Gå till innehåll

Wazzi

Medlem
 Visa profil  Visa deras aktivitet

  • Innehållsantal

    9

  • Gick med

  • Besökte senast

Wazzi's Achievements

(1/8)

  1. Wazzi
    Nja, inget fel med Ijji. Bara ett spelprogram. Nyss var jag tvungen att starta om datorn för att firefox inte ville starta. Börjar bli lite irriterad och de är nog inte så bra att starta om den flera gånger om dan. Ska jag fortsätta och scanna? Eller verkar de vara borta?
  2. Wazzi
    ComboFIX ComboFix 10-01-04.01 - Compaq_Ägaren 2010-01-07 21:14:40.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.46.1053.18.1982.1595 [GMT 1:00] Körs från: c:\documents and settings\Compaq_Ägaren\Skrivbord\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program\AskSearch\bin\DeFAultsearch.dll c:\recycler\S-1-5-21-1757981266-1123561945-725345543-1003 c:\windows\system32\SIntf16.dll c:\windows\system32\srcr.dat D:\Autorun.inf . (((((((((((((((((((((((( Filer Skapade från 2009-12-07 till 2010-01-07 )))))))))))))))))))))))))))))) . 2010-01-07 17:31 . 2010-01-07 17:31 -------- d--h--w- c:\windows\PIF 2010-01-07 17:26 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 17:26 . 2010-01-07 17:26 -------- d-----w- c:\program\Malwarebytes' Anti-Malware 2010-01-07 17:26 . 2010-01-07 17:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-07 17:26 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-07 17:08 . 2010-01-07 18:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-01-07 17:08 . 2010-01-07 17:08 -------- d-----w- c:\program\Lavasoft 2010-01-01 16:56 . 2010-01-01 16:56 -------- d-----w- c:\documents and settings\All Users\Application Data\clp 2009-12-31 17:05 . 2009-12-31 17:05 -------- d-----w- c:\program\Spybot - Search & Destroy 2009-12-31 14:50 . 2009-12-31 14:50 -------- d-----w- c:\program\ESET 2009-12-31 14:50 . 2009-12-31 14:50 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-12-30 02:26 . 2009-12-30 02:26 -------- d-----w- c:\windows\system32\wbem\Repository 2009-12-26 15:25 . 2009-12-26 15:25 -------- d-----w- c:\program\Spotify 2009-12-21 17:43 . 2009-12-24 23:00 -------- d-----w- c:\documents and settings\Compaq_garen 2009-12-21 17:43 . 2010-01-01 00:39 -------- d-----w- C:\ijji 2009-12-21 17:20 . 2009-07-02 23:34 710064 ----a-w- c:\windows\system32\ijjiSetup.exe 2009-12-21 17:20 . 2009-07-02 23:34 58800 ----a-w- c:\windows\system32\ijjiProcessRestarter.exe 2009-12-21 17:20 . 2009-07-02 23:34 58800 ----a-w- c:\windows\system32\ijjiPlugin2.dll 2009-12-21 17:20 . 2009-07-01 09:25 61440 ----a-w- c:\windows\system32\uc_atlantica_launching.dll 2009-12-21 17:20 . 2009-06-23 12:21 64000 ----a-w- c:\windows\system32\uc_sfighters_launching.dll 2009-12-21 17:20 . 2009-03-31 16:43 53248 ----a-w- c:\windows\system32\uc_luminary_launching.dll 2009-12-21 17:20 . 2009-01-29 10:53 87472 ----a-w- c:\windows\system32\ijjiChannelingPlugin.dll 2009-12-21 17:20 . 2009-12-21 17:20 -------- d-----w- c:\program\ijji 2009-12-15 16:21 . 2009-12-15 16:21 427008 ----a-w- c:\windows\system32\uc_wepic_launching.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-07 20:09 . 2008-10-14 15:50 -------- d-----w- c:\program\Steam 2010-01-07 20:09 . 2008-12-30 12:50 -------- d-----w- c:\program\DNA 2010-01-07 19:54 . 2009-02-14 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-07 18:28 . 2008-10-24 14:46 -------- d-----w- c:\program\DC++ 2010-01-06 23:19 . 2008-10-24 14:28 -------- d-----w- c:\program\mIRC 2010-01-01 17:07 . 2008-12-10 15:07 -------- d-----w- c:\program\DAEMON Tools 2009-12-31 16:50 . 2009-02-14 13:14 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore 2009-12-21 17:20 . 2008-10-06 16:26 -------- d--h--w- c:\program\InstallShield Installation Information 2009-10-25 10:27 . 2005-12-05 03:48 74702 ----a-w- c:\windows\system32\perfc01D.dat 2009-10-25 10:27 . 2005-12-05 03:48 405646 ----a-w- c:\windows\system32\perfh01D.dat . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* Tomma poster & legitima standardposter visas inte. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program\steam\steam.exe" [2009-10-28 1217808] "MsnMsgr"="c:\program\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883840] "Skype"="c:\program\Skype\Phone\Skype.exe" [2008-09-23 21755688] "DAEMON Tools"="c:\program\DAEMON Tools\daemon.exe" [2007-04-03 165784] "BitTorrent DNA"="c:\program\DNA\btdna.exe" [2009-11-13 323392] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program\Delade filer\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ftutil2"="ftutil2.dll" [2004-06-07 106496] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568] "HPBootOp"="c:\program\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-13 663552] "HP Software Update"="c:\program\HP\HP Software Update\HPwuSchd2.exe" [2005-02-16 49152] "QuickTime Task"="c:\program\QuickTime\qttask.exe" [2008-09-06 413696] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-04-27 148888] "egui"="c:\program\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program\\Steam\\steamapps\\lejontoffla12\\condition zero\\hl.exe"= "c:\\Program\\Steam\\steamapps\\lejontoffla12\\counter-strike\\hl.exe"= "c:\\Program\\Bonjour\\mDNSResponder.exe"= "c:\\Program\\iTunes\\iTunes.exe"= "c:\\Program\\mIRC\\mirc.exe"= "c:\\Program\\DC++\\DCPlusPlus.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program\\Steam\\steamapps\\lejontoffla12\\dedicated server\\hlds.exe"= "c:\\Program\\Steam\\Steam.exe"= "c:\\Program\\uTorrent\\uTorrent.exe"= "c:\\Program\\DNA\\btdna.exe"= "c:\\Program\\BitTorrent\\bittorrent.exe"= "c:\\Program\\Spotify\\spotify.exe"= "c:\\Program\\Ventrilo\\Ventrilo.exe"= "c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program\\Skype\\Phone\\Skype.exe"= R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-09-29 108792] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-09-29 96408] R2 ekrn;ESET Service;c:\program\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program\McAfee\SiteAdvisor\McSACore.exe [2009-05-23 210216] R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-05-05 79104] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-12-10 682232] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2009-05-05 131072] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] . Innehållet i mappen 'Schemalagda aktiviteter': 2009-09-02 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . . ------- Extra genomsökning ------- . uStart Page = hxxp://www.ask.com/?o=101764&l=dis uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s FF - ProfilePath - c:\documents and settings\Compaq_Ägaren\Application Data\Mozilla\Firefox\Profiles\fcuc7gwy.default\ FF - component: c:\program\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\program\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll ---- FIREFOX POLICY ---- c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) HKCU-Run-VOIPlay - c:\program\VOIPlay\voiplay.exe HKLM-Run-PCDrProfiler - (no file) AddRemove-Tasker_is1 - c:\program\Tasker\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-07 21:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- DLLer som "laddats" under processer som körs --------------------- - - - - - - - > 'winlogon.exe'(580) c:\windows\system32\Ati2evxx.dll . Sluttid: 2010-01-07 21:21:44 ComboFix-quarantined-files.txt 2010-01-07 20:21 Före genomsökningen: 46 374 391 808 byte ledigt Efter genomsökningen: 46 556 286 976 byte ledigt - - End Of File - - B1D0EA74A45644303101283CE016D636 Malware. Malwarebytes' Anti-Malware 1.43 Databasversion: 3508 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 2010-01-07 21:05:32 mbam-log-2010-01-07 (21-05-31).txt Skanningstyp: Snabb skanning Antal skannade objekt: 115649 Förfluten tid: 5 minute(s), 0 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 0 Infekterade registernycklar: 1 Infekterade registervärden: 0 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 9 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: (Inga illasinnade poster hittades) Infekterade registernycklar: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\h8srtd.sys (Rootkit.TDSS) -> No action taken. Infekterade registervärden: (Inga illasinnade poster hittades) Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: C:\WINDOWS\system32\H8SRTboykvjkvot.dll (Trojan.FakeAlert) -> No action taken. C:\WINDOWS\system32\H8SRTsfnlskkdrb.dll (Trojan.Vundo) -> No action taken. C:\WINDOWS\system32\H8SRTtymfoegehh.dll (Rootkit.TDSS) -> No action taken. C:\WINDOWS\system32\H8SRTyrulxtlrpj.dll (Trojan.Vundo) -> No action taken. C:\WINDOWS\system32\drivers\H8SRTjdjnaqglkk.sys (Malware.Packer) -> No action taken. C:\WINDOWS\system32\drivers\H8SRTrvipkawuyy.sys (Malware.Packer) -> No action taken. C:\WINDOWS\system32\H8SRTkyiyegskpn.dat (Rootkit.TDSS) -> No action taken. C:\WINDOWS\system32\H8SRTtqlmyoqleb.dat (Rootkit.TDSS) -> No action taken. C:\Documents and Settings\Compaq_Ägaren\Lokala inställningar\Temp\H8SRTa9a0.tmp (Rootkit.TDSS) -> No action taken.
  3. Wazzi
    Hehe ja. Har endå inget annat för mig än att vänta så .
  4. Wazzi
    Okej! Tack så mycket.
  5. Wazzi
    CPUN fungerar som vanligt. De måste nog vara "skiten" som har förstört något. Vet bara inte hur jag ska fixa de. Defragmentera? Ominstallera datorn? De är inte någon koppling till internet eller nåt så de måste vara datorn som har gått sönder lite.
  6. Wazzi
    Tack för tipset . Jag har märkt dom senaste 3 dagarna att mitt internet är väldigt segt. Har testat på en annan dator där går de perfekt. Men om jag stänger ner internet/firefox så tar de efter ett tag 10 minuter att starta. Är de något virus? Väldigt irriterande för jag måste starta om datorn varje gång jag ska surfa. Tror nog att de har något med Olmarik att göra.
  7. Wazzi
    DDS (Ver_09-12-01.01) - NTFSx86 Run by Compaq_garen at 19:25:20,81 on 2010-01-07 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Home Edition 5.1.2600.2.1252.46.1053.18.1982.1464 [GMT 1:00] AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program\Bonjour\mDNSResponder.exe C:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe C:\Program\HP\HP Software Update\HPwuSchd2.exe C:\Program\Java\jre6\bin\jusched.exe C:\Program\ESET\ESET NOD32 Antivirus\egui.exe C:\Program\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\rundll32.exe C:\Program\McAfee\SiteAdvisor\McSACore.exe C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE C:\Program\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\MsiExec.exe C:\Documents and Settings\Compaq_Ägaren\Skrivbord\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.ask.com/?o=101764&l=dis uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program\asksearch\bin\DefaultSearch.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - No File BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program\spybot - search & destroy\SDHelper.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\program\mcafee\sitead~1\mcieplg.dll BHO: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No File BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\program\mcafee\sitead~1\mcieplg.dll TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File uRun: [steam] "c:\program\steam\steam.exe" -silent uRun: [MsnMsgr] "c:\program\windows live\messenger\MsnMsgr.Exe" /background uRun: [skype] "c:\program\skype\phone\Skype.exe" /nosplash /minimized uRun: [VOIPlay] "c:\program\voiplay\voiplay.exe" uRun: [DAEMON Tools] "c:\program\daemon tools\daemon.exe" -lang 1033 uRun: [bitTorrent DNA] "c:\program\dna\btdna.exe" uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program\delade filer\ahead\lib\NMBgMonitor.exe" uRun: [spybotSD TeaTimer] c:\program\spybot - search & destroy\TeaTimer.exe mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE mRun: [PCDrProfiler] mRun: [HPBootOp] "c:\program\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run mRun: [Reminder] "c:\windows\creator\Remind_XP.exe" mRun: [HP Software Update] c:\program\hp\hp software update\HPwuSchd2.exe mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe" mRun: [egui] "c:\program\eset\eset nod32 antivirus\egui.exe" /hide /waitservice dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program\spybot - search & destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program\mcafee\sitead~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program\delade~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Hosts: 94.232.248.66 browser-security.microsoft.com Hosts: 94.232.248.66 antivirprotection.com Hosts: 94.232.248.66 www.antivirprotection.com Hosts: 255.255.255.255 easyanticheat.se # misleading site Hosts: 255.255.255.255 www.easyanticheat.se # misleading site ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\compaq~1\applic~1\mozilla\firefox\profiles\fcuc7gwy.default\ FF - component: c:\program\mcafee\siteadvisor\components\McFFPlg.dll FF - plugin: c:\program\ahnlab\asp\mykeydefense 2.5\npmkd25aos.dll ---- FIREFOX POLICIES ---- c:\program\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B"); c:\program\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask"); ============= SERVICES / DRIVERS =============== R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-29 108792] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-9-29 96408] R2 ekrn;ESET Service;c:\program\eset\eset nod32 antivirus\ekrn.exe [2009-9-29 735960] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program\mcafee\siteadvisor\McSACore.exe [2009-5-23 210216] R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-5-5 79104] S3 AVFSFilter;AVFSFilter;c:\windows\system32\drivers\avfsfilter.sys --> c:\windows\system32\drivers\avfsfilter.sys [?] S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2009-5-5 131072] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] =============== Created Last 30 ================ 2010-01-07 17:31:59 0 d--h--w- c:\windows\PIF 2010-01-07 17:26:12 0 d-----w- c:\docume~1\compaq~1\applic~1\Malwarebytes 2010-01-07 17:26:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 17:26:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-07 17:26:07 0 d-----w- c:\program\Malwarebytes' Anti-Malware 2010-01-07 17:26:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-01-07 17:08:55 0 dc-h--w- c:\docume~1\alluse~1\applic~1\~0 2010-01-07 17:08:40 0 d-----w- c:\program\Lavasoft 2010-01-01 16:56:57 0 d-----w- c:\docume~1\alluse~1\applic~1\clp 2010-01-01 16:49:07 0 d-----w- c:\docume~1\compaq~1\applic~1\Fighters 2009-12-31 17:05:26 0 d-----w- c:\program\Spybot - Search & Destroy 2009-12-31 14:50:38 0 d-----w- c:\program\ESET 2009-12-31 00:58:11 40960 ----a-w- c:\windows\system32\H8SRTsfnlskkdrb.dll 2009-12-31 00:58:05 40448 ----a-w- c:\windows\system32\drivers\H8SRTjdjnaqglkk.sys 2009-12-31 00:58:05 244 ----a-w- c:\windows\system32\H8SRTtqlmyoqleb.dat 2009-12-31 00:58:05 23040 ----a-w- c:\windows\system32\H8SRTyrulxtlrpj.dll 2009-12-30 02:26:14 0 d-----w- c:\windows\system32\wbem\Repository 2009-12-30 02:12:40 36864 ----a-w- c:\windows\system32\H8SRTtymfoegehh.dll 2009-12-30 02:12:39 131 ----a-w- c:\windows\system32\srcr.dat 2009-12-30 02:12:36 39936 ----a-w- c:\windows\system32\drivers\H8SRTrvipkawuyy.sys 2009-12-30 02:12:36 23040 ----a-w- c:\windows\system32\H8SRTboykvjkvot.dll 2009-12-30 02:12:36 201 ----a-w- c:\windows\system32\H8SRTkyiyegskpn.dat 2009-12-26 15:26:02 0 d-----w- c:\docume~1\compaq~1\applic~1\Spotify 2009-12-26 15:25:58 0 d-----w- c:\program\Spotify 2009-12-21 17:43:19 0 d-----w- C:\ijji 2009-12-21 17:20:52 87472 ----a-w- c:\windows\system32\ijjiChannelingPlugin.dll 2009-12-21 17:20:52 710064 ----a-w- c:\windows\system32\ijjiSetup.exe 2009-12-21 17:20:52 64000 ----a-w- c:\windows\system32\uc_sfighters_launching.dll 2009-12-21 17:20:52 61440 ----a-w- c:\windows\system32\uc_atlantica_launching.dll 2009-12-21 17:20:52 58800 ----a-w- c:\windows\system32\ijjiProcessRestarter.exe 2009-12-21 17:20:52 58800 ----a-w- c:\windows\system32\ijjiPlugin2.dll 2009-12-21 17:20:52 53248 ----a-w- c:\windows\system32\uc_luminary_launching.dll 2009-12-21 17:20:51 0 d-----w- c:\program\ijji 2009-12-15 16:21:32 427008 ----a-w- c:\windows\system32\uc_wepic_launching.dll ==================== Find3M ==================== 2010-01-07 18:23:46 23855104 ----a-w- c:\documents and settings\compaq_ägaren\ntuser.dat 2009-10-25 10:27:14 74702 ----a-w- c:\windows\system32\perfc01D.dat 2009-10-25 10:27:14 405646 ----a-w- c:\windows\system32\perfh01D.dat ============= FINISH: 19:25:39,20 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 2008-10-06 20:14:15 System Uptime: 2010-01-07 19:21:56 (0 hours ago) Motherboard: MSI | | AMETHYST-M Processor: AMD Athlon 64 Processor 3500+ | Socket 939 | 2188/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 145 GiB total, 23,06 GiB free. D: is FIXED (FAT32) - 4 GiB total, 0,876 GiB free. E: is CDROM (CDFS) F: is Removable G: is Removable H: is Removable I: is Removable J: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} Description: USB HID (Human Interface Device) Device ID: USB\VID_045E&PID_009D&MI_00\6&3A4DBDED&0&0000 Manufacturer: (Standardsystemenheter) Name: USB HID (Human Interface Device) PNP Device ID: USB\VID_045E&PID_009D&MI_00\6&3A4DBDED&0&0000 Service: HidUsb ==== System Restore Points =================== RP278: 2010-01-07 18:08:33 - Systemkontrollpunkt ==== Installed Programs ====================== Adobe Flash Player 10 Plugin Adobe Flash Player ActiveX Adobe Reader 7.0.5 - Svenska Adobe Shockwave Player 11 AhnLab Online Security Apple Mobile Device Support Apple Software Update ATI Display Driver ATI Kontrollpanel µTorrent BitTorrent Bonjour BufferChm Condition Zero Counter-Strike CP_AtenaShokunin1Config CP_CalendarTemplates1 cp_LightScribeConfig cp_OnlineProjectsConfig CP_Package_Basic1 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 CP_Panorama1Config cp_PosterPrintConfig cp_UpdateProjectsConfig CueTour DC++ 0.698 Dedicated Server Destinations DeviceManagementQFolder DNA Enhanced Multimedia Keyboard Solution ESET NOD32 Antivirus FullDPAppQFolder High Definition Audio - KB888111 HP Boot Optimizer HP DVD Play 2.1 HP Imaging Device Functions 7.0 HP Photosmart Premier Software 6.5 HP Software Update HPPhotoSmartExpress HpSdpAppCoreApp Icy Tower v1.4 ijji - Gunz ijji REACTOR InstantShareDevices Internet-tjänster iTunes J2SE Runtime Environment 5.0 Update 5 Java 6 Update 13 Kundupplevelseförbättringar Malwarebytes' Anti-Malware McAfee SiteAdvisor Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Swedish Language Pack Microsoft .NET Framework 2.0 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Works mIRC Mozilla Firefox (3.0.3) MSVCRT Nero 7 Demo OptionalContentQFolder PC-Doctor 5 for Windows PhotoGallery Python 2.2 pywin32 extensions (build 203) Python 2.2.3 QuickTime RandMap Segoe UI SkinsHP1 Skype 3.8 SlideShow SlideShowMusic Snabbkorrigering för Windows XP (KB893357) Snabbkorrigering för Windows XP (KB906569) Säkerhetsuppdatering för Windows Media Player 10 (KB911565) Säkerhetsuppdatering för Windows XP (KB896358) Säkerhetsuppdatering för Windows XP (KB896422) Säkerhetsuppdatering för Windows XP (KB896424) Säkerhetsuppdatering för Windows XP (KB901214) Säkerhetsuppdatering för Windows XP (KB902400) Säkerhetsuppdatering för Windows XP (KB904706) Säkerhetsuppdatering för Windows XP (KB905915) Säkerhetsuppdatering för Windows XP (KB908519) Säkerhetsuppdatering för Windows XP (KB912919) Sonic Express Labeler Sonic MyDVD Plus Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sonic Update Manager Sonic_PrimoSDK Spotify Spybot - Search & Destroy Steam Tasker v4.20 Tibia Tibia MULTI-ip changer Unload Uppdatering för Windows XP (KB898461) Uppdatering för Windows XP (KB912945) WebFldrs XP Ventrilo Client VentriloMIX Windows Installer 3.1 (KB893803) Windows Live Communications Platform Windows Live Essentials Windows Live inloggningsassistenten Windows Live Messenger Windows Live Upload Tool Windows Media Format Runtime Windows Media Player 10 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB883667 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888239 Windows XP Hotfix - KB890175 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB892050 Windows XP Hotfix - KB893066 WinRAR archiver Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 0.9.4 World of Warcraft ==== End Of File =========================== Ja, jag tog bort allt. Har en fråga, vet inte om ni kan svara på den men då jag trycker CTRL+ALT+DELETE så ser jag att de finns en sak i SYSTEM. erkn.exe heter den. Är de från något program eller är de nå bakterie?
  8. Wazzi
    Malwarebytes' Anti-Malware 1.43 Databasversion: 3508 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 2010-01-07 19:02:14 mbam-log-2010-01-07 (19-02-09).txt Skanningstyp: Fullständig skanning (C:\|) Antal skannade objekt: 214981 Förfluten tid: 34 minute(s), 23 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 1 Infekterade registernycklar: 1 Infekterade registervärden: 0 Infekterade registerdataposter: 1 Infekterade mappar: 0 Infekterade filer: 2 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: \\?\globalroot\systemroot\system32\H8SRTasaxnfbedp.dll (Trojan.Vundo) -> No action taken. Infekterade registernycklar: HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> No action taken. Infekterade registervärden: (Inga illasinnade poster hittades) Infekterade registerdataposter: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: \\?\globalroot\systemroot\system32\H8SRTasaxnfbedp.dll (Trojan.Vundo) -> No action taken. C:\WINDOWS\system32\krl32mainweq.dll (Trojan.DNSChanger) -> No action taken. Sådär, en del trojaner försvann tack vare MBAM! Tack så mycket. Men hur kan jag kolla så att Olmarik är borta? Scanna med ESET?
  9. Wazzi
    Hej! Jag fick ett virus och säkert några trojaner för några dagar sen. Allt jag har tagit bort med ESET förutom Olmarik. Jag har försökt med ESET och SPYWAREfighter.Kan starta internet en gång sen måste de ladda minst tio minuter. Så de skulle vara väldigt vänligt om någon kunde hjälpa mig.
×
×
  • Skapa nytt...