Kruuger Skrevet 24. september 2007 Del Skrevet 24. september 2007 (endret) Hei!. PC-en min har begynt å gå litt treigt i det siste så jeg tenkte jeg skulle scanne med Spybot (Siden jeg spiller wow og er glad i accounten min!). Joda jeg fannt litt forskjellig, men sikkert ikke noe farlig, Men jeg har et screenshot i vedlegget. Og jeg scanna en gang til, men fant ingenting.. MEN det som bekymrer meg VELDIG er at der det står "Runing bot-check" sto der ting som "25134/62203: Perfectkeylogger" Og "27435/62203: Trojan*noe*" Og "27654/62203: Hack" (Og det så jeg raste forbi på scan nr 2, men spybot reagerte ikke på dette) Nummerene er ikke helt riktige, men hva i HELVETTE er dette? Burde jeg reformatere og skifte PW på allt jeg har? PLEASE hjelp meg ! Endret 24. september 2007 av Kruuger Lenke til kommentar
norbat Skrevet 24. september 2007 Del Skrevet 24. september 2007 Pust ut og ro deg ned.... Last ned Hijackthis. Legg det i en egen mappe på skrivebordet. Start programmet, velg "Do a system scan and save a logfile". Loggfilen kopierer du og poster. Lenke til kommentar
Kruuger Skrevet 24. september 2007 Forfatter Del Skrevet 24. september 2007 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:01:16, on 24.09.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\AlienGUIse\wbload.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\Java\jre1.6.0\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\OpenOffice.org 2.2\program\soffice.exe C:\Programfiler\OpenOffice.org 2.2\program\soffice.BIN C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Windows Media Player\wmplayer.exe C:\Programfiler\Spybot - Search & Destroy\SpybotSD.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [nTrayFw] C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 -noicon O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [steam] "c:\programfiler\steam\steam.exe" -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.2.lnk = C:\Programfiler\OpenOffice.org 2.2\program\quickstart.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O23 - Service: app_filter - Unknown owner - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 7957 bytes Der ja. Oh noes , pro's watching my pr0ns Lenke til kommentar
norbat Skrevet 24. september 2007 Del Skrevet 24. september 2007 Den loggen så grei ut. Pust fortsatt rolig gjennom nesa og se om ikke følgende prog. kan fortelle litt mer: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (vanligvis c:\combofix.txt) Lenke til kommentar
Kruuger Skrevet 24. september 2007 Forfatter Del Skrevet 24. september 2007 Ok ok, kjører det nå... avansert å greier :S dos ftw. Jeg er noob.. så det er sagt.. i alle fall på sånnt Lenke til kommentar
Kruuger Skrevet 24. september 2007 Forfatter Del Skrevet 24. september 2007 ComboFix 07-09-21.2 - "Tomas!" 2007-09-24 22:35:03.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.563 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Programfiler\myglobalsearch . ((((((((((((((((((((((((( Files Created from 2007-08-24 to 2007-09-24 ))))))))))))))))))))))))))))))) . 2007-09-24 22:34 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-24 22:00 <DIR> d-------- C:\Programfiler\Trend Micro 2007-09-24 21:55 <DIR> dr-h----- C:\DOCUME~1\Tomas!\Siste 2007-09-24 21:45 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL 2007-09-24 21:45 <DIR> d-------- C:\Programfiler\SpywareBlaster 2007-09-21 20:41 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-09-21 20:41 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2007-09-21 20:40 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2007-09-21 16:57 <DIR> d-------- C:\DOCUME~1\Tomas!\PROGRA~1\fretsonfire 2007-09-21 16:56 <DIR> d-------- C:\Programfiler\Frets on Fire 2007-09-17 22:51 <DIR> d-------- C:\DOCUME~1\Tomas!\SystemRequirementsLab 2007-09-16 20:28 <DIR> d-------- C:\Programfiler\AlienGUIse 2007-09-10 22:55 <DIR> d-------- C:\Programfiler\Enterbrain 2007-09-10 18:03 <DIR> d-------- C:\Programfiler\Thief - Deadly Shadows 2007-09-08 01:08 <DIR> d-------- C:\DOCUME~1\Tomas!\PROGRA~1\Help 2007-09-08 01:07 <DIR> d-------- C:\Programfiler\rpg2003 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-24 20:58 --------- d-------- C:\DOCUME~1\Tomas!\PROGRA~1\Skype 2007-09-24 20:57 --------- d-------- C:\Programfiler\Steam 2007-09-24 20:57 --------- d-------- C:\DOCUME~1\Tomas!\PROGRA~1\OpenOffice.org2 2007-09-21 20:07 --------- d--h----- C:\Programfiler\InstallShield Installation Information 2007-09-21 20:07 --------- d-------- C:\Programfiler\EA GAMES 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-08-26 19:38 --------- d-------- C:\Programfiler\LimeWire 2007-08-25 19:57 --------- d-------- C:\Programfiler\Incomplete 2007-08-21 13:16 --------- d-------- C:\Programfiler\Microsoft Games 2007-08-14 22:29 --------- d-------- C:\Programfiler\World of Warcraft 2007-08-01 13:19 197120 --a------ C:\WINDOWS\system32\Freakin Screensaver.scr 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-04 20:04 0 -ra------ C:\logwmemory.bin 2007-07-02 21:41 200704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-07-02 21:41 1044480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\nvusmb.exe 2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\nvunrm.exe 2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\nvuide.exe 2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\nvudisp.exe 2007-06-29 00:43 8466432 --a------ C:\WINDOWS\system32\nvcpl.dll 2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvwddi.dll 2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvmctray.dll 2007-06-29 00:43 753664 --a------ C:\WINDOWS\system32\nvcplui.exe 2007-06-29 00:43 6729728 --a------ C:\WINDOWS\system32\nvoglnt.dll 2007-06-29 00:43 6234112 --a------ C:\WINDOWS\system32\nvdisps.dll 2007-06-29 00:43 5690624 --a------ C:\WINDOWS\system32\nv4_disp.dll 2007-06-29 00:43 5455872 --a------ C:\WINDOWS\system32\nvdispsr.dll 2007-06-29 00:43 466944 --a------ C:\WINDOWS\system32\nvshell.dll 2007-06-29 00:43 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll 2007-06-29 00:43 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll 2007-06-29 00:43 442368 --a------ C:\WINDOWS\system32\nvappbar.exe 2007-06-29 00:43 425984 --a------ C:\WINDOWS\system32\keystone.exe 2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcodins.dll 2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcod.dll 2007-06-29 00:43 360448 --a------ C:\WINDOWS\system32\nvapi.dll 2007-06-29 00:43 3600384 --a------ C:\WINDOWS\system32\nvvitvsr.dll 2007-06-29 00:43 3518464 --a------ C:\WINDOWS\system32\nvvitvs.dll 2007-06-29 00:43 3321856 --a------ C:\WINDOWS\system32\nvgames.dll 2007-06-29 00:43 3072000 --a------ C:\WINDOWS\system32\nvgamesr.dll 2007-06-29 00:43 307200 --a------ C:\WINDOWS\system32\nvexpbar.dll 2007-06-29 00:43 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll 2007-06-29 00:43 2854912 --a------ C:\WINDOWS\system32\nvmoblsr.dll 2007-06-29 00:43 2416640 --a------ C:\WINDOWS\system32\nvwssr.dll 2007-06-29 00:43 2330624 --a------ C:\WINDOWS\system32\nvwss.dll 2007-06-29 00:43 229376 --a------ C:\WINDOWS\system32\nvmccs.dll 2007-06-29 00:43 188416 --a------ C:\WINDOWS\system32\nvmccss.dll 2007-06-29 00:43 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll 2007-06-29 00:43 1626112 --a------ C:\WINDOWS\system32\nwiz.exe 2007-06-29 00:43 155716 --a------ C:\WINDOWS\system32\nvsvc32.exe 2007-06-29 00:43 1474560 --a------ C:\WINDOWS\system32\nview.dll 2007-06-29 00:43 147456 --a------ C:\WINDOWS\system32\nvcolor.exe 2007-06-29 00:43 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe 2007-06-29 00:43 1142784 --a------ C:\WINDOWS\system32\nvmobls.dll 2007-06-29 00:43 1073152 --a------ C:\WINDOWS\system32\nvcpluir.dll 2007-06-29 00:43 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll 2007-06-29 00:43 1018772 --a------ C:\WINDOWS\system32\nvucode.bin 2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-05-05 00:08 485 --a------ C:\Programfiler\Snarvei til Movie Maker.lnk 2005-10-31 17:56 700416 --a------ C:\Programfiler\StubInstaller.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nTrayFw"="C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2004-11-10 10:40] "SoundMan"="SOUNDMAN.EXE" [2004-12-22 11:09 C:\WINDOWS\SOUNDMAN.EXE] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43] "nwiz"="nwiz.exe" [2007-06-29 00:43 C:\WINDOWS\system32\nwiz.exe] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0\bin\jusched.exe" [2007-05-01 18:07] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 14:00 C:\WINDOWS\system32\bthprops.cpl] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-04-10 03:31] "DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2006-11-12 12:48] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\programfiler\steam\steam.exe" [2007-06-29 16:00] "MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:54] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2006-11-12 12:48] "Skype"="C:\Programfiler\Skype\Phone\Skype.exe" [2007-03-30 13:34] C:\DOCUME~1\ALLUSE~1\START-~1\PROGRA~1\Oppstart\ Bluetooth Manager.lnk - C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 20:42:36] C:\DOCUME~1\Tomas!\START-~1\PROGRA~1\Oppstart\ OpenOffice.org 2.2.lnk - C:\Programfiler\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 16:54:56] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] C:\Programfiler\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Programfiler\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=wbsys.dll R1 oreans32;oreans32;\??\C:\WINDOWS\system32\drivers\oreans32.sys R2 app_filter;app_filter;C:\Programfiler\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6027894-e9e0-11db-af37-00142a8cda53}] AutoRun\command- F:\AUTORUN.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb6fab15-d6ed-11db-966b-806d6172696f}] AutoRun\command- D:\Setup.EXE *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2007-09-24 19:45:03 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Programfiler\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-24 22:35:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Aavmker4] . Completion time: 2007-09-24 22:36:24 . --- E O F --- Håper det er rett Lenke til kommentar
norbat Skrevet 24. september 2007 Del Skrevet 24. september 2007 Dette så også greit ut. Tror ikke dette skal være noe å bekymre seg over, kruuger Du kunne ha kjørt en scan med annet antispywareprog. Anbefaler å prøve SuperAntispyware (jada, navnet er litt nerds men...) Last ned SAS, installer, oppdater og kjør en full (Complete) scan. Surf trygt. Lenke til kommentar
Kruuger Skrevet 24. september 2007 Forfatter Del Skrevet 24. september 2007 Så det som fløy forbi kallt "Perfectkeylogger" på Search&Destroy var ingenting? jeg mener, er vel en grunn til det er der? eller er det bare paranoya? VENT? prøver du å hacke meg? *gasp* vær snill med accounten min da :/ Neeeeimen fra spøk til alvor, skal jeg ikke bekymre meg? Lenke til kommentar
Kruuger Skrevet 24. september 2007 Forfatter Del Skrevet 24. september 2007 Anyways, Tusen takk for at du brukte tiden din på å hjelpe meg Setter pris på det Lenke til kommentar
norbat Skrevet 24. september 2007 Del Skrevet 24. september 2007 (endret) Hadde jeg kjent til spybot bedre, så hadde jeg kunnet sakt at det som du nevner er databasen spybot bruker for å sjekke filene med. Databasen er sikkert delt opp i ulike kategorier (keylogger, dealer.......). Så dette er/var ikke noe farlig. btw: du bør sjekke for oppdateringer til spybot da det i databasen skal ligge 83929 oppføringer og ikke 62203 som det gjør hos deg Endret 24. september 2007 av norbat Lenke til kommentar
Kruuger Skrevet 24. september 2007 Forfatter Del Skrevet 24. september 2007 Ah ok ! Du er kongen. ingen over eller vedsidenav Once again, tusen takk! Lenke til kommentar
Kruuger Skrevet 24. september 2007 Forfatter Del Skrevet 24. september 2007 By the way. med SAS fant jeg 29 filer , men programmet trodde ikke det var noe kritisk. ellernoe sånnt Lenke til kommentar
norbat Skrevet 24. september 2007 Del Skrevet 24. september 2007 antar det var noen cookies. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå