korholm Skrevet 3. oktober 2008 Del Skrevet 3. oktober 2008 Har en pc her som jeg har vært plaget med virus på. Har AVG som virusprogram på den. Har også prøvd med spybot, Malware Anti-Malware, men fremdeles er det noe som ikke er som det skal. Har også lasta ned Combofix og HijackThis etter at jeg leste veiledninga. Legger ved en logg så håper jeg at noen kan hjelpe meg. combofix [tag]ComboFix 08-10-02.04 - Anette 2008-10-02 23:56:05.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.127 [GMT 2:00] Running from: C:\Documents and Settings\Anette\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NNSERV -------\Service_NNServ ((((((((((((((((((((((((( Files Created from 2008-09-02 to 2008-10-02 ))))))))))))))))))))))))))))))) . 2008-10-02 23:51 . 2008-10-02 23:51 <DIR> d-------- C:\Programfiler\Trend Micro 2008-10-02 23:40 . 2008-10-02 23:52 <DIR> dr-h----- C:\Documents and Settings\Anette\Siste 2008-10-02 23:23 . 2006-03-04 07:33 29,493,252 --a------ C:\WINDOWS\system32\Deutz Engine.001 2008-10-02 23:23 . 2006-03-04 07:33 15,310,852 --a------ C:\WINDOWS\system32\Deutz Engine.002 2008-10-02 23:23 . 2006-03-04 07:33 501,760 --a------ C:\WINDOWS\system32\Deutz Engine.scr 2008-10-02 23:23 . 2006-03-04 07:33 501,760 --a------ C:\WINDOWS\system32\Deutz Engine.exe 2008-10-02 23:23 . 2007-07-07 15:04 1,342 --a------ C:\WINDOWS\system32\Deutz Engine.ssp 2008-10-02 23:23 . 2006-03-04 07:33 0 --a------ C:\WINDOWS\system32\Deutz Engine.mda 2008-10-02 23:20 . 2008-10-02 23:21 <DIR> d-------- C:\Programfiler\VistaCodecPack 2008-10-02 23:20 . 2008-10-02 23:20 <DIR> d-------- C:\Programfiler\illiminable 2008-10-02 23:17 . 2003-04-27 13:32 1,511,936 --a------ C:\WINDOWS\system32\divx.dll 2008-10-02 23:17 . 1999-11-12 21:49 294,912 --a------ C:\WINDOWS\system32\iviaudio.ax 2008-10-02 23:17 . 2000-05-07 22:08 34,816 --a------ C:\WINDOWS\system32\mpgaudio.ax 2008-10-02 23:17 . 2002-05-21 17:14 4,286 --a------ C:\WINDOWS\system32\divx.ico 2008-10-02 23:13 . 2008-10-02 23:13 <DIR> d-------- C:\Programfiler\Codec Pack - All In 1 2008-10-02 23:13 . 2008-10-02 23:12 737,280 --a------ C:\WINDOWS\iun6002.exe 2008-10-02 16:42 . 2008-10-02 16:42 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-10-02 16:41 . 2008-10-02 16:41 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-10-02 16:41 . 2008-10-02 16:41 <DIR> d-------- C:\Documents and Settings\Anette\Programdata\SUPERAntiSpyware.com 2008-10-02 16:40 . 2008-10-02 16:40 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-10-02 16:30 . 2008-10-02 16:30 <DIR> d-------- C:\Programfiler\Malwarebytes' Anti-Malware 2008-10-02 16:30 . 2008-10-02 16:30 <DIR> d-------- C:\Documents and Settings\Anette\Programdata\Malwarebytes 2008-10-02 16:30 . 2008-10-02 16:30 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Malwarebytes 2008-10-02 16:30 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-10-02 16:30 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-10-02 01:12 . 2008-10-02 01:12 <DIR> d-------- C:\Programfiler\Lavasoft 2008-10-02 01:11 . 2008-10-02 01:11 <DIR> d-------- C:\Programfiler\Runtime Software 2008-10-02 01:11 . 1999-03-23 10:12 299,520 --a------ C:\WINDOWS\uninst.exe 2008-10-01 23:00 . 2008-10-01 23:00 268 --ah----- C:\sqmdata19.sqm 2008-10-01 23:00 . 2008-10-01 23:00 244 --ah----- C:\sqmnoopt19.sqm 2008-10-01 22:59 . 2008-10-01 22:59 <DIR> d-------- C:\Programfiler\Alwil Software 2008-10-01 22:59 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-10-01 22:27 . 2008-10-01 22:27 268 --ah----- C:\sqmdata18.sqm 2008-10-01 22:27 . 2008-10-01 22:27 244 --ah----- C:\sqmnoopt18.sqm 2008-10-01 21:45 . 2008-10-02 00:50 <DIR> d-------- C:\Programfiler\Yahoo! 2008-10-01 21:44 . 2008-10-01 21:45 <DIR> d-------- C:\Programfiler\CCleaner 2008-10-01 15:56 . 2008-10-01 16:07 <DIR> d-------- C:\Programfiler\Spybot - Search & Destroy 2008-10-01 15:56 . 2008-10-02 23:41 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2008-10-01 15:12 . 2008-10-02 13:26 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-10-01 13:15 . 2008-10-02 13:08 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-10-01 13:15 . 2008-10-01 13:15 <DIR> d-------- C:\Programfiler\AVG 2008-10-01 13:15 . 2008-10-01 15:57 <DIR> d-------- C:\Documents and Settings\Anette\Programdata\AVGTOOLBAR 2008-10-01 13:15 . 2008-10-01 13:15 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\avg8 2008-10-01 13:15 . 2008-10-01 13:15 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-10-01 13:15 . 2008-10-01 13:15 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-10-01 13:15 . 2008-10-01 13:15 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-09-16 15:52 . 2008-09-16 15:52 268 --ah----- C:\sqmdata17.sqm 2008-09-16 15:52 . 2008-09-16 15:52 244 --ah----- C:\sqmnoopt17.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-02 14:15 --------- d-----w C:\Programfiler\VideoLAN 2008-10-02 14:14 --------- d-----w C:\Programfiler\Winamp 2008-10-02 14:12 --------- d-----w C:\Programfiler\iTunes 2008-10-02 14:12 --------- d-----w C:\Documents and Settings\All Users\Programdata\Apple Computer 2008-10-01 23:17 --------- d-----w C:\Documents and Settings\Anette\Programdata\Lavasoft 2008-10-01 20:24 --------- d-----w C:\Programfiler\GameSpy Arcade 2008-10-01 11:10 --------- d-----w C:\Programfiler\Java 2008-08-03 09:14 --------- d-----w C:\Documents and Settings\Anette\Programdata\LimeWire 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "MsnMsgr"="C:\Programfiler\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "updateMgr"="C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 307200] "SpybotSD TeaTimer"="C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-22 344064] "PowerManager"="C:\Programfiler\Power Manager\PM.exe" [2005-08-19 163840] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-01 1234712] "SoundMan"="SOUNDMAN.EXE" [2005-08-01 C:\WINDOWS\SOUNDMAN.EXE] "SMSERIAL"="sm56hlpr.exe" [2005-08-01 C:\WINDOWS\sm56hlpr.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-07-23 16:28 352256 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3radius"= l3codecp.acm "msacm.avis"= ff_acm.acm [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "C:\\Programfiler\\MSN Messenger\\livecall.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "C:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-10-01 97928] R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-01 875288] R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-01 231704] R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-10-01 76040] R3 EKBfltr;ENE Keyboard Controller;C:\WINDOWS\system32\DRIVERS\EKBfltr.sys [2005-08-01 5504] S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 61536] S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360] S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 97088] S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624] S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 86432] S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 90800] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dd12b2a-8ffb-11dd-be85-0014a506cb21}] \Shell\AutoRun\command - E:\LaunchU3.exe -a *Newly Created Service* - WINIO . . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www.starsiden.no/ R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 R1 -: HKCU-SearchURL,(Default) = hxxp://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-03 00:00:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\wdfmgr.exe C:\Programfiler\AVG\AVG8\avgrsx.exe C:\Programfiler\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\imapi.exe . ************************************************************************** . Completion time: 2008-10-03 0:05:00 - machine was rebooted ComboFix-quarantined-files.txt 2008-10-02 22:04:45 Pre-Run: 71ÿ685ÿ529ÿ600 byte ledig Post-Run: 71,660,732,416 byte ledig 172 --- E O F --- 2008-10-02 09:36:54[/tag] HijackThis: [tag]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:52:48, on 02.10.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\sm56hlpr.exe C:\Programfiler\Power Manager\PM.exe C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Programfiler\Trend Micro\Start\Start.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.starsiden.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programfiler\AVG\AVG8\avgtoolbar.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programfiler\AVG\AVG8\avgtoolbar.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [PowerManager] C:\Programfiler\Power Manager\PM.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_5 -reboot 1 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: NNServ - Unknown owner - C:\Programfiler\NewDotNet\nnrun.exe (file missing) -- End of file - 6048 bytes[/tag] Lenke til kommentar
r2d290 Skrevet 3. oktober 2008 Del Skrevet 3. oktober 2008 Deutz Engine ser ut til å være en screen-saver eller noe. Er det noe du mener du trenger? Hvis ikke, prøver du å avinstallere det fra legg til/fjern programmer. Gi raport... Hvis du er usikker på fila, kan du gjøre følgende: Gå til http://virusscan.jotti.org , trykk på Browse, og last opp følgende fil til analyse: C:\WINDOWS\system32\Deutz Engine.exe Deretter trykker du på Submit. Godta at filen blir scannet. Til slutt kopierer du resultatet, og limer det inn i din neste post, så jeg kan se på den, og vurdere hva som må gjøres videre. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå