CombatPsycho Skrevet 16. november 2007 Skrevet 16. november 2007 Etter jeg kom hjem fra skolen idag, har jeg blitt konstant spammet med spam fra tjeneste messenger. Helt utrolig plagsomt. det værste er jo at ikke AVG finner dette. Noen som vet hva jeg kan gjøre?
norbat Skrevet 17. november 2007 Skrevet 17. november 2007 Last ned Hijackthis. Legg det i en egen mappe på skrivebordet. Start programmet, velg "Do a system scan and save a logfile". Loggfilen kopierer du og poster.
CombatPsycho Skrevet 17. november 2007 Forfatter Skrevet 17. november 2007 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:00:02, on 17.11.2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\RedLine\Taskbar.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\RTHDCPL.EXE C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe C:\WINDOWS\System32\ctfmon.exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDClock.exe C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDCountdown.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDPOP3.exe C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDMedia.exe C:\Programfiler\redline\gameutil.exe C:\Programfiler\Logitech\SetPoint\KEM.exe C:\Programfiler\Logitech\SetPoint\KHALMNPR.EXE C:\Programfiler\GameSpot\DownloadManager_Win32.exe C:\Programfiler\LogMeIn\x86\RaMaint.exe C:\Programfiler\Steam\Steam.exe C:\Programfiler\LogMeIn\x86\LogMeIn.exe C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\WINDOWS\System32\wuauclt.exe C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Programfiler\Grisoft\AVG7\avgcc.exe C:\Programfiler\uTorrent\uTorrent.exe C:\Programfiler\SlySoft\CloneCD\CloneCDTray.exe C:\WINDOWS\explorer.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\iTunes\iTunes.exe C:\Documents and Settings\Kim\Skrivebord\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Programfiler\Desktop Sidebar\sbhelp.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [RedLine Taskbar] C:\Programfiler\RedLine\Taskbar.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [Vistadrv] C:\Programfiler\VistaDrives\vsdrv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [startCCC] C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programfiler\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [CloneCDTray] "C:\Programfiler\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Programfiler\Octoshape Streaming Services\Kim\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [RocketDock] "C:\Programfiler\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [sIDEBAR] "C:\Programfiler\Desktop Sidebar\dsidebar.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programfiler\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: MSNP13 Downgrader.lnk = ? O4 - Global Startup: gameutil.exe.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\KEM.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/229?8adc7c7d22714314867a9917b6587e43 O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/230?8adc7c7d22714314867a9917b6587e43 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programfiler\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programfiler\Desktop Sidebar\sbhelp.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\Programfiler\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: DNADownloader - CNET Networks - C:\Programfiler\GameSpot\DownloadManager_Win32.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Programfiler\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Programfiler\LogMeIn\x86\LogMeIn.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 10018 bytes
norbat Skrevet 17. november 2007 Skrevet 17. november 2007 Start HJT, velg "Do a system scan only", sett merke framfor følgende linjer og klikk Fix checked: O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es Last ned SAS, installer, oppdater og kjør en full (Complete) scan. Oppdater deretter Windows med SP2 (fra windows update)
CombatPsycho Skrevet 17. november 2007 Forfatter Skrevet 17. november 2007 Takk for hjelpen, norbat Skal nok funke nå, bortsett fra at jeg ikke får innstallert SP2 somehow. Kommer bare sånn error.
norbat Skrevet 17. november 2007 Skrevet 17. november 2007 (endret) Klikk: Start->Kjør Skriv: services.msc Finn tjenesten Messenger. Sjekk følgende og gjør dette: Hvis den kjører, stopper du den. Dobbeltklikk på tjenesten og under oppstartstype velger du Deaktivert. Har du fått kjørt SAS, og fant den noe av betydning (preferences->statistics/logs) Endret 17. november 2007 av norbat
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå