Just nu i M3-nätverket
Jump to content

Virus!


Denan Muratovic

Recommended Posts

Denan Muratovic

Jag har också problem med spylocked så snälla om det finns någon som kan hjälpa mig? Här är loggen:

 

Logfile of HijackThis v1.99.1

Scan saved at 16:03:22, on 2007-06-29

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

c:\program\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe

C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe

C:\WINDOWS\system32\slserv.exe

C:\Program\Raxco\PerfectDisk\PDSched.exe

c:\program\panda software\panda antivirus + firewall 2007\WebProxy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program\Internet Explorer\iexplore.exe

C:\Program\hijackthis_199\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s

O4 - HKCU\..\Run: [blazeServoTool] "C:\Program\BlazeVideo\BlazeDVD4 Professional\MediaDetector.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1ED48504-8834-11D5-AC75-0008C73FD642} (ProductView Express) - file://G:\ProEng\i486_nt\obj\pvx_install.exe

O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.DLL

O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - (no file)

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe

O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program\Raxco\PerfectDisk\PDSched.exe

O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

 

 

[inlägget ändrat 2007-06-29 16:20:32 av Denan Muratovic]

Link to comment
Share on other sites

byt namn på den här filen till något annat, tex this.exe och gör en ny scan och posta den loggen

C:\Program\hijackthis_199\HijackThis.exe

 

hämta denna fil >spara den på skrivbordet.

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

 

dubbelklicka på exe filen >välj tillåt om brandväggen frågar >klicka på valfri tangent >skriv 1 >enter.

posta loggen som visas automatiskt

 

har du scannat med superantispyware nyligen?

 

[inlägget ändrat 2007-06-29 16:54:53 av 927]

Link to comment
Share on other sites

Denan Muratovic

Hej Joakim!

 

Jag har bytt namn på filen och scanat igen enligt din rekomendation, här är den nya loggen:

 

 

Logfile of HijackThis v1.99.1

Scan saved at 12:25:43, on 2007-07-01

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

c:\program\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe

C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe

C:\WINDOWS\system32\slserv.exe

C:\Program\Raxco\PerfectDisk\PDSched.exe

c:\program\panda software\panda antivirus + firewall 2007\WebProxy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Adobe\Acrobat 7.0\Reader\AcroRd32.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe

C:\Program\hijackthis_199\Hijackthis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s

O4 - HKCU\..\Run: [blazeServoTool] "C:\Program\BlazeVideo\BlazeDVD4 Professional\MediaDetector.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1ED48504-8834-11D5-AC75-0008C73FD642} (ProductView Express) - file://G:\ProEng\i486_nt\obj\pvx_install.exe

O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.DLL

O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - (no file)

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe

O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program\Raxco\PerfectDisk\PDSched.exe

O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

 

Mvh: Denan * Tack för hjälpen!

 

 

Link to comment
Share on other sites

nej du har inte byt namn på filen, inte heller har du postat någon smitfruadfix logg och jag heter inte joakim (vart du nu fått det ifrån)

 

 

 

[inlägget ändrat 2007-07-01 22:44:38 av 927]

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...