Akidon Skrevet 26. juni 2006 Del Skrevet 26. juni 2006 Har avast antivirus. Kommer hele tiden opp melding om at denne trojaneren har infisert maskinen. Det er forskellige filer hver gang men på samme sted. Noen som kan hjelpe meg å fjerne dette viruset? Lenke til kommentar
berxter Skrevet 26. juni 2006 Del Skrevet 26. juni 2006 Zlob.bn er en SmitFraudvariant, og du tar'n med Smitfraudfix. Google den. Husk å kjøre alternativ 2 (clean) i safe mode, Legg så ut en HijackThislogg her. Den finner du f eks hos merijn.org. Hvis du søker på forumet har stealthy laget en intro til HJT. Bernt K Lenke til kommentar
Akidon Skrevet 26. juni 2006 Forfatter Del Skrevet 26. juni 2006 (endret) Huff dette var vanskelig. Hvorfor fjerner ikke avast dett dritet. Og kan du legge ut en link til den introen? Her er loggen : Hva den betyr skjønner jeg ikke no av... Hva nå? Logfile of HijackThis v1.99.1 Scan saved at 01:36:37, on 27.06.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe e:\Exe\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O4 - HKLM\..\Run: [NVMixerTray] "C:\Programfiler\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avast!] d:\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] D:\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [sideWinderTrayV4] d:\SIDEWI~1\Common\SWTrayV4.exe O4 - HKLM\..\Run: [DAEMON Tools] "d:\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [smartGuardian] D:\Smart Guardian\ITESmart.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Win2000Launcher] F:\Verktøylinjer\Spill\Launcher.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] D:\HP Print\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [eb760324.exe] C:\WINDOWS\system32\eb760324.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] D:\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [eb760324.exe] C:\Documents and Settings\Administrator\Lokale innstillinger\Programdata\eb760324.exe O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 2.0.lnk = D:\Open Office\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\HP Print\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = D:\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.5.0_06\bin\ssv.dll O18 - Protocol: bw+0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - d:\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - d:\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - d:\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - d:\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) Endret 26. juni 2006 av Aqidon Lenke til kommentar
Pozzolan Skrevet 27. juni 2006 Del Skrevet 27. juni 2006 (endret) Anbefaler deg å poste en log fra maskinen når den er i normal modus da jeg tror at denne loggen er fra sikkermodus? Det du kan gjøre er å slette noen av O18 - Protocol: bwz0 - {68ED396F-FF01-4234-BCC0-C5588273BC19} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll grunnet at du bare trenger en oppføring av denne. Last ned CCleaner og rens datamaskinen med den i sikkermodus. Så sletter du følgende med hijackthis: O4 - HKCU\..\Run: [eb760324.exe] C:\Documents and Settings\Administrator\Lokale innstillinger\Programdata\eb760324.exe Hvis du ikke vet hvordan man sletter ting med hijackthis kan du følge denne guiden. Endret 27. juni 2006 av stealthy Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå