/ Forside/ Teknologi / Internet / Andet internet / Spørgsmål
Login
Glemt dit kodeord?
Brugernavn

Kodeord


Reklame
Top 10 brugere
Andet internet
#NavnPoint
Klaudi 15941
o.v.n. 10991
refi 7735
molokyle 7317
miritdk 6664
Nordsted1 5250
severino 4485
webnoob 3820
tedd 3588
10  stl_s 3378
Virus :s
Fra : CerwinVega
Vist : 650 gange
71 point
Dato : 07-12-07 21:13

Jeg sidder her og bøvler med en virus som hedder Trojan.Vundo !

Jeg har kørt norton 2007 med de sidste nye updates og brugt seek and destroy samt Ccleaner alle opdateret...mit problem er når jeg renser det hele og genstarter, så ser det ud til at virusen er fjernet...men somme tider popper norton op og siger at vundo prøvede på noget men blev blocket.

Jeg har prøvet at kørt et program fra symantec som var et remove tool til denne virus, men efter en scan for jeg at vide der ikke blev funde noget. !

Jeg har oxo prøvet at scanne i fejlsikret tilstand og deaktivere systemgendan samt hive internet kabel ud.

ellers nogle forslag ??





 
 
Kommentar
Fra : miritdk


Dato : 07-12-07 21:18

opret dig gratis som bruger her

http://www.malwarecheck.dk/forum/

følg vejledningen her:

http://www.malwarecheck.dk/forum/viewtopic.php?t=9

og kopier indholdet ind i nyt emne i forummet - også herunder

http://www.malwarecheck.dk/forum/viewforum.php?f=10

Kommentar
Fra : stl_s


Dato : 07-12-07 21:18

Lad os prøve at få nakket den:

Hent Combofix, og gem den på dit skrivebord:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Kør så combofix.exe, og følg vejledningen i vinduet.

OBS Vista brugere: Start ComboFix ved at højreklikke og "Kør som administrator".

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt som kan findes her-C:\combofix.txt

Kopier loggen her ind.

Nogle sikkerhedsprogrammer anser ComboFix som virus. Det er den ikke.


Kommentar
Fra : miritdk


Dato : 07-12-07 21:19

ok - lyt til stl_s fra nu af

Kommentar
Fra : stl_s


Dato : 07-12-07 21:20

Nåh ja, jamen gør bare hvad miritdk skriver

Kommentar
Fra : miritdk


Dato : 07-12-07 21:20



Kommentar
Fra : stl_s


Dato : 07-12-07 21:21



Kommentar
Fra : CerwinVega


Dato : 07-12-07 22:14

ComboFix 07-12-07.3 - Morten F I 2007-12-07 22:06:12.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1030.18.1446 [GMT 1:00]
Running from: C:\Documents and Settings\Morten F I\Skrivebord\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Programmer\download plugin
C:\Programmer\download plugin\DlPlugin-MSIE_1.5.0.0\axdlplug.inf
C:\Programmer\SecCenter
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\adiifjrm.dll
C:\WINDOWS\system32\agroeedr.dll
C:\WINDOWS\system32\bbadd.bak1
C:\WINDOWS\system32\bbadd.bak2
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bbadd.tmp
C:\WINDOWS\system32\bfxsnecd.dll
C:\WINDOWS\system32\bucehwia.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\humhhjte.dll
C:\WINDOWS\system32\jalbwsns.ini
C:\WINDOWS\system32\lipolbfa.dll
C:\WINDOWS\system32\lwvqhjhr.dll
C:\WINDOWS\system32\mljhhig.dll
C:\WINDOWS\system32\ngxvclsk.dll
C:\WINDOWS\system32\ntmxpxau.dll
C:\WINDOWS\system32\onsrvxdb.dll
C:\WINDOWS\system32\rrnyyaju.dll
C:\WINDOWS\system32\snswblaj.dll
C:\WINDOWS\system32\tmp30.tmp
C:\WINDOWS\system32\tmp31.tmp
C:\WINDOWS\system32\tmp32.tmp
C:\WINDOWS\system32\tmp33.tmp
C:\WINDOWS\system32\tqpnogvb.dll
C:\WINDOWS\system32\vikarpqg.dll
C:\WINDOWS\system32\wmljyekj.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\nm


((((((((((((((((((((((((( Files Created from 2007-11-07 to 2007-12-07 )))))))))))))))))))))))))))))))
.

2007-12-07 21:44 . 2007-12-07 21:44   74,304   --a------   C:\WINDOWS\system32\cbqpnnao.exe
2007-12-07 01:02 . 2007-12-07 01:02   7,076   --a------   C:\WINDOWS\system32\vnxnngga.dll
2007-12-06 00:58 . 2007-12-07 00:01   1,961,968   ---hs----   C:\WINDOWS\system32\kdodiftc.ini
2007-12-06 00:13 . 2007-12-06 00:24   1,452,192   ---hs----   C:\WINDOWS\system32\esqocsdn.ini
2007-12-05 13:42 . 2007-12-06 00:01   872,579   ---hs----   C:\WINDOWS\system32\hjdcsofs.ini
2007-12-05 00:09 . 2007-12-05 13:33   796,793   ---hs----   C:\WINDOWS\system32\pfyvicky.ini
2007-12-04 13:41 . 2007-12-05 00:00   793,326   ---hs----   C:\WINDOWS\system32\qyydttcn.ini
2007-12-03 12:28 . 2007-12-04 13:32   803,700   ---hs----   C:\WINDOWS\system32\pylfsaxw.ini
2007-12-02 12:07 . 2007-12-03 12:23   792,312   ---hs----   C:\WINDOWS\system32\djsmdpee.ini
2007-12-01 23:24 . 2007-12-01 23:24   102,912   --a------   C:\WINDOWS\system32\drvfeh.dll
2007-11-30 23:57 . 2007-11-30 23:57   317,616   --a------   C:\WINDOWS\system32\drivers\srtspl.sys
2007-11-30 23:57 . 2007-11-30 23:57   279,088   --a------   C:\WINDOWS\system32\drivers\srtsp.sys
2007-11-30 23:57 . 2007-11-30 23:57   43,696   --a------   C:\WINDOWS\system32\drivers\srtspx.sys
2007-11-30 23:57 . 2007-11-30 23:57   10,549   --a------   C:\WINDOWS\system32\drivers\srtspx.cat
2007-11-30 23:57 . 2007-11-30 23:57   10,549   --a------   C:\WINDOWS\system32\drivers\srtspl.cat
2007-11-30 23:57 . 2007-11-30 23:57   10,545   --a------   C:\WINDOWS\system32\drivers\srtsp.cat
2007-11-30 23:57 . 2007-11-30 23:57   1,430   --a------   C:\WINDOWS\system32\drivers\srtspl.inf
2007-11-30 23:57 . 2007-11-30 23:57   1,421   --a------   C:\WINDOWS\system32\drivers\srtspx.inf
2007-11-30 23:57 . 2007-11-30 23:57   1,415   --a------   C:\WINDOWS\system32\drivers\srtsp.inf
2007-11-22 16:32 . 2007-11-22 16:32   230   --a------   C:\WINDOWS\system32\spupdsvc.inf
2007-11-22 16:17 . 2007-11-22 16:33   <DIR>   d--------   C:\WINDOWS\system32\da-dk
2007-11-15 22:58 . 2007-11-15 22:58   <DIR>   d--------   C:\Documents and Settings\Morten F I\Application Data\Microsoft Games
2007-11-12 18:29 . 2007-11-12 18:29   669,184   --a------   C:\WINDOWS\system32\pbsvc.exe
2007-11-12 18:29 . 2007-11-12 18:29   22,328   --a------   C:\Documents and Settings\Morten F I\Application Data\PnkBstrK.sys
2007-11-12 15:34 . 2007-07-30 19:19   271,224   --a------   C:\WINDOWS\system32\mucltui.dll
2007-11-12 15:34 . 2007-07-30 19:18   30,072   --a------   C:\WINDOWS\system32\mucltui.dll.mui
2007-11-11 18:50 . 2007-11-11 19:07   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-11-11 18:39 . 2007-11-11 18:39   <DIR>   d--------   C:\Programmer\Windows Live
2007-11-11 18:35 . 2007-11-11 19:05   <DIR>   d--------   C:\Programmer\MSN Messenger
2007-11-11 18:15 . 2007-11-11 18:29   <DIR>   d--------   C:\Programmer\Messenger Plus! Live
2007-11-11 18:04 . 2004-08-26 17:53   21,504   --a------   C:\WINDOWS\system32\hidserv.dll
2007-11-11 18:04 . 2004-08-26 17:53   21,504   --a--c---   C:\WINDOWS\system32\dllcache\hidserv.dll
2007-11-11 18:04 . 2004-08-26 17:49   14,848   --a------   C:\WINDOWS\system32\drivers\kbdhid.sys
2007-11-11 18:04 . 2004-08-26 17:49   14,848   --a--c---   C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-11-11 16:20 . 2007-11-11 16:20   <DIR>   d--------   C:\Programmer\Microsoft CAPICOM 2.1.0.2
2007-11-11 15:48 .    <DIR>      C:\Programmer\Fælles filer\WindowsLiveInstaller
2007-11-11 15:47 . 2007-11-11 17:28   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-11 04:31 . 2007-11-11 04:31   <DIR>   d--------   C:\Documents and Settings\Morten F I\Application Data\Sierra Entertainment
2007-11-11 02:29 . 2007-11-18 19:22   <DIR>   d--------   C:\WINDOWS\system32\AGEIA
2007-11-11 02:29 . 2007-11-18 19:22   <DIR>   d--------   C:\Programmer\AGEIA Technologies
2007-11-10 21:54 . 2007-11-10 21:54   <DIR>   d--------   C:\Documents and Settings\Morten F I\Application Data\Turbine
2007-11-10 21:44 . 2007-11-10 21:44   <DIR>   d--------   C:\WINDOWS\system32\URTTEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-07 21:12   0   ----a-w   C:\WINDOWS\system32\drivers\lvuvc.hs
2007-12-07 20:04   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-07 13:12   ---------   d-----w   C:\Documents and Settings\Morten F I\Application Data\Azureus
2007-12-05 23:21   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-05 23:06   ---------   d-----w   C:\Programmer\Fælles filer\Symantec Shared
2007-12-05 13:16   805   ----a-w   C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-12-05 13:16   60,800   ----a-w   C:\WINDOWS\system32\S32EVNT1.DLL
2007-12-05 13:16   123,952   ----a-w   C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-05 13:16   10,740   ----a-w   C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-12-05 13:16   ---------   d-----w   C:\Programmer\Symantec
2007-11-27 19:47   ---------   d-----w   C:\Programmer\Winamp
2007-11-18 19:09   ---------   d--h--w   C:\Programmer\InstallShield Installation Information
2007-11-18 18:22   ---------   d-----w   C:\Programmer\Fælles filer\Wise Installation Wizard
2007-11-17 22:02   ---------   d-----w   C:\Programmer\Norton AntiVirus
2007-11-12 17:29   66,872   ----a-w   C:\WINDOWS\system32\PnkBstrA.exe
2007-11-12 17:29   22,328   ----a-w   C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-12 17:29   103,736   ----a-w   C:\WINDOWS\system32\PnkBstrB.exe
2007-11-02 16:38   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
2007-10-31 22:35   ---------   d-----w   C:\Programmer\CloneCD
2007-10-31 21:36   81,920   ----a-w   C:\Documents and Settings\Morten F I\Application Data\ezpinst.exe
2007-10-31 21:36   47,360   ----a-w   C:\Documents and Settings\Morten F I\Application Data\pcouffin.sys
2007-10-31 21:36   ---------   d-----w   C:\Documents and Settings\Morten F I\Application Data\Vso
2007-10-31 21:32   47,360   ----a-w   C:\WINDOWS\system32\drivers\pcouffin.sys
2007-10-30 20:13   278,984   ----a-w   C:\WINDOWS\system32\drivers\atksgt.sys
2007-10-30 20:13   25,416   ----a-w   C:\WINDOWS\system32\drivers\lirsgt.sys
2007-10-30 20:08   ---------   d-----w   C:\Programmer\DAEMON Tools Pro
2007-10-30 19:58   ---------   d-----w   C:\Documents and Settings\Morten F I\Application Data\DAEMON Tools Pro
2007-10-30 19:57   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-10-30 18:55   625,032   ----a-w   C:\WINDOWS\system32\SymNeti.dll
2007-10-30 18:55   39,856   ----a-w   C:\WINDOWS\system32\drivers\symids.sys
2007-10-30 18:55   37,936   ----a-w   C:\WINDOWS\system32\drivers\symndisv.sys
2007-10-30 18:55   35,120   ----a-w   C:\WINDOWS\system32\drivers\symndis.sys
2007-10-30 18:55   27,696   ----a-w   C:\WINDOWS\system32\drivers\symredrv.sys
2007-10-30 18:55   242,056   ----a-w   C:\WINDOWS\system32\SymRedir.dll
2007-10-30 18:55   191,536   ----a-w   C:\WINDOWS\system32\drivers\symtdi.sys
2007-10-30 18:55   145,968   ----a-w   C:\WINDOWS\system32\drivers\symfw.sys
2007-10-30 18:55   12,848   ----a-w   C:\WINDOWS\system32\drivers\symdns.sys
2007-10-30 18:24   12,963   ----a-w   C:\WINDOWS\system32\drivers\SymRedir.cat
2007-10-30 18:24   1,358   ----a-w   C:\WINDOWS\system32\drivers\SymRedir.inf
2007-10-29 20:56   ---------   d-----w   C:\Programmer\Azureus
2007-10-27 18:31   ---------   d-----w   C:\Programmer\HLSW
2007-10-24 22:15   ---------   d-----w   C:\Programmer\Java
2007-10-09 20:18   ---------   d-----w   C:\Programmer\ATI Driver
2007-10-05 18:36   315,392   ----a-w   C:\WINDOWS\HideWin.exe
2007-09-23 17:20   86,016   ----a-w   C:\WINDOWS\system32\OpenAL32.dll
2007-09-23 17:20   413,696   ----a-w   C:\WINDOWS\system32\wrap_oal.dll
2007-09-13 08:45   70,944   ----a-w   C:\WINDOWS\system32\PhysXLoader.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 16:53]
"MsnMsgr"="C:\Programmer\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"SystemTray"="SysTray.Exe" [2001-10-09 14:00 C:\WINDOWS\system32\systray.exe]
"ccApp"="C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe" []
"osCheck"="C:\Programmer\Norton AntiVirus\osCheck.exe" [2006-09-05 20:22]
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"ISUSScheduler"="C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" []
"LogitechCommunicationsManager"="C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" []
"LogitechQuickCamRibbon"="C:\Programmer\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06]
"StartCCC"="C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 15:08 C:\WINDOWS\RTHDCPL.exe]
"CloneCDElbyCDFL"="C:\Programmer\CloneCD\ElbyCheck.exe" [2002-11-02 07:33]
"Symantec PIF AlertEng"="C:\Programmer\Fælles filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-26 16:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winwim32]
winwim32.dll


.
Contents of the 'Scheduled Tasks' folder
"2007-06-29 19:05:00 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Morten F I.job"
- C:\PROGRA~1\NORTON~1\Navw32.exeh/TASK:
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 22:12:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-07 22:13:35 - machine was rebooted
.
   --- E O F ---


Kommentar
Fra : stl_s


Dato : 07-12-07 22:56

Der er stadigvæk masser af skidtfiler:

Kopier nedenstående med fed skrift ind i Notesblok (kun Notesblok må anvendes)


File::
C:\WINDOWS\system32\cbqpnnao.exe
C:\WINDOWS\system32\vnxnngga.dll
C:\WINDOWS\system32\kdodiftc.ini
C:\WINDOWS\system32\esqocsdn.ini
C:\WINDOWS\system32\hjdcsofs.ini
C:\WINDOWS\system32\pfyvicky.ini
C:\WINDOWS\system32\qyydttcn.ini
C:\WINDOWS\system32\pylfsaxw.ini
C:\WINDOWS\system32\djsmdpee.ini
C:\WINDOWS\system32\drvfeh.dll
C:\WINDOWS\system32\drivers\lvuvc.hs
C:\WINDOWS\SYSTEM32\winwim32.dll

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winwim32]




Gem filen som en txt fil med navnet CFScript på samme sted som du har ComboFix.

Træk så CFScript.txt hen på Combofix ikonet, som vist her http://i204.photobucket.com/albums/bb106/Juliet702/CFScript-createdbyMiekiemoes.gif

Så vil Combofix starte, og måske genstarte maskinen.

Kopier indholdet af Combofix.txt her ind.

---------------------------------------------------------

Så vil jeg foreslå at du kører Trin 1 til og med Trin 5 http://www.malwarecheck.dk/forum/viewtopic.php?t=11

Det vil tage noget tid, men der kan godt gemme sig lidt mere snavs.

Bagefter så kom med en HijackThis log:

1. Hent HijackThis ned til skrivebordet http://sptlarsenserious.googlepages.com/HJT-sfx.exe

2. Dobbeltklik på installationsfilen, og følg installationsvejledningen.

3. Dobbeltklik på det nye HijackThis ikon på skrivebordet.

4. På menuen der kommer op, klikker du på Do a systemscan and save a logfile.

5. Efter et kort øjeblik åbner en logfil i notesblok, og den kopierer du her ind.

Kommentar
Fra : CerwinVega


Dato : 07-12-07 23:00

Going in !

Kommentar
Fra : CerwinVega


Dato : 08-12-07 00:24

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:22:46, on 08-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmer\Logitech\QuickCam\Quickcam.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmer\Fælles filer\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\MSN Messenger\usnsvc.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Hijackthis\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jubii.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmer\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programmer\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [StartCCC] "C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programmer\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmer\Fælles filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmer\Fælles filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194810659000
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programmer\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 7488 bytes


Kommentar
Fra : CerwinVega


Dato : 08-12-07 00:25

Denne log er efter at have kørt de 5 trin samt det combofix igen med den note fil..der var dog et problem med bootning..måtte manuelt reboote for at starte op igen i windows

Kommentar
Fra : stl_s


Dato : 08-12-07 01:02

HJT er i orden. Kom lige med den sidste ComboFix log

Kommentar
Fra : yearhouse


Dato : 08-12-07 01:20

StL_S Du er en en IT-Gud

Jeg følgerlige udviklingen hér, inden jeg kommer med mine egne Vira eller "fejl 40"

TOM

Kommentar
Fra : stl_s


Dato : 08-12-07 01:38

Det var da noget af en titel . Tak yearhouse . Du er velkommen med vira eller fejl 40, eller hvad det nu viser sig at være

Kommentar
Fra : pk2dk99


Dato : 08-12-07 02:24

Jeg vil giv dig forslag at format din hd og geninstall windows.
mvh
pk2dk99

Kommentar
Fra : stl_s


Dato : 08-12-07 02:27

Citat
Jeg vil giv dig forslag at format din hd og geninstall windows.


ØØHHH, hvorfor nu lige det ? Maskinen er efter al sandsynlighed ren nu.

Kommentar
Fra : CerwinVega


Dato : 08-12-07 03:53

ComboFix 07-12-07.3 - Morten F I 2007-12-07 23:05:46.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1030.18.1522 [GMT 1:00]
Running from: C:\Documents and Settings\Morten F I\Skrivebord\ComboFix.exe
Command switches used :: C:\Documents and Settings\Morten F I\Skrivebord\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\system32\cbqpnnao.exe
C:\WINDOWS\system32\djsmdpee.ini
C:\WINDOWS\system32\drivers\lvuvc.hs
C:\WINDOWS\system32\drvfeh.dll
C:\WINDOWS\system32\esqocsdn.ini
C:\WINDOWS\system32\hjdcsofs.ini
C:\WINDOWS\system32\kdodiftc.ini
C:\WINDOWS\system32\pfyvicky.ini
C:\WINDOWS\system32\pylfsaxw.ini
C:\WINDOWS\system32\qyydttcn.ini
C:\WINDOWS\system32\vnxnngga.dll
C:\WINDOWS\SYSTEM32\winwim32.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\cbqpnnao.exe
C:\WINDOWS\system32\djsmdpee.ini
C:\WINDOWS\system32\drivers\lvuvc.hs
C:\WINDOWS\system32\drvfeh.dll
C:\WINDOWS\system32\esqocsdn.ini
C:\WINDOWS\system32\hjdcsofs.ini
C:\WINDOWS\system32\kdodiftc.ini
C:\WINDOWS\system32\pfyvicky.ini
C:\WINDOWS\system32\pylfsaxw.ini
C:\WINDOWS\system32\qyydttcn.ini
C:\WINDOWS\system32\vnxnngga.dll

.
((((((((((((((((((((((((( Files Created from 2007-11-07 to 2007-12-07 )))))))))))))))))))))))))))))))
.

2007-11-30 23:57 . 2007-11-30 23:57   317,616   --a------   C:\WINDOWS\system32\drivers\srtspl.sys
2007-11-30 23:57 . 2007-11-30 23:57   279,088   --a------   C:\WINDOWS\system32\drivers\srtsp.sys
2007-11-30 23:57 . 2007-11-30 23:57   43,696   --a------   C:\WINDOWS\system32\drivers\srtspx.sys
2007-11-30 23:57 . 2007-11-30 23:57   10,549   --a------   C:\WINDOWS\system32\drivers\srtspx.cat
2007-11-30 23:57 . 2007-11-30 23:57   10,549   --a------   C:\WINDOWS\system32\drivers\srtspl.cat
2007-11-30 23:57 . 2007-11-30 23:57   10,545   --a------   C:\WINDOWS\system32\drivers\srtsp.cat
2007-11-30 23:57 . 2007-11-30 23:57   1,430   --a------   C:\WINDOWS\system32\drivers\srtspl.inf
2007-11-30 23:57 . 2007-11-30 23:57   1,421   --a------   C:\WINDOWS\system32\drivers\srtspx.inf
2007-11-30 23:57 . 2007-11-30 23:57   1,415   --a------   C:\WINDOWS\system32\drivers\srtsp.inf
2007-11-22 16:32 . 2007-11-22 16:32   230   --a------   C:\WINDOWS\system32\spupdsvc.inf
2007-11-22 16:17 . 2007-11-22 16:33   <DIR>   d--------   C:\WINDOWS\system32\da-dk
2007-11-15 22:58 . 2007-11-15 22:58   <DIR>   d--------   C:\Documents and Settings\Morten F I\Application Data\Microsoft Games
2007-11-12 18:29 . 2007-11-12 18:29   669,184   --a------   C:\WINDOWS\system32\pbsvc.exe
2007-11-12 18:29 . 2007-11-12 18:29   22,328   --a------   C:\Documents and Settings\Morten F I\Application Data\PnkBstrK.sys
2007-11-12 15:34 . 2007-07-30 19:19   271,224   --a------   C:\WINDOWS\system32\mucltui.dll
2007-11-12 15:34 . 2007-07-30 19:18   30,072   --a------   C:\WINDOWS\system32\mucltui.dll.mui
2007-11-11 18:50 . 2007-11-11 19:07   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-11-11 18:39 . 2007-11-11 18:39   <DIR>   d--------   C:\Programmer\Windows Live
2007-11-11 18:35 . 2007-11-11 19:05   <DIR>   d--------   C:\Programmer\MSN Messenger
2007-11-11 18:15 . 2007-11-11 18:29   <DIR>   d--------   C:\Programmer\Messenger Plus! Live
2007-11-11 18:04 . 2004-08-26 17:53   21,504   --a------   C:\WINDOWS\system32\hidserv.dll
2007-11-11 18:04 . 2004-08-26 17:53   21,504   --a--c---   C:\WINDOWS\system32\dllcache\hidserv.dll
2007-11-11 18:04 . 2004-08-26 17:49   14,848   --a------   C:\WINDOWS\system32\drivers\kbdhid.sys
2007-11-11 18:04 . 2004-08-26 17:49   14,848   --a--c---   C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-11-11 16:20 . 2007-11-11 16:20   <DIR>   d--------   C:\Programmer\Microsoft CAPICOM 2.1.0.2
2007-11-11 15:48 .    <DIR>      C:\Programmer\Fælles filer\WindowsLiveInstaller
2007-11-11 15:47 . 2007-11-11 17:28   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-11 04:31 . 2007-11-11 04:31   <DIR>   d--------   C:\Documents and Settings\Morten F I\Application Data\Sierra Entertainment
2007-11-11 02:29 . 2007-11-18 19:22   <DIR>   d--------   C:\WINDOWS\system32\AGEIA
2007-11-11 02:29 . 2007-11-18 19:22   <DIR>   d--------   C:\Programmer\AGEIA Technologies
2007-11-10 21:54 . 2007-11-10 21:54   <DIR>   d--------   C:\Documents and Settings\Morten F I\Application Data\Turbine
2007-11-10 21:44 . 2007-11-10 21:44   <DIR>   d--------   C:\WINDOWS\system32\URTTEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-07 22:05   ---------   d-----w   C:\Documents and Settings\Morten F I\Application Data\Azureus
2007-12-07 22:01   ---------   d-----w   C:\Programmer\Azureus
2007-12-07 20:04   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-05 23:21   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-05 23:06   ---------   d-----w   C:\Programmer\Fælles filer\Symantec Shared
2007-12-05 13:16   805   ----a-w   C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-12-05 13:16   60,800   ----a-w   C:\WINDOWS\system32\S32EVNT1.DLL
2007-12-05 13:16   123,952   ----a-w   C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-05 13:16   10,740   ----a-w   C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-12-05 13:16   ---------   d-----w   C:\Programmer\Symantec
2007-11-27 19:47   ---------   d-----w   C:\Programmer\Winamp
2007-11-18 19:09   ---------   d--h--w   C:\Programmer\InstallShield Installation Information
2007-11-18 18:22   ---------   d-----w   C:\Programmer\Fælles filer\Wise Installation Wizard
2007-11-17 22:02   ---------   d-----w   C:\Programmer\Norton AntiVirus
2007-11-12 17:29   66,872   ----a-w   C:\WINDOWS\system32\PnkBstrA.exe
2007-11-12 17:29   22,328   ----a-w   C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-12 17:29   103,736   ----a-w   C:\WINDOWS\system32\PnkBstrB.exe
2007-11-02 16:38   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
2007-10-31 22:35   ---------   d-----w   C:\Programmer\CloneCD
2007-10-31 21:36   81,920   ----a-w   C:\Documents and Settings\Morten F I\Application Data\ezpinst.exe
2007-10-31 21:36   47,360   ----a-w   C:\Documents and Settings\Morten F I\Application Data\pcouffin.sys
2007-10-31 21:36   ---------   d-----w   C:\Documents and Settings\Morten F I\Application Data\Vso
2007-10-31 21:32   47,360   ----a-w   C:\WINDOWS\system32\drivers\pcouffin.sys
2007-10-30 20:13   278,984   ----a-w   C:\WINDOWS\system32\drivers\atksgt.sys
2007-10-30 20:13   25,416   ----a-w   C:\WINDOWS\system32\drivers\lirsgt.sys
2007-10-30 20:08   ---------   d-----w   C:\Programmer\DAEMON Tools Pro
2007-10-30 19:58   ---------   d-----w   C:\Documents and Settings\Morten F I\Application Data\DAEMON Tools Pro
2007-10-30 19:57   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-10-30 18:55   625,032   ----a-w   C:\WINDOWS\system32\SymNeti.dll
2007-10-30 18:55   39,856   ----a-w   C:\WINDOWS\system32\drivers\symids.sys
2007-10-30 18:55   37,936   ----a-w   C:\WINDOWS\system32\drivers\symndisv.sys
2007-10-30 18:55   35,120   ----a-w   C:\WINDOWS\system32\drivers\symndis.sys
2007-10-30 18:55   27,696   ----a-w   C:\WINDOWS\system32\drivers\symredrv.sys
2007-10-30 18:55   242,056   ----a-w   C:\WINDOWS\system32\SymRedir.dll
2007-10-30 18:55   191,536   ----a-w   C:\WINDOWS\system32\drivers\symtdi.sys
2007-10-30 18:55   145,968   ----a-w   C:\WINDOWS\system32\drivers\symfw.sys
2007-10-30 18:55   12,848   ----a-w   C:\WINDOWS\system32\drivers\symdns.sys
2007-10-30 18:24   12,963   ----a-w   C:\WINDOWS\system32\drivers\SymRedir.cat
2007-10-30 18:24   1,358   ----a-w   C:\WINDOWS\system32\drivers\SymRedir.inf
2007-10-27 18:31   ---------   d-----w   C:\Programmer\HLSW
2007-10-24 22:15   ---------   d-----w   C:\Programmer\Java
2007-10-09 20:18   ---------   d-----w   C:\Programmer\ATI Driver
2007-10-05 18:36   315,392   ----a-w   C:\WINDOWS\HideWin.exe
2007-09-23 17:20   86,016   ----a-w   C:\WINDOWS\system32\OpenAL32.dll
2007-09-23 17:20   413,696   ----a-w   C:\WINDOWS\system32\wrap_oal.dll
2007-09-13 08:45   70,944   ----a-w   C:\WINDOWS\system32\PhysXLoader.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 16:53]
"MsnMsgr"="C:\Programmer\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"SystemTray"="SysTray.Exe" [2001-10-09 14:00 C:\WINDOWS\system32\systray.exe]
"ccApp"="C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe" []
"osCheck"="C:\Programmer\Norton AntiVirus\osCheck.exe" [2006-09-05 20:22]
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"ISUSScheduler"="C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" []
"LogitechCommunicationsManager"="C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" []
"LogitechQuickCamRibbon"="C:\Programmer\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06]
"StartCCC"="C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 15:08 C:\WINDOWS\RTHDCPL.exe]
"CloneCDElbyCDFL"="C:\Programmer\CloneCD\ElbyCheck.exe" [2002-11-02 07:33]
"Symantec PIF AlertEng"="C:\Programmer\Fælles filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-26 16:53]


.
Contents of the 'Scheduled Tasks' folder
"2007-06-29 19:05:00 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Morten F I.job"
- C:\PROGRA~1\NORTON~1\Navw32.exeh/TASK:
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 23:11:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-07 23:12:09 - machine was rebooted
.
   --- E O F ---


Kommentar
Fra : CerwinVega


Dato : 08-12-07 04:00

Dette er den sidste nye log fra combo..da jeg brugte superantispyware fandt den denne virus jeg nævnte tidligere vondu et eller andet...samt en masse anden gøjl den havde med sig.

Er glad for hijack log er ok, krydser finger fior resten nu

Kanon!! At du lige gider bruge din fredag aften på dette...Har lige oprettet mig som bruger på malware siden..just in case der skulle ske noget igen :)

Kommentar
Fra : miritdk


Dato : 08-12-07 09:57

ff topic og undskyld men
Citat
Har lige oprettet mig som bruger på malware siden
.. det er en rigtig god ting så du undgår utidig indblanding

Accepteret svar
Fra : stl_s

Modtaget 71 point
Dato : 08-12-07 13:40

ComboFix loggen er i orden. Du bør lige tømme systemgendannelsen. Trin 6 her http://www.malwarecheck.dk/forum/viewtopic.php?t=11

Inspiration til supplerende sikkerhed her, hvis du ikke allerede har set det http://www.malwarecheck.dk/forum/viewtopic.php?t=156

Godkendelse af svar
Fra : CerwinVega


Dato : 08-12-07 15:04

Mange tak for hjælpen stl_s

Syntes faktisk også at det hele køre en smule hurtigere efter alle disse scan

Jeg giver dig top score :D



Kommentar
Fra : stl_s


Dato : 08-12-07 16:13

Jeg siger så også mange tak

Du har følgende muligheder
Eftersom du ikke er logget ind i systemet, kan du ikke skrive et indlæg til dette spørgsmål.

Hvis du ikke allerede er registreret, kan du gratis blive medlem, ved at trykke på "Bliv medlem" ude i menuen.
Søg
Reklame
Statistik
Spørgsmål : 177558
Tips : 31968
Nyheder : 719565
Indlæg : 6408921
Brugere : 218888

Månedens bedste
Årets bedste
Sidste års bedste