Hem | Forum | Chatt | Om webbplatsen | Kontakta oss

Spyware

Här läggs de trådar gällande systemrensningar m.m., som är lösta eller som inte har besökts av trådskaparen. Även äldre instruktionsinlägg läggs här. OBS! I den här forumdelen går det inte att posta inlägg. Det går enbart att läsa trådarna.

Spyware

Inläggav ziv0rk » tor 22 jul 2010, 17.12

Hej, jag tror att jag eventuellt har en keylogger på min dator men ingen scan har hittat en. Gjorde en hijackthis och undrar om någon kan se igenom den ifall det finns några konstigheter där.




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:50, on 2010-07-22
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Voddler\service\VNetManager.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://join.msn.com/?page=sitewide/worldwide
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [VoddlerNet Manager] C:\Program Files\Voddler\service\VNetManager.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{82DD9A23-1903-41D2-8D1C-EC77AD6296FD}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VoddlerNet - Voddler - C:\Program Files\Voddler\service\voddler.exe

--
End of file - 6305 bytes
ziv0rk
 
Inlägg: 9
Blev medlem: tor 22 jul 2010, 16.42

Re: Spyware

Inläggav laston » tor 22 jul 2010, 17.58

Hej! Vad får dig att tro att du har en keylogger då?
Varför kör du med en så gammal webläasre som IE6 och sen en gammal version av AVG(senaste versionen är AVG 9)
Vad har du sökt igenom datorn med för program?
Jag kan inte se nåt i Hijackthis så vi kollar med DDS som visar mer!

Hämta hem DDS:
http://download.bleepingcomputer.com/sUBs/dds.scr

1: Spara den till skrivbordet
2: Dubbelklicka på dds.scr för att starta verktyget.
(För Vista/Windows 7-användare: Högerklicka och välj Kör som Administratör:)
3: Klicka Yes/Ja på frågan om Optional Scan
4: När DDS har scannat klart kommer där att dyka upp två textfiler DSS.txt och Attach.txt
5: Spara dessa till ditt skrivbord
4: Kopiera/Klistra in de båda loggarna DSS.txt och Attach.txt hit till din tråd.

OBS:
Kopiera INTE in loggan (textfilen) som bifogad fil ej heller inom code-taggar eller annat.
Kopiera/klistra in loggan DIREKT i ditt inlägg.

Mvh laston
laston
 

Re: Spyware

Inläggav ziv0rk » tor 22 jul 2010, 18.02

Hej! Det är så att jag spelar mmo spelet world of warcraft och tidigare idag blev jag "hackad", och efter att ha ändrat mitt pw så vart jag hackad igen och denna gång ändrade dom min secret question som man svarar på för att få byta pw.

Ska pröva med DDS nu, scannade tidigare med AVG.
ziv0rk
 
Inlägg: 9
Blev medlem: tor 22 jul 2010, 16.42

Re: Spyware

Inläggav laston » tor 22 jul 2010, 18.06

Ok då är jag med,AVG är gammalt så den kan inte hitta så mycket!

Skriv ut nedanstående eller kopiera det till ett textdokument och spara det till skrivbordet:
Läs/Följ instruktionerna noga:

Hämta hem Malwarebytes Anti-Malware:
http://www.malwarebytes.org/index.php

1: Spara installationsfilen till skrivbordet
2: För att påbörja installationen dubbelklicka på mbam-setup.exe
3: Bocka för nedanstående
Uppdatera Malwarebytes' Anti-Malware
Starta Malwarebytes' Anti-Malware

4: Klicka på Slutför
Om där finns uppdateringar kommer dessa att installeras.

Då ovanstående är gjort gå vidare med nedanstående procedur:

1: När programmet startar så välj Utför snabb scanning
2: Klicka på knappen Scanna
3: Scanningen kommer nu att ta en stund
3: När programmet scannat klart klicka Ok och sedan Visa resultat
4: Bocka för allt och klicka på Remove Selected
5: Då borttagningen är klar kommer en textfil i Anteckningar att öppnas upp med en logg. Kopiera/klistra in den loggan hit till din tråd.

Kör även en online scan med Nod32
http://www.eset.com/online-scanner

Mvh laston
laston
 

Re: Spyware

Inläggav ziv0rk » tor 22 jul 2010, 18.15

Okej, bör jag avinstallera AVG före?

Här är DDS svaren: DDS (Ver_10-03-17.01) - NTFSx86
Run by Ziwork at 19:05:53,17 on 2010-07-22
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1120 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Voddler\service\VNetManager.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ziwork\My Documents\Hämtade filer\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [D-Link D-Link Wireless N DWA-140] c:\program files\d-link\d-link wireless n dwa-140\AirNCFG.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [VoddlerNet Manager] c:\program files\voddler\service\VNetManager.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... vc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
TCP: {82DD9A23-1903-41D2-8D1C-EC77AD6296FD} = 8.8.8.8,8.8.4.4
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ziwork\applic~1\mozilla\firefox\profiles\oi010awt.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\personal\bin\np_prsnl.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\program files\voddler\plugin\npvoddler.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-19 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-19 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-19 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-9-29 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-9-29 297752]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2008-11-25 476416]
S2 VoddlerNet;VoddlerNet;c:\program files\voddler\service\voddler.exe [2010-5-19 873680]
S3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\drivers\shbecr.sys [2009-9-29 42368]

=============== Created Last 30 ================

2010-07-22 15:27:44 0 d-----w- c:\program files\Trend Micro
2010-07-19 00:33:11 0 d-----w- c:\docume~1\alluse~1\applic~1\Native Instruments
2010-07-19 00:31:35 0 d-----w- c:\program files\common files\Native Instruments
2010-07-16 11:47:51 0 d-----w- c:\program files\Audacity
2010-07-11 22:46:49 0 d-----w- c:\program files\Conduit
2010-07-11 22:46:03 0 d-----w- c:\windows\Freecorder

==================== Find3M ====================

2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 19:06:10,90 ===============


Och attach: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2008-11-25 18:55:34
System Uptime: 2010-07-22 11:46:57 (8 hours ago)

Motherboard: | | K8NF4G-SATA2
Processor: AMD Sempron(tm) Processor 3100+ | CPUSocket | 1808/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 298 GiB total, 191,094 GiB free.
E: is FIXED (NTFS) - 76 GiB total, 76,231 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP227: 2010-05-09 22:22:33 - Software Distribution Service 3.0
RP228: 2010-05-12 16:42:12 - Avg8 Update
RP229: 2010-05-12 16:43:54 - Avg8 Update
RP230: 2010-05-13 00:10:51 - Software Distribution Service 3.0
RP231: 2010-05-14 18:09:36 - System Checkpoint
RP232: 2010-05-16 11:52:38 - System Checkpoint
RP233: 2010-05-17 16:43:54 - System Checkpoint
RP234: 2010-05-18 20:05:02 - System Checkpoint
RP235: 2010-05-21 18:25:58 - System Checkpoint
RP236: 2010-05-22 18:48:21 - System Checkpoint
RP237: 2010-05-24 18:11:51 - System Checkpoint
RP238: 2010-05-27 00:07:27 - Software Distribution Service 3.0
RP239: 2010-05-29 14:16:41 - System Checkpoint
RP240: 2010-05-31 18:10:38 - System Checkpoint
RP241: 2010-06-05 15:48:33 - System Checkpoint
RP242: 2010-06-06 16:38:34 - System Checkpoint
RP243: 2010-06-06 23:05:53 - Software Distribution Service 3.0
RP244: 2010-06-08 12:54:07 - System Checkpoint
RP245: 2010-06-09 19:59:22 - System Checkpoint
RP246: 2010-06-09 23:25:14 - Software Distribution Service 3.0
RP247: 2010-06-11 10:32:02 - System Checkpoint
RP248: 2010-06-12 13:17:12 - System Checkpoint
RP249: 2010-06-13 00:18:56 - Installed Windows Media Format Runtime
RP250: 2010-06-13 00:19:59 - Installed Windows XP Wudf01000.
RP251: 2010-06-13 00:21:59 - Installed Vegas Pro 9.0
RP252: 2010-06-14 02:43:49 - System Checkpoint
RP253: 2010-06-14 03:00:15 - Software Distribution Service 3.0
RP254: 2010-06-16 23:44:17 - Installed DirectX
RP255: 2010-06-18 02:24:39 - Software Distribution Service 3.0
RP256: 2010-06-19 14:14:22 - System Checkpoint
RP257: 2010-06-23 12:22:34 - Avg8 Update
RP258: 2010-06-24 01:50:11 - Software Distribution Service 3.0
RP259: 2010-06-28 16:04:04 - System Checkpoint
RP260: 2010-07-01 18:43:24 - System Checkpoint
RP261: 2010-07-03 23:10:17 - System Checkpoint
RP262: 2010-07-07 21:58:35 - System Checkpoint
RP263: 2010-07-08 22:17:51 - System Checkpoint
RP264: 2010-07-09 23:57:43 - System Checkpoint
RP265: 2010-07-10 16:07:05 - Avg8 Update
RP266: 2010-07-10 16:08:20 - Avg8 Update
RP267: 2010-07-11 16:09:55 - System Checkpoint
RP268: 2010-07-12 21:02:09 - System Checkpoint
RP269: 2010-07-14 20:26:51 - System Checkpoint
RP270: 2010-07-15 01:51:34 - Software Distribution Service 3.0
RP271: 2010-07-16 12:35:10 - System Checkpoint
RP272: 2010-07-18 21:39:51 - System Checkpoint
RP273: 2010-07-20 16:43:04 - System Checkpoint
RP274: 2010-07-22 12:38:31 - System Checkpoint

==== Installed Programs ======================

AAC Decoder
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1 - Svenska
ANIO Service
ANIWZCS2 Service
ATI - Hjälp för avinstallation av program
ATI AVIVO Codecs
ATI Catalyst Control Center
ATI Display Driver
ATI HYDRAVISION
ATI Parental Control & Encoder
ATI Problem Report Wizard
Audacity 1.2.6
AutoUpdate
AVG Free 8.5
BankID Security Application 4.10.3
CamStudio
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Condition Zero
Counter-Strike
Counter-Strike(TM)
D-Link Wireless N DWA-140
Day of Defeat
Disc2Phone
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
DivX Version Checker
DNA
DX-Ball 1.07
Fraps (remove only)
Freecorder 4.01 Application
H.264 Decoder
Handelsbanken Installationsguide
Handelsbankens kortläsare
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java(TM) 6 Update 13
Junk Mail filter update
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MKV Splitter
Mozilla Firefox (3.6.6)
MSVCRT
MSXML 6.0 Parser (KB925673)
NVIDIA Drivers
Realtek AC'97 Audio
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB982381)
Segoe UI
Skins
Spotify
Steam
System Requirements Lab
Team Fortress 2 Dedicated Server
Unreal Tournament 3
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB980182)
VC80CRTRedist - 8.0.50727.762
WebFldrs XP
Ventrilo Client
VentriloMIX
Winamp
Winamp Detector Plug-in
Windows Genuine Advantage Notifications (KB905474)
Windows Live Communications Platform
Windows Live Essentials
Windows Live inloggningsassistenten
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 10
Windows Presentation Foundation
WinRAR
VLC media player 0.9.6
VoddlerNet
VoddlerPlayer
World of Warcraft
WVS 0.30.14 for Winamp
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

2010-07-22 15:44:14, error: Service Control Manager [7034] - The VoddlerNet service terminated unexpectedly. It has done this 1 time(s).
2010-07-16 02:27:36, error: System Error [1003] - Error code 0000009c, parameter1 00000004, parameter2 80546e70, parameter3 b2000000, parameter4 00070f0f.
2010-07-15 23:49:30, error: Dhcp [1002] - The IP address lease 10.0.0.3 for the Network Card with network address 001CF0136A1B has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================
ziv0rk
 
Inlägg: 9
Blev medlem: tor 22 jul 2010, 16.42

Re: Spyware

Inläggav laston » tor 22 jul 2010, 18.20

Nej vänta med att uppgradera AVG utan kör Nod32 och Malwarebytes först istället!
Sen ska du uppdatera Java för du har en gammal version med säkerhetshål i!

Mvh laston
laston
 

Re: Spyware

Inläggav ziv0rk » tor 22 jul 2010, 18.26

Okej, jag scannar nu återkommer när det är klart.
ziv0rk
 
Inlägg: 9
Blev medlem: tor 22 jul 2010, 16.42

Re: Spyware

Inläggav laston » tor 22 jul 2010, 18.27

Ok
laston
 

Re: Spyware

Inläggav ziv0rk » tor 22 jul 2010, 18.42

Håller på med online scannern nu men malwarebytes hittade iallafall 4 infekterade filer.

Här är loggen: www.malwarebytes.org

Databasversion: 4338

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

2010-07-22 19:36:02
mbam-log-2010-07-22 (19-36-02).txt

Skanningstyp: Snabbskanning
Antal skannade objekt: 126890
Förfluten tid: 8 minut(er), 45 sekund(er)

Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 0
Infekterade registervärden: 0
Infekterade registerdataposter: 0
Infekterade mappar: 0
Infekterade filer: 4

Infekterade minnesprocesser:
(Inga illasinnade poster hittades)

Infekterade minnesmoduler:
(Inga illasinnade poster hittades)

Infekterade registernycklar:
(Inga illasinnade poster hittades)

Infekterade registervärden:
(Inga illasinnade poster hittades)

Infekterade registerdataposter:
(Inga illasinnade poster hittades)

Infekterade mappar:
(Inga illasinnade poster hittades)

Infekterade filer:
C:\Documents and Settings\Ziwork\Desktop\AutoClicker.exe (Trojan.AutoClick) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ziwork\Local Settings\Temp\data\venmix.exe (Trojan.Wreckit) -> Quarantined and deleted successfully.
C:\WINDOWS\Help\DVCLAL (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Help\PACKAGEINFO (Malware.Trace) -> Quarantined and deleted successfully.
ziv0rk
 
Inlägg: 9
Blev medlem: tor 22 jul 2010, 16.42

Re: Spyware

Inläggav laston » tor 22 jul 2010, 18.46

Ok bra att Mbam kunde hitta och åtgärda :wink:
Återkom med resultatet från onlinescan så får vi se om vi måste gå vidare med andra verktyg också!

Mvh laston
laston
 

Re: Spyware

Inläggav laston » tor 22 jul 2010, 19.11

Hej igen! Du kanske blir lite klokare om du läser detta ang denna fil
C:\Documents and Settings\Ziwork\Local Settings\Temp\data\venmix.exe (Trojan.Wreckit) -> Quarantined and deleted successfully.
http://forums.wow-europe.com/thread.htm ... 9971&sid=1

Mvh laston
laston
 

Re: Spyware

Inläggav ziv0rk » tor 22 jul 2010, 19.20

Ah, det kan förklara en del. Bör jag nu avinstallera ventmix eller räckte det med att trojanen är borta?
ziv0rk
 
Inlägg: 9
Blev medlem: tor 22 jul 2010, 16.42

Re: Spyware

Inläggav laston » tor 22 jul 2010, 19.43

Vi avvaktar och ser vad Nod32 kan hitta :wink:
laston
 

Re: Spyware

Inläggav ziv0rk » tor 22 jul 2010, 19.51

Nu är online scannern klar och mycket riktigt så verkar ventrilo vara boven.



C:\Program Files\VentriloMIX\Ventrilo 2.2.0.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-606747145-308236825-1801674531-1003\Dc230.zip probably a variant of Win32/TrojanDropper.MultiDropper trojan deleted - quarantined
ziv0rk
 
Inlägg: 9
Blev medlem: tor 22 jul 2010, 16.42

Re: Spyware

Inläggav laston » tor 22 jul 2010, 20.03

Ok då tycker jag att du ska avinstallera den!
Hur uppför sig datorn annars då,är den ok nu?
laston
 

Nästa

Återgå till Lösta och gamla problem/arkiv

Vilka är online

Användare som besöker denna kategori: Bing [Bot] och 1 gäst