Admiral1 Skrevet 3. desember 2006 Del Skrevet 3. desember 2006 (endret) Ok, msn virus herjer blant vennene mine. Pleier ikke å bry meg bortestt fra å si " Idiot, du har msn virus, logg deg av og fjern det før du logger på" Men nå har en god venn av meg fått det ( ja, han var dum nokk til å trykke på linken etter fulgt av "check " ) Har hatt en liten search på nettet og finner ikke noen "guide" for å fjerne det, noen som vet om en? Vil det funke å bare avinstalere hele msn og instalere på nytt, eller går den dypere inn i systemet, og må han da formatere? Klikk for å se/fjerne innholdet nedenfor check http://www.picture2models.info/index.php?XXXXXXX.jpg( X'a bort 7 tall/bokstaver ---- thx til norbat for at han gadd å sjekke HJT loggen min + noen andres Endret 4. desember 2006 av disco808 Lenke til kommentar
Mørbradbiff Skrevet 3. desember 2006 Del Skrevet 3. desember 2006 Har mottatt den selv, men NOD32 stoppet den... HAr noen kompisser også såm sliter litt med det viruset. fant ikke noe hjelp av google selv Lenke til kommentar
b0berg Skrevet 3. desember 2006 Del Skrevet 3. desember 2006 Får det der i ETT! Sykt irriterende, hvem er dum nok til å trykke liksom? Lenke til kommentar
ikkeno Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 Ta en systemopprettning Fil - tilbehør - sikkerhetsverktøy - systemgjenopretting Lenke til kommentar
darkness| Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 Ta en systemopprettning Fil - tilbehør - sikkerhetsverktøy - systemgjenopretting 7419508[/snapback] Nei, nei. Det graver viruset enda dypere ned i filstrukturen. Lenke til kommentar
Admiral1 Skrevet 4. desember 2006 Forfatter Del Skrevet 4. desember 2006 Ok, sikkert feilposta det i begynnelsen my bad Men ingen som vet? Alle de jeg har snakka med sier at av instalsalasjon og en virus scan er det beste de kommer opp med, noen som har noe mer? mvh michael Lenke til kommentar
norbat Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 Vet ikke om du har prøvd det du selv foreslår, så mitt forslag til deg er som følger: Avinstaller MSN fra legg til/fjern programmer Last ned DrWeb Last ned SAS, installer og oppdater. (Evt. AVG Anti spyware) Restart i sikker modus (tapp f8 under oppstart) Kjør drweb-cureit.exe (si ja til å kjøre en express scan) Når dette er ferdig klikker du på Option -> Change settings. Under fanearket Scan, fjerner du haken ved Heuristic analysis. Under fanearket Actions, skal alle punkt under Malware settes til Rename. Velg partisjon du vil scanne og klikk deretter på den grønne pilen for å starte scanningen. Velg "yes to all" når det finner noe for første gang. Kjør en full scan med SAS Restart i normal modus Last ned Combofix og kjør programmet Når dette er ferdig legger du ut en Hijackthis-logg sammen med en logg fra SAS (Preferences->stastistics/logs) Lenke til kommentar
Lukilock Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 Kjør en Hijackthis log(trur det er slik det skrives), og legg den ut her. Sikkert noen som vil se igjennom den . Sempron Lenke til kommentar
Admiral1 Skrevet 4. desember 2006 Forfatter Del Skrevet 4. desember 2006 Skal få gjort det, problemet er at han er han er mildt sagt elendig på pc så jeg må få gjort det for han. Og jeg kan bare treffe han i helgene..... jaja, takk for svar Lenke til kommentar
Dynejonas Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 Jeg fikk dette viruset da jeg var dum nok til å trykke på, laste ned, kjøre og tillate det i antivirusen! Skal kjøre en logg og legge ut her straks. Tusen takk for hjelpen med å fjerne disse greiene! Lenke til kommentar
jealei Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 (endret) Jeg har også fått dette viruset: Log hijack Logfile of HijackThis v1.99.1 Scan saved at 20:37:31, on 04.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\PROGRA~1\MICROS~2\rapimgr.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Opera\Opera.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Adimstrator\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Gmail Notifier.lnk = C:\Program Files\Google\Gmail Notifier\gnotify.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm (file missing) O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.mpw.no/TvNorge/KooPlayer.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Tosnclo - Meetinghouse Data Communications - C:\WINDOWS\system32\drivers\AegisP.sys O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe Endret 4. desember 2006 av jealei Lenke til kommentar
Admiral1 Skrevet 4. desember 2006 Forfatter Del Skrevet 4. desember 2006 (endret) Jaaaa, Hijack (hehe ) tråden min Nei da, men hadde vert fint om noen om en uke ser på min post også Edit : forslag til hvordan folk skal vise loggen : last opp i .txt Endret 4. desember 2006 av disco808 Lenke til kommentar
jealei Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 Log combofix: Adimstrator - 06-12-04 20:34:57,53 Service Pack 2 ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Adimstrator" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files\Inetget2 C:\Program Files\Common Files\{286C2877-084F-1044-0928-05050622002f} C:\Program Files\Common Files\{386C2877-084F-1044-0928-05050622002f} ((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 )))))))))))))))))))))))))))))))))) 2006-12-04 18:46 <DIR> d-------- C:\Documents and Settings\Adimstrator\DoctorWeb 2006-12-04 18:36 <DIR> d--hs---- C:\Config.Msi 2006-12-04 18:25 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2006-12-04 18:25 <DIR> d-------- C:\Documents and Settings\Adimstrator\Application Data\SUPERAntiSpyware.com 2006-12-04 18:17 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2006-12-04 18:17 299,392 --a------ C:\WINDOWS\system32\imon.dll 2006-12-04 18:17 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2006-12-04 18:16 <DIR> d-------- C:\Program Files\ESET 2006-12-04 17:01 77,824 --a------ C:\WINDOWS\system32\gotgo.exe 2006-12-04 17:01 138,565 --a------ C:\WINDOWS\system32\mcc.exe 2006-12-04 16:49 77,824 --a------ C:\Documents and Settings\Adimstrator\gotgo.exe 2006-12-04 16:49 138,565 --a------ C:\Documents and Settings\Adimstrator\mcc.exe 2006-12-03 21:08 <DIR> d-------- C:\Documents and Settings\Adimstrator\Application Data\ZipGenius 2006-12-03 21:07 <DIR> d-------- C:\Program Files\ZipGenius 6 2006-12-03 19:46 <DIR> d-------- C:\Program Files\WinRAR 2006-12-02 18:54 <DIR> d-------- C:\Program Files\Ubisoft 2006-12-01 11:27 <DIR> d-------- C:\Program Files\Mario Forever 2006-11-29 11:02 <DIR> d-------- C:\Program Files\YourWare Solutions 2006-11-29 10:43 <DIR> d-------- C:\Program Files\Process Master 2006-11-28 21:22 <DIR> d-------- C:\Program Files\RegCleaner 2006-11-28 17:19 <DIR> d-------- C:\Documents and Settings\Adimstrator\Application Data\SmartFTP 2006-11-28 17:18 <DIR> d-------- C:\Program Files\SmartFTP Client 2.0 Setup Files 2006-11-28 17:18 <DIR> d-------- C:\Program Files\SmartFTP Client 2.0 2006-11-28 16:46 <DIR> d-------- C:\Program Files\mIRC 2006-11-23 18:40 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2006-11-23 18:39 <DIR> d-------- C:\Program Files\PC Connectivity Solution 2006-11-23 18:38 9,216 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2006-11-23 18:38 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll 2006-11-23 18:38 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2006-11-23 18:38 138,240 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2006-11-23 18:38 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2006-11-23 18:38 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2006-11-23 18:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2006-11-22 23:39 <DIR> d-------- C:\Program Files\Windows Defender 2006-11-22 19:43 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2006-11-22 19:43 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2006-11-22 19:42 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2006-11-22 16:31 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2006-11-22 16:31 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe 2006-11-15 15:59 <DIR> d-------- C:\d2310f7983e233e86f52c3 2006-11-11 09:49 <DIR> d-------- C:\Program Files\Common Files\DirectX 2006-11-06 18:30 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys 2006-11-06 17:43 <DIR> d-------- C:\Program Files\Electronic Arts 2006-11-06 17:32 <DIR> d-------- C:\Program Files\DAEMON Tools 2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-04 20:35 -------- d-------- C:\Program Files\Common Files 2006-12-04 20:33 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\Skype 2006-12-04 18:24 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2006-12-04 18:05 -------- d-------- C:\Program Files\MSN Messenger 2006-12-04 17:31 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\uTorrent 2006-12-04 16:56 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\AVG7 2006-12-04 16:48 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-12-03 20:26 8998 --a------ C:\Documents and Settings\Adimstrator\Application Data\mainhst.zgh 2006-12-03 18:46 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\LimeWire 2006-12-03 10:46 -------- d-------- C:\Program Files\Guitar Pro 5 2006-11-29 09:40 -------- d-------- C:\Program Files\EA GAMES 2006-11-28 23:00 -------- d-------- C:\Program Files\Microsoft ActiveSync 2006-11-28 22:42 -------- d-------- C:\Program Files\EvilLyrics 2006-11-28 20:40 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-11-23 19:33 276638 --a------ C:\Documents and Settings\Adimstrator\Application Data\NMM-MetaData.db 2006-11-23 19:07 -------- d-------- C:\Program Files\Nokia 2006-11-23 19:07 -------- d-------- C:\Program Files\Common Files\Nokia 2006-11-23 18:41 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\Nokia 2006-11-23 18:32 -------- d-------- C:\Program Files\DIFX 2006-11-23 18:32 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\PC Suite 2006-11-23 12:38 -------- d-------- C:\Program Files\Java 2006-11-22 16:32 -------- d-------- C:\Program Files\Winamp 2006-11-12 18:05 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\Google 2006-11-12 13:05 -------- d-------- C:\Program Files\Opera 2006-11-09 11:09 -------- d---s---- C:\Documents and Settings\Adimstrator\Application Data\Microsoft 2006-11-06 17:29 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2006-11-02 10:18 -------- d-------- C:\Program Files\TEMPWarBirdsSETUP 2006-11-02 07:42 -------- d-------- C:\Program Files\Google 2006-11-02 07:13 18048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys 2006-11-02 07:13 165376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2006-11-01 18:33 -------- d-------- C:\Program Files\Project64 1.6 2006-10-30 07:47 217088 --a------ C:\WINDOWS\system32\UAService7.exe 2006-10-29 14:20 -------- d-------- C:\Program Files\K-Lite Codec Pack 2006-10-29 14:20 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\Real 2006-10-29 13:55 -------- d-------- C:\Program Files\MSXML 4.0 2006-10-29 13:23 -------- d-------- C:\Program Files\Webteh 2006-10-29 10:44 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\Media Player Classic 2006-10-29 08:36 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\dvdcss 2006-10-28 20:12 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\BSplayer 2006-10-28 20:09 -------- d-------- C:\Program Files\Setup 2006-10-28 20:06 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\vlc 2006-10-28 18:50 -------- d-------- C:\Program Files\CDBurnerXP Pro 3 2006-10-25 23:12 -------- d-------- C:\Program Files\Adobe 2006-10-25 22:15 -------- d-------- C:\Program Files\MediaMonkey 2006-10-22 11:56 -------- d-------- C:\Program Files\SimpleCenter 2006-10-21 10:38 -------- d-------- C:\Program Files\Windows Media Player 2006-10-19 20:38 831048 --a------ C:\WINDOWS\system32\WudfUpdate_01005.dll 2006-10-19 11:45 -------- d-------- C:\Program Files\Internet Explorer 2006-10-19 10:41 -------- d-------- C:\Program Files\Common Files\Teleca Shared 2006-10-17 12:33 6049280 --------- C:\WINDOWS\system32\ieframe.dll 2006-10-17 12:33 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-10-17 12:33 458752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-10-17 12:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-10-17 12:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-10-17 12:33 180736 --------- C:\WINDOWS\system32\ieui.dll 2006-10-17 12:33 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 12:01 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-10-17 12:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-10-17 12:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-10-17 12:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-10-17 12:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-10-17 12:01 13312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-10-17 12:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-10-17 12:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-10-17 12:00 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll 2006-10-17 11:27 -------- d-------- C:\Program Files\MathType 2006-10-17 11:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-10-16 16:02 -------- d-------- C:\Documents and Settings\Adimstrator\Application Data\Teleca 2006-10-14 22:35 -------- d-------- C:\Program Files\JAM Software 2006-10-14 20:31 -------- d-------- C:\Program Files\Lonely Cat Games 2006-10-13 13:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-10 08:54 50688 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2006-10-06 09:54 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2006-09-22 13:19 73 --a------ C:\WINDOWS\system32\ssprs.dll 2006-09-22 13:19 205 --a------ C:\WINDOWS\system32\lsprst7.dll 2006-09-16 03:02 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-09-15 23:30 87040 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll 2006-09-15 23:30 55296 --------- C:\WINDOWS\system32\WudfSvc.dll 2006-09-15 23:30 308224 --------- C:\WINDOWS\system32\WUDFx.dll 2006-09-15 23:30 142848 --------- C:\WINDOWS\system32\WudfHost.exe 2006-09-15 22:29 163840 --------- C:\WINDOWS\system32\WudfPlatform.dll 2006-09-13 23:14 593938 --a------ C:\WINDOWS\system32\x264vfw.dll 2006-09-13 06:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe" "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" "FreeRAM XP"="\"C:\\Program Files\\YourWare Solutions\\FreeRAM XP Pro\\FreeRAM XP Pro.exe\" -win" "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32" "PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC" "PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName" "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "IntelWireless"="C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe /tf Intel PROSet/Wireless" "Dell QuickSet"="C:\\Program Files\\Dell\\QuickSet\\quickset.exe" "Apoint"="C:\\Program Files\\Apoint\\Apoint.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\"" "eTrustPPAP"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\eTrust PestPatrol Anti-Spyware\\PPActiveDetection.exe\"" "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe" "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" "PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup" "Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\"" "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,50,01,00,00,00,00,00,00,40,05,00,00,1a,04,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Completion time: 06-12-04 20:35:57.67 C:\ComboFix.txt ... 06-12-04 20:35 Lenke til kommentar
jealei Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 Log Sas SUPERAntiSpyware Scan Log Generated 12/04/2006 at 08:30 PM Application Version : 3.3.1020 Core Rules Database Version : 3141 Trace Rules Database Version: 1157 Scan type : Complete Scan Total Scan Time : 00:08:24 Memory items scanned : 182 Memory threats detected : 0 Registry items scanned : 5972 Registry threats detected : 38 File items scanned : 1064 File threats detected : 12 Trojan.Update-Mcboo [{286C2877-084F-1044-0928-05050622002f}] C:\PROGRAM FILES\COMMON FILES\{286C2877-084F-1044-0928-05050622002F}\UPDATE.EXE C:\PROGRAM FILES\COMMON FILES\{286C2877-084F-1044-0928-05050622002F}\UPDATE.EXE C:\WINDOWS\Prefetch\UPDATE.EXE-026FE89E.pf Unclassified.Oreans32 HKLM\System\ControlSet001\Services\oreans32 C:\WINDOWS\SYSTEM32\DRIVERS\OREANS32.SYS HKLM\System\ControlSet002\Services\oreans32 HKLM\System\CurrentControlSet\Services\oreans32 HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32 HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32#NextInstance HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000 HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Service HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Legacy HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#ConfigFlags HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Class HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#ClassGUID HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#DeviceDesc HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Capabilities HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000\LogConf HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000\Control HKLM\SYSTEM\CurrentControlSet\Services\oreans32#Type HKLM\SYSTEM\CurrentControlSet\Services\oreans32#Start HKLM\SYSTEM\CurrentControlSet\Services\oreans32#ErrorControl HKLM\SYSTEM\CurrentControlSet\Services\oreans32#ImagePath HKLM\SYSTEM\CurrentControlSet\Services\oreans32#DisplayName HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Security HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Security#Security HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#0 HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#Count HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#NextInstance Adware.Tracking Cookie C:\Documents and Settings\Adimstrator\Cookies\adimstrator@2o7[1].txt C:\Documents and Settings\Adimstrator\Cookies\adimstrator@adtech[1].txt C:\Documents and Settings\Adimstrator\Cookies\adimstrator@imrworldwide[1].txt C:\Documents and Settings\Adimstrator\Cookies\adimstrator@advertising[1].txt C:\Documents and Settings\Adimstrator\Cookies\adimstrator@doubleclick[1].txt C:\Documents and Settings\Adimstrator\Cookies\[email protected][2].txt C:\Documents and Settings\Adimstrator\Cookies\[email protected][2].txt Adware.Toolbar888 HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208} HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0 HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\0 HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\0\win32 HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\FLAGS HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\HELPDIR HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B} HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid32 HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib#Version Trojan.Security Toolbar C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url Lenke til kommentar
Dynejonas Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 (endret) Her er alle loggene, si fra om det er noe snusk som jeg ikke bør ha. Klikk for å se/fjerne innholdet nedenfor Jon4s - 06-12-04 20:50:26,17 Service Pack 1ComboFix 06.11.27W - Running from: "C:\" ((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 )))))))))))))))))))))))))))))))))) 2006-12-04 20:28 218,112 --a------ C:\HijackThis.exe 2006-12-04 20:24 381,398 --a------ C:\combofix.exe 2006-12-04 20:18 <DIR> d-------- C:\WINDOWS\system32\SuperAdBlocker.com 2006-12-04 18:14 5,326,608 --a------ C:\drweb-cureit.exe 2006-12-04 17:41 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2006-12-04 17:41 <DIR> d-------- C:\Documents and Settings\Jon4s\DoctorWeb 2006-12-04 17:41 <DIR> d-------- C:\Documents and Settings\Jon4s\Application Data\SUPERAntiSpyware.com 2006-11-29 17:29 <DIR> d-------- C:\Program Files\Expekt 2006-11-29 17:24 <DIR> d-------- C:\WINDOWS\system32\FlashAX 2006-11-29 17:24 <DIR> d-------- C:\Documents and Settings\Jon4s\Application Data\Microgaming 2006-11-29 17:23 <DIR> d-------- C:\Program Files\UnibetpokerMPP 2006-11-23 23:09 <DIR> d-------- C:\Documents and Settings\Jon4s\WoW-1.12.x-to-2.0.1-enGB-patch 2006-11-09 20:17 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2006-11-09 20:17 <DIR> d-------- C:\Documents and Settings\Jon4s\Contacts (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-04 20:25 -------- d-------- C:\Program Files\Common Files 2006-12-04 20:18 -------- d-------- C:\Program Files\Mozilla Firefox 2006-12-04 19:32 -------- d-------- C:\Program Files\mIRC 2006-12-04 17:41 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2006-12-04 17:39 -------- d-------- C:\Program Files\MSN Messenger 2006-12-04 17:39 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-12-02 14:47 -------- d-------- C:\Program Files\InterVideo 2006-12-02 14:46 -------- d-------- C:\Program Files\ahead 2006-12-02 14:45 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-12-02 14:45 -------- d-------- C:\Documents and Settings\Jon4s\Application Data\Macromedia 2006-11-30 14:52 -------- d-------- C:\Program Files\World of Warcraft 2006-11-29 22:49 -------- d-------- C:\Program Files\StepMania 2006-11-29 18:03 -------- d-------- C:\Program Files\Betsson Poker 2006-11-28 21:59 -------- d-------- C:\Documents and Settings\Jon4s\Application Data\Apple Computer 2006-11-22 22:09 -------- d-------- C:\Documents and Settings\Jon4s\Application Data\OpenOffice.org2 2006-11-22 18:26 -------- d-------- C:\Program Files\Trend Micro 2006-11-20 20:10 -------- d-------- C:\Program Files\Opera 2006-11-10 19:48 -------- d-------- C:\Program Files\Common Files\Blizzard Entertainment 2006-11-01 19:17 -------- d---s---- C:\Documents and Settings\Jon4s\Application Data\Microsoft 2006-10-26 17:20 -------- d-------- C:\Program Files\Guitar Pro 5 2006-10-10 19:30 -------- d-------- C:\Program Files\QuickTime 2006-10-06 22:07 -------- d-------- C:\Program Files\TrackMania Nations ESWC (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Pulse"="C:\\Program Files\\Pulse\\Pulse.exe -splash" "Steam"="" "ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe" "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "razer"="C:\\Program Files\\Razer\\razerhid.exe" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" @="" "Launch LGDCore"="\"C:\\Program Files\\Logitech\\G-series Software\\LGDCore.exe\" /SHOWHIDE" "Launch LCDMon"="\"C:\\Program Files\\Logitech\\G-series Software\\LCDMon.exe\"" "WinFast Schedule"="C:\\Program Files\\WinFast\\WFTVFM\\WFWIZ.exe" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex] "Flag"=dword:00000002 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000003 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,c0,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,86,01,00,00,23,00,00,00,96,00,00,00,a4,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1114098534.job Completion time: 06-12-04 20:50:59.14 C:\ComboFix.txt ... 06-12-04 20:50 C:\ComboFix2.txt ... 06-12-04 20:25 Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 20:51:25, on 04.12.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Razer\razerhid.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Logitech\G-series Software\LGDCore.exe C:\Program Files\Logitech\G-series Software\LCDMon.exe C:\Program Files\WinFast\WFTVFM\WFWIZ.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Pulse\Pulse.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Razer\razerofa.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ftp://ftp.home.no/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://camtech2000.net/ O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe" O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [Pulse] C:\Program Files\Pulse\Pulse.exe -splash O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan LogGenerated 12/04/2006 at 06:00 PM Application Version : 3.3.1020 Core Rules Database Version : 0 Trace Rules Database Version: 0 Scan type : Quick Scan Total Scan Time : 00:08:04 Memory items scanned : 176 Memory threats detected : 1 Registry items scanned : 680 Registry threats detected : 9 File items scanned : 13824 File threats detected : 11 Adware.IPWins C:\PROGRAM FILES\IPWINS\IPWINS.EXE [ipWins] C:\PROGRAM FILES\IPWINS\IPWINS.EXE C:\PROGRAM FILES\IPWINS\IPWINS.EXE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IpWins HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IpWins#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IpWins#UninstallString C:\Program Files\ipwins\Services.dll C:\Program Files\ipwins\Uninst.exe C:\Program Files\ipwins C:\WINDOWS\Prefetch\IPWINS.EXE-30AFCA16.pf Adware.Toolbar888 HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B} HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid32 HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib#Version Adware.Tracking Cookie C:\Documents and Settings\Jon4s\Cookies\[email protected][2].txt C:\Documents and Settings\Jon4s\Cookies\[email protected][1].txt C:\Documents and Settings\Jon4s\Cookies\[email protected][2].txt C:\Documents and Settings\Jon4s\Cookies\[email protected][2].txt C:\Documents and Settings\Jon4s\Cookies\[email protected][1].txt Adware.WhenU C:\DOCUMENTS AND SETTINGS\JON4S\LOCAL SETTINGS\TEMP\VVSNINST.EXE Og så lurer jeg på om noen vet om Trend er en bra antivirus. Har den siste versjonen, og det var litt rart da den ble ødelagt av det msn viruset. Endret 4. desember 2006 av PyroCX Lenke til kommentar
Admiral1 Skrevet 4. desember 2006 Forfatter Del Skrevet 4. desember 2006 Update fra min side: Vennen min deinstalerte msn, instalerte avast, kjørte en scan, instalerte msn og det funket for han ( det jeg er stolt av er at han klarte det) Takker og bukker på vegne av han for de svarene mvh michael og ali Lenke til kommentar
norbat Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 jealei Last ned Avenger, pakk det ut på skrivebordet. Start programmet og velg å "Input script manuelt" Kopier og lim inn alt som står under (i bold): Files to delete: C:\WINDOWS\system32\gotgo.exe C:\WINDOWS\system32\mcc.exe C:\Documents and Settings\Adimstrator\gotgo.exe C:\Documents and Settings\Adimstrator\mcc.exe Klikk på trafikklyset. Lenke til kommentar
norbat Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 PyroCX Så rimelig greit ut dette. Du bør vurdere å oppdatere til SP2 Lenke til kommentar
norbat Skrevet 4. desember 2006 Del Skrevet 4. desember 2006 disco808 Vil gjerne se en Hijackthis-logg Lenke til kommentar
Admiral1 Skrevet 4. desember 2006 Forfatter Del Skrevet 4. desember 2006 Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 21:56:36, on 04.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\ServerSpy.Net\GameLauncher\gamelauncher.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe C:\Programfiler\Eset\nod32kui.exe C:\Programfiler\UltraMon\UltraMon.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\BitTorrent\bittorrent.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\UltraMon\UltraMonTaskbar.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe c:\progra~1\intern~1\iexplore.exe C:\Programfiler\TaskSwitchXP\TaskSwitchXP.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\AceLogix\StartupGuard\sg.exe C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\etmin.exe C:\Programfiler\RALINK\Common\RaUI.exe C:\Programfiler\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\svchost.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Opera\Opera.exe C:\DOCUME~1\micahels\LOKALE~1\Temp\Midlertidig mappe 1 for hijackthis.zip\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Seekmo Search Assistant Helper /fleok=1D8A83A5C5E1147998AF75760EA83FA5EF80752B94E2DF7A5978432839CE - {5929CD6E-2062-44a4-B2C5-2C7E78FBAB38} - c:\programfiler\seekmo\seekmohook.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Extra Grim Math Deaf] C:\Documents and Settings\All Users\Programdata\Online Meow Extra Grim\Soap Byte.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [gamelauncher] C:\Programfiler\ServerSpy.Net\GameLauncher\gamelauncher.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [seekmo] "c:\programfiler\seekmo\seekmo.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Programfiler\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [ultraMon] "C:\Programfiler\UltraMon\UltraMon.exe" /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Flag owns] C:\DOCUME~1\micahels\PROGRA~1\WAVERE~1\long meta wait.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [bitTorrent] "C:\Programfiler\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [TaskSwitchXP] C:\Programfiler\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [startup Guard] C:\Programfiler\AceLogix\StartupGuard\sg.exe O4 - HKCU\..\Run: [VoipBuster] "C:\Programfiler\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: etmin.exe O4 - Global Startup: hello.BAT O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Programfiler\RALINK\Common\RaUI.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programfiler\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) Her er min, i think , litt liten iforhold til de andres men Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå