ennki Skrevet 12. januar 2008 Del Skrevet 12. januar 2008 Jeg har vært så dum at jeg falt for denne photobucket-saken på MSN Messenger. Jeg har lest litt om det her og der, men får ikke til instruksjonene... Poster derfor en combofixlog sånn at jeg kan få det inn med teskje. Beklager bryet! ComboFix 08-01-11.3 - Ninaz 2008-01-12 13:44:49.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1044.18.229 [GMT 1:00] Running from: C:\Users\Ninaz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CX492DSJ\ComboFix[1].exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-12-12 to 2008-01-12 ))))))))))))))))))))))))))))))) . 2008-01-12 13:40 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe 2008-01-11 19:20 . 2008-01-11 19:20 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music 2008-01-09 12:45 . 2008-01-09 12:45 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys 2008-01-09 12:45 . 2008-01-09 12:45 216,760 --a------ C:\Windows\System32\drivers\netio.sys 2008-01-09 12:45 . 2008-01-09 12:45 167,424 --a------ C:\Windows\System32\tcpipcfg.dll 2008-01-09 12:45 . 2008-01-09 12:45 24,064 --a------ C:\Windows\System32\netcfg.exe 2008-01-09 12:45 . 2008-01-09 12:45 22,016 --a------ C:\Windows\System32\netiougc.exe 2008-01-09 12:42 . 2008-01-09 12:42 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll 2008-01-09 12:42 . 2008-01-09 12:42 1,686,016 --a------ C:\Windows\System32\gameux.dll 2008-01-09 12:42 . 2008-01-09 12:42 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys 2008-01-09 12:42 . 2008-01-09 12:42 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys 2008-01-09 12:42 . 2008-01-09 12:42 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys 2008-01-09 12:42 . 2008-01-09 12:42 110,136 --a------ C:\Windows\System32\drivers\ataport.sys 2008-01-09 12:42 . 2008-01-09 12:42 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys 2008-01-09 12:42 . 2008-01-09 12:42 21,560 --a------ C:\Windows\System32\drivers\atapi.sys 2008-01-09 12:42 . 2008-01-09 12:42 17,976 --a------ C:\Windows\System32\drivers\intelide.sys 2008-01-09 12:42 . 2008-01-09 12:42 11,776 --a------ C:\Windows\System32\sbunattend.exe 2007-12-25 13:03 . 2007-12-25 13:03 <DIR> d-------- C:\Users\Ninaz\AppData\Roaming\vlc 2007-12-25 12:18 . 2007-12-25 12:18 <DIR> d-------- C:\Program Files\VideoLAN 2007-12-24 13:58 . 2007-12-24 13:58 <DIR> d-------- C:\Program Files\7-Zip 2007-12-24 13:28 . 2007-12-24 13:28 <DIR> d-------- C:\Program Files\uTorrent 2007-12-24 13:27 . 2008-01-12 13:44 <DIR> d-------- C:\Users\Ninaz\AppData\Roaming\uTorrent 2007-12-23 00:33 . 2007-12-23 00:33 2,923,520 --a------ C:\Windows\explorer.exe 2007-12-23 00:32 . 2007-12-23 00:32 1,655,289 --a------ C:\Windows\System32\wlan.tmf 2007-12-23 00:32 . 2007-12-23 00:32 714,240 --a------ C:\Windows\System32\timedate.cpl 2007-12-23 00:32 . 2007-12-23 00:32 542,720 --a------ C:\Windows\System32\sysmain.dll 2007-12-23 00:32 . 2007-12-23 00:32 502,784 --a------ C:\Windows\System32\wlansvc.dll 2007-12-23 00:32 . 2007-12-23 00:32 297,984 --a------ C:\Windows\System32\wlansec.dll 2007-12-23 00:32 . 2007-12-23 00:32 290,816 --a------ C:\Windows\System32\wlanmsm.dll 2007-12-23 00:32 . 2007-12-23 00:32 67,584 --a------ C:\Windows\System32\wlanhlp.dll 2007-12-23 00:32 . 2007-12-23 00:32 47,104 --a------ C:\Windows\System32\wlanapi.dll 2007-12-23 00:31 . 2007-12-23 00:31 376,320 --a------ C:\Windows\System32\winsrv.dll 2007-12-23 00:31 . 2007-12-23 00:31 49,664 --a------ C:\Windows\System32\csrsrv.dll 2007-12-23 00:29 . 2007-12-23 00:29 414,208 --a------ C:\Windows\System32\msscp.dll 2007-12-23 00:29 . 2007-12-23 00:29 374,456 --a------ C:\Windows\System32\mcupdate_GenuineIntel.dll 2007-12-23 00:28 . 2007-12-23 00:28 8,147,968 --a------ C:\Windows\System32\wmploc.DLL 2007-12-23 00:28 . 2007-12-23 00:28 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll 2007-12-23 00:28 . 2007-12-23 00:28 7,680 --a------ C:\Windows\System32\spwmp.dll 2007-12-23 00:28 . 2007-12-23 00:28 4,096 --a------ C:\Windows\System32\msdxm.ocx 2007-12-23 00:28 . 2007-12-23 00:28 4,096 --a------ C:\Windows\System32\dxmasf.dll 2007-12-23 00:27 . 2007-12-23 00:27 396,800 --a------ C:\Windows\System32\MPSSVC.dll 2007-12-23 00:27 . 2007-12-23 00:27 392,192 --a------ C:\Windows\System32\FirewallAPI.dll 2007-12-23 00:27 . 2007-12-23 00:27 178,688 --a------ C:\Windows\System32\iphlpsvc.dll 2007-12-23 00:27 . 2007-12-23 00:27 86,016 --a------ C:\Windows\System32\icfupgd.dll 2007-12-23 00:27 . 2007-12-23 00:27 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys 2007-12-23 00:27 . 2007-12-23 00:27 61,952 --a------ C:\Windows\System32\cmifw.dll 2007-12-23 00:27 . 2007-12-23 00:27 23,040 --a------ C:\Windows\System32\drivers\tunnel.sys 2007-12-23 00:27 . 2007-12-23 00:27 16,896 --a------ C:\Windows\System32\wfapigp.dll 2007-12-23 00:27 . 2007-12-23 00:27 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS 2007-12-23 00:26 . 2007-12-23 00:26 1,191,936 --a------ C:\Windows\System32\msxml3.dll 2007-12-23 00:26 . 2007-12-23 00:26 104,448 --a------ C:\Windows\System32\DWWIN.EXE 2007-12-23 00:26 . 2007-12-23 00:26 2,048 --a------ C:\Windows\System32\msxml3r.dll 2007-12-23 00:24 . 2007-12-23 00:24 1,327,104 --a------ C:\Windows\System32\quartz.dll 2007-12-23 00:24 . 2007-12-23 00:24 223,232 --a------ C:\Windows\System32\WMASF.DLL 2007-12-23 00:24 . 2007-12-23 00:24 82,432 --a------ C:\Windows\System32\drivers\sdbus.sys 2007-12-23 00:24 . 2007-12-23 00:24 9,728 --a------ C:\Windows\System32\LAPRXY.DLL 2007-12-23 00:24 . 2007-12-23 00:24 2,048 --a------ C:\Windows\System32\asferror.dll 2007-12-23 00:23 . 2007-12-23 00:23 2,605,568 --a------ C:\Windows\System32\SLsvc.exe 2007-12-23 00:23 . 2007-12-23 00:23 566,784 --a------ C:\Windows\System32\SLCommDlg.dll 2007-12-23 00:23 . 2007-12-23 00:23 351,232 --a------ C:\Windows\System32\SLUI.exe 2007-12-23 00:23 . 2007-12-23 00:23 268,288 --a------ C:\Windows\System32\mcbuilder.exe 2007-12-23 00:23 . 2007-12-23 00:23 223,232 --a------ C:\Windows\System32\SLC.dll 2007-12-23 00:23 . 2007-12-23 00:23 186,368 --a------ C:\Windows\System32\SLLUA.exe 2007-12-23 00:23 . 2007-12-23 00:23 57,856 --a------ C:\Windows\System32\SLUINotify.dll 2007-12-23 00:23 . 2007-12-23 00:23 39,936 --a------ C:\Windows\System32\slcinst.dll 2007-12-23 00:23 . 2007-12-23 00:23 33,280 --a------ C:\Windows\System32\slwmi.dll 2007-12-23 00:22 . 2007-12-23 00:22 1,335,296 --a------ C:\Windows\System32\msxml6.dll 2007-12-23 00:22 . 2007-12-23 00:22 1,244,672 --a------ C:\Windows\System32\mcmde.dll 2007-12-23 00:22 . 2007-12-23 00:22 2,048 --a------ C:\Windows\System32\msxml6r.dll 2007-12-23 00:20 . 2007-12-23 00:20 737,792 --a------ C:\Windows\System32\inetcomm.dll 2007-12-23 00:20 . 2007-12-23 00:20 84,480 --a------ C:\Windows\System32\INETRES.dll 2007-12-23 00:18 . 2007-12-23 00:18 788,992 --a------ C:\Windows\System32\rpcrt4.dll 2007-12-23 00:17 . 2007-12-23 00:17 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe 2007-12-23 00:17 . 2007-12-23 00:17 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe 2007-12-23 00:17 . 2007-12-23 00:17 152,576 --a------ C:\Windows\System32\imagehlp.dll 2007-12-23 00:17 . 2007-12-23 00:17 12,800 --a------ C:\Windows\System32\drivers\fs_rec.sys 2007-12-23 00:17 . 2007-12-23 00:17 5,120 --a------ C:\Windows\System32\wmi.dll 2007-12-23 00:17 . 2007-12-23 00:17 2,048 --a------ C:\Windows\System32\tzres.dll 2007-12-23 00:16 . 2007-12-23 00:16 750,080 --a------ C:\Windows\System32\qmgr.dll 2007-12-23 00:16 . 2007-12-23 00:16 633,856 --a------ C:\Windows\System32\user32.dll 2007-12-22 23:38 . 2007-12-22 23:38 <DIR> d-------- C:\Windows\System32\Macromed 2007-12-22 23:23 . 2007-12-22 23:23 <DIR> d-------- C:\Windows\PCHEALTH 2007-12-22 23:09 . 2007-12-22 23:18 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2007-12-22 23:08 . 2007-12-22 23:23 <DIR> d-------- C:\Program Files\Windows Live 2007-12-22 22:59 . 2007-12-22 23:07 <DIR> d-------- C:\Users\All Users\WLInstaller 2007-12-22 22:59 . 2007-12-22 23:07 <DIR> d-------- C:\ProgramData\WLInstaller 2007-12-22 22:55 . 2007-12-22 22:55 <DIR> d-------- C:\Users\Ninaz\AppData\Roaming\ATI 2007-12-22 22:49 . 2007-12-04 13:54 95,608 --a------ C:\Windows\System32\AvastSS.scr 2007-12-22 22:49 . 2007-12-04 15:51 42,912 --a------ C:\Windows\System32\drivers\aswTdi.sys 2007-12-22 22:49 . 2007-12-04 15:53 23,152 --a------ C:\Windows\System32\drivers\aswRdr.sys 2007-12-22 22:48 . 2007-12-22 22:48 <DIR> d-------- C:\Program Files\Alwil Software 2007-12-22 22:48 . 2003-03-18 21:20 1,060,864 --a------ C:\Windows\System32\MFC71.dll 2007-12-22 22:48 . 2007-12-04 14:04 837,496 --a------ C:\Windows\System32\aswBoot.exe 2007-12-22 22:48 . 2003-03-18 20:14 499,712 --a------ C:\Windows\System32\MSVCP71.dll 2007-12-22 22:48 . 2004-01-09 10:13 380,928 --a------ C:\Windows\System32\actskin4.ocx 2007-12-22 22:48 . 2003-02-21 04:42 348,160 --a------ C:\Windows\System32\MSVCR71.dll 2007-12-22 22:48 . 2007-12-04 15:52 45,648 --a------ C:\Windows\System32\drivers\aswMonFlt.sys 2007-12-22 22:44 . 2007-12-22 22:44 1,712,984 --a------ C:\Windows\System32\wuaueng.dll 2007-12-22 22:44 . 2007-12-22 22:44 1,524,224 --a------ C:\Windows\System32\wucltux.dll 2007-12-22 22:44 . 2007-12-22 22:44 53,080 --a------ C:\Windows\System32\wuauclt.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-09 11:48 --------- d-----w C:\Program Files\Windows Sidebar 2008-01-09 11:48 --------- d-----w C:\Program Files\Windows Mail 2008-01-09 11:42 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-01-09 11:42 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-01-09 11:42 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-01-09 11:42 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2007-12-23 09:51 174 --sha-w C:\Program Files\desktop.ini 2007-12-23 09:42 --------- d-----w C:\Program Files\Windows Defender 2007-12-23 09:42 --------- d-----w C:\Program Files\Windows Calendar 2007-12-22 23:34 8,192 ----a-w C:\Windows\System32\riched32.dll 2007-12-22 23:34 77,824 ----a-w C:\Windows\System32\rascfg.dll 2007-12-22 23:34 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys 2007-12-22 23:34 694,784 ----a-w C:\Windows\System32\localspl.dll 2007-12-22 23:34 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys 2007-12-22 23:34 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys 2007-12-22 23:34 52,736 ----a-w C:\Windows\System32\rasdiag.dll 2007-12-22 23:34 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys 2007-12-22 23:34 384,000 ----a-w C:\Windows\System32\netcfgx.dll 2007-12-22 23:34 36,864 ----a-w C:\Windows\System32\cdd.dll 2007-12-22 23:34 33,280 ----a-w C:\Windows\System32\traffic.dll 2007-12-22 23:34 32,768 ----a-w C:\Windows\System32\rasmxs.dll 2007-12-22 23:34 286,208 ----a-w C:\Windows\System32\ipnathlp.dll 2007-12-22 23:34 22,016 ----a-w C:\Windows\System32\rasser.dll 2007-12-22 23:34 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys 2007-12-22 23:34 15,360 ----a-w C:\Windows\System32\pacerprf.dll 2007-12-22 23:34 134,656 ----a-w C:\Windows\System32\dps.dll 2007-12-22 23:34 13,824 ----a-w C:\Windows\System32\wshqos.dll 2007-12-22 23:34 13,824 ----a-w C:\Windows\System32\icsunattend.exe 2007-12-22 23:33 87,040 ----a-w C:\Windows\System32\msoert2.dll 2007-12-22 23:33 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr 2007-12-22 23:33 39,424 ----a-w C:\Windows\System32\ACCTRES.dll 2007-12-22 23:33 28,344 ----a-w C:\Windows\system32\drivers\battc.sys 2007-12-22 23:33 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys 2007-12-22 23:33 24,064 ----a-w C:\Windows\System32\wtsapi32.dll 2007-12-22 23:33 205,824 ----a-w C:\Windows\System32\msoeacct.dll 2007-12-22 23:33 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys 2007-12-22 23:33 2,027,008 ----a-w C:\Windows\System32\win32k.sys 2007-12-22 23:33 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys 2007-12-22 23:33 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys 2007-12-22 23:21 88,576 ----a-w C:\Windows\System32\avifil32.dll 2007-12-22 23:21 82,944 ----a-w C:\Windows\System32\mciavi32.dll 2007-12-22 23:21 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr 2007-12-22 23:21 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll 2007-12-22 23:21 69,632 ----a-w C:\Windows\System32\sendmail.dll 2007-12-22 23:21 65,024 ----a-w C:\Windows\System32\avicap32.dll 2007-12-22 23:21 61,440 ----a-w C:\Windows\System32\ntprint.exe 2007-12-22 23:21 31,232 ----a-w C:\Windows\System32\msvidc32.dll 2007-12-22 23:21 269,824 ----a-w C:\Windows\System32\schannel.dll 2007-12-22 23:21 220,160 ----a-w C:\Windows\System32\ntprint.dll 2007-12-22 23:21 123,904 ----a-w C:\Windows\System32\msvfw32.dll 2007-12-22 23:21 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll 2007-12-22 23:21 12,800 ----a-w C:\Windows\System32\msrle32.dll 2007-12-22 23:21 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll 2007-12-22 23:21 1,984,512 ----a-w C:\Windows\System32\authui.dll 2007-12-22 23:19 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys 2007-12-22 23:19 824,832 ----a-w C:\Windows\System32\wininet.dll 2007-12-22 23:19 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys 2007-12-22 23:19 56,320 ----a-w C:\Windows\System32\iesetup.dll 2007-12-22 23:19 53,760 ----a-w C:\Windows\system32\drivers\hdaudbus.sys 2007-12-22 23:19 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2007-12-22 23:19 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2007-12-22 23:19 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys 2007-12-22 23:19 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys 2007-11-25 22:43 245,408 ----a-w C:\Windows\System32\unicows.dll 2007-10-18 10:31 51,224 ----a-w C:\Windows\System32\sirenacm.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 12:42 1232896] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 20:35 90112] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-23 00:30 1006264] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 21:36 827392] "RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 19:11 4317184 C:\Windows\RtHDVCpl.exe] "KeybdUtility"="C:\Program Files\LG Software\On Screen Display\HotKey.exe" [2007-02-03 06:40 2655800] "BatteryMiser 5"="C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe" [2007-02-04 20:10 337464] "LG Intelligent Update"="C:\Program Files\lg_swupdate\giljabistart.exe" [2007-01-13 03:42 230968] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 20:39 151552] "LG Magnifier"="C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe" [2007-02-05 23:45 112184] "LG Direct Media Button Service"="LGDMEBTN.exe" [2006-12-15 03:50 94208 C:\Windows\System32\LGDMEBTN.exe] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{26F5978F-6493-4ee3-B114-C0C3ACCF9D4D}"= C:\Windows\system32\bmpsap.dll [2006-12-11 23:58 114688] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52] R3 AGR1310_60;Agere Systems ET-13xx PCI-E Ethernet Adapter Vista Driver;C:\Windows\system32\DRIVERS\AGR1310_60.sys [2007-01-19 19:41] R3 LGDMEBTN;LG Direct Media Button Device Driver for x86;C:\Windows\system32\DRIVERS\LGDMEBTN.sys [2006-12-14 17:22] R3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 17:12] R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-19 03:03] S3 lgsnd_filter;lgsnd_filter;C:\Windows\system32\drivers\lgsnd_filter.sys [2005-12-15 05:30] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs REG_MULTI_SZ BthServ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17143f73-b13d-11dc-9c99-000df040329e}] \shell\AutoRun\command - F:\LaunchU3.exe *Newly Created Service* - PROCEXP90 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {CD68B67C-0AAC-EB5B-285E-25DE12617939} /qb . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-12 13:49:01 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-12 13:50:20 . 2008-01-11 00:25:52 --- E O F --- Lenke til kommentar
norbat Skrevet 12. januar 2008 Del Skrevet 12. januar 2008 Vel, loggen viser ingen tegn på noen infeksjoner. Hvordan opplever du har du kanksje har fått dette? Lenke til kommentar
ennki Skrevet 12. januar 2008 Forfatter Del Skrevet 12. januar 2008 Vel, loggen viser ingen tegn på noen infeksjoner. Hvordan opplever du har du kanksje har fått dette? Fordi jeg sender denne viruslinken videre til kontaktene mine på msn : / Lenke til kommentar
ennki Skrevet 12. januar 2008 Forfatter Del Skrevet 12. januar 2008 (endret) Da jeg fikk denne fikk jeg beskjed av kontaktene mine om at jeg sendte dem linker, så jeg logget av msn. Nå har jeg prøvd å logge på igjen, og jeg sender visstnok ingen linker lenger... I tillegg til at jeg kan starte samtaler, det kunne jeg ikke i går. Det skumle er at jeg ikke har gjort noe. Jeg har ikke slettet noen filer, jeg har ikke slettet noe som helst. Problemet kan vel ikke bare ha "forsvunnet" av seg selv? Her er forresten linken jeg fikk: http://photobucket.stx.nl/PIC5830.jpg-photobucket.com bare IKKE trykk på den, folkens! Endret 12. januar 2008 av ennki Lenke til kommentar
norbat Skrevet 12. januar 2008 Del Skrevet 12. januar 2008 Loggen du la ut viser i allefall at det er ingen filer som nylig har blitt opprettet og som er en del av denne trojaneren. Du får bare rope ut om det skulle oppstå noe igjen med MSN. Lenke til kommentar
ennki Skrevet 12. januar 2008 Forfatter Del Skrevet 12. januar 2008 Tusen takk for hjelpen. Jeg synes bare det er så merkelig om viruset plutselig har forsvunnet, siden flere av kontaktene mine har fått linker fra meg. Jeg slenger med loggen fra hijackthis også, sånn i tilfelle - men igjen; tusen takk for at du tar deg tid til å titte på så mange logger og spørsmål. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:45:29, on 12.01.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\LG Software\On Screen Display\HotKey.exe C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe C:\Windows\System32\LGDMEBTN.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\helppane.exe C:\Program Files\LG Software\LG Magnifier\Maglev.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Windows\regedit.exe C:\Windows\system32\conime.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.exe C:\Windows\system32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.nhh.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [KeybdUtility] C:\Program Files\LG Software\On Screen Display\HotKey.exe O4 - HKLM\..\Run: [batteryMiser 5] C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [LG Magnifier] %ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe O4 - HKLM\..\Run: [LG Direct Media Button Service] LGDMEBTN.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O13 - Gopher Prefix: O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- End of file - 5005 bytes Lenke til kommentar
norbat Skrevet 12. januar 2008 Del Skrevet 12. januar 2008 Ser greit ut. Du kunne ha søkt på PC-en etter følgende filer og sett om du får noen treff: C:\WINDOWS\lssas.exe C:\WINDOWS\ntmngr.exe C:\WINDOWS\images.zip Lenke til kommentar
ennki Skrevet 12. januar 2008 Forfatter Del Skrevet 12. januar 2008 Ser greit ut. Du kunne ha søkt på PC-en etter følgende filer og sett om du får noen treff: C:\WINDOWS\lssas.exe C:\WINDOWS\ntmngr.exe C:\WINDOWS\images.zip Fant ingen slike filer, fant bare filnavnene i en tekstfil (MSNfix, fichier.txt), så jeg er tydeligvis trygg. Merkelige greier, men jeg får vel ikke klage. Takk for hjelpen iallfall, og god helg. Lenke til kommentar
norbat Skrevet 12. januar 2008 Del Skrevet 12. januar 2008 Hvis MSN fortsetter å sende ut, så må du rope ut. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå