MSN sender virus link mellom kontakter-Hijackthislog

[askeladden2004]

Hei, fikk en virus link på MSN fra en bekjent som jeg dessverre klikket på. Min antivirus Trend Micro plukker ikke opp noenting. Linken har videresendt seg til en av mine kontakter og nå får jeg linken tilbake fra han. (red. skrivefeil)

 

Her er log:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:49:07, on 05.05.2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\LG Software\On Screen Display\HotKey.exe

C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe

C:\Program Files\lg_swupdate\GiljabiStart.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe

C:\Windows\System32\LGDMEBTN.exe

C:\Windows\System32\kmw_run.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\LG Software\LG Magnifier\Maglev.exe

C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\MouseTool\MouseTool.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Windows\system32\conime.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [KeybdUtility] C:\Program Files\LG Software\On Screen Display\HotKey.exe

O4 - HKLM\..\Run: [batteryMiser 5] C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe

O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [LG Magnifier] %ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe

O4 - HKLM\..\Run: [LG Direct Media Button Service] LGDMEBTN.exe

O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking9\Ereg.ini

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"

O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini"

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE')

O4 - Startup: CCC.lnk = ?

O4 - Startup: MouseTool.lnk = C:\Program Files\MouseTool\MouseTool.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: http://www.dagbladet.no

O15 - Trusted Zone: http://www.fms-cfsfriends.com

O15 - Trusted Zone: http://sunshine35446.yuku.com

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: Spionprogrambeskyttelse fra Trend Micro (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

 

--

End of file - 8291 bytes

 

Legger ved screenshots...

Endret 5. mai 2008 av askeladden2004

[norbat]

Bytt passord på MSN-kontoen din, og se om problemet fortsatt består.

[askeladden2004]

Ok, glemte å si at jeg hadde avinstallert MSN og tegnet ny konto da dette skjedde i forrige uke. Nå har jeg også skiftet passord! Takk!

 

Har også skannet med den dere anbefaler..se vedlegg.

viruslog1.html

[norbat]

Ser grei ut den. Opplever du fortsatt problemer med at MSN sender ut meldinger ukontrollert?

[askeladden2004]

Åh, så bra! Jeg fikk en link i dag. Nå har jeg skiftet passord, så får se om det hjelper. Jeg skal høre med min kontakt om han fortsatt får fra meg!

 

Tusen takk!

[r2d290]

Hvis du mener at problemet er løst, kan du redigere førsteposten din med FULL redigering, og skrive:

[LØST]

 

foran emnetittelen din. Dette vil gjøre forumet mer ryddig