mindre kapital

Magazine
Go Back   Computer Juice > Computer Software > Virus, spionprogram och säkerhet
Reload this Page

Malware logg

Registrera Site Spy Medlemslista Donate Söka Dagens inlägg Markera forum som lästa Forum Regler

Register


 Default 

Malware logg




Reply
 
Thread Tools
  #1  
Old 1 mars 2008, 05:05
Ledamot Gruppen
  
Default Malware logg

Loggfil av Trend Micro HijackThis v2.0.2
Scan sparades vid 12:00:44 den 01/03/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Kör processer:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program \ McAfee \ MBK \ MBackMonitor.exe
C: \ progra ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
C: \ Program \ Delade filer \ McAfee \ MNA \ mcnasvc.exe
c: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Program \ McAfee \ MPF \ MPFSrv.exe
C: \ Program \ McAfee \ MSK \ MskSrver.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.EXE
c: \ progra ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ Program \ TomTom HOME 2 \ HOMERunner.exe
C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe
C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
C: \ Program \ Java \ jre1.5.0_09 \ bin \ jusched.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ CyberLink \ Power2Go \ Power2GoExpress.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program \ Java \ jre1.5.0_09 \ bin \ jucheck.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ CCleaner \ CCleaner.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (inget namn) - (00A6FAF6-072E-44cf-8957-5838F569A31D) - C: \ Program Files \ MyWebSearch \ SrchAstt \ 1.bin \ MWSSRCAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program \ Yahoo! \ Companion \ installs \ CPN \ yt.dll
O3 - Toolbar: My Web Search - (07B18EA9-A523-4961-B6BB-170DE4475CCA) - C: \ Program Files \ MyWebSearch \ bar \ 1.bin \ MWSBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program \ Yahoo! \ Companion \ installs \ CPN \ yt.dll
O4 - HKLM \ .. \ Run: [MBkLogOnHook] C: \ Program \ McAfee \ MBK \ LogOnHook.exe
O4 - HKLM \ .. \ Run: [TomTomHOME.exe] "C: \ Program \ TomTom HOME 2 \ HOMERunner.exe"-s
O4 - HKLM \ .. \ Run: [My Web Search Bar Search Tillämpningsområde Monitor] "C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [MyWebSearch Email Plugin] C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program \ Java \ jre1.5.0_09 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / bakgrund
O4 - HKCU \ .. \ Run: [MyWebSearch Email Plugin] C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
O4 - HKCU \ .. \ Run: [Power2GoExpress] "C: \ Program Files \ CyberLink \ Power2Go \ Power2GoExpress.exe" / start
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User "SYSTEM")
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Belkin F5D8053 N Wireless USB Adapter Utility.lnk = C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra sammanhang menyobjektet: & Search -- http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZJ
O8 - Extra sammanhang menyobjektet: E & xportera till Microsoft Excel - res: / / C: \ progra ~ 1 \ mikro ~ 3 \ Office10 \ EXCEL.EXE/3000
Ø9 - Extra button: (inget namn) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program \ Java \ jre1.5.0_09 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program \ Java \ jre1.5.0_09 \ bin \ ssv.dll
Ø9 - Extra button: (inget namn) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.pcservicecall.co.uk
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (4C39376E-FA9D-4349-BACC-D305C1750EF3) (EPUImageControl Class) -- http://sell-vehicle.ebay.co.uk/image..._v1-0-3-50.cab
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Avgörande cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (F04A8AE2-A59D-11D2-8792-00C04F8EF29D) (Hotmail Attachments Control) -- http://by121fd.bay121.hotmail.msn.co...x/HMAtchmt.ocx
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (5D3D0EC7-51D8-414D-81B8-BB319A5A73C4): NameServer = 192.168.0.1
O23 - Service: McAfee Application Installer Cleanup (0287341204362868) (0287341204362868mcinstcleanup) - McAfee, Inc. - C: \ WINDOWS \ TEMP \ 028734 ~ 1.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: MBackMonitor - McAfee - C: \ Program \ McAfee \ MBK \ MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C: \ Program \ Delade filer \ McAfee \ MNA \ mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C: \ Program \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C: \ Program \ McAfee \ MSK \ MskSrver.exe
O23 - Service: MSSQLServerADHelper - okänd ägare - C: \ Program \ Microsoft SQL Server \ 80 \ Tools \ Binn \ sqladhlp.exe (fil saknas)
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
--
End of file - 7858 bytes

RENGÖRING COMPLETE - (3.135 secs)
-------------------------------------------------- ----------------------------------------
5.71MB bort.
-------------------------------------------------- ----------------------------------------
Uppgifter om ärenden utgår
-------------------------------------------------- ----------------------------------------
IE Tillfälliga Internet-filer (421 filer) 5.70MB
C: \ Documents and Settings \ Bann \ Cookies \ bann@int.sitestat [1]. Txt 103 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ mediaplex [2]. Txt 85 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ dator-juice [2]. Txt 808 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@www.burstnet [2]. Txt 77 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ lever [2]. Txt 504 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@rad.live [2]. Txt 690 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ tribalfusion [2]. Txt 330 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ msn [1]. Txt 345 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ adecn [1]. Txt 214 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ reklam [1]. Txt 283 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@d3.zedo [1]. Txt 72 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@ads.pointroll [1]. Txt 668 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ Zedo [1]. Txt 408 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ 888 [2]. Txt 155 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@eas.apm.emediate [1]. Txt 289 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ interclick [2]. Txt 414 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@rotator.its.adjuggler [1]. Txt 113 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@p.live [1]. Txt 102 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ yahoo [1]. Txt 82 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ DoubleClick [1]. Txt 89 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@int.sitestat [2]. Txt 99 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@login.live [2]. Txt 180 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@h.live [1]. Txt 68 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@rotator.adjuggler [2]. Txt 205 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@www.iefjios [1]. Txt 90 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ atdmt [2]. Txt 101 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@ad.yieldmanager [2]. Txt 1.06KB
C: \ Documents and Settings \ Bann \ Application Data \ söndag \ Java \ Deployment \ cache \ javapi \ v1.0 \ jar \ JVM impro.jar-51fad18-787f377f.idx 153 bytes
C: \ Documents and Settings \ Bann \ Application Data \ söndag \ Java \ Deployment \ cache \ javapi \ v1.0 \ jar \ JVM vers.jar-4b6e6f5b-4dc46c65.idx 152 bytes
C: \ Documents and Settings \ Bann \ Application Data \ Macromedia \ Flash Player \ # SharedObjects \ 99SH2MHK \ interclick.com \ ud.s ol 139 bytes
C: \ Documents and Settings \ Bann \ Application Data \ Macromedia \ Flash Player \ macromedia.com \ support \ FlashPlayer \ sys \ # int erclick.com \ settings.sol 84 bytes
C: \ Documents and Settings \ Bann \ Application Data \ Macromedia \ Flash Player \ macromedia.com \ support \ FlashPlayer \ system \ sett ings.sol 380 bytes
-------------------------------------------------- ----------------------------------------
  #2  
Old 1 mars 2008, 09:14
Ledamot Gruppen
  
Default Malware logg

Du har MyWebSearch installeras som adware / spyware, se om du kan ta bort det från Lägg till / ta bort program. Om inte

Markera kryssrutan bredvid dessa och klicka på "Fix checked"

O4 - HKLM \ .. \ Run: [My Web Search Bar Search Tillämpningsområde Monitor] "C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [MyWebSearch Email Plugin] C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
R3 - URLSearchHook: (inget namn) - (00A6FAF6-072E-44cf-8957-5838F569A31D) - C: \ Program Files \ MyWebSearch \ SrchAstt \ 1.bin \ MWSSRCAS.DLL
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
  #3  
Old 1 mars 2008, 11:23
Moderator-gruppen
  
Default Malware logg

Sen efter en ny HijackThis-logg.
__________________
  #4  
Old 1 mars 2008, 14:19
Ledamot Gruppen
  
Default Malware logg

Loggfil av Trend Micro HijackThis v2.0.2
Scan sparades vid 17:37:28 den 01/03/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Kör processer:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program \ McAfee \ MBK \ MBackMonitor.exe
C: \ progra ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
C: \ Program \ Delade filer \ McAfee \ MNA \ mcnasvc.exe
c: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Program \ McAfee \ MPF \ MPFSrv.exe
C: \ Program \ McAfee \ MSK \ MskSrver.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.EXE
c: \ progra ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ Program \ TomTom HOME 2 \ HOMERunner.exe
C: \ Program \ Java \ jre1.5.0_09 \ bin \ jusched.exe
C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ Program Files \ CyberLink \ Power2Go \ Power2GoExpress.exe
C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program \ Java \ jre1.5.0_09 \ bin \ jucheck.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = 127.0.0.1
O4 - HKLM \ .. \ Run: [MBkLogOnHook] C: \ Program \ McAfee \ MBK \ LogOnHook.exe
O4 - HKLM \ .. \ Run: [TomTomHOME.exe] "C: \ Program \ TomTom HOME 2 \ HOMERunner.exe"-s
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program \ Java \ jre1.5.0_09 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [My Web Search Bar Search Tillämpningsområde Monitor] "C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / bakgrund
O4 - HKCU \ .. \ Run: [Power2GoExpress] "C: \ Program Files \ CyberLink \ Power2Go \ Power2GoExpress.exe" / start
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User "SYSTEM")
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Belkin F5D8053 N Wireless USB Adapter Utility.lnk = C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra sammanhang menyobjektet: & Search -- http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZJ
O8 - Extra sammanhang menyobjektet: E & xportera till Microsoft Excel - res: / / C: \ progra ~ 1 \ mikro ~ 3 \ Office10 \ EXCEL.EXE/3000
Ø9 - Extra button: (inget namn) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program \ Java \ jre1.5.0_09 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program \ Java \ jre1.5.0_09 \ bin \ ssv.dll
Ø9 - Extra button: (inget namn) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.pcservicecall.co.uk
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (4C39376E-FA9D-4349-BACC-D305C1750EF3) (EPUImageControl Class) -- http://sell-vehicle.ebay.co.uk/image..._v1-0-3-50.cab
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Avgörande cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (F04A8AE2-A59D-11D2-8792-00C04F8EF29D) (Hotmail Attachments Control) -- http://by121fd.bay121.hotmail.msn.co...x/HMAtchmt.ocx
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (5D3D0EC7-51D8-414D-81B8-BB319A5A73C4): NameServer = 192.168.0.1
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: MBackMonitor - McAfee - C: \ Program \ McAfee \ MBK \ MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C: \ Program \ Delade filer \ McAfee \ MNA \ mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c: \ progra ~ 1 \ GEMENSAMMA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C: \ progra ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C: \ Program \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C: \ Program \ McAfee \ MSK \ MskSrver.exe
O23 - Service: MSSQLServerADHelper - okänd ägare - C: \ Program \ Microsoft SQL Server \ 80 \ Tools \ Binn \ sqladhlp.exe (fil saknas)
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
--
End of file - 6847 bytes
  #5  
Old 1 mars 2008, 14:31
Moderator-gruppen
  
Default Malware logg

Är du meddelanden om samma loggar / dator i två trådar?
__________________
Reply

Register

Komihåglista

Liknande Trådar
Tråd Thread Starter Forum Svar Senaste Inlägg
Hjälp med Malware Antivirus Pro jjohan Virus, spionprogram och säkerhet 2 20 Oktober 2009 07:05
Autorun Malware? sungod000 Virus, spionprogram och säkerhet 5 23 juni 2009 12:14
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Kontakt -- Integritetspolicy -- Sitemap -- Toppen

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO av vBSEO © 2009, sökningen, Inc.