KenBjork Skrevet 9. april 2009 Skrevet 9. april 2009 (endret) Emnetittel sier det meste. Lately it appears I have been (without knowing) sending people this message (or something quite like it):"Did you see the Acai Berry pills on Oprah the other day. I found a good source for 5 dollars. They really do work because I lost 6 pounds in a week. Try it too XXXX://givenew.com" Og en til: Wow I finally found a way to lose weight and is inexpensive. Try 5 dollars and I lost 9 pounds in 15 days. Check it out also, I hope it can help you too XXXX://tilltakes.com Fikk høre om dette nå i morgentimene fra venner at de har fått disse 2 variantene. Det er 2 pcèr jeg bruker, den som er på jobb, og min personlig her hjemme. Sitter nå og kjører på min personlig pc her hjemme: CCleaner, Spybot - Search & Destroy, SUPERAntiSpyware, Malwarebytes, Avast Antivirus. Så langt ikke funnet grums. Står enda igjen å kjøre: Malwarebytes og Avast. Noen som har tips til annet? Endret 11. april 2009 av KenBjork
Cpt Skrevet 9. april 2009 Skrevet 9. april 2009 Utrolig rart at du ikke har funnet noe etter å ha kjørt alt det der.
Fred7555 Skrevet 9. april 2009 Skrevet 9. april 2009 (endret) Følg Veiledningen Endret 9. april 2009 av Fred7555
Bruker-158599 Skrevet 10. april 2009 Skrevet 10. april 2009 Du burde også skifte passord, noen ganger så er det bare passordet,men følg veiledning linka til poster over
KenBjork Skrevet 11. april 2009 Forfatter Skrevet 11. april 2009 Ja har skifta pw på msn og det ble stille. Ingen har rapportert om nye utsendelser. Har ikke hatt tid å fulgt guiden enda. Men kommer til å gjøre det når tiden strekker til.
KenBjork Skrevet 11. april 2009 Forfatter Skrevet 11. april 2009 (endret) Tok meg bare tid til å gjøre dette nå jeg. SAS SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 04/11/2009 at 08:29 AM Application Version : 4.26.1000 Core Rules Database Version : 3839 Trace Rules Database Version: 1795 Scan type : Complete Scan Total Scan Time : 00:30:28 Memory items scanned : 626 Memory threats detected : 0 Registry items scanned : 5576 Registry threats detected : 0 File items scanned : 26300 File threats detected : 4 Adware.Tracking Cookie C:\Documents and Settings\Kenneth\Cookies\[email protected][2].txt C:\Documents and Settings\Kenneth\Cookies\[email protected][2].txt C:\Documents and Settings\Kenneth\Cookies\[email protected][1].txt C:\Documents and Settings\Kenneth\Cookies\[email protected][1].txt MBAM Malwarebytes' Anti-Malware 1.36 Databaseversjon: 1964 Windows 5.1.2600 Service Pack 3 11.04.2009 08:46:14 mbam-log-2009-04-11 (08-46-14).txt Skanntype: Rask Skann Objekter skannet: 50834 Tid tilbakelagt: 1 minute(s), 54 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) Combo ComboFix 09-04-04.01 - Kenneth 2009-04-11 8:56:14.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.2047.1286 [GMT 2:00] Kjører fra: c:\documents and settings\Kenneth\Skrivebord\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090410-0] *On-access scanning disabled* (Updated) * Opprettet nytt gjenopprettingspunkt . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-03-11 til 2009-04-11 ))))))))))))))))))))))))))))))))) . 2009-04-09 08:12 . 2009-04-11 08:50 <DIR> dr-h----- c:\documents and settings\Kenneth\Siste 2009-03-29 13:44 . 2009-04-03 16:24 <DIR> d-------- c:\programfiler\Google . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-09 16:34 --------- d-----w c:\programfiler\Spybot - Search & Destroy 2009-04-09 06:16 --------- d-----w c:\programfiler\Malwarebytes' Anti-Malware 2009-04-09 06:16 --------- d-----w c:\documents and settings\All Users\Programdata\Spybot - Search & Destroy 2009-04-06 13:32 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-06 13:32 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-01 14:21 --------- d-----w c:\programfiler\Java 2009-03-31 19:46 --------- d-----w c:\documents and settings\Kenneth\Programdata\uTorrent 2009-03-27 15:58 --------- d-----w c:\programfiler\SUPERAntiSpyware 2009-03-26 17:29 --------- d-----w c:\documents and settings\Kenneth\Programdata\OpenOffice.org2 2009-03-09 03:19 410,984 ----a-w c:\windows\system32\deploytk.dll 2009-03-08 09:03 --------- d-----w c:\programfiler\OCCT 2009-02-27 17:16 --------- d-----w c:\programfiler\Analog Devices 2009-02-19 16:45 --------- d-----w c:\programfiler\Windows Live 2009-02-19 16:44 --------- d-----w c:\programfiler\Microsoft Sync Framework 2009-02-19 16:44 --------- d-----w c:\programfiler\Microsoft SQL Server Compact Edition 2009-02-17 20:39 --------- d-----w c:\programfiler\Winamp 2009-02-13 16:56 --------- d-----w c:\documents and settings\Kenneth\Programdata\Malwarebytes 2009-02-13 16:56 --------- d-----w c:\documents and settings\All Users\Programdata\Malwarebytes 2009-02-09 14:08 1,846,784 ----a-w c:\windows\system32\win32k.sys 2009-02-06 18:59 308,104 ----a-w c:\windows\WLXPGSS.SCR 2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll 2006-06-23 06:48 32,768 -c--a-r c:\windows\inf\UpdateUSB.exe 2008-05-07 19:22 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\MSHist012008050720080508\index.dat . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Steam"="d:\spill\cs\steam.exe" [2008-10-08 1410296] "Creative Live! Cam Manager"="c:\programfiler\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2007-05-02 151552] "DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-02-14 486856] "SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-03-27 1830128] "msnmsgr"="c:\programfiler\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885400] "SpybotSD TeaTimer"="c:\programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "Ai Nap"="c:\programfiler\ASUS\AI Suite\AiNap\AiNap.exe" [2007-09-06 1426432] "CPU Power Monitor"="c:\programfiler\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-04 626176] "Cpu Level Up help"="c:\programfiler\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-09-11 880640] "Easy-PrintToolBox"="c:\programfiler\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "NeroFilterCheck"="c:\programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-06-04 32768] "QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2008-05-27 413696] "RivaTunerStartupDaemon"="c:\programfiler\RivaTuner v2.09\RivaTuner.exe" [2008-04-28 2707456] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016] "SoundMAXPnP"="c:\programfiler\Analog Devices\Core\smax4pnp.exe" [2007-10-09 1036288] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "muBlinder"="c:\documents and settings\Kenneth\Mine dokumenter\mu blinder\muBlinder.exe" [2008-03-27 1406464] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe] "nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-07-28 805392] SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2007-08-30 319488] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-01-02 09:05 356352 c:\programfiler\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-05-02 02:42 72208 c:\programfiler\Fellesfiler\Logishrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XFR1"= xfcodec.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Kenneth\\Mine dokumenter\\utorrent\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"= "d:\\spill\\cs\\steamapps\\common\\call of duty 4\\iw3sp.exe"= "d:\\spill\\cs\\steamapps\\common\\call of duty 4\\iw3mp.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"= "d:\\spill\\cs\\steamapps\\common\\left 4 dead\\left4dead.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-02 114768] R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\SASDIFSV.SYS [2006-10-10 9968] R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [2007-02-27 55024] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-02 20560] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-19 55152] R2 SeaPort;SeaPort;c:\programfiler\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096] R3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\drivers\V0470Vid.sys [2008-02-14 146720] S2 gupdate1c9b063ab021aa4;Google Update Service (gupdate1c9b063ab021aa4);c:\programfiler\Google\Update\GoogleUpdate.exe [2009-03-29 133104] S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\programfiler\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2007-12-20 22640] S3 fsssvc;Windows Live Tryggere for familien;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-04-07 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34] 2009-04-10 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2009-03-29 13:44] . . ------- Tilleggsskanning ------- . uInternet Settings,ProxyOverride = *.local IE: Easy-WebPrint Add To Print List - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html TCP: {F5F29CFD-4A08-4AE0-B216-F48620C01AA8} = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Kenneth\Programdata\Mozilla\Firefox\Profiles\rr2jkow6.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://sol.no FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - component: c:\documents and settings\Kenneth\Programdata\Mozilla\Firefox\Profiles\rr2jkow6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll FF - plugin: c:\programfiler\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-11 08:56:59 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\programfiler\Lavalys\EVEREST Ultimate Edition\kerneld.wnt" . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(768) c:\programfiler\SUPERAntiSpyware\SASWINLO.DLL c:\programfiler\fellesfiler\logishrd\bluetooth\LBTWlgn.dll c:\programfiler\fellesfiler\logishrd\bluetooth\LBTServ.dll . Tidspunkt ferdig: 2009-04-11 8:59:08 ComboFix-quarantined-files.txt 2009-04-11 06:58:58 ComboFix2.txt 2008-08-30 12:27:36 Pre-Run: 4 165 259 264 byte ledig Post-Run: 4,164,820,992 byte ledig WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn 169 --- E O F --- 2009-03-21 21:11:48 HJT Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:10:15, on 11.04.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programfiler\Bonjour\mDNSResponder.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\Programfiler\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Programfiler\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programfiler\ASUS\AI Suite\AiNap\AiNap.exe C:\Programfiler\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe C:\WINDOWS\V0470Mon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programfiler\Analog Devices\Core\smax4pnp.exe C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe C:\Programfiler\Java\jre6\bin\jusched.exe C:\Programfiler\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe C:\Programfiler\DAEMON Tools Lite\daemon.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Logitech\SetPoint II\SetpointII.exe C:\Programfiler\Fellesfiler\Logishrd\KHAL2\KHALMNPR.EXE C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Kenneth\Mine dokumenter\Logger\Ny mappe\kapre dette.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programfiler\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programfiler\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programfiler\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Programfiler\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Programfiler\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Programfiler\ASUS\AI Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programfiler\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [V0470Mon.exe] C:\WINDOWS\V0470Mon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Programfiler\RivaTuner v2.09\RivaTuner.exe" /S O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [muBlinder] C:\Documents and Settings\Kenneth\Mine dokumenter\mu blinder\muBlinder.exe -startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "d:\spill\cs\steam.exe" -silent O4 - HKCU\..\Run: [Creative Live! Cam Manager] C:\Programfiler\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Blogg dette - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogg dette i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15102/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F5F29CFD-4A08-4AE0-B216-F48620C01AA8}: NameServer = 192.168.1.1 O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c9b063ab021aa4) (gupdate1c9b063ab021aa4) - Google Inc. - C:\Programfiler\Google\Update\GoogleUpdate.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programfiler\Fellesfiler\Logishrd\Bluetooth\LBTServ.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 9971 bytes Endret 11. april 2009 av KenBjork
norbat Skrevet 11. april 2009 Skrevet 11. april 2009 Loggene ser greie ut. Avintaller combofix ved å skrive combofix /u i kjør-feltet (start->kjør) Sørg forøvrig at Java, Flash player og Adobe reader er oppdatert i tillegg til Windows. Surt trygt.
KenBjork Skrevet 11. april 2009 Forfatter Skrevet 11. april 2009 Morn, så fint da, takk for titt. combo avinst.
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå