Bark1Steinar Skrevet 27. januar 2008 Rapporter Del Skrevet 27. januar 2008 (endret) Hei! Jeg har et lite problem her på pc-en min. Har nemlig fått en trojaner kalt: wab64.dll Avast! har funnet den og lagt den i kiste, men det trojaneren har gjort, er å fullstendig ødelegge klokke/dato-systemet, hvis dere forstår. Det som er, er at klokken til Windows (Vista), synkroniseres hver dag (eller noe) med en eller annen server. Dette fungerer lenger ikke, og Windows klarer ikke å regne ut tiden lenger. Jeg har den vanlige klokka nede i hjørnet, men mange andre plasser fungerer det ikke i det hele tatt. Kan gi noen eksempler på at tiden ikke er som den skal: - Det er et bilde av en "whois" på IRC. Som dere ser er den ikke helt slik den skal være. - Jeg kommer meg ikke inn på Windows Live Messenger. Får feilmelding, og den klager på at det er noe galt med klokka eller noe. Nå kommer jeg ikke inn på hjelpesiden til Windows så kan ikke gi screenshot, men jeg får beskjed om å plotte inn noe i "søk" slik at jeg havner her: Der inne kan jeg synkronisere klokken med en server eller noe: Men som dere ser, funker ikke det. Har dette noe med problemet mitt å gjøre? Og er det noen som vet hvordan jeg kan fikse dette? Håper jeg har gitt dere fyldig nok informasjon, men bare si i fra hvis dere trenger noe mer. Er virkelig desperat etter å ha ett "rent" system, så alle saklige svar tas i mot med takk! =) Mvh. Jan Ove Endret 28. januar 2008 av TILFELDIG_RANDOM Lenke til kommentar
norbat Skrevet 27. januar 2008 Rapporter Del Skrevet 27. januar 2008 Hvis datoen er 27.jan 2007, så kan du sette den til 27.jan 2008, og sjekk om du da kommer inn på MSN. Kjør gjerne gjennom langversjonen i følgende post. Evt. logger poster du her i din egen tråd: https://www.diskusjon.no/index.php?showtopic=691246 Lenke til kommentar
Bark1Steinar Skrevet 27. januar 2008 Forfatter Rapporter Del Skrevet 27. januar 2008 Du aner ikke hvor dum jeg føler meg nå... Men takk for hjelpen, det funka å skifte til 2008:) Lenke til kommentar
Bark1Steinar Skrevet 27. januar 2008 Forfatter Rapporter Del Skrevet 27. januar 2008 Fulgte den guiden. SuperAntiSPyware SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/27/2008 at 07:24 PM Application Version : 3.9.1008 Core Rules Database Version : 3389 Trace Rules Database Version: 1383 Scan type : Complete Scan Total Scan Time : 00:25:07 Memory items scanned : 690 Memory threats detected : 0 Registry items scanned : 6335 Registry threats detected : 0 File items scanned : 57056 File threats detected : 3 Adware.Tracking Cookie C:\Users\Jan Ove\AppData\Roaming\Microsoft\Windows\Cookies\jan_ove@tradedoubler[1].txt C:\Users\Jan Ove\AppData\Roaming\Microsoft\Windows\Cookies\jan_ove@advertising[2].txt C:\Users\Jan Ove\AppData\Roaming\Microsoft\Windows\Cookies\jan_ove@imrworldwide[1].txt ComboFix ComboFix 08-01-23.1C - Jan Ove 2008-01-27 19:45:53.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1044.18.913 [GMT 1:00] Running from: C:\Users\Jan Ove\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-12-27 to 2008-01-27 ))))))))))))))))))))))))))))))) . 2008-01-27 19:44 . 2000-08-31 08:00 51,200 --a------ C:\Windows\Nircmd.exe 2008-01-27 18:57 . 2008-01-27 18:58 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2008-01-27 14:55 . 2008-01-27 14:55 <DIR> d-------- C:\Program Files\Lavalys 2008-01-27 14:41 . 2008-01-27 14:41 45 --a------ C:\Windows\System32\initdebug.nfo 2008-01-26 14:42 . 2007-01-27 08:38 <DIR> d-------- C:\Program Files\NetBattle 2008-01-24 21:53 . 2008-01-24 21:53 <DIR> d-------- C:\Program Files\Turbine 2008-01-24 19:07 . 2008-01-24 20:33 <DIR> d-------- C:\LOTRO 2008-01-24 18:36 . 2008-01-24 18:37 <DIR> d-------- C:\Program Files\Hamachi 2008-01-24 18:36 . 2008-01-24 18:36 25,280 --a------ C:\Windows\System32\drivers\hamachi.sys 2008-01-24 15:56 . 2008-01-24 15:56 <DIR> d-------- C:\Program Files\Vstplugins 2008-01-21 22:32 . 2008-01-21 22:32 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-01-21 22:30 . 2008-01-21 22:30 <DIR> d-------- C:\Program Files\QuickTime 2008-01-20 19:26 . 2007-10-12 03:00 490,008 --a------ C:\Windows\System32\LVUI2.dll 2008-01-20 19:26 . 2007-10-12 03:00 465,432 --a------ C:\Windows\System32\LVUI2RC.dll 2008-01-20 19:26 . 2007-10-12 02:57 416,280 --a------ C:\Windows\System32\lvcodec2.dll 2008-01-20 19:26 . 2007-10-12 02:57 195,096 --a------ C:\Windows\System32\lvci1150.dll 2008-01-20 19:26 . 2007-10-12 02:11 59,500 --a------ C:\Windows\System32\lvcoinst.ini 2008-01-20 19:26 . 2007-10-12 03:00 41,752 --a------ C:\Windows\System32\drivers\LVUSBSta.sys 2008-01-20 19:26 . 2007-10-12 02:18 21,138 --a------ C:\Windows\System32\Repository.reg 2008-01-20 19:25 . 2008-01-20 19:25 <DIR> d-------- C:\Program Files\Logitech 2008-01-20 19:25 . 2008-01-20 19:27 <DIR> d-------- C:\Program Files\Common Files\LogiShrd 2008-01-20 19:07 . 2007-10-12 02:56 490,776 --a------ C:\Windows\System32\drivers\LV561AV.SYS 2008-01-20 19:07 . 2003-02-21 13:42 348,160 --a------ C:\Windows\system\msvcr71.dll 2008-01-20 19:07 . 2006-11-11 04:45 121,632 --a------ C:\Windows\System32\lvcoinst.dll 2008-01-20 19:04 . 2008-01-20 19:26 <DIR> d-------- C:\Program Files\Common Files\Logitech 2008-01-15 21:32 . 2008-01-15 21:32 <DIR> d-------- C:\Program Files\Maxis 2008-01-15 18:09 . 2008-01-15 18:09 <DIR> d-------- C:\Fraps 2008-01-13 11:38 . 2008-01-13 11:38 107,888 --a------ C:\Windows\System32\CmdLineExt.dll 2008-01-11 19:57 . 2008-01-11 19:57 <DIR> d-------- C:\Program Files\Alwil Software 2008-01-11 19:57 . 2003-03-18 21:20 1,060,864 --a------ C:\Windows\System32\MFC71.dll 2008-01-11 19:57 . 2007-12-04 14:04 837,496 --a------ C:\Windows\System32\aswBoot.exe 2008-01-11 19:57 . 2003-03-18 20:14 499,712 --a------ C:\Windows\System32\MSVCP71.dll 2008-01-11 19:57 . 2004-01-09 10:13 380,928 --a------ C:\Windows\System32\actskin4.ocx 2008-01-11 19:57 . 2007-12-04 13:54 95,608 --a------ C:\Windows\System32\AvastSS.scr 2008-01-11 19:57 . 2007-12-04 15:52 45,648 --a------ C:\Windows\System32\drivers\aswMonFlt.sys 2008-01-11 19:57 . 2007-12-04 15:51 42,912 --a------ C:\Windows\System32\drivers\aswTdi.sys 2008-01-11 19:57 . 2007-12-04 15:53 23,152 --a------ C:\Windows\System32\drivers\aswRdr.sys 2008-01-11 16:03 . 2008-01-11 16:03 <DIR> d-------- C:\Program Files\Microsoft SQL Server 2008-01-11 16:03 . 2002-12-17 16:23 33,340 --------- C:\Windows\System32\dbmsqlgc.dll 2008-01-11 16:03 . 2002-10-20 14:05 24,576 --------- C:\Windows\System32\dbmsgnet.dll 2008-01-11 16:03 . 2008-01-11 16:03 20,480 --a------ C:\Windows\System32\cliconfg.728 2008-01-11 16:02 . 2008-01-11 16:02 <DIR> d-------- C:\Program Files\Sony 2008-01-11 16:01 . 2008-01-11 16:01 <DIR> d-------- C:\Program Files\Sony Setup 2008-01-11 13:29 . 2008-01-11 13:29 <DIR> d-------- C:\Program Files\uTorrent 2008-01-10 16:42 . 2008-01-10 16:42 <DIR> d-------- C:\Program Files\Microsoft.NET 2008-01-10 16:42 . 2003-06-19 01:31 17,920 --a------ C:\Windows\System32\mdimon.dll 2008-01-10 16:39 . 2008-01-10 16:39 <DIR> dr-h----- C:\MSOCache 2008-01-10 15:27 . 2008-01-10 15:27 90,112 --a------ C:\Windows\System32\QuickTimeVR.qtx 2008-01-10 15:27 . 2008-01-10 15:27 57,344 --a------ C:\Windows\System32\QuickTime.qts 2008-01-09 22:40 . 2008-01-09 22:40 24,064 --a------ C:\Windows\System32\netcfg.exe 2008-01-08 15:42 . 2008-01-08 15:42 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment 2008-01-06 10:38 . 2008-01-06 11:04 <DIR> d-------- C:\Battlefield2 2008-01-05 21:43 . 2008-01-05 21:44 <DIR> d-------- C:\wow2 2008-01-05 21:40 . 2008-01-05 21:40 <DIR> d-------- C:\Screenshots 2008-01-05 18:09 . 2008-01-05 18:09 <DIR> d-------- C:\VENTMIX 2008-01-05 18:02 . 2008-01-05 18:02 <DIR> d-------- C:\Program Files\Tunatic 2008-01-03 21:15 . 2007-09-24 23:31 69,632 --a------ C:\Windows\System32\javacpl.cpl 2008-01-03 21:14 . 2008-01-03 21:15 <DIR> d-------- C:\Program Files\LimeWire 2008-01-03 21:14 . 2008-01-05 16:58 <DIR> d-------- C:\Program Files\Java 2008-01-03 21:14 . 2008-01-03 21:14 <DIR> d-------- C:\Program Files\Common Files\Java 2008-01-01 15:08 . 2008-01-01 15:08 <DIR> d-------- C:\Program Files\Common Files\Nero 2008-01-01 15:06 . 2008-01-08 15:23 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-01-01 15:06 . 2008-01-08 15:23 <DIR> d-------- C:\Program Files\Ahead 2007-12-30 11:31 . 2007-12-30 11:31 <DIR> d-------- C:\Program Files\Electronic Arts 2007-12-30 11:14 . 2007-12-30 11:14 621,056 --a------ C:\Windows\System32\drivers\dxgkrnl.sys 2007-12-30 11:14 . 2007-12-30 11:14 36,864 --a------ C:\Windows\System32\cdd.dll 2007-12-30 11:12 . 2007-12-30 11:12 <DIR> d-------- C:\Windows\System32\URTTEMP 2007-12-30 11:12 . 2007-12-30 11:12 <DIR> d-------- C:\Program Files\GameSpy 2007-12-30 11:11 . 2008-01-26 13:40 22,328 --a------ C:\Windows\System32\drivers\PnkBstrK.sys 2007-12-30 11:10 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll 2007-12-30 11:10 . 2007-05-16 16:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll 2007-12-30 11:10 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll 2007-12-30 11:10 . 2007-05-16 16:45 1,124,720 --a------ C:\Windows\System32\D3DCompiler_34.dll 2007-12-30 11:10 . 2007-12-30 11:49 669,184 --a------ C:\Windows\System32\pbsvc.exe 2007-12-30 11:10 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll 2007-12-30 11:10 . 2007-05-16 16:45 443,752 --a------ C:\Windows\System32\d3dx10_34.dll 2007-12-30 11:10 . 2008-01-26 13:40 107,832 --a------ C:\Windows\System32\PnkBstrB.exe 2007-12-30 11:10 . 2007-04-04 18:53 81,768 --a------ C:\Windows\System32\xinput1_3.dll 2007-12-30 11:10 . 2007-12-30 11:10 66,872 --a------ C:\Windows\System32\PnkBstrA.exe 2007-12-30 00:58 . 2008-01-21 22:32 <DIR> d-------- C:\Windows\System32\catroot2 2007-12-30 00:57 . 2008-01-11 14:40 <DIR> d-------- C:\Windows\Debug 2007-12-30 00:56 . 2007-12-30 00:59 <DIR> d-------- C:\Windows\Panther 2007-12-30 00:55 . 2007-12-30 00:55 <DIR> d--hs---- C:\Boot 2007-12-30 00:55 . 2006-11-02 10:53 438,840 -rahs---- C:\bootmgr 2007-12-29 21:03 . 2007-12-29 21:03 <DIR> d-------- C:\Program Files\VideoLAN 2007-12-29 21:03 . 2008-01-27 17:46 <DIR> d---s---- C:\Program Files\HLSW 2007-12-29 21:03 . 2007-12-29 21:03 <DIR> d-------- C:\Program Files\CCleaner 2007-12-29 21:02 . 2007-12-29 21:02 <DIR> d-------- C:\Program Files\Lavasoft 2007-12-29 20:45 . 2007-12-29 20:45 <DIR> d-------- C:\Program Files\Ventrilo 2007-12-29 20:44 . 2008-01-27 18:56 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-29 20:24 . 2007-12-29 20:24 <DIR> d-------- C:\Program Files\iTunes 2007-12-29 20:24 . 2007-12-29 20:24 <DIR> d-------- C:\Program Files\iPod 2007-12-29 20:23 . 2007-12-29 20:23 <DIR> d-------- C:\Program Files\Apple Software Update 2007-12-29 20:22 . 2007-12-29 20:22 <DIR> d-------- C:\Program Files\Common Files\Apple 2007-12-29 20:21 . 2008-01-27 19:23 <DIR> d-------- C:\Program Files\mIRC 2007-12-29 20:09 . 2008-01-27 18:54 <DIR> d-------- C:\Steam 2007-12-29 20:09 . 2008-01-11 12:06 <DIR> d-------- C:\Program Files\Common Files\Steam 2007-12-29 19:30 . 2007-12-29 19:30 <DIR> d-------- C:\Program Files\Opera 2007-12-29 19:27 . 2007-12-29 19:27 <DIR> d-------- C:\Windows\PCHEALTH 2007-12-29 19:25 . 2007-12-29 19:26 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-11 15:03 --------- d--h--w C:\Program Files\Uninstall Information 2008-01-10 13:58 --------- d-----w C:\Program Files\Windows Mail 2008-01-09 21:39 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-01-09 21:39 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-01-09 21:39 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys 2008-01-09 21:39 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-01-09 21:39 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll 2008-01-09 21:39 25,656 ----a-w C:\Windows\system32\drivers\msahci.sys 2008-01-09 21:39 22,016 ----a-w C:\Windows\System32\netiougc.exe 2008-01-09 21:39 216,760 ----a-w C:\Windows\system32\drivers\netio.sys 2008-01-09 21:39 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys 2008-01-09 21:39 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys 2008-01-09 21:39 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-01-09 21:39 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-01-09 21:39 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2008-01-09 21:39 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys 2008-01-09 21:39 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys 2008-01-09 21:39 11,776 ----a-w C:\Windows\System32\sbunattend.exe 2008-01-09 21:39 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys 2008-01-09 21:39 1,686,016 ----a-w C:\Windows\System32\gameux.dll 2008-01-09 21:39 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys 2008-01-09 21:39 --------- d-----w C:\Program Files\Windows Sidebar 2007-12-29 17:43 86,016 ----a-w C:\Windows\System32\nvsvc.dll 2007-12-29 17:43 81,920 ----a-w C:\Windows\System32\nvmctray.dll 2007-12-29 17:43 8,530,464 ----a-w C:\Windows\System32\nvcpl.dll 2007-12-29 17:43 8,230,496 ----a-w C:\Windows\system32\drivers\nvlddmkm.sys 2007-12-29 17:43 795,104 ----a-w C:\Windows\System32\dpinst.exe 2007-12-29 17:43 757,760 ----a-w C:\Windows\System32\nvcplui.exe 2007-12-29 17:43 7,098,368 ----a-w C:\Windows\System32\nvoglv32.dll 2007-12-29 17:43 6,541,312 ----a-w C:\Windows\System32\nvdisps.dll 2007-12-29 17:43 5,611,520 ----a-w C:\Windows\System32\nvdispsr.dll 2007-12-29 17:43 5,263,360 ----a-w C:\Windows\System32\nvd3dum.dll 2007-12-29 17:43 458,752 ----a-w C:\Windows\System32\nvmccssr.dll 2007-12-29 17:43 45,056 ----a-w C:\Windows\System32\nvmccsrs.dll 2007-12-29 17:43 385,024 ----a-w C:\Windows\System32\nvapi.dll 2007-12-29 17:43 356,352 ----a-w C:\Windows\System32\nvuninst.exe 2007-12-29 17:43 356,352 ----a-w C:\Windows\System32\nvudisp.exe 2007-12-29 17:43 35,328 ----a-w C:\Windows\System32\nvcod100.dll 2007-12-29 17:43 35,328 ----a-w C:\Windows\System32\nvcod.dll 2007-12-29 17:43 307,200 ----a-w C:\Windows\System32\nvexpbar.dll 2007-12-29 17:43 3,715,072 ----a-w C:\Windows\System32\nvvitvsr.dll 2007-12-29 17:43 3,698,688 ----a-w C:\Windows\System32\nvvitvs.dll 2007-12-29 17:43 3,407,872 ----a-w C:\Windows\System32\nvgames.dll 2007-12-29 17:43 3,330,048 ----a-w C:\Windows\System32\nvgamesr.dll 2007-12-29 17:43 229,376 ----a-w C:\Windows\System32\nvmccs.dll 2007-12-29 17:43 2,854,912 ----a-w C:\Windows\System32\nvmoblsr.dll 2007-12-29 17:43 2,519,040 ----a-w C:\Windows\System32\nvwssr.dll 2007-12-29 17:43 2,486,272 ----a-w C:\Windows\System32\nvwss.dll 2007-12-29 17:43 188,416 ----a-w C:\Windows\System32\nvmccss.dll 2007-12-29 17:43 147,456 ----a-w C:\Windows\System32\nvcolor.exe 2007-12-29 17:43 1,825,792 ----a-w C:\Windows\System32\nvwgf2um.dll 2007-12-29 17:43 1,212,416 ----a-w C:\Windows\System32\nvmobls.dll 2007-12-29 17:43 1,073,152 ----a-w C:\Windows\System32\nvcpluir.dll 2007-12-29 17:41 174 --sha-w C:\Program Files\desktop.ini 2007-12-29 17:39 --------- d-----w C:\Program Files\Windows Defender 2007-12-29 17:39 --------- d-----w C:\Program Files\Windows Calendar 2007-12-29 17:25 87,040 ----a-w C:\Windows\System32\msoert2.dll 2007-12-29 17:25 8,192 ----a-w C:\Windows\System32\riched32.dll 2007-12-29 17:25 77,824 ----a-w C:\Windows\System32\rascfg.dll 2007-12-29 17:25 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys 2007-12-29 17:25 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys 2007-12-29 17:25 52,736 ----a-w C:\Windows\System32\rasdiag.dll 2007-12-29 17:25 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys 2007-12-29 17:25 39,424 ----a-w C:\Windows\System32\ACCTRES.dll 2007-12-29 17:25 384,000 ----a-w C:\Windows\System32\netcfgx.dll 2007-12-29 17:25 33,280 ----a-w C:\Windows\System32\traffic.dll 2007-12-29 17:25 32,768 ----a-w C:\Windows\System32\rasmxs.dll 2007-12-29 17:25 286,208 ----a-w C:\Windows\System32\ipnathlp.dll 2007-12-29 17:25 22,016 ----a-w C:\Windows\System32\rasser.dll 2007-12-29 17:25 205,824 ----a-w C:\Windows\System32\msoeacct.dll 2007-12-29 17:25 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys 2007-12-29 17:25 15,360 ----a-w C:\Windows\System32\pacerprf.dll 2007-12-29 17:25 134,656 ----a-w C:\Windows\System32\dps.dll 2007-12-29 17:25 13,824 ----a-w C:\Windows\System32\wshqos.dll 2007-12-29 17:25 13,824 ----a-w C:\Windows\System32\icsunattend.exe 2007-12-29 17:24 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr 2007-12-29 17:24 67,584 ----a-w C:\Windows\System32\wlanhlp.dll 2007-12-29 17:24 542,720 ----a-w C:\Windows\System32\sysmain.dll 2007-12-29 17:24 502,784 ----a-w C:\Windows\System32\wlansvc.dll 2007-12-29 17:24 49,664 ----a-w C:\Windows\System32\csrsrv.dll 2007-12-29 17:24 47,104 ----a-w C:\Windows\System32\wlanapi.dll 2007-12-29 17:24 376,320 ----a-w C:\Windows\System32\winsrv.dll 2007-12-29 17:24 297,984 ----a-w C:\Windows\System32\wlansec.dll 2007-12-29 17:24 290,816 ----a-w C:\Windows\System32\wlanmsm.dll 2007-12-29 17:24 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys 2007-12-29 17:24 24,064 ----a-w C:\Windows\System32\wtsapi32.dll 2007-12-29 17:24 2,027,008 ----a-w C:\Windows\System32\win32k.sys 2007-12-29 17:22 86,016 ----a-w C:\Windows\System32\icfupgd.dll 2007-12-29 17:22 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL 2007-12-29 17:22 7,680 ----a-w C:\Windows\System32\spwmp.dll 2007-12-29 17:22 63,488 ----a-w C:\Windows\system32\drivers\mpsdrv.sys 2007-12-29 17:22 61,952 ----a-w C:\Windows\System32\cmifw.dll 2007-12-29 17:22 414,208 ----a-w C:\Windows\System32\msscp.dll 2007-12-29 17:22 4,096 ----a-w C:\Windows\System32\dxmasf.dll 2007-12-29 17:22 396,800 ----a-w C:\Windows\System32\MPSSVC.dll 2007-12-29 17:22 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll 2007-12-29 17:22 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll 2007-12-29 17:22 23,040 ----a-w C:\Windows\system32\drivers\tunnel.sys 2007-12-29 17:22 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll 2007-12-29 17:22 16,896 ----a-w C:\Windows\System32\wfapigp.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 22:39 1232896] "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:34 2159104 C:\Windows\System32\oobefldr.dll] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "Steam"="c:\steam\steam.exe" [2007-12-29 20:10 1266936] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-22 13:06 167368] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-29 18:23 1006264] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-29 18:43 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-29 18:43 8530464] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-29 18:43 81920] "RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 06:37 4186112 C:\Windows\RtHDVCpl.exe] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53 88024] "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AAWTray] --a------ 2007-08-08 15:53 88024 C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe] --a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-01-10 15:27 385024 C:\Program Files\QuickTime\QTTask.exe R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52] R2 NetCM;Network Connection Manager;C:\Program Files\Common Files\Microsoft Shared\Speech\svchost.exe [2002-01-27 08:26] R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-01-11 12:06] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b51faacb-b669-11dc-ad2f-806e6f6e6963}] \shell\AutoRun\command - D:\AutoRunCD.exe *Newly Created Service* - PROCEXP90 *Newly Created Service* - SASDIFSV *Newly Created Service* - SASENUM *Newly Created Service* - SASKUTIL . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-27 19:48:01 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-27 19:48:59 . 2008-01-25 14:14:18 --- E O F --- HiJackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:53:56, on 27.01.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Steam\Steam.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Windows\system32\conime.exe C:\Windows\Explorer.exe C:\Windows\system32\notepad.exe C:\Program Files\Opera\Opera.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Jan Ove\Desktop\teste\teste.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "c:\steam\steam.exe" -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6614 bytes Var det slik jeg skulle gjøre det? I så fall overlater jeg drittjobben til dere proffe=) --- Forresten, denne metoden finner vel strengt tatt ikke virus, som faktisk i mitt tilfelle er problemet? Lenke til kommentar
norbat Skrevet 27. januar 2008 Rapporter Del Skrevet 27. januar 2008 Joda, denne metoden finner fint malware og andre filer som ikke bør ligge på PC-en - men det er en manuell jobb å se i loggene etter dem Loggene dine ser forøvrig greie ut, så du må nesten gi noe mer info om dette er et probl. du opplever nå, om noen av dine av-prog. melder om virus og hvor disse evt. skal ligge. Lenke til kommentar
Bark1Steinar Skrevet 28. januar 2008 Forfatter Rapporter Del Skrevet 28. januar 2008 Avast! har funnet ett virus som har kommet opp tre ganger (hver gang jeg har starta pcen). Men ser ut til at det er fjerna nå, da det ikke kom opp når jeg logga inn nå Så det er ingen problem:) Skal heller si i fra om noe skjer. Takk for alle hjelp! Lenke til kommentar
norbat Skrevet 28. januar 2008 Rapporter Del Skrevet 28. januar 2008 Ok, Avinstaller combofix ved å skrive combofix /u i kjør-vinduet (startknappen->kjør) Skulle du få problemer igjen er det bare å si ifra Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå