3evel Skrevet 1. desember 2007 Del Skrevet 1. desember 2007 pc-en min begynner å gå treigere og tregere for tiden. Jeg er 100% sikker på at det har kommet noen virus på den. kan noen være så snille å skjekke Hijackthis loggen min? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:26:10, on 01.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\itfknhwq.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\WINDOWS\System32\svchost.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\ehome\RMSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ehome\McrdSvc.exe C:\Program Files\Windows Media Connect 2\wmccds.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe C:\WINDOWS\system32\rundll32.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\tsitra2000373.exe C:\PROGRA~1\mcafee.com\mps\mscifapp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\WINDOWS\system32\dlcccoms.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\WinPop\winpop.exe C:\Program Files\WinAble\winable.exe C:\DOCUME~1\TRYMV\MYDOCU~1\CROSOF~1.NET\rundll32.exe C:\Program Files\Insider\Insider.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Dell Network Assistant\ezi_hnm2.exe C:\Program Files\Digital Line Detect\DLG.exe C:\WINDOWS\ehome\RMSysTry.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\?icrosoft\?pool32.exe C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe C:\PROGRA~1\McAfee.com\Agent\mcupdui.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\TRYMV\Desktop\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....;l=no&s=gen R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....;l=no&s=gen O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [runner1] C:\WINDOWS\tsitra2000373.exe 61A847B5BBF72810329B385575FA01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310F3D29332016D 76C5C01F37D84BBFD566D55F8541231A055A19381221232983F556CAC59B6 O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NI.UERSH_0001_N91M2704] "c:\documents and settings\trymv\application data\errorsafefreeinstall_now[1].exe" -nag O4 - HKLM\..\Run: [1cf204d1] rundll32.exe "C:\WINDOWS\system32\kdbnphbq.dll",b O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe O4 - HKCU\..\Run: [uaol] "C:\DOCUME~1\TRYMV\MYDOCU~1\CROSOF~1.NET\rundll32.exe" -vt yazb O4 - HKCU\..\Run: [insider] C:\Program Files\Insider\Insider.exe O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [__c008E87C] rundll32.exe "C:\Documents and Settings\TRYMV\Application Data\__c008E87C.dat",B O4 - HKCU\..\Run: [NI.UERSH_0001_N91M2704] "C:\Documents and Settings\TRYMV\Application Data\errorsafefreeinstall_now[1].exe" -nag O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Dell Network Assistant.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Ressursovervåking for Extender-enhet.lnk = C:\WINDOWS\ehome\RMSysTry.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v8.cab O16 - DPF: {B69B0694-EB7C-4468-B572-B781062A1EF2} (KooPlayer Control) - http://static.mediazone.com/player/1.0.0.64/MZPlayer.CAB O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0074926.dat O22 - SharedTaskScheduler: floripondio - {6ad686b9-ab56-4ebc-a804-9f70b55b4577} - (no file) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe O23 - Service: DomainService - - C:\WINDOWS\system32\itfknhwq.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O24 - Desktop Component 0: (no name) - http://www.counternet.sk/images/capts/26062005133649.jpg Lenke til kommentar
BigJackW Skrevet 1. desember 2007 Del Skrevet 1. desember 2007 http://www.hijackthis.de/ Lenke til kommentar
Gjest medlem-105082 Skrevet 1. desember 2007 Del Skrevet 1. desember 2007 Hei! Du hadde litt rusk, ja. Derfor gjør følgende: Last ned SuperAntiSpyware, installer, oppdater og kjør en 'complete scan'. Når SAS er ferdig å scanne så legger du ut en helt ny HijackThis logg, sammen med SAS loggen (preferences->statistics/logs). Lenke til kommentar
3evel Skrevet 1. desember 2007 Forfatter Del Skrevet 1. desember 2007 SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 12/01/2007 at 05:58 PM Application Version : 3.9.1008 Core Rules Database Version : 3353 Trace Rules Database Version: 1352 Scan type : Complete Scan Total Scan Time : 00:52:37 Memory items scanned : 632 Memory threats detected : 9 Registry items scanned : 6190 Registry threats detected : 257 File items scanned : 53338 File threats detected : 92 Adware.eZula C:\WINDOWS\SYSTEM32\ITFKNHWQ.EXE C:\WINDOWS\SYSTEM32\ITFKNHWQ.EXE HKLM\System\ControlSet001\Services\DomainService HKLM\System\ControlSet003\Services\DomainService HKLM\System\CurrentControlSet\Services\DomainService C:\WINDOWS\SYSTEM32\AVQAMXSK.EXE C:\WINDOWS\SYSTEM32\BWEJVVRC.EXE C:\WINDOWS\SYSTEM32\CKTUITLT.EXE C:\WINDOWS\SYSTEM32\GRWHKROP.EXE C:\WINDOWS\SYSTEM32\ICFJMVCW.EXE C:\WINDOWS\SYSTEM32\KQEEFKTS.EXE C:\WINDOWS\SYSTEM32\LBLAFBNW.EXE C:\WINDOWS\SYSTEM32\MBABTAXJ.EXE C:\WINDOWS\SYSTEM32\QDTINWLV.EXE C:\WINDOWS\SYSTEM32\SVULPBBV.EXE C:\WINDOWS\SYSTEM32\XWYXPFKL.EXE Adware.Vundo-Variant/Small-A C:\WINDOWS\SYSTEM32\KDBNPHBQ.DLL C:\WINDOWS\SYSTEM32\KDBNPHBQ.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP202\A0152628.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP203\A0153628.DLL Unclassified.Unknown Origin/System C:\WINDOWS\SYSTEM32\SSTQR.DLL C:\WINDOWS\SYSTEM32\SSTQR.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FA06B8F-6D1A-4ACD-9A92-3101EBC0940F} HKCR\CLSID\{6FA06B8F-6D1A-4ACD-9A92-3101EBC0940F} HKCR\CLSID\{6FA06B8F-6D1A-4ACD-9A92-3101EBC0940F}\InprocServer32 HKCR\CLSID\{6FA06B8F-6D1A-4ACD-9A92-3101EBC0940F}\InprocServer32#ThreadingModel Trojan.Downloader-NewJuan/VM C:\WINDOWS\SYSTEM32\LXVQYMKR.DLL C:\WINDOWS\SYSTEM32\LXVQYMKR.DLL Trojan.Downloader-Gen/TSITRA C:\WINDOWS\TSITRA2000373.EXE C:\WINDOWS\TSITRA2000373.EXE Trojan.Downloader-Gen/WinPop C:\PROGRAM FILES\WINPOP\WINPOP.EXE C:\PROGRAM FILES\WINPOP\WINPOP.EXE [WinPop] C:\PROGRAM FILES\WINPOP\WINPOP.EXE C:\Program Files\WinPop C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP178\A0133552.EXE Trojan.Net-Winable C:\PROGRAM FILES\WINABLE\WINABLE.EXE C:\PROGRAM FILES\WINABLE\WINABLE.EXE [WinAble] C:\PROGRAM FILES\WINABLE\WINABLE.EXE Adware.ClickSpring-Variant C:\DOCUME~1\TRYMV\MYDOCU~1\CROSOF~1.NET\RUNDLL32.EXE C:\DOCUME~1\TRYMV\MYDOCU~1\CROSOF~1.NET\RUNDLL32.EXE Trojan.Downloader-Gen/Insider C:\PROGRAM FILES\INSIDER\INSIDER.EXE C:\PROGRAM FILES\INSIDER\INSIDER.EXE [insider] C:\PROGRAM FILES\INSIDER\INSIDER.EXE Worm.Sober Variant [uaol] C:\DOCUME~1\TRYMV\MYDOCU~1\CROSOF~1.NET\RUNDLL32.EXE C:\DOCUMENTS AND SETTINGS\TRYMV\MY DOCUMENTS\CROSOF~1.NET\RUNDLL32.EXE Trojan.ErrorSafe [NI.UERSH_0001_N91M2704] C:\DOCUMENTS AND SETTINGS\TRYMV\APPLICATION DATA\ERRORSAFEFREEINSTALL_NOW[1].EXE C:\DOCUMENTS AND SETTINGS\TRYMV\APPLICATION DATA\ERRORSAFEFREEINSTALL_NOW[1].EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP203\A0153645.LNK Adware.Vundo Variant HKLM\Software\Classes\CLSID\{89AD4D75-2429-462e-BD4E-443F233F6033} HKCR\CLSID\{89AD4D75-2429-462E-BD4E-443F233F6033} HKCR\CLSID\{89AD4D75-2429-462E-BD4E-443F233F6033}\InprocServer32 HKCR\CLSID\{89AD4D75-2429-462E-BD4E-443F233F6033}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89AD4D75-2429-462e-BD4E-443F233F6033} HKCR\CLSID\{89AD4D75-2429-462E-BD4E-443F233F6033} Adware.ClickSpring HKLM\Software\Classes\CLSID\{C99F4F20-F0C6-DC16-EE5C-FA8A35F02CE5} HKCR\CLSID\{C99F4F20-F0C6-DC16-EE5C-FA8A35F02CE5} HKCR\CLSID\{C99F4F20-F0C6-DC16-EE5C-FA8A35F02CE5}\InprocServer32 HKCR\CLSID\{C99F4F20-F0C6-DC16-EE5C-FA8A35F02CE5}\InprocServer32#ThreadingModel HKCR\CLSID\{C99F4F20-F0C6-DC16-EE5C-FA8A35F02CE5}\Programmable HKCR\CLSID\{C99F4F20-F0C6-DC16-EE5C-FA8A35F02CE5}\TypeLib C:\WINDOWS\SYSTEM32\VDAAYYCS.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C99F4F20-F0C6-DC16-EE5C-FA8A35F02CE5} C:\WINDOWS\system32\ICROSO~1\POOL32~1.EXE Unclassified.Unknown Origin HKLM\Software\Classes\CLSID\{CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} HKCR\CLSID\{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1} HKCR\CLSID\{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1}\InprocServer32 HKCR\CLSID\{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\HLWPGYFX.DLL HKCR\CLSID\{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1} Adware.Tracking Cookie C:\Documents and Settings\TRYMV\Cookies\trymv@partypoker[2].txt C:\Documents and Settings\TRYMV\Cookies\trymv@zedo[1].txt C:\Documents and Settings\TRYMV\Cookies\[email protected][1].txt C:\Documents and Settings\GJEST\Cookies\gjest@2o7[2].txt C:\Documents and Settings\GJEST\Cookies\[email protected][1].txt C:\Documents and Settings\GJEST\Cookies\[email protected][2].txt C:\Documents and Settings\GJEST\Cookies\gjest@adbrite[2].txt C:\Documents and Settings\GJEST\Cookies\[email protected][2].txt C:\Documents and Settings\GJEST\Cookies\gjest@adultadworld[1].txt C:\Documents and Settings\GJEST\Cookies\gjest@advertising[1].txt C:\Documents and Settings\GJEST\Cookies\gjest@doubleclick[1].txt C:\Documents and Settings\GJEST\Cookies\[email protected][1].txt C:\Documents and Settings\GJEST\Cookies\gjest@hitbox[2].txt C:\Documents and Settings\GJEST\Cookies\[email protected][1].txt C:\Documents and Settings\GJEST\Cookies\[email protected][2].txt C:\Documents and Settings\GJEST\Cookies\gjest@tradedoubler[2].txt C:\Documents and Settings\GJEST\Cookies\[email protected][1].txt Trojan.Error Safe Free HKLM\Software\Error Safe Free HKLM\Software\Error Safe Free#EulUERSH_0001_N91M2704 HKLM\Software\Error Safe Free#ProductCode Trojan.MalwareWipe HKCR\AppId\MalwareWipe.EXE HKCR\AppId\MalwareWipe.EXE#AppID HKCR\AppId\{70F17C8C-1744-41B6-9D07-575DB448DCC5} HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9} HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\deQsgEBgLx HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\DNqjr HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\iglzfcaHm HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\InprocServer32 HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\InprocServer32#ThreadingModel HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\Kcsbs HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\khnyJ HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\lYqmc HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\mzegdqIlm HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\ontmvhhsa HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\Prvjby HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\rGklalb HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\sjvpzfopfaslP HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\verubWqeAk HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\YqjfindSkMdS HKCR\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9}\yZumsqICZMmhc C:\PROGRAM FILES\MALWAREWIPED 6.9\MALWAREWIPED 6.9.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP171\A0124571.LNK C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP171\A0124572.LNK C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP171\A0124573.LNK Trojan.Security Toolbar C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url Adware.ClickSpring/Yazzle HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#UninstallString C:\PROGRAM FILES\COMMON FILES\YAZZLE1122OINADMIN.EXE C:\PROGRAM FILES\COMMON FILES\YAZZLE1122OINUNINSTALLER.EXE Trojan.Media-Codec HKCR\VideoAXObject.Chl HKCR\VideoAXObject.Chl\CLSID Adware.Zango Toolbar/Hb HKCR\Interface\{031CBF6A-C70E-4177-A0D4-C5268EE311FB} HKCR\Interface\{031CBF6A-C70E-4177-A0D4-C5268EE311FB}\ProxyStubClsid HKCR\Interface\{031CBF6A-C70E-4177-A0D4-C5268EE311FB}\ProxyStubClsid32 HKCR\Interface\{031CBF6A-C70E-4177-A0D4-C5268EE311FB}\TypeLib HKCR\Interface\{031CBF6A-C70E-4177-A0D4-C5268EE311FB}\TypeLib#Version HKCR\Interface\{195EF37C-0FF4-4AEF-B51B-47D326F01978} HKCR\Interface\{195EF37C-0FF4-4AEF-B51B-47D326F01978}\ProxyStubClsid HKCR\Interface\{195EF37C-0FF4-4AEF-B51B-47D326F01978}\ProxyStubClsid32 HKCR\Interface\{195EF37C-0FF4-4AEF-B51B-47D326F01978}\TypeLib HKCR\Interface\{195EF37C-0FF4-4AEF-B51B-47D326F01978}\TypeLib#Version HKCR\Interface\{1D5DF418-73EA-4B20-B0D1-5F9C6C949CB0} HKCR\Interface\{1D5DF418-73EA-4B20-B0D1-5F9C6C949CB0}\ProxyStubClsid HKCR\Interface\{1D5DF418-73EA-4B20-B0D1-5F9C6C949CB0}\ProxyStubClsid32 HKCR\Interface\{1D5DF418-73EA-4B20-B0D1-5F9C6C949CB0}\TypeLib HKCR\Interface\{1D5DF418-73EA-4B20-B0D1-5F9C6C949CB0}\TypeLib#Version HKCR\Interface\{30022029-2C17-4A99-87D2-A382C674A19D} HKCR\Interface\{30022029-2C17-4A99-87D2-A382C674A19D}\ProxyStubClsid HKCR\Interface\{30022029-2C17-4A99-87D2-A382C674A19D}\ProxyStubClsid32 HKCR\Interface\{30022029-2C17-4A99-87D2-A382C674A19D}\TypeLib HKCR\Interface\{30022029-2C17-4A99-87D2-A382C674A19D}\TypeLib#Version HKCR\Interface\{3A6691EA-C844-46F2-9237-1386A85CE119} HKCR\Interface\{3A6691EA-C844-46F2-9237-1386A85CE119}\ProxyStubClsid HKCR\Interface\{3A6691EA-C844-46F2-9237-1386A85CE119}\ProxyStubClsid32 HKCR\Interface\{3A6691EA-C844-46F2-9237-1386A85CE119}\TypeLib HKCR\Interface\{3A6691EA-C844-46F2-9237-1386A85CE119}\TypeLib#Version HKCR\Interface\{3D2E7662-85FB-4CC1-875C-A624B1AA5D96} HKCR\Interface\{3D2E7662-85FB-4CC1-875C-A624B1AA5D96}\ProxyStubClsid HKCR\Interface\{3D2E7662-85FB-4CC1-875C-A624B1AA5D96}\ProxyStubClsid32 HKCR\Interface\{3D2E7662-85FB-4CC1-875C-A624B1AA5D96}\TypeLib HKCR\Interface\{3D2E7662-85FB-4CC1-875C-A624B1AA5D96}\TypeLib#Version HKCR\Interface\{72FEEB09-BB27-46D3-A06D-930D4D544227} HKCR\Interface\{72FEEB09-BB27-46D3-A06D-930D4D544227}\ProxyStubClsid HKCR\Interface\{72FEEB09-BB27-46D3-A06D-930D4D544227}\ProxyStubClsid32 HKCR\Interface\{72FEEB09-BB27-46D3-A06D-930D4D544227}\TypeLib HKCR\Interface\{72FEEB09-BB27-46D3-A06D-930D4D544227}\TypeLib#Version HKCR\Interface\{736918FE-2349-4230-BA9A-1F23649E32AD} HKCR\Interface\{736918FE-2349-4230-BA9A-1F23649E32AD}\ProxyStubClsid HKCR\Interface\{736918FE-2349-4230-BA9A-1F23649E32AD}\ProxyStubClsid32 HKCR\Interface\{736918FE-2349-4230-BA9A-1F23649E32AD}\TypeLib HKCR\Interface\{736918FE-2349-4230-BA9A-1F23649E32AD}\TypeLib#Version HKCR\Interface\{89D36231-6BD9-4E20-BBA0-FD28C3A83C40} HKCR\Interface\{89D36231-6BD9-4E20-BBA0-FD28C3A83C40}\ProxyStubClsid HKCR\Interface\{89D36231-6BD9-4E20-BBA0-FD28C3A83C40}\ProxyStubClsid32 HKCR\Interface\{89D36231-6BD9-4E20-BBA0-FD28C3A83C40}\TypeLib HKCR\Interface\{89D36231-6BD9-4E20-BBA0-FD28C3A83C40}\TypeLib#Version HKCR\Interface\{A0BA9F0F-BCEF-49CF-8A8E-D87E19E066F3} HKCR\Interface\{A0BA9F0F-BCEF-49CF-8A8E-D87E19E066F3}\ProxyStubClsid HKCR\Interface\{A0BA9F0F-BCEF-49CF-8A8E-D87E19E066F3}\ProxyStubClsid32 HKCR\Interface\{A0BA9F0F-BCEF-49CF-8A8E-D87E19E066F3}\TypeLib HKCR\Interface\{A0BA9F0F-BCEF-49CF-8A8E-D87E19E066F3}\TypeLib#Version HKCR\Interface\{A53762B6-30F7-469F-BA92-13D63CF09A93} HKCR\Interface\{A53762B6-30F7-469F-BA92-13D63CF09A93}\ProxyStubClsid HKCR\Interface\{A53762B6-30F7-469F-BA92-13D63CF09A93}\ProxyStubClsid32 HKCR\Interface\{A53762B6-30F7-469F-BA92-13D63CF09A93}\TypeLib HKCR\Interface\{A53762B6-30F7-469F-BA92-13D63CF09A93}\TypeLib#Version HKCR\Interface\{B24FF4F6-D327-4208-8840-68CCEF7D6125} HKCR\Interface\{B24FF4F6-D327-4208-8840-68CCEF7D6125}\ProxyStubClsid HKCR\Interface\{B24FF4F6-D327-4208-8840-68CCEF7D6125}\ProxyStubClsid32 HKCR\Interface\{B24FF4F6-D327-4208-8840-68CCEF7D6125}\TypeLib HKCR\Interface\{B24FF4F6-D327-4208-8840-68CCEF7D6125}\TypeLib#Version HKCR\Interface\{BD31DF26-7178-41F4-88DD-F16B82D827CA} HKCR\Interface\{BD31DF26-7178-41F4-88DD-F16B82D827CA}\ProxyStubClsid HKCR\Interface\{BD31DF26-7178-41F4-88DD-F16B82D827CA}\ProxyStubClsid32 HKCR\Interface\{BD31DF26-7178-41F4-88DD-F16B82D827CA}\TypeLib HKCR\Interface\{BD31DF26-7178-41F4-88DD-F16B82D827CA}\TypeLib#Version HKCR\Interface\{C4DB76D5-B430-4652-8599-7CD2C8FE6CC6} HKCR\Interface\{C4DB76D5-B430-4652-8599-7CD2C8FE6CC6}\ProxyStubClsid HKCR\Interface\{C4DB76D5-B430-4652-8599-7CD2C8FE6CC6}\ProxyStubClsid32 HKCR\Interface\{C4DB76D5-B430-4652-8599-7CD2C8FE6CC6}\TypeLib HKCR\Interface\{C4DB76D5-B430-4652-8599-7CD2C8FE6CC6}\TypeLib#Version HKCR\Interface\{E977DE7C-34EA-4876-B333-207C4504589E} HKCR\Interface\{E977DE7C-34EA-4876-B333-207C4504589E}\ProxyStubClsid HKCR\Interface\{E977DE7C-34EA-4876-B333-207C4504589E}\ProxyStubClsid32 HKCR\Interface\{E977DE7C-34EA-4876-B333-207C4504589E}\TypeLib HKCR\Interface\{E977DE7C-34EA-4876-B333-207C4504589E}\TypeLib#Version HKCR\Interface\{F5FC30C3-68AD-451B-8BC1-8ABD98F2C69A} HKCR\Interface\{F5FC30C3-68AD-451B-8BC1-8ABD98F2C69A}\ProxyStubClsid HKCR\Interface\{F5FC30C3-68AD-451B-8BC1-8ABD98F2C69A}\ProxyStubClsid32 HKCR\Interface\{F5FC30C3-68AD-451B-8BC1-8ABD98F2C69A}\TypeLib HKCR\Interface\{F5FC30C3-68AD-451B-8BC1-8ABD98F2C69A}\TypeLib#Version Adware.ClickSpring/Outer Info Network HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayVersion HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoModify HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoRepair HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#HelpLink HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#InstallLocation C:\Program Files\Outerinfo\OiUninstaller.exe C:\Program Files\Outerinfo\outerinfo.ico C:\Program Files\Outerinfo\Terms.rtf C:\Program Files\Outerinfo C:\Documents and Settings\TRYMV\Start Menu\Programs\Outerinfo\Terms.lnk C:\Documents and Settings\TRYMV\Start Menu\Programs\Outerinfo\Uninstall.lnk C:\Documents and Settings\TRYMV\Start Menu\Programs\Outerinfo Malware.SpyLocked HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708} HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\dwfastosijbtt HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\gkypvg HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\Implemented Categories HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\InprocServer32 HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\InprocServer32#ThreadingModel HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\jwsgfg HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\lLUJzcj HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\ProgID HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\PvMXg HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\pwyemwsdNb HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\xwxrtmkhgAo HKCR\CLSID\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708}\zPobcmionom HKCR\TypeLib\{27B1DED9-7493-4204-AFCE-9AFD4B7FC662} HKCR\TypeLib\{27B1DED9-7493-4204-AFCE-9AFD4B7FC662}\1.0 HKCR\TypeLib\{27B1DED9-7493-4204-AFCE-9AFD4B7FC662}\1.0 HKCR\TypeLib\{27B1DED9-7493-4204-AFCE-9AFD4B7FC662}\1.0\win32 HKCR\TypeLib\{27B1DED9-7493-4204-AFCE-9AFD4B7FC662}\1.0\FLAGS HKCR\TypeLib\{27B1DED9-7493-4204-AFCE-9AFD4B7FC662}\1.0\HELPDIR HKCR\Interface\{05436423-E2DA-4307-AEE4-275C2522D4DD} HKCR\Interface\{05436423-E2DA-4307-AEE4-275C2522D4DD}\ProxyStubClsid HKCR\Interface\{05436423-E2DA-4307-AEE4-275C2522D4DD}\ProxyStubClsid32 HKCR\Interface\{05436423-E2DA-4307-AEE4-275C2522D4DD}\TypeLib HKCR\Interface\{05436423-E2DA-4307-AEE4-275C2522D4DD}\TypeLib#Version HKCR\Interface\{17A868CD-C8B9-4A46-8224-85E4D81CD764} HKCR\Interface\{17A868CD-C8B9-4A46-8224-85E4D81CD764}\ProxyStubClsid HKCR\Interface\{17A868CD-C8B9-4A46-8224-85E4D81CD764}\ProxyStubClsid32 HKCR\Interface\{17A868CD-C8B9-4A46-8224-85E4D81CD764}\TypeLib HKCR\Interface\{17A868CD-C8B9-4A46-8224-85E4D81CD764}\TypeLib#Version HKCR\Interface\{3037B797-A390-4DCD-BCA6-272815FC4265} HKCR\Interface\{3037B797-A390-4DCD-BCA6-272815FC4265}\ProxyStubClsid HKCR\Interface\{3037B797-A390-4DCD-BCA6-272815FC4265}\ProxyStubClsid32 HKCR\Interface\{3037B797-A390-4DCD-BCA6-272815FC4265}\TypeLib HKCR\Interface\{3037B797-A390-4DCD-BCA6-272815FC4265}\TypeLib#Version HKCR\Interface\{4470C18E-1EF2-453C-BEC1-1745D781BCAB} HKCR\Interface\{4470C18E-1EF2-453C-BEC1-1745D781BCAB}\ProxyStubClsid HKCR\Interface\{4470C18E-1EF2-453C-BEC1-1745D781BCAB}\ProxyStubClsid32 HKCR\Interface\{4470C18E-1EF2-453C-BEC1-1745D781BCAB}\TypeLib HKCR\Interface\{4470C18E-1EF2-453C-BEC1-1745D781BCAB}\TypeLib#Version HKCR\Interface\{52BF24CF-8378-42B4-8962-135CFB6C4F77} HKCR\Interface\{52BF24CF-8378-42B4-8962-135CFB6C4F77}\ProxyStubClsid HKCR\Interface\{52BF24CF-8378-42B4-8962-135CFB6C4F77}\ProxyStubClsid32 HKCR\Interface\{52BF24CF-8378-42B4-8962-135CFB6C4F77}\TypeLib HKCR\Interface\{52BF24CF-8378-42B4-8962-135CFB6C4F77}\TypeLib#Version HKCR\Interface\{680FA31F-43BC-47DA-9405-A0D1B1C1151B} HKCR\Interface\{680FA31F-43BC-47DA-9405-A0D1B1C1151B}\ProxyStubClsid HKCR\Interface\{680FA31F-43BC-47DA-9405-A0D1B1C1151B}\ProxyStubClsid32 HKCR\Interface\{680FA31F-43BC-47DA-9405-A0D1B1C1151B}\TypeLib HKCR\Interface\{680FA31F-43BC-47DA-9405-A0D1B1C1151B}\TypeLib#Version HKCR\Interface\{6EBB57F2-B416-4F76-9384-A8F669FF60E4} HKCR\Interface\{6EBB57F2-B416-4F76-9384-A8F669FF60E4}\ProxyStubClsid HKCR\Interface\{6EBB57F2-B416-4F76-9384-A8F669FF60E4}\ProxyStubClsid32 HKCR\Interface\{6EBB57F2-B416-4F76-9384-A8F669FF60E4}\TypeLib HKCR\Interface\{6EBB57F2-B416-4F76-9384-A8F669FF60E4}\TypeLib#Version HKCR\Interface\{8262777C-7176-4A9C-A8A6-D0C4AEB467B6} HKCR\Interface\{8262777C-7176-4A9C-A8A6-D0C4AEB467B6}\ProxyStubClsid HKCR\Interface\{8262777C-7176-4A9C-A8A6-D0C4AEB467B6}\ProxyStubClsid32 HKCR\Interface\{8262777C-7176-4A9C-A8A6-D0C4AEB467B6}\TypeLib HKCR\Interface\{8262777C-7176-4A9C-A8A6-D0C4AEB467B6}\TypeLib#Version HKCR\Interface\{8AFC508B-6B96-479C-A1AC-848EB3F4EFDE} HKCR\Interface\{8AFC508B-6B96-479C-A1AC-848EB3F4EFDE}\ProxyStubClsid HKCR\Interface\{8AFC508B-6B96-479C-A1AC-848EB3F4EFDE}\ProxyStubClsid32 HKCR\Interface\{8AFC508B-6B96-479C-A1AC-848EB3F4EFDE}\TypeLib HKCR\Interface\{8AFC508B-6B96-479C-A1AC-848EB3F4EFDE}\TypeLib#Version HKCR\Interface\{8B7E3C69-4A2E-4F48-B690-47BEEEF16FF5} HKCR\Interface\{8B7E3C69-4A2E-4F48-B690-47BEEEF16FF5}\ProxyStubClsid HKCR\Interface\{8B7E3C69-4A2E-4F48-B690-47BEEEF16FF5}\ProxyStubClsid32 HKCR\Interface\{8B7E3C69-4A2E-4F48-B690-47BEEEF16FF5}\TypeLib HKCR\Interface\{8B7E3C69-4A2E-4F48-B690-47BEEEF16FF5}\TypeLib#Version HKCR\Interface\{9309BDC4-952B-4146-8303-2FDA3F5B218F} HKCR\Interface\{9309BDC4-952B-4146-8303-2FDA3F5B218F}\ProxyStubClsid HKCR\Interface\{9309BDC4-952B-4146-8303-2FDA3F5B218F}\ProxyStubClsid32 HKCR\Interface\{9309BDC4-952B-4146-8303-2FDA3F5B218F}\TypeLib HKCR\Interface\{9309BDC4-952B-4146-8303-2FDA3F5B218F}\TypeLib#Version HKCR\Interface\{B3250C2D-C398-4EC9-8A79-85BCF65F6608} HKCR\Interface\{B3250C2D-C398-4EC9-8A79-85BCF65F6608}\ProxyStubClsid HKCR\Interface\{B3250C2D-C398-4EC9-8A79-85BCF65F6608}\ProxyStubClsid32 HKCR\Interface\{B3250C2D-C398-4EC9-8A79-85BCF65F6608}\TypeLib HKCR\Interface\{B3250C2D-C398-4EC9-8A79-85BCF65F6608}\TypeLib#Version HKCR\Interface\{D237BD03-5808-4B64-942D-6746FE50EE66} HKCR\Interface\{D237BD03-5808-4B64-942D-6746FE50EE66}\ProxyStubClsid HKCR\Interface\{D237BD03-5808-4B64-942D-6746FE50EE66}\ProxyStubClsid32 HKCR\Interface\{D237BD03-5808-4B64-942D-6746FE50EE66}\TypeLib HKCR\Interface\{D237BD03-5808-4B64-942D-6746FE50EE66}\TypeLib#Version HKCR\Interface\{D8CD0D4F-47B6-4499-AF5A-48446972E058} HKCR\Interface\{D8CD0D4F-47B6-4499-AF5A-48446972E058}\ProxyStubClsid HKCR\Interface\{D8CD0D4F-47B6-4499-AF5A-48446972E058}\ProxyStubClsid32 HKCR\Interface\{D8CD0D4F-47B6-4499-AF5A-48446972E058}\TypeLib HKCR\Interface\{D8CD0D4F-47B6-4499-AF5A-48446972E058}\TypeLib#Version HKCR\Interface\{DEB82BF1-47BB-4863-B85C-77363D3C37D5} HKCR\Interface\{DEB82BF1-47BB-4863-B85C-77363D3C37D5}\ProxyStubClsid HKCR\Interface\{DEB82BF1-47BB-4863-B85C-77363D3C37D5}\ProxyStubClsid32 HKCR\Interface\{DEB82BF1-47BB-4863-B85C-77363D3C37D5}\TypeLib HKCR\Interface\{DEB82BF1-47BB-4863-B85C-77363D3C37D5}\TypeLib#Version HKCR\Interface\{EAE9695A-B942-4C07-B94F-7CFBE3F35A37} HKCR\Interface\{EAE9695A-B942-4C07-B94F-7CFBE3F35A37}\ProxyStubClsid HKCR\Interface\{EAE9695A-B942-4C07-B94F-7CFBE3F35A37}\ProxyStubClsid32 HKCR\Interface\{EAE9695A-B942-4C07-B94F-7CFBE3F35A37}\TypeLib HKCR\Interface\{EAE9695A-B942-4C07-B94F-7CFBE3F35A37}\TypeLib#Version C:\Program Files\SpyLocked 3.9\ignored.lst C:\Program Files\SpyLocked 3.9\sd.ini C:\Program Files\SpyLocked 3.9\SpyLocked 3.9.exe C:\Program Files\SpyLocked 3.9 Trojan.Media-Codec/V2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object#URLInfoAbout HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object#DisplayVersion Trojan.Media-Codec/V3 C:\Program Files\Video ActiveX Access\iesmin.exe C:\Program Files\Video ActiveX Access\iesmn.exe C:\Program Files\Video ActiveX Access\imsmain.exe C:\Program Files\Video ActiveX Access\imsmn.exe C:\Program Files\Video ActiveX Access\ot.ico C:\Program Files\Video ActiveX Access\ts.ico C:\Program Files\Video ActiveX Access\uninst.exe C:\Program Files\Video ActiveX Access Trojan.Downloader-Gen/RetAd HKLM\Software\Microsoft\Windows\CurrentVersion\Run#runner1 [ C:\WINDOWS\tsitra2000373.exe 61A847B5BBF72810329B385575FA01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310F3D29332016D 76C5C01F37D84BBFD566D55F8541231A055A19381221232983F556CAC59B6 ] Browser Hijacker.Favorites C:\DOCUMENTS AND SETTINGS\TRYMV\FAVORITES\ONLINE SECURITY TEST.URL Trojan.Downloader-Gen/Installer C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP178\A0133550.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP182\A0139607.EXE C:\WINDOWS\B122.EXE C:\WINDOWS\B128.EXE C:\WINDOWS\B147.EXE Adware.Vundo-Variant C:\SYSTEM VOLUME INFORMATION\_RESTORE{F4F887E8-C53C-4245-8F1D-9D2E60F8E217}\RP196\A0146628.DLL Adware.Vundo/Traff-2 C:\WINDOWS\SYSTEM32\AROYXFHT.EXE C:\WINDOWS\SYSTEM32\JMLUMAQM.EXE Trojan.Downloader-Gen/DDC C:\WINDOWS\SYSTEM32\CHIMRAFA.EXE C:\WINDOWS\SYSTEM32\PTQENTXR.EXE C:\WINDOWS\SYSTEM32\SFRVAOLB.EXE C:\WINDOWS\SYSTEM32\TWQWFDJQ.EXE Trojan.Downloader-Gen/TStamp C:\WINDOWS\SYSTEM32\LUYDATGT.EXE Adware.Vundo Variant/Rel C:\WINDOWS\SYSTEM32\RQTSS.BAK1 Trojan.Downloader-Gen/HitItQuitIt C:\WINDOWS\SYSTEM32\TUVWVUU.DLL Adware.ClickSpring/PuritySCAN C:\WINDOWS\SYSTEM32\WNSAPISV.EXE Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:07:40, on 01.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\WINDOWS\System32\svchost.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\ehome\RMSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe c:\program files\mcafee.com\vso\mcvsshld.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\PROGRA~1\mcafee.com\mps\mscifapp.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\dlcccoms.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Dell Network Assistant\ezi_hnm2.exe C:\Program Files\Digital Line Detect\DLG.exe C:\WINDOWS\ehome\RMSysTry.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\TRYMV\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....;l=no&s=gen R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....;l=no&s=gen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NI.UERSH_0001_N91M2704] "c:\documents and settings\trymv\application data\errorsafefreeinstall_now[1].exe" -nag O4 - HKLM\..\Run: [1cf204d1] rundll32.exe "C:\WINDOWS\system32\kdbnphbq.dll",b O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [__c008E87C] rundll32.exe "C:\Documents and Settings\TRYMV\Application Data\__c008E87C.dat",B O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Dell Network Assistant.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Ressursovervåking for Extender-enhet.lnk = C:\WINDOWS\ehome\RMSysTry.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v8.cab O16 - DPF: {B69B0694-EB7C-4468-B572-B781062A1EF2} (KooPlayer Control) - http://static.mediazone.com/player/1.0.0.64/MZPlayer.CAB O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0074926.dat O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: floripondio - {6ad686b9-ab56-4ebc-a804-9f70b55b4577} - (no file) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O24 - Desktop Component 0: (no name) - http://www.counternet.sk/images/capts/26062005133649.jpg -- End of file - 13313 bytes Lenke til kommentar
Gjest medlem-105082 Skrevet 1. desember 2007 Del Skrevet 1. desember 2007 (endret) Se der, ja Nå laster du ned VundoFix og legger det på skrivebordet. Kjør VundoFix og klikk 'Scan for Vundo'. Når programmet er kjørt ferdig så klikker du 'Remove Vundo'. Når du har gjort det så henter du og laster ned ComboFix. Kjør combofix.exe, og følg veiledningen, men ikke trykk på vinduet mens programmet kjører. Når du har gjort alt dette, så kan du legge ut en ny HijackThis logg, sammen med VundoFix loggen (C:\vundofix.txt.), og ComboFix loggen (c:\combofix.txt). Endret 1. desember 2007 av medlem-105082 Lenke til kommentar
norbat Skrevet 15. desember 2007 Del Skrevet 15. desember 2007 Hvordan går det med rensingen, 3evel? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå