[Razer]

Denne isnt noe viktig takke Herren, bare lurer på om du kunne ha en bla gjennom hvis du får et minutt for å se om jeg har noen nasties Jeg er ikke klar over, takket en haug guys!

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 20:42:25, on 01/09/2008
Plattform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ Programfiler \ Lavasoft \ Ad-Aware \ aawservice.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ brsvc01a.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ Programfiler \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ PnkBstrA.exe
C: \ Program Files \ Cyberlink \ Shared Files \ RichVideo.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Windows Defender \ MSASCui.exe
C: \ Programfiler \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.exe
C: \ WINDOWS \ system32 \ LVCOMSX.EXE
C: \ Programfiler \ Logitech \ Video \ LogiTray.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programfiler \ steam \ steam.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ Logitech \ Video \ FxSvr2.exe
C: \ Programfiler \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
C: \ Programfiler \ Windows Live \ Messenger \ usnsvc.exe
C: \ Programfiler \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Programfiler \ MessengerDiscovery \ MessengerDiscovery Live.exe
C: \ Programfiler \ Windows Live \ Contacts \ wlcomm.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ Programfiler \ Windows Media Player \ wmplayer.exe
C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe
C: \ Programfiler \ Logitech \ SetPoint \ SetPoint.exe
C: \ Programfiler \ Fellesfiler \ Logishrd \ KHAL2 \ KHALMNPR.EXE
C: \ Programfiler \ Trend Micro \ HijackThis \ HijackThis.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://cbfsms.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Tittel = Utforsk **** i "Web
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. local
F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Fellesfiler \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Programfiler \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [avast!] C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [Kernel og Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Programfiler \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Programfiler \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun
O4 - HKLM \ .. \ Run: [LVCOMSX] C: \ WINDOWS \ system32 \ LVCOMSX.EXE
O4 - HKLM \ .. \ Run: [LogitechVideoRepair] C: \ Programfiler \ Logitech \ Video \ ISStart.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [Cmaudio] rundll32 cmicnfg.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [MSConfig] C: \ WINDOWS \ PCHealth \ HelpCtr \ Binaries \ Msconfig.exe / auto
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Programfiler \ Windows Live \ Messenger \ msnmsgr.exe" / background
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C: \ Programfiler \ Logitech \ SetPoint \ SetPoint.exe
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 2 \ Office12 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra knappen: Send til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ progra ~ 1 \ micros ~ 2 \ Office12 \ ONBttnIE.dll
O9 - Extra "Verktøy" MENUITEM: S & end til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ progra ~ 1 \ micros ~ 2 \ Office12 \ ONBttnIE.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 2 \ Office12 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: (1E54D648-B804-468d-BC78-4AFFED8E262E) (System Requirements Lab) -- http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (Checkers Klassifikasjon) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasse) -- http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: (67A5F8DC-1A4B-4D66-9F24-A704AD929EEE) (System Requirements Lab) -- http://www.nvidia.com/content/Driver...sysreqlab2.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasse) -- http://www.update.microsoft.com/micr...?1195685283109
O16 - DPF: (74DBCB52-F298-4110-951D-AD2FF67BC8AB) (NVIDIA Smart Scan) -- http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: (8167C273-DF59-4416-B647-C8BB2C7EE83E) (WebSDev Control) -- http://liveupdate.msi.com.tw/autobio...ne/install.cab
O16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Avgjørende cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl klasse) -- http://messenger.zone.msn.com/binary...t.cab57213.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Klassifikasjon) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: (E6187999-9FEC-46A1-A20F-F4CA977D5643) (ZoneChess Object) -- http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://plugin.driveragent.com/files/driveragent.cab
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Programfiler \ Microsoft Office \ Office12 \ GrooveSystemServices.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Programfiler \ Lavasoft \ Ad-Aware \ aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: ATI Hurtigtast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Programfiler \ Bonjour \ mDNSResponder.exe
O23 - Service: BrSplService (Brother XP SPL Service) - Brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Programfiler \ Fellesfiler \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C: \ Programfiler \ Fellesfiler \ Logishrd \ Bluetooth \ LBTServ.exe
O23 - Service: NBService - Nero AG - C: \ Programfiler \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Programfiler \ Fellesfiler \ Ahead \ Lib \ NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C: \ WINDOWS \ system32 \ PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service (CRVS) (RichVideo) - Unknown owner - C: \ Program Files \ Cyberlink \ Shared Files \ RichVideo.exe

--
End of file - 11133 bytes


Hope Theres ingenting og litt treghet er min P4 gi opp ..

[evilfantasy]

Laste ned Malwarebytes' Anti-Malware (MBAM)

• Dobbeltklikk mbam-setup.exe og følger instruksjonene for å installere programmet.
• Ved utgangen, må du passe på et merke plasseres ved siden av det følgende:
  • Oppdater Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Deretter klikker du Fullfør.
• Hvis en oppdatering er funnet, vil laste ned og installere den nyeste versjonen.
• Når programmet er lastet, velger du Utføre rask skanning, Og klikk Scan.
• Når skanningen er fullført, klikker du OK, Deretter Vis resultater å vise resultater.
• Pass på at alt er sjekket, og klikk Fjern valgte.
• Når desinfeksjon er ferdig, en logg åpnes i Notepad, og du kan bli bedt om å starte. (Se Extra Note)
• Loggen lagres automatisk ved MBAM og kan vises ved å klikke Logger kategorien i MBAM.
• Kopier og lim inn hele rapporten i neste svaret.

Ekstra Merk: Hvis MBAM finner en fil som er vanskelig å fjerne, vil du bli presentert med 1 av 2 ledetekster, klikk OK for å enten og la MBAM fortsette med desinfeksjon prosessen, hvis du blir bedt om å starte datamaskinen på nytt, kan du gjøre det umiddelbart.

[Razer]

Malwarebytes' Anti-Malware 1.25
Database versjon: 1103
Windows 5.1.2600 Service Pack 3
23:16:55 01/09/2008
mbam-log-09-01-2008 (23-16-55). txt
Scan type: Quick Scan
Objekter skannet: 51583
Tid brukt: 6 minutt (er), 29 sekund (er)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registernøkler Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(Ingen skadelige eks oppdaget)
Memory Modules Infected:
(Ingen skadelige eks oppdaget)
Registernøkler Infected:
(Ingen skadelige eks oppdaget)
Registry Values Infected:
(Ingen skadelige eks oppdaget)
Registry Data Items Infected:
(Ingen skadelige eks oppdaget)
Folders Infected:
(Ingen skadelige eks oppdaget)
Files Infected:
(Ingen skadelige eks oppdaget)

[evilfantasy]

Det er ikke noe malware i loggen.

Vet du hva dette er?

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html

[Razer]

Det stemmer, Winzy er den søkemotoren jeg pleide å bruke tthinking jeg kunne få premier fra det ingenting å bekymre deg for det

Skål for tiden din!

[evilfantasy]

Java er utdatert.

Eldre versjoner har sårbarheter som skadelige nettsteder kan bruke til å infisere maskinen.

Først installerer den nye Sun Java Runtime Environment

Husk å lukke alle webleservinduer før du begynner å installere.

Fjern den gamle versjonen (e)

• Last ned JavaRa.zip og pakke ut filen på skrivebordet.
• Åpne JavaRA.exe og velge Fjern eldre versjoner
• Når avkjørsel JavaRA og slette programmet.
• Kjør CCleaner.

----------

Bruk Secunia Software Inspector for å se etter utdatert programvare.

• Klikk Start nå
• Merk av for Aktiver grundig system inspeksjon.
• Klikk Start
• Tillat skanningen er ferdig, og bla ned for å se om noen oppdateringer er nødvendig.
• Update noe oppført.

----------

Gå til Microsoft Windows Update og få alle kritiske sikkerhet oppdateringer. (du må bruke Internet Explorer til å gjøre dette)