 |
 Aprilsnarr: Spotify angripes av musikkbransjen
Av party
Sunday, August 07, 2011 (06:41:07)
eXPerience konkurransen - april 2009
Av party
Sunday, August 07, 2011 (06:40:11)
Delstaten Texas forbyr Vista
Av party
Sunday, August 07, 2011 (06:39:48)
ATI avslutter PhysX krigen
Av party
Sunday, August 07, 2011 (06:38:53)
Fengsel og erstatning for gutta bak The Pirate bay.
Av party
Sunday, August 07, 2011 (06:38:19)
|
|
|
|
|
 |
Firefox browser virus |
 |
|
|
Re: Firefox browser virus |
|
|
|
Re: Firefox browser virus |
|
|
|
Re: Firefox browser virus |
|
 |
|
|
Re: Firefox browser virus |
|
|
Den-Susbenderte
Medlem
Joined: Jul 16, 2007
|
|
 Posted: 2009 Wednesday 30 Dec - 02:26 |
|
 |
 |
|
|
127.0.0.1 www.virusscan.jotti.org
127.0.0.1 threatexpert.com
2 ting som stod, prøvde å laste ned det programmet som skulle fikse det, siden jeg tydeligvis ikke har tillatelse selv. Nå er ikke hosts filen å finne! bare hosts.old og 3 backuper. Alt er fremdelest som før.
En annen ting jeg har merket er at hvis jeg går på google.no (i firefox) å søker på noe, si win-xp, og trykker på win-xp.no da ser jeg win-xp.no kjapt oppe i søkelinja men blir fort sendt videre til en annen ukjent søkeside. Det er ikke alltid dette skjer men det skjer mange ganger.
Symantec har funnet litt av hvert,2 filer kalt ahcix86.sys i system32/drivers, men desse har blitt "cleaned" står det.
Her er en HijackThis log, jeg fant ingenting mistenkelig men er ikke helt sikker på hva jeg ser etter heller.
| Code:: |
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 02:16:56, on 30.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe
C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programfiler\Bonjour\mDNSResponder.exe
C:\Programfiler\Symantec AntiVirus\DefWatch.exe
C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Symantec AntiVirus\SavRoam.exe
C:\Programfiler\Telenor\Mobile Broadband\Sesam\BIN\SecMIPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Symantec AntiVirus\Rtvscan.exe
C:\Programfiler\UPHClean\uphclean.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Programfiler\Java\jre6\bin\jusched.exe
C:\Programfiler\Windows Defender\MSASCui.exe
C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Programfiler\Analog Devices\Core\smax4pnp.exe
C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Programfiler\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Programfiler\iTunes\iTunesHelper.exe
C:\Programfiler\Hewlett-Packard\Shared\hpqToaster.exe
C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
C:\Programfiler\DAEMON Tools Lite\DTLite.exe
C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programfiler\iPod\bin\iPodService.exe
C:\Documents and Settings\robkvi\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\robkvi\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\robkvi\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programfiler\Hijack\TrendMicro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://auv.hfk.no
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://auv.hfk.no
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://ISAFarm:8080/array.dll?Get.Routing.Script
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: gwprimawega - {933ed9e2-ebc6-5751-ced5-1099cff0e12f} - C:\WINDOWS\system32\bbWL8s-g-r-cP.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAX] C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WatchDog] C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programfiler\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\robkvi\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DVD Check.lnk = C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth-enhet... - C:\Programfiler\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send til Bluetooth - C:\Programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programfiler\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235482515796
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hfk.vgs.no
O17 - HKLM\Software\..\Telephony: DomainName = hfk.vgs.no
O17 - HKLM\System\CCS\Services\Tcpip\..\{4FE8FBE2-2F31-4787-B4B7-2ABFD23DF4EB}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hfk.vgs.no
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hfk.vgs.no
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programfiler\Symantec AntiVirus\DefWatch.exe
O23 - Service: GTMM Device Service - Option nv - C:\Programfiler\Telenor\Mobile Broadband\GtmmDeviceService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programfiler\Symantec AntiVirus\SavRoam.exe
O23 - Service: Sesam Control Service (SesamService) - Swisscom - C:\Programfiler\Telenor\Mobile Broadband\Sesam\BIN\SecMIPService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programfiler\Symantec AntiVirus\Rtvscan.exe
--
End of file - 11953 bytes
|
|
|
|
|
|
|
Re: Firefox browser virus |
|
|
|
Re: Firefox browser virus |
|
|
|
Re: Firefox browser virus |
|
 |
Firefox browser virus |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
All times are GMT + 1 Hour
Page 1 of 1
|
|
|
|
|
|
| |
|
New Today: 0
New Yesterday: 0
Overall: 24929
Members: 0
Visitors: 27
Staff: 0
