2008 22:53 159744] S3 GTMM Device Service;GTMM Device Service;c:\programfiler\Telenor\Mobilt Bredbånd\GtmmDeviceService.exe [01.09.2009 07:48 106496] S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [30.12.2008 19:57 103040] S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [23.07.2009 17:45 625792] S3 TSWLAN;TsWlan Packet Driver;c:\windows\system32\drivers\TsWlan.sys [17.10.2008 15:34 33664] --- Andre tjenester/drivere lastet i minnet --- *Deregistered* - mchInjDrv . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-08-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.startsiden.no/ uInternet Connection Wizard,ShellNext = hxxp://www.msi.com.tw/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Answers... - file://c:\programfiler\1-Click Answers\Html\atiemenu.htm IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\programfiler\Norman\ngs\bin\nlf.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-22 20:15 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(1748) c:\windows\system32\igfxdev.dll - - - - - - - > 'explorer.exe'(1280) c:\programfiler\Norman\nvc\bin\Niphk.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Tidspunkt ferdig: 2010-08-22 20:18:52 ComboFix-quarantined-files.txt 2010-08-22 18:18 Pre-Run: 27 356 221 440 byte ledig Post-Run: 27 392 286 720 byte ledig - - End Of File - - 7C8E81FA4ABA9201E33EFFEED401F1C8 ___________________________________________________________________ Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversjon: 4052 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22.08.2010 19:59:29 mbam-log-2010-08-22 (19-59-29).txt Skanntype: Hurtigsøk Objekter skannet: 113478 Tid tilbakelagt: 9 minutt(er), 41 sekund(er) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert 0 Minneprosesser infisert: (Ingen skadelige objekter funnet) Minnemoduler infisert: (Ingen skadelige objekter funnet) Registernøkler infisert: (Ingen skadelige objekter funnet) Registerverdier infisert: (Ingen skadelige objekter funnet) Registerfiler infisert: (Ingen skadelige objekter funnet) Mapper infisert: (Ingen skadelige objekter funnet) Filer infisert (Ingen skadelige objekter funnet) Lenke til kommentar
Atiks Skrevet 22. august 2010 Del Skrevet 22. august 2010 Oppdater MBAM og gjør et nytt hurtigsøk Lenke til kommentar
slaraffen Skrevet 22. august 2010 Forfatter Del Skrevet 22. august 2010 Nå gjorde jeg et nytt hurtigsøk etter oppdatering . Ligger under her . Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversjon: 4463 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22.08.2010 23:53:38 mbam-log-2010-08-22 (23-53-38).txt Skanntype: Hurtigsøk Objekter skannet: 127949 Tid tilbakelagt: 10 minutt(er), 47 sekund(er) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert 0 Minneprosesser infisert: (Ingen skadelige objekter funnet) Minnemoduler infisert: (Ingen skadelige objekter funnet) Registernøkler infisert: (Ingen skadelige objekter funnet) Registerverdier infisert: (Ingen skadelige objekter funnet) Registerfiler infisert: (Ingen skadelige objekter funnet) Mapper infisert: (Ingen skadelige objekter funnet) Filer infisert (Ingen skadelige objekter funnet) Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå