geggy Skrevet 27. februar 2008 Del Skrevet 27. februar 2008 (endret) Hei Jeg fikk varsel om at dette viruset var oppdaget på min maskin, det var satt i karantene, men kunne ikke fjernes. Jeg har ikke noe peiling på hva jeg skal gjøre, derfor spør jeg dere som kan dette om dere vil være så snille å hjelpe meg. Hva gjør jeg for å få bort dette viruset, samt få renset maskinen min ren? Håper det er noen som tar seg tid til å hjelpe meg. Mvh Geggy Endret 28. februar 2008 av geggy Lenke til kommentar
norbat Skrevet 27. februar 2008 Del Skrevet 27. februar 2008 Kunne du ha kjørt gjennom langeversjonen i følgnede tråd: https://www.diskusjon.no/index.php?showtopic=691246 og lagt loggene det spørres etter her? Lenke til kommentar
geggy Skrevet 27. februar 2008 Forfatter Del Skrevet 27. februar 2008 Kunne du ha kjørt gjennom langeversjonen i følgnede tråd: https://www.diskusjon.no/index.php?showtopic=691246 og lagt loggene det spørres etter her? Her kommer loggene du ba meg legge ut Først SAS loggen, så combo og tilslutt Hijack SAS logg: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 02/27/2008 at 01:08 PM Application Version : 3.9.1008 Core Rules Database Version : 3410 Trace Rules Database Version: 1402 Scan type : Complete Scan Total Scan Time : 00:47:45 Memory items scanned : 473 Memory threats detected : 0 Registry items scanned : 5739 Registry threats detected : 0 File items scanned : 39706 File threats detected : 1 Adware.SearchTool C:\WINDOWS\SYSTEM32\SEARCHTOOL\NSJ8.DLL Her er Combo logg: ComboFix 08-02-25.3 - 2008-02-27 13:17:45.1 - NTFSx86 Microsoft Windows XP Professional Running from: C:\Documents and Settings\\Local Settings\Temporary Internet Files\Content.IE5\5LR6DAVH\ComboFix[1].exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . The following files were disabled during the run: C:\Program Files\TrojanHunter 4.2\THSec.dll ((((((((((((((((((((((((( Files Created from 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))) . 2008-02-27 12:12 . 2008-02-27 12:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-02-27 12:11 . 2008-02-27 12:20 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2008-02-27 12:11 . 2008-02-27 12:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-02-27 12:11 . 2008-02-27 12:11 <DIR> d-------- C:\Documents and Settings\\Application Data\SUPERAntiSpyware.com 2008-02-27 10:04 . 2008-02-27 10:04 <DIR> d--hs---- C:\Documents and Settings\LocalService\UserData 2008-02-15 16:10 . 2008-02-11 15:52 19,696 --a------ C:\WINDOWS\system32\drivers\adwarealert.sys 2008-02-15 16:08 . 2008-02-15 16:10 <DIR> d-------- C:\Documents and Settings\Application Data\AdwareAlert 2008-02-15 13:11 . 2007-09-17 15:24 212,024 --a------ C:\WINDOWS\system32\nscrnsav.scr . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-27 12:16 --------- d-----w C:\Program Files\TrojanHunter 4.2 2008-02-15 15:08 --------- d-----w C:\Program Files\AdwareAlert 2008-02-15 12:06 --------- d-----w C:\Documents and Settings\\Application Data\DivX 2008-02-09 09:57 --------- d-----w C:\Program Files\Common Files\Adobe 2008-01-08 12:42 --------- d-----w C:\Program Files\Windows Defender 2008-01-02 11:32 --------- d-----w C:\Program Files\LimeWire 2007-12-07 02:21 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2006-06-12 12:27 299 -c--a-w C:\Documents and Settings\\Application Data\internaldb1942.dat 2005-04-06 17:40 784 -c--a-w C:\Documents and Settings\\Application Data\mpauth.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-12 23:02 68856] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2003-05-12 13:28 32768] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-07-25 07:49 110592] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-07-25 07:47 618496] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-02 20:10 335872] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "THGuard"="C:\Program Files\TrojanHunter 4.2\THGuard.exe" [2005-02-19 15:36 1089024] "Norman ZANDA"="C:\Norman\Npm\bin\ZLH.exe" [2007-12-17 14:37 273520] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-11-08 10:28 802816] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-11-08 10:22 696320] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 14:57 282624] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 07:38 241664] "DXDllRegExe"="dxdllreg.exe" [] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09 63712] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 08:56 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Hurtigstart for Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hurtigstart for Adobe Reader.lnk backup=C:\WINDOWS\pss\Hurtigstart for Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] -ra--c--- 2003-06-27 01:53 88363 C:\WINDOWS\AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVManager] --a------ 2003-10-15 18:48 77824 C:\Program Files\Wistron\AVManager\AVManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtrlVol] --a------ 2003-08-22 14:08 20480 C:\Program Files\Launch Manager\CtrlVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyApp] --a------ 2003-09-04 14:46 40960 C:\Program Files\Launch Manager\HotkeyApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a------ 2003-12-22 07:38 241664 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2003-08-04 16:28 49152 C:\Program Files\HP\HP Software Update\HPWuSchd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD] --a------ 2003-06-25 09:53 204800 C:\Program Files\Launch Manager\OSD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] --a------ 2003-06-30 19:56 188416 C:\Program Files\Logitech\Video\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] --a------ 2003-06-30 20:00 65536 C:\Program Files\Logitech\Video\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] --------- 2003-04-28 08:08 184320 C:\Program Files\ltmoh\Ltmoh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] --a--c--- 2001-07-09 11:50 155648 C:\WINDOWS\system32\\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2006-09-01 14:57 282624 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistrySmart] --a------ 2006-12-17 09:23 6361088 C:\Program Files\RegistrySmart\RegistrySmart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] -ra------ 2006-06-06 09:07 40960 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a--c--- 2005-04-25 18:39 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton] --a------ 2003-09-08 14:48 65536 C:\Program Files\Launch Manager\Wbutton.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] --a------ 2005-02-24 10:57 2506752 C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "C:\\StubInstaller.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= R0 adwarealert;adwarealert;C:\WINDOWS\system32\DRIVERS\adwarealert.sys [2008-02-11 15:52] R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 10:27] R2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS [2007-01-02 09:55] R2 NVOY;Norman's Very Own supplY of resources;"C:\Norman\npm\bin\nvoy.exe" [2008-01-22 15:04] R3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2007-09-06 09:45] R3 nvcoas;Norman Virus Control on-access component;"C:\Norman\Nvc\bin\nvcoas.exe" [2007-12-10 14:36] R3 NVCScheduler;Norman Virus Control Scheduler;"C:\Norman\Npm\bin\NVCSCHED.EXE" [2007-09-18 11:41] S3 nvcfsr;nvcfsr;C:\Norman\Nvc\bin\nvcfsr.sys [2007-01-09 14:25] S3 nvcoafl51;nvcoafl51;C:\Norman\Nvc\bin\nvcoafl51.sys [2007-01-09 14:25] S3 nvcoaft51;nvcoaft51;C:\Norman\Nvc\bin\nvcoaft51.sys [2007-01-09 14:25] S3 nvcoarc51;nvcoarc51;C:\Norman\Nvc\bin\nvcoarc51.sys [2007-01-09 14:25] S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-12-10 11:53] S3 WinDriver;JungSoft MUZIO JM-100 WinDriver kernel module;C:\WINDOWS\system32\drivers\windrvr.sys [2003-01-09 20:13] . Contents of the 'Scheduled Tasks' folder "2008-02-15 15:10:31 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job" - C:\Program Files\AdwareAlert\AdwareAlert.exe - C:\Program Files\AdwareAlert "2008-02-20 17:07:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-02-27 12:15:36 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Program Files\Windows Defender\MpCmdRun.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-27 13:21:33 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-27 13:22:45 . 2008-02-27 08:05:07 --- E O F --- Her er Hijack loggen: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:45:50, on 27.02.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Norman\Npm\Bin\Zanda.exe C:\Norman\npm\bin\nvoy.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\Norman\Npm\bin\NVCSCHED.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Norman\Npm\bin\ZLH.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Norman\Nvc\bin\cclaw.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\test\HijackThis.exe C:\WINDOWS\System32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe" O4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by120fd.bay120.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1112786546207 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Npm\bin\NVCSCHED.EXE O23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - C:\Norman\npm\bin\nvoy.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 9093 bytes Lenke til kommentar
norbat Skrevet 27. februar 2008 Del Skrevet 27. februar 2008 Og hvordan går det med problemet? Lenke til kommentar
geggy Skrevet 28. februar 2008 Forfatter Del Skrevet 28. februar 2008 Og hvordan går det med problemet? Jeg har faktisk ikke lagt noe merke til det, men er det borte fra PC-en nå. Ser du noe utifra loggene? Blir veldig satt ut når jeg får beskjed om virus, og lurer på hva den kan ødelegge, eventuelt ta av personlig informasjon. Er det trygt å bruke nettbank osv. Lenke til kommentar
norbat Skrevet 28. februar 2008 Del Skrevet 28. februar 2008 Loggene ser greie ut. Nettbank og internett forøvrig skal det bare være å bruke som vanlig Lenke til kommentar
geggy Skrevet 28. februar 2008 Forfatter Del Skrevet 28. februar 2008 Loggene ser greie ut. Nettbank og internett forøvrig skal det bare være å bruke som vanlig Tusen takk for at du hjalp meg det satte jeg utrolig stor pris på. Ha en fin dag Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå