|
|
#1
10. oktober 2008, 19:08
| |||
| |||
 Iexplore.exe virus igen! Hej Jeg tror, jeg har også iexplore-virus og har prøvet mange forskellige programmer til at slippe af med det, men intet arbejde! Jeg har set, at dit websted er at hjælpe en masse ppl så måske også mig? Her er mit kapre denne log: Logfile af Trend Micro HijackThis v2.0.2 Scan gemt på 1:01:32 PM, den 11/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Kørende processer: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ Winlogon.exe C: \ WINDOWS \ system32 \ Services.exe C: \ WINDOWS \ system32 \ Lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe C: \ WINDOWS \ Explorer.EXE C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ acs.exe C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ Programmer \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ Windows \ System \ hpsysdrv.exe C: \ Programmer \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe C: \ WINDOWS \ ALCXMNTR.EXE C: \ Programmer \ TP-LINK \ TWCU \ TWCU.exe C: \ HP \ KBD \ KBD.EXE C: \ Programmer \ iTunes \ iTunesHelper.exe C: \ Programmer \ Hp \ HP Software Update \ HPWuSchd2.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Programmer \ Zone Labs \ ZoneAlarm \ zlclient.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Programmer \ Nikon \ PictureProject \ NkbMonitor.exe C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE C: \ Programmer \ iPod \ bin \ iPodService.exe C: \ Programmer \ Internet Explorer \ iexplore.exe C: \ Programmer \ Common Files \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE C: \ WINDOWS \ system32 \ taskmgr.exe C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows + XP & osv. = 5,1 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. lokale O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Programmer \ AVG \ AVG8 \ avgssie.dll (file mangler) O2 - BHO: Malicious Scripts Scanner - (55EA1964-F5E4-4D6A-B9B2-125B37655FCB) - C: \ Documents and Settings \ All Users \ Application Data \ Prevx \ pxbho.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programmer \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programmer \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programmer \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / forkæle / RemAdvDef / Migration32 O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ system \ hpsysdrv.exe O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Programmer \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM \ .. \ Run: [TWCU] "C: \ Programmer \ TP-LINK \ TWCU \ TWCU.exe"-nogui O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE O4 - HKLM \ .. \ Run: [Epson Stylus CX3700 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIA CP.EXE / F "C: \ Windows \ Temp \ E_SC4.tmp" / EF "HKLM" O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programmer \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programmer \ Hp \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / START O4 - HKLM \ .. \ Run: [Flag ejer Live dystre] C: \ Documents and Settings \ All Users \ Application Data \ Software regel flag ejer \ Første obj.exe O4 - HKLM \ .. \ Run: [PrevxOne] "C: \ Programmer \ Prevx2 \ PXConsole.exe" O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Programmer \ Zone Labs \ ZoneAlarm \ zlclient.exe" O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Programmer \ Nikon \ PictureProject \ NkbMonitor.exe O8 - Extra sammenhæng menupunktet: & Clean Traces - C: \ Programmer \ DAP \ Privacy Package \ dapcleanerie.htm O8 - Extra sammenhæng menupunktet: & Download med & DAP - C: \ Programmer \ DAP \ dapextie.htm O8 - Extra sammenhæng menupunktet: & Google Search - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmsearch.html O8 - Extra sammenhæng menupunkt: Historiske Links - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmbacklinks.html O8 - Extra sammenhæng menupunkt: Øjebliksbillede af side i cache - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmcache.html O8 - Extra sammenhæng menupunkt: Download & alle med DAP - C: \ Programmer \ DAP \ dapextie2.htm O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ EXCEL.EXE/3000 O8 - Extra sammenhæng menupunkt: Lignende sider - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmsimilar.html O8 - Extra sammenhæng menupunkt: Oversæt til engelsk - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmtrans.html O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ REFIEBAR.DLL O9 - Extra knappen: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Programmer \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL O9 - Extra knappen: Forbindelsesindstillinger Hjælp - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ Sælgere \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra 'Tools' MENUITEM: Connection Hjælp - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ Sælgere \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab O16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (POLI Betal Online) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab O23 - Service: TP-LINK Configuration Service (ACS) - Unknown ejer - C: \ WINDOWS \ system32 \ acs.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati Genvejstast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C: \ Programmer \ Bonjour \ mDNSResponder.exe O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe O23 - Service: PREVXAgent - Prevx - C: \ Programmer \ Prevx2 \ PXAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe -- End of file - 10831 bytes |
|
#2
10. oktober 2008, 23:12
| |||
| |||
| Iexplore.exe virus igen! Downloade Skære af S & D ved Eric_71 og gemme den på dit skrivebord. Skære af S & D vil kun køre på Windows XP og Windows Vista Deaktiver dit antivirus-og antimalware-programmer, så de ikke forstyrrer driften af skære af S & D. At se, hvordan du kan deaktivere sikkerhedsprogrammer besøge denne tutorial: Hvordan til midlertidigt at deaktivere din Anti-virus, firewall-og anti-malware Programmer
__________________  |
|
#3
11 oktober 2008, 00:15
| |||
| |||
| Iexplore.exe virus igen! Her er resultaterne fra skære af S & D søgning: -------------------- \ \ Skære S & D 4.2.4-5 XP / Vista Microsoft Windows XP Home Edition (v5.1.2600) Service Pack 3 X86-baseret PC (Uniprocessor Gratis: AMD Sempron (tm) Processor 3200 +) BIOS: Phoenix - Award BIOS v6.00PG Bruger: Compaq_Owner (Administrator) BOOT: Normal boot Antivirus: AVG 7.5.524 7.5.524 (Ikke aktiveret) Firewall: ZoneAlarm Firewall 7.0.483.000 (Ikke aktiveret) C: \ (Local Disk) - NTFS - Total: 68 Gå Free: 10 Go D: \ (Local Disk) - FAT32 - I alt: 5 Gå Gratis: 1 Gå E: \ (CD eller DVD) F: \ (CD eller DVD) G: \ (USB) H: \ (USB) I: \ (USB) J: \ (USB) "C: \ skære SD" (MAJ: 02-10-2008 | 23:42) Option: [1] (lørdag 11/10/2008 | 18:11) -------------------- \ \ Liste mapper i PROGRAMMER ~ 1 [11/10/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Adobe [03/10/2007 | 01:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple [12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple Computer [28/08/2007 | 04:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Autodesk [03/09/2008 | 10:46] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Avg7 [10/06/2008 | 12:37] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Avg8 [02/07/2006 | 01:52] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> DVD Formindsk [15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> EnterNHelp [27/03/2007 | 10:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Google [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Grisoft [23/10/2007 | 12:15] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Anlæg [12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> InstallShield [11/10/2008 | 12:29] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> MailFrontier [18/08/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft [10/09/2008 | 07:07] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft Hjælp [10/09/2007 | 04:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nero [11/10/2008 | 03:51] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> NOS [21/05/2008 | 12:55] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> PC Drivers Headquarters [12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> QuickTime [24/11/2007 | 02:56] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Real [12/09/2005 | 09:04] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SBSI [02.02.2008 | 05:17] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Seagate [09/10/2008 | 11:53] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Software regel flag ejer [01/11/2006 | 01:13] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Sophos [14/09/2008 | 02:08] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Spybot - Search & Destroy [19/05/2008 | 07:41] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Symantec [11/10/2008 | 06:00] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> TEMP [15/02/2006 | 01:11] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> UDL [15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Ultima_T15 [08/04/2006 | 02:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Windows Genuine Advantage [22/06/2008 | 11:01] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> WLInstaller [17/03/2008 | 09:32] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Adobe [11/10/2008 | 03:55] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AdobeUM [13/09/2007 | 05:26] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Ahead [13/06/2008 | 07:29] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple Computer [02/10/2007 | 12:55] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> ArcSoft [18/06/2006 | 11:34] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Atari [21/05/2007 | 07:47] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Autodesk [11/10/2008 | 11:11] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AVG7 [19/05/2008 | 02:40] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AVGTOOLBAR [08/10/2008 | 01:29] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> BitTorrent [21/05/2007 | 12:09] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Command & Conquer 3 Tiberium Wars [01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Datalayer [28/05/2007 | 02:25] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> dvdcss [13/08/2007 | 03:00] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Epson [03/05/2007 | 02:12] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Google [07/09/2006 | 02:08] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Hjælp [26/06/2008 | 12:16] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> HPQ [16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Identities [19/02/2006 | 05:44] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> InterVideo [23/04/2008 | 11:49] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> iWin [03/05/2008 | 03:20] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Joost [28/01/2006 | 03:15] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Leadertech [13/09/2008 | 08:45] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> LimeWire [14/02/2006 | 05:22] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Macromedia [24/11/2007 | 03:04] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Media Player Classic [19/05/2008 | 06:44] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft [09/04/2008 | 06:13] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Mozilla [15/07/2006 | 12:31] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nikon [01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nokia [01/09/2006 | 08:54] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nokia Multimedia Player [01/09/2006 | 08:41] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> PC Suite [19/05/2008 | 07:32] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Real [12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SampleView [21/05/2007 | 12:07] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SecuROM [09/10/2008 | 11:54] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Sæbe ligger kærlighed [28/01/2006 | 03:16] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Sonic [23/04/2008 | 11:45] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SpinTop [14/09/2008 | 06:04] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> sporedannelse [15/04/2008 | 05:04] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Spybot - Search & Destroy [14/02/2006 | 05:49] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> søndag [12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Symantec [16/04/2008 | 06:42] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> U3 [26/05/2008 | 11:14] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> uTorrent [27/05/2006 | 09:46] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> VLC [20/05/2008 | 10:26] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> WinBatch [12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple Computer [16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Identities [12/09/2005 | 09:51] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft [12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Real [12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SampleView [12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Symantec [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ LOCALS ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AVG7 [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ LOCALS ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ NETWOR ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft -------------------- \ \ Planlagte opgaver placeret i C: \ WINDOWS \ Tasks [11/10/2008 06:00 PM] [- ah -----] C: \ WINDOWS \ opgaver \ A396018B9185B27B.job [11/10/2008 06:11 PM] [- en ------] C: \ WINDOWS \ opgaver \ Symantec NetDetect.job [11/10/2008 05:00 PM] [- en ------] C: \ WINDOWS \ opgaver \ RegCure Program Check.job [28/08/2008 04:00 AM] [- en ------] C: \ WINDOWS \ opgaver \ RegCure.job [11/10/2008 04:07 PM] [- ah -----] C: \ WINDOWS \ opgaver \ SA.DAT [05/08/2004 05:00 AM] [-RAH -----] C: \ WINDOWS \ opgaver \ Desktop.ini (A396018B9185B27B.job) = (C: \ DOCUME ~ 1 \ Compaq ~ 1 \ applic ~ 1 \ soapli ~ 1 \ Axisgreatex tra.exe) -------------------- \ \ Liste mapper i C: \ Program Files [27/07/2008 | 05:02] C: \ Programmer \ <DIR> Activision [11/10/2008 | 04:05] C: \ Programmer \ <DIR> Adobe [15/06/2008 | 12:20] C: \ Programmer \ <DIR> Ahead [20/05/2007 | 11:20] C: \ Programmer \ <DIR> Alkohol Soft [03/06/2008 | 09:01] C: \ Programmer \ <DIR> Apple Software Update [15/07/2006 | 12:27] C: \ Programmer \ <DIR> ArcSoft [12/09/2005 | 09:13] C: \ Programmer \ <DIR> ATI Technologies [21/05/2007 | 07:36] C: \ Programmer \ <DIR> Autodesk [27/05/2008 | 04:42] C: \ Programmer \ <DIR> AVG [20/06/2008 | 04:54] C: \ Programmer \ <DIR> BitTorrent [11/10/2008 | 04:05] C: \ Programmer \ <DIR> Fælles filer [24/11/2004 | 01:06] C: \ Programmer \ <DIR> ComPlus Applications [21/05/2008 | 12:51] C: \ Programmer \ <DIR> DAP [08/11/2006 | 02:07] C: \ Programmer \ <DIR> DivX [30/09/2008 | 09:12] C: \ Programmer \ <DIR> DominateGame [21/05/2007 | 10:35] C: \ Programmer \ <DIR> Drug Lord 2 [18/08/2008 | 03:56] C: \ Programmer \ <DIR> D-Tools [08/11/2006 | 12:56] C: \ Programmer \ <DIR> DVD Formindsk [19/05/2008 | 07:12] C: \ Programmer \ <DIR> Easy Internet signup [14/09/2008 | 06:02] C: \ Programmer \ <DIR> Electronic Arts [15/02/2006 | 01:11] C: \ Programmer \ <DIR> Epson [26/05/2008 | 11:15] C: \ Programmer \ <DIR> eToro [30/09/2008 | 09:12] C: \ Programmer \ <DIR> VE Nova [13/11/2006 | 09:39] C: \ Programmer \ <DIR> FLVPlayer [26/06/2008 | 12:13] C: \ Programmer \ <DIR> GameSpy Arcade [12/09/2005 | 09:37] C: \ Programmer \ <DIR> Google [27/11/2006 | 10:19] C: \ Programmer \ <DIR> Graph [08/11/2007 | 06:44] C: \ Programmer \ <DIR> Griffin Technology [18/08/2008 | 07:44] C: \ Programmer \ <DIR> Grisoft [27/03/2006 | 09:17] C: \ Programmer \ <DIR> GustoSoft [29/09/2008 | 04:41] C: \ Programmer \ <DIR> Hp [05/12/2007 | 01:09] C: \ Programmer \ <DIR> Infogrames Interactive [14/09/2008 | 06:03] C: \ Programmer \ <DIR> InstallShield Installation Information [17/08/2008 | 09:45] C: \ Programmer \ <DIR> Internet Explorer [12/09/2005 | 09:23] C: \ Programmer \ <DIR> InterVideo [03/06/2008 | 09:04] C: \ Programmer \ <DIR> iPod [14/02/2006 | 05:20] C: \ Programmer \ <DIR> iPrimus [03/06/2008 | 09:05] C: \ Programmer \ <DIR> iTunes [30/09/2008 | 08:51] C: \ Programmer \ <DIR> Java [14/09/2008 | 05:43] C: \ Programmer \ <DIR> John Deere American Farmer Deluxe [09/04/2008 | 06:13] C: \ Programmer \ <DIR> Joost [24/11/2007 | 02:56] C: \ Programmer \ <DIR> K-Lite Codec Pack [20/03/2008 | 05:13] C: \ Programmer \ <DIR> LimeWire [31/08/2008 | 05:28] C: \ Programmer \ <DIR> Maxis [18/08/2008 | 02:14] C: \ Programmer \ <DIR> Messenger [15/05/2007 | 11:48] C: \ Programmer \ <DIR> Microsoft CAPICOM 2.1.0.2 [12/09/2005 | 09:19] C: \ Programmer \ <DIR> Microsoft Encarta [16/12/2004 | 04:23] C: \ Programmer \ <DIR> Microsoft FrontPage [26/06/2008 | 12:17] C: \ Programmer \ <DIR> Microsoft Games [12/09/2005 | 09:25] C: \ Programmer \ <DIR> Microsoft Money 2005 [29/06/2008 | 10:10] C: \ Programmer \ <DIR> Microsoft Office [15/02/2006 | 12:29] C: \ Programmer \ <DIR> Microsoft Visual Studio [03/06/2008 | 03:51] C: \ Programmer \ <DIR> Microsoft Works [14/02/2008 | 10:22] C: \ Programmer \ <DIR> Microsoft.NET [14/03/2008 | 09:22] C: \ Programmer \ <DIR> MindArk [18/08/2008 | 02:11] C: \ Programmer \ <DIR> Movie Maker [11/10/2008 | 11:09] C: \ Programmer \ <DIR> Mozilla Firefox [16/12/2004 | 04:23] C: \ Programmer \ <DIR> MSN [16/12/2004 | 04:23] C: \ Programmer \ <DIR> MSN Gaming Zone [18/10/2006 | 01:19] C: \ Programmer \ <DIR> MSXML 4.0 [02.02.2008 | 05:16] C: \ Programmer \ <DIR> MSXML 6.0 [10/09/2007 | 04:25] C: \ Programmer \ <DIR> Nero [18/08/2008 | 02:10] C: \ Programmer \ <DIR> NetMeeting [15/07/2006 | 12:30] C: \ Programmer \ <DIR> Nikon [11/10/2008 | 03:51] C: \ Programmer \ <DIR> NOS [15/02/2006 | 12:42] C: \ Programmer \ <DIR> OfficeUpdate11 [14/09/2008 | 02:59] C: \ Programmer \ <DIR> Online Services [18/08/2008 | 02:10] C: \ Programmer \ <DIR> Outlook Express [26/06/2007 | 09:29] C: \ Programmer \ <DIR> PartyGaming [12/09/2005 | 09:34] C: \ Programmer \ <DIR> PC-Doctor til DOS [17/06/2007 | 08:43] C: \ Programmer \ <DIR> PokerRoom.com [31/05/2007 | 01:55] C: \ Programmer \ <DIR> PokerStars [03/06/2008 | 09:04] C: \ Programmer \ <DIR> QuickTime [21/04/2008 | 08:30] C: \ Programmer \ <DIR> RegCure [02.02.2008 | 05:17] C: \ Programmer \ <DIR> Seagate [23/04/2008 | 01:20] C: \ Programmer \ <DIR> Sean O'Connor's Windows Games [24/07/2008 | 06:08] C: \ Programmer \ <DIR> SEGA [18/08/2008 | 03:56] C: \ Programmer \ <DIR> Sierra Entertainment [08/02/2007 | 11:24] C: \ Programmer \ <DIR> SLD Codec Pack [09/10/2008 | 11:53] C: \ Programmer \ <DIR> Sæbe ligger kærlighed [14/03/2008 | 06:16] C: \ Programmer \ <DIR> Sophos [15/04/2008 | 09:22] C: \ Programmer \ <DIR> Spybot - Search & Destroy [24/11/2007 | 02:59] C: \ Programmer \ <DIR> StrongDC + + [19/05/2008 | 07:41] C: \ Programmer \ <DIR> Symantec [13/09/2008 | 10:03] C: \ Programmer \ <DIR> TeaTimer (Spybot - Search & Destroy) [14/02/2006 | 05:39] C: \ Programmer \ <DIR> Telstra [19/06/2007 | 09:45] C: \ Programmer \ <DIR> TexasCalculatem [30/05/2008 | 01:43] C: \ Programmer \ <DIR> Theorica Divx ;-) Codecs [29/02/2008 | 06:25] C: \ Programmer \ <DIR> TP-LINK [11/10/2008 | 12:33] C: \ Programmer \ <DIR> Trend Micro [03/04/2008 | 12:17] C: \ Programmer \ <DIR> Trymedia [24/11/2004 | 01:07] C: \ Programmer \ <DIR> Uninstall Information [27/05/2006 | 08:19] C: \ Programmer \ <DIR> VideoLAN [10/09/2008 | 01:44] C: \ Programmer \ <DIR> VUGames [11/10/2008 | 05:57] C: \ Programmer \ <DIR> Warcraft III [05/06/2008 | 01:07] C: \ Programmer \ <DIR> Weatherzone Tracker [13/09/2006 | 12:25] C: \ Programmer \ <DIR> WinAVI VideoConverter [14/03/2008 | 06:35] C: \ Programmer \ <DIR> Windows Live [10.10.2007 | 11:18] C: \ Programmer \ <DIR> Windows Media Connect 2 [25/08/2008 | 06:37] C: \ Programmer \ <DIR> Windows Media Player [14/09/2008 | 02:59] C: \ Programmer \ <DIR> Windows NT [03/10/2007 | 03:00] C: \ Programmer \ <DIR> Windows XP Fun Pack [24/11/2004 | 01:07] C: \ Programmer \ <DIR> WindowsUpdate [14/09/2008 | 05:41] C: \ Programmer \ <DIR> WinRAR [16/12/2004 | 04:24] C: \ Programmer \ <DIR> Xerox [11/10/2008 | 12:29] C: \ Programmer \ <DIR> Zone Labs [11/10/2008 | 12:31] C: \ Programmer \ <DIR> ZoneAlarmSB -------------------- \ \ Liste mapper i C: \ Programmer \ Fælles filer [11/10/2008 | 04:05] C: \ Programmer \ Common Files \ <DIR> Adobe [11/10/2008 | 04:05] C: \ Programmer \ Common Files \ <DIR> Adobe AIR [10/09/2007 | 04:28] C: \ Programmer \ Common Files \ <DIR> Ahead [03/10/2007 | 01:28] C: \ Programmer \ Common Files \ <DIR> Apple [28/08/2007 | 04:28] C: \ Programmer \ Common Files \ <DIR> Autodesk Shared [03/06/2008 | 03:50] C: \ Programmer \ Common Files \ <DIR> DESIGNER [12/09/2005 | 09:27] C: \ Programmer \ Common Files \ <DIR> InstallShield [12/09/2005 | 09:06] C: \ Programmer \ Common Files \ <DIR> Java [19/05/2008 | 07:25] C: \ Programmer \ Common Files \ <DIR> Microsoft Shared [16/12/2004 | 04:23] C: \ Programmer \ Common Files \ <DIR> MSSoap [15/07/2006 | 12:30] C: \ Programmer \ Common Files \ <DIR> muvee Technologies [15/07/2006 | 12:31] C: \ Programmer \ Common Files \ <DIR> Nikon [16/12/2004 | 04:23] C: \ Programmer \ Common Files \ <DIR> ODBC [19/05/2008 | 07:32] C: \ Programmer \ Common Files \ <DIR> Real [20/05/2008 | 11:24] C: \ Programmer \ Common Files \ <DIR> Services [16/12/2004 | 04:23] C: \ Programmer \ Common Files \ <DIR> SpeechEngines [19/05/2008 | 07:41] C: \ Programmer \ Common Files \ <DIR> Symantec Shared [18/08/2008 | 02:10] C: \ Programmer \ Common Files \ <DIR> System [11/03/2007 | 11:10] C: \ Programmer \ Common Files \ <DIR> Thraex Software [14/03/2008 | 06:34] C: \ Programmer \ Common Files \ <DIR> WindowsLiveInstaller -------------------- \ \ Process (41 Processes) IEXPLORE.EXE ~ [PID: 2612] IEXPLORE.EXE ~ [PID: 2640] iexplore.exe ~ [PID: 3160] IEXPLORE.EXE ~ [PID: 2940] -------------------- \ \ Søger med S_Lop C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ Temp \ bis9A.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ Axis stor extra.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ilouimpk.ex e C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ jvuyskje.ex e C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ lfbsabiw.ex e -------------------- \ \ Søgning efter beskære Files - Mapper C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ Software regel flag ejer C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ Software regel flag ejer \ Første obj.exe C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ Software regel flag ejer \ Skip proc.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ ATOM DASH.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ Axis stor extra.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ ilouimpk.ex e C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ jvuyskje.ex e C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ lfbsabiw.ex e C: \ Programmer \ soapli ~ 1 C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ Temp \ TorrentSpeeder. zip C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ adultfri endfinder [1]. Txt C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ reklame Ing [2]. Txt C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ ERO-reklame [1]. Txt C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner@adopt.eu roclick [2]. Txt C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ partypok er [1]. Txt C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ 888 [2]. Txt C: \ WINDOWS \ Tasks \ A396018B9185B27B.job -------------------- \ \ Søgning inden topdomæneadministratoren [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Uninstall \ Hold wma ref] "DisplayName" = "CID Help" "UninstallString" = "C: \ \ DOCUME ~ 1 \ \ Compaq ~ 1 \ \ PROGRAMMER ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe-afinstallere" [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run] "MODE REAL" = "C: \ \ DOCUME ~ 1 \ \ Compaq ~ 1 \ \ PROGRAMMER ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe" "MODE REAL" = "C: \ \ DOCUME ~ 1 \ \ Compaq ~ 1 \ \ PROGRAMMER ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe" [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "Flag ejer Live dystre" = "C: \ \ Documents and Settings \ \ All Users \ \ Application Data \ \ Software regel flag ejer \ \ Første obj.exe" -------------------- \ \ Kontrol af filen Hosts Hosts-filen CLEAN -------------------- \ \ Søgning efter skjulte filer med Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit / stealth malware detector ved Gmer, http://www.gmer.net Rootkit scan 2008-10-11 18:12:47 Windows 5.1.2600 Service Pack 3 NTFS scanning skjulte processer ... scanning skjulte filer ... scanning afsluttet med succes skjulte processer: 0 skjulte filer: 0 -------------------- \ \ Søgning efter andre infektioner -------------------- \ \ Revner & Keygens .. C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Local Settings \ Temp \ rar $ EX02.922 \ Knæk C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Local Settings \ Temp \ rar $ EX02.922 \ Crack \ RLD-spor.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Local Settings \ Temp \ rar $ EX02.922 \ Crack \ SporeApp.exe C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Recent \ Spore.GENERIC_KEYGEN-FFF.lnk [F: 343] [D: 29] -> C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ Temp [F: 200] [D: 0] -> C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies [F: 18285] [D: 24] -> C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ TEMPOR ~ 1 \ Content.IE5 1 - "C: \ skære SD \ LopR_1.txt" - lørdag 11/10/2008 | 18:07 - Option: [1] 2 - "C: \ skære SD \ LopR_2.txt" - lørdag 11/10/2008 | 18:14 - Option: [1] -------------------- \ \ Scan afsluttet ved 18:14:22 |
|
#4
11 oktober 2008, 22:29
| |||
| |||
| Iexplore.exe virus igen! Download NoLop til dit skrivebord. NoLop.exe
Også køre en ny HijackThis scan og post loggen.
__________________ |
|
#5
11 oktober 2008, 22:46
| |||
| |||
| Iexplore.exe virus igen! Ok her er de logs: Nolop NoLop! Log af Skate_Punk_21 Fix løber fra: C: \ Documents and Settings \ Compaq_Owner \ Desktop [12/10/2008] [4:33:52 PM] --- Infection Files Found/Removed--- C: \ WINDOWS \ opgaver \ A396018B9185B27B.job Begyndelse Removal ... Genstart ... Fjernelse skære's sidesten filer / mapper ... Redigering Justitskontor ... ** Fix Complete! ** --- Liste AppData sub directories --- C: \ Documents and Settings \ All Users \ Application Data \ Adobe C: \ Documents and Settings \ All Users \ Application Data \ Apple C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer C: \ Documents and Settings \ All Users \ Application Data \ Autodesk C: \ Documents and Settings \ All Users \ Application Data \ Avg7 C: \ Documents and Settings \ All Users \ Application Data \ Avg8 - EMPTY Directory C: \ Documents and Settings \ All Users \ Application Data \ Dvd Formindsk C: \ Documents and Settings \ All Users \ Application Data \ Enternhelp C: \ Documents and Settings \ All Users \ Application Data \ Google C: \ Documents and Settings \ All Users \ Application Data \ Grisoft C: \ Documents and Settings \ All Users \ Application Data \ Anlæg C: \ Documents and Settings \ All Users \ Application Data \ InstallShield C: \ Documents and Settings \ All Users \ Application Data \ Mailfrontier - EMPTY Directory C: \ Documents and Settings \ All Users \ Application Data \ Microsoft C: \ Documents and Settings \ All Users \ Application Data \ Microsoft Help C: \ Documents and Settings \ All Users \ Application Data \ Nero C: \ Documents and Settings \ All Users \ Application Data \ nr. C: \ Documents and Settings \ All Users \ Application Data \ Pc Drivers Headquarters C: \ Documents and Settings \ All Users \ Application Data \ Quicktime C: \ Documents and Settings \ All Users \ Application Data \ Real - EMPTY Directory C: \ Documents and Settings \ All Users \ Application Data \ Sbsi C: \ Documents and Settings \ All Users \ Application Data \ Seagate C: \ Documents and Settings \ All Users \ Application Data \ Software Regel Flag ejer C: \ Documents and Settings \ All Users \ Application Data \ Sophos C: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy C: \ Documents and Settings \ All Users \ Application Data \ Symantec C: \ Documents and Settings \ All Users \ Application Data \ Temp - EMPTY Directory C: \ Documents and Settings \ All Users \ Application Data \ UDL C: \ Documents and Settings \ All Users \ Application Data \ Ultima_t15 C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage C: \ Documents and Settings \ All Users \ Application Data \ Wlinstaller C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobe C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobeum C: \ Documents and Settings \ Compaq_owner \ Application Data \ Ahead C: \ Documents and Settings \ Compaq_owner \ Application Data \ Apple Computer C: \ Documents and Settings \ Compaq_owner \ Application Data \ Arcsoft C: \ Documents and Settings \ Compaq_owner \ Application Data \ Atari C: \ Documents and Settings \ Compaq_owner \ Application Data \ Autodesk C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avg7 C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avgtoolbar C: \ Documents and Settings \ Compaq_owner \ Application Data \ BitTorrent C: \ Documents and Settings \ Compaq_owner \ Application Data \ Command & Conquer 3 Tiberium Wars C: \ Documents and Settings \ Compaq_owner \ Application Data \ Datalayer C: \ Documents and Settings \ Compaq_owner \ Application Data \ Dvdcss C: \ Documents and Settings \ Compaq_owner \ Application Data \ Epson C: \ Documents and Settings \ Compaq_owner \ Application Data \ Google C: \ Documents and Settings \ Compaq_owner \ Application Data \ Help - EMPTY Directory C: \ Documents and Settings \ Compaq_owner \ Application Data \ Hpq C: \ Documents and Settings \ Compaq_owner \ Application Data \ Identities C: \ Documents and Settings \ Compaq_owner \ Application Data \ Intervideo C: \ Documents and Settings \ Compaq_owner \ Application Data \ Iwin C: \ Documents and Settings \ Compaq_owner \ Application Data \ Joost C: \ Documents and Settings \ Compaq_owner \ Application Data \ Leadertech C: \ Documents and Settings \ Compaq_owner \ Application Data \ LimeWire C: \ Documents and Settings \ Compaq_owner \ Application Data \ Macromedia C: \ Documents and Settings \ Compaq_owner \ Application Data \ Media Player Classic C: \ Documents and Settings \ Compaq_owner \ Application Data \ Microsoft C: \ Documents and Settings \ Compaq_owner \ Application Data \ Mozilla C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nikon C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia Multimedia Player C: \ Documents and Settings \ Compaq_owner \ Application Data \ PC Suite C: \ Documents and Settings \ Compaq_owner \ Application Data \ Real C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sampleview - EMPTY Directory C: \ Documents and Settings \ Compaq_owner \ Application Data \ Securom C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sæbe Lies Love C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sonic C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spintop C: \ Documents and Settings \ Compaq_owner \ Application Data \ sporedannelse C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spybot - Search & Destroy C: \ Documents and Settings \ Compaq_owner \ Application Data \ søndag C: \ Documents and Settings \ Compaq_owner \ Application Data \ Symantec - EMPTY Directory C: \ Documents and Settings \ Compaq_owner \ Application Data \ U3 C: \ Documents and Settings \ Compaq_owner \ Application Data \ Utorrent C: \ Documents and Settings \ Compaq_owner \ Application Data \ VLC C: \ Documents and Settings \ Compaq_owner \ Application Data \ Winbatch C: \ Documents and Settings \ Default User \ Application Data \ Apple Computer C: \ Documents and Settings \ Default User \ Application Data \ Identities C: \ Documents and Settings \ Default User \ Application Data \ Microsoft C: \ Documents and Settings \ Default User \ Application Data \ Real C: \ Documents and Settings \ Default User \ Application Data \ Sampleview - EMPTY Directory C: \ Documents and Settings \ Default User \ Application Data \ Symantec - EMPTY Directory C: \ Documents and Settings \ LocalService \ Application Data \ Avg7 - EMPTY Directory C: \ Documents and Settings \ LocalService \ Application Data \ Microsoft C: \ Documents and Settings \ NetworkService \ Application Data \ Microsoft Hijackthis: Logfile af Trend Micro HijackThis v2.0.2 Scan gemt på 4:44:14 PM, den 12/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Kørende processer: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ Winlogon.exe C: \ WINDOWS \ system32 \ Services.exe C: \ WINDOWS \ system32 \ Lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ Explorer.EXE C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ acs.exe C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Windows \ System \ hpsysdrv.exe C: \ Programmer \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe C: \ WINDOWS \ ALCXMNTR.EXE C: \ Programmer \ TP-LINK \ TWCU \ TWCU.exe C: \ HP \ KBD \ KBD.EXE C: \ Programmer \ iTunes \ iTunesHelper.exe C: \ Programmer \ Hp \ HP Software Update \ HPWuSchd2.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Programmer \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE C: \ Programmer \ Nikon \ PictureProject \ NkbMonitor.exe C: \ Programmer \ iPod \ bin \ iPodService.exe C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows + XP & osv. = 5,1 O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Programmer \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Programmer \ AVG \ AVG8 \ avgssie.dll (file mangler) O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programmer \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programmer \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programmer \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / forkæle / RemAdvDef / Migration32 O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ system \ hpsysdrv.exe O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Programmer \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM \ .. \ Run: [TWCU] "C: \ Programmer \ TP-LINK \ TWCU \ TWCU.exe"-nogui O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE O4 - HKLM \ .. \ Run: [Epson Stylus CX3700 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIA CP.EXE / F "C: \ Windows \ Temp \ E_SC4.tmp" / EF "HKLM" O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programmer \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programmer \ Hp \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / START O4 - HKLM \ .. \ Run: [Flag ejer Live dystre] C: \ Documents and Settings \ All Users \ Application Data \ Software regel flag ejer \ Første obj.exe O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Programmer \ Zone Labs \ ZoneAlarm \ zlclient.exe" O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Programmer \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0-reboot 1 O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user') O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Programmer \ Nikon \ PictureProject \ NkbMonitor.exe O8 - Extra sammenhæng menupunktet: & Clean Traces - C: \ Programmer \ DAP \ Privacy Package \ dapcleanerie.htm O8 - Extra sammenhæng menupunktet: & Download med & DAP - C: \ Programmer \ DAP \ dapextie.htm O8 - Extra sammenhæng menupunktet: & Google Search - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmsearch.html O8 - Extra sammenhæng menupunkt: Historiske Links - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmbacklinks.html O8 - Extra sammenhæng menupunkt: Øjebliksbillede af side i cache - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmcache.html O8 - Extra sammenhæng menupunkt: Download & alle med DAP - C: \ Programmer \ DAP \ dapextie2.htm O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ EXCEL.EXE/3000 O8 - Extra sammenhæng menupunkt: Lignende sider - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmsimilar.html O8 - Extra sammenhæng menupunkt: Oversæt til engelsk - res: / / C: \ Programmer \ Google \ GoogleToolbar1.dll/cmtrans.html O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ REFIEBAR.DLL O9 - Extra knappen: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Programmer \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL O9 - Extra knappen: Forbindelsesindstillinger Hjælp - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ Sælgere \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra 'Tools' MENUITEM: Connection Hjælp - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ Sælgere \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab O16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (POLI Betal Online) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab O16 - DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) (get_atlcom Class) -- http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab O23 - Service: TP-LINK Configuration Service (ACS) - Unknown ejer - C: \ WINDOWS \ system32 \ acs.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati Genvejstast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: getPlus (R) Helper - NOS Microsystems Ltd - C: \ Programmer \ NOS \ bin \ getPlus_HelperSvc.exe O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe -- End of file - 10505 bytes |
|
#6
11 oktober 2008, 22:53
| |||
| |||
| Iexplore.exe virus igen! Åbn HijackThis og vælg Må en systemscanning kun. Anbringe en markering ved siden af følgende poster: (hvis der)
Afslut HijackThis. ---------- Bemærk: nedenstående instruktioner var skabt specielt til denne bruger. Hvis du ikke er denne bruger, MÅ IKKE Følg disse anvisninger, som de kunne skade funktionen af dit system Gå til Start> Kør og type Notepad.exe klik derefter på OK Kopier og indsæt nedenfor i Notesblok, og gem som fixme.reg til din Desktop Code: REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "AlcxMonitor" =- "Flag ejer Live dystre" =- [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ policies \ Explorer \ Run] "MODE REAL" =- Sørg for, at du fortælle mig, hvis du modtager en succes besked om at lægge den over i registreringsdatabasen. Hvis du ikke får en succes besked, det ikke virkede. Slet fixme.reg fra skrivebordet. Genstart computeren ---------- Downloade CCleaner Slim og gemme den til dit skrivebord. Når filen er gemt, skal du gå til dit skrivebord og dobbeltklik på den ccsetupxxx_slim.exe Følg anvisningerne for at installere programmet. Fuldføre installationen derefter:
---------- Downloade Malwarebytes' Anti-Malware (MBAM)
Ekstra Bemærk: Hvis MBAM støder på en fil, der er vanskelige at fjerne, vil du blive præsenteret med 1 af 2 prompter, klik på OK for at enten og lad MBAM fortsætte med desinfektion processen, hvis bedt om at genstarte computeren, skal du gøre det straks.
__________________ |
|
#7
11 oktober 2008, 23:26
| |||
| |||
| Iexplore.exe virus igen! Jeg fik den succes besked fra fixme.reg filen, og her er den MBAM log: Malwarebytes' Anti-Malware 1.28 Database version: 1259 Windows 5.1.2600 Service Pack 3 12/10/2008 5:24:27 PM mbam-log-2008-10-12 (17-24-27). txt Scan type: Quick Scan Objekter skannet: 45849 Tidsforbrug: 2 minut (ter), 43 sekund (s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registreringsdatabasenøgler Inficerede: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (Nr. ondsindede elementer opdaget) Memory Modules Infected: (Nr. ondsindede elementer opdaget) Registreringsdatabasenøgler Inficerede: (Nr. ondsindede elementer opdaget) Registry Values Infected: (Nr. ondsindede elementer opdaget) Registry Data Items Infected: (Nr. ondsindede elementer opdaget) Folders Infected: (Nr. ondsindede elementer opdaget) Files Infected: (Nr. ondsindede elementer opdaget) |
|
#8
11 oktober 2008, 23:29
| |||
| |||
| Iexplore.exe virus igen! Hvordan er det hele nu?
__________________ |
|
#9
11 oktober 2008, 23:33
| |||
| |||
| Iexplore.exe virus igen! Kører hurtigere, men i Jobliste i processer iexplore.exe er stadig til stede, og når det i sidste ende det kommer tilbage. For cirka 5 minutter det bruger næsten 99% CPU derefter efter en stund det dråber ned til 0, men mem brug ophold op omkring 100.000 K. |
|
#10
12 oktober 2008, 11:41
| |||
| |||
| Iexplore.exe virus igen! Download ComboFix ved Subs fra et af nedenstående links. Vær sikker på toppen gemme den til Desktop. Link # 1 Link # 2 ** Note: Det er vigtigt, at den er gemt direkte til dit skrivebord Luk alle åbne Internet-browsere. (Firefox, Internet Explorer, osv.), før du begynder ComboFix. Midlertidigt deaktivere din antivirus, Og enhver antispyware realtid beskyttelse før udførelse af en scanning. Klik på dette link at se en liste over sikkerhedsprogrammer, der skal være slået fra, og hvordan du deaktivere dem. Dobbeltklik combofix.exe & følg instruktionerne. Når du er færdig ComboFix vil udarbejde en log for dig. Post den ComboFix log og en ny HijackThis log i dit næste svar. Vigtigt: Må ikke mouseclick ComboFix vindue mens den kører. Det kan få det til at stå. Husk at genaktivere dine antivirus-og antispyware beskyttelse, når ComboFix er færdig.
__________________ |
 |
 |
| Bogmærker |
Lignende Tråde | ||||
| Tråd | Thread Starter | Forum | Svar | Last Post |
| Iexplore.exe virus? Please help! | tharp68 | Virus, Spyware & Sikkerhed | 8 | 7 januar 2009 16:33 |
| Mulig iexplore.exe virus .... | sipper | Virus, Spyware & Sikkerhed | 7 | 3 december 2008 22:23 |
| Re: iexplore.exe virus | mpenney | Virus, Spyware & Sikkerhed | 6 | 3 november 2008 14:11 |
| Iexplore.exe virus .... Please help! | zm741 | Virus, Spyware & Sikkerhed | 29 | 24. sep 2008 21:57 |
| Iexplore.exe virus | kfarns00 | Virus, Spyware & Sikkerhed | 9 | 4 december 2007 14:26 |
| Thread Tools | |
| |
